[strongSwan] Windows ikev2 conn, eap_identity ignored

Giuseppe De Marco giuseppe.demarco at unical.it
Fri Nov 3 23:25:03 CET 2017


Compiling strongswan-5.6.0 from sources solved the problem on my Debian9

This is what I done:
 ./configure --enable-test-vectors --enable-ldap --enable-pkcs11
--enable-aesni --enable-aes --enable-rc2 --enable-sha2 --enable-sha1
--enable-md5 --enable-rdrand --enable-random --enable-nonce --enable-x509
--enable-revocation --enable-constraints --enable-pubkey --enable-pkcs1
--enable-pkcs7 --enable-pkcs8 --enable-pkcs12 --enable-pgp --enable-dnskey
--enable-sshkey --enable-pem --enable-openssl --enable-gcrypt
--enable-af-alg --enable-fips-prf --enable-gmp --enable-agent --enable-xcbc
--enable-cmac --enable-hmac --enable-ctr --enable-ccm --enable-gcm
--enable-curl --enable-attr --enable-kernel-netlink --enable-resolve
--enable-socket-default --enable-connmark --enable-farp --enable-stroke
--enable-vici --enable-updown --enable-eap-identity --enable-eap-aka
--enable-eap-md5 --enable-eap-gtc --enable-eap-mschapv2 --enable-eap-radius
--enable-eap-tls --enable-eap-ttls --enable-eap-tnc --enable-xauth-generic
--enable-xauth-eap --enable-xauth-pam --enable-tnc-tnccs --enable-dhcp
--enable-lookip --enable-error-notify --enable-certexpire --enable-led
--enable-addrblock --enable-unity --enable-monolithic --enable-blowfish
-enable-af-alg --enable-acert --enable-bypass-lan --enable-cmd
--enable-eap-dynamic --enable-md4 --enable-sha3 --enable-eap-aka-3gpp2
--enable-blowfish --enable-af-alg --enable-attr-sql --enable-mysql
--prefix=/usr --sysconfdir=/etc

once installed, ipsec pool finally worked and I solved every needs, Windows
10 clients finally takes their static leases.

syslog:
Nov  3 22:46:14 vpn charon[24548]: 14[IKE] peer requested virtual IP %any
Nov  3 22:46:14 vpn charon[24548]: 14[CFG] acquired existing lease for
address 10.9.10.27 in pool 'net1_pool'
Nov  3 22:46:14 vpn charon[24548]: 14[IKE] assigning virtual IP 10.9.10.27
to peer 'giuseppe_dm'




2017-10-23 16:14 GMT+02:00 Simon Deziel <simon.deziel at gmail.com>:

> Hi Giuseppe,
>
> On 2017-10-23 06:56 AM, Giuseppe De Marco wrote:
> > I faced that there are no attr_sql support on standard Debian 9 packages.
>
> Indeed, Debian doesn't provide the plugin you are looking for. In
> Ubuntu, it is available in the libstrongswan-extra-plugins package.
> There is a bug [1] about unifying the strongswan packaging between
> Ubuntu and Debian. Feel free to voice your interest in such merge to the
> Debian maintainer.
>
> Regards,
> Simon
>
> [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848890
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20171103/de570395/attachment.html>


More information about the Users mailing list