> I'm trying to do eap-aka authentication without responder's certificate.
There is no need to change the code, strongSwan supports the EAP-only authentication extension, RFC 5998. To omit certificate authentication, set leftauth=eap on the responder. There is a scenario with EAP-SIM [1], but it works exactly the same with EAP-AKA, with or without RADIUS. To not send a CERTREQ on the client, you may add rightsendcert=no. Regards Martin [1]http://www.strongswan.org/uml/testresults44/ikev2/rw-eap-sim-only-radius/ _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
