[strongSwan] allow multiple EAP identities but not %any
Michael Schwartzkopff
ms at sys4.de
Wed Oct 30 15:07:21 CET 2019
On 30.10.19 14:53, Christoph Harder wrote:
> Hello everybody,
>
> is it possible to define multiple EAP identities per connection,
> without using %any ?
>
> For example in the swanctl.conf I define two connections and in the
> secrets section I define multiple EAP secrets/identities.
> Is there any way to specify connections.<conn>.remote<suffix>.eap_id
> so that only certain (but more than one) identities will be accepted?
> Or is there only the option to allow either all known identities or
> only a single one when using the swanctl.conf (and EAP identities
> stored in the secrets section)?
>
> Best regards,
> Christoph Harder
>
Hi,
I do not know if strongswan is flexible enough for your purpose. But if
you have a RADIUS server as backend authentication, you could
accomplish your task in RADIUS.
Mit freundlichen Grüßen,
--
[*] sys4 AG
https://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG,80333 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
Aufsichtsratsvorsitzender: Florian Kirstein
More information about the Users
mailing list