[Swan] Question about xauthby=file
Paul Wouters
paul at nohats.ca
Wed Nov 25 19:46:56 UTC 2015
On Wed, 25 Nov 2015, Joe Shockman wrote:
> I'm using this doc and I can't get xauthby=file to work
> https://libreswan.org/wiki/VPN_server_for_remote_clients_using_IKEv1_XAUTH
>
> I think I'm just failing to understand how xauth is supposed to work.
> Can anyone send an example of a working config? ( ipsec.conf + xl2tpd.conf )
There are a few tests, this is one example:
https://github.com/libreswan/libreswan/tree/master/testing/pluto/xauth-pluto-04
> Does xauth require rsa sigs or certs? Or does it also support using a shared secret? (that seems way simpler, and
> sufficiently secure)
The XAUTH method is independant of the auth method. So you can use PSK,
X.509 certs or raw RSA.
Paul
More information about the Swan
mailing list