OpenIKED match on user/cert instead of gateway

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

OpenIKED match on user/cert instead of gateway

Kim Zeitler
hello misc,

I got the requirement for a more exotic setup in which some road
warriors are required to be in a different network segment.

 From strongSWAN I know it is possible to match connections based on
userid/cert.
iked.conf(5) only gives examples for different gateways.

To cut a long story short - is it possible to do this in openiked or do
I need to setup a separate instance?

Cheers,
Kim


smime.p7s (6K) Download Attachment