I have been setting up advpn as part of a deployment using ecdsa-signatures-256. Root CA and Local Certificate are successfully loaded onto the box.
Using the documentation: https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-auto-discovery-vpns.html
I was trying to use the following to bring up the tunnel, referencing the OU inside the local certs.
The answer which you are looking for is explained in this KB article - https://kb.juniper.net/InfoCenter/index?page=content&id=KB27302
Just to clarify, does general-ikeid will bypass IKE-ID validation with received ID Payload?
It will not bypass certificate authentication completely?
You are right. When general-ikeid is used it will only bypass the IKE-ID validation with received ID Payload and certificate authentication won't be bypassed.