Project

General

Profile

Issue #3029

Windows 7 / 10 - Double prompt when logging into StrongSwan

Added by karan kapoor 3 months ago. Updated 3 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
configuration
Affected version:
5.3.5
Resolution:
No change required

Description

We are seeing a strange issue when using Windows 7 / 10 default VPN client to connect to StrongSwan VPN servers. The login prompt (username / password prompt) is coming twice when trying to establish the VPN connection.

Though in the second attempt the connection does get established, however, it is a problem for us since the VPN is created programmatically behind the scenes.

Have been trying to find a solution to this, but for no use. Is there a way to fix this up on the StrongSwan side?

Any guidance on this would be really helpful.

History

#1 Updated by Noel Kuntze 3 months ago

  • Category set to configuration
  • Status changed from New to Feedback
  • Priority changed from Urgent to Normal

Hello Karan,

Please follow the instructions on the HelpRequests page.

Kind regards

Noel

P.S. It is presumptuous to set Priority to Urgent in public bug tracker run by volunteers in their free time without reimbursement. If you have anything Urgent to get fixed, at least ask for commercial support. In any case, a solution is likely already available in some other ticket, because I remember dealing with that myself already.

#2 Updated by karan kapoor 3 months ago

We had requirement of assigning virtual IPs from a specific pool to specific users (based on identity). So, in every peer config, rightsourceip has the pool name from which the virtual IP is allocated.

With ubuntu, choosing the peer config based on identity worked fine, but for windows it was failing. As a workaround, we used rightgroups property in ipsec.conf as described in the following link:
https://serverfault.com/questions/908098/strongswan-clients-access-rights

Now, I suspect that the problem occurs due the dummy connection switch. Please let me know if this is the case. Also, if there is another way to achieve the same thing without again prompting for password, please let me know how to do it.

Any help on solving this problem will be helpful.

Regards
Karan

#3 Updated by karan kapoor 3 months ago

Looks like the issue got resolved, had to re-configure strongwan with eap-identity and md4 plugin.

#4 Updated by Tobias Brunner 3 months ago

  • Status changed from Feedback to Closed
  • Assignee set to Noel Kuntze
  • Resolution set to No change required

Also available in: Atom PDF