Hello, I am unable to establish an ikev1 SA when I specify the rightid in the following manner :-
rightid=%any or rightid="C*, ST=*, O=*, OU=*, CN=*, E=*" I get an INVALID_ID_INFORMATION error. I cannot give the actual DN or FQDN of the certificate as the rightid since it is not known to me. However, here is the twist, establishing an ikev2 SA works absolutely fine. Does it mean that in ikev2, you are not matching the id specified in the ipsec.conf with the DN of the remote peer certificate. Is it possible to make ikev1 work with the above way of specifying rightid ? Thanks & Regards, Ashish. _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
