Hi Dusan, Thanks for the answer, this was exactly what I needed!
Now I see that this is also used for IKEv2 EAP ( see also http://users.strongswan.narkive.com/lrqZAZG7/how-to-find-out-the-eap-username-of-the-client-in-the-updown-script-hi ). However, the "official" Strongswan updown script template only mentions XAUTH. Thank again! Peter On Sat, 22 Apr 2017 21:49:24 +0200 Dusan Ilic <[email protected]> wrote: > Hi Peter, > > This works for me, $PLUTO_XAUTH_ID > > ---- Peter Benko skrev ---- > > >Hi all, > > > >I'm running an IKEv2 eap-mschapv2 IPsec VPN with strongswan 5.2.1. > >I'm using an updown script to log connections and for some > >housekeeping stuff. Everything works fine except that I'd like to > >know the "user ID" (EAP identity) of the client in the updown > >script. Currently I'm using PLUTO_PEER_ID which works fine for e.g. > >the strongswan android client (it gives e.g., 'test_user'). However, > >if I have a Windows 7 or Windows 10 client, it gives me the > >client-side private IP address (e.g. 192.168.1.4). > > > >Is there a way to access the EAP identity for all clients in the > >updown script? > > > >Some relevant parts of my ipsec.conf: > > > >keyexchange=ikev2 > >rightauth=eap-mschapv2 > >eap_identity=%identity > > > >Thanks, > > > >Peter > > > > > >_______________________________________________ > >Users mailing list > >[email protected] > >https://lists.strongswan.org/mailman/listinfo/users _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
