[strongSwan] Accepting connections from anyone with a signed cert?

Shea Levy shea at shealevy.com
Fri Sep 19 19:27:43 CEST 2014

Info at https://gist.github.com/shlevy/2e6a9496c0cf7d5d8619


On Fri, Sep 19, 2014 at 10:27:07AM +0200, Martin Willi wrote:
> > I was hoping there would be a way to authenticate *any* peer
> > that is signed by the CA. Unfortunately, it seems like setting
> > rightid=%any still results in "no matching peer config found".
> That should actually work, just make sure to not set any rightcert, as
> each client has its own.
> Most likely you get "no matching peer config found" for other reasons,
> your config and a log excerpt could help to see what's going wrong.
> Regards
> Martin

More information about the Users mailing list