[strongSwan] How to obtain the user ID (EAP identity) in the updown script?
Peter Benko
pbopbo at freemail.hu
Sat Apr 22 21:07:08 CEST 2017
Hi all,
I'm running an IKEv2 eap-mschapv2 IPsec VPN with strongswan 5.2.1. I'm using an updown script to log connections and for some housekeeping stuff. Everything works fine except that I'd like to know the "user ID" (EAP identity) of the client in the updown script. Currently I'm using PLUTO_PEER_ID which works fine for e.g. the strongswan android client (it gives e.g., 'test_user'). However, if I have a Windows 7 or Windows 10 client, it gives me the client-side private IP address (e.g. 192.168.1.4).
Is there a way to access the EAP identity for all clients in the updown script?
Some relevant parts of my ipsec.conf:
keyexchange=ikev2
rightauth=eap-mschapv2
eap_identity=%identity
Thanks,
Peter
More information about the Users
mailing list