[strongSwan] LDAP authorization

B M millebe at gmail.com
Tue Dec 6 00:22:42 CET 2016

Is it possible to configure Strongswan to valididate a certificate CN
against a UPN defined in a  Windows AD server?

What we'd like to do is connect an Android device to a Strongswan server
using certificate based authentication. We've done this successfully using
the Basic Android VPN client - IPSec IKEv2 RSA, but validate the CN in the
certificate against an approved list of users, defined in a AD server. We
can't change how the handsets connect to the VPN server - we have to use
the basic client with certificate based access and this precludes using EAP
and certificate (and presumably RADIUS).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20161205/381b4f38/attachment.html>

More information about the Users mailing list