Hello
Unclear for me how to use strongswan package with Attribute name strongswanTNC
I need eap-ttls plugin and now completelly confused how to enable it.
I tried a few options (please review my module config (now commented options) but unsuccessfully.
{ config, pkgs, ...}:
let
version = 2;
secret = "mysecret";
esp_proposals = [ "aes256-sha256-ecp384" ];
proposals = [ "aes256-sha256-ecp384" ];
strongswan = config.services.strongswan-swanctl.package;
# strongswan = callPackage ../tools/networking/strongswan { };
# strongswanTNC = strongswan.override { enableTNC = true; };
in {
# nixpkgs.config.strongswan.enableTNC = true;
# environment.systemPackages = with pkgs; [
# (pkgs.strongswan.override { enableTNC = true; })
# ];
# strongswan = callPackage ../tools/networking/strongswan { };
# strongswanTNC = strongswan.override { enableTNC = true; };
services.strongswan-swanctl = {
enable = true;
swanctl = {
connections = {
taras = {
local_addrs = [ "%any" ];
remote_addrs = [ "192.x.x.35" ];
local.main = {
auth = "eap";
# aaa_id = "%any";
id = "aae";
};
remote.main = {
auth = "pubkey";
id = "%any";
};
children = {
taras = {
remote_ts = [ "10.20.0.0/15" ];
start_action = "trap";
updown = "${strongswan}/libexec/ipsec/_updown iptables";
inherit esp_proposals;
};
};
inherit version;
inherit proposals;
};
};
secrets = {
eap.aae = {
id.main = "aae";
inherit secret;
};
};
};
};
}
Could someone clarify where my mistake is.
Any help is very much appreciated.
Thank you!