Racoon has a proposal directive of "verify_cert off" (ignore the peer identity, but still must be signed by a CA in the directory) .. this is the only way to make borked Android devices connect (since they send ID_IPV4 as their IKE identity).
Is there a similar directive to make Strongswan do this? Yes, I realize all the reasons why you wouldn't want to do that, since Strongswan was built for its certificate support. TIA, Michael Holstein Cleveland State University _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
