[strongSwan] having issue while establishing tunnel with public key authentication mode

[Tobias Brunner]

Hi Yogesh,

> I have two ends of site to site VPN where both are configured with
> strongswan and version IKEv1.

Please use IKEv2 if you have strongSwan on both sides, no reason to use
a deprecated protocol.

> Is it normal behavior of strongswan, that we can establish only one
> tunnel at a time on the same machine using same certificate(RSA) ?
> Or what is the expected behavior in this case ?  

Yes, this is the default behavior, a single IKE_SA per pair of
identities.  Have a look at the uniqueids option (or unique in
swanctl.conf).

Regards,
Tobias