Hi,
Thanks for the response. Does that mean that both peers will need to have obtained their certs from the same CA?
Or is it possible for an IKE peer to load root certs from all three CAs so that it can trust any cert signed by those vendors?
Thanks,
Alshan