I have 2 identical Mikrotik routers at 2 different locations. They both have public IP and that's pretty great since once I get something to work on any router, I can "duplicate" config on another router. On one of the routers I managed to get IKE2 VPN working, setup Windows 10 VPN profile and everything works great.
Now I decided to setup IKE2 VPN server on second router. I've done the exact same steps and tested using Linux laptop - everything works great. However, Windows 10 does not connect because it attempts to use first router's client certificate instead of the second router's... Question - how do I specify (or help Windows 10 decide) which certificate Windows should use for certain profile?
Note that I am using digital-signature (aka certificates) authentication method.
In Mikrotik logs I get this:
Code: Select all
identity not found for peer: DER DN: My client