Certificate authentication.

Iím having problems getting certificate authentication to work.

The ike.log is as following.


03-08-2004 09:41:07 PM Created thread for SendKeepAlivePacketProcess
03-08-2004 09:41:07 PM Loaded: 1 private key(s).

03-08-2004 09:41:07 PM Loaded: 2 certificate(s), 2 public key(s).

03-08-2004 09:41:07 PM Cert data len = 1274

03-08-2004 09:41:07 PM Cert data len = 1328

03-08-2004 09:41:07 PM No *.der files in current directory!

03-08-2004 09:41:07 PM Start IPSEC SA 003a5eb8 - Initiator****totSA=1

03-08-2004 09:41:07 PM src from IPsec

03-08-2004 09:41:07 PM 00000000 00000000
03-08-2004 09:41:07 PM dst from IPsec

03-08-2004 09:41:07 PM 00000000 c1d46319
03-08-2004 09:41:07 PM Start IKE-SA 003adb80 -
Initiator,src=192.168.95.1,dst=193.212.99.25,TotSA =1

03-08-2004 09:41:07 PM ***Send Main Mode message to 193.212.99.25

03-08-2004 09:41:07 PM I-COOKIE=b57e374a9390d5b6,R-
COOKIE=0000000000000000,MsgID=0,1stPL=SA-PAYLOAD,state=21101316

03-08-2004 09:41:12 PM Retransmit timer expired :Peer lost our reply
retransmit the old packet to 193.212.99.25
03-08-2004 09:41:12 PM ***Send Main Mode message to 193.212.99.25

03-08-2004 09:41:12 PM I-COOKIE=b57e374a9390d5b6,R-
COOKIE=0000000000000000,MsgID=0,1stPL=SA-PAYLOAD,state=16907028

03-08-2004 09:41:12 PM ***Receive Main Mode message from 193.212.99.25

03-08-2004 09:41:12 PM I-COOKIE=b57e374a9390d5b6,R-
COOKIE=95f7ca1289a54611,MsgID=0,1stPL=SA-PAYLOAD,state=20052692

03-08-2004 09:41:12 PM IKE SA NEGOTIATION: Peer lifetime = 28800 My
lifetime=28800

03-08-2004 09:41:12 PM ****DH private exponent size is 1016****
03-08-2004 09:41:12 PM Recieved Supported Vendor id draft-ietf-ipsec-nat-
t-ike-03 from 193.212.99.25
03-08-2004 09:41:12 PM ***Send Main Mode message to 193.212.99.25

03-08-2004 09:41:12 PM I-COOKIE=b57e374a9390d5b6,R-
COOKIE=95f7ca1289a54611,MsgID=0,1stPL=KEY-PAYLOAD,state=20052592

03-08-2004 09:41:12 PM ***Receive Main Mode message from 193.212.99.25

03-08-2004 09:41:12 PM I-COOKIE=b57e374a9390d5b6,R-
COOKIE=95f7ca1289a54611,MsgID=0,1stPL=KEY-PAYLOAD,state=20052692

03-08-2004 09:41:12 PM There is NAT in between server and client

03-08-2004 09:41:12 PM *Sending MM id payload Type 3 - subject
name :9 subject alternative name :2,3
03-08-2004 09:41:12 PM *protocol 0 portnum 0 length 58

03-08-2004 09:41:12 PM Sending INITIAL_CONTACT notify to 193.212.99.25
03-08-2004 09:41:12 PM ***Send Main Mode message to 193.212.99.25

03-08-2004 09:41:12 PM I-COOKIE=b57e374a9390d5b6,R-
COOKIE=95f7ca1289a54611,MsgID=0,1stPL=ID-PAYLOAD,state=20052620

03-08-2004 09:41:17 PM Retransmit timer expired :Peer lost our reply
retransmit the old packet to 193.212.99.25
03-08-2004 09:41:25 PM Exiting thread for SendKeepAlivePacketProcess