Hi, > > Does strongSwan make any checks on received identification payload IDr > from the IKE_AUTH exchange for a remote system that is authenticated > with certificates?
The received identity is used to: - Look up a configuration: If it does not find a connection matching the given identity (full match, wildcard match, %any match), tunnel setup fails. - Look up a certificate: The identity must be contained in the certificate either as certificate subject or as a subjectAltName. Regards Martin _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
