IPSec VPN with Peer ID Set to FQDN

IPSec VPN with Peer ID Set to FQDN

Created On 09/26/18 13:50 PM - Last Modified 06/08/23 08:34 AM


Palo Alto Networks firewalls will only accept an FQDN peer ID when the tunnel mode is set to aggressive. If the tunnel is configured for main mode with an FQDN peer ID setup, the following error message will be displayed:

IKE phase-1 negotiation failed. When pre-shared key is used, peer-ID must be type IP address. Received type FQDN.

owner: sraghunandan

  • Print
  • Copy Link


Choose Language