IPSec Local Certificate Key, include certs or not?

makangribe · March 24, 2020, 9:56pm

I have a Mikrotik router with an IKEV2 VPN set up. I exported the CA and client certs as PEM and imported them to an RV50. I exported the client cert as P12 so that it would include the key and, since the guide for the RV50 says that you need to have the key in PEM, I used OpenSSl to extract the key for the client. It included the cert for the CA and client as well as the client key. Is that correct?

I am having an issue connecting to the VPN. The router shows the connection start but the peer does not have a name and it does not assign it an IP so I am wondering if I did something wrong with the local cert and key.

jerdung · March 25, 2020, 10:33am

Hi makangribe,
Yes, you should add cert/key in PEM file.
The peer does not have a name, because there is a mismatch between server and device’s configuration.
Make sure that you add correct cert/key to device.
Besides that, other parameters ( such as ike version, dpd information, mobike, left/right subnet, authentication…) must be correct. Please refer document “41113547_ALEOS 4.13.0 Software Configuration User Guide for AirLink RV50_r1”

Thanks,

Topic		Replies	Views
IPSec IKEv2 VPN won't connect AirLink Routers	2	1787	October 22, 2019
Is it possible to upload OpenVPN CA/Cert/Key with ALMS? AirLink routers	5	1917	May 7, 2024
Connecting RV50 to a Cisco RV042 VPN AirLink routers	4	2325	April 25, 2018
RV50 not connecting OpenVPN AirLink routers	14	7059	April 21, 2021
RV55 Firmware Error: Certificate Verification Failed-Unable to get Local issuer ceritifcate AirLink Routers fw-upgrade	1	793	December 12, 2023

IPSec Local Certificate Key, include certs or not?

Related topics