Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - Oliver

#1
A regression in the eap-tls plugin of Strongswan 5.9.10+ prevents EAP-TLS authentication. The log shows:

11[IKE] <con1|2> verification of AUTH payload with EAP MSK failed

Details: https://github.com/strongswan/strongswan/discussions/1613

Remedy: Downgrade to Strongswan 5.9.9_1 via

opnsense-revert -r 23.1.1 strongswan

But keep in mind that this version is affected by vulnerability CVE-2023-26463.