[Swan] Question on EAP-TLS in 4.7
Paul Wouters
paul at nohats.ca
Wed May 25 17:52:32 EEST 2022
On Wed, 25 May 2022, Mirsad Goran Todorovac wrote:
> I was just glad that EAP-TLS was implemented in libreswan-4.7. That's such a
> great news.
>
> I am looking forward for deployment on our clients. It seems that it would
> simplify certificate
> management to a great extent.
>
> Is there some instruction other than this example:
>
> # cat ./testing/pluto/interop-ikev2-strongswan-24-strongswan-eaptls/east.conf
> # /usr/local/strongswan/etc/ipsec.conf - Strongswan IPsec configuration file
libreswan as a eaptls server can be found at:
https://github.com/libreswan/libreswan/blob/main/testing/pluto/interop-ikev2-eaptls-strongswan-client/east.conf
> I would also like to run VPN with already issued v4.5 client certificates
> simultaneously.
Not sure what you mean? If you mean migrating from non-eaptls to eaptls,
that _should_ work but we did not test that.
Paul
More information about the Swan
mailing list