spuluka wrote:I think you are mixing the two dynamic id patterns you need to use the same on both the local and remote and they should match. Or at least that is how I got these to work in the past.
Static SRX
change: local-identity inet 12.34.56.78;
to: local-identity user-at-hostname blah2@email.com
dynamci SRX
add: remote-identity blah2@email.com
So the static side doesn't have its static IP referenced anywhere as the local identity? That's interesting, but just tried your changes and still no luck. I'm about to give up on this, I'd love to have it working but need to deploy this SRX very soon, so I guess for now I'll have to go with the standard method and change the IP's manually everytime the DHCP side gets a new IP.