Hello Ashish, I'm currently on a holiday in Australia and thus I have only limited time in answering questings on the strongSwan mailing list.
Best regards Andreas ashish mahalka wrote: > Hi Andreas, > > It would be really nice if you could give me some information on the > problem that I have described in the mail below. > > Thanks for all the help! > > regards, > Ashish > > On 1/13/10, ashish mahalka <[email protected]> wrote: >> Hello, >> >> I am unable to establish an ikev1 SA when I specify the rightid in the >> following manner :- >> >> rightid=%any or rightid="C*, ST=*, O=*, OU=*, CN=*, E=*" >> >> I get an INVALID_ID_INFORMATION error. >> >> I cannot give the actual DN or FQDN of the certificate as the rightid since >> it is not known to me. >> >> However, here is the twist, establishing an ikev2 SA works absolutely fine. >> Does it mean that in ikev2, you are not matching the id >> specified in the ipsec.conf with the DN of the remote peer certificate. >> >> Is it possible to make ikev1 work with the above way of specifying rightid >> ? >> >> Thanks & Regards, >> Ashish. ====================================================================== Andreas Steffen [email protected] strongSwan - the Linux VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[ITA-HSR]== _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
