Hi Milen, > 07[IKE] initiating EAP_IDENTITY method (id 0x00) > 07[IKE] peer supports MOBIKE > 07[IKE] authentication of '[...]' (myself) with RSA signature successful > 07[IKE] sending end entity cert "[...]" > 07[ENC] generating IKE_AUTH response 1 [IDr CERT AUTH EAP/REQ/ID ] > 07[NET] sending packet: from 5.6.7.8[4500] to 1.2.3.4[4500] (1380 bytes) > 08[JOB] deleting half open IKE_SA after timeout
The client requests EAP authentication, and your Gateway correctly sends an EAP-Identity request along with a signature and certificate to authentication itself to the client. The client, however, never continues negotiation. Most likely it didn't accept the AUTH signature or the corresponding certificate. You may check your clients log for any error, most likely the gateway certificate is not trusted on the client. I don't think this issue is directly related to RADIUS authentication, your AAA is not yet involved at this stage. Regards Martin _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
