I am trying to build a site to site to a Fortigate.
I believe that the tunnel is failing in phase 1 at the peer ID check -
Here is a section of the strongswan.log where I believe the failure occurs:
2018-04-10 09:32:22 24[NET] <WSB-1|4146> sending packet: from x.x.x.x[500] to x.x.x.x[500] (428 bytes)
2018-04-10 09:32:22 32[NET] <WSB-1|4146> received packet: from x.x.x.x[500] to x.x.x.x[500] (220 bytes)
2018-04-10 09:32:22 32[ENC] <WSB-1|4146> parsed IKE_AUTH response 1 [ IDr AUTH N(MSG_ID_SYN_SUP) SA TSi TSr ]
2018-04-10 09:32:22 32[IKE] <WSB-1|4146> authentication of 'x.x.x.x' with pre-shared key successful
2018-04-10 09:32:22 32[CFG] <WSB-1|4146> constraint check failed: identity 'x.x.x.x' required
2018-04-10 09:32:22 32[CFG] <WSB-1|4146> selected peer config 'WSB-1' inacceptable: constraint checking failed
2018-04-10 09:32:22 32[CFG] <WSB-1|4146> no alternative config found
2018-04-10 09:32:22 32[DMN] <WSB-1|4146> [GARNER-LOGGING] (child_alert) ALERT: peer authentication failed
2018-04-10 09:32:22 32[ENC] <WSB-1|4146> generating INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
I am pretty sure that I set the peer ID correctly on the Fortigate side - Anyone have any thoughts!!?
This thread was automatically locked due to age.
