[Swan] SAML2.0 authentication

[Paul Wouters]

On Wed, 14 Feb 2024, David Valiente via Swan wrote:

> I have a requirement where VPN users are to authenticate against Google through SAML.
> Authentication MUST be done via SAML, no oauth.

This I guess would be some kind of EAP method? I know of no other
authentication method specified for IKEv2 that would support this.

> Has anyone achieved a working setup like that?

libreswan only supports EAPTLS, and that is not what you want.

Paul