[strongSwan] RSA authentication with Radius

kemeris kemeris2000 at gmail.com
Wed Oct 15 13:07:07 CEST 2014


For each peer I am generating an individual private key and issue a 
matching certificate. Client (iOS IKEv1) authenticates using RSA and 
Xauth with Radius server including Accounting.
Now I want add option for client to authenticate themself using only RSA 
certficates (xauth-noauth) while preserve Radius accounting.

So my question is:

1) Is it security wise to let authentication only using RSA 

2) How to preserve Radius accounting if Xauth not used?

3) Is it possible to delegate RSA authentication check to Radius server?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20141015/099eed56/attachment.html>

More information about the Users mailing list