I'm trying to add two new slaves to our BM38 S2S VPN, but they are not
connecting and on the IKE screen I notice two errors. One concerns "server
certificate not available" and the other "no usage certificate" for each of
the other slaves it is trying to contact.
These two were configured along with a third one today, the third one joined
the VPN and is working the other two are reporting the errors. They were all
set up the same way: the ServerCert on each slave was exported to a .der
file and a TRO for each was created in the TRC of the Master. The master's
ServerCert was exported to a .der file and a MASTERTRO was created in the
TRC of each slave.
There were already four slaves up and working with the master, now there are
five but I still have these two and another that need to be on the S2S VPN.
This is NW60SP5 with BM38SP2.
Any ideas and/suggestions would be appreciated. I have to completely tear
the problem slaves down to get them to where they will communicate with any
of the other servers especially the VPMaster which is also the time server.