[strongSwan] radius and certificate CN user authentication
Dirk Hartmann
dha at heise.de
Wed Sep 10 12:21:05 CEST 2014
--On Wednesday, September 10, 2014 12:09:52 PM +0200 Miroslav Kubiczek
<miroslav.kubiczek at adaptivemobile.com> wrote:
>> --On Wednesday, September 10, 2014 11:31:07 AM +0200 Martin Willi
>> <martin at strongswan.org> wrote:
>>
>>>> I had the following working config which nevertheless prompts for
>>>> username and password on the device (iPhone):
>>>
>>> The whole point of XAuth authentication is to verify a
>>> username/password combination. You may disable XAuth if you don't
>>> want that. Not sure if that can be configured in the iPhone UI,
>>> though.
>>
>> AFAIK this isn't possible. But you could use
>> rightauth2=xauth-noauth
>> for this connection so any combination of username/password would be
>> accepted.
>>
>
> Thanks for all suggestions! I tried xauth-noauth and got this error:
> 15[CFG] no XAuth method found for 'noauth'
> So I assume I have to rebuild with: --enable-xauth-noauth configure
> option?
yes. And you have to use a version of strongswan newer than 5.0.2
because the option was introduced in 5.0.3.
More information about the Users
mailing list