Hi, > "constraint check failed: peer not authenticated by CA 'C=GR, [...]
> rightca="C=GR, [...]" > rightauth=eap-tls Unfortunately, enforcing CA and other PKI constraints is currently not supported with EAP(-TLS) authentication. It only works for direct IKE certificate authentication. For Windows clients, this means you'd have to use machine certificates (or drop your CA constraint). Regards Martin _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
