[prev in list] [next in list] [prev in thread] [next in thread]
List: strongswan-users
Subject: Re: [strongSwan] Extra EAP options for Strongswan android app
From: Tobias Brunner <tobias () strongswan ! org>
Date: 2013-09-25 15:21:29
Message-ID: 5242FF79.6010307 () strongswan ! org
[Download RAW message or body]
Hi Lance,
> It is said that the strongswan android app only supports EAP-MSCHAPv2,
> EAP-MD5 and EAP-GTC.
>
> If I build the code myself, can I add extra EAP types to the configure
> script ? -- say EAP-TLS
Theoretically yes, but the EAP-TLS method in particular is not an EAP
method in the app's narrow interpretation.
As the label "IKEv2 EAP (Username/Password)" indicates only EAP methods
that require username/password can currently be used. Methods that
tunnel other EAP methods, like EAP-PEAP or EAP-TTLS would also work if
used without client certificate and if the tunneled method is based on
username/password (EAP-TTLS is actually loaded in the EAP-TNC case).
EAP-TLS is more like the "IKEv2 Certificate" option in terms of
credentials. I suppose an option like "IKEv2 EAP-TLS (Certificate)"
could be added quite easily, if that's something you require.
Regards,
Tobias
_______________________________________________
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic