[strongSwan] eap auth with 5.8 - how?

lejeczek peljasz at yahoo.co.uk
Mon May 11 12:18:09 CEST 2020



On 11/05/2020 10:39, Tobias Brunner wrote:
> Hi,
>
>>   rightid="DNS:vpn.remote.fqdn"
>>   rightid=%any
> Obviously not the same as configuring `id="DNS:remote.fqdn"`.
>
> Also, setting `mode="pass"` is probably not what you want.
>
> Regards,
> Tobias
ah.. was staring in my face yet I did not see it.

Having only:

    remote {
      certs = "remote.fqdn.crt"
      auth  =  "pubkey"
    }

does not help.
Trying: 'mode=tunnel' also fails.

Also, I'm not sure how to translate this (in case it's critical)

leftfirewall=yes

to swanctl.

many thanks, L




More information about the Users mailing list