From rfc7296 it says > There is no requirement that the initiator and responder sign with the same > cryptographic algorithms. The choice of cryptographic algorithms depends on > the type of key each has. In particular, the initiator may be using a shared > key while the responder may have a public signature key and certificate.
But I tried a local pubkey with remote psk config on a strongswan server, it complained with "constraint requires pre-shared key authentication, but public key was used”. The packets sent by clients just contained a RSA Digital Signature Authentication payload followed by the Certificate payload. Nothing in the packets said it demanded the server to authenticate itself with public key AFAIK. All the pubkey config examples on site use symmetrical pubkey authentications. I wonder does strongswan require symmetrical pubkey authentications?
