Hi,
For each peer I am generating an individual private key and issue a
matching certificate. Client (iOS IKEv1) authenticates using RSA and
Xauth with Radius server including Accounting.
Now I want add option for client to authenticate themself using only RSA
certficates (xauth-noauth) while preserve Radius accounting.
So my question is:
1) Is it security wise to let authentication only using RSA
certificates?
2) How to preserve Radius accounting if Xauth not used?
3) Is it possible to delegate RSA authentication check to Radius server?
Regards,
Giedrius
_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users
