Hello everyone!
I'm trying unsuccessfully to configure an IPSec / IKEv2 VPN (Windows 10 clients) using authentication on an LDAP server (samba + ldap on Ubuntu). I can already get PFSense to authenticate to that LDAP server (authentication test page) and also OpenVPN, but I want to use Windows native IPSec. I was only able to make it work using the local database using Pre-Shared Keys, but not with the LDAP server.
From what I've been reading, the EAP_MSCHAPv2 authentication method is not compatible with what LDAP expects to receive.
I know it is possible to configure this authentication using a Radius server (in my case FreeRadius on Ubuntu), but I don't want it like that ... I want it with LDAP.
How to do that?
Live long and prosper,
Marcelo Magalhães
Rio de Janeiro - RJ - Brazil