Cisco Bug: CSCun63242 - Accept IKEv2 ID strings of DER_ASN1_DN when performing EAP-TLS auth
May 05, 2016
- Cisco ASR 1000 Series Aggregation Services Routers
Known Affected Releases
Symptom: Strongswan VPN client on Linux is unable to authenticate to an IOS based flexvpn headend when using EAP-TLS as its authentication method because it presents the certificate's DN string as its IKEv2 ID, and IOS cannot match on this type of value as a string. Conditions: - Known to occur with Strongswan VPN client - Using EAP-TLS between client and Radius server as IKE Authentication method.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases