[strongSwan] authentication with EAP
Yudi V
yudi.tux at gmail.com
Mon Jan 30 05:51:16 CET 2017
Hi all,
I got the below setup in ipsec.conf
conn rw_cert
rightauth=eap-tls #using certificate
rightsendcert=never
eap_identity=%any
auto=add
conn rw_pw
rightauth=eap-mschapv2 #using password
eap_identity=%any
auto=add
Each one works fine when connecting from the remote peer when testing
individually (commenting out one "conn") but If I have both listed as
above, every time only the EAP-TLS (as it's the first one listed) gets
picked up. If I change the order with EAP-MSCHAPV2 listed first then it
gets picked up every time.
Is there a way to fine tune this behavior, ie, If the remote peer is trying
to authenticate via EAP-MSCHAPV2 the server should pick the right method
(eap-mschapv2) not the first one in the list.
Note: I used the same remote peer to test the above.
--
Kind regards,
Yudi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170130/dfc2cadc/attachment.html>
More information about the Users
mailing list