Hello, I use Debian 6.0.6 + strongSwan 5.0.1
Can you tell - are strongSwan able to handle auth using freeradius as backend auth server for mac os x clients?
I compile strongSwan with --enable-eap-radius, radius is already configured and works with xl2tp (L2TP server). I configured strongswan according to wiki page http://wiki.strongswan.org/projects/strongswan/wiki/EapRadius
My configuration:
##########################
conn radius
rekey=no
left=SERVER_IP
leftsubnet=0.0.0.0/0
leftfirewall=yes
leftauth=psk
right=%any
rightauth=eap-radius
eap_identity=%identity
rightsubnet=0.0.0.0/0
rightsourceip=10.2.0.0/24
auto=add
#########################
strongSwan configured with modules:
loaded plugins: charon test-vectors mysql aes des sha1 sha2 md4 md5
random nonce x509 revocation constraints pubkey pkcs1 pkcs8 pgp dnskey
pem fips-prf gmp xcbc cmac hmac attr kernel-netlink resolve
socket-default stroke sql updown eap-identity eap-mschapv2 eap-radius
xauth-generic xauth-eap
But, seems mac os x internal ipsec client is work only with IKEv1, and i read from wiki, that EAP secrets are IKEv2 only (http://wiki.strongswan.org/projects/strongswan/wiki/EapSecret)
I want configure strongswan redirects all auth request to freeradius Best Regards, Dmitry --- Dmitry KORZHEVIN System Administrator STIDIA S.A. - Luxembourg e: [email protected] m: +38 093 874 5453 w: http://www.stidia.com
smime.p7s
Description: Криптографическая подпись S/MIME
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
