Yes Kind regards, Mike
On Thu, Jul 25, 2024 at 3:13 AM Crystal Kolipe <kolip...@exoticsilicon.com> wrote: > On Wed, Jul 24, 2024 at 06:20:26PM -0400, J Doe wrote: > > My hypothesis is that iked does not name an identity because this is > > certificate based authentication vs. MSCHAPv2 for EAP authentication > > which would provide an identity (ie: a username). > > > > Is that correct ? > > No. > > The identity that would be printed is the srcid of the peer. By default > this > would be it's hostname, and should be present in the SAN field of any > certificate used for iked. > > You can see that error message displayed both with and without a named ID > when > using certificate authentication, depending on the cause of the error. > > It will also display without an ID even if one if known, if the printing > code > in iked fails some internal consistency checks, (which is unlikely but > possible). > >
