[Openswan Users] is it normal ?

david david2005.p at gmail.com
Tue Jun 14 19:16:53 CEST 2005

Is it normal that when i am trying to establish a VPN with a user, I
can only set in my ipsec.conf the id of the distant user certificate

like this: rightid="C=fr, ST=ile-de-france, L=paris, O=toto,

if I put: rightcert=user01desuri.crt -----------> it does not work!
if I put: rightcert=%cert---------------------------> it does not work!

the error message is:
108 "testvpnda" #1: STATE_MAIN_I3: sent MI3, expecting MR3
010 "testvpnda" #1: STATE_MAIN_I3: retransmission; will wait 20s for response
003 "testvpnda" #1: we require peer to have ID '', but
peer declares 'C=fr, ST=ile-de-france, L=paris, O=toto,

Is it normal that can only precise the ID?
Why ?

A little help, please !


More information about the Users mailing list