please evaluate enabling more plugins to make strongswan more useful
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
strongswan (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Based on a discussion I had related to the zesty merge of latest Strongswan I got this info:
The only (small) problem I have with Strongswan in Xenial is that what's
installed by default doesn't provide enough features to make a good
roadwarrior client compatible with VPN targeting OSX/iOS, Windows and
Android clients.
2 plugins are missing from the default install:
1) eap-mschapv2 is required on the client side to connect to VPN
concentrators configured for Windows 7+ and modern OSX/iOS using IKEv2.
In such scenario, the VPN concentrator identifies itself with a public
key and asks the client to authenticate with MSCHAPv2.
2) xauth-generic is required on the client side to connect to VPN
concentrators configured for Android and older OSX/iOS using IKEv1 and
XAUTH. In such scenario, the VPN concentrator identifies itself with a
public key or a shared secret and asks the client to authenticate with a
XAUTH password.
Currently in Xenial, installing Strongswan only suggests
libcharon-
libcharon-
strongswan-
independent and then making libcharon-
be doable?
Definitely worth to look into it, so I opened this bug to track it.
Thanks to Simon for bringing that up!
Stored on my personal "I should do" list