Hi All, I'm facing an issue in which the connection with Cisco EZVPN client is failing with the error " The Peer certificate does;nt match with Phase1 ID". The issue is occurring in Strongswan version 5.2.0. We are using IKev1 to establish a tunnel between Cisco EZVPN client and strongswan server,
We found out the cause to be mismatch in the string formats between Identification and Certificate payloads in the 6th message of Phase 1. The certificate uses UTF8String format for encoding the RDN whereas the Identification payload uses PrintableString format. Is there any specific reason behind the usage of PrintableString format irrespective of the encoding format used in the certificate? Thanks, Sridhar
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
