From: Anthony Bonilla (anthonybonilla.ccie@gmail.com)
Date: Fri Feb 23 2007 - 18:00:01 ART
All,
I am currently testing IPSec to work with a CA server. I have configured
two routers (connected via a LAN connection) and have retrieved certificates
on both routers successfully but when I try to bring up the tunnel by
pinging one router from the other, I get the following message:
%CRYPTO-5-IKMP_INVAL_CERT: Certificate received from x.x.x.x is bad: CA
request failed
Can someone pls let me know what could be a common cause - if I remove
crypto map from the interfaces, things start to work. BTW, I have
configured a tunnel interface using the physical LAN connection between the
routers and have crypto map applied to both tunnel and lan interfaces.
TIA
Tony.
This archive was generated by hypermail 2.1.4 : Thu Mar 01 2007 - 07:38:48 ART