[strongSwan] 2 factor in mac os x with native ikev2

karthik kumar kumarkarthikn at gmail.com
Sun Mar 4 12:23:14 CET 2018

   Is it possible to do two factor authentication with Mac OS X's IKEv2
native client ? As far as I searched,

a) with strongswan client in osx its possible with eap-gtc and pam + oath
but native client leftauth is always eap-mschapv2 (also confirmed here

b) as per this mail
<https://lists.strongswan.org/pipermail/users/2012-March/002656.html> its
not possible to combine mschapv2 with pam.

c) as per this explanation
problem that needs to be solved is *HASH( pw+otp) != HASH(pw) + HASH (otp).
*I am not sure it can be done with strongswan

a) on the server is there a way we can do two factor auth with eap-mschapv2
b) on the osx native client is there a way we can use eap-gtc with native
client ?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180304/06d5c97c/attachment.html>

More information about the Users mailing list