[strongSwan] Question on IKEv2

Kimmo Koivisto koippa at gmail.com
Fri Apr 6 12:47:50 CEST 2012


I'm no strongswan developer, here's my best guess:

> authentication of 'sonicwall id' with pre-shared key successful
> constraint check failed: identity 'sonicwall id' required
> selected peer config 'teknerds' inacceptable
> no alternative config found

>        rightid=@sonicwall.id

Sonicwall sends something (DN, IP address, FQDN, email) as it's ID and
you need to configure that ID to your ipsec.conf.

I'm guessing that Sonicwall sends it's IP address but you have
configured something else, such as  rightid=@sonicwall.yourdomain.xx.
which is FQDN.
In this case, you shoud configure IP address as ID.


Default rightid is the IP address from parameter right, so you can
also omit the rightid and it should work.


More information about the Users mailing list