I guess your missing a comma in /etc/ipsec.conf on wt8510w: rightid="C=nl, ST=zh, L=mld, O=ivent, OU=ric, CN=vpngateway E=*" # id of gateway
Insert "," between "CN=vpngateway" and " E=*". The correct line would be rightid="C=nl, ST=zh, L=mld, O=ivent, OU=ric, CN=vpngateway, E=*" # id of gateway The problem is that the pattern 'C=nl, ST=zh, L=mld, O=ivent, OU=ric, CN=vpngateway E=*' does NOT match 'C=nl, ST=zh, L=mld, O=ivent, OU=ric, CN=vpngateway, E=:vpngate...@kc3057.kc.mindef.nl' I'm not an export when it comes to those Distinguished Names. But I guess that "CN=vpngateway E=*" is interpretet as that the common Name literally has to be "vpngateway E=*". Or it might be interpretet as a multivalue RDN. I don't know for sure. You can also infer that from the following syslog output: "Mar 11 10:03:27 wt8510w pluto[6505]: "client1" #1: we require peer to have ID 'C=nl, ST=zh, L=mld, O=ivent, OU=ric, CN=vpngateway E=*', but peer declares 'C=nl, ST=zh, L=mld, O=ivent, OU=ric, CN=vpngateway, E=:vpngate...@kc3057.kc.mindef.nl'" Daniel _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
