[strongSwan] IKEv2 EAP identity

Ajay Agrawal ajay_agr at yahoo.com
Thu Aug 27 14:36:34 CEST 2015

Hi All,
Below is my default.ipsec.conf settings:
conn win7    keyexchange=ikev2    eap_identity=%any    leftauth=pubkey    rightauth=eap-tls    right=%any    left=%defaultroute    leftcert=vpn02.pem    leftsendcert=yes    rightsendcert=never    rightsourceip=    leftsubnet=    auto=add

With this configuration, EAP identity received is the CN from client (user) certificate. We need to get the eap_identity in the form for full subject of the client certificate i.e. "/C=IN/ST=KA/L=*/O=*/OU=12345/CN=*/emailAddress=*". Any ideas how to achieve this? We need to get the full subject so that we can different connection profiles based on the different OU?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150827/be0c6ee7/attachment.html>

More information about the Users mailing list