I’m trying to create a IPsec IKEv2 vpn to AWS using certificates. I managed to get everything setup but I get an authentication failed message in the logs.

I’ve tried all variations of remote id but I get either authentication failed or peer’s Id does not match certificate.

I also tried match by remote id and certificate.

Logs show ID_R (DER DN): followed by the id

I can get it working with pfsense using ASN1. Distinguished Name as my remote identifier type.