Hello,
Please start with configuring the "remote-id" exactly the same as DN used in certificate on remote peer.
You don't need to configure "local-id" yet.
If IKE is again giving You probs, then You can try to configure anything You want as local-id/remote-id pair and re-try.
HTH
Thx
Alex