hello
I have 2 iked servers and 2 Road Warriors Laptops, all OBSD 7.4.
When should/must to create certificates?
I am not on my OBSD laptop, then i do not have access to logs/iked -dv;
but i sow that in both cases: server/roadwarrior iked ask for ca.
Server 1 config:
This server is connected to a Laptop server/roadwarrior.
ikev2 'agroena.org.pub' passive esp \
from 10.0.1.0/24 to 10.0.2.0/24 \
local 66.135.5.128 peer 24.80.177.18 \
srcid agroena.org
ikev2 'agroena.org.pub' passive esp \
from any to dynamic \
local 66.135.5.128 peer any \
srcid agroena.org \
config address 10.0.5.0/24 \
tag "ROADW"
Server 2 config:
This server is connected to a different Laptop server/roadwarrior.
ikev2 'hawk.host.planetofnix.com.pub' passive esp \
from 10.0.1.0/24 to 10.0.2.0/24 \
local 38.87.162.174 peer 24.80.177.18 \
srcid hawk.host.planetofnix.com
ikev2 'hawk.host.planetofnix.com.pub' passive esp \
from any to dynamic \
local 38.87.162.174 peer any \
srcid hawk.host.planetofnix.com \
config address 10.0.5.0/24 \
tag "ROADW"
Thanks so much for your attention.
