[strongSwan] Accepting connections from anyone with a signed cert?

Martin Willi martin at strongswan.org
Fri Sep 19 10:27:07 CEST 2014

> I was hoping there would be a way to authenticate *any* peer
> that is signed by the CA. Unfortunately, it seems like setting
> rightid=%any still results in "no matching peer config found".

That should actually work, just make sure to not set any rightcert, as
each client has its own.

Most likely you get "no matching peer config found" for other reasons,
your config and a log excerpt could help to see what's going wrong.


More information about the Users mailing list