Hi, >>> Is there a configuration setting I can do to "clobber" (kick off) any >>> existing sessions from the same client certificate (based on CN). I >>> thought that might be "uniqueids" but based on the above it seems not. >> >> Yes, uniqueids is the right option but you will have to use different >> XAuth credentials for each client. > > If I were to use rsasig rather than xauthrsasig then does the "DN" of > the client certificate become the key for uniqueness checks?
Yes. > I'm wondering if IOS devices will allow rsasig over xauthrsasig. As far as I know, they don't. Regards, Tobias _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
