I have a pair of servers, both running OpenBSD 7.6 that have a shared ikev2 vpn
via
iked. This is working great in fact it's working better than I expect it to.
I've noticed
two issues:
* The certificates in my VPN expired about a month ago but the VPN keeps
renegotiating. I
stopped iked on one side for about an hour today and after I restarted it,
the VPN had no
trouble restarting.
* Running `ikectl ca my-vpn-ca certificate my-host create` throws an error
indicating that
the certificate already exists. In fact it does but the certificate that it
cites is the
expired one.
Please forgive my question if these two issues have been addressed since
OpenBSD 7.6 became
stale.
Thanks
--
Chris
__o "All I was trying to do was get home from work."
_`\<,_ -Rosa Parks
___(*)/_(*)____.___o____..___..o...________ooO..._____________________
Christopher Sean Hilton [chris/at/vindaloo/dot/com]
