[strongSwan] no matching config

Martin Willi martin at strongswan.org
Mon Oct 25 10:38:19 CEST 2010

> looking for peer configs matching
>[moon.strongswan.org]...[carol at strongswan.org]
> no matching peer config found

>   rw-eap-sim:   local:  [C=FR, ST=Some-State, O=Linux strongSwan,
>                          CN=moon.strongswan.org] uses public key authentication
>   rw-eap-sim:    cert:  "C=FR, ST=Some-State, O=Linux strongSwan,
>                          CN=moon.strongswan.org"
>   rw-eap-sim:   remote: [*@strongswan.org] uses EAP_SIM authentication
>   rw-eap-sim:   child: === dynamic

The leftid you are using must be contained in the server certificate,
either as subject DN or as subjectAltName (CN is not sufficient, must be
the full DN). strongSwan will automatically fall back to the DN of the
certificate if this isn't the case, otherwise the client won't find the
certificate for the servers identity.


More information about the Users mailing list