I have raised for the following reason:
I am trying to bring L2L VPN between IOS router ASA. On the ASA, I get the following error message: Feb 20 01:57:42 [IKEv1]: Group = R3, IP = 162.1.13.3, Unable to compare IKE ID against peer cert Subject Alt Name If I have "peer id validate" with certificate, the tunnel comes up. It seems the ASA is trying to match the Alt name with the IKE. Since, there is no ALT name, the validation fails. The I tried adding CN as the hostname in the router during enrollment and then the tunnel came up without the need of peer id validate" with certificate on the ASA. With regards Kings On Sat, Feb 20, 2010 at 5:07 PM, Kingsley Charles < [email protected]> wrote: > Hi all > > I have did it before but it's not striking ne now. When you enroll an IOS > router or ASA to a CA server, how do we include an Alternate name? > > Is CN and Atl Name the same? > > > > With regards > Kings >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
