1 of 1 people found this helpful
I have simmilar issue. I reported it in incident 3-1094427781, I also have problem to give static IP to VPN users reported on incident 3-1098376539 few weeks ago. I still do not have a reply when it will be fixed.
Concerning the identity I discovered it only works with star - * which matches everything. I will try with single character identity too.
What type of remote identity are you using? I believe 8.0.0 had a known issue with certain types of identities and character lengths. Certificate based VPN should still work. If this is the same issue it should be fixed in 8.0.1 which is due out very soon.
Could You say what are the identities problem in the blog or support to reply in the ticket number above? I really need to create more than one VPN with identities but I do not know what identities are working. I think we both talk to not certificate VPNs
For technical details I would contact support on your ticket number. I just spoke with support and I believe this is the same issue that will be fixed in 8.0.1. The issue was related to remote identities that were of type E-mail, IP Address of Domain Name and longer than a single character. I believe DN should still work, or identities that are only 1 character. 8.0.1 will be available in the near future, but work with support for details or if you need a patch.
hi dave and martin,
i haven´t tested with a certificate.
I tested only with identities like these:
cert add id name=RID-001 fqdn=1
cert add id name=RID-003 fqdn=3
cert add id name=RID-002 fqdn=2
cert add id name=RID-SV email@example.com
The email id is working too when the vpn client is sending only the first character as id ("t").
So i hope that dave is right and 8.0.1. will solve this problem.
Yes, the issue is that the remote identities are being trunacted in the IKE.conf file, so only the first character of the string gets parsed correctly. I have confirmed that this is fixed in v8.0.1.
I wasn't lying when I said v8.0.1 would be out in the near future. It was just released this afternoon.
I just confirmed with the 'check updates' in the Admin Console that 8.0.1 is now available for download from the updates server.This is a maintenance release for v8.0 and contains many bug fixes (including the VPN issue)
If you are using Control Center v5 to manage your v8 firewalls you will have to install Control Center v500p2.
Release notes for v8.0.1 can be found here:
Hope the 8.0.1 release addresses your VPN issues.
i tested 8.0.1 and the problem is solved.
thanks and regards
Thanks for posting your results. Glad to hear the issues are resolved with 8.0.1.