Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 8 replies
  • Subscribers 1 subscriber
  • Views 8945 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

PKI-Error only in IPSEC-VPN (RAS)

jkontny
Hello again ;-))
Nearly everything is working on my UTM120:
The certbased-secured Site-Site-IPSec-Connection to the main-router (a UTM220), the Cisco-VPN-Connection with an iOS-device and the IPSec-VPN-Connection with a PSK.
So far so good.

Only when I try to establish an certbased-IPSEC-VPN-Connection I get an PKI-Error on the IPSEC-Client.
But I don't know why?
I've appended the log from the dial-in-attempt.

Do you have any hints for me?

Thanks in advance… Jochen


This thread was automatically locked due to age.
IPSec-Log.zip
Parents
  • 0
    I suspected that you had renamed the UTM and that the newer user might work, but, yes, the CA was where I was going.  This should have come through in the PKCS#12 file with your user cert.  If you loaded the user cert via a PEM file, then you do need to load the Signing CA via PEM file, too.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    I suspected that you had renamed the UTM and that the newer user might work, but, yes, the CA was where I was going.  This should have come through in the PKCS#12 file with your user cert.  If you loaded the user cert via a PEM file, then you do need to load the Signing CA via PEM file, too.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?