Hi, > And my question is: if I need to initiate unilateral Authentication, > How can I support that? > > ---- only change the configure
We currently do not support this configuration-wise, as it clearly violates what the IKEv2 standard says. There is a draft discussing an extension to skip public key server authentication if a mutual EAP method is used[1], but we currently do not implement it. > ---- modify the code of strongswan. Probably it is sufficient to modify [2] and return SUCCESS in any case, but I haven't tried it. Best regards Martin [1]http://tools.ietf.org/id/draft-eronen-ipsec-ikev2-eap-auth-07.txt [2]http://wiki.strongswan.org/repositories/entry/strongswan/src/charon/sa/authenticators/pubkey_authenticator.c#L135 _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users