[Openswan Users] IKE v2
Andreas Steffen
andreas.steffen at strongsec.net
Thu Nov 2 08:25:21 EST 2006
Hi Mike,
strongswan-4.0 has IKEv2 support. It can be downloaded from
http://www.strongswan.org/
EAP functionality is planned for 2007. What you can do right now
is mixed IKE authentication. The VPN gateway has an X.509 certificate
and uses RSA authentication whereas the VPN clients are using
distinct pre-shared keys. You can find a configuration example
(ipsec.conf, ipsec.secrets) under the link.
http://www.strongswan.org/uml/testresults4/ikev2/rw-psk-rsa-split/
IKEv2 mode is selected with the connection option keyexchange=ikev2.
Best regards
Andreas
Mike Horn wrote:
> Hi,
>
> Are there any plans to add support for IKE v2 to Openswan? If so, any
> rough ideas on time frame? In particular I'm interested in support for
> EAP to replace XAUTH for remote access user authentication.
>
> Thanks,
>
> -mike
=======================================================================
Andreas Steffen e-mail: andreas.steffen at strongsec.com
strongSec GmbH home: http://www.strongsec.com
Alter Zürichweg 20 phone: +41 1 730 80 64
CH-8952 Schlieren (Switzerland) fax: +41 1 730 80 65
==========================================[strong internet security]===
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3413 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.openswan.org/pipermail/users/attachments/20061102/2dde877f/attachment.bin
More information about the Users
mailing list