[strongSwan] Certificate-based IPsec tunnel failing to complete
Regel, Julian (CSS)
Julian.Regel at capita.co.uk
Fri Jul 5 14:00:18 CEST 2019
Hi
[sorry - previously replied to single poster, not the list]
Thanks for the pointer. I've got it working!
The Cisco ASA appears to send the Distinguished Name as its identifier, so changing:
id = vpntest.example.com
to
id = "C=UK, ST=Example, O=Example, OU=Example, CN=vpntest.example.com"
Worked!
The key to solving this is understanding what the remote end is sending, and this appears to vary depending on device.
Hopefully this information will be useful to others too.
Thanks
Julian
You are receiving this message from Capita Software. Should you wish to see how we may have collected or may use your information, or view ways to exercise your individual rights, see our Privacy Notice<https://www.capitasoftware.com/PrivacyNotice>
This email is security checked and subject to the disclaimer on web-page: http://www.capita.co.uk/email-disclaimer.aspx
More information about the Users
mailing list