[strongSwan] IKEv2 EAP identity
Ajay Agrawal
ajay_agr at yahoo.com
Thu Aug 27 14:36:34 CEST 2015
Hi All,
Below is my default.ipsec.conf settings:
conn win7 keyexchange=ikev2 eap_identity=%any leftauth=pubkey rightauth=eap-tls right=%any left=%defaultroute leftcert=vpn02.pem leftsendcert=yes rightsendcert=never rightsourceip=10.100.128.0/17 leftsubnet=172.16.177.42/32 auto=add
With this configuration, EAP identity received is the CN from client (user) certificate. We need to get the eap_identity in the form for full subject of the client certificate i.e. "/C=IN/ST=KA/L=*/O=*/OU=12345/CN=*/emailAddress=*". Any ideas how to achieve this? We need to get the full subject so that we can different connection profiles based on the different OU?
Thanks,-Ajay
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150827/be0c6ee7/attachment.html>
More information about the Users
mailing list