[strongSwan] Can be EAP-MSCHAPv2 considered secure?

Artyom Aleksyuk artyom.h31 at gmail.com
Fri Jun 24 03:31:18 CEST 2016

Currently I'm using X.509 client certs with my own CA. To make things
simpler, I'm going to move to a password-based authentication. As I
understand, the only EAP method that works with both strongSwan Android and
Windows 8 is EAP-MSCHAPv2. I've heard that this EAP method was broken (for
example, https://technet.microsoft.com/en-us/library/security/2743314.aspx).
However this article mentions PPTP, not IKEv2. So, should I avoid
EAP-MSCHAPv2 in IKEv2, or it still can be considered secure?
The second question is: is it possible to use Let's Encrypt-generated certs
together with strongSwan?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20160624/973edcd4/attachment.html>

More information about the Users mailing list