when it comes to development, i have a negative IQ. i literally suck
the intelligence out of the room. i would not want to inflict myself on
your code :)
how else can one support this, or any other open source, project without
code contributions?
brendan
On 9/15/22 3:28 PM, Paul Wouters wrote:
For IKEv2 that would go via EAP.
Currently, only EAPTLS is implemented. You are looking at EAP-mschapv2. We
don’t support that yet. I know strongswan does support it.
Paul
ps. Patches or other support always welcomed 😀
Sent using a virtual keyboard on a phone
On Sep 15, 2022, at 13:44, Brendan Kearney <[email protected]> wrote:
list members,
IKEv1 could employ L2TP and PPP to authenticate a user on one end of a tunnel
against RADIUS, for additional security. i am not seeing any info about IKEv2
being able to do so, and i may have come across write ups saying not to use
L2TP at all with IKEv2.
is there a way to tie other authentication and authorization (AuthN/Z) mechanisms and policies to
a IKEv2 tunnel for road warriors? i see PSK and certificates as "host" based AuthN,
and not specifically identifying a user. i would want a tunnel to require (PSK || Certificate)
+ (User/Pass && Group Membership) in order to successfully connect. is there any way of
accomplishing this with IKEv2?
thank you,
brendan
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
