diff options
-rw-r--r-- | src/etc/inc/vpn.inc | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/etc/inc/vpn.inc b/src/etc/inc/vpn.inc index 06da50d..1c22f5f 100644 --- a/src/etc/inc/vpn.inc +++ b/src/etc/inc/vpn.inc @@ -995,6 +995,7 @@ EOD; $authentication .= "leftauth=pubkey\n\trightauth=eap-mschapv2"; if (!empty($ph1ent['certref'])) { $authentication .= "\n\tleftcert={$certpath}/cert-{$ph1ent['ikeid']}.crt"; + $authentication .= "\n\tleftsendcert=always"; } } break; @@ -1004,11 +1005,13 @@ EOD; $authentication .= "leftauth=pubkey\n\trightauth=eap-tls"; if (!empty($ph1ent['certref'])) { $authentication .= "\n\tleftcert={$certpath}/cert-{$ph1ent['ikeid']}.crt"; + $authentication .= "\n\tleftsendcert=always"; } } else { $authentication = "leftauth=eap-tls\n\trightauth=eap-tls"; if (!empty($ph1ent['certref'])) { $authentication .= "\n\tleftcert={$certpath}/cert-{$ph1ent['ikeid']}.crt"; + $authentication .= "\n\tleftsendcert=always"; } } if (isset($casub)) { @@ -1021,11 +1024,13 @@ EOD; $authentication .= "leftauth=pubkey\n\trightauth=eap-radius"; if (!empty($ph1ent['certref'])) { $authentication .= "\n\tleftcert={$certpath}/cert-{$ph1ent['ikeid']}.crt"; + $authentication .= "\n\tleftsendcert=always"; } } else { $authentication = "leftauth=eap-radius\n\trightauth=eap-radius"; if (!empty($ph1ent['certref'])) { $authentication .= "\n\tleftcert={$certpath}/cert-{$ph1ent['ikeid']}.crt"; + $authentication .= "\n\tleftsendcert=always"; } } break; |