Use leftcert for more options on IPsec authentication
This commit is contained in:
parent
1f2f38f509
commit
63ba47297f
|
@ -599,6 +599,8 @@ EOD;
|
|||
case 'xauth_rsa_server':
|
||||
$authentication = "leftauth = pubkey\n\trightauth = pubkey";
|
||||
$authentication .= "\n\trightauth2 = xauth-generic";
|
||||
if (!empty($ph1ent['certref']))
|
||||
$authentication .= "\n\tleftcert={$certpath}/cert-{$ph1ent['ikeid']}.crt";
|
||||
break;
|
||||
case 'xauth_psk_server':
|
||||
$authentication = "leftauth = psk\n\trightauth = psk";
|
||||
|
@ -609,10 +611,14 @@ EOD;
|
|||
break;
|
||||
case 'rsasig':
|
||||
$authentication = "leftauth = pubkey\n\trightauth = pubkey";
|
||||
if (!empty($ph1ent['certref']))
|
||||
$authentication .= "\n\tleftcert={$certpath}/cert-{$ph1ent['ikeid']}.crt";
|
||||
break;
|
||||
case 'hybrid_rsa_server':
|
||||
$authentication = "leftauth = xauth-generic\n\trightauth = pubkey";
|
||||
$authentication .= "\n\trightauth2 = xauth";
|
||||
if (!empty($ph1ent['certref']))
|
||||
$authentication .= "\n\tleftcert={$certpath}/cert-{$ph1ent['ikeid']}.crt";
|
||||
break;
|
||||
}
|
||||
|
||||
|
|
Reference in New Issue