[strongSwan] IKEv2 RSA or EAP (mschap2) with Windows 10 client
noel at familie-kuntze.de
Wed Nov 25 20:09:35 CET 2015
-----BEGIN PGP SIGNED MESSAGE-----
> Will it help if i switch from 2048RSA to 384 ECDS keys, as they are shorter?
> And if all this fails, is there an Windows VPN client that fully supports strongSwan?
If Windows 10 supports ECDSA, sure.
Well, you need one that supports the necessary feature set of IKEv2
to make your situation work. So UDP encaps and fragmentation,
as well as certificate auth and EAP.
I don't know of any that does.
- --- only read if you're willing to develope one ---
But it shouldn't be too hard to do.
I looked at strongSwan's Windows support and one
would actually just need to write a gui for it based on VICI
and exchange the backend driver (replace the policy based VPN with whatever
the native Windows VPN driver does (route based VPN)) and you'll
have yourself a fully functional VPN client.
I started writing the gui, but I'm too lazy to finish it.
Maybe I'll do it when I have some free time again.
Mit freundlichen Grüßen/Kind Regards,
GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
-----END PGP SIGNATURE-----
More information about the Users