[strongSwan] no matching peer config found

ccsalway ccsalway at yahoo.co.uk
Wed May 2 09:58:45 CEST 2018

Ah!!! Ok. Thank you

> On 2 May 2018, at 08:55, Tobias Brunner <tobias at strongswan.org> wrote:
> Hi Christian,
>> I am trying to re-use settings so that just the certificate is different
>> (vpnserver uses ECDSA, vpnsever1 uses RSA), which according to the help
>> page [1] should be possible:
> No, that's not how this works.  What you actually define by adding a
> second local* section is a second local authentication round.  That is,
> you instruct the server to authenticate itself to the client twice, once
> with ID vpnserver and a second time with ID vpnserver1.  However, that
> requires a matching config on the client (and support for RFC 4739), so
> this won't work with clients other than strongSwan and only if
> configured manually.
> If you want to reuse settings, define the shared settings in a separate
> file and then include that file in the connection sections and override
> the settings that are different.
> Regards,
> Tobias

More information about the Users mailing list