Hi Adam,
from the output of "ipsec listall" I see that moon's private
key was not found on moon and that no CA cert was found on dave.
Further both moon's and dave's certificate were signed by a CA with
authkey: a7:db:14:22:72:76:7b:45:f9:f9:1b:57:59:c1:07:37:9a:a6:57:d2
but the CA found on moo
Thanks Andreas for your very fast answer.
I did what you said but I got the same error.
dave:/etc/ipsec.d# ipsec up home
initiating IKE_SA 'home' to 192.168.0.216
IKE_SA 'home' state change: CREATED => CONNECTING
generating IKE_SA_INIT reque
Hi Adam,
dave has a certificate issued by CA
"C=CH, ST=TI, L=Stabio, O=Gerosa CA Services, CN=moon"
whereas moon has a certificate issued by CA
"C=CH, ST=TI, L=Stabio, O=Gerosa CA Services, CN=Gerosa CA server"
Therefore moon cannot verify dave's certificate because it doesn't
has the moon C
Hi All,
I am try to build a VPN but when I give the command (on dave) ipsec up home
I get the error:
dave:/etc# ipsec up home
initiating IKE_SA 'home' to 192.168.0.216
IKE_SA 'home' state change: CREATED => CONNECTING
generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ]
sendin