Hi Igor, > How can I make it possible to do like: when user use "g1" as its group > name and then it select the peer config "1", so "g2" to use peer > config "2" ?
If you are talking about "Group Name" in context of Cisco IPsec (as it used by iOS and OS X), this is not related to the "rightgroups" option. If you define a "Group Name" on such devices, they initiate with this IKE identity. So you'll probably have more luck if you try to define a "rightid" in each connection entry according to the group name. "rightgroups" information comes from other (trusted) sources, for example the RADIUS server can assign group membership to enforce a specific connection, see [1]. Regards Martin [1]http://wiki.strongswan.org/projects/strongswan/wiki/EapRadius#Group-selection _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
