[strongSwan] eap-ttls-radius, how to compile client carol, is it enough?

Andreas Steffen andreas.steffen at strongswan.org
Wed Oct 8 21:16:49 CEST 2014 

Hi Oleksandr,

what are you using as your VPN gateway which is actually talking
to the FreeRadius server?

Regards

Andreas

On 08.10.2014 13:51, Oleksandr Yermolenko wrote:
> Andreas, thanks a lot for your answer and additional notes...
> I will look at my freeradius configs in order to find the answer why it
> do isn’t work.
>
> Oleksandr
>
>
> On 10/08/2014 02:32 PM, Andreas Steffen wrote:
>> Hello Oleksandr,
>>
>> On 08.10.2014 10:36, Oleksandr Yermolenko wrote:
>>> Hello, everyone,
>>>
>>> environment: strongswan 2.5.0 and freeradius 3.04.
>>>
>>> my scenario based on
>>> http://www.strongswan.org/uml/testresults/ikev2/rw-eap-ttls-radius/
>>>
>>> the question about configuring client carol?
>>>
>>> 1. is it correct?
>>> ./configure --prefix=/usr --sysconfdir=/etc --enable-eap-md5
>>> --enable-eap-ttls --enable-eap-identity
>>>
>> Yes, for the VPN client this is sufficient. If the CA which
>> issued your Radius server and VPN gateway certificates maintains
>> a Certificate Revocation List (CRL) then you could also enable
>> the curl or soup HTTP fetcher plugins (--enable-curl or --enable-soup).
>>
>>> big thanks for your help and advices.
>>>
>>> Oleksandr
>>
>> Best regards
>>
>> Andreas
>>
>> ======================================================================
>> Andreas Steffen andreas.steffen at strongswan.org
>> strongSwan - the Open Source VPN Solution! www.strongswan.org
>> Institute for Internet Technologies and Applications
>> University of Applied Sciences Rapperswil
>> CH-8640 Rapperswil (Switzerland)
>> ===========================================================[ITA-HSR]==
>>
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users

-- 
======================================================================
Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution!          www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4255 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20141008/58066b11/attachment.bin>

More information about the Users mailing list