[strongSwan] Android client - Use MSCHAPv2
Tobias Brunner
tobias at strongswan.org
Mon Sep 14 14:56:38 CEST 2020
Hi,
> The feature list explicitly states that the android client supports
> EAP-MSCHAPv2, but I see no way to actually enforce that on the client,
> and the authentication keeps failing because EAP-MD5 is used.
The (AAA) server is the one initiating the EAP method, the client can't
explicitly choose the method (it could reject the initiated method and
send a list of supported ones, but the Android client has no option to
explicitly reject one of the username/password methods). So how is
EAP-MD5 failing? Why is the server initiating a method that then fails?
And why don't you just let the server initiate EAP-MSCHAPv2 if you want
to use that?
Regards,
Tobias
More information about the Users
mailing list