diff options
Diffstat (limited to 'etc/inc')
| -rw-r--r-- | etc/inc/vpn.inc | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 1e3335d..4682bcc 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -617,9 +617,16 @@ EOD; $authentication = ""; switch ($ph1ent['authentication_method']) { case 'eap-tls': - $authentication = "leftauth=eap-tls\n\trightauth=eap-tls"; - if (!empty($ph1ent['certref'])) - $authentication .= "\n\tleftcert={$certpath}/cert-{$ph1ent['ikeid']}.crt"; + if (isset($ph1ent['mobile'])) { + $authentication = "eap_identity=%identity\n\t"; + $authentication .= "leftauth=pubkey\n\trightauth=eap-tls"; + if (!empty($ph1ent['certref'])) + $authentication .= "\n\tleftcert={$certpath}/cert-{$ph1ent['ikeid']}.crt"; + } else + $authentication = "leftauth=eap-tls\n\trightauth=eap-tls"; + if (!empty($ph1ent['certref'])) + $authentication .= "\n\tleftcert={$certpath}/cert-{$ph1ent['ikeid']}.crt"; + } break; case 'xauth_rsa_server': $authentication = "leftauth = pubkey\n\trightauth = pubkey"; |
