[strongSwan] Question on IKEv2
Kimmo Koivisto
koippa at gmail.com
Fri Apr 6 12:47:50 CEST 2012
Hello
I'm no strongswan developer, here's my best guess:
> authentication of 'sonicwall id' with pre-shared key successful
> constraint check failed: identity 'sonicwall id' required
> selected peer config 'teknerds' inacceptable
> no alternative config found
> rightid=@sonicwall.id
Sonicwall sends something (DN, IP address, FQDN, email) as it's ID and
you need to configure that ID to your ipsec.conf.
I'm guessing that Sonicwall sends it's IP address but you have
configured something else, such as rightid=@sonicwall.yourdomain.xx.
which is FQDN.
In this case, you shoud configure IP address as ID.
rightid=sonicwall.ip.address
Default rightid is the IP address from parameter right, so you can
also omit the rightid and it should work.
Regards,
Kimmo
More information about the Users
mailing list