13 lines
715 B
Plaintext
13 lines
715 B
Plaintext
The roadwarrior <b>carol</b> sets up a connection to gateway <b>moon</b>.
|
|
At the outset the gateway authenticates itself to the client by sending
|
|
an IKEv2 <b>RSA signature</b> accompanied by a certificate.
|
|
<b>carol</b> then uses the <i>Extensible Authentication Protocol</i>
|
|
in association with an <i>MD5</i> challenge and response protocol
|
|
(<b>EAP-MD5</b>) to authenticate against the gateway <b>moon</b>.
|
|
In addition to her IKEv2 identity <b>carol@strongswan.org</b>, roadwarrior
|
|
<b>carol</b> uses the EAP identity <b>carol</b>.
|
|
<p/>
|
|
Since RADIUS accounting is enabled in <b>strongswan.conf</b>, gateway <b>moon</b>
|
|
sends user name, connection time and data volume information to the
|
|
RADIUS server <b>alice</b>.
|