If I go into the config on both sides and change the mode from aggressive to main and change the local-identity of the dynamic side to its current IP the tunnels establish immediately and work flawlessly. I don't know if there's something else I'm missing or if it's just flakey, but neither "hostname" or "user-at-hostname" will work for me.
↧