Hi Denis, > leftcert=serverCert.pem > leftauth=pubkey
Likely that you need a proper leftid configured, one that the client expects. Usually a FQDN of your server address is fine, but it should be contained as subjectAltName in your serverCert. Not sure what exactly iOS expects here. > rightauth=eap-radius > > made .mobileconfig for iOS, imported ca cert. > getting in log: no matching peer config found I assume you have created a profile for EAP authentication? A little more details from your log probably can help in analyzing the issue. > rightsubnet=10.0.0.0/24 > rightsourceip=10.0.0.0/24 While unrelated, this is probably not what you want. You don't need that full subnet, but just that single IP address that you assign to the client. This can be achieved by setting rightsubnet=%dynamic, which is the default if you don't specify that option. Regards Martin _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
