Hi all,

Cannot get the the vpn ikev2 to authicate using certificates.

Get the following debug 

(96):
IKEv2-PROTO-5: (96): SM Trace-> SA: I_SPI=0EB92F8B306D2B27 R_SPI=2EE5B0F380F21D2D (R) MsgID = 00000000 CurState: INIT_DONE Event: EV_DONE
IKEv2-PROTO-5: (96): Cisco DeleteReason Notify is enabled
IKEv2-PROTO-2: (96): Completed SA init exchange
IKEv2-PROTO-5: (96): SM Trace-> SA: I_SPI=0EB92F8B306D2B27 R_SPI=2EE5B0F380F21D2D (R) MsgID = 00000000 CurState: INIT_DONE Event: EV_CHK4_ROLE
IKEv2-PROTO-5: (96): SM Trace-> SA: I_SPI=0EB92F8B306D2B27 R_SPI=2EE5B0F380F21D2D (R) MsgID = 00000000 CurState: INIT_DONE Event: EV_START_TMR
IKEv2-PROTO-2: (96): Starting timer (30 sec) to wait for auth message
IKEv2-PROTO-5: (96): SM Trace-> SA: I_SPI=0EB92F8B306D2B27 R_SPI=2EE5B0F380F21D2D (R) MsgID = 00000000 CurState: R_WAIT_AUTH Event: EV_NO_EVENT

LONDC-VPNFW-01/prod# IKEv2-PROTO-5: (96): SM Trace-> SA: I_SPI=0EB92F8B306D2B27 R_SPI=2EE5B0F380F21D2D (R) MsgID = 00000000 CurState: R_WAIT_AUTH Event: EV_WAIT4_AUTH_TMO
IKEv2-PROTO-1: (96): Failed to receive the AUTH msg before the timer expired
IKEv2-PROTO-1: (96):
IKEv2-PROTO-5: (96): SM Trace-> SA: I_SPI=0EB92F8B306D2B27 R_SPI=2EE5B0F380F21D2D (R) MsgID = 00000000 CurState: AUTH_DONE Event: EV_FAIL
IKEv2-PROTO-2: (96): Auth exchange failed
IKEv2-PROTO-1: (96): Auth exchange failed
IKEv2-PROTO-1: (96): Auth exchange failed
IKEv2-PROTO-5: (96): SM Trace-> SA: I_SPI=0EB92F8B306D2B27 R_SPI=2EE5B0F380F21D2D (R) MsgID = 00000000 CurState: EXIT Event: EV_ABORT
IKEv2-PROTO-5: (96): SM Trace-> SA: I_SPI=0EB92F8B306D2B27 R_SPI=2EE5B0F380F21D2D (R) MsgID = 00000000 CurState: EXIT Event: EV_CHK_PENDING_ABORT
IKEv2-PROTO-5: (96): SM Trace-> SA: I_SPI=0EB92F8B306D2B27 R_SPI=2EE5B0F380F21D2D (R) MsgID = 00000000 CurState: EXIT Event: EV_UPDATE_CAC_STATS
IKEv2-PROTO-2: (96): Abort exchange
IKEv2-PROTO-2: (96): Deleting SA

The CA certificate is installed as well as the identity cert, (signed CSR by the CA )

Any further help folks would be great !

Cheers

Tony