[strongSwan] Username/password authentication for road warriors
philippe at strauss-engineering.ch
Fri Mar 6 17:16:47 CET 2020
I use the following with the OS X client :
# left - server configuration
leftsubnet=0.0.0.0/0 # all client traffic is redirected through vpn gateway
# right - client confguration
rightsourceip=10.9.8.0/24 # pool of IPs which we providing for vpn clients
rightauth=eap-mschapv2 # authenticate by username and password
rightdns=184.108.40.206 # DNS server for clients
…but I’m a strongswan beginner, maybe someone else may have better answer.
> Le 6 mars 2020 à 17:04, Alexander Reshetov <alexander.v.reshetov at gmail.com> a écrit :
> I'm trying to implement password based VPN for multiple users. The idea is
> to provide users with server address, remote id, (probably) local id, and
> username and password. So server will have list of users auth data. I use
> MacOS's default client from System Preferences.
> If left side is my server, and right side is clients, what left|rightauth
> should I use in this case. It seems that for clients (right side) I need
> EAP auth. What auth should be used for server (left side) - there
> is no such configuration option in MacOS client?
More information about the Users