[strongSwan] EAP AKA in strongswan
Martin Willi
martin at strongswan.org
Tue Oct 14 10:07:41 CEST 2014
Hi Poonam,
> We need to run AKA algorithm in STRONGSWAN. So how can we configure the
> Ki value in configuration file?
strongSwan supports multiple backends for the EAP-AKA module. The
eap-simaka-sql plugin reads quintuplets from an SQL database; the
eap-aka-3ggp2 plugin implements the 3GPP2 reference algorithm in
software.
To use eap-aka-3gpp2, you'll have to define K in ipsec.secrets; refer to
[1] for an example. Please be aware that this algorithm is different
from the one specified by 3GPP. We currently don't ship a software
implementation for the 3GPP algorithm.
Regards
Martin
[1]https://www.strongswan.org/uml/testresults/ikev2/rw-eap-aka-rsa/index.html
More information about the Users
mailing list