Hello,
I have ipsec clients using strongswan that are connecting to a strongswan
server and want to setup connection profiles based on info in the subject Alt
name string in each clients certificate. The subject Alt name in the client
cert looks like this:
X509v3 Subject Alternative Name:
DNS:zakr3dsegw51.epc.mnc100.mcc313.3gppnetwork.org
I've tried every variation I can think of using the "id = " parm in
swanctl.conf on the server and I cannot seem to get the strongswan server to
recognize/match on the subject Alt name in the clients cert. I've tried values
including:
id = DNS: zakr3dsegw51.epc.mnc100.mcc313.3gppnetwork.org
id = zakr3dsegw51.epc.mnc100.mcc313.3gppnetwork.org
id = FQDN: zakr3dsegw51.epc.mnc100.mcc313.3gppnetwork.org
id = @ zakr3dsegw51.epc.mnc100.mcc313.3gppnetwork.org
and others...
Any suggestions?
Thx in advance.
Dave Finley
df1...@att.com<mailto:df1...@att.com>
(630) 719-4391 (desk)
(630) 740-5198 (mobile)
