VPN: Inability to connect with GVC using local certificate due to "invalid cert ID"
03/26/2020 7 12519
DESCRIPTION: VPN: Inability to connect with GVC using local certificate due to "invalid cert ID"
Make sure the peer ID information for the local certificate selected in VPN > Settings > GroupVPN matches the certificate imported into GVC:
Select VPN > Settings > GroupVPN > Edit.
Select IKE using 3rd Party Certificates from the IPSec Keying Mode menu.
Select a certificate from the Gateway Certificate menu.
Select a Peer ID type from the Peer ID Type menu.
Correct or enter the Peer ID filter information in the Peer ID Filter field.
Peer ID types and their information must be entered exactly as found in the data section of the local certificate imported into GVC or the client won't be able to establish a tunnel. Keep the following in mind when entering peer ID information:
If the "E-Mail ID and Domain Name" Peer ID Type is being entered, do not enter / into the domain name field.
If the "Distinguished Name" Peer ID Type is being entered, be sure elements such as "cn", "o" and "ou" are always lowercase.
All other values are case sensitive and must be entered exactly as originally specified in the certificate request.
Make sure the certificate imported into GVC matches one selected on the Gateway Certificates menu found at VPN > Settings > GroupVPN > Edit. These certificates must match and may not be swapped among different installed copies of GVC.