Hi,
I am having a strange problem with IKEv2 s2s VPN. Randomly remote devices are unable to connect. When this occurs I can see “Identity not found for peer: ADDR4:a.b.c.d” message in logs.
As for the setup, central router is CCR2116 running RouterOS 7.14.3. Remote devices are SXT running 6.49.13 (long-term) with standarized configuration. On central router all peers are configured with FQDN (dynamic DNS) and are using the same set of profile and proposal combination.
When the issue occurs I can see in the DNS cache of the central router, that the FQDN of the remote router ( experiencing connectivity problems) has been correctly resolved and matches the entry in dynamic DNS and the IP on the remote device.
The two workarounds I have found is to either set the IP address instead of FQDN in peer configuration or change remote ID type to address and
enter Remote ID Address in the identity configuration for this particular peer.
One interesting thing is that if I revert the configuration changes (put FQDN back in the peer configuration) after the IPSec connection is re-established it will keep on working.
I wonder if anyone had similar problem and if was able to find any solution ?