Its using eap-dynamic with eap-tls as the preferred.
> On 12 Jun 2018, at 15:17, Tobias Brunner <tob...@strongswan.org> wrote: > >> With that option, its asking for MSCHAPV2 > > Why did you configure a client certificate then? If the server is > configured to do EAP-MSCHAPv2 no client certificate/key is needed, but a > password instead. > > Regards, > Tobias