Project

General

Profile

Feature #1057

conn switching based on eap identity

Added by Noel Kuntze about 5 years ago. Updated 5 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
06.08.2015
Due date:
Estimated time:
Resolution:

Description

Hello,

I recently discovered, that strongSwan 5.1.2 (and maybe newer versions)
correctly detect the eap identity during authentication, but don't seem
to be able to switch to another conn after that. Is that a bug or a missing feature?
I haven't found anything about that on the road map.
The EAP authentication method in use is EAP-MSCHAPV2.

If required, I will provide an example conn and a log.

Kind regards,
Noel


Related issues

Related to Issue #628: Windows Phone 8.1 - Certificate Pattern MatchingNew26.06.2014
Related to Issue #2719: Windows - Different peer configs per identityClosed
Related to Issue #1183: EAP-MSCHAPv2 Win7 - EAP key found only on second tryClosed28.10.2015
Has duplicate Issue #1071: Fails to match connection profile when specifying eap identityClosed17.08.2015
Has duplicate Issue #2916: more specific conn (rightid) not selectedClosed

History

#1 Updated by Tobias Brunner about 5 years ago

  • Related to Issue #628: Windows Phone 8.1 - Certificate Pattern Matching added

#2 Updated by Tobias Brunner about 5 years ago

  • Tracker changed from Issue to Feature
  • % Done set to 0

#3 Updated by Tobias Brunner almost 5 years ago

  • Has duplicate Issue #1071: Fails to match connection profile when specifying eap identity added

#4 Updated by Tobias Brunner almost 2 years ago

  • Related to Issue #2719: Windows - Different peer configs per identity added

#5 Updated by Tobias Brunner almost 2 years ago

  • Related to Issue #1183: EAP-MSCHAPv2 Win7 - EAP key found only on second try added

#6 Updated by Tobias Brunner over 1 year ago

  • Has duplicate Issue #2916: more specific conn (rightid) not selected added

#7 Updated by Tobias Brunner 5 months ago

Just for reference, there is a workaround (besides using RADIUS and group matching) I described in this answer on serverfault.com.

Also available in: Atom PDF