It seems that vpp is stricter in this version and it has been relaxed in the later version of code via https://github.com/FDio/vpp/commit/c7cceeebb738b0fabd93d2c4fdfd561321a2be1d
By commenting out the right and left ids, authenticatio goes through and SA gets established [root@83afb4b1f677 etc]# cat ipsec.conf ipsec.secrets config setup strictcrlpolicy=no conn %default leftauth=psk #ike=aes256-sha1-modp2048! ike=aes256-sha256-modp2048! esp=aes192-sha1-esn! mobike=no keyexchange=ikev2 ikelifetime=24h lifetime=24h conn net-net right=50.50.50.2 rightsubnet=10.10.11.1/24 rightauth=psk #rightid=10.10.11.2 left=50.50.50.1 leftsubnet=10.10.10.1/24 leftauth=psk #leftid=10.10.10.2 auto=start
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#22551): https://lists.fd.io/g/vpp-dev/message/22551 Mute This Topic: https://lists.fd.io/mt/96780044/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/leave/1480452/21656/631435203/xyzzy [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
