Hi,
As the identity match is pretty open, the config should work just fine. You just need to make sure UDP-4500 (NAT-T) connectivity is complete between the peers.
Regards,
Santhosh
Hi,
What is the RSA Key length used by the client for this transaction?
If you are okay with sharing the config/debug logs, please share following:
---------
sh run | sec crypto
sh cry pki server
sh cry pki cert
---------
and following debug logs f...
Hi,Although I am not familiar with operational specifics of the Juniper PKI Client, will give it a try based on generic PKI knowledge :-)Based on the logs shared (of PKI/CA server), it looks like CA server failed to read the Signed data of Cert reque...
Hi Nihal,
Thanks for sharing your observations and you are spot on!
VPN migration and ability to apply NGFW (File/IPS Policy) on rule/s is in road-map and will be implemented as and when APIs are made available (VPN).
Thanks,
Santhosh