[strongSwan] Client to site and freeradius
doka.ua at gmx.com
Wed Jun 24 14:40:12 CEST 2020
I'm using FreeRadius with EAP-MSCHAPv2 to authenticate Cisco, Mikrotik,
Windows 10 and MacOS clients. Everything works.
On 24.06.2020 14:00, Клеусов Владимир Сергеевич wrote:
> Does the standard Mac os vpn client work via mschapv2 ? On freeradius I have it disabled and why this is so.
>> 24 июня 2020 г., в 12:34, Tobias Brunner <tobias at strongswan.org> написал(а):
>>> Is it possible to configure
>>> strongswan with this configuration ?If so why ?
>> Yes, strongSwan is not directly involved in the authentication if you
>> use the eap-radius plugin. The EAP messages are exchanged between
>> client and RADIUS server, strongSwan only forwards them. So any EAP
>> method can be used as long as client and RADIUS server can both agree on
>>> Then the authentication error and the logs of the radius
>>> login incorrect (EAP: no mutually acceptable types)
>> Apparently, the client doesn't support the EAP method the RADIUS server
"Vision without Execution is Hallucination." -- Thomas Edison
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users