This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

PKI-Error only in IPSEC-VPN (RAS)

Hello again ;-))
Nearly everything is working on my UTM120:
The certbased-secured Site-Site-IPSec-Connection to the main-router (a UTM220), the Cisco-VPN-Connection with an iOS-device and the IPSec-VPN-Connection with a PSK.
So far so good.

Only when I try to establish an certbased-IPSEC-VPN-Connection I get an PKI-Error on the IPSEC-Client.
But I don't know why?
I've appended the log from the dial-in-attempt.

Do you have any hints for me?

Thanks in advance… Jochen

This thread was automatically locked due to age.

IPSec-Log.zip

Parents

0 jkontny over 12 years ago

Yeah!! I've got it!
I had to download the "Astaro Verification CA1.pem" from the CA-Managment-Site of my UTM120.
Then I copied it to the CaCert-folder of the IPSec-Client of the windows-machines:
And now both are running.
Can this behavior be in relation with my StandardCA for IPSEC?
It is the one I created on the UTM220...

Is it a securitiy-issue to have the*.pem-File on a notebook?
Thanks.. Jochen
@Bob: Without your hint, that they use the same cert and this is not mentioned in the "used-by list" I would never have searched on the client side - Thank You!!!
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 jkontny over 12 years ago

Yeah!! I've got it!
I had to download the "Astaro Verification CA1.pem" from the CA-Managment-Site of my UTM120.
Then I copied it to the CaCert-folder of the IPSec-Client of the windows-machines:
And now both are running.
Can this behavior be in relation with my StandardCA for IPSEC?
It is the one I created on the UTM220...

Is it a securitiy-issue to have the*.pem-File on a notebook?
Thanks.. Jochen
@Bob: Without your hint, that they use the same cert and this is not mentioned in the "used-by list" I would never have searched on the client side - Thank You!!!
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data