[strongSwan] Accepting connections from anyone with a signed cert?

Shea Levy shea at shealevy.com
Fri Sep 19 08:07:54 CEST 2014


Hi all,

I'd like to have any machine deployed in our organization to be able to
contact any other, without the inbound machine having to know about
every possible machine that may want to initiate a connection. We
already have infrastructure to put certs signed by our CA on each
machine, so I was hoping there would be a way to authenticate *any* peer
that is signed by the CA. Unfortunately, it seems like setting
rightid=%any still results in "no matching peer config found". Is there
a way to set this up?

Thanks,
Shea


More information about the Users mailing list