Hi, >>> I'm wondering if IOS devices will allow rsasig over xauthrsasig. >> >> As far as I know, they don't. > > That being the case ... if I wanted to still use xauthrsasig would it > be feasible for me to patch strongswan (5.0.1) to use the "DN" of the > client cert as the uniqueness check without much effort? Can you give > any pointers to accomplish this?
You may revert commit 0fbfcf2a [1] to use the IKE identities in uniqueness checks. But will your clients really all use the same XAuth credentials? Regards, Tobias [1] http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=0fbfcf2a _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
