Hello Misc, I'm having a small issue with my iked.conf on my openbsd 4.9 firewall. I have the following config and it works fine:
Ikev2 "laptop" passive esp \ From 192.168.10.0/24 to 1.1.1.0/24 local any peer any \ srcid xxx.xxx.xxx.xxx \ config address 1.1.1.2 I have a win 7 laptop with certs and I connect with no issue. Now I'd like to add a couple of more clients in the mix. So I created certs for them and distributed them correctly and now have the following: Ikev2 "home-PC" passive esp \ From 192.168.10.0/24 to 1.1.1.0/24 local any peer any \ srcid xxx.xxx.xxx.xxx \ config address 1.1.1.3 Ikev2 "laptop" passive esp \ From 192.168.10.0/24 to 1.1.1.0/24 local any peer any \ srcid xxx.xxx.xxx.xxx \ config address 1.1.1.2 But when I connect I cannot and starting iked -dvv shows it's trying to connect with the "laptop" policy. I'm afraid I have the config wrong. Is this the correct way to add multiple clients and if not what would I do? I can't seem to find any info on the web or man pages.