Hi Tobias,--On Wednesday, July 16, 2014 10:48:30 AM +0200 Tobias Brunner <[email protected]> wrote:
Not sure why the behavior changed between 5.1.3 and 5.2.0 in this regard; likely that it is related to the replaced ipsec.conf parser.It's probably the new parser. Checking the logs on the gateway running 5.1.3 I discovered that the rightsendcert = never wasn't honoured for any connection. Windows 7 eap clients received a cert request too. So your suggestion to remove this option from our config should be no problem.Intriguing. Could you send me the complete config file that manifests this difference in behavior?
sureThe normal ipsec.conf includes all *.conf files in the connections directory.
The files in this directory are named:0_all_w7_eapmschap.conf which I attached as its holds the rightsendcert = never.
One file 98_partner1.conf.The rest are subnet related config files named 172.xx.xx-name.conf I added one too.
Best regards Dirk
ipsec.conf
Description: Binary data
0_all_w7_eapmschap.conf
Description: Binary data
98_partner1.conf
Description: Binary data
172.25.22-abt1.conf
Description: Binary data
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
