Hi Christian, > Ok, I changed my command line to now read > > sudo charon-cmd --host x.x.x.x --identity remote.user --p12 remote.user.p12
The server expects the client to authenticate with EAP, but the client will not do that automatically if you configure a private key/certificate (it then uses the profile ikev2-pub to use regular pubkey authentication). If you want to use EAP-TLS instead, add --profile ikev2-eap to the command line. Regards, Tobias
