[strongSwan] Windows Client - Multiple Connections, Multiple Certs
bls3427 at outlook.com
Mon Feb 25 15:07:12 CET 2019
IIRC from when I looked at this, I was able to have two completely different servers configured on my Win10 client, and it worked correctly. I think the trick is to make sure that each VPN server has a different hostname (duh), and that the VPN SAN keys in the certs contain the FQDN hostname.
From: Tobias Brunner<mailto:tobias at strongswan.org>
Sent: Monday, February 25, 2019 3:30 AM
To: Tom Rymes<mailto:trymes at rymes.com>; users at lists.strongswan.org<mailto:users at lists.strongswan.org>
Subject: Re: [strongSwan] Windows Client - Multiple Connections, Multiple Certs
> I do not see anywhere that I
> can specify which certificate the client should use for a given connection.
I think you can only do that with EAP-TLS (i.e. not with machine
certificates) where you might actually get prompted for a certificate if
there are multiple and the advanced VPN options (via adapter options on
Windows 10) even provide a setting to pre-select a specific certificate
to use (via issuer/CA and/or EKU).
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users