I'm pretty sure I'm misunderstanding some part of the EAP/PAP/XAuth/RADIUS exchange. Has anyone had success integrating with strongSwan in a similar configuration? What are my options since the agent doesn't support EAP?
Unfortunately, this is not supported in the manner you're suggesting although our Professional Services team mentioned that you may be able to accomplish what you're looking to do by leveraging the FreeRADIUS utility to proxy these requests. I think you're best bet, though, will be strongSwan support.
Sorry we can't be more helpful. I hope you are able to find a way to make this work.