Implementation of EAP Authentication into IKEv2 Protocol

IKEv2 is a protocol for exchanging keys in the IPsec architecture. In it's specification, EAP was proposed as one of the authentication mechanisms. EAP is extensible authentication protocol based on client/server architecture and allows introduction of additional EAP methods. Implementation of this protocol is complex and in our project it was decided to include one of the existing implementations of EAP into IKEv2 protocol. WPA_supplicant implementation is chosen for peer and this article mainly describes how it was included. IKEv2 responder, on the other side, will rely on RADIUS server for EAP. Therefore it should provide protocol traverse between IKEv2 and RADIUS, both encapsulating EAP packets.