You can have server (responder) authenticate itself using certificate and
client (initiator) authenticate using PSK
something like this,
Yes you put both the entries in ipsec.secrets
: RSA <your_private_key>
: PSK <your secret>
On Wed, Feb 7, 2018 at 6:33 AM, Newton, Benjamin David <bdne...@sandia.gov>
> Can anyone tell me if strongswan is able to support Authentication using
> both a pre-shared secret and a digital certificate simultaneously?
> If so, can you give me any pointers on how to configure such a connecton?
> Do you keep authby=secret line? Do you put both entries in the
> ipsec.secrets file?
> Ben Newton