strongSwan Configuration for Windows User Certificates

Connection Definition

The following eap-tls connection definition in swanctl.conf allows multiple Windows clients using user certificates to connect to the strongSwan VPN gateway via EAP-TLS over IKEv2.

connections {
  eap-tls {
    pools = ipv4, ipv6

    local {
      auth = pubkey
      certs = gatewayCert.pem
      id =
    remote {
      auth = eap-tls
      cacerts = strongsecCaCert.der
      eap_id = %any
    children {
      eap-tls {
        local_ts =, ::/0

pools {
  ipv4 {
    addrs =
    dns =
  ipv6 {
    addrs = 2a02:168:4407:1::/122
aes256-sha256-modp2048 for IKE and aes256-sha1-modp2048 for ESP are the strongest proposals the Windows client is able to offer unless PowerShell is used. These proposals are not explicitly configured here to accept stronger algorithms proposed by such and other clients via strongSwan’s default proposals.
pools = ipv4, ipv6

The gateway assigns an IPv4 and and IPv6 virtual IP address from the pools ipv4 and ipv6 pools, respectively. These two pools are defined in a separate pools section. The IPv4 and IPv6 lease ranges are and 2a02:168:4407:1::/122, respectively. An internal IPv4 DNS server is defined as well. The assigned virtual IP addresses and internal DNS server information will be sent to the Windows Client via the IKEv2 Configuration Payload (CP).

local.certs = gatewayCert.pem

The X.509 certificate of the VPN gateway is stored in the /etc/swanctl/x509 directory. The matching private key of the VPN gateway can either be of type RSA or ECDSA and is stored in the corresponding subdirectory in /etc/swanctl/. =

The IKEv2 ID of the VPN gateway. It must be contained as a subjectAltName in the gateway certificate.

remote.cacerts = strongsecCaCert.der

This option actually isn’t required for EAP-TLS over IKEv2 since no client certicate is need for IKEv2 authentication. The reason for keeping it is that when the gateway sends the CERTREQ payload in its IKE_SA_INIT response, it doesn’t know yet whether the Windows client is going to use machine or user certificates.

remote.eap_id = %any

This option activates the sending of an EAP identity with which the Windows client can be identified. With EAP-TLS, Windows sends its current IP address as an IKEv2 ID which if it is dynamic doesn’t have any identification value.

children.eap-tls.local_ts =, ::/0

All IPv4 and IPv6 traffic will be tunneled from the Windows client to the strongSwan VPN gateway (no split-tunneling use case).