Hi,
I was trying to connect site-to-site vpn, But it was not working with below.
1)upload local certificate
2)Remote certificate is selected as External certificate
3)upload Remote CA Certificate
Below is the image to depicts what i was tried to explain to you.
My question is, is there any issue with upload Remote CA certificate and trying to connect to another site. Because every time i could see the log below by uploading remote CA certificate.
2022-12-16 07:18:16Z 32[CFG] <lax_pki-1|2741> selected peer config 'lax_pki-1'
2022-12-16 07:18:16Z 32[IKE] <lax_pki-1|2741> no trusted RSA public key found for 'device3'
2022-12-16 07:18:16Z 32[IKE] <lax_pki-1|2741> peer supports MOBIKE, but disabled in config
2022-12-16 07:18:16Z 32[IKE] <lax_pki-1|2741> got additional MOBIKE peer address: 192.168.50.1
2022-12-16 07:18:16Z 32[IKE] <lax_pki-1|2741> got additional MOBIKE peer address: fd81:e807:b2cb::1
2022-12-16 07:18:16Z 32[DMN] <lax_pki-1|2741> [GARNER-LOGGING] (child_alert) ALERT: Couldn't authenticate the remote gateway. Check the authentication settings on both devices.
2022-12-16 07:18:16Z 32[ENC] <lax_pki-1|2741> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
2022-12-16 07:18:16Z 32[NET] <lax_pki-1|2741> sending packet: from 202.53.10.133[4500] to 182.66.67.83[64916] (80 bytes)
2022-12-16 07:18:16Z 32[IKE] <lax_pki-1|2741> IKE_SA lax_pki-1[2741] state change: CONNECTING => DESTROYING
Can you please check with uploading CA certificate and try to create the tunnel b/w site-to-site.
Note: With the same certificates of local and remote certificate(peer2 certificate uploaded as a remote certificate), i could able to create the tunnel
I was seen this issue with all possible certificate generate methods. if ca certificate upload then tunnel is not getting creating. working only with direct uploading of local and remote certificates.
Please help me on this.
Thank you.
This thread was automatically locked due to age.
