[strongSwan] no matching config
Martin Willi
martin at strongswan.org
Mon Oct 25 10:38:19 CEST 2010
Hi,
> looking for peer configs matching
> 192.168.0.1[moon.strongswan.org]...192.168.0.100[carol at strongswan.org]
> no matching peer config found
> rw-eap-sim: local: [C=FR, ST=Some-State, O=Linux strongSwan,
> CN=moon.strongswan.org] uses public key authentication
> rw-eap-sim: cert: "C=FR, ST=Some-State, O=Linux strongSwan,
> CN=moon.strongswan.org"
> rw-eap-sim: remote: [*@strongswan.org] uses EAP_SIM authentication
> rw-eap-sim: child: 10.1.0.0/16 === dynamic
The leftid you are using must be contained in the server certificate,
either as subject DN or as subjectAltName (CN is not sufficient, must be
the full DN). strongSwan will automatically fall back to the DN of the
certificate if this isn't the case, otherwise the client won't find the
certificate for the servers identity.
Regards
Martin
More information about the Users
mailing list