[strongSwan] left ID, right ID and no matching peer config
agarwalpiyush at gmail.com
Tue Apr 25 03:19:40 CEST 2017
I am trying to establish strongswan between two ubuntu 14.04 machines.
I can get things to work if I specify both the leftID and the rightID on
both server and client.
What I need though is the following:
1) I will be copying the server self-signed certificate directly to the
client machine and vice-versa. I understand this is not 100% secure, but I
am going to have to go this way.
2) Those self-signed certificates will be generated with "server" on server
machine and "client" on client machine as the subject Alt Name.
3) For security, I'd like to set rightID on client to be "server" while the
rightID on server would be %any.
However, this throws a AUTH_FAILED error on the server:
looking for peer configs matching
no matching peer config found
My server ipsec.conf:
My client ipsec.conf:
What am I missing? Why is the server not able to find peer config when
rightid has been specified as %any? I hope I am not missing something
Life can only be understood backwards; but it must be lived forwards.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users