Project

General

Profile

Actions
Copy link

Feature #6242

closed

Use local user datebase for IKEv2 EAP-Charpv2

Added by Jacob Pedersen about 8 years ago. Updated over 4 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
Authentication
Target version:
-
Start date:
04/23/2016
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:

Description

Now its possible to use Pre-shared keys as login information for IKEv2 EAP-Charpv2, but would be nice to use Local Users/groups, so passwords are not showen in cleartext in the pfSense GUI.

Actions
Copy link
 #1

Updated by Sean McBride about 7 years ago

+1 from me :)

Actions
Copy link
 #2

Updated by Jim Pingle over 4 years ago

  • Category set to Authentication
  • Status changed from New to Rejected

For that to work you need EAP, which is not something the base system is going to be able to do easily. Fortunately it's almost trivial to install FreeRADIUS and use it as a backend for IKEv2. If you don't trust users to see that, then you can move the RADIUS server off to another host.

Actions
Copy link

Also available in: Atom PDF