Hi,
I found the added option eap-aka-3gpp2 in strongswan 4.3.5 configuration.
What is the difference between the two plugins eap-aka and eap-aka-3gpp2?
And where could i fill the IMSI information and shared secret to do the eap-aka
authentication?? in ipsec.secrets??
thanks a lot.
Hi,
What is the difference between the two plugins eap-aka and eap-aka-3gpp2?
The eap-aka plugin provides the protocol layer of the EAP-AKA
functionality, but no quintuplet calculation. It uses other plugins
implementing the sim_card_t/sim_provider_t interface to actually
calculate the
Johannes,
Many thanks for your reply along with Martin's, and many thanks for builing the
rpm.
I have downloaded the rpm you have built, but, I have not yet started any
testing. Please see my previous email addressed to Martin.
Regards,
-Deepak
-Original Message-
From: jr
Hello Deepak,
you can find the bug here:
https://bugzilla.redhat.com/show_bug.cgi?id=462731
you'll also find that the bug was in el5 before 2.6.18-164, not the fix.
you can find the exact description of the bug and the fix in the
bugreport above.
if you find any problems with the rpms i have
Hello Andrew,
there must be at least one whitespace character between the identity
enumerations and the colon ':' separator:
192.168.1.228 192.168.1.192 : PSK cisco
^
Unfortunately our FreeS/WAN ancestors did not have IPv6 addresses in
mind when they chose a colon as a
Gupta, Deepak (Deepak) wrote:
Martin,
Many thanks for your reply! I appreciate it.
Your answers are very helpful. To give you some context, we are in
an effort to support IPsec tunnels with RedHat RHEL 5.3 kernel
(2.6.18-128) (I misstyped before, it is not 5.2). And based on your
Andreas,
Many thanks for the info.
Please consider, if we do not have the luxury to use this kernel patch for
esp+sha256, i.e., both ends of the tunnel, then can the 2 ends still use
esp128-sha2_256? Or does this non-conforming 96bit truncation rule out this
combination for phase2? In the
Hi Martin,
Thanks for your response. ^___^
But i got the error message after i migrated from strongswan 4.3.2 to
strongswan 4.3.5 with eap-aka authentication:
received EAP_FAILURE, EAP authentication failed.
Do i need to do extra action with eap-aka-3gpp2??
I've added
Hi Jessie,
I see that you are using explicit load statements in strongswan.conf.
As you can see from the 4.3.5 ChangeLog a change in the naming of
the eap plugins was introduced. Our example EAP-AKA scenario
http://www.strongswan.org/uml/testresults43/ikev2/rw-eap-aka-rsa/
has the following
Andreas,
At first i've had ipsec.secrets like that:
192.168.1.228 192.168.1.192 : PSK cisco
192.168.1.228 0.0.0.0 : PSK cisco
192.168.1.192 192.168.1.228 : PSK cisco
And I've got the same log.
Sincerely yours,
Andrew Terekhov.
Andreas Steffen пишет:
Hello Andrew,
there must be at least one
10 matches
Mail list logo