[strongSwan] StrongSwan & Kerberos authentication?
Noel Kuntze
noel at familie-kuntze.de
Fri Jan 30 20:29:51 CET 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hello Ken,
You can use extauth or eap-pam to call either a kerberos authentication binary or a PAM service that
authenticates over kerberos.
Mit freundlichen Grüßen/Regards,
Noel Kuntze
GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
Am 30.01.2015 um 20:24 schrieb Ken Nelson:
>
> Does StrongSwan have support for authenticating remote access clients against a Free IPA Server using Kerberos? I want to authenticate road warrior clients running Mac OS X connecting to a StrongSwan VPN server (using IKEv1) and authenticate them against an IPA Server using Kerberos. Is this possible? I don’t see anything in the documentation saying it is possible, but nothing refuting it either.
>
> Here’s a diagram:
>
>
> < Mac OS X remote laptop > <—— IKEv1 ——> < StrongSwan VPN Server > <—— Kerberos ——> < Free IPA Server >
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJUy9usAAoJEDg5KY9j7GZYTKIP/0GX8jHahX9+/37lPIhXnjqM
BTUxLGJx7Nn3kUHBX0wtZsPY00/UXQrviJJO/7nkR2oxpIIKz2Om/afytJ5MQx4O
ErU9F9OMUkR7LFhexmGoNKHeUQXZWqu3mQHbO+V712ZoGqyXESQ9dKU0vGTtxr2a
bd3YEtafy2rGK6beLfl1FydyeV+kt8jEMifSlGfv0BdkB7Y1k5zgo9Y/p/xEFKl3
3KI70uYLdTpMBV2xK9+hmlD8P7uGgrQj90ogc/vTB8ROv4CRE6bmQAIvsqR5Pi91
6A5BrqedCTNwJl4W+sntw6QCw5qHxpprLop/Z+GWy/Om7fxgfAVAGDBFN6WWF0e0
agGytBzKxvE9BcCTyDI7x3JWK4A6gAJguQUw3aHR7JaWP0/H70jIiv/4H1gpuHdC
2yA8tzTp4TWM0yUOgsH9MPZ6VGPTg2U+/QzYt3d9U09wNpjyYgvZe8RUXMj7+wcW
6Yr1q1pPlfy3Ut88riukStB2+YJOkNImflYxB8cWXwCXEWBfAY39Ka1aQFdJh/D6
/Ui7MHymsvL88yCWuNtEnPQUYyPKy8vNAC46jMLR24oOKGTaYbFPQJuwLTce2ctd
zf3y6AaegPZpoo/XNe9GczmJQKoaZErWH0Or9tFMXwtcUW7kZHJkMtckM4z9eKs8
4BiRUdFSSH0TYwhvVW1q
=payy
-----END PGP SIGNATURE-----
More information about the Users
mailing list