On 2021-02-04, Riccardo Giuntoli <tag...@gmail.com> wrote: > Hello misc, how are you? > > I've got this scenario: > > A ikev2 passive server in France that got: > > A CA > A server certificate for tls server > And a client certificate for tls client > > I export the CA in PEM format and put it on /etc/iked/ca > > Next I export the private key and the certificate and put it on: > > /etc/iked/private/client.key > > And the certificate I put it on /etc/iked/pubkeys/ufqdn > > I also export the PEM of the server and put it on /etc/iked/certs > > Next on iked.conf I use src-id with the email CN that I've got configured. > > I cannot connect to my server with openiked but with the exactly the same > configuration on a strongswan client it works. > > Any suggestions? > > Kind regards > RG
You'll need to show some config and probably logs before anyone can help.
