IPSec VPN with Peer ID Set to FQDN

IPSec VPN with Peer ID Set to FQDN

50757
Created On 09/26/18 13:50 PM - Last Modified 06/08/23 08:34 AM


Resolution


Palo Alto Networks firewalls will only accept an FQDN peer ID when the tunnel mode is set to aggressive. If the tunnel is configured for main mode with an FQDN peer ID setup, the following error message will be displayed:

IKE phase-1 negotiation failed. When pre-shared key is used, peer-ID must be type IP address. Received type FQDN.

owner: sraghunandan



Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClslCAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language