Is there a way to use ldap authentication with ikev2? Obviously xauth-pam will only work with ikev1, but in looking over the Android Strongswan app, I notice that's ikev2 only.
It looks to me, from looking at this page: https://wiki.strongswan.org/projects/strongswan/wiki/EapGtc that this is the plugin to do that? I already have compiled strongswan with --enable-xauth-pam, I'd need to recompile adding in --enable-eap-gtc I'm a little unclear as to what the conn would look like. Right now, this works fine on ikev1 and xauth-pam conn roadwarrior-ldap keyexchange=ikev1 leftid=vpn.sysnet.ucsd.edu rightauth=pubkey rightauth2=xauth-pam auto=add Would it be sufficient to remove the forced ikev1 setting in there? Or do I need to add in a new conn conn roadwarrior-ldap2 keyexchange=ikev2 leftid=vpn.sysnet.ucsd.edu rightauth=pubkey rightauth2=eap-gtc auto=add I don't see a strongswan.d/charon/eap-gtc.conf file -- does it need one? _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
