On 2007/07/23 12:04, Markus Wernig wrote:
But the restrictions I put in isakmpd.policy do not seem to get enforced,
You probably still run isakmpd with -K; you need to remove this
flag to use isakmpd.policy.
Hi again!
I need to authenticate users in isakmpd by the subject DN of their x509
certificates. For this, I wrote isakmpd.policy as follows:
KeyNote-Version: 2
Authenticator: POLICY
Licensees: DN:/C=CH/O=My Org/CN=My Org's CA Cert Subject
Conditions: app_domain == IPsec policy
doi == ipsec
2 matches
Mail list logo