[Swan] additional authentication, like LDAP, Kerberos, RADIUS on tunnels
Paul Wouters
paul at nohats.ca
Fri Sep 16 21:50:01 EEST 2022
On Thu, 15 Sep 2022, Michael Schwartzkopff wrote:
> On 15.09.22 21:28, Paul Wouters wrote:
>> For IKEv2 that would go via EAP.
>> Currently, only EAPTLS is implemented. You are looking at EAP-mschapv2. We
>> don’t support that yet. I know strongswan does support it.
>
> strongswan supports all kind of EAP. Basically the VPN server only passes the
> EAP packets on to the RADIUS server. And FreeRADIUS supports all (!) EAP
> types.
Yes, it would be nice to get a "basic" patch for this :)
Paul
More information about the Swan
mailing list