list members,
IKEv1 could employ L2TP and PPP to authenticate a user on one end of a
tunnel against RADIUS, for additional security. i am not seeing any
info about IKEv2 being able to do so, and i may have come across write
ups saying not to use L2TP at all with IKEv2.
is there a way to tie other authentication and authorization (AuthN/Z)
mechanisms and policies to a IKEv2 tunnel for road warriors? i see PSK
and certificates as "host" based AuthN, and not specifically identifying
a user. i would want a tunnel to require (PSK || Certificate) +
(User/Pass && Group Membership) in order to successfully connect. is
there any way of accomplishing this with IKEv2?
thank you,
brendan
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
