Not on openwrt. But you need plaintext or AD like passwords in LDAP. Otherwise you can't auth with mschap(v2).
On 04.01.2018 14:38, Giuseppe De Marco wrote: > Yes Noel and thank you, my question is: > Is there any experiences about running strongswan in openwrt as ikev2 server > with mschap,radius,ldap auth backend? > > 2018-01-04 14:17 GMT+01:00 Noel Kuntze > <noel.kuntze+strongswan-users-ml@thermi.consulting > <mailto:noel.kuntze+strongswan-users-ml@thermi.consulting>>: > > Hi, > > `ipsec` is just a command line tool. It's not a daemon (or generally a > service). > Are there any open questions? > > Kind regards > > Noel > > On 04.01.2018 14:14, Giuseppe De Marco wrote: > > Hi and thank you Noel, > > I meant to run ipsec and charon in the embedded openwrt router, I use > dpd as well > > > > # dead-peer detection to clear any "dangling" connections in case the > client unexpectedly disconnects > > dpdaction=clear > > # If the tunnel has no traffic for this long (default 30 secs), > Charon will send a dead peer detection packet. The value 0 means to not send > such packets, relying on ordinary traffic, which will occur at least once an > hour, which is the default rekeying lifetime. > > dpddelay=33s > > # DPD Retries : 3 > > dpdtimeout=300s > > > > Running strongswan in a 18-70$ openwrt router is very usefull in many > way > >
signature.asc
Description: OpenPGP digital signature