[Openswan Users] x509 auth unable to find suitable connection

Paul Wouters paul at xelerance.com
Wed Feb 16 11:18:17 EST 2011


On Wed, 16 Feb 2011, Mariusz Kruk wrote:

> I'm trying to set up a IPSEC/L2TP connection between Windows roadwarrior
> and
> Linux server. With PSK everything works perfectly. When I try to switch
> to
> certs, I can't connect. I'm just getting "no suitable connection found".

What does ipsec auto --listall say?

> Feb 16 11:48:38 epsilon pluto[31415]: "l2tp-cert"[1] 77.253.107.194 #1: no crl from issuer "O=avl, OU=Organizational CA" found (strict=no)
> Feb 16 11:48:38 epsilon pluto[31415]: | subject: 'O=avl, OU=Organizational CA'
> Feb 16 11:48:38 epsilon pluto[31415]: | issuer:  'O=avl, OU=Organizational CA'

There is no CN= in your CA certs?

Paul


More information about the Users mailing list