Hello, I have ipsec clients using strongswan that are connecting to a strongswan server and want to setup connection profiles based on info in the subject Alt name string in each clients certificate. The subject Alt name in the client cert looks like this:
X509v3 Subject Alternative Name: DNS:zakr3dsegw51.epc.mnc100.mcc313.3gppnetwork.org I've tried every variation I can think of using the "id = " parm in swanctl.conf on the server and I cannot seem to get the strongswan server to recognize/match on the subject Alt name in the clients cert. I've tried values including: id = DNS: zakr3dsegw51.epc.mnc100.mcc313.3gppnetwork.org id = zakr3dsegw51.epc.mnc100.mcc313.3gppnetwork.org id = FQDN: zakr3dsegw51.epc.mnc100.mcc313.3gppnetwork.org id = @ zakr3dsegw51.epc.mnc100.mcc313.3gppnetwork.org and others... Any suggestions? Thx in advance. Dave Finley df1...@att.com<mailto:df1...@att.com> (630) 719-4391 (desk) (630) 740-5198 (mobile)