[strongSwan] Windows 10 VPN client won't send the strongswan server id
François Lacombe
fl.infosreseaux at gmail.com
Thu Dec 10 00:01:50 CET 2015
Hi all,
This is my first post on this list.
I'm here as a private Strongswan user, using it for domestic applications.
The Strongswan 2.5.1 i'm using is configured with several connections
exposing different values of leftid and associated pubkeys.
Some of those connections are supposed to enable Windows 10 clients to
connect following the IKEv2 / eap-mschapv2 method.
Strongswan is authentified by a RSA pubkey with a CN corresponding to
the DNS name of the listening interface whereas clients are sending
psk.
Windows 10 cliens aren't sending the server id in the request and
Strongswan can't choose any existing connection.
"Looking for a connection matching ip_addr [%any]" can be read in log.
While i'm expecting "Looking for a connection matching ip_addr [pubkey CN]".
Since windows is expecting pubkeys matching the DNS name, the server
id is the only way I see to use different connection with the same
method (eap-mschapv2)
It would be nice to make windows IKEv2 client sending the server id
matching the leftid attribute of the strongswan connection.
Can someone help me rearding this issue ?
Many thanks in advance for any help
François Lacombe
@InfosReseaux
More information about the Users
mailing list