hi all,
Im testing and searching for windows ike2 clients to strongswan server with
two-way authorization: certificate for machine and user/password for users
from radius/NPSserver. With strongswan for Android this is possible and
works well with rightcert=..cert.pem and rightauth2=eap-radius.
but Windows does not support multiple rounds for authorization. Im thinking
for EAP-TTLS/MSCHAPV2 or PEAP/MSCHAPV2, but it does not work, and in
thisnconfihuration Windwlows client sends its IPaddress for identifier. I
need cert for identifier as need static ip for every machine (not user from
nps).
Any ideas is this possible?
-------------------------------------
ПП: СуперХостинг.БГ имат супер промоция за теб и твоите приятели. До -75%
отстъпка за нови и настоящи клиенти. Можеш да ги разгледаш на сайта.
http://www.superhosting.bg/web-hosting-compare-hosting-plans.php?utm_source=MailBG&utm_medium=footer&utm_content=v3&utm_campaign=Winter2016
_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users
