API tools faq
paste
Advertisement
lifeboy

Untitled

lifeboy
Nov 28th, 2024
218
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 433.40 KB | None | 0 0
raw download clone embed print report
  1. Nov 28 22:23:00 fw-1A newsyslog[77194]: logfile turned over due to size>1000K
  2. Nov 28 22:23:00 fw-1A charon[61694]: 06[NET] <490> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
  3. Nov 28 22:23:00 fw-1A charon[61694]: 06[ENC] <490> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
  4. Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
  5. Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  6. Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  7. Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  8. Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  9. Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> found matching ike config: 197.214.xxx.yyy...0.0.0.0/0, ::/0 with prio 1052
  10. Nov 28 22:23:00 fw-1A charon[61694]: 06[IKE] <490> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
  11. Nov 28 22:23:00 fw-1A charon[61694]: 06[IKE] <490> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
  12. Nov 28 22:23:00 fw-1A charon[61694]: 06[IKE] <490> 165.165.172.58 is initiating an IKE_SA
  13. Nov 28 22:23:00 fw-1A charon[61694]: 06[IKE] <490> IKE_SA (unnamed)[490] state change: CREATED => CONNECTING
  14. Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> selecting proposal:
  15. Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490>   no acceptable ENCRYPTION_ALGORITHM found
  16. Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> selecting proposal:
  17. Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490>   no acceptable ENCRYPTION_ALGORITHM found
  18. Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> selecting proposal:
  19. Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490>   proposal matches
  20. Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
  21. Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  22. Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
  23. Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> received supported signature hash algorithms: sha256 sha384 sha512 identity
  24. Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> sending supported signature hash algorithms: sha256 sha384 sha512 identity
  25. Nov 28 22:23:00 fw-1A charon[61694]: 06[IKE] <490> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  26. Nov 28 22:23:00 fw-1A charon[61694]: 06[ENC] <490> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
  27. Nov 28 22:23:00 fw-1A charon[61694]: 06[NET] <490> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
  28. Nov 28 22:23:00 fw-1A charon[61694]: 06[NET] <490> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
  29. Nov 28 22:23:00 fw-1A charon[61694]: 06[ENC] <490> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
  30. Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
  31. Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> no matching peer config found
  32. Nov 28 22:23:00 fw-1A charon[61694]: 06[ENC] <490> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
  33. Nov 28 22:23:00 fw-1A charon[61694]: 06[NET] <490> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
  34. Nov 28 22:23:00 fw-1A charon[61694]: 06[IKE] <490> IKE_SA (unnamed)[490] state change: CONNECTING => DESTROYING
  35. Nov 28 22:23:07 fw-1A charon[61694]: 06[NET] <con5|81> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (160 bytes)
  36. Nov 28 22:23:07 fw-1A charon[61694]: 06[ENC] <con5|81> parsed INFORMATIONAL request 222 [ ]
  37. Nov 28 22:23:07 fw-1A charon[61694]: 06[ENC] <con5|81> generating INFORMATIONAL response 222 [ ]
  38. Nov 28 22:23:07 fw-1A charon[61694]: 06[NET] <con5|81> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  39. Nov 28 22:24:00 fw-1A charon[61694]: 07[NET] <491> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
  40. Nov 28 22:24:00 fw-1A charon[61694]: 07[ENC] <491> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
  41. Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
  42. Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  43. Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  44. Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  45. Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  46. Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> found matching ike config: 197.214.xxx.yyy...0.0.0.0/0, ::/0 with prio 1052
  47. Nov 28 22:24:00 fw-1A charon[61694]: 07[IKE] <491> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
  48. Nov 28 22:24:00 fw-1A charon[61694]: 07[IKE] <491> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
  49. Nov 28 22:24:00 fw-1A charon[61694]: 07[IKE] <491> 165.165.172.58 is initiating an IKE_SA
  50. Nov 28 22:24:00 fw-1A charon[61694]: 07[IKE] <491> IKE_SA (unnamed)[491] state change: CREATED => CONNECTING
  51. Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> selecting proposal:
  52. Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491>   no acceptable ENCRYPTION_ALGORITHM found
  53. Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> selecting proposal:
  54. Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491>   no acceptable ENCRYPTION_ALGORITHM found
  55. Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> selecting proposal:
  56. Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491>   proposal matches
  57. Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
  58. Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  59. Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
  60. Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> received supported signature hash algorithms: sha256 sha384 sha512 identity
  61. Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> sending supported signature hash algorithms: sha256 sha384 sha512 identity
  62. Nov 28 22:24:00 fw-1A charon[61694]: 07[IKE] <491> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  63. Nov 28 22:24:00 fw-1A charon[61694]: 07[ENC] <491> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
  64. Nov 28 22:24:00 fw-1A charon[61694]: 07[NET] <491> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
  65. Nov 28 22:24:00 fw-1A charon[61694]: 07[NET] <491> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
  66. Nov 28 22:24:00 fw-1A charon[61694]: 07[ENC] <491> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
  67. Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
  68. Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> no matching peer config found
  69. Nov 28 22:24:00 fw-1A charon[61694]: 07[ENC] <491> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
  70. Nov 28 22:24:00 fw-1A charon[61694]: 07[NET] <491> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
  71. Nov 28 22:24:00 fw-1A charon[61694]: 07[IKE] <491> IKE_SA (unnamed)[491] state change: CONNECTING => DESTROYING
  72. Nov 28 22:24:32 fw-1A charon[61694]: 06[CFG] vici client 286 connected
  73. Nov 28 22:24:32 fw-1A charon[61694]: 16[CFG] vici client 286 registered for: list-sa
  74. Nov 28 22:24:32 fw-1A charon[61694]: 06[CFG] vici client 286 requests: list-sas
  75. Nov 28 22:24:32 fw-1A charon[61694]: 11[CFG] vici client 286 disconnected
  76. Nov 28 22:24:37 fw-1A charon[61694]: 06[CFG] vici client 287 connected
  77. Nov 28 22:24:37 fw-1A charon[61694]: 11[CFG] vici client 287 registered for: list-sa
  78. Nov 28 22:24:37 fw-1A charon[61694]: 06[CFG] vici client 287 requests: list-sas
  79. Nov 28 22:24:37 fw-1A charon[61694]: 14[CFG] vici client 287 disconnected
  80. Nov 28 22:24:42 fw-1A charon[61694]: 13[CFG] vici client 288 connected
  81. Nov 28 22:24:42 fw-1A charon[61694]: 14[CFG] vici client 288 registered for: list-sa
  82. Nov 28 22:24:42 fw-1A charon[61694]: 14[CFG] vici client 288 requests: list-sas
  83. Nov 28 22:24:42 fw-1A charon[61694]: 05[CFG] vici client 288 disconnected
  84. Nov 28 22:24:48 fw-1A charon[61694]: 05[CFG] vici client 289 connected
  85. Nov 28 22:24:48 fw-1A charon[61694]: 15[CFG] vici client 289 registered for: list-sa
  86. Nov 28 22:24:48 fw-1A charon[61694]: 14[CFG] vici client 289 requests: list-sas
  87. Nov 28 22:24:48 fw-1A charon[61694]: 14[CFG] vici client 289 disconnected
  88. Nov 28 22:24:53 fw-1A charon[61694]: 15[CFG] vici client 290 connected
  89. Nov 28 22:24:53 fw-1A charon[61694]: 15[CFG] vici client 290 registered for: list-sa
  90. Nov 28 22:24:53 fw-1A charon[61694]: 15[CFG] vici client 290 requests: list-sas
  91. Nov 28 22:24:53 fw-1A charon[61694]: 06[CFG] vici client 290 disconnected
  92. Nov 28 22:24:58 fw-1A charon[61694]: 06[CFG] vici client 291 connected
  93. Nov 28 22:24:58 fw-1A charon[61694]: 15[CFG] vici client 291 registered for: list-sa
  94. Nov 28 22:24:58 fw-1A charon[61694]: 06[CFG] vici client 291 requests: list-sas
  95. Nov 28 22:24:58 fw-1A charon[61694]: 06[CFG] vici client 291 disconnected
  96. Nov 28 22:25:00 fw-1A charon[61694]: 06[NET] <492> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
  97. Nov 28 22:25:00 fw-1A charon[61694]: 06[ENC] <492> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
  98. Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
  99. Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  100. Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  101. Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  102. Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  103. Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> found matching ike config: 197.214.xxx.yyy...0.0.0.0/0, ::/0 with prio 1052
  104. Nov 28 22:25:00 fw-1A charon[61694]: 06[IKE] <492> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
  105. Nov 28 22:25:00 fw-1A charon[61694]: 06[IKE] <492> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
  106. Nov 28 22:25:00 fw-1A charon[61694]: 06[IKE] <492> 165.165.172.58 is initiating an IKE_SA
  107. Nov 28 22:25:00 fw-1A charon[61694]: 06[IKE] <492> IKE_SA (unnamed)[492] state change: CREATED => CONNECTING
  108. Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> selecting proposal:
  109. Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492>   no acceptable ENCRYPTION_ALGORITHM found
  110. Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> selecting proposal:
  111. Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492>   no acceptable ENCRYPTION_ALGORITHM found
  112. Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> selecting proposal:
  113. Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492>   proposal matches
  114. Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
  115. Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  116. Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
  117. Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> received supported signature hash algorithms: sha256 sha384 sha512 identity
  118. Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> sending supported signature hash algorithms: sha256 sha384 sha512 identity
  119. Nov 28 22:25:00 fw-1A charon[61694]: 06[IKE] <492> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  120. Nov 28 22:25:00 fw-1A charon[61694]: 06[ENC] <492> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
  121. Nov 28 22:25:00 fw-1A charon[61694]: 06[NET] <492> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
  122. Nov 28 22:25:00 fw-1A charon[61694]: 06[NET] <492> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
  123. Nov 28 22:25:00 fw-1A charon[61694]: 06[ENC] <492> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
  124. Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
  125. Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> no matching peer config found
  126. Nov 28 22:25:00 fw-1A charon[61694]: 06[ENC] <492> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
  127. Nov 28 22:25:00 fw-1A charon[61694]: 06[NET] <492> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
  128. Nov 28 22:25:00 fw-1A charon[61694]: 06[IKE] <492> IKE_SA (unnamed)[492] state change: CONNECTING => DESTROYING
  129. Nov 28 22:25:03 fw-1A charon[61694]: 10[CFG] vici client 292 connected
  130. Nov 28 22:25:03 fw-1A charon[61694]: 08[CFG] vici client 292 registered for: list-sa
  131. Nov 28 22:25:03 fw-1A charon[61694]: 06[CFG] vici client 292 requests: list-sas
  132. Nov 28 22:25:03 fw-1A charon[61694]: 10[CFG] vici client 292 disconnected
  133. Nov 28 22:25:07 fw-1A charon[61694]: 10[NET] <con5|81> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (144 bytes)
  134. Nov 28 22:25:07 fw-1A charon[61694]: 10[ENC] <con5|81> parsed INFORMATIONAL request 223 [ ]
  135. Nov 28 22:25:07 fw-1A charon[61694]: 10[ENC] <con5|81> generating INFORMATIONAL response 223 [ ]
  136. Nov 28 22:25:07 fw-1A charon[61694]: 10[NET] <con5|81> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  137. Nov 28 22:25:08 fw-1A charon[61694]: 10[CFG] vici client 293 connected
  138. Nov 28 22:25:08 fw-1A charon[61694]: 12[CFG] vici client 293 registered for: list-sa
  139. Nov 28 22:25:08 fw-1A charon[61694]: 12[CFG] vici client 293 requests: list-sas
  140. Nov 28 22:25:08 fw-1A charon[61694]: 10[CFG] vici client 293 disconnected
  141. Nov 28 22:25:13 fw-1A charon[61694]: 10[CFG] vici client 294 connected
  142. Nov 28 22:25:13 fw-1A charon[61694]: 10[CFG] vici client 294 registered for: list-sa
  143. Nov 28 22:25:13 fw-1A charon[61694]: 10[CFG] vici client 294 requests: list-sas
  144. Nov 28 22:25:13 fw-1A charon[61694]: 10[CFG] vici client 294 disconnected
  145. Nov 28 22:25:18 fw-1A charon[61694]: 09[CFG] vici client 295 connected
  146. Nov 28 22:25:18 fw-1A charon[61694]: 10[CFG] vici client 295 registered for: list-sa
  147. Nov 28 22:25:18 fw-1A charon[61694]: 09[CFG] vici client 295 requests: list-sas
  148. Nov 28 22:25:18 fw-1A charon[61694]: 07[CFG] vici client 295 disconnected
  149. Nov 28 22:25:23 fw-1A charon[61694]: 09[CFG] vici client 296 connected
  150. Nov 28 22:25:23 fw-1A charon[61694]: 09[CFG] vici client 296 registered for: list-sa
  151. Nov 28 22:25:23 fw-1A charon[61694]: 09[CFG] vici client 296 requests: list-sas
  152. Nov 28 22:25:23 fw-1A charon[61694]: 09[CFG] vici client 296 disconnected
  153. Nov 28 22:25:25 fw-1A charon[61694]: 16[NET] <con5|81> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (720 bytes)
  154. Nov 28 22:25:25 fw-1A charon[61694]: 16[ENC] <con5|81> parsed CREATE_CHILD_SA request 224 [ No KE N(REKEY_SA) SA TSi TSr ]
  155. Nov 28 22:25:25 fw-1A charon[61694]: 16[CFG] <con5|81> selecting proposal:
  156. Nov 28 22:25:25 fw-1A charon[61694]: 16[CFG] <con5|81>   proposal matches
  157. Nov 28 22:25:25 fw-1A charon[61694]: 16[CFG] <con5|81> received proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  158. Nov 28 22:25:25 fw-1A charon[61694]: 16[CFG] <con5|81> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  159. Nov 28 22:25:25 fw-1A charon[61694]: 16[CFG] <con5|81> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  160. Nov 28 22:25:25 fw-1A charon[61694]: 16[CFG] <con5|81> selecting traffic selectors for us:
  161. Nov 28 22:25:25 fw-1A charon[61694]: 16[CFG] <con5|81>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  162. Nov 28 22:25:25 fw-1A charon[61694]: 16[CFG] <con5|81> selecting traffic selectors for other:
  163. Nov 28 22:25:25 fw-1A charon[61694]: 16[CFG] <con5|81>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  164. Nov 28 22:25:25 fw-1A charon[61694]: 16[CHD] <con5|81> CHILD_SA con5{99} state change: CREATED => INSTALLING
  165. Nov 28 22:25:25 fw-1A charon[61694]: 16[CHD] <con5|81>   using AES_CBC for encryption
  166. Nov 28 22:25:25 fw-1A charon[61694]: 16[CHD] <con5|81>   using HMAC_SHA2_256_128 for integrity
  167. Nov 28 22:25:25 fw-1A charon[61694]: 16[CHD] <con5|81> adding inbound ESP SA
  168. Nov 28 22:25:25 fw-1A charon[61694]: 16[CHD] <con5|81>   SPI 0xcf165f83, src 196.250.128.24 dst 197.214.xxx.yyy
  169. Nov 28 22:25:25 fw-1A charon[61694]: 16[CHD] <con5|81> registering outbound ESP SA
  170. Nov 28 22:25:25 fw-1A charon[61694]: 16[CHD] <con5|81>   SPI 0x055aad36, src 197.214.xxx.yyy dst 196.250.128.24
  171. Nov 28 22:25:25 fw-1A charon[61694]: 16[IKE] <con5|81> inbound CHILD_SA con5{99} established with SPIs cf165f83_i 055aad36_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  172. Nov 28 22:25:25 fw-1A charon[61694]: 16[CHD] <con5|81> CHILD_SA con5{99} state change: INSTALLING => INSTALLED
  173. Nov 28 22:25:25 fw-1A charon[61694]: 16[CHD] <con5|81> CHILD_SA con5{98} state change: INSTALLED => REKEYING
  174. Nov 28 22:25:25 fw-1A charon[61694]: 16[CHD] <con5|81> CHILD_SA con5{98} state change: REKEYING => REKEYED
  175. Nov 28 22:25:25 fw-1A charon[61694]: 16[ENC] <con5|81> generating CREATE_CHILD_SA response 224 [ N(ESP_TFC_PAD_N) SA No KE TSi TSr ]
  176. Nov 28 22:25:25 fw-1A charon[61694]: 16[NET] <con5|81> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (480 bytes)
  177. Nov 28 22:25:28 fw-1A charon[61694]: 16[CFG] vici client 297 connected
  178. Nov 28 22:25:28 fw-1A charon[61694]: 11[CFG] vici client 297 registered for: list-sa
  179. Nov 28 22:25:28 fw-1A charon[61694]: 09[CFG] vici client 297 requests: list-sas
  180. Nov 28 22:25:28 fw-1A charon[61694]: 09[CFG] vici client 297 disconnected
  181. Nov 28 22:25:29 fw-1A charon[61694]: 09[NET] <con5|81> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (288 bytes)
  182. Nov 28 22:25:29 fw-1A charon[61694]: 09[ENC] <con5|81> parsed INFORMATIONAL request 225 [ D ]
  183. Nov 28 22:25:29 fw-1A charon[61694]: 09[IKE] <con5|81> received DELETE for ESP CHILD_SA with SPI 0d5125b2
  184. Nov 28 22:25:29 fw-1A charon[61694]: 09[IKE] <con5|81> closing CHILD_SA con5{98} with SPIs c11ef4fb_i (309199 bytes) 0d5125b2_o (449888 bytes) and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  185. Nov 28 22:25:29 fw-1A charon[61694]: 09[IKE] <con5|81> sending DELETE for ESP CHILD_SA with SPI c11ef4fb
  186. Nov 28 22:25:29 fw-1A charon[61694]: 09[CHD] <con5|81> CHILD_SA con5{98} state change: REKEYED => DELETING
  187. Nov 28 22:25:29 fw-1A charon[61694]: 09[IKE] <con5|81> CHILD_SA closed
  188. Nov 28 22:25:29 fw-1A charon[61694]: 09[CHD] <con5|81> CHILD_SA con5{98} state change: DELETING => DELETED
  189. Nov 28 22:25:29 fw-1A charon[61694]: 09[CHD] <con5|81> adding outbound ESP SA
  190. Nov 28 22:25:29 fw-1A charon[61694]: 09[CHD] <con5|81>   SPI 0x055aad36, src 197.214.xxx.yyy dst 196.250.128.24
  191. Nov 28 22:25:29 fw-1A charon[61694]: 09[IKE] <con5|81> outbound CHILD_SA con5{99} established with SPIs cf165f83_i 055aad36_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  192. Nov 28 22:25:29 fw-1A charon[61694]: 09[ENC] <con5|81> generating INFORMATIONAL response 225 [ D ]
  193. Nov 28 22:25:29 fw-1A charon[61694]: 09[NET] <con5|81> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  194. Nov 28 22:25:33 fw-1A charon[61694]: 16[CFG] vici client 298 connected
  195. Nov 28 22:25:33 fw-1A charon[61694]: 16[CFG] vici client 298 registered for: list-sa
  196. Nov 28 22:25:33 fw-1A charon[61694]: 16[CFG] vici client 298 requests: list-sas
  197. Nov 28 22:25:33 fw-1A charon[61694]: 05[CFG] vici client 298 disconnected
  198. Nov 28 22:25:34 fw-1A charon[61694]: 16[IKE] <con5|81> queueing CHILD_DELETE task
  199. Nov 28 22:25:34 fw-1A charon[61694]: 16[IKE] <con5|81> activating new tasks
  200. Nov 28 22:25:34 fw-1A charon[61694]: 16[IKE] <con5|81>   activating CHILD_DELETE task
  201. Nov 28 22:25:34 fw-1A charon[61694]: 16[CHD] <con5|81> CHILD_SA con5{98} state change: DELETED => DESTROYING
  202. Nov 28 22:25:34 fw-1A charon[61694]: 16[IKE] <con5|81> activating new tasks
  203. Nov 28 22:25:34 fw-1A charon[61694]: 16[IKE] <con5|81> nothing to initiate
  204. Nov 28 22:25:38 fw-1A charon[61694]: 05[CFG] vici client 299 connected
  205. Nov 28 22:25:38 fw-1A charon[61694]: 16[CFG] vici client 299 registered for: list-sa
  206. Nov 28 22:25:38 fw-1A charon[61694]: 05[CFG] vici client 299 requests: list-sas
  207. Nov 28 22:25:38 fw-1A charon[61694]: 16[CFG] vici client 299 disconnected
  208. Nov 28 22:25:43 fw-1A charon[61694]: 16[CFG] vici client 300 connected
  209. Nov 28 22:25:43 fw-1A charon[61694]: 16[CFG] vici client 300 registered for: list-sa
  210. Nov 28 22:25:43 fw-1A charon[61694]: 16[CFG] vici client 300 requests: list-sas
  211. Nov 28 22:25:43 fw-1A charon[61694]: 16[CFG] vici client 300 disconnected
  212. Nov 28 22:25:48 fw-1A charon[61694]: 14[CFG] vici client 301 connected
  213. Nov 28 22:25:48 fw-1A charon[61694]: 16[CFG] vici client 301 registered for: list-sa
  214. Nov 28 22:25:48 fw-1A charon[61694]: 14[CFG] vici client 301 requests: list-sas
  215. Nov 28 22:25:48 fw-1A charon[61694]: 14[CFG] vici client 301 disconnected
  216. Nov 28 22:25:53 fw-1A charon[61694]: 14[CFG] vici client 302 connected
  217. Nov 28 22:25:53 fw-1A charon[61694]: 16[CFG] vici client 302 registered for: list-sa
  218. Nov 28 22:25:53 fw-1A charon[61694]: 16[CFG] vici client 302 requests: list-sas
  219. Nov 28 22:25:53 fw-1A charon[61694]: 16[CFG] vici client 302 disconnected
  220. Nov 28 22:25:58 fw-1A charon[61694]: 16[CFG] vici client 303 connected
  221. Nov 28 22:25:58 fw-1A charon[61694]: 16[CFG] vici client 303 registered for: list-sa
  222. Nov 28 22:25:58 fw-1A charon[61694]: 16[CFG] vici client 303 requests: list-sas
  223. Nov 28 22:25:58 fw-1A charon[61694]: 08[CFG] vici client 303 disconnected
  224. Nov 28 22:26:01 fw-1A charon[61694]: 08[NET] <493> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
  225. Nov 28 22:26:01 fw-1A charon[61694]: 08[ENC] <493> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
  226. Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
  227. Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  228. Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  229. Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  230. Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  231. Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> found matching ike config: 197.214.xxx.yyy...0.0.0.0/0, ::/0 with prio 1052
  232. Nov 28 22:26:01 fw-1A charon[61694]: 08[IKE] <493> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
  233. Nov 28 22:26:01 fw-1A charon[61694]: 08[IKE] <493> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
  234. Nov 28 22:26:01 fw-1A charon[61694]: 08[IKE] <493> 165.165.172.58 is initiating an IKE_SA
  235. Nov 28 22:26:01 fw-1A charon[61694]: 08[IKE] <493> IKE_SA (unnamed)[493] state change: CREATED => CONNECTING
  236. Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> selecting proposal:
  237. Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493>   no acceptable ENCRYPTION_ALGORITHM found
  238. Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> selecting proposal:
  239. Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493>   no acceptable ENCRYPTION_ALGORITHM found
  240. Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> selecting proposal:
  241. Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493>   proposal matches
  242. Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
  243. Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  244. Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
  245. Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> received supported signature hash algorithms: sha256 sha384 sha512 identity
  246. Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> sending supported signature hash algorithms: sha256 sha384 sha512 identity
  247. Nov 28 22:26:01 fw-1A charon[61694]: 08[IKE] <493> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  248. Nov 28 22:26:01 fw-1A charon[61694]: 08[ENC] <493> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
  249. Nov 28 22:26:01 fw-1A charon[61694]: 08[NET] <493> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
  250. Nov 28 22:26:01 fw-1A charon[61694]: 08[NET] <493> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
  251. Nov 28 22:26:01 fw-1A charon[61694]: 08[ENC] <493> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
  252. Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
  253. Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> no matching peer config found
  254. Nov 28 22:26:01 fw-1A charon[61694]: 08[ENC] <493> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
  255. Nov 28 22:26:01 fw-1A charon[61694]: 08[NET] <493> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
  256. Nov 28 22:26:01 fw-1A charon[61694]: 08[IKE] <493> IKE_SA (unnamed)[493] state change: CONNECTING => DESTROYING
  257. Nov 28 22:26:04 fw-1A charon[61694]: 12[CFG] vici client 304 connected
  258. Nov 28 22:26:04 fw-1A charon[61694]: 16[CFG] vici client 304 registered for: list-sa
  259. Nov 28 22:26:04 fw-1A charon[61694]: 16[CFG] vici client 304 requests: list-sas
  260. Nov 28 22:26:04 fw-1A charon[61694]: 12[CFG] vici client 304 disconnected
  261. Nov 28 22:26:09 fw-1A charon[61694]: 16[CFG] vici client 305 connected
  262. Nov 28 22:26:09 fw-1A charon[61694]: 07[CFG] vici client 305 registered for: list-sa
  263. Nov 28 22:26:09 fw-1A charon[61694]: 07[CFG] vici client 305 requests: list-sas
  264. Nov 28 22:26:09 fw-1A charon[61694]: 16[CFG] vici client 305 disconnected
  265. Nov 28 22:26:14 fw-1A charon[61694]: 10[CFG] vici client 306 connected
  266. Nov 28 22:26:14 fw-1A charon[61694]: 11[CFG] vici client 306 registered for: list-sa
  267. Nov 28 22:26:14 fw-1A charon[61694]: 10[CFG] vici client 306 requests: list-sas
  268. Nov 28 22:26:14 fw-1A charon[61694]: 10[CFG] vici client 306 disconnected
  269. Nov 28 22:26:15 fw-1A charon[61694]: 10[CFG] vici client 307 connected
  270. Nov 28 22:26:15 fw-1A charon[61694]: 16[CFG] vici client 307 registered for: list-sa
  271. Nov 28 22:26:15 fw-1A charon[61694]: 16[CFG] vici client 307 requests: list-sas
  272. Nov 28 22:26:15 fw-1A charon[61694]: 16[CFG] vici client 307 disconnected
  273. Nov 28 22:26:19 fw-1A charon[61694]: 10[CFG] vici client 308 connected
  274. Nov 28 22:26:19 fw-1A charon[61694]: 13[CFG] vici client 308 registered for: list-sa
  275. Nov 28 22:26:19 fw-1A charon[61694]: 11[CFG] vici client 308 requests: list-sas
  276. Nov 28 22:26:19 fw-1A charon[61694]: 11[CFG] vici client 308 disconnected
  277. Nov 28 22:26:24 fw-1A charon[61694]: 11[CFG] vici client 309 connected
  278. Nov 28 22:26:24 fw-1A charon[61694]: 10[CFG] vici client 309 registered for: list-sa
  279. Nov 28 22:26:24 fw-1A charon[61694]: 11[CFG] vici client 309 requests: list-sas
  280. Nov 28 22:26:24 fw-1A charon[61694]: 11[CFG] vici client 309 disconnected
  281. Nov 28 22:26:29 fw-1A charon[61694]: 05[CFG] vici client 310 connected
  282. Nov 28 22:26:29 fw-1A charon[61694]: 11[CFG] vici client 310 registered for: list-sa
  283. Nov 28 22:26:29 fw-1A charon[61694]: 05[CFG] vici client 310 requests: list-sas
  284. Nov 28 22:26:29 fw-1A charon[61694]: 15[CFG] vici client 310 disconnected
  285. Nov 28 22:26:34 fw-1A charon[61694]: 15[CFG] vici client 311 connected
  286. Nov 28 22:26:34 fw-1A charon[61694]: 14[CFG] vici client 311 registered for: list-sa
  287. Nov 28 22:26:34 fw-1A charon[61694]: 15[CFG] vici client 311 requests: list-sas
  288. Nov 28 22:26:34 fw-1A charon[61694]: 14[CFG] vici client 311 disconnected
  289. Nov 28 22:26:39 fw-1A charon[61694]: 14[CFG] vici client 312 connected
  290. Nov 28 22:26:39 fw-1A charon[61694]: 06[CFG] vici client 312 registered for: list-sa
  291. Nov 28 22:26:39 fw-1A charon[61694]: 06[CFG] vici client 312 requests: list-sas
  292. Nov 28 22:26:39 fw-1A charon[61694]: 05[CFG] vici client 312 disconnected
  293. Nov 28 22:26:44 fw-1A charon[61694]: 05[CFG] vici client 313 connected
  294. Nov 28 22:26:44 fw-1A charon[61694]: 12[CFG] vici client 313 registered for: list-sa
  295. Nov 28 22:26:44 fw-1A charon[61694]: 08[CFG] vici client 313 requests: list-sas
  296. Nov 28 22:26:44 fw-1A charon[61694]: 08[CFG] vici client 313 disconnected
  297. Nov 28 22:27:01 fw-1A charon[61694]: 08[NET] <494> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
  298. Nov 28 22:27:01 fw-1A charon[61694]: 08[ENC] <494> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
  299. Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
  300. Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  301. Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  302. Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  303. Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  304. Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> found matching ike config: 197.214.xxx.yyy...0.0.0.0/0, ::/0 with prio 1052
  305. Nov 28 22:27:01 fw-1A charon[61694]: 08[IKE] <494> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
  306. Nov 28 22:27:01 fw-1A charon[61694]: 08[IKE] <494> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
  307. Nov 28 22:27:01 fw-1A charon[61694]: 08[IKE] <494> 165.165.172.58 is initiating an IKE_SA
  308. Nov 28 22:27:01 fw-1A charon[61694]: 08[IKE] <494> IKE_SA (unnamed)[494] state change: CREATED => CONNECTING
  309. Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> selecting proposal:
  310. Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494>   no acceptable ENCRYPTION_ALGORITHM found
  311. Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> selecting proposal:
  312. Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494>   no acceptable ENCRYPTION_ALGORITHM found
  313. Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> selecting proposal:
  314. Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494>   proposal matches
  315. Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
  316. Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  317. Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
  318. Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> received supported signature hash algorithms: sha256 sha384 sha512 identity
  319. Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> sending supported signature hash algorithms: sha256 sha384 sha512 identity
  320. Nov 28 22:27:01 fw-1A charon[61694]: 08[IKE] <494> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  321. Nov 28 22:27:01 fw-1A charon[61694]: 08[ENC] <494> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
  322. Nov 28 22:27:01 fw-1A charon[61694]: 08[NET] <494> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
  323. Nov 28 22:27:01 fw-1A charon[61694]: 08[NET] <494> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
  324. Nov 28 22:27:01 fw-1A charon[61694]: 08[ENC] <494> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
  325. Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
  326. Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> no matching peer config found
  327. Nov 28 22:27:01 fw-1A charon[61694]: 08[ENC] <494> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
  328. Nov 28 22:27:01 fw-1A charon[61694]: 08[NET] <494> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
  329. Nov 28 22:27:01 fw-1A charon[61694]: 08[IKE] <494> IKE_SA (unnamed)[494] state change: CONNECTING => DESTROYING
  330. Nov 28 22:27:29 fw-1A charon[61694]: 08[NET] <con5|81> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (160 bytes)
  331. Nov 28 22:27:29 fw-1A charon[61694]: 08[ENC] <con5|81> parsed INFORMATIONAL request 226 [ ]
  332. Nov 28 22:27:29 fw-1A charon[61694]: 08[ENC] <con5|81> generating INFORMATIONAL response 226 [ ]
  333. Nov 28 22:27:29 fw-1A charon[61694]: 08[NET] <con5|81> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  334. Nov 28 22:27:54 fw-1A charon[61694]: 07[CFG] vici client 314 connected
  335. Nov 28 22:27:54 fw-1A charon[61694]: 05[CFG] vici client 314 requests: reload-settings
  336. Nov 28 22:27:54 fw-1A charon[61694]: 05[CFG] ipseckey plugin is disabled
  337. Nov 28 22:27:54 fw-1A charon[61694]: 05[CFG] loaded attribute INTERNAL_IP4_SUBNET: c0:a8:98:00:ff:ff:ff:f8
  338. Nov 28 22:27:54 fw-1A charon[61694]: 05[CFG] loaded attribute UNITY_SPLIT_INCLUDE: c0:a8:98:00:ff:ff:ff:f8
  339. Nov 28 22:27:54 fw-1A charon[61694]: 05[CFG] loaded attribute UNITY_BANNER: 4f:6e:6c:79:20:61:75:74:68:6f:72:69:73:65:64:20:75:73:65:72:73:20:6d:61:79:20:65:6e:74:65:72:20:68:65:72:65:21
  340. Nov 28 22:27:54 fw-1A charon[61694]: 05[CFG] loaded attribute UNITY_PFS: 31:34
  341. Nov 28 22:27:54 fw-1A charon[61694]: 05[CFG] loaded 4 entries for attr plugin configuration
  342. Nov 28 22:27:54 fw-1A charon[61694]: 05[CFG] loaded 0 RADIUS server configurations
  343. Nov 28 22:27:54 fw-1A charon[61694]: 07[CFG] vici client 314 disconnected
  344. Nov 28 22:27:54 fw-1A charon[61694]: 05[CFG] vici client 315 connected
  345. Nov 28 22:27:54 fw-1A charon[61694]: 07[CFG] vici client 315 requests: get-keys
  346. Nov 28 22:27:54 fw-1A charon[61694]: 09[CFG] vici client 315 requests: get-shared
  347. Nov 28 22:27:54 fw-1A charon[61694]: 09[CFG] vici client 315 requests: load-cert
  348. Nov 28 22:27:54 fw-1A charon[61694]: 09[CFG] loaded certificate 'CN=fw.fast.za.net, C=ZA, ST=Western Cape, L=Cape Town, O=Abellard SS, OU=Hosting Services'
  349. Nov 28 22:27:54 fw-1A charon[61694]: 07[CFG] vici client 315 requests: load-cert
  350. Nov 28 22:27:54 fw-1A charon[61694]: 07[CFG] loaded certificate 'CN=Fastnet-CA-2, C=ZA, O=Abellard SS'
  351. Nov 28 22:27:54 fw-1A charon[61694]: 16[CFG] vici client 315 requests: load-key
  352. Nov 28 22:27:54 fw-1A charon[61694]: 16[CFG] loaded ANY private key
  353. Nov 28 22:27:54 fw-1A charon[61694]: 09[CFG] vici client 315 requests: load-shared
  354. Nov 28 22:27:54 fw-1A charon[61694]: 09[CFG] loaded IKE shared key with id 'ike-0' for: '%any', '192.168.0.2'
  355. Nov 28 22:27:54 fw-1A charon[61694]: 09[CFG] vici client 315 requests: load-shared
  356. Nov 28 22:27:54 fw-1A charon[61694]: 09[CFG] loaded IKE shared key with id 'ike-1' for: '%any', '41.164.68.170'
  357. Nov 28 22:27:54 fw-1A charon[61694]: 09[CFG] vici client 315 requests: load-shared
  358. Nov 28 22:27:54 fw-1A charon[61694]: 09[CFG] loaded IKE shared key with id 'ike-2' for: '%any', '%any'
  359. Nov 28 22:27:54 fw-1A charon[61694]: 13[CFG] vici client 315 requests: load-shared
  360. Nov 28 22:27:54 fw-1A charon[61694]: 13[CFG] loaded IKE shared key with id 'ike-4' for: '%any', '%any'
  361. Nov 28 22:27:54 fw-1A charon[61694]: 13[CFG] vici client 315 requests: load-shared
  362. Nov 28 22:27:54 fw-1A charon[61694]: 13[CFG] loaded EAP shared key with id 'eap-5' for: 'reliance.compost'
  363. Nov 28 22:27:54 fw-1A charon[61694]: 13[CFG] vici client 315 requests: load-shared
  364. Nov 28 22:27:54 fw-1A charon[61694]: 13[CFG] loaded EAP shared key with id 'eap-6' for: 'mac.pack'
  365. Nov 28 22:27:54 fw-1A charon[61694]: 10[CFG] vici client 315 requests: load-shared
  366. Nov 28 22:27:54 fw-1A charon[61694]: 10[CFG] loaded EAP shared key with id 'eap-7' for: 'greenway.farms'
  367. Nov 28 22:27:54 fw-1A charon[61694]: 10[CFG] vici client 315 requests: unload-shared
  368. Nov 28 22:27:54 fw-1A charon[61694]: 10[CFG] unloaded shared key with id 'eap-4'
  369. Nov 28 22:27:54 fw-1A charon[61694]: 13[CFG] vici client 315 requests: get-authorities
  370. Nov 28 22:27:54 fw-1A charon[61694]: 10[CFG] vici client 315 requests: get-pools
  371. Nov 28 22:27:54 fw-1A charon[61694]: 10[CFG] vici client 315 requests: load-pool
  372. Nov 28 22:27:54 fw-1A charon[61694]: 10[CFG] updated vici pool mobile-pool-v4: 10.10.10.0, 254 entries
  373. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] vici client 315 requests: load-pool
  374. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] updated vici pool mobile-userpool-1: 10.10.15.0, 254 entries
  375. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] vici client 315 requests: load-pool
  376. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] updated vici pool mobile-userpool-2: 10.10.10.0, 254 entries
  377. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG] vici client 315 requests: load-pool
  378. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG] updated vici pool mobile-userpool-3: 10.10.16.0, 254 entries
  379. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG] vici client 315 requests: get-conns
  380. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG] vici client 315 requests: load-conn
  381. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]  conn bypass:
  382. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   child bypasslan:
  383. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    rekey_time = 3600
  384. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    life_time = 3960
  385. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    rand_time = 360
  386. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    rekey_bytes = 0
  387. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    life_bytes = 0
  388. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    rand_bytes = 0
  389. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    rekey_packets = 0
  390. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    life_packets = 0
  391. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    rand_packets = 0
  392. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    updown = (null)
  393. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    hostaccess = 0
  394. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    ipcomp = 0
  395. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    mode = PASS
  396. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    policies = 1
  397. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    policies_fwd_out = 0
  398. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    dpd_action = none
  399. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    start_action = trap
  400. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    close_action = none
  401. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    reqid = 0
  402. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    tfc = 0
  403. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    priority = 0
  404. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    interface = (null)
  405. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    if_id_in = 0
  406. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    if_id_out = 0
  407. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    mark_in = 0/0
  408. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    mark_in_sa = 0
  409. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    mark_out = 0/0
  410. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    set_mark_in = 0/0
  411. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    set_mark_out = 0/0
  412. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    label = (null)
  413. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    label_mode = system
  414. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    inactivity = 0
  415. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    proposals = ESP:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/NO_EXT_SEQ, ESP:AES_CBC_128/AES_CBC_192/AES_CBC_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/HMAC_SHA1_96/AES_XCBC_96/NO_EXT_SEQ
  416. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    local_ts = 192.168.131.0/24|/0
  417. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    remote_ts = 192.168.131.0/24|/0
  418. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    hw_offload = no
  419. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    sha256_96 = 0
  420. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    copy_df = 1
  421. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    copy_ecn = 1
  422. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    copy_dscp = out
  423. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   version = 0
  424. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   local_addrs = %any
  425. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   remote_addrs = 127.0.0.1
  426. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   local_port = 500
  427. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   remote_port = 500
  428. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   send_certreq = 1
  429. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   send_cert = CERT_SEND_IF_ASKED
  430. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   ppk_id = (null)
  431. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   ppk_required = 0
  432. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   mobike = 1
  433. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   aggressive = 0
  434. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   dscp = 0x00
  435. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   encap = 0
  436. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   dpd_delay = 0
  437. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   dpd_timeout = 0
  438. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   fragmentation = 2
  439. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   childless = 0
  440. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   unique = UNIQUE_NO
  441. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   keyingtries = 1
  442. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   reauth_time = 0
  443. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   rekey_time = 14400
  444. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   over_time = 1440
  445. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   rand_time = 1440
  446. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   proposals = IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/3DES_CBC/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/HMAC_SHA1_96/AES_XCBC_96/AES_CMAC_96/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192/MODP_2048, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192/MODP_2048
  447. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   if_id_in = 0
  448. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   if_id_out = 0
  449. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   local:
  450. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   remote:
  451. Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG] updated vici connection: bypass
  452. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] vici client 315 requests: load-conn
  453. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]  conn con3:
  454. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   child con3:
  455. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_time = 38876
  456. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_time = 43196
  457. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_time = 4320
  458. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_bytes = 0
  459. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_bytes = 0
  460. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_bytes = 0
  461. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_packets = 0
  462. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_packets = 0
  463. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_packets = 0
  464. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    updown = (null)
  465. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    hostaccess = 0
  466. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    ipcomp = 0
  467. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mode = TUNNEL
  468. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    policies = 1
  469. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    policies_fwd_out = 0
  470. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    dpd_action = trap
  471. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    start_action = trap
  472. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    close_action = none
  473. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    reqid = 0
  474. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    tfc = 0
  475. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    priority = 0
  476. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    interface = (null)
  477. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    if_id_in = 0
  478. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    if_id_out = 0
  479. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_in = 0/0
  480. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_in_sa = 0
  481. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_out = 0/0
  482. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    set_mark_in = 0/0
  483. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    set_mark_out = 0/0
  484. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    label = (null)
  485. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    label_mode = system
  486. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    inactivity = 0
  487. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_16_128/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_128/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_128/MODP_2048/NO_EXT_SEQ
  488. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    local_ts = 192.168.131.191/32|/0 192.168.131.177/32|/0 192.168.131.174/32|/0
  489. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    remote_ts = 172.16.3.0/24|/0 172.16.3.0/24|/0 172.16.3.0/24|/0
  490. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    hw_offload = no
  491. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    sha256_96 = 0
  492. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_df = 1
  493. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_ecn = 1
  494. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_dscp = out
  495. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   version = 2
  496. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local_addrs = 197.214.xxx.yyy
  497. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote_addrs = 105.27.113.66
  498. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local_port = 500
  499. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote_port = 500
  500. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   send_certreq = 1
  501. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   send_cert = CERT_SEND_IF_ASKED
  502. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   ppk_id = (null)
  503. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   ppk_required = 0
  504. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   mobike = 0
  505. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   aggressive = 0
  506. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dscp = 0x00
  507. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   encap = 0
  508. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dpd_delay = 10
  509. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dpd_timeout = 0
  510. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   fragmentation = 2
  511. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   childless = 0
  512. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   unique = UNIQUE_REPLACE
  513. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   keyingtries = 1
  514. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   reauth_time = 0
  515. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   rekey_time = 77760
  516. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   over_time = 8640
  517. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   rand_time = 8640
  518. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   proposals = IKE:AES_GCM_16_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
  519. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   if_id_in = 0
  520. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   if_id_out = 0
  521. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local:
  522. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    class = pre-shared key
  523. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    id = 197.214.xxx.yyy
  524. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote:
  525. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    class = pre-shared key
  526. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    id = 192.168.0.2
  527. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] updated vici connection: con3
  528. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] vici client 315 requests: load-conn
  529. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]  conn con4:
  530. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   child con4:
  531. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_time = 38876
  532. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_time = 43196
  533. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_time = 4320
  534. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_bytes = 0
  535. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_bytes = 0
  536. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_bytes = 0
  537. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_packets = 0
  538. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_packets = 0
  539. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_packets = 0
  540. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    updown = (null)
  541. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    hostaccess = 0
  542. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    ipcomp = 0
  543. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mode = TUNNEL
  544. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    policies = 1
  545. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    policies_fwd_out = 0
  546. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    dpd_action = trap
  547. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    start_action = trap
  548. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    close_action = none
  549. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    reqid = 0
  550. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    tfc = 0
  551. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    priority = 0
  552. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    interface = (null)
  553. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    if_id_in = 0
  554. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    if_id_out = 0
  555. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_in = 0/0
  556. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_in_sa = 0
  557. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_out = 0/0
  558. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    set_mark_in = 0/0
  559. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    set_mark_out = 0/0
  560. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    label = (null)
  561. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    label_mode = system
  562. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    inactivity = 0
  563. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_16_128/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_128/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_128/MODP_2048/NO_EXT_SEQ
  564. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    local_ts = 192.168.131.191/32|/0 192.168.131.177/32|/0 192.168.131.174/32|/0
  565. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    remote_ts = 172.16.3.0/24|/0 172.16.3.0/24|/0 172.16.3.0/24|/0
  566. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    hw_offload = no
  567. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    sha256_96 = 0
  568. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_df = 1
  569. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_ecn = 1
  570. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_dscp = out
  571. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   version = 2
  572. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local_addrs = 197.214.xxx.yyy
  573. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote_addrs = 41.164.68.170
  574. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local_port = 500
  575. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote_port = 500
  576. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   send_certreq = 1
  577. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   send_cert = CERT_SEND_IF_ASKED
  578. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   ppk_id = (null)
  579. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   ppk_required = 0
  580. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   mobike = 0
  581. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   aggressive = 0
  582. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dscp = 0x00
  583. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   encap = 0
  584. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dpd_delay = 10
  585. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dpd_timeout = 0
  586. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   fragmentation = 2
  587. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   childless = 0
  588. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   unique = UNIQUE_REPLACE
  589. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   keyingtries = 1
  590. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   reauth_time = 0
  591. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   rekey_time = 77760
  592. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   over_time = 8640
  593. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   rand_time = 8640
  594. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   proposals = IKE:AES_GCM_16_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
  595. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   if_id_in = 0
  596. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   if_id_out = 0
  597. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local:
  598. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    class = pre-shared key
  599. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    id = 197.214.xxx.yyy
  600. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote:
  601. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    class = pre-shared key
  602. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    id = 41.164.68.170
  603. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] updated vici connection: con4
  604. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] vici client 315 requests: load-conn
  605. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]  conn con5:
  606. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   child con5:
  607. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_time = 3240
  608. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_time = 3600
  609. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_time = 360
  610. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_bytes = 0
  611. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_bytes = 0
  612. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_bytes = 0
  613. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_packets = 0
  614. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_packets = 0
  615. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_packets = 0
  616. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    updown = (null)
  617. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    hostaccess = 0
  618. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    ipcomp = 0
  619. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mode = TUNNEL
  620. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    policies = 1
  621. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    policies_fwd_out = 0
  622. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    dpd_action = trap
  623. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    start_action = trap
  624. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    close_action = none
  625. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    reqid = 0
  626. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    tfc = 0
  627. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    priority = 0
  628. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    interface = (null)
  629. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    if_id_in = 0
  630. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    if_id_out = 0
  631. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_in = 0/0
  632. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_in_sa = 0
  633. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_out = 0/0
  634. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    set_mark_in = 0/0
  635. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    set_mark_out = 0/0
  636. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    label = (null)
  637. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    label_mode = system
  638. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    inactivity = 0
  639. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    proposals = ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  640. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    local_ts = 192.168.152.0/29|/0
  641. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    remote_ts = 192.168.0.0/24|/0
  642. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    hw_offload = no
  643. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    sha256_96 = 0
  644. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_df = 1
  645. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_ecn = 1
  646. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_dscp = out
  647. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   version = 2
  648. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local_addrs = 197.214.xxx.yyy
  649. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote_addrs = 196.250.128.24
  650. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local_port = 500
  651. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote_port = 500
  652. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   send_certreq = 1
  653. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   send_cert = CERT_SEND_IF_ASKED
  654. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   ppk_id = (null)
  655. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   ppk_required = 0
  656. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   mobike = 0
  657. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   aggressive = 0
  658. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dscp = 0x00
  659. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   encap = 0
  660. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dpd_delay = 10
  661. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dpd_timeout = 0
  662. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   fragmentation = 2
  663. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   childless = 0
  664. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   unique = UNIQUE_REPLACE
  665. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   keyingtries = 1
  666. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   reauth_time = 0
  667. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   rekey_time = 25920
  668. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   over_time = 2880
  669. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   rand_time = 2880
  670. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   proposals = IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  671. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   if_id_in = 0
  672. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   if_id_out = 0
  673. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local:
  674. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    class = pre-shared key
  675. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    id = 197.214.xxx.yyy
  676. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote:
  677. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    class = pre-shared key
  678. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    id = %any
  679. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] updated vici connection: con5
  680. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG] vici client 315 requests: load-conn
  681. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]  conn con-mobile:
  682. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   child con-mobile:
  683. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    rekey_time = 3240
  684. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    life_time = 3600
  685. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    rand_time = 360
  686. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    rekey_bytes = 0
  687. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    life_bytes = 0
  688. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    rand_bytes = 0
  689. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    rekey_packets = 0
  690. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    life_packets = 0
  691. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    rand_packets = 0
  692. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    updown = (null)
  693. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    hostaccess = 0
  694. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    ipcomp = 0
  695. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    mode = TUNNEL
  696. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    policies = 1
  697. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    policies_fwd_out = 0
  698. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    dpd_action = none
  699. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    start_action = none
  700. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    close_action = none
  701. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    reqid = 0
  702. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    tfc = 0
  703. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    priority = 0
  704. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    interface = (null)
  705. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    if_id_in = 0
  706. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    if_id_out = 0
  707. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    mark_in = 0/0
  708. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    mark_in_sa = 0
  709. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    mark_out = 0/0
  710. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    set_mark_in = 0/0
  711. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    set_mark_out = 0/0
  712. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    label = (null)
  713. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    label_mode = system
  714. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    inactivity = 0
  715. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_192/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  716. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    local_ts = 192.168.152.0/29|/0
  717. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    remote_ts = dynamic
  718. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    hw_offload = no
  719. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    sha256_96 = 0
  720. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    copy_df = 1
  721. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    copy_ecn = 1
  722. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    copy_dscp = out
  723. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   version = 2
  724. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   local_addrs = 197.214.xxx.yyy
  725. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   remote_addrs = 0.0.0.0/0, ::/0
  726. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   local_port = 500
  727. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   remote_port = 500
  728. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   send_certreq = 1
  729. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   send_cert = CERT_ALWAYS_SEND
  730. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   ppk_id = (null)
  731. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   ppk_required = 0
  732. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   mobike = 1
  733. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   aggressive = 0
  734. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   dscp = 0x00
  735. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   encap = 0
  736. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   dpd_delay = 10
  737. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   dpd_timeout = 0
  738. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   fragmentation = 2
  739. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   childless = 0
  740. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   unique = UNIQUE_REPLACE
  741. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   keyingtries = 1
  742. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   reauth_time = 0
  743. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   rekey_time = 25920
  744. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   over_time = 2880
  745. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   rand_time = 2880
  746. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   proposals = IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  747. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   if_id_in = 0
  748. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   if_id_out = 0
  749. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   local:
  750. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    class = public key
  751. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    id = fw.fast.za.net
  752. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    cert = CN=fw.fast.za.net, C=ZA, ST=Western Cape, L=Cape Town, O=Abellard SS, OU=Hosting Services
  753. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   remote:
  754. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    eap-type = EAP_MSCHAPV2
  755. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    class = EAP
  756. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    eap_id = %any
  757. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    id = %any
  758. Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG] updated vici connection: con-mobile
  759. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG] vici client 315 requests: load-conn
  760. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]  conn con10:
  761. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   version = 2
  762. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   local_addrs = 197.214.xxx.yyy
  763. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   remote_addrs = 165.165.172.58
  764. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   local_port = 500
  765. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   remote_port = 500
  766. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   send_certreq = 1
  767. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   send_cert = CERT_SEND_IF_ASKED
  768. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   ppk_id = (null)
  769. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   ppk_required = 0
  770. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   mobike = 0
  771. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   aggressive = 0
  772. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   dscp = 0x00
  773. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   encap = 0
  774. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   dpd_delay = 10
  775. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   dpd_timeout = 0
  776. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   fragmentation = 2
  777. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   childless = 0
  778. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   unique = UNIQUE_REPLACE
  779. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   keyingtries = 1
  780. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   reauth_time = 0
  781. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   rekey_time = 25920
  782. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   over_time = 2880
  783. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   rand_time = 2880
  784. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   proposals = IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  785. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   if_id_in = 0
  786. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   if_id_out = 0
  787. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   local:
  788. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    class = pre-shared key
  789. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    id = 197.214.xxx.yyy
  790. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   remote:
  791. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    class = pre-shared key
  792. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    id = %any
  793. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG] added vici connection: con10
  794. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] vici client 315 requests: load-conn
  795. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]  conn con-mobile-userpool-1:
  796. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   child con-mobile:
  797. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_time = 3240
  798. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_time = 3600
  799. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_time = 360
  800. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_bytes = 0
  801. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_bytes = 0
  802. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_bytes = 0
  803. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_packets = 0
  804. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_packets = 0
  805. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_packets = 0
  806. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    updown = (null)
  807. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    hostaccess = 0
  808. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    ipcomp = 0
  809. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mode = TUNNEL
  810. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    policies = 1
  811. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    policies_fwd_out = 0
  812. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    dpd_action = none
  813. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    start_action = none
  814. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    close_action = none
  815. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    reqid = 0
  816. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    tfc = 0
  817. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    priority = 0
  818. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    interface = (null)
  819. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    if_id_in = 0
  820. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    if_id_out = 0
  821. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_in = 0/0
  822. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_in_sa = 0
  823. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_out = 0/0
  824. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    set_mark_in = 0/0
  825. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    set_mark_out = 0/0
  826. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    label = (null)
  827. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    label_mode = system
  828. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    inactivity = 0
  829. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_192/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  830. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    local_ts = 192.168.152.0/29|/0
  831. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    remote_ts = dynamic
  832. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    hw_offload = no
  833. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    sha256_96 = 0
  834. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_df = 1
  835. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_ecn = 1
  836. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_dscp = out
  837. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   version = 2
  838. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local_addrs = 197.214.xxx.yyy
  839. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote_addrs = 0.0.0.0/0, ::/0
  840. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local_port = 500
  841. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote_port = 500
  842. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   send_certreq = 1
  843. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   send_cert = CERT_ALWAYS_SEND
  844. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   ppk_id = (null)
  845. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   ppk_required = 0
  846. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   mobike = 1
  847. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   aggressive = 0
  848. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dscp = 0x00
  849. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   encap = 0
  850. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dpd_delay = 10
  851. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dpd_timeout = 0
  852. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   fragmentation = 2
  853. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   childless = 0
  854. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   unique = UNIQUE_REPLACE
  855. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   keyingtries = 1
  856. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   reauth_time = 0
  857. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   rekey_time = 25920
  858. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   over_time = 2880
  859. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   rand_time = 2880
  860. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   proposals = IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  861. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   if_id_in = 0
  862. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   if_id_out = 0
  863. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local:
  864. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    class = public key
  865. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    id = fw.fast.za.net
  866. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    cert = CN=fw.fast.za.net, C=ZA, ST=Western Cape, L=Cape Town, O=Abellard SS, OU=Hosting Services
  867. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote:
  868. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    eap-type = EAP_MSCHAPV2
  869. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    class = EAP
  870. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    eap_id = %any
  871. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    id = reliance.compost
  872. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] updated vici connection: con-mobile-userpool-1
  873. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG] vici client 315 requests: load-conn
  874. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]  conn con-mobile-userpool-2:
  875. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   child con-mobile:
  876. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    rekey_time = 3240
  877. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    life_time = 3600
  878. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    rand_time = 360
  879. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    rekey_bytes = 0
  880. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    life_bytes = 0
  881. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    rand_bytes = 0
  882. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    rekey_packets = 0
  883. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    life_packets = 0
  884. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    rand_packets = 0
  885. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    updown = (null)
  886. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    hostaccess = 0
  887. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    ipcomp = 0
  888. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    mode = TUNNEL
  889. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    policies = 1
  890. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    policies_fwd_out = 0
  891. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    dpd_action = none
  892. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    start_action = none
  893. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    close_action = none
  894. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    reqid = 0
  895. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    tfc = 0
  896. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    priority = 0
  897. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    interface = (null)
  898. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    if_id_in = 0
  899. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    if_id_out = 0
  900. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    mark_in = 0/0
  901. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    mark_in_sa = 0
  902. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    mark_out = 0/0
  903. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    set_mark_in = 0/0
  904. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    set_mark_out = 0/0
  905. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    label = (null)
  906. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    label_mode = system
  907. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    inactivity = 0
  908. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_192/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  909. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    local_ts = 192.168.152.0/29|/0
  910. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    remote_ts = dynamic
  911. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    hw_offload = no
  912. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    sha256_96 = 0
  913. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    copy_df = 1
  914. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    copy_ecn = 1
  915. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    copy_dscp = out
  916. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   version = 2
  917. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   local_addrs = 197.214.xxx.yyy
  918. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   remote_addrs = 0.0.0.0/0, ::/0
  919. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   local_port = 500
  920. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   remote_port = 500
  921. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   send_certreq = 1
  922. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   send_cert = CERT_ALWAYS_SEND
  923. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   ppk_id = (null)
  924. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   ppk_required = 0
  925. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   mobike = 1
  926. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   aggressive = 0
  927. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   dscp = 0x00
  928. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   encap = 0
  929. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   dpd_delay = 10
  930. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   dpd_timeout = 0
  931. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   fragmentation = 2
  932. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   childless = 0
  933. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   unique = UNIQUE_REPLACE
  934. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   keyingtries = 1
  935. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   reauth_time = 0
  936. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   rekey_time = 25920
  937. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   over_time = 2880
  938. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   rand_time = 2880
  939. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   proposals = IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  940. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   if_id_in = 0
  941. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   if_id_out = 0
  942. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   local:
  943. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    class = public key
  944. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    id = fw.fast.za.net
  945. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    cert = CN=fw.fast.za.net, C=ZA, ST=Western Cape, L=Cape Town, O=Abellard SS, OU=Hosting Services
  946. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   remote:
  947. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    eap-type = EAP_MSCHAPV2
  948. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    class = EAP
  949. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    eap_id = %any
  950. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    id = mac.pack
  951. Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG] updated vici connection: con-mobile-userpool-2
  952. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] vici client 315 requests: load-conn
  953. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]  conn con-mobile-userpool-3:
  954. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   child con-mobile:
  955. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_time = 3240
  956. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_time = 3600
  957. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_time = 360
  958. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_bytes = 0
  959. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_bytes = 0
  960. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_bytes = 0
  961. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_packets = 0
  962. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_packets = 0
  963. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_packets = 0
  964. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    updown = (null)
  965. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    hostaccess = 0
  966. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    ipcomp = 0
  967. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mode = TUNNEL
  968. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    policies = 1
  969. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    policies_fwd_out = 0
  970. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    dpd_action = none
  971. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    start_action = none
  972. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    close_action = none
  973. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    reqid = 0
  974. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    tfc = 0
  975. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    priority = 0
  976. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    interface = (null)
  977. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    if_id_in = 0
  978. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    if_id_out = 0
  979. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_in = 0/0
  980. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_in_sa = 0
  981. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_out = 0/0
  982. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    set_mark_in = 0/0
  983. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    set_mark_out = 0/0
  984. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    label = (null)
  985. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    label_mode = system
  986. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    inactivity = 0
  987. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_192/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  988. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    local_ts = 192.168.152.0/29|/0
  989. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    remote_ts = dynamic
  990. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    hw_offload = no
  991. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    sha256_96 = 0
  992. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_df = 1
  993. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_ecn = 1
  994. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_dscp = out
  995. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   version = 2
  996. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local_addrs = 197.214.xxx.yyy
  997. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote_addrs = 0.0.0.0/0, ::/0
  998. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local_port = 500
  999. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote_port = 500
  1000. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   send_certreq = 1
  1001. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   send_cert = CERT_ALWAYS_SEND
  1002. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   ppk_id = (null)
  1003. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   ppk_required = 0
  1004. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   mobike = 1
  1005. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   aggressive = 0
  1006. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dscp = 0x00
  1007. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   encap = 0
  1008. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dpd_delay = 10
  1009. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dpd_timeout = 0
  1010. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   fragmentation = 2
  1011. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   childless = 0
  1012. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   unique = UNIQUE_REPLACE
  1013. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   keyingtries = 1
  1014. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   reauth_time = 0
  1015. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   rekey_time = 25920
  1016. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   over_time = 2880
  1017. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   rand_time = 2880
  1018. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   proposals = IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1019. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   if_id_in = 0
  1020. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   if_id_out = 0
  1021. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local:
  1022. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    class = public key
  1023. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    id = fw.fast.za.net
  1024. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    cert = CN=fw.fast.za.net, C=ZA, ST=Western Cape, L=Cape Town, O=Abellard SS, OU=Hosting Services
  1025. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote:
  1026. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    eap-type = EAP_MSCHAPV2
  1027. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    class = EAP
  1028. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    eap_id = %any
  1029. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    id = greenway.farms
  1030. Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] updated vici connection: con-mobile-userpool-3
  1031. Nov 28 22:27:54 fw-1A charon[61694]: 14[CFG] vici client 315 disconnected
  1032. Nov 28 22:28:01 fw-1A charon[61694]: 14[NET] <495> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
  1033. Nov 28 22:28:01 fw-1A charon[61694]: 14[ENC] <495> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
  1034. Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
  1035. Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1036. Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1037. Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1038. Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1039. Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495>   candidate: 197.214.xxx.yyy...165.165.172.58, prio 3100
  1040. Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495> found matching ike config: 197.214.xxx.yyy...165.165.172.58 with prio 3100
  1041. Nov 28 22:28:01 fw-1A charon[61694]: 14[IKE] <495> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
  1042. Nov 28 22:28:01 fw-1A charon[61694]: 14[IKE] <495> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
  1043. Nov 28 22:28:01 fw-1A charon[61694]: 14[IKE] <495> 165.165.172.58 is initiating an IKE_SA
  1044. Nov 28 22:28:01 fw-1A charon[61694]: 14[IKE] <495> IKE_SA (unnamed)[495] state change: CREATED => CONNECTING
  1045. Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495> selecting proposal:
  1046. Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495>   no acceptable ENCRYPTION_ALGORITHM found
  1047. Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495> selecting proposal:
  1048. Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495>   no acceptable ENCRYPTION_ALGORITHM found
  1049. Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495> selecting proposal:
  1050. Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495>   proposal matches
  1051. Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
  1052. Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1053. Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
  1054. Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495> received supported signature hash algorithms: sha256 sha384 sha512 identity
  1055. Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495> sending supported signature hash algorithms: sha256 sha384 sha512 identity
  1056. Nov 28 22:28:01 fw-1A charon[61694]: 14[IKE] <495> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  1057. Nov 28 22:28:01 fw-1A charon[61694]: 14[ENC] <495> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
  1058. Nov 28 22:28:01 fw-1A charon[61694]: 14[NET] <495> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
  1059. Nov 28 22:28:01 fw-1A charon[61694]: 14[NET] <495> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
  1060. Nov 28 22:28:01 fw-1A charon[61694]: 14[ENC] <495> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
  1061. Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
  1062. Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495>   candidate "con10", match: 20/1/3100 (me/other/ike)
  1063. Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <con10|495> selected peer config 'con10'
  1064. Nov 28 22:28:01 fw-1A charon[61694]: 14[IKE] <con10|495> tried 4 shared keys for '197.214.xxx.yyy' - '165.165.172.58', but MAC mismatched
  1065. Nov 28 22:28:01 fw-1A charon[61694]: 14[ENC] <con10|495> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
  1066. Nov 28 22:28:01 fw-1A charon[61694]: 14[NET] <con10|495> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
  1067. Nov 28 22:28:01 fw-1A charon[61694]: 14[IKE] <con10|495> IKE_SA con10[495] state change: CONNECTING => DESTROYING
  1068. Nov 28 22:29:01 fw-1A charon[61694]: 14[NET] <496> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
  1069. Nov 28 22:29:01 fw-1A charon[61694]: 14[ENC] <496> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
  1070. Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
  1071. Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1072. Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1073. Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1074. Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1075. Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496>   candidate: 197.214.xxx.yyy...165.165.172.58, prio 3100
  1076. Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496> found matching ike config: 197.214.xxx.yyy...165.165.172.58 with prio 3100
  1077. Nov 28 22:29:01 fw-1A charon[61694]: 14[IKE] <496> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
  1078. Nov 28 22:29:01 fw-1A charon[61694]: 14[IKE] <496> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
  1079. Nov 28 22:29:01 fw-1A charon[61694]: 14[IKE] <496> 165.165.172.58 is initiating an IKE_SA
  1080. Nov 28 22:29:01 fw-1A charon[61694]: 14[IKE] <496> IKE_SA (unnamed)[496] state change: CREATED => CONNECTING
  1081. Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496> selecting proposal:
  1082. Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496>   no acceptable ENCRYPTION_ALGORITHM found
  1083. Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496> selecting proposal:
  1084. Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496>   no acceptable ENCRYPTION_ALGORITHM found
  1085. Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496> selecting proposal:
  1086. Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496>   proposal matches
  1087. Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
  1088. Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1089. Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
  1090. Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496> received supported signature hash algorithms: sha256 sha384 sha512 identity
  1091. Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496> sending supported signature hash algorithms: sha256 sha384 sha512 identity
  1092. Nov 28 22:29:01 fw-1A charon[61694]: 14[IKE] <496> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  1093. Nov 28 22:29:01 fw-1A charon[61694]: 14[ENC] <496> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
  1094. Nov 28 22:29:01 fw-1A charon[61694]: 14[NET] <496> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
  1095. Nov 28 22:29:01 fw-1A charon[61694]: 14[NET] <496> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
  1096. Nov 28 22:29:01 fw-1A charon[61694]: 14[ENC] <496> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
  1097. Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
  1098. Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496>   candidate "con10", match: 20/1/3100 (me/other/ike)
  1099. Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <con10|496> selected peer config 'con10'
  1100. Nov 28 22:29:01 fw-1A charon[61694]: 14[IKE] <con10|496> tried 4 shared keys for '197.214.xxx.yyy' - '165.165.172.58', but MAC mismatched
  1101. Nov 28 22:29:01 fw-1A charon[61694]: 14[ENC] <con10|496> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
  1102. Nov 28 22:29:01 fw-1A charon[61694]: 14[NET] <con10|496> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
  1103. Nov 28 22:29:01 fw-1A charon[61694]: 14[IKE] <con10|496> IKE_SA con10[496] state change: CONNECTING => DESTROYING
  1104. Nov 28 22:29:29 fw-1A charon[61694]: 14[NET] <con5|81> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (96 bytes)
  1105. Nov 28 22:29:29 fw-1A charon[61694]: 14[ENC] <con5|81> parsed INFORMATIONAL request 227 [ ]
  1106. Nov 28 22:29:29 fw-1A charon[61694]: 14[ENC] <con5|81> generating INFORMATIONAL response 227 [ ]
  1107. Nov 28 22:29:29 fw-1A charon[61694]: 14[NET] <con5|81> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  1108. Nov 28 22:30:01 fw-1A charon[61694]: 07[NET] <497> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
  1109. Nov 28 22:30:01 fw-1A charon[61694]: 07[ENC] <497> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
  1110. Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
  1111. Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1112. Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1113. Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1114. Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1115. Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497>   candidate: 197.214.xxx.yyy...165.165.172.58, prio 3100
  1116. Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497> found matching ike config: 197.214.xxx.yyy...165.165.172.58 with prio 3100
  1117. Nov 28 22:30:01 fw-1A charon[61694]: 07[IKE] <497> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
  1118. Nov 28 22:30:01 fw-1A charon[61694]: 07[IKE] <497> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
  1119. Nov 28 22:30:01 fw-1A charon[61694]: 07[IKE] <497> 165.165.172.58 is initiating an IKE_SA
  1120. Nov 28 22:30:01 fw-1A charon[61694]: 07[IKE] <497> IKE_SA (unnamed)[497] state change: CREATED => CONNECTING
  1121. Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497> selecting proposal:
  1122. Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497>   no acceptable ENCRYPTION_ALGORITHM found
  1123. Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497> selecting proposal:
  1124. Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497>   no acceptable ENCRYPTION_ALGORITHM found
  1125. Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497> selecting proposal:
  1126. Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497>   proposal matches
  1127. Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
  1128. Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1129. Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
  1130. Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497> received supported signature hash algorithms: sha256 sha384 sha512 identity
  1131. Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497> sending supported signature hash algorithms: sha256 sha384 sha512 identity
  1132. Nov 28 22:30:01 fw-1A charon[61694]: 07[IKE] <497> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  1133. Nov 28 22:30:01 fw-1A charon[61694]: 07[ENC] <497> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
  1134. Nov 28 22:30:01 fw-1A charon[61694]: 07[NET] <497> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
  1135. Nov 28 22:30:01 fw-1A charon[61694]: 07[NET] <497> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
  1136. Nov 28 22:30:01 fw-1A charon[61694]: 07[ENC] <497> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
  1137. Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
  1138. Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497>   candidate "con10", match: 20/1/3100 (me/other/ike)
  1139. Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <con10|497> selected peer config 'con10'
  1140. Nov 28 22:30:01 fw-1A charon[61694]: 07[IKE] <con10|497> tried 4 shared keys for '197.214.xxx.yyy' - '165.165.172.58', but MAC mismatched
  1141. Nov 28 22:30:01 fw-1A charon[61694]: 07[ENC] <con10|497> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
  1142. Nov 28 22:30:01 fw-1A charon[61694]: 07[NET] <con10|497> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
  1143. Nov 28 22:30:01 fw-1A charon[61694]: 07[IKE] <con10|497> IKE_SA con10[497] state change: CONNECTING => DESTROYING
  1144. Nov 28 22:31:01 fw-1A charon[61694]: 07[NET] <498> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
  1145. Nov 28 22:31:01 fw-1A charon[61694]: 07[ENC] <498> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
  1146. Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
  1147. Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1148. Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1149. Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1150. Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1151. Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498>   candidate: 197.214.xxx.yyy...165.165.172.58, prio 3100
  1152. Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498> found matching ike config: 197.214.xxx.yyy...165.165.172.58 with prio 3100
  1153. Nov 28 22:31:01 fw-1A charon[61694]: 07[IKE] <498> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
  1154. Nov 28 22:31:01 fw-1A charon[61694]: 07[IKE] <498> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
  1155. Nov 28 22:31:01 fw-1A charon[61694]: 07[IKE] <498> 165.165.172.58 is initiating an IKE_SA
  1156. Nov 28 22:31:01 fw-1A charon[61694]: 07[IKE] <498> IKE_SA (unnamed)[498] state change: CREATED => CONNECTING
  1157. Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498> selecting proposal:
  1158. Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498>   no acceptable ENCRYPTION_ALGORITHM found
  1159. Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498> selecting proposal:
  1160. Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498>   no acceptable ENCRYPTION_ALGORITHM found
  1161. Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498> selecting proposal:
  1162. Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498>   proposal matches
  1163. Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
  1164. Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1165. Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
  1166. Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498> received supported signature hash algorithms: sha256 sha384 sha512 identity
  1167. Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498> sending supported signature hash algorithms: sha256 sha384 sha512 identity
  1168. Nov 28 22:31:01 fw-1A charon[61694]: 07[IKE] <498> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  1169. Nov 28 22:31:01 fw-1A charon[61694]: 07[ENC] <498> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
  1170. Nov 28 22:31:01 fw-1A charon[61694]: 07[NET] <498> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
  1171. Nov 28 22:31:01 fw-1A charon[61694]: 07[NET] <498> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
  1172. Nov 28 22:31:01 fw-1A charon[61694]: 07[ENC] <498> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
  1173. Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
  1174. Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498>   candidate "con10", match: 20/1/3100 (me/other/ike)
  1175. Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <con10|498> selected peer config 'con10'
  1176. Nov 28 22:31:01 fw-1A charon[61694]: 07[IKE] <con10|498> tried 4 shared keys for '197.214.xxx.yyy' - '165.165.172.58', but MAC mismatched
  1177. Nov 28 22:31:01 fw-1A charon[61694]: 07[ENC] <con10|498> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
  1178. Nov 28 22:31:01 fw-1A charon[61694]: 07[NET] <con10|498> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
  1179. Nov 28 22:31:01 fw-1A charon[61694]: 07[IKE] <con10|498> IKE_SA con10[498] state change: CONNECTING => DESTROYING
  1180. Nov 28 22:31:06 fw-1A charon[61694]: 07[IKE] <con4|17> sending DPD request
  1181. Nov 28 22:31:06 fw-1A charon[61694]: 09[IKE] <con3|18> sending DPD request
  1182. Nov 28 22:31:06 fw-1A charon[61694]: 09[IKE] <con3|18> queueing IKE_DPD task
  1183. Nov 28 22:31:06 fw-1A charon[61694]: 09[IKE] <con3|18> activating new tasks
  1184. Nov 28 22:31:06 fw-1A charon[61694]: 09[IKE] <con3|18>   activating IKE_DPD task
  1185. Nov 28 22:31:06 fw-1A charon[61694]: 07[IKE] <con4|17> queueing IKE_DPD task
  1186. Nov 28 22:31:06 fw-1A charon[61694]: 09[ENC] <con3|18> generating INFORMATIONAL request 525 [ ]
  1187. Nov 28 22:31:06 fw-1A charon[61694]: 07[IKE] <con4|17> activating new tasks
  1188. Nov 28 22:31:06 fw-1A charon[61694]: 07[IKE] <con4|17>   activating IKE_DPD task
  1189. Nov 28 22:31:06 fw-1A charon[61694]: 07[ENC] <con4|17> generating INFORMATIONAL request 520 [ ]
  1190. Nov 28 22:31:06 fw-1A charon[61694]: 09[NET] <con3|18> sending packet: from 197.214.xxx.yyy[4500] to 105.27.113.66[4500] (57 bytes)
  1191. Nov 28 22:31:06 fw-1A charon[61694]: 07[NET] <con4|17> sending packet: from 197.214.xxx.yyy[500] to 41.164.68.170[500] (57 bytes)
  1192. Nov 28 22:31:06 fw-1A charon[61694]: 07[NET] <con3|18> received packet: from 105.27.113.66[4500] to 197.214.xxx.yyy[4500] (65 bytes)
  1193. Nov 28 22:31:06 fw-1A charon[61694]: 07[ENC] <con3|18> parsed INFORMATIONAL response 525 [ ]
  1194. Nov 28 22:31:06 fw-1A charon[61694]: 07[IKE] <con3|18> activating new tasks
  1195. Nov 28 22:31:06 fw-1A charon[61694]: 07[IKE] <con3|18> nothing to initiate
  1196. Nov 28 22:31:06 fw-1A charon[61694]: 07[NET] <con4|17> received packet: from 41.164.68.170[500] to 197.214.xxx.yyy[500] (65 bytes)
  1197. Nov 28 22:31:06 fw-1A charon[61694]: 07[ENC] <con4|17> parsed INFORMATIONAL response 520 [ ]
  1198. Nov 28 22:31:06 fw-1A charon[61694]: 07[IKE] <con4|17> activating new tasks
  1199. Nov 28 22:31:06 fw-1A charon[61694]: 07[IKE] <con4|17> nothing to initiate
  1200. Nov 28 22:31:15 fw-1A charon[61694]: 16[CFG] vici client 316 connected
  1201. Nov 28 22:31:15 fw-1A charon[61694]: 09[CFG] vici client 316 registered for: list-sa
  1202. Nov 28 22:31:15 fw-1A charon[61694]: 16[CFG] vici client 316 requests: list-sas
  1203. Nov 28 22:31:15 fw-1A charon[61694]: 09[CFG] vici client 316 disconnected
  1204. Nov 28 22:31:29 fw-1A charon[61694]: 13[NET] <con5|81> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (160 bytes)
  1205. Nov 28 22:31:29 fw-1A charon[61694]: 13[ENC] <con5|81> parsed INFORMATIONAL request 228 [ ]
  1206. Nov 28 22:31:29 fw-1A charon[61694]: 13[ENC] <con5|81> generating INFORMATIONAL response 228 [ ]
  1207. Nov 28 22:31:29 fw-1A charon[61694]: 13[NET] <con5|81> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  1208. Nov 28 22:32:01 fw-1A charon[61694]: 10[NET] <499> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
  1209. Nov 28 22:32:01 fw-1A charon[61694]: 10[ENC] <499> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
  1210. Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
  1211. Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1212. Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1213. Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1214. Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1215. Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499>   candidate: 197.214.xxx.yyy...165.165.172.58, prio 3100
  1216. Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499> found matching ike config: 197.214.xxx.yyy...165.165.172.58 with prio 3100
  1217. Nov 28 22:32:01 fw-1A charon[61694]: 10[IKE] <499> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
  1218. Nov 28 22:32:01 fw-1A charon[61694]: 10[IKE] <499> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
  1219. Nov 28 22:32:01 fw-1A charon[61694]: 10[IKE] <499> 165.165.172.58 is initiating an IKE_SA
  1220. Nov 28 22:32:01 fw-1A charon[61694]: 10[IKE] <499> IKE_SA (unnamed)[499] state change: CREATED => CONNECTING
  1221. Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499> selecting proposal:
  1222. Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499>   no acceptable ENCRYPTION_ALGORITHM found
  1223. Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499> selecting proposal:
  1224. Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499>   no acceptable ENCRYPTION_ALGORITHM found
  1225. Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499> selecting proposal:
  1226. Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499>   proposal matches
  1227. Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
  1228. Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1229. Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
  1230. Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499> received supported signature hash algorithms: sha256 sha384 sha512 identity
  1231. Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499> sending supported signature hash algorithms: sha256 sha384 sha512 identity
  1232. Nov 28 22:32:01 fw-1A charon[61694]: 10[IKE] <499> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  1233. Nov 28 22:32:01 fw-1A charon[61694]: 10[ENC] <499> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
  1234. Nov 28 22:32:01 fw-1A charon[61694]: 10[NET] <499> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
  1235. Nov 28 22:32:01 fw-1A charon[61694]: 10[NET] <499> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
  1236. Nov 28 22:32:01 fw-1A charon[61694]: 10[ENC] <499> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
  1237. Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
  1238. Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499>   candidate "con10", match: 20/1/3100 (me/other/ike)
  1239. Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <con10|499> selected peer config 'con10'
  1240. Nov 28 22:32:01 fw-1A charon[61694]: 10[IKE] <con10|499> tried 4 shared keys for '197.214.xxx.yyy' - '165.165.172.58', but MAC mismatched
  1241. Nov 28 22:32:01 fw-1A charon[61694]: 10[ENC] <con10|499> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
  1242. Nov 28 22:32:01 fw-1A charon[61694]: 10[NET] <con10|499> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
  1243. Nov 28 22:32:01 fw-1A charon[61694]: 10[IKE] <con10|499> IKE_SA con10[499] state change: CONNECTING => DESTROYING
  1244. Nov 28 22:32:46 fw-1A charon[61694]: 15[CFG] vici client 317 connected
  1245. Nov 28 22:32:46 fw-1A charon[61694]: 10[CFG] vici client 317 registered for: list-sa
  1246. Nov 28 22:32:46 fw-1A charon[61694]: 15[CFG] vici client 317 requests: list-sas
  1247. Nov 28 22:32:46 fw-1A charon[61694]: 06[CFG] vici client 317 disconnected
  1248. Nov 28 22:32:51 fw-1A charon[61694]: 06[CFG] vici client 318 connected
  1249. Nov 28 22:32:51 fw-1A charon[61694]: 11[CFG] vici client 318 registered for: list-sa
  1250. Nov 28 22:32:51 fw-1A charon[61694]: 10[CFG] vici client 318 requests: list-sas
  1251. Nov 28 22:32:51 fw-1A charon[61694]: 10[CFG] vici client 318 disconnected
  1252. Nov 28 22:32:56 fw-1A charon[61694]: 06[CFG] vici client 319 connected
  1253. Nov 28 22:32:56 fw-1A charon[61694]: 06[CFG] vici client 319 registered for: list-sa
  1254. Nov 28 22:32:56 fw-1A charon[61694]: 12[CFG] vici client 320 connected
  1255. Nov 28 22:32:56 fw-1A charon[61694]: 08[CFG] vici client 320 registered for: list-sa
  1256. Nov 28 22:32:56 fw-1A charon[61694]: 08[CFG] vici client 319 requests: list-sas
  1257. Nov 28 22:32:56 fw-1A charon[61694]: 05[CFG] vici client 320 requests: list-sas
  1258. Nov 28 22:32:56 fw-1A charon[61694]: 06[CFG] vici client 320 disconnected
  1259. Nov 28 22:32:56 fw-1A charon[61694]: 06[CFG] vici client 319 disconnected
  1260. Nov 28 22:32:56 fw-1A charon[61694]: 06[CFG] vici client 321 connected
  1261. Nov 28 22:32:56 fw-1A charon[61694]: 08[CFG] vici client 321 registered for: control-log
  1262. Nov 28 22:32:56 fw-1A charon[61694]: 06[CFG] vici client 321 requests: terminate
  1263. Nov 28 22:32:56 fw-1A charon[61694]: 06[CFG] vici terminate IKE_SA #81
  1264. Nov 28 22:32:56 fw-1A charon[61694]: 08[IKE] <con5|81> queueing IKE_DELETE task
  1265. Nov 28 22:32:56 fw-1A charon[61694]: 08[IKE] <con5|81> activating new tasks
  1266. Nov 28 22:32:56 fw-1A charon[61694]: 08[IKE] <con5|81>   activating IKE_DELETE task
  1267. Nov 28 22:32:56 fw-1A charon[61694]: 08[IKE] <con5|81> deleting IKE_SA con5[81] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  1268. Nov 28 22:32:56 fw-1A charon[61694]: 08[IKE] <con5|81> IKE_SA con5[81] state change: ESTABLISHED => DELETING
  1269. Nov 28 22:32:56 fw-1A charon[61694]: 08[IKE] <con5|81> sending DELETE for IKE_SA con5[81]
  1270. Nov 28 22:32:56 fw-1A charon[61694]: 08[ENC] <con5|81> generating INFORMATIONAL request 0 [ D ]
  1271. Nov 28 22:32:57 fw-1A charon[61694]: 08[NET] <con5|81> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  1272. Nov 28 22:32:57 fw-1A charon[61694]: 08[IKE] <con5|81> IKE_SA con5[81] state change: DELETING => DESTROYING
  1273. Nov 28 22:32:57 fw-1A charon[61694]: 08[CHD] <con5|81> CHILD_SA con5{99} state change: INSTALLED => DESTROYING
  1274. Nov 28 22:32:57 fw-1A charon[61694]: 08[CFG] vici client 321 disconnected
  1275. Nov 28 22:32:58 fw-1A charon[61694]: 10[KNL] creating acquire job for policy 197.214.xxx.yyy/32|/0 === 196.250.128.24/32|/0 with reqid {2}
  1276. Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> queueing IKE_VENDOR task
  1277. Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> queueing IKE_INIT task
  1278. Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> queueing IKE_NATD task
  1279. Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> queueing IKE_CERT_PRE task
  1280. Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> queueing IKE_AUTH task
  1281. Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> queueing IKE_CERT_POST task
  1282. Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> queueing IKE_CONFIG task
  1283. Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> queueing IKE_AUTH_LIFETIME task
  1284. Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> queueing IKE_ESTABLISH task
  1285. Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> queueing CHILD_CREATE task
  1286. Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> activating new tasks
  1287. Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500>   activating IKE_VENDOR task
  1288. Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500>   activating IKE_INIT task
  1289. Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500>   activating IKE_NATD task
  1290. Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500>   activating IKE_CERT_PRE task
  1291. Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500>   activating IKE_AUTH task
  1292. Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500>   activating IKE_CERT_POST task
  1293. Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500>   activating IKE_CONFIG task
  1294. Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500>   activating IKE_AUTH_LIFETIME task
  1295. Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500>   activating IKE_ESTABLISH task
  1296. Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500>   activating CHILD_CREATE task
  1297. Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> initiating IKE_SA con5[500] to 196.250.128.24
  1298. Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> IKE_SA con5[500] state change: CREATED => CONNECTING
  1299. Nov 28 22:32:58 fw-1A charon[61694]: 08[CFG] <con5|500> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1300. Nov 28 22:32:58 fw-1A charon[61694]: 08[CFG] <con5|500> sending supported signature hash algorithms: sha256 sha384 sha512 identity
  1301. Nov 28 22:32:58 fw-1A charon[61694]: 08[ENC] <con5|500> generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
  1302. Nov 28 22:32:58 fw-1A charon[61694]: 08[NET] <con5|500> sending packet: from 197.214.xxx.yyy[500] to 196.250.128.24[500] (464 bytes)
  1303. Nov 28 22:33:01 fw-1A charon[61694]: 08[NET] <501> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
  1304. Nov 28 22:33:01 fw-1A charon[61694]: 08[ENC] <501> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
  1305. Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
  1306. Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1307. Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1308. Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1309. Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1310. Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501>   candidate: 197.214.xxx.yyy...165.165.172.58, prio 3100
  1311. Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501> found matching ike config: 197.214.xxx.yyy...165.165.172.58 with prio 3100
  1312. Nov 28 22:33:01 fw-1A charon[61694]: 08[IKE] <501> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
  1313. Nov 28 22:33:01 fw-1A charon[61694]: 08[IKE] <501> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
  1314. Nov 28 22:33:01 fw-1A charon[61694]: 08[IKE] <501> 165.165.172.58 is initiating an IKE_SA
  1315. Nov 28 22:33:01 fw-1A charon[61694]: 08[IKE] <501> IKE_SA (unnamed)[501] state change: CREATED => CONNECTING
  1316. Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501> selecting proposal:
  1317. Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501>   no acceptable ENCRYPTION_ALGORITHM found
  1318. Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501> selecting proposal:
  1319. Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501>   no acceptable ENCRYPTION_ALGORITHM found
  1320. Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501> selecting proposal:
  1321. Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501>   proposal matches
  1322. Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
  1323. Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1324. Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
  1325. Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501> received supported signature hash algorithms: sha256 sha384 sha512 identity
  1326. Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501> sending supported signature hash algorithms: sha256 sha384 sha512 identity
  1327. Nov 28 22:33:01 fw-1A charon[61694]: 08[IKE] <501> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  1328. Nov 28 22:33:01 fw-1A charon[61694]: 08[ENC] <501> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
  1329. Nov 28 22:33:01 fw-1A charon[61694]: 08[NET] <501> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
  1330. Nov 28 22:33:01 fw-1A charon[61694]: 08[NET] <501> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
  1331. Nov 28 22:33:01 fw-1A charon[61694]: 08[ENC] <501> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
  1332. Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
  1333. Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501>   candidate "con10", match: 20/1/3100 (me/other/ike)
  1334. Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <con10|501> selected peer config 'con10'
  1335. Nov 28 22:33:01 fw-1A charon[61694]: 08[IKE] <con10|501> tried 4 shared keys for '197.214.xxx.yyy' - '165.165.172.58', but MAC mismatched
  1336. Nov 28 22:33:01 fw-1A charon[61694]: 08[ENC] <con10|501> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
  1337. Nov 28 22:33:01 fw-1A charon[61694]: 08[NET] <con10|501> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
  1338. Nov 28 22:33:01 fw-1A charon[61694]: 08[IKE] <con10|501> IKE_SA con10[501] state change: CONNECTING => DESTROYING
  1339. Nov 28 22:33:02 fw-1A charon[61694]: 10[CFG] vici client 322 connected
  1340. Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] vici client 322 registered for: list-sa
  1341. Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] vici client 322 requests: list-sas
  1342. Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] vici client 322 disconnected
  1343. Nov 28 22:33:02 fw-1A charon[61694]: 08[IKE] <con5|500> retransmit 1 of request with message ID 0
  1344. Nov 28 22:33:02 fw-1A charon[61694]: 08[NET] <con5|500> sending packet: from 197.214.xxx.yyy[500] to 196.250.128.24[500] (464 bytes)
  1345. Nov 28 22:33:02 fw-1A charon[61694]: 08[NET] <con5|500> received packet: from 196.250.128.24[500] to 197.214.xxx.yyy[500] (437 bytes)
  1346. Nov 28 22:33:02 fw-1A charon[61694]: 08[ENC] <con5|500> parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) CERTREQ ]
  1347. Nov 28 22:33:02 fw-1A charon[61694]: 08[IKE] <con5|500> received FRAGMENTATION_SUPPORTED notify
  1348. Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] <con5|500> selecting proposal:
  1349. Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] <con5|500>   proposal matches
  1350. Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] <con5|500> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1351. Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] <con5|500> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1352. Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] <con5|500> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1353. Nov 28 22:33:02 fw-1A charon[61694]: 08[IKE] <con5|500> remote host is behind NAT
  1354. Nov 28 22:33:02 fw-1A charon[61694]: 08[IKE] <con5|500> reinitiating already active tasks
  1355. Nov 28 22:33:02 fw-1A charon[61694]: 08[IKE] <con5|500>   IKE_CERT_PRE task
  1356. Nov 28 22:33:02 fw-1A charon[61694]: 08[IKE] <con5|500>   IKE_AUTH task
  1357. Nov 28 22:33:02 fw-1A charon[61694]: 08[IKE] <con5|500> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  1358. Nov 28 22:33:02 fw-1A charon[61694]: 08[IKE] <con5|500> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  1359. Nov 28 22:33:02 fw-1A charon[61694]: 08[IKE] <con5|500> successfully created shared key MAC
  1360. Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] <con5|500> proposing traffic selectors for us:
  1361. Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] <con5|500>  192.168.152.0/29|/0
  1362. Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] <con5|500> proposing traffic selectors for other:
  1363. Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] <con5|500>  192.168.0.0/24|/0
  1364. Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] <con5|500> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  1365. Nov 28 22:33:02 fw-1A charon[61694]: 08[IKE] <con5|500> establishing CHILD_SA con5{100} reqid 2
  1366. Nov 28 22:33:02 fw-1A charon[61694]: 08[ENC] <con5|500> generating IKE_AUTH request 1 [ IDi CERTREQ AUTH N(ESP_TFC_PAD_N) SA TSi TSr N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
  1367. Nov 28 22:33:02 fw-1A charon[61694]: 08[NET] <con5|500> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (272 bytes)
  1368. Nov 28 22:33:04 fw-1A charon[61694]: 08[NET] <502> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  1369. Nov 28 22:33:04 fw-1A charon[61694]: 08[ENC] <502> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  1370. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  1371. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  1372. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1373. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1374. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1375. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1376. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  1377. Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <502> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  1378. Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <502> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  1379. Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <502> 196.250.128.24 is initiating an IKE_SA
  1380. Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <502> IKE_SA (unnamed)[502] state change: CREATED => CONNECTING
  1381. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502> selecting proposal:
  1382. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502>   proposal matches
  1383. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1384. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1385. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1386. Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <502> remote host is behind NAT
  1387. Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <502> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  1388. Nov 28 22:33:04 fw-1A charon[61694]: 08[ENC] <502> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  1389. Nov 28 22:33:04 fw-1A charon[61694]: 08[NET] <502> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  1390. Nov 28 22:33:04 fw-1A charon[61694]: 08[NET] <502> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  1391. Nov 28 22:33:04 fw-1A charon[61694]: 08[ENC] <502> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  1392. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  1393. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502>   candidate "con5", match: 1/1/3100 (me/other/ike)
  1394. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  1395. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502> selected peer config 'con5'
  1396. Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> authentication of '20.0.0.100' with pre-shared key successful
  1397. Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  1398. Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> successfully created shared key MAC
  1399. Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> IKE_SA con5[502] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  1400. Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> IKE_SA con5[502] state change: CONNECTING => ESTABLISHED
  1401. Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> scheduling rekeying in 23877s
  1402. Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> maximum IKE_SA lifetime 26757s
  1403. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  1404. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502> proposing traffic selectors for us:
  1405. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502>  192.168.152.0/29|/0
  1406. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502> proposing traffic selectors for other:
  1407. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502>  192.168.0.0/24|/0
  1408. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502>   candidate "con5" with prio 5+5
  1409. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502> found matching child config "con5" with prio 10
  1410. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502> selecting proposal:
  1411. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502>   proposal matches
  1412. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  1413. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  1414. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  1415. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502> selecting traffic selectors for us:
  1416. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  1417. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502> selecting traffic selectors for other:
  1418. Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  1419. Nov 28 22:33:04 fw-1A charon[61694]: 08[CHD] <con5|502> CHILD_SA con5{101} state change: CREATED => INSTALLING
  1420. Nov 28 22:33:04 fw-1A charon[61694]: 08[CHD] <con5|502>   using AES_CBC for encryption
  1421. Nov 28 22:33:04 fw-1A charon[61694]: 08[CHD] <con5|502>   using HMAC_SHA2_256_128 for integrity
  1422. Nov 28 22:33:04 fw-1A charon[61694]: 08[CHD] <con5|502> adding inbound ESP SA
  1423. Nov 28 22:33:04 fw-1A charon[61694]: 08[CHD] <con5|502>   SPI 0xc2d18b5b, src 196.250.128.24 dst 197.214.xxx.yyy
  1424. Nov 28 22:33:04 fw-1A charon[61694]: 08[CHD] <con5|502> adding outbound ESP SA
  1425. Nov 28 22:33:04 fw-1A charon[61694]: 08[CHD] <con5|502>   SPI 0x030759c0, src 197.214.xxx.yyy dst 196.250.128.24
  1426. Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> CHILD_SA con5{101} established with SPIs c2d18b5b_i 030759c0_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  1427. Nov 28 22:33:04 fw-1A charon[61694]: 08[CHD] <con5|502> CHILD_SA con5{101} state change: INSTALLING => INSTALLED
  1428. Nov 28 22:33:04 fw-1A charon[61694]: 08[ENC] <con5|502> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  1429. Nov 28 22:33:04 fw-1A charon[61694]: 08[NET] <con5|502> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  1430. Nov 28 22:33:04 fw-1A charon[61694]: 08[NET] <con5|502> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (224 bytes)
  1431. Nov 28 22:33:04 fw-1A charon[61694]: 08[ENC] <con5|502> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  1432. Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> received DELETE for IKE_SA con5[502]
  1433. Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> deleting IKE_SA con5[502] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  1434. Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> IKE_SA con5[502] state change: ESTABLISHED => DELETING
  1435. Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> IKE_SA deleted
  1436. Nov 28 22:33:04 fw-1A charon[61694]: 08[ENC] <con5|502> generating INFORMATIONAL response 2 [ ]
  1437. Nov 28 22:33:04 fw-1A charon[61694]: 08[NET] <con5|502> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  1438. Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> IKE_SA con5[502] state change: DELETING => DESTROYING
  1439. Nov 28 22:33:04 fw-1A charon[61694]: 08[CHD] <con5|502> CHILD_SA con5{101} state change: INSTALLED => DESTROYING
  1440. Nov 28 22:33:06 fw-1A charon[61694]: 07[IKE] <con5|500> retransmit 1 of request with message ID 1
  1441. Nov 28 22:33:06 fw-1A charon[61694]: 07[NET] <con5|500> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (272 bytes)
  1442. Nov 28 22:33:06 fw-1A charon[61694]: 07[KNL] creating acquire job for policy 197.214.xxx.yyy/32|/0 === 196.250.128.24/32|/0 with reqid {2}
  1443. Nov 28 22:33:06 fw-1A charon[61694]: 08[CFG] ignoring acquire for reqid 2, connection attempt pending
  1444. Nov 28 22:33:07 fw-1A charon[61694]: 07[CFG] vici client 323 connected
  1445. Nov 28 22:33:07 fw-1A charon[61694]: 07[CFG] vici client 323 registered for: list-sa
  1446. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] vici client 323 requests: list-sas
  1447. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] vici client 323 disconnected
  1448. Nov 28 22:33:07 fw-1A charon[61694]: 08[NET] <503> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  1449. Nov 28 22:33:07 fw-1A charon[61694]: 08[ENC] <503> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  1450. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  1451. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  1452. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1453. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1454. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1455. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1456. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  1457. Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <503> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  1458. Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <503> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  1459. Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <503> 196.250.128.24 is initiating an IKE_SA
  1460. Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <503> IKE_SA (unnamed)[503] state change: CREATED => CONNECTING
  1461. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503> selecting proposal:
  1462. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503>   proposal matches
  1463. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1464. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1465. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1466. Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <503> remote host is behind NAT
  1467. Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <503> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  1468. Nov 28 22:33:07 fw-1A charon[61694]: 08[ENC] <503> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  1469. Nov 28 22:33:07 fw-1A charon[61694]: 08[NET] <503> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  1470. Nov 28 22:33:07 fw-1A charon[61694]: 08[NET] <503> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (448 bytes)
  1471. Nov 28 22:33:07 fw-1A charon[61694]: 08[ENC] <503> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  1472. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  1473. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503>   candidate "con5", match: 1/1/3100 (me/other/ike)
  1474. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  1475. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503> selected peer config 'con5'
  1476. Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> authentication of '20.0.0.100' with pre-shared key successful
  1477. Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  1478. Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> successfully created shared key MAC
  1479. Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> IKE_SA con5[503] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  1480. Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> IKE_SA con5[503] state change: CONNECTING => ESTABLISHED
  1481. Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> scheduling rekeying in 23540s
  1482. Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> maximum IKE_SA lifetime 26420s
  1483. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  1484. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503> proposing traffic selectors for us:
  1485. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503>  192.168.152.0/29|/0
  1486. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503> proposing traffic selectors for other:
  1487. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503>  192.168.0.0/24|/0
  1488. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503>   candidate "con5" with prio 5+5
  1489. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503> found matching child config "con5" with prio 10
  1490. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503> selecting proposal:
  1491. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503>   proposal matches
  1492. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  1493. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  1494. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  1495. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503> selecting traffic selectors for us:
  1496. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  1497. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503> selecting traffic selectors for other:
  1498. Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  1499. Nov 28 22:33:07 fw-1A charon[61694]: 08[CHD] <con5|503> CHILD_SA con5{102} state change: CREATED => INSTALLING
  1500. Nov 28 22:33:07 fw-1A charon[61694]: 08[CHD] <con5|503>   using AES_CBC for encryption
  1501. Nov 28 22:33:07 fw-1A charon[61694]: 08[CHD] <con5|503>   using HMAC_SHA2_256_128 for integrity
  1502. Nov 28 22:33:07 fw-1A charon[61694]: 08[CHD] <con5|503> adding inbound ESP SA
  1503. Nov 28 22:33:07 fw-1A charon[61694]: 08[CHD] <con5|503>   SPI 0xcc807271, src 196.250.128.24 dst 197.214.xxx.yyy
  1504. Nov 28 22:33:07 fw-1A charon[61694]: 08[CHD] <con5|503> adding outbound ESP SA
  1505. Nov 28 22:33:07 fw-1A charon[61694]: 08[CHD] <con5|503>   SPI 0x084c0e20, src 197.214.xxx.yyy dst 196.250.128.24
  1506. Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> CHILD_SA con5{102} established with SPIs cc807271_i 084c0e20_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  1507. Nov 28 22:33:07 fw-1A charon[61694]: 08[CHD] <con5|503> CHILD_SA con5{102} state change: INSTALLING => INSTALLED
  1508. Nov 28 22:33:07 fw-1A charon[61694]: 08[ENC] <con5|503> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  1509. Nov 28 22:33:07 fw-1A charon[61694]: 08[NET] <con5|503> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  1510. Nov 28 22:33:07 fw-1A charon[61694]: 08[NET] <con5|503> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (272 bytes)
  1511. Nov 28 22:33:07 fw-1A charon[61694]: 08[ENC] <con5|503> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  1512. Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> received DELETE for IKE_SA con5[503]
  1513. Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> deleting IKE_SA con5[503] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  1514. Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> IKE_SA con5[503] state change: ESTABLISHED => DELETING
  1515. Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> IKE_SA deleted
  1516. Nov 28 22:33:07 fw-1A charon[61694]: 08[ENC] <con5|503> generating INFORMATIONAL response 2 [ ]
  1517. Nov 28 22:33:07 fw-1A charon[61694]: 08[NET] <con5|503> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  1518. Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> IKE_SA con5[503] state change: DELETING => DESTROYING
  1519. Nov 28 22:33:07 fw-1A charon[61694]: 08[CHD] <con5|503> CHILD_SA con5{102} state change: INSTALLED => DESTROYING
  1520. Nov 28 22:33:09 fw-1A charon[61694]: 13[NET] <504> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  1521. Nov 28 22:33:09 fw-1A charon[61694]: 13[ENC] <504> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  1522. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  1523. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  1524. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1525. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1526. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1527. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1528. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  1529. Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <504> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  1530. Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <504> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  1531. Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <504> 196.250.128.24 is initiating an IKE_SA
  1532. Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <504> IKE_SA (unnamed)[504] state change: CREATED => CONNECTING
  1533. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504> selecting proposal:
  1534. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504>   proposal matches
  1535. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1536. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1537. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1538. Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <504> remote host is behind NAT
  1539. Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <504> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  1540. Nov 28 22:33:09 fw-1A charon[61694]: 13[ENC] <504> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  1541. Nov 28 22:33:09 fw-1A charon[61694]: 13[NET] <504> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  1542. Nov 28 22:33:09 fw-1A charon[61694]: 13[NET] <504> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  1543. Nov 28 22:33:09 fw-1A charon[61694]: 13[ENC] <504> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  1544. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  1545. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504>   candidate "con5", match: 1/1/3100 (me/other/ike)
  1546. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  1547. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504> selected peer config 'con5'
  1548. Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> authentication of '20.0.0.100' with pre-shared key successful
  1549. Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  1550. Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> successfully created shared key MAC
  1551. Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> IKE_SA con5[504] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  1552. Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> IKE_SA con5[504] state change: CONNECTING => ESTABLISHED
  1553. Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> scheduling rekeying in 25556s
  1554. Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> maximum IKE_SA lifetime 28436s
  1555. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  1556. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504> proposing traffic selectors for us:
  1557. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504>  192.168.152.0/29|/0
  1558. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504> proposing traffic selectors for other:
  1559. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504>  192.168.0.0/24|/0
  1560. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504>   candidate "con5" with prio 5+5
  1561. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504> found matching child config "con5" with prio 10
  1562. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504> selecting proposal:
  1563. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504>   proposal matches
  1564. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  1565. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  1566. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  1567. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504> selecting traffic selectors for us:
  1568. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  1569. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504> selecting traffic selectors for other:
  1570. Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  1571. Nov 28 22:33:09 fw-1A charon[61694]: 13[CHD] <con5|504> CHILD_SA con5{103} state change: CREATED => INSTALLING
  1572. Nov 28 22:33:09 fw-1A charon[61694]: 13[CHD] <con5|504>   using AES_CBC for encryption
  1573. Nov 28 22:33:09 fw-1A charon[61694]: 13[CHD] <con5|504>   using HMAC_SHA2_256_128 for integrity
  1574. Nov 28 22:33:09 fw-1A charon[61694]: 13[CHD] <con5|504> adding inbound ESP SA
  1575. Nov 28 22:33:09 fw-1A charon[61694]: 13[CHD] <con5|504>   SPI 0xce651735, src 196.250.128.24 dst 197.214.xxx.yyy
  1576. Nov 28 22:33:09 fw-1A charon[61694]: 13[CHD] <con5|504> adding outbound ESP SA
  1577. Nov 28 22:33:09 fw-1A charon[61694]: 13[CHD] <con5|504>   SPI 0x08ef2527, src 197.214.xxx.yyy dst 196.250.128.24
  1578. Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> CHILD_SA con5{103} established with SPIs ce651735_i 08ef2527_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  1579. Nov 28 22:33:09 fw-1A charon[61694]: 13[CHD] <con5|504> CHILD_SA con5{103} state change: INSTALLING => INSTALLED
  1580. Nov 28 22:33:09 fw-1A charon[61694]: 13[ENC] <con5|504> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  1581. Nov 28 22:33:09 fw-1A charon[61694]: 13[NET] <con5|504> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  1582. Nov 28 22:33:09 fw-1A charon[61694]: 13[NET] <con5|504> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (288 bytes)
  1583. Nov 28 22:33:09 fw-1A charon[61694]: 13[ENC] <con5|504> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  1584. Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> received DELETE for IKE_SA con5[504]
  1585. Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> deleting IKE_SA con5[504] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  1586. Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> IKE_SA con5[504] state change: ESTABLISHED => DELETING
  1587. Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> IKE_SA deleted
  1588. Nov 28 22:33:09 fw-1A charon[61694]: 13[ENC] <con5|504> generating INFORMATIONAL response 2 [ ]
  1589. Nov 28 22:33:09 fw-1A charon[61694]: 13[NET] <con5|504> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  1590. Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> IKE_SA con5[504] state change: DELETING => DESTROYING
  1591. Nov 28 22:33:09 fw-1A charon[61694]: 13[CHD] <con5|504> CHILD_SA con5{103} state change: INSTALLED => DESTROYING
  1592. Nov 28 22:33:11 fw-1A charon[61694]: 13[NET] <505> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  1593. Nov 28 22:33:11 fw-1A charon[61694]: 13[ENC] <505> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  1594. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  1595. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  1596. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1597. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1598. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1599. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1600. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  1601. Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <505> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  1602. Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <505> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  1603. Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <505> 196.250.128.24 is initiating an IKE_SA
  1604. Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <505> IKE_SA (unnamed)[505] state change: CREATED => CONNECTING
  1605. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505> selecting proposal:
  1606. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505>   proposal matches
  1607. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1608. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1609. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1610. Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <505> remote host is behind NAT
  1611. Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <505> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  1612. Nov 28 22:33:11 fw-1A charon[61694]: 13[ENC] <505> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  1613. Nov 28 22:33:11 fw-1A charon[61694]: 13[NET] <505> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  1614. Nov 28 22:33:11 fw-1A charon[61694]: 13[NET] <505> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  1615. Nov 28 22:33:11 fw-1A charon[61694]: 13[ENC] <505> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  1616. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  1617. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505>   candidate "con5", match: 1/1/3100 (me/other/ike)
  1618. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  1619. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505> selected peer config 'con5'
  1620. Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> authentication of '20.0.0.100' with pre-shared key successful
  1621. Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  1622. Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> successfully created shared key MAC
  1623. Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> IKE_SA con5[505] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  1624. Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> IKE_SA con5[505] state change: CONNECTING => ESTABLISHED
  1625. Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> scheduling rekeying in 25108s
  1626. Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> maximum IKE_SA lifetime 27988s
  1627. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  1628. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505> proposing traffic selectors for us:
  1629. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505>  192.168.152.0/29|/0
  1630. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505> proposing traffic selectors for other:
  1631. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505>  192.168.0.0/24|/0
  1632. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505>   candidate "con5" with prio 5+5
  1633. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505> found matching child config "con5" with prio 10
  1634. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505> selecting proposal:
  1635. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505>   proposal matches
  1636. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  1637. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  1638. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  1639. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505> selecting traffic selectors for us:
  1640. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  1641. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505> selecting traffic selectors for other:
  1642. Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  1643. Nov 28 22:33:11 fw-1A charon[61694]: 13[CHD] <con5|505> CHILD_SA con5{104} state change: CREATED => INSTALLING
  1644. Nov 28 22:33:11 fw-1A charon[61694]: 13[CHD] <con5|505>   using AES_CBC for encryption
  1645. Nov 28 22:33:11 fw-1A charon[61694]: 13[CHD] <con5|505>   using HMAC_SHA2_256_128 for integrity
  1646. Nov 28 22:33:11 fw-1A charon[61694]: 13[CHD] <con5|505> adding inbound ESP SA
  1647. Nov 28 22:33:11 fw-1A charon[61694]: 13[CHD] <con5|505>   SPI 0xc93ed738, src 196.250.128.24 dst 197.214.xxx.yyy
  1648. Nov 28 22:33:11 fw-1A charon[61694]: 13[CHD] <con5|505> adding outbound ESP SA
  1649. Nov 28 22:33:11 fw-1A charon[61694]: 13[CHD] <con5|505>   SPI 0x078be48f, src 197.214.xxx.yyy dst 196.250.128.24
  1650. Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> CHILD_SA con5{104} established with SPIs c93ed738_i 078be48f_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  1651. Nov 28 22:33:11 fw-1A charon[61694]: 13[CHD] <con5|505> CHILD_SA con5{104} state change: INSTALLING => INSTALLED
  1652. Nov 28 22:33:11 fw-1A charon[61694]: 13[ENC] <con5|505> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  1653. Nov 28 22:33:11 fw-1A charon[61694]: 13[NET] <con5|505> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  1654. Nov 28 22:33:11 fw-1A charon[61694]: 13[NET] <con5|505> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (256 bytes)
  1655. Nov 28 22:33:11 fw-1A charon[61694]: 13[ENC] <con5|505> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  1656. Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> received DELETE for IKE_SA con5[505]
  1657. Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> deleting IKE_SA con5[505] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  1658. Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> IKE_SA con5[505] state change: ESTABLISHED => DELETING
  1659. Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> IKE_SA deleted
  1660. Nov 28 22:33:11 fw-1A charon[61694]: 13[ENC] <con5|505> generating INFORMATIONAL response 2 [ ]
  1661. Nov 28 22:33:11 fw-1A charon[61694]: 13[NET] <con5|505> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  1662. Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> IKE_SA con5[505] state change: DELETING => DESTROYING
  1663. Nov 28 22:33:11 fw-1A charon[61694]: 13[CHD] <con5|505> CHILD_SA con5{104} state change: INSTALLED => DESTROYING
  1664. Nov 28 22:33:12 fw-1A charon[61694]: 09[CFG] vici client 324 connected
  1665. Nov 28 22:33:12 fw-1A charon[61694]: 11[CFG] vici client 324 registered for: list-sa
  1666. Nov 28 22:33:12 fw-1A charon[61694]: 09[CFG] vici client 324 requests: list-sas
  1667. Nov 28 22:33:12 fw-1A charon[61694]: 11[CFG] vici client 324 disconnected
  1668. Nov 28 22:33:13 fw-1A charon[61694]: 11[NET] <506> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  1669. Nov 28 22:33:13 fw-1A charon[61694]: 11[ENC] <506> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  1670. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  1671. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  1672. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1673. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1674. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1675. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1676. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  1677. Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <506> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  1678. Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <506> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  1679. Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <506> 196.250.128.24 is initiating an IKE_SA
  1680. Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <506> IKE_SA (unnamed)[506] state change: CREATED => CONNECTING
  1681. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506> selecting proposal:
  1682. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506>   proposal matches
  1683. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1684. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1685. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1686. Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <506> remote host is behind NAT
  1687. Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <506> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  1688. Nov 28 22:33:13 fw-1A charon[61694]: 11[ENC] <506> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  1689. Nov 28 22:33:13 fw-1A charon[61694]: 11[NET] <506> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  1690. Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|500> retransmit 2 of request with message ID 1
  1691. Nov 28 22:33:13 fw-1A charon[61694]: 11[NET] <con5|500> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (272 bytes)
  1692. Nov 28 22:33:13 fw-1A charon[61694]: 11[NET] <506> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (416 bytes)
  1693. Nov 28 22:33:13 fw-1A charon[61694]: 11[ENC] <506> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  1694. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  1695. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506>   candidate "con5", match: 1/1/3100 (me/other/ike)
  1696. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  1697. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506> selected peer config 'con5'
  1698. Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> authentication of '20.0.0.100' with pre-shared key successful
  1699. Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  1700. Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> successfully created shared key MAC
  1701. Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> IKE_SA con5[506] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  1702. Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> IKE_SA con5[506] state change: CONNECTING => ESTABLISHED
  1703. Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> scheduling rekeying in 24980s
  1704. Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> maximum IKE_SA lifetime 27860s
  1705. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  1706. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506> proposing traffic selectors for us:
  1707. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506>  192.168.152.0/29|/0
  1708. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506> proposing traffic selectors for other:
  1709. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506>  192.168.0.0/24|/0
  1710. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506>   candidate "con5" with prio 5+5
  1711. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506> found matching child config "con5" with prio 10
  1712. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506> selecting proposal:
  1713. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506>   proposal matches
  1714. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  1715. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  1716. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  1717. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506> selecting traffic selectors for us:
  1718. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  1719. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506> selecting traffic selectors for other:
  1720. Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  1721. Nov 28 22:33:13 fw-1A charon[61694]: 11[CHD] <con5|506> CHILD_SA con5{105} state change: CREATED => INSTALLING
  1722. Nov 28 22:33:13 fw-1A charon[61694]: 11[CHD] <con5|506>   using AES_CBC for encryption
  1723. Nov 28 22:33:13 fw-1A charon[61694]: 11[CHD] <con5|506>   using HMAC_SHA2_256_128 for integrity
  1724. Nov 28 22:33:13 fw-1A charon[61694]: 11[CHD] <con5|506> adding inbound ESP SA
  1725. Nov 28 22:33:13 fw-1A charon[61694]: 11[CHD] <con5|506>   SPI 0xcbe7fb7e, src 196.250.128.24 dst 197.214.xxx.yyy
  1726. Nov 28 22:33:13 fw-1A charon[61694]: 11[CHD] <con5|506> adding outbound ESP SA
  1727. Nov 28 22:33:13 fw-1A charon[61694]: 11[CHD] <con5|506>   SPI 0x0ccae478, src 197.214.xxx.yyy dst 196.250.128.24
  1728. Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> CHILD_SA con5{105} established with SPIs cbe7fb7e_i 0ccae478_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  1729. Nov 28 22:33:13 fw-1A charon[61694]: 11[CHD] <con5|506> CHILD_SA con5{105} state change: INSTALLING => INSTALLED
  1730. Nov 28 22:33:13 fw-1A charon[61694]: 11[ENC] <con5|506> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  1731. Nov 28 22:33:13 fw-1A charon[61694]: 11[NET] <con5|506> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  1732. Nov 28 22:33:13 fw-1A charon[61694]: 11[NET] <con5|506> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (240 bytes)
  1733. Nov 28 22:33:13 fw-1A charon[61694]: 11[ENC] <con5|506> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  1734. Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> received DELETE for IKE_SA con5[506]
  1735. Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> deleting IKE_SA con5[506] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  1736. Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> IKE_SA con5[506] state change: ESTABLISHED => DELETING
  1737. Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> IKE_SA deleted
  1738. Nov 28 22:33:13 fw-1A charon[61694]: 11[ENC] <con5|506> generating INFORMATIONAL response 2 [ ]
  1739. Nov 28 22:33:13 fw-1A charon[61694]: 11[NET] <con5|506> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  1740. Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> IKE_SA con5[506] state change: DELETING => DESTROYING
  1741. Nov 28 22:33:13 fw-1A charon[61694]: 11[CHD] <con5|506> CHILD_SA con5{105} state change: INSTALLED => DESTROYING
  1742. Nov 28 22:33:14 fw-1A charon[61694]: 09[KNL] creating acquire job for policy 197.214.xxx.yyy/32|/0 === 196.250.128.24/32|/0 with reqid {2}
  1743. Nov 28 22:33:14 fw-1A charon[61694]: 11[CFG] ignoring acquire for reqid 2, connection attempt pending
  1744. Nov 28 22:33:15 fw-1A charon[61694]: 11[NET] <507> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  1745. Nov 28 22:33:15 fw-1A charon[61694]: 11[ENC] <507> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  1746. Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  1747. Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  1748. Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1749. Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1750. Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1751. Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1752. Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  1753. Nov 28 22:33:15 fw-1A charon[61694]: 11[IKE] <507> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  1754. Nov 28 22:33:15 fw-1A charon[61694]: 11[IKE] <507> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  1755. Nov 28 22:33:15 fw-1A charon[61694]: 11[IKE] <507> 196.250.128.24 is initiating an IKE_SA
  1756. Nov 28 22:33:15 fw-1A charon[61694]: 11[IKE] <507> IKE_SA (unnamed)[507] state change: CREATED => CONNECTING
  1757. Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507> selecting proposal:
  1758. Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507>   proposal matches
  1759. Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1760. Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1761. Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1762. Nov 28 22:33:15 fw-1A charon[61694]: 11[IKE] <507> remote host is behind NAT
  1763. Nov 28 22:33:15 fw-1A charon[61694]: 11[IKE] <507> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  1764. Nov 28 22:33:15 fw-1A charon[61694]: 11[ENC] <507> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  1765. Nov 28 22:33:15 fw-1A charon[61694]: 11[NET] <507> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  1766. Nov 28 22:33:16 fw-1A charon[61694]: 11[NET] <507> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (480 bytes)
  1767. Nov 28 22:33:16 fw-1A charon[61694]: 11[ENC] <507> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  1768. Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <507> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  1769. Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <507>   candidate "con5", match: 1/1/3100 (me/other/ike)
  1770. Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <507>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  1771. Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507> selected peer config 'con5'
  1772. Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> authentication of '20.0.0.100' with pre-shared key successful
  1773. Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  1774. Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> successfully created shared key MAC
  1775. Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> IKE_SA con5[507] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  1776. Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> IKE_SA con5[507] state change: CONNECTING => ESTABLISHED
  1777. Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> scheduling rekeying in 23264s
  1778. Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> maximum IKE_SA lifetime 26144s
  1779. Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  1780. Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507> proposing traffic selectors for us:
  1781. Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507>  192.168.152.0/29|/0
  1782. Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507> proposing traffic selectors for other:
  1783. Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507>  192.168.0.0/24|/0
  1784. Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507>   candidate "con5" with prio 5+5
  1785. Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507> found matching child config "con5" with prio 10
  1786. Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507> selecting proposal:
  1787. Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507>   proposal matches
  1788. Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  1789. Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  1790. Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  1791. Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507> selecting traffic selectors for us:
  1792. Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  1793. Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507> selecting traffic selectors for other:
  1794. Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  1795. Nov 28 22:33:16 fw-1A charon[61694]: 11[CHD] <con5|507> CHILD_SA con5{106} state change: CREATED => INSTALLING
  1796. Nov 28 22:33:16 fw-1A charon[61694]: 11[CHD] <con5|507>   using AES_CBC for encryption
  1797. Nov 28 22:33:16 fw-1A charon[61694]: 11[CHD] <con5|507>   using HMAC_SHA2_256_128 for integrity
  1798. Nov 28 22:33:16 fw-1A charon[61694]: 11[CHD] <con5|507> adding inbound ESP SA
  1799. Nov 28 22:33:16 fw-1A charon[61694]: 11[CHD] <con5|507>   SPI 0xcddd25a1, src 196.250.128.24 dst 197.214.xxx.yyy
  1800. Nov 28 22:33:16 fw-1A charon[61694]: 11[CHD] <con5|507> adding outbound ESP SA
  1801. Nov 28 22:33:16 fw-1A charon[61694]: 11[CHD] <con5|507>   SPI 0x01d6cf21, src 197.214.xxx.yyy dst 196.250.128.24
  1802. Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> CHILD_SA con5{106} established with SPIs cddd25a1_i 01d6cf21_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  1803. Nov 28 22:33:16 fw-1A charon[61694]: 11[CHD] <con5|507> CHILD_SA con5{106} state change: INSTALLING => INSTALLED
  1804. Nov 28 22:33:16 fw-1A charon[61694]: 11[ENC] <con5|507> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  1805. Nov 28 22:33:16 fw-1A charon[61694]: 11[NET] <con5|507> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  1806. Nov 28 22:33:16 fw-1A charon[61694]: 11[NET] <con5|507> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (224 bytes)
  1807. Nov 28 22:33:16 fw-1A charon[61694]: 11[ENC] <con5|507> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  1808. Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> received DELETE for IKE_SA con5[507]
  1809. Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> deleting IKE_SA con5[507] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  1810. Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> IKE_SA con5[507] state change: ESTABLISHED => DELETING
  1811. Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> IKE_SA deleted
  1812. Nov 28 22:33:16 fw-1A charon[61694]: 11[ENC] <con5|507> generating INFORMATIONAL response 2 [ ]
  1813. Nov 28 22:33:16 fw-1A charon[61694]: 11[NET] <con5|507> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  1814. Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> IKE_SA con5[507] state change: DELETING => DESTROYING
  1815. Nov 28 22:33:16 fw-1A charon[61694]: 11[CHD] <con5|507> CHILD_SA con5{106} state change: INSTALLED => DESTROYING
  1816. Nov 28 22:33:17 fw-1A charon[61694]: 11[CFG] vici client 325 connected
  1817. Nov 28 22:33:17 fw-1A charon[61694]: 12[CFG] vici client 325 registered for: list-sa
  1818. Nov 28 22:33:17 fw-1A charon[61694]: 12[CFG] vici client 325 requests: list-sas
  1819. Nov 28 22:33:17 fw-1A charon[61694]: 05[CFG] vici client 325 disconnected
  1820. Nov 28 22:33:18 fw-1A charon[61694]: 05[NET] <508> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  1821. Nov 28 22:33:18 fw-1A charon[61694]: 05[ENC] <508> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  1822. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  1823. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  1824. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1825. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1826. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1827. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1828. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  1829. Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <508> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  1830. Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <508> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  1831. Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <508> 196.250.128.24 is initiating an IKE_SA
  1832. Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <508> IKE_SA (unnamed)[508] state change: CREATED => CONNECTING
  1833. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508> selecting proposal:
  1834. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508>   proposal matches
  1835. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1836. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1837. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1838. Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <508> remote host is behind NAT
  1839. Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <508> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  1840. Nov 28 22:33:18 fw-1A charon[61694]: 05[ENC] <508> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  1841. Nov 28 22:33:18 fw-1A charon[61694]: 05[NET] <508> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  1842. Nov 28 22:33:18 fw-1A charon[61694]: 05[NET] <508> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  1843. Nov 28 22:33:18 fw-1A charon[61694]: 05[ENC] <508> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  1844. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  1845. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508>   candidate "con5", match: 1/1/3100 (me/other/ike)
  1846. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  1847. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508> selected peer config 'con5'
  1848. Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> authentication of '20.0.0.100' with pre-shared key successful
  1849. Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  1850. Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> successfully created shared key MAC
  1851. Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> IKE_SA con5[508] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  1852. Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> IKE_SA con5[508] state change: CONNECTING => ESTABLISHED
  1853. Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> scheduling rekeying in 24090s
  1854. Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> maximum IKE_SA lifetime 26970s
  1855. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  1856. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508> proposing traffic selectors for us:
  1857. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508>  192.168.152.0/29|/0
  1858. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508> proposing traffic selectors for other:
  1859. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508>  192.168.0.0/24|/0
  1860. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508>   candidate "con5" with prio 5+5
  1861. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508> found matching child config "con5" with prio 10
  1862. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508> selecting proposal:
  1863. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508>   proposal matches
  1864. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  1865. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  1866. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  1867. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508> selecting traffic selectors for us:
  1868. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  1869. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508> selecting traffic selectors for other:
  1870. Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  1871. Nov 28 22:33:18 fw-1A charon[61694]: 05[CHD] <con5|508> CHILD_SA con5{107} state change: CREATED => INSTALLING
  1872. Nov 28 22:33:18 fw-1A charon[61694]: 05[CHD] <con5|508>   using AES_CBC for encryption
  1873. Nov 28 22:33:18 fw-1A charon[61694]: 05[CHD] <con5|508>   using HMAC_SHA2_256_128 for integrity
  1874. Nov 28 22:33:18 fw-1A charon[61694]: 05[CHD] <con5|508> adding inbound ESP SA
  1875. Nov 28 22:33:18 fw-1A charon[61694]: 05[CHD] <con5|508>   SPI 0xc97c52ca, src 196.250.128.24 dst 197.214.xxx.yyy
  1876. Nov 28 22:33:18 fw-1A charon[61694]: 05[CHD] <con5|508> adding outbound ESP SA
  1877. Nov 28 22:33:18 fw-1A charon[61694]: 05[CHD] <con5|508>   SPI 0x04e45bf1, src 197.214.xxx.yyy dst 196.250.128.24
  1878. Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> CHILD_SA con5{107} established with SPIs c97c52ca_i 04e45bf1_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  1879. Nov 28 22:33:18 fw-1A charon[61694]: 05[CHD] <con5|508> CHILD_SA con5{107} state change: INSTALLING => INSTALLED
  1880. Nov 28 22:33:18 fw-1A charon[61694]: 05[ENC] <con5|508> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  1881. Nov 28 22:33:18 fw-1A charon[61694]: 05[NET] <con5|508> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  1882. Nov 28 22:33:18 fw-1A charon[61694]: 05[NET] <con5|508> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (256 bytes)
  1883. Nov 28 22:33:18 fw-1A charon[61694]: 05[ENC] <con5|508> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  1884. Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> received DELETE for IKE_SA con5[508]
  1885. Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> deleting IKE_SA con5[508] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  1886. Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> IKE_SA con5[508] state change: ESTABLISHED => DELETING
  1887. Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> IKE_SA deleted
  1888. Nov 28 22:33:18 fw-1A charon[61694]: 05[ENC] <con5|508> generating INFORMATIONAL response 2 [ ]
  1889. Nov 28 22:33:18 fw-1A charon[61694]: 05[NET] <con5|508> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  1890. Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> IKE_SA con5[508] state change: DELETING => DESTROYING
  1891. Nov 28 22:33:18 fw-1A charon[61694]: 05[CHD] <con5|508> CHILD_SA con5{107} state change: INSTALLED => DESTROYING
  1892. Nov 28 22:33:19 fw-1A charon[61694]: 06[NET] <509> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  1893. Nov 28 22:33:19 fw-1A charon[61694]: 06[ENC] <509> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  1894. Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  1895. Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  1896. Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1897. Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1898. Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1899. Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1900. Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  1901. Nov 28 22:33:19 fw-1A charon[61694]: 06[IKE] <509> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  1902. Nov 28 22:33:19 fw-1A charon[61694]: 06[IKE] <509> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  1903. Nov 28 22:33:19 fw-1A charon[61694]: 06[IKE] <509> 196.250.128.24 is initiating an IKE_SA
  1904. Nov 28 22:33:19 fw-1A charon[61694]: 06[IKE] <509> IKE_SA (unnamed)[509] state change: CREATED => CONNECTING
  1905. Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509> selecting proposal:
  1906. Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509>   proposal matches
  1907. Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1908. Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1909. Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1910. Nov 28 22:33:19 fw-1A charon[61694]: 06[IKE] <509> remote host is behind NAT
  1911. Nov 28 22:33:19 fw-1A charon[61694]: 06[IKE] <509> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  1912. Nov 28 22:33:19 fw-1A charon[61694]: 06[ENC] <509> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  1913. Nov 28 22:33:19 fw-1A charon[61694]: 06[NET] <509> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  1914. Nov 28 22:33:20 fw-1A charon[61694]: 06[NET] <509> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (464 bytes)
  1915. Nov 28 22:33:20 fw-1A charon[61694]: 06[ENC] <509> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  1916. Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <509> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  1917. Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <509>   candidate "con5", match: 1/1/3100 (me/other/ike)
  1918. Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <509>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  1919. Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509> selected peer config 'con5'
  1920. Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> authentication of '20.0.0.100' with pre-shared key successful
  1921. Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  1922. Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> successfully created shared key MAC
  1923. Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> IKE_SA con5[509] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  1924. Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> IKE_SA con5[509] state change: CONNECTING => ESTABLISHED
  1925. Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> scheduling rekeying in 24386s
  1926. Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> maximum IKE_SA lifetime 27266s
  1927. Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  1928. Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509> proposing traffic selectors for us:
  1929. Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509>  192.168.152.0/29|/0
  1930. Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509> proposing traffic selectors for other:
  1931. Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509>  192.168.0.0/24|/0
  1932. Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509>   candidate "con5" with prio 5+5
  1933. Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509> found matching child config "con5" with prio 10
  1934. Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509> selecting proposal:
  1935. Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509>   proposal matches
  1936. Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  1937. Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  1938. Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  1939. Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509> selecting traffic selectors for us:
  1940. Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  1941. Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509> selecting traffic selectors for other:
  1942. Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  1943. Nov 28 22:33:20 fw-1A charon[61694]: 06[CHD] <con5|509> CHILD_SA con5{108} state change: CREATED => INSTALLING
  1944. Nov 28 22:33:20 fw-1A charon[61694]: 06[CHD] <con5|509>   using AES_CBC for encryption
  1945. Nov 28 22:33:20 fw-1A charon[61694]: 06[CHD] <con5|509>   using HMAC_SHA2_256_128 for integrity
  1946. Nov 28 22:33:20 fw-1A charon[61694]: 06[CHD] <con5|509> adding inbound ESP SA
  1947. Nov 28 22:33:20 fw-1A charon[61694]: 06[CHD] <con5|509>   SPI 0xc7c5b389, src 196.250.128.24 dst 197.214.xxx.yyy
  1948. Nov 28 22:33:20 fw-1A charon[61694]: 06[CHD] <con5|509> adding outbound ESP SA
  1949. Nov 28 22:33:20 fw-1A charon[61694]: 06[CHD] <con5|509>   SPI 0x0c046a0d, src 197.214.xxx.yyy dst 196.250.128.24
  1950. Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> CHILD_SA con5{108} established with SPIs c7c5b389_i 0c046a0d_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  1951. Nov 28 22:33:20 fw-1A charon[61694]: 06[CHD] <con5|509> CHILD_SA con5{108} state change: INSTALLING => INSTALLED
  1952. Nov 28 22:33:20 fw-1A charon[61694]: 06[ENC] <con5|509> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  1953. Nov 28 22:33:20 fw-1A charon[61694]: 06[NET] <con5|509> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  1954. Nov 28 22:33:20 fw-1A charon[61694]: 06[NET] <con5|509> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (272 bytes)
  1955. Nov 28 22:33:20 fw-1A charon[61694]: 06[ENC] <con5|509> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  1956. Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> received DELETE for IKE_SA con5[509]
  1957. Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> deleting IKE_SA con5[509] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  1958. Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> IKE_SA con5[509] state change: ESTABLISHED => DELETING
  1959. Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> IKE_SA deleted
  1960. Nov 28 22:33:20 fw-1A charon[61694]: 06[ENC] <con5|509> generating INFORMATIONAL response 2 [ ]
  1961. Nov 28 22:33:20 fw-1A charon[61694]: 06[NET] <con5|509> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  1962. Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> IKE_SA con5[509] state change: DELETING => DESTROYING
  1963. Nov 28 22:33:20 fw-1A charon[61694]: 06[CHD] <con5|509> CHILD_SA con5{108} state change: INSTALLED => DESTROYING
  1964. Nov 28 22:33:21 fw-1A charon[61694]: 06[NET] <510> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  1965. Nov 28 22:33:21 fw-1A charon[61694]: 06[ENC] <510> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  1966. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  1967. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  1968. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1969. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1970. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1971. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  1972. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  1973. Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <510> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  1974. Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <510> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  1975. Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <510> 196.250.128.24 is initiating an IKE_SA
  1976. Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <510> IKE_SA (unnamed)[510] state change: CREATED => CONNECTING
  1977. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510> selecting proposal:
  1978. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510>   proposal matches
  1979. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1980. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1981. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  1982. Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <510> remote host is behind NAT
  1983. Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <510> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  1984. Nov 28 22:33:21 fw-1A charon[61694]: 06[ENC] <510> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  1985. Nov 28 22:33:21 fw-1A charon[61694]: 06[NET] <510> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  1986. Nov 28 22:33:21 fw-1A charon[61694]: 06[NET] <510> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  1987. Nov 28 22:33:21 fw-1A charon[61694]: 06[ENC] <510> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  1988. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  1989. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510>   candidate "con5", match: 1/1/3100 (me/other/ike)
  1990. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  1991. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510> selected peer config 'con5'
  1992. Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> authentication of '20.0.0.100' with pre-shared key successful
  1993. Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  1994. Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> successfully created shared key MAC
  1995. Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> IKE_SA con5[510] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  1996. Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> IKE_SA con5[510] state change: CONNECTING => ESTABLISHED
  1997. Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> scheduling rekeying in 25333s
  1998. Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> maximum IKE_SA lifetime 28213s
  1999. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2000. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510> proposing traffic selectors for us:
  2001. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510>  192.168.152.0/29|/0
  2002. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510> proposing traffic selectors for other:
  2003. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510>  192.168.0.0/24|/0
  2004. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510>   candidate "con5" with prio 5+5
  2005. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510> found matching child config "con5" with prio 10
  2006. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510> selecting proposal:
  2007. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510>   proposal matches
  2008. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2009. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  2010. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2011. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510> selecting traffic selectors for us:
  2012. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  2013. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510> selecting traffic selectors for other:
  2014. Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  2015. Nov 28 22:33:21 fw-1A charon[61694]: 06[CHD] <con5|510> CHILD_SA con5{109} state change: CREATED => INSTALLING
  2016. Nov 28 22:33:21 fw-1A charon[61694]: 06[CHD] <con5|510>   using AES_CBC for encryption
  2017. Nov 28 22:33:21 fw-1A charon[61694]: 06[CHD] <con5|510>   using HMAC_SHA2_256_128 for integrity
  2018. Nov 28 22:33:21 fw-1A charon[61694]: 06[CHD] <con5|510> adding inbound ESP SA
  2019. Nov 28 22:33:21 fw-1A charon[61694]: 06[CHD] <con5|510>   SPI 0xc9cbb3c8, src 196.250.128.24 dst 197.214.xxx.yyy
  2020. Nov 28 22:33:21 fw-1A charon[61694]: 06[CHD] <con5|510> adding outbound ESP SA
  2021. Nov 28 22:33:21 fw-1A charon[61694]: 06[CHD] <con5|510>   SPI 0x04db23c4, src 197.214.xxx.yyy dst 196.250.128.24
  2022. Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> CHILD_SA con5{109} established with SPIs c9cbb3c8_i 04db23c4_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2023. Nov 28 22:33:21 fw-1A charon[61694]: 06[CHD] <con5|510> CHILD_SA con5{109} state change: INSTALLING => INSTALLED
  2024. Nov 28 22:33:21 fw-1A charon[61694]: 06[ENC] <con5|510> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  2025. Nov 28 22:33:21 fw-1A charon[61694]: 06[NET] <con5|510> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  2026. Nov 28 22:33:21 fw-1A charon[61694]: 06[NET] <con5|510> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (256 bytes)
  2027. Nov 28 22:33:21 fw-1A charon[61694]: 06[ENC] <con5|510> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  2028. Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> received DELETE for IKE_SA con5[510]
  2029. Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> deleting IKE_SA con5[510] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2030. Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> IKE_SA con5[510] state change: ESTABLISHED => DELETING
  2031. Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> IKE_SA deleted
  2032. Nov 28 22:33:21 fw-1A charon[61694]: 06[ENC] <con5|510> generating INFORMATIONAL response 2 [ ]
  2033. Nov 28 22:33:21 fw-1A charon[61694]: 06[NET] <con5|510> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  2034. Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> IKE_SA con5[510] state change: DELETING => DESTROYING
  2035. Nov 28 22:33:21 fw-1A charon[61694]: 06[CHD] <con5|510> CHILD_SA con5{109} state change: INSTALLED => DESTROYING
  2036. Nov 28 22:33:22 fw-1A charon[61694]: 10[CFG] vici client 326 connected
  2037. Nov 28 22:33:22 fw-1A charon[61694]: 14[CFG] vici client 326 registered for: list-sa
  2038. Nov 28 22:33:22 fw-1A charon[61694]: 06[CFG] vici client 326 requests: list-sas
  2039. Nov 28 22:33:22 fw-1A charon[61694]: 14[CFG] vici client 326 disconnected
  2040. Nov 28 22:33:23 fw-1A charon[61694]: 06[NET] <511> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  2041. Nov 28 22:33:23 fw-1A charon[61694]: 06[ENC] <511> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  2042. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  2043. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  2044. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2045. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2046. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2047. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2048. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  2049. Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <511> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  2050. Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <511> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  2051. Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <511> 196.250.128.24 is initiating an IKE_SA
  2052. Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <511> IKE_SA (unnamed)[511] state change: CREATED => CONNECTING
  2053. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511> selecting proposal:
  2054. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511>   proposal matches
  2055. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2056. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2057. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2058. Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <511> remote host is behind NAT
  2059. Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <511> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  2060. Nov 28 22:33:23 fw-1A charon[61694]: 06[ENC] <511> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  2061. Nov 28 22:33:23 fw-1A charon[61694]: 06[NET] <511> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  2062. Nov 28 22:33:23 fw-1A charon[61694]: 06[NET] <511> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (480 bytes)
  2063. Nov 28 22:33:23 fw-1A charon[61694]: 06[ENC] <511> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  2064. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  2065. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511>   candidate "con5", match: 1/1/3100 (me/other/ike)
  2066. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  2067. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511> selected peer config 'con5'
  2068. Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> authentication of '20.0.0.100' with pre-shared key successful
  2069. Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  2070. Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> successfully created shared key MAC
  2071. Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> IKE_SA con5[511] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2072. Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> IKE_SA con5[511] state change: CONNECTING => ESTABLISHED
  2073. Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> scheduling rekeying in 24949s
  2074. Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> maximum IKE_SA lifetime 27829s
  2075. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2076. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511> proposing traffic selectors for us:
  2077. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511>  192.168.152.0/29|/0
  2078. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511> proposing traffic selectors for other:
  2079. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511>  192.168.0.0/24|/0
  2080. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511>   candidate "con5" with prio 5+5
  2081. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511> found matching child config "con5" with prio 10
  2082. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511> selecting proposal:
  2083. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511>   proposal matches
  2084. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2085. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  2086. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2087. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511> selecting traffic selectors for us:
  2088. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  2089. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511> selecting traffic selectors for other:
  2090. Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  2091. Nov 28 22:33:23 fw-1A charon[61694]: 06[CHD] <con5|511> CHILD_SA con5{110} state change: CREATED => INSTALLING
  2092. Nov 28 22:33:23 fw-1A charon[61694]: 06[CHD] <con5|511>   using AES_CBC for encryption
  2093. Nov 28 22:33:23 fw-1A charon[61694]: 06[CHD] <con5|511>   using HMAC_SHA2_256_128 for integrity
  2094. Nov 28 22:33:23 fw-1A charon[61694]: 06[CHD] <con5|511> adding inbound ESP SA
  2095. Nov 28 22:33:23 fw-1A charon[61694]: 06[CHD] <con5|511>   SPI 0xcef661c0, src 196.250.128.24 dst 197.214.xxx.yyy
  2096. Nov 28 22:33:23 fw-1A charon[61694]: 06[CHD] <con5|511> adding outbound ESP SA
  2097. Nov 28 22:33:23 fw-1A charon[61694]: 06[CHD] <con5|511>   SPI 0x080c67f0, src 197.214.xxx.yyy dst 196.250.128.24
  2098. Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> CHILD_SA con5{110} established with SPIs cef661c0_i 080c67f0_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2099. Nov 28 22:33:23 fw-1A charon[61694]: 06[CHD] <con5|511> CHILD_SA con5{110} state change: INSTALLING => INSTALLED
  2100. Nov 28 22:33:23 fw-1A charon[61694]: 06[ENC] <con5|511> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  2101. Nov 28 22:33:23 fw-1A charon[61694]: 06[NET] <con5|511> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  2102. Nov 28 22:33:23 fw-1A charon[61694]: 06[NET] <con5|511> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (288 bytes)
  2103. Nov 28 22:33:23 fw-1A charon[61694]: 06[ENC] <con5|511> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  2104. Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> received DELETE for IKE_SA con5[511]
  2105. Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> deleting IKE_SA con5[511] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2106. Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> IKE_SA con5[511] state change: ESTABLISHED => DELETING
  2107. Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> IKE_SA deleted
  2108. Nov 28 22:33:23 fw-1A charon[61694]: 06[ENC] <con5|511> generating INFORMATIONAL response 2 [ ]
  2109. Nov 28 22:33:23 fw-1A charon[61694]: 06[NET] <con5|511> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  2110. Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> IKE_SA con5[511] state change: DELETING => DESTROYING
  2111. Nov 28 22:33:23 fw-1A charon[61694]: 06[CHD] <con5|511> CHILD_SA con5{110} state change: INSTALLED => DESTROYING
  2112. Nov 28 22:33:24 fw-1A charon[61694]: 06[NET] <512> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  2113. Nov 28 22:33:24 fw-1A charon[61694]: 06[ENC] <512> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  2114. Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  2115. Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  2116. Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2117. Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2118. Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2119. Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2120. Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  2121. Nov 28 22:33:24 fw-1A charon[61694]: 06[IKE] <512> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  2122. Nov 28 22:33:24 fw-1A charon[61694]: 06[IKE] <512> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  2123. Nov 28 22:33:24 fw-1A charon[61694]: 06[IKE] <512> 196.250.128.24 is initiating an IKE_SA
  2124. Nov 28 22:33:24 fw-1A charon[61694]: 06[IKE] <512> IKE_SA (unnamed)[512] state change: CREATED => CONNECTING
  2125. Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512> selecting proposal:
  2126. Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512>   proposal matches
  2127. Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2128. Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2129. Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2130. Nov 28 22:33:24 fw-1A charon[61694]: 06[IKE] <512> remote host is behind NAT
  2131. Nov 28 22:33:24 fw-1A charon[61694]: 06[IKE] <512> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  2132. Nov 28 22:33:24 fw-1A charon[61694]: 06[ENC] <512> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  2133. Nov 28 22:33:24 fw-1A charon[61694]: 06[NET] <512> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  2134. Nov 28 22:33:25 fw-1A charon[61694]: 06[NET] <512> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (416 bytes)
  2135. Nov 28 22:33:25 fw-1A charon[61694]: 06[ENC] <512> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  2136. Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <512> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  2137. Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <512>   candidate "con5", match: 1/1/3100 (me/other/ike)
  2138. Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <512>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  2139. Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512> selected peer config 'con5'
  2140. Nov 28 22:33:25 fw-1A charon[61694]: 06[IKE] <con5|512> authentication of '20.0.0.100' with pre-shared key successful
  2141. Nov 28 22:33:25 fw-1A charon[61694]: 06[IKE] <con5|512> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  2142. Nov 28 22:33:25 fw-1A charon[61694]: 06[IKE] <con5|512> successfully created shared key MAC
  2143. Nov 28 22:33:25 fw-1A charon[61694]: 06[IKE] <con5|512> IKE_SA con5[512] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2144. Nov 28 22:33:25 fw-1A charon[61694]: 06[IKE] <con5|512> IKE_SA con5[512] state change: CONNECTING => ESTABLISHED
  2145. Nov 28 22:33:25 fw-1A charon[61694]: 06[IKE] <con5|512> scheduling rekeying in 24417s
  2146. Nov 28 22:33:25 fw-1A charon[61694]: 06[IKE] <con5|512> maximum IKE_SA lifetime 27297s
  2147. Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2148. Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512> proposing traffic selectors for us:
  2149. Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512>  192.168.152.0/29|/0
  2150. Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512> proposing traffic selectors for other:
  2151. Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512>  192.168.0.0/24|/0
  2152. Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512>   candidate "con5" with prio 5+5
  2153. Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512> found matching child config "con5" with prio 10
  2154. Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512> selecting proposal:
  2155. Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512>   proposal matches
  2156. Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2157. Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  2158. Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2159. Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512> selecting traffic selectors for us:
  2160. Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  2161. Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512> selecting traffic selectors for other:
  2162. Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  2163. Nov 28 22:33:25 fw-1A charon[61694]: 06[CHD] <con5|512> CHILD_SA con5{111} state change: CREATED => INSTALLING
  2164. Nov 28 22:33:25 fw-1A charon[61694]: 06[CHD] <con5|512>   using AES_CBC for encryption
  2165. Nov 28 22:33:25 fw-1A charon[61694]: 06[CHD] <con5|512>   using HMAC_SHA2_256_128 for integrity
  2166. Nov 28 22:33:25 fw-1A charon[61694]: 06[CHD] <con5|512> adding inbound ESP SA
  2167. Nov 28 22:33:25 fw-1A charon[61694]: 06[CHD] <con5|512>   SPI 0xc3f36f40, src 196.250.128.24 dst 197.214.xxx.yyy
  2168. Nov 28 22:33:25 fw-1A charon[61694]: 06[CHD] <con5|512> adding outbound ESP SA
  2169. Nov 28 22:33:25 fw-1A charon[61694]: 06[CHD] <con5|512>   SPI 0x0f8fdfa2, src 197.214.xxx.yyy dst 196.250.128.24
  2170. Nov 28 22:33:25 fw-1A charon[61694]: 06[IKE] <con5|512> CHILD_SA con5{111} established with SPIs c3f36f40_i 0f8fdfa2_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2171. Nov 28 22:33:25 fw-1A charon[61694]: 06[CHD] <con5|512> CHILD_SA con5{111} state change: INSTALLING => INSTALLED
  2172. Nov 28 22:33:25 fw-1A charon[61694]: 06[ENC] <con5|512> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  2173. Nov 28 22:33:25 fw-1A charon[61694]: 06[NET] <con5|512> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  2174. Nov 28 22:33:25 fw-1A charon[61694]: 07[NET] <con5|512> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (288 bytes)
  2175. Nov 28 22:33:25 fw-1A charon[61694]: 07[ENC] <con5|512> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  2176. Nov 28 22:33:25 fw-1A charon[61694]: 07[IKE] <con5|512> received DELETE for IKE_SA con5[512]
  2177. Nov 28 22:33:25 fw-1A charon[61694]: 07[IKE] <con5|512> deleting IKE_SA con5[512] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2178. Nov 28 22:33:25 fw-1A charon[61694]: 07[IKE] <con5|512> IKE_SA con5[512] state change: ESTABLISHED => DELETING
  2179. Nov 28 22:33:25 fw-1A charon[61694]: 07[IKE] <con5|512> IKE_SA deleted
  2180. Nov 28 22:33:25 fw-1A charon[61694]: 07[ENC] <con5|512> generating INFORMATIONAL response 2 [ ]
  2181. Nov 28 22:33:25 fw-1A charon[61694]: 07[NET] <con5|512> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  2182. Nov 28 22:33:25 fw-1A charon[61694]: 07[IKE] <con5|512> IKE_SA con5[512] state change: DELETING => DESTROYING
  2183. Nov 28 22:33:25 fw-1A charon[61694]: 07[CHD] <con5|512> CHILD_SA con5{111} state change: INSTALLED => DESTROYING
  2184. Nov 28 22:33:26 fw-1A charon[61694]: 07[IKE] <con5|500> retransmit 3 of request with message ID 1
  2185. Nov 28 22:33:26 fw-1A charon[61694]: 07[NET] <con5|500> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (272 bytes)
  2186. Nov 28 22:33:26 fw-1A charon[61694]: 07[KNL] creating acquire job for policy 197.214.xxx.yyy/32|/0 === 196.250.128.24/32|/0 with reqid {2}
  2187. Nov 28 22:33:26 fw-1A charon[61694]: 07[CFG] ignoring acquire for reqid 2, connection attempt pending
  2188. Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] vici client 327 connected
  2189. Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] vici client 327 registered for: list-sa
  2190. Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] vici client 327 requests: list-sas
  2191. Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] vici client 327 disconnected
  2192. Nov 28 22:33:27 fw-1A charon[61694]: 16[NET] <513> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  2193. Nov 28 22:33:27 fw-1A charon[61694]: 16[ENC] <513> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  2194. Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  2195. Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  2196. Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2197. Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2198. Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2199. Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2200. Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  2201. Nov 28 22:33:27 fw-1A charon[61694]: 16[IKE] <513> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  2202. Nov 28 22:33:27 fw-1A charon[61694]: 16[IKE] <513> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  2203. Nov 28 22:33:27 fw-1A charon[61694]: 16[IKE] <513> 196.250.128.24 is initiating an IKE_SA
  2204. Nov 28 22:33:27 fw-1A charon[61694]: 16[IKE] <513> IKE_SA (unnamed)[513] state change: CREATED => CONNECTING
  2205. Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513> selecting proposal:
  2206. Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513>   proposal matches
  2207. Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2208. Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2209. Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2210. Nov 28 22:33:27 fw-1A charon[61694]: 16[IKE] <513> remote host is behind NAT
  2211. Nov 28 22:33:27 fw-1A charon[61694]: 16[IKE] <513> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  2212. Nov 28 22:33:27 fw-1A charon[61694]: 16[ENC] <513> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  2213. Nov 28 22:33:27 fw-1A charon[61694]: 16[NET] <513> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  2214. Nov 28 22:33:28 fw-1A charon[61694]: 16[NET] <513> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  2215. Nov 28 22:33:28 fw-1A charon[61694]: 16[ENC] <513> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  2216. Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <513> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  2217. Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <513>   candidate "con5", match: 1/1/3100 (me/other/ike)
  2218. Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <513>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  2219. Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513> selected peer config 'con5'
  2220. Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> authentication of '20.0.0.100' with pre-shared key successful
  2221. Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  2222. Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> successfully created shared key MAC
  2223. Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> IKE_SA con5[513] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2224. Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> IKE_SA con5[513] state change: CONNECTING => ESTABLISHED
  2225. Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> scheduling rekeying in 25789s
  2226. Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> maximum IKE_SA lifetime 28669s
  2227. Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2228. Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513> proposing traffic selectors for us:
  2229. Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513>  192.168.152.0/29|/0
  2230. Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513> proposing traffic selectors for other:
  2231. Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513>  192.168.0.0/24|/0
  2232. Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513>   candidate "con5" with prio 5+5
  2233. Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513> found matching child config "con5" with prio 10
  2234. Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513> selecting proposal:
  2235. Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513>   proposal matches
  2236. Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2237. Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  2238. Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2239. Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513> selecting traffic selectors for us:
  2240. Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  2241. Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513> selecting traffic selectors for other:
  2242. Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  2243. Nov 28 22:33:28 fw-1A charon[61694]: 16[CHD] <con5|513> CHILD_SA con5{112} state change: CREATED => INSTALLING
  2244. Nov 28 22:33:28 fw-1A charon[61694]: 16[CHD] <con5|513>   using AES_CBC for encryption
  2245. Nov 28 22:33:28 fw-1A charon[61694]: 16[CHD] <con5|513>   using HMAC_SHA2_256_128 for integrity
  2246. Nov 28 22:33:28 fw-1A charon[61694]: 16[CHD] <con5|513> adding inbound ESP SA
  2247. Nov 28 22:33:28 fw-1A charon[61694]: 16[CHD] <con5|513>   SPI 0xc192f06a, src 196.250.128.24 dst 197.214.xxx.yyy
  2248. Nov 28 22:33:28 fw-1A charon[61694]: 16[CHD] <con5|513> adding outbound ESP SA
  2249. Nov 28 22:33:28 fw-1A charon[61694]: 16[CHD] <con5|513>   SPI 0x04846a05, src 197.214.xxx.yyy dst 196.250.128.24
  2250. Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> CHILD_SA con5{112} established with SPIs c192f06a_i 04846a05_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2251. Nov 28 22:33:28 fw-1A charon[61694]: 16[CHD] <con5|513> CHILD_SA con5{112} state change: INSTALLING => INSTALLED
  2252. Nov 28 22:33:28 fw-1A charon[61694]: 16[ENC] <con5|513> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  2253. Nov 28 22:33:28 fw-1A charon[61694]: 16[NET] <con5|513> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  2254. Nov 28 22:33:28 fw-1A charon[61694]: 16[NET] <con5|513> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (240 bytes)
  2255. Nov 28 22:33:28 fw-1A charon[61694]: 16[ENC] <con5|513> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  2256. Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> received DELETE for IKE_SA con5[513]
  2257. Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> deleting IKE_SA con5[513] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2258. Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> IKE_SA con5[513] state change: ESTABLISHED => DELETING
  2259. Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> IKE_SA deleted
  2260. Nov 28 22:33:28 fw-1A charon[61694]: 16[ENC] <con5|513> generating INFORMATIONAL response 2 [ ]
  2261. Nov 28 22:33:28 fw-1A charon[61694]: 16[NET] <con5|513> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  2262. Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> IKE_SA con5[513] state change: DELETING => DESTROYING
  2263. Nov 28 22:33:28 fw-1A charon[61694]: 16[CHD] <con5|513> CHILD_SA con5{112} state change: INSTALLED => DESTROYING
  2264. Nov 28 22:33:30 fw-1A charon[61694]: 13[NET] <514> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  2265. Nov 28 22:33:30 fw-1A charon[61694]: 13[ENC] <514> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  2266. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  2267. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  2268. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2269. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2270. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2271. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2272. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  2273. Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <514> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  2274. Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <514> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  2275. Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <514> 196.250.128.24 is initiating an IKE_SA
  2276. Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <514> IKE_SA (unnamed)[514] state change: CREATED => CONNECTING
  2277. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514> selecting proposal:
  2278. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514>   proposal matches
  2279. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2280. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2281. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2282. Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <514> remote host is behind NAT
  2283. Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <514> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  2284. Nov 28 22:33:30 fw-1A charon[61694]: 13[ENC] <514> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  2285. Nov 28 22:33:30 fw-1A charon[61694]: 13[NET] <514> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  2286. Nov 28 22:33:30 fw-1A charon[61694]: 13[NET] <514> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (464 bytes)
  2287. Nov 28 22:33:30 fw-1A charon[61694]: 13[ENC] <514> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  2288. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  2289. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514>   candidate "con5", match: 1/1/3100 (me/other/ike)
  2290. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  2291. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514> selected peer config 'con5'
  2292. Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> authentication of '20.0.0.100' with pre-shared key successful
  2293. Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  2294. Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> successfully created shared key MAC
  2295. Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> IKE_SA con5[514] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2296. Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> IKE_SA con5[514] state change: CONNECTING => ESTABLISHED
  2297. Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> scheduling rekeying in 23522s
  2298. Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> maximum IKE_SA lifetime 26402s
  2299. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2300. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514> proposing traffic selectors for us:
  2301. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514>  192.168.152.0/29|/0
  2302. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514> proposing traffic selectors for other:
  2303. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514>  192.168.0.0/24|/0
  2304. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514>   candidate "con5" with prio 5+5
  2305. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514> found matching child config "con5" with prio 10
  2306. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514> selecting proposal:
  2307. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514>   proposal matches
  2308. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2309. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  2310. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2311. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514> selecting traffic selectors for us:
  2312. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  2313. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514> selecting traffic selectors for other:
  2314. Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  2315. Nov 28 22:33:30 fw-1A charon[61694]: 13[CHD] <con5|514> CHILD_SA con5{113} state change: CREATED => INSTALLING
  2316. Nov 28 22:33:30 fw-1A charon[61694]: 13[CHD] <con5|514>   using AES_CBC for encryption
  2317. Nov 28 22:33:30 fw-1A charon[61694]: 13[CHD] <con5|514>   using HMAC_SHA2_256_128 for integrity
  2318. Nov 28 22:33:30 fw-1A charon[61694]: 13[CHD] <con5|514> adding inbound ESP SA
  2319. Nov 28 22:33:30 fw-1A charon[61694]: 13[CHD] <con5|514>   SPI 0xc452e5ac, src 196.250.128.24 dst 197.214.xxx.yyy
  2320. Nov 28 22:33:30 fw-1A charon[61694]: 13[CHD] <con5|514> adding outbound ESP SA
  2321. Nov 28 22:33:30 fw-1A charon[61694]: 13[CHD] <con5|514>   SPI 0x0856ef79, src 197.214.xxx.yyy dst 196.250.128.24
  2322. Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> CHILD_SA con5{113} established with SPIs c452e5ac_i 0856ef79_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2323. Nov 28 22:33:30 fw-1A charon[61694]: 13[CHD] <con5|514> CHILD_SA con5{113} state change: INSTALLING => INSTALLED
  2324. Nov 28 22:33:30 fw-1A charon[61694]: 13[ENC] <con5|514> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  2325. Nov 28 22:33:30 fw-1A charon[61694]: 13[NET] <con5|514> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  2326. Nov 28 22:33:30 fw-1A charon[61694]: 13[NET] <con5|514> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (272 bytes)
  2327. Nov 28 22:33:30 fw-1A charon[61694]: 13[ENC] <con5|514> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  2328. Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> received DELETE for IKE_SA con5[514]
  2329. Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> deleting IKE_SA con5[514] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2330. Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> IKE_SA con5[514] state change: ESTABLISHED => DELETING
  2331. Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> IKE_SA deleted
  2332. Nov 28 22:33:30 fw-1A charon[61694]: 13[ENC] <con5|514> generating INFORMATIONAL response 2 [ ]
  2333. Nov 28 22:33:30 fw-1A charon[61694]: 13[NET] <con5|514> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  2334. Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> IKE_SA con5[514] state change: DELETING => DESTROYING
  2335. Nov 28 22:33:30 fw-1A charon[61694]: 13[CHD] <con5|514> CHILD_SA con5{113} state change: INSTALLED => DESTROYING
  2336. Nov 28 22:33:32 fw-1A charon[61694]: 13[CFG] vici client 328 connected
  2337. Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] vici client 328 registered for: list-sa
  2338. Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] vici client 328 requests: list-sas
  2339. Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] vici client 328 disconnected
  2340. Nov 28 22:33:32 fw-1A charon[61694]: 09[NET] <515> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  2341. Nov 28 22:33:32 fw-1A charon[61694]: 09[ENC] <515> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  2342. Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  2343. Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  2344. Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2345. Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2346. Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2347. Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2348. Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  2349. Nov 28 22:33:32 fw-1A charon[61694]: 09[IKE] <515> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  2350. Nov 28 22:33:32 fw-1A charon[61694]: 09[IKE] <515> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  2351. Nov 28 22:33:32 fw-1A charon[61694]: 09[IKE] <515> 196.250.128.24 is initiating an IKE_SA
  2352. Nov 28 22:33:32 fw-1A charon[61694]: 09[IKE] <515> IKE_SA (unnamed)[515] state change: CREATED => CONNECTING
  2353. Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515> selecting proposal:
  2354. Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515>   proposal matches
  2355. Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2356. Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2357. Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2358. Nov 28 22:33:32 fw-1A charon[61694]: 09[IKE] <515> remote host is behind NAT
  2359. Nov 28 22:33:32 fw-1A charon[61694]: 09[IKE] <515> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  2360. Nov 28 22:33:32 fw-1A charon[61694]: 09[ENC] <515> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  2361. Nov 28 22:33:32 fw-1A charon[61694]: 09[NET] <515> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  2362. Nov 28 22:33:33 fw-1A charon[61694]: 09[NET] <515> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  2363. Nov 28 22:33:33 fw-1A charon[61694]: 09[ENC] <515> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  2364. Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <515> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  2365. Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <515>   candidate "con5", match: 1/1/3100 (me/other/ike)
  2366. Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <515>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  2367. Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515> selected peer config 'con5'
  2368. Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> authentication of '20.0.0.100' with pre-shared key successful
  2369. Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  2370. Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> successfully created shared key MAC
  2371. Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> IKE_SA con5[515] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2372. Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> IKE_SA con5[515] state change: CONNECTING => ESTABLISHED
  2373. Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> scheduling rekeying in 24703s
  2374. Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> maximum IKE_SA lifetime 27583s
  2375. Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2376. Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515> proposing traffic selectors for us:
  2377. Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515>  192.168.152.0/29|/0
  2378. Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515> proposing traffic selectors for other:
  2379. Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515>  192.168.0.0/24|/0
  2380. Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515>   candidate "con5" with prio 5+5
  2381. Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515> found matching child config "con5" with prio 10
  2382. Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515> selecting proposal:
  2383. Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515>   proposal matches
  2384. Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2385. Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  2386. Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2387. Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515> selecting traffic selectors for us:
  2388. Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  2389. Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515> selecting traffic selectors for other:
  2390. Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  2391. Nov 28 22:33:33 fw-1A charon[61694]: 09[CHD] <con5|515> CHILD_SA con5{114} state change: CREATED => INSTALLING
  2392. Nov 28 22:33:33 fw-1A charon[61694]: 09[CHD] <con5|515>   using AES_CBC for encryption
  2393. Nov 28 22:33:33 fw-1A charon[61694]: 09[CHD] <con5|515>   using HMAC_SHA2_256_128 for integrity
  2394. Nov 28 22:33:33 fw-1A charon[61694]: 09[CHD] <con5|515> adding inbound ESP SA
  2395. Nov 28 22:33:33 fw-1A charon[61694]: 09[CHD] <con5|515>   SPI 0xc33c10fc, src 196.250.128.24 dst 197.214.xxx.yyy
  2396. Nov 28 22:33:33 fw-1A charon[61694]: 09[CHD] <con5|515> adding outbound ESP SA
  2397. Nov 28 22:33:33 fw-1A charon[61694]: 09[CHD] <con5|515>   SPI 0x0183f6e0, src 197.214.xxx.yyy dst 196.250.128.24
  2398. Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> CHILD_SA con5{114} established with SPIs c33c10fc_i 0183f6e0_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2399. Nov 28 22:33:33 fw-1A charon[61694]: 09[CHD] <con5|515> CHILD_SA con5{114} state change: INSTALLING => INSTALLED
  2400. Nov 28 22:33:33 fw-1A charon[61694]: 09[ENC] <con5|515> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  2401. Nov 28 22:33:33 fw-1A charon[61694]: 09[NET] <con5|515> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  2402. Nov 28 22:33:33 fw-1A charon[61694]: 09[NET] <con5|515> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (272 bytes)
  2403. Nov 28 22:33:33 fw-1A charon[61694]: 09[ENC] <con5|515> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  2404. Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> received DELETE for IKE_SA con5[515]
  2405. Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> deleting IKE_SA con5[515] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2406. Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> IKE_SA con5[515] state change: ESTABLISHED => DELETING
  2407. Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> IKE_SA deleted
  2408. Nov 28 22:33:33 fw-1A charon[61694]: 09[ENC] <con5|515> generating INFORMATIONAL response 2 [ ]
  2409. Nov 28 22:33:33 fw-1A charon[61694]: 09[NET] <con5|515> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  2410. Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> IKE_SA con5[515] state change: DELETING => DESTROYING
  2411. Nov 28 22:33:33 fw-1A charon[61694]: 09[CHD] <con5|515> CHILD_SA con5{114} state change: INSTALLED => DESTROYING
  2412. Nov 28 22:33:35 fw-1A charon[61694]: 09[NET] <516> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  2413. Nov 28 22:33:35 fw-1A charon[61694]: 09[ENC] <516> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  2414. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  2415. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  2416. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2417. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2418. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2419. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2420. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  2421. Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <516> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  2422. Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <516> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  2423. Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <516> 196.250.128.24 is initiating an IKE_SA
  2424. Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <516> IKE_SA (unnamed)[516] state change: CREATED => CONNECTING
  2425. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516> selecting proposal:
  2426. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516>   proposal matches
  2427. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2428. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2429. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2430. Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <516> remote host is behind NAT
  2431. Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <516> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  2432. Nov 28 22:33:35 fw-1A charon[61694]: 09[ENC] <516> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  2433. Nov 28 22:33:35 fw-1A charon[61694]: 09[NET] <516> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  2434. Nov 28 22:33:35 fw-1A charon[61694]: 09[NET] <516> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (448 bytes)
  2435. Nov 28 22:33:35 fw-1A charon[61694]: 09[ENC] <516> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  2436. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  2437. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516>   candidate "con5", match: 1/1/3100 (me/other/ike)
  2438. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  2439. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516> selected peer config 'con5'
  2440. Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> authentication of '20.0.0.100' with pre-shared key successful
  2441. Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  2442. Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> successfully created shared key MAC
  2443. Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> IKE_SA con5[516] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2444. Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> IKE_SA con5[516] state change: CONNECTING => ESTABLISHED
  2445. Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> scheduling rekeying in 23799s
  2446. Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> maximum IKE_SA lifetime 26679s
  2447. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2448. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516> proposing traffic selectors for us:
  2449. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516>  192.168.152.0/29|/0
  2450. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516> proposing traffic selectors for other:
  2451. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516>  192.168.0.0/24|/0
  2452. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516>   candidate "con5" with prio 5+5
  2453. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516> found matching child config "con5" with prio 10
  2454. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516> selecting proposal:
  2455. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516>   proposal matches
  2456. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2457. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  2458. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2459. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516> selecting traffic selectors for us:
  2460. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  2461. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516> selecting traffic selectors for other:
  2462. Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  2463. Nov 28 22:33:35 fw-1A charon[61694]: 09[CHD] <con5|516> CHILD_SA con5{115} state change: CREATED => INSTALLING
  2464. Nov 28 22:33:35 fw-1A charon[61694]: 09[CHD] <con5|516>   using AES_CBC for encryption
  2465. Nov 28 22:33:35 fw-1A charon[61694]: 09[CHD] <con5|516>   using HMAC_SHA2_256_128 for integrity
  2466. Nov 28 22:33:35 fw-1A charon[61694]: 09[CHD] <con5|516> adding inbound ESP SA
  2467. Nov 28 22:33:35 fw-1A charon[61694]: 09[CHD] <con5|516>   SPI 0xc3637b16, src 196.250.128.24 dst 197.214.xxx.yyy
  2468. Nov 28 22:33:35 fw-1A charon[61694]: 09[CHD] <con5|516> adding outbound ESP SA
  2469. Nov 28 22:33:35 fw-1A charon[61694]: 09[CHD] <con5|516>   SPI 0x0dea770c, src 197.214.xxx.yyy dst 196.250.128.24
  2470. Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> CHILD_SA con5{115} established with SPIs c3637b16_i 0dea770c_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2471. Nov 28 22:33:35 fw-1A charon[61694]: 09[CHD] <con5|516> CHILD_SA con5{115} state change: INSTALLING => INSTALLED
  2472. Nov 28 22:33:35 fw-1A charon[61694]: 09[ENC] <con5|516> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  2473. Nov 28 22:33:35 fw-1A charon[61694]: 09[NET] <con5|516> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  2474. Nov 28 22:33:35 fw-1A charon[61694]: 09[NET] <con5|516> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (256 bytes)
  2475. Nov 28 22:33:35 fw-1A charon[61694]: 09[ENC] <con5|516> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  2476. Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> received DELETE for IKE_SA con5[516]
  2477. Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> deleting IKE_SA con5[516] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2478. Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> IKE_SA con5[516] state change: ESTABLISHED => DELETING
  2479. Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> IKE_SA deleted
  2480. Nov 28 22:33:35 fw-1A charon[61694]: 09[ENC] <con5|516> generating INFORMATIONAL response 2 [ ]
  2481. Nov 28 22:33:35 fw-1A charon[61694]: 09[NET] <con5|516> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  2482. Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> IKE_SA con5[516] state change: DELETING => DESTROYING
  2483. Nov 28 22:33:35 fw-1A charon[61694]: 09[CHD] <con5|516> CHILD_SA con5{115} state change: INSTALLED => DESTROYING
  2484. Nov 28 22:33:36 fw-1A charon[61694]: 09[NET] <517> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  2485. Nov 28 22:33:36 fw-1A charon[61694]: 09[ENC] <517> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  2486. Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  2487. Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  2488. Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2489. Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2490. Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2491. Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2492. Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  2493. Nov 28 22:33:36 fw-1A charon[61694]: 09[IKE] <517> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  2494. Nov 28 22:33:36 fw-1A charon[61694]: 09[IKE] <517> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  2495. Nov 28 22:33:36 fw-1A charon[61694]: 09[IKE] <517> 196.250.128.24 is initiating an IKE_SA
  2496. Nov 28 22:33:36 fw-1A charon[61694]: 09[IKE] <517> IKE_SA (unnamed)[517] state change: CREATED => CONNECTING
  2497. Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517> selecting proposal:
  2498. Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517>   proposal matches
  2499. Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2500. Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2501. Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2502. Nov 28 22:33:36 fw-1A charon[61694]: 09[IKE] <517> remote host is behind NAT
  2503. Nov 28 22:33:36 fw-1A charon[61694]: 09[IKE] <517> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  2504. Nov 28 22:33:36 fw-1A charon[61694]: 09[ENC] <517> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  2505. Nov 28 22:33:36 fw-1A charon[61694]: 09[NET] <517> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  2506. Nov 28 22:33:36 fw-1A charon[61694]: 11[KNL] creating acquire job for policy 197.214.xxx.yyy/32|/0 === 196.250.128.24/32|/0 with reqid {2}
  2507. Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] ignoring acquire for reqid 2, connection attempt pending
  2508. Nov 28 22:33:36 fw-1A charon[61694]: 05[NET] <517> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (448 bytes)
  2509. Nov 28 22:33:36 fw-1A charon[61694]: 05[ENC] <517> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  2510. Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <517> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  2511. Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <517>   candidate "con5", match: 1/1/3100 (me/other/ike)
  2512. Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <517>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  2513. Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517> selected peer config 'con5'
  2514. Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> authentication of '20.0.0.100' with pre-shared key successful
  2515. Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  2516. Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> successfully created shared key MAC
  2517. Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> IKE_SA con5[517] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2518. Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> IKE_SA con5[517] state change: CONNECTING => ESTABLISHED
  2519. Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> scheduling rekeying in 25465s
  2520. Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> maximum IKE_SA lifetime 28345s
  2521. Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2522. Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517> proposing traffic selectors for us:
  2523. Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517>  192.168.152.0/29|/0
  2524. Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517> proposing traffic selectors for other:
  2525. Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517>  192.168.0.0/24|/0
  2526. Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517>   candidate "con5" with prio 5+5
  2527. Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517> found matching child config "con5" with prio 10
  2528. Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517> selecting proposal:
  2529. Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517>   proposal matches
  2530. Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2531. Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  2532. Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2533. Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517> selecting traffic selectors for us:
  2534. Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  2535. Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517> selecting traffic selectors for other:
  2536. Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  2537. Nov 28 22:33:36 fw-1A charon[61694]: 05[CHD] <con5|517> CHILD_SA con5{116} state change: CREATED => INSTALLING
  2538. Nov 28 22:33:36 fw-1A charon[61694]: 05[CHD] <con5|517>   using AES_CBC for encryption
  2539. Nov 28 22:33:36 fw-1A charon[61694]: 05[CHD] <con5|517>   using HMAC_SHA2_256_128 for integrity
  2540. Nov 28 22:33:36 fw-1A charon[61694]: 05[CHD] <con5|517> adding inbound ESP SA
  2541. Nov 28 22:33:36 fw-1A charon[61694]: 05[CHD] <con5|517>   SPI 0xcaf804ca, src 196.250.128.24 dst 197.214.xxx.yyy
  2542. Nov 28 22:33:36 fw-1A charon[61694]: 05[CHD] <con5|517> adding outbound ESP SA
  2543. Nov 28 22:33:36 fw-1A charon[61694]: 05[CHD] <con5|517>   SPI 0x049c39c4, src 197.214.xxx.yyy dst 196.250.128.24
  2544. Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> CHILD_SA con5{116} established with SPIs caf804ca_i 049c39c4_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2545. Nov 28 22:33:36 fw-1A charon[61694]: 05[CHD] <con5|517> CHILD_SA con5{116} state change: INSTALLING => INSTALLED
  2546. Nov 28 22:33:36 fw-1A charon[61694]: 05[ENC] <con5|517> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  2547. Nov 28 22:33:36 fw-1A charon[61694]: 05[NET] <con5|517> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  2548. Nov 28 22:33:36 fw-1A charon[61694]: 05[NET] <con5|517> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (224 bytes)
  2549. Nov 28 22:33:36 fw-1A charon[61694]: 05[ENC] <con5|517> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  2550. Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> received DELETE for IKE_SA con5[517]
  2551. Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> deleting IKE_SA con5[517] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2552. Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> IKE_SA con5[517] state change: ESTABLISHED => DELETING
  2553. Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> IKE_SA deleted
  2554. Nov 28 22:33:36 fw-1A charon[61694]: 05[ENC] <con5|517> generating INFORMATIONAL response 2 [ ]
  2555. Nov 28 22:33:36 fw-1A charon[61694]: 05[NET] <con5|517> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  2556. Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> IKE_SA con5[517] state change: DELETING => DESTROYING
  2557. Nov 28 22:33:36 fw-1A charon[61694]: 05[CHD] <con5|517> CHILD_SA con5{116} state change: INSTALLED => DESTROYING
  2558. Nov 28 22:33:37 fw-1A charon[61694]: 11[CFG] vici client 329 connected
  2559. Nov 28 22:33:37 fw-1A charon[61694]: 05[CFG] vici client 329 registered for: list-sa
  2560. Nov 28 22:33:37 fw-1A charon[61694]: 12[CFG] vici client 329 requests: list-sas
  2561. Nov 28 22:33:37 fw-1A charon[61694]: 05[CFG] vici client 329 disconnected
  2562. Nov 28 22:33:38 fw-1A charon[61694]: 12[NET] <518> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  2563. Nov 28 22:33:38 fw-1A charon[61694]: 12[ENC] <518> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  2564. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  2565. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  2566. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2567. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2568. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2569. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2570. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  2571. Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <518> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  2572. Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <518> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  2573. Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <518> 196.250.128.24 is initiating an IKE_SA
  2574. Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <518> IKE_SA (unnamed)[518] state change: CREATED => CONNECTING
  2575. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518> selecting proposal:
  2576. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518>   proposal matches
  2577. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2578. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2579. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2580. Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <518> remote host is behind NAT
  2581. Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <518> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  2582. Nov 28 22:33:38 fw-1A charon[61694]: 12[ENC] <518> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  2583. Nov 28 22:33:38 fw-1A charon[61694]: 12[NET] <518> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  2584. Nov 28 22:33:38 fw-1A charon[61694]: 12[NET] <518> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  2585. Nov 28 22:33:38 fw-1A charon[61694]: 12[ENC] <518> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  2586. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  2587. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518>   candidate "con5", match: 1/1/3100 (me/other/ike)
  2588. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  2589. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518> selected peer config 'con5'
  2590. Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> authentication of '20.0.0.100' with pre-shared key successful
  2591. Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  2592. Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> successfully created shared key MAC
  2593. Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> IKE_SA con5[518] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2594. Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> IKE_SA con5[518] state change: CONNECTING => ESTABLISHED
  2595. Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> scheduling rekeying in 24758s
  2596. Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> maximum IKE_SA lifetime 27638s
  2597. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2598. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518> proposing traffic selectors for us:
  2599. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518>  192.168.152.0/29|/0
  2600. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518> proposing traffic selectors for other:
  2601. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518>  192.168.0.0/24|/0
  2602. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518>   candidate "con5" with prio 5+5
  2603. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518> found matching child config "con5" with prio 10
  2604. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518> selecting proposal:
  2605. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518>   proposal matches
  2606. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2607. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  2608. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2609. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518> selecting traffic selectors for us:
  2610. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  2611. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518> selecting traffic selectors for other:
  2612. Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  2613. Nov 28 22:33:38 fw-1A charon[61694]: 12[CHD] <con5|518> CHILD_SA con5{117} state change: CREATED => INSTALLING
  2614. Nov 28 22:33:38 fw-1A charon[61694]: 12[CHD] <con5|518>   using AES_CBC for encryption
  2615. Nov 28 22:33:38 fw-1A charon[61694]: 12[CHD] <con5|518>   using HMAC_SHA2_256_128 for integrity
  2616. Nov 28 22:33:38 fw-1A charon[61694]: 12[CHD] <con5|518> adding inbound ESP SA
  2617. Nov 28 22:33:38 fw-1A charon[61694]: 12[CHD] <con5|518>   SPI 0xc8017065, src 196.250.128.24 dst 197.214.xxx.yyy
  2618. Nov 28 22:33:38 fw-1A charon[61694]: 12[CHD] <con5|518> adding outbound ESP SA
  2619. Nov 28 22:33:38 fw-1A charon[61694]: 12[CHD] <con5|518>   SPI 0x0cfa1146, src 197.214.xxx.yyy dst 196.250.128.24
  2620. Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> CHILD_SA con5{117} established with SPIs c8017065_i 0cfa1146_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2621. Nov 28 22:33:38 fw-1A charon[61694]: 12[CHD] <con5|518> CHILD_SA con5{117} state change: INSTALLING => INSTALLED
  2622. Nov 28 22:33:38 fw-1A charon[61694]: 12[ENC] <con5|518> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  2623. Nov 28 22:33:38 fw-1A charon[61694]: 12[NET] <con5|518> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  2624. Nov 28 22:33:38 fw-1A charon[61694]: 12[NET] <con5|518> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (256 bytes)
  2625. Nov 28 22:33:38 fw-1A charon[61694]: 12[ENC] <con5|518> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  2626. Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> received DELETE for IKE_SA con5[518]
  2627. Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> deleting IKE_SA con5[518] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2628. Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> IKE_SA con5[518] state change: ESTABLISHED => DELETING
  2629. Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> IKE_SA deleted
  2630. Nov 28 22:33:38 fw-1A charon[61694]: 12[ENC] <con5|518> generating INFORMATIONAL response 2 [ ]
  2631. Nov 28 22:33:38 fw-1A charon[61694]: 12[NET] <con5|518> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  2632. Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> IKE_SA con5[518] state change: DELETING => DESTROYING
  2633. Nov 28 22:33:38 fw-1A charon[61694]: 12[CHD] <con5|518> CHILD_SA con5{117} state change: INSTALLED => DESTROYING
  2634. Nov 28 22:33:39 fw-1A charon[61694]: 10[NET] <519> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  2635. Nov 28 22:33:39 fw-1A charon[61694]: 10[ENC] <519> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  2636. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  2637. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  2638. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2639. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2640. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2641. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2642. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  2643. Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <519> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  2644. Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <519> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  2645. Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <519> 196.250.128.24 is initiating an IKE_SA
  2646. Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <519> IKE_SA (unnamed)[519] state change: CREATED => CONNECTING
  2647. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519> selecting proposal:
  2648. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519>   proposal matches
  2649. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2650. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2651. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2652. Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <519> remote host is behind NAT
  2653. Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <519> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  2654. Nov 28 22:33:39 fw-1A charon[61694]: 10[ENC] <519> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  2655. Nov 28 22:33:39 fw-1A charon[61694]: 10[NET] <519> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  2656. Nov 28 22:33:39 fw-1A charon[61694]: 10[NET] <519> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (448 bytes)
  2657. Nov 28 22:33:39 fw-1A charon[61694]: 10[ENC] <519> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  2658. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  2659. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519>   candidate "con5", match: 1/1/3100 (me/other/ike)
  2660. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  2661. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519> selected peer config 'con5'
  2662. Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> authentication of '20.0.0.100' with pre-shared key successful
  2663. Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  2664. Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> successfully created shared key MAC
  2665. Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> IKE_SA con5[519] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2666. Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> IKE_SA con5[519] state change: CONNECTING => ESTABLISHED
  2667. Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> scheduling rekeying in 23940s
  2668. Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> maximum IKE_SA lifetime 26820s
  2669. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2670. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519> proposing traffic selectors for us:
  2671. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519>  192.168.152.0/29|/0
  2672. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519> proposing traffic selectors for other:
  2673. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519>  192.168.0.0/24|/0
  2674. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519>   candidate "con5" with prio 5+5
  2675. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519> found matching child config "con5" with prio 10
  2676. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519> selecting proposal:
  2677. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519>   proposal matches
  2678. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2679. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  2680. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2681. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519> selecting traffic selectors for us:
  2682. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  2683. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519> selecting traffic selectors for other:
  2684. Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  2685. Nov 28 22:33:39 fw-1A charon[61694]: 10[CHD] <con5|519> CHILD_SA con5{118} state change: CREATED => INSTALLING
  2686. Nov 28 22:33:39 fw-1A charon[61694]: 10[CHD] <con5|519>   using AES_CBC for encryption
  2687. Nov 28 22:33:39 fw-1A charon[61694]: 10[CHD] <con5|519>   using HMAC_SHA2_256_128 for integrity
  2688. Nov 28 22:33:39 fw-1A charon[61694]: 10[CHD] <con5|519> adding inbound ESP SA
  2689. Nov 28 22:33:39 fw-1A charon[61694]: 10[CHD] <con5|519>   SPI 0xcb89c1a5, src 196.250.128.24 dst 197.214.xxx.yyy
  2690. Nov 28 22:33:39 fw-1A charon[61694]: 10[CHD] <con5|519> adding outbound ESP SA
  2691. Nov 28 22:33:39 fw-1A charon[61694]: 10[CHD] <con5|519>   SPI 0x0d4a3019, src 197.214.xxx.yyy dst 196.250.128.24
  2692. Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> CHILD_SA con5{118} established with SPIs cb89c1a5_i 0d4a3019_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2693. Nov 28 22:33:39 fw-1A charon[61694]: 10[CHD] <con5|519> CHILD_SA con5{118} state change: INSTALLING => INSTALLED
  2694. Nov 28 22:33:39 fw-1A charon[61694]: 10[ENC] <con5|519> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  2695. Nov 28 22:33:39 fw-1A charon[61694]: 10[NET] <con5|519> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  2696. Nov 28 22:33:39 fw-1A charon[61694]: 10[NET] <con5|519> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (240 bytes)
  2697. Nov 28 22:33:39 fw-1A charon[61694]: 10[ENC] <con5|519> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  2698. Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> received DELETE for IKE_SA con5[519]
  2699. Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> deleting IKE_SA con5[519] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2700. Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> IKE_SA con5[519] state change: ESTABLISHED => DELETING
  2701. Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> IKE_SA deleted
  2702. Nov 28 22:33:39 fw-1A charon[61694]: 10[ENC] <con5|519> generating INFORMATIONAL response 2 [ ]
  2703. Nov 28 22:33:39 fw-1A charon[61694]: 10[NET] <con5|519> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  2704. Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> IKE_SA con5[519] state change: DELETING => DESTROYING
  2705. Nov 28 22:33:39 fw-1A charon[61694]: 10[CHD] <con5|519> CHILD_SA con5{118} state change: INSTALLED => DESTROYING
  2706. Nov 28 22:33:41 fw-1A charon[61694]: 10[NET] <520> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  2707. Nov 28 22:33:41 fw-1A charon[61694]: 10[ENC] <520> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  2708. Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  2709. Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  2710. Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2711. Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2712. Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2713. Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2714. Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  2715. Nov 28 22:33:41 fw-1A charon[61694]: 10[IKE] <520> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  2716. Nov 28 22:33:41 fw-1A charon[61694]: 10[IKE] <520> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  2717. Nov 28 22:33:41 fw-1A charon[61694]: 10[IKE] <520> 196.250.128.24 is initiating an IKE_SA
  2718. Nov 28 22:33:41 fw-1A charon[61694]: 10[IKE] <520> IKE_SA (unnamed)[520] state change: CREATED => CONNECTING
  2719. Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520> selecting proposal:
  2720. Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520>   proposal matches
  2721. Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2722. Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2723. Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2724. Nov 28 22:33:41 fw-1A charon[61694]: 10[IKE] <520> remote host is behind NAT
  2725. Nov 28 22:33:41 fw-1A charon[61694]: 10[IKE] <520> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  2726. Nov 28 22:33:41 fw-1A charon[61694]: 10[ENC] <520> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  2727. Nov 28 22:33:41 fw-1A charon[61694]: 10[NET] <520> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  2728. Nov 28 22:33:42 fw-1A charon[61694]: 10[NET] <520> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  2729. Nov 28 22:33:42 fw-1A charon[61694]: 10[ENC] <520> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  2730. Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <520> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  2731. Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <520>   candidate "con5", match: 1/1/3100 (me/other/ike)
  2732. Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <520>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  2733. Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520> selected peer config 'con5'
  2734. Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> authentication of '20.0.0.100' with pre-shared key successful
  2735. Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  2736. Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> successfully created shared key MAC
  2737. Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> IKE_SA con5[520] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2738. Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> IKE_SA con5[520] state change: CONNECTING => ESTABLISHED
  2739. Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> scheduling rekeying in 24669s
  2740. Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> maximum IKE_SA lifetime 27549s
  2741. Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2742. Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520> proposing traffic selectors for us:
  2743. Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520>  192.168.152.0/29|/0
  2744. Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520> proposing traffic selectors for other:
  2745. Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520>  192.168.0.0/24|/0
  2746. Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520>   candidate "con5" with prio 5+5
  2747. Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520> found matching child config "con5" with prio 10
  2748. Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520> selecting proposal:
  2749. Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520>   proposal matches
  2750. Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2751. Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  2752. Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2753. Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520> selecting traffic selectors for us:
  2754. Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  2755. Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520> selecting traffic selectors for other:
  2756. Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  2757. Nov 28 22:33:42 fw-1A charon[61694]: 10[CHD] <con5|520> CHILD_SA con5{119} state change: CREATED => INSTALLING
  2758. Nov 28 22:33:42 fw-1A charon[61694]: 10[CHD] <con5|520>   using AES_CBC for encryption
  2759. Nov 28 22:33:42 fw-1A charon[61694]: 10[CHD] <con5|520>   using HMAC_SHA2_256_128 for integrity
  2760. Nov 28 22:33:42 fw-1A charon[61694]: 10[CHD] <con5|520> adding inbound ESP SA
  2761. Nov 28 22:33:42 fw-1A charon[61694]: 10[CHD] <con5|520>   SPI 0xc3851522, src 196.250.128.24 dst 197.214.xxx.yyy
  2762. Nov 28 22:33:42 fw-1A charon[61694]: 10[CHD] <con5|520> adding outbound ESP SA
  2763. Nov 28 22:33:42 fw-1A charon[61694]: 10[CHD] <con5|520>   SPI 0x0b8b0563, src 197.214.xxx.yyy dst 196.250.128.24
  2764. Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> CHILD_SA con5{119} established with SPIs c3851522_i 0b8b0563_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2765. Nov 28 22:33:42 fw-1A charon[61694]: 10[CHD] <con5|520> CHILD_SA con5{119} state change: INSTALLING => INSTALLED
  2766. Nov 28 22:33:42 fw-1A charon[61694]: 10[ENC] <con5|520> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  2767. Nov 28 22:33:42 fw-1A charon[61694]: 10[NET] <con5|520> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  2768. Nov 28 22:33:42 fw-1A charon[61694]: 10[NET] <con5|520> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (272 bytes)
  2769. Nov 28 22:33:42 fw-1A charon[61694]: 10[ENC] <con5|520> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  2770. Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> received DELETE for IKE_SA con5[520]
  2771. Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> deleting IKE_SA con5[520] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2772. Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> IKE_SA con5[520] state change: ESTABLISHED => DELETING
  2773. Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> IKE_SA deleted
  2774. Nov 28 22:33:42 fw-1A charon[61694]: 10[ENC] <con5|520> generating INFORMATIONAL response 2 [ ]
  2775. Nov 28 22:33:42 fw-1A charon[61694]: 10[NET] <con5|520> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  2776. Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> IKE_SA con5[520] state change: DELETING => DESTROYING
  2777. Nov 28 22:33:42 fw-1A charon[61694]: 10[CHD] <con5|520> CHILD_SA con5{119} state change: INSTALLED => DESTROYING
  2778. Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] vici client 330 connected
  2779. Nov 28 22:33:42 fw-1A charon[61694]: 06[CFG] vici client 330 registered for: list-sa
  2780. Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] vici client 330 requests: list-sas
  2781. Nov 28 22:33:42 fw-1A charon[61694]: 06[CFG] vici client 330 disconnected
  2782. Nov 28 22:33:44 fw-1A charon[61694]: 08[NET] <521> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  2783. Nov 28 22:33:44 fw-1A charon[61694]: 08[ENC] <521> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  2784. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  2785. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  2786. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2787. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2788. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2789. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2790. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  2791. Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <521> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  2792. Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <521> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  2793. Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <521> 196.250.128.24 is initiating an IKE_SA
  2794. Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <521> IKE_SA (unnamed)[521] state change: CREATED => CONNECTING
  2795. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521> selecting proposal:
  2796. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521>   proposal matches
  2797. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2798. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2799. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2800. Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <521> remote host is behind NAT
  2801. Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <521> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  2802. Nov 28 22:33:44 fw-1A charon[61694]: 08[ENC] <521> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  2803. Nov 28 22:33:44 fw-1A charon[61694]: 08[NET] <521> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  2804. Nov 28 22:33:44 fw-1A charon[61694]: 08[NET] <521> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  2805. Nov 28 22:33:44 fw-1A charon[61694]: 08[ENC] <521> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  2806. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  2807. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521>   candidate "con5", match: 1/1/3100 (me/other/ike)
  2808. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  2809. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521> selected peer config 'con5'
  2810. Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> authentication of '20.0.0.100' with pre-shared key successful
  2811. Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  2812. Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> successfully created shared key MAC
  2813. Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> IKE_SA con5[521] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2814. Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> IKE_SA con5[521] state change: CONNECTING => ESTABLISHED
  2815. Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> scheduling rekeying in 25897s
  2816. Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> maximum IKE_SA lifetime 28777s
  2817. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2818. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521> proposing traffic selectors for us:
  2819. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521>  192.168.152.0/29|/0
  2820. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521> proposing traffic selectors for other:
  2821. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521>  192.168.0.0/24|/0
  2822. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521>   candidate "con5" with prio 5+5
  2823. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521> found matching child config "con5" with prio 10
  2824. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521> selecting proposal:
  2825. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521>   proposal matches
  2826. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2827. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  2828. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2829. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521> selecting traffic selectors for us:
  2830. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  2831. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521> selecting traffic selectors for other:
  2832. Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  2833. Nov 28 22:33:44 fw-1A charon[61694]: 08[CHD] <con5|521> CHILD_SA con5{120} state change: CREATED => INSTALLING
  2834. Nov 28 22:33:44 fw-1A charon[61694]: 08[CHD] <con5|521>   using AES_CBC for encryption
  2835. Nov 28 22:33:44 fw-1A charon[61694]: 08[CHD] <con5|521>   using HMAC_SHA2_256_128 for integrity
  2836. Nov 28 22:33:44 fw-1A charon[61694]: 08[CHD] <con5|521> adding inbound ESP SA
  2837. Nov 28 22:33:44 fw-1A charon[61694]: 08[CHD] <con5|521>   SPI 0xcc27e2f4, src 196.250.128.24 dst 197.214.xxx.yyy
  2838. Nov 28 22:33:44 fw-1A charon[61694]: 08[CHD] <con5|521> adding outbound ESP SA
  2839. Nov 28 22:33:44 fw-1A charon[61694]: 08[CHD] <con5|521>   SPI 0x07607c9a, src 197.214.xxx.yyy dst 196.250.128.24
  2840. Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> CHILD_SA con5{120} established with SPIs cc27e2f4_i 07607c9a_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2841. Nov 28 22:33:44 fw-1A charon[61694]: 08[CHD] <con5|521> CHILD_SA con5{120} state change: INSTALLING => INSTALLED
  2842. Nov 28 22:33:44 fw-1A charon[61694]: 08[ENC] <con5|521> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  2843. Nov 28 22:33:44 fw-1A charon[61694]: 08[NET] <con5|521> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  2844. Nov 28 22:33:44 fw-1A charon[61694]: 08[NET] <con5|521> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (224 bytes)
  2845. Nov 28 22:33:44 fw-1A charon[61694]: 08[ENC] <con5|521> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  2846. Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> received DELETE for IKE_SA con5[521]
  2847. Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> deleting IKE_SA con5[521] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2848. Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> IKE_SA con5[521] state change: ESTABLISHED => DELETING
  2849. Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> IKE_SA deleted
  2850. Nov 28 22:33:44 fw-1A charon[61694]: 08[ENC] <con5|521> generating INFORMATIONAL response 2 [ ]
  2851. Nov 28 22:33:44 fw-1A charon[61694]: 08[NET] <con5|521> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  2852. Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> IKE_SA con5[521] state change: DELETING => DESTROYING
  2853. Nov 28 22:33:44 fw-1A charon[61694]: 08[CHD] <con5|521> CHILD_SA con5{120} state change: INSTALLED => DESTROYING
  2854. Nov 28 22:33:46 fw-1A charon[61694]: 08[NET] <522> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  2855. Nov 28 22:33:46 fw-1A charon[61694]: 08[ENC] <522> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  2856. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  2857. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  2858. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2859. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2860. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2861. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2862. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  2863. Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <522> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  2864. Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <522> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  2865. Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <522> 196.250.128.24 is initiating an IKE_SA
  2866. Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <522> IKE_SA (unnamed)[522] state change: CREATED => CONNECTING
  2867. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522> selecting proposal:
  2868. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522>   proposal matches
  2869. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2870. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2871. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2872. Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <522> remote host is behind NAT
  2873. Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <522> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  2874. Nov 28 22:33:46 fw-1A charon[61694]: 08[ENC] <522> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  2875. Nov 28 22:33:46 fw-1A charon[61694]: 08[NET] <522> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  2876. Nov 28 22:33:46 fw-1A charon[61694]: 08[NET] <522> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (480 bytes)
  2877. Nov 28 22:33:46 fw-1A charon[61694]: 08[ENC] <522> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  2878. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  2879. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522>   candidate "con5", match: 1/1/3100 (me/other/ike)
  2880. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  2881. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522> selected peer config 'con5'
  2882. Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> authentication of '20.0.0.100' with pre-shared key successful
  2883. Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  2884. Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> successfully created shared key MAC
  2885. Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> IKE_SA con5[522] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2886. Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> IKE_SA con5[522] state change: CONNECTING => ESTABLISHED
  2887. Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> scheduling rekeying in 24182s
  2888. Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> maximum IKE_SA lifetime 27062s
  2889. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2890. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522> proposing traffic selectors for us:
  2891. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522>  192.168.152.0/29|/0
  2892. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522> proposing traffic selectors for other:
  2893. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522>  192.168.0.0/24|/0
  2894. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522>   candidate "con5" with prio 5+5
  2895. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522> found matching child config "con5" with prio 10
  2896. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522> selecting proposal:
  2897. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522>   proposal matches
  2898. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2899. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  2900. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2901. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522> selecting traffic selectors for us:
  2902. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  2903. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522> selecting traffic selectors for other:
  2904. Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  2905. Nov 28 22:33:46 fw-1A charon[61694]: 08[CHD] <con5|522> CHILD_SA con5{121} state change: CREATED => INSTALLING
  2906. Nov 28 22:33:46 fw-1A charon[61694]: 08[CHD] <con5|522>   using AES_CBC for encryption
  2907. Nov 28 22:33:46 fw-1A charon[61694]: 08[CHD] <con5|522>   using HMAC_SHA2_256_128 for integrity
  2908. Nov 28 22:33:46 fw-1A charon[61694]: 08[CHD] <con5|522> adding inbound ESP SA
  2909. Nov 28 22:33:46 fw-1A charon[61694]: 08[CHD] <con5|522>   SPI 0xcce36c6d, src 196.250.128.24 dst 197.214.xxx.yyy
  2910. Nov 28 22:33:46 fw-1A charon[61694]: 08[CHD] <con5|522> adding outbound ESP SA
  2911. Nov 28 22:33:46 fw-1A charon[61694]: 08[CHD] <con5|522>   SPI 0x0b86ed32, src 197.214.xxx.yyy dst 196.250.128.24
  2912. Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> CHILD_SA con5{121} established with SPIs cce36c6d_i 0b86ed32_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2913. Nov 28 22:33:46 fw-1A charon[61694]: 08[CHD] <con5|522> CHILD_SA con5{121} state change: INSTALLING => INSTALLED
  2914. Nov 28 22:33:46 fw-1A charon[61694]: 08[ENC] <con5|522> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  2915. Nov 28 22:33:46 fw-1A charon[61694]: 08[NET] <con5|522> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  2916. Nov 28 22:33:46 fw-1A charon[61694]: 08[NET] <con5|522> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (288 bytes)
  2917. Nov 28 22:33:46 fw-1A charon[61694]: 08[ENC] <con5|522> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  2918. Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> received DELETE for IKE_SA con5[522]
  2919. Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> deleting IKE_SA con5[522] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2920. Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> IKE_SA con5[522] state change: ESTABLISHED => DELETING
  2921. Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> IKE_SA deleted
  2922. Nov 28 22:33:46 fw-1A charon[61694]: 08[ENC] <con5|522> generating INFORMATIONAL response 2 [ ]
  2923. Nov 28 22:33:46 fw-1A charon[61694]: 08[NET] <con5|522> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  2924. Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> IKE_SA con5[522] state change: DELETING => DESTROYING
  2925. Nov 28 22:33:46 fw-1A charon[61694]: 08[CHD] <con5|522> CHILD_SA con5{121} state change: INSTALLED => DESTROYING
  2926. Nov 28 22:33:47 fw-1A charon[61694]: 16[CFG] vici client 331 connected
  2927. Nov 28 22:33:47 fw-1A charon[61694]: 15[CFG] vici client 331 registered for: list-sa
  2928. Nov 28 22:33:47 fw-1A charon[61694]: 15[CFG] vici client 331 requests: list-sas
  2929. Nov 28 22:33:47 fw-1A charon[61694]: 07[CFG] vici client 331 disconnected
  2930. Nov 28 22:33:48 fw-1A charon[61694]: 07[NET] <523> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  2931. Nov 28 22:33:48 fw-1A charon[61694]: 07[ENC] <523> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  2932. Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  2933. Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  2934. Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2935. Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2936. Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2937. Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  2938. Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  2939. Nov 28 22:33:48 fw-1A charon[61694]: 07[IKE] <523> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  2940. Nov 28 22:33:48 fw-1A charon[61694]: 07[IKE] <523> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  2941. Nov 28 22:33:48 fw-1A charon[61694]: 07[IKE] <523> 196.250.128.24 is initiating an IKE_SA
  2942. Nov 28 22:33:48 fw-1A charon[61694]: 07[IKE] <523> IKE_SA (unnamed)[523] state change: CREATED => CONNECTING
  2943. Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523> selecting proposal:
  2944. Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523>   proposal matches
  2945. Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2946. Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2947. Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  2948. Nov 28 22:33:48 fw-1A charon[61694]: 07[IKE] <523> remote host is behind NAT
  2949. Nov 28 22:33:48 fw-1A charon[61694]: 07[IKE] <523> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  2950. Nov 28 22:33:48 fw-1A charon[61694]: 07[ENC] <523> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  2951. Nov 28 22:33:48 fw-1A charon[61694]: 07[NET] <523> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  2952. Nov 28 22:33:48 fw-1A charon[61694]: 15[NET] <523> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (416 bytes)
  2953. Nov 28 22:33:48 fw-1A charon[61694]: 15[ENC] <523> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  2954. Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <523> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  2955. Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <523>   candidate "con5", match: 1/1/3100 (me/other/ike)
  2956. Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <523>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  2957. Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523> selected peer config 'con5'
  2958. Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> authentication of '20.0.0.100' with pre-shared key successful
  2959. Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  2960. Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> successfully created shared key MAC
  2961. Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> IKE_SA con5[523] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2962. Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> IKE_SA con5[523] state change: CONNECTING => ESTABLISHED
  2963. Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> scheduling rekeying in 25413s
  2964. Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> maximum IKE_SA lifetime 28293s
  2965. Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2966. Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523> proposing traffic selectors for us:
  2967. Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523>  192.168.152.0/29|/0
  2968. Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523> proposing traffic selectors for other:
  2969. Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523>  192.168.0.0/24|/0
  2970. Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523>   candidate "con5" with prio 5+5
  2971. Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523> found matching child config "con5" with prio 10
  2972. Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523> selecting proposal:
  2973. Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523>   proposal matches
  2974. Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2975. Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  2976. Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  2977. Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523> selecting traffic selectors for us:
  2978. Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  2979. Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523> selecting traffic selectors for other:
  2980. Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  2981. Nov 28 22:33:48 fw-1A charon[61694]: 15[CHD] <con5|523> CHILD_SA con5{122} state change: CREATED => INSTALLING
  2982. Nov 28 22:33:48 fw-1A charon[61694]: 15[CHD] <con5|523>   using AES_CBC for encryption
  2983. Nov 28 22:33:48 fw-1A charon[61694]: 15[CHD] <con5|523>   using HMAC_SHA2_256_128 for integrity
  2984. Nov 28 22:33:48 fw-1A charon[61694]: 15[CHD] <con5|523> adding inbound ESP SA
  2985. Nov 28 22:33:48 fw-1A charon[61694]: 15[CHD] <con5|523>   SPI 0xcbea0cf2, src 196.250.128.24 dst 197.214.xxx.yyy
  2986. Nov 28 22:33:48 fw-1A charon[61694]: 15[CHD] <con5|523> adding outbound ESP SA
  2987. Nov 28 22:33:48 fw-1A charon[61694]: 15[CHD] <con5|523>   SPI 0x001db44e, src 197.214.xxx.yyy dst 196.250.128.24
  2988. Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> CHILD_SA con5{122} established with SPIs cbea0cf2_i 001db44e_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  2989. Nov 28 22:33:48 fw-1A charon[61694]: 15[CHD] <con5|523> CHILD_SA con5{122} state change: INSTALLING => INSTALLED
  2990. Nov 28 22:33:48 fw-1A charon[61694]: 15[ENC] <con5|523> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  2991. Nov 28 22:33:48 fw-1A charon[61694]: 15[NET] <con5|523> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  2992. Nov 28 22:33:48 fw-1A charon[61694]: 15[NET] <con5|523> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (240 bytes)
  2993. Nov 28 22:33:48 fw-1A charon[61694]: 15[ENC] <con5|523> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  2994. Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> received DELETE for IKE_SA con5[523]
  2995. Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> deleting IKE_SA con5[523] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  2996. Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> IKE_SA con5[523] state change: ESTABLISHED => DELETING
  2997. Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> IKE_SA deleted
  2998. Nov 28 22:33:48 fw-1A charon[61694]: 15[ENC] <con5|523> generating INFORMATIONAL response 2 [ ]
  2999. Nov 28 22:33:48 fw-1A charon[61694]: 15[NET] <con5|523> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  3000. Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> IKE_SA con5[523] state change: DELETING => DESTROYING
  3001. Nov 28 22:33:48 fw-1A charon[61694]: 15[CHD] <con5|523> CHILD_SA con5{122} state change: INSTALLED => DESTROYING
  3002. Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <con5|500> retransmit 4 of request with message ID 1
  3003. Nov 28 22:33:50 fw-1A charon[61694]: 16[NET] <con5|500> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (272 bytes)
  3004. Nov 28 22:33:50 fw-1A charon[61694]: 16[NET] <524> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  3005. Nov 28 22:33:50 fw-1A charon[61694]: 16[ENC] <524> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  3006. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  3007. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  3008. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3009. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3010. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3011. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3012. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  3013. Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <524> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  3014. Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <524> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  3015. Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <524> 196.250.128.24 is initiating an IKE_SA
  3016. Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <524> IKE_SA (unnamed)[524] state change: CREATED => CONNECTING
  3017. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524> selecting proposal:
  3018. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524>   proposal matches
  3019. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  3020. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  3021. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  3022. Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <524> remote host is behind NAT
  3023. Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <524> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  3024. Nov 28 22:33:50 fw-1A charon[61694]: 16[ENC] <524> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  3025. Nov 28 22:33:50 fw-1A charon[61694]: 16[NET] <524> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  3026. Nov 28 22:33:50 fw-1A charon[61694]: 16[NET] <524> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (448 bytes)
  3027. Nov 28 22:33:50 fw-1A charon[61694]: 16[ENC] <524> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  3028. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  3029. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524>   candidate "con5", match: 1/1/3100 (me/other/ike)
  3030. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  3031. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524> selected peer config 'con5'
  3032. Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <con5|524> authentication of '20.0.0.100' with pre-shared key successful
  3033. Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <con5|524> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  3034. Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <con5|524> successfully created shared key MAC
  3035. Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <con5|524> IKE_SA con5[524] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  3036. Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <con5|524> IKE_SA con5[524] state change: CONNECTING => ESTABLISHED
  3037. Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <con5|524> scheduling rekeying in 23267s
  3038. Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <con5|524> maximum IKE_SA lifetime 26147s
  3039. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  3040. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524> proposing traffic selectors for us:
  3041. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524>  192.168.152.0/29|/0
  3042. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524> proposing traffic selectors for other:
  3043. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524>  192.168.0.0/24|/0
  3044. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524>   candidate "con5" with prio 5+5
  3045. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524> found matching child config "con5" with prio 10
  3046. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524> selecting proposal:
  3047. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524>   proposal matches
  3048. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  3049. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  3050. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  3051. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524> selecting traffic selectors for us:
  3052. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  3053. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524> selecting traffic selectors for other:
  3054. Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  3055. Nov 28 22:33:50 fw-1A charon[61694]: 16[CHD] <con5|524> CHILD_SA con5{123} state change: CREATED => INSTALLING
  3056. Nov 28 22:33:50 fw-1A charon[61694]: 16[CHD] <con5|524>   using AES_CBC for encryption
  3057. Nov 28 22:33:50 fw-1A charon[61694]: 16[CHD] <con5|524>   using HMAC_SHA2_256_128 for integrity
  3058. Nov 28 22:33:50 fw-1A charon[61694]: 16[CHD] <con5|524> adding inbound ESP SA
  3059. Nov 28 22:33:50 fw-1A charon[61694]: 16[CHD] <con5|524>   SPI 0xc529b09c, src 196.250.128.24 dst 197.214.xxx.yyy
  3060. Nov 28 22:33:50 fw-1A charon[61694]: 16[CHD] <con5|524> adding outbound ESP SA
  3061. Nov 28 22:33:50 fw-1A charon[61694]: 16[CHD] <con5|524>   SPI 0x0c709430, src 197.214.xxx.yyy dst 196.250.128.24
  3062. Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <con5|524> CHILD_SA con5{123} established with SPIs c529b09c_i 0c709430_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  3063. Nov 28 22:33:50 fw-1A charon[61694]: 16[CHD] <con5|524> CHILD_SA con5{123} state change: INSTALLING => INSTALLED
  3064. Nov 28 22:33:50 fw-1A charon[61694]: 16[ENC] <con5|524> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  3065. Nov 28 22:33:50 fw-1A charon[61694]: 16[NET] <con5|524> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  3066. Nov 28 22:33:51 fw-1A charon[61694]: 16[NET] <525> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  3067. Nov 28 22:33:51 fw-1A charon[61694]: 16[ENC] <525> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  3068. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  3069. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  3070. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3071. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3072. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3073. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3074. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  3075. Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <525> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  3076. Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <525> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  3077. Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <525> 196.250.128.24 is initiating an IKE_SA
  3078. Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <525> IKE_SA (unnamed)[525] state change: CREATED => CONNECTING
  3079. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525> selecting proposal:
  3080. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525>   proposal matches
  3081. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  3082. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  3083. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  3084. Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <525> remote host is behind NAT
  3085. Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <525> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  3086. Nov 28 22:33:51 fw-1A charon[61694]: 16[ENC] <525> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  3087. Nov 28 22:33:51 fw-1A charon[61694]: 16[NET] <525> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  3088. Nov 28 22:33:51 fw-1A charon[61694]: 16[NET] <525> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (480 bytes)
  3089. Nov 28 22:33:51 fw-1A charon[61694]: 16[ENC] <525> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  3090. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  3091. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525>   candidate "con5", match: 1/1/3100 (me/other/ike)
  3092. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  3093. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525> selected peer config 'con5'
  3094. Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> authentication of '20.0.0.100' with pre-shared key successful
  3095. Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  3096. Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> successfully created shared key MAC
  3097. Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|524> destroying duplicate IKE_SA for peer '20.0.0.100', received INITIAL_CONTACT
  3098. Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|524> IKE_SA con5[524] state change: ESTABLISHED => DESTROYING
  3099. Nov 28 22:33:51 fw-1A charon[61694]: 16[CHD] <con5|524> CHILD_SA con5{123} state change: INSTALLED => DESTROYING
  3100. Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> IKE_SA con5[525] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  3101. Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> IKE_SA con5[525] state change: CONNECTING => ESTABLISHED
  3102. Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> scheduling rekeying in 23310s
  3103. Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> maximum IKE_SA lifetime 26190s
  3104. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  3105. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525> proposing traffic selectors for us:
  3106. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525>  192.168.152.0/29|/0
  3107. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525> proposing traffic selectors for other:
  3108. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525>  192.168.0.0/24|/0
  3109. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525>   candidate "con5" with prio 5+5
  3110. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525> found matching child config "con5" with prio 10
  3111. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525> selecting proposal:
  3112. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525>   proposal matches
  3113. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  3114. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  3115. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  3116. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525> selecting traffic selectors for us:
  3117. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  3118. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525> selecting traffic selectors for other:
  3119. Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  3120. Nov 28 22:33:51 fw-1A charon[61694]: 16[CHD] <con5|525> CHILD_SA con5{124} state change: CREATED => INSTALLING
  3121. Nov 28 22:33:51 fw-1A charon[61694]: 16[CHD] <con5|525>   using AES_CBC for encryption
  3122. Nov 28 22:33:51 fw-1A charon[61694]: 16[CHD] <con5|525>   using HMAC_SHA2_256_128 for integrity
  3123. Nov 28 22:33:51 fw-1A charon[61694]: 16[CHD] <con5|525> adding inbound ESP SA
  3124. Nov 28 22:33:51 fw-1A charon[61694]: 16[CHD] <con5|525>   SPI 0xc6a9ccf2, src 196.250.128.24 dst 197.214.xxx.yyy
  3125. Nov 28 22:33:51 fw-1A charon[61694]: 16[CHD] <con5|525> adding outbound ESP SA
  3126. Nov 28 22:33:51 fw-1A charon[61694]: 16[CHD] <con5|525>   SPI 0x0897adb0, src 197.214.xxx.yyy dst 196.250.128.24
  3127. Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> CHILD_SA con5{124} established with SPIs c6a9ccf2_i 0897adb0_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  3128. Nov 28 22:33:51 fw-1A charon[61694]: 16[CHD] <con5|525> CHILD_SA con5{124} state change: INSTALLING => INSTALLED
  3129. Nov 28 22:33:51 fw-1A charon[61694]: 16[ENC] <con5|525> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  3130. Nov 28 22:33:51 fw-1A charon[61694]: 16[NET] <con5|525> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  3131. Nov 28 22:33:51 fw-1A charon[61694]: 16[NET] <con5|525> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (224 bytes)
  3132. Nov 28 22:33:51 fw-1A charon[61694]: 16[ENC] <con5|525> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  3133. Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> received DELETE for IKE_SA con5[525]
  3134. Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> deleting IKE_SA con5[525] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  3135. Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> IKE_SA con5[525] state change: ESTABLISHED => DELETING
  3136. Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> IKE_SA deleted
  3137. Nov 28 22:33:51 fw-1A charon[61694]: 16[ENC] <con5|525> generating INFORMATIONAL response 2 [ ]
  3138. Nov 28 22:33:51 fw-1A charon[61694]: 16[NET] <con5|525> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  3139. Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> IKE_SA con5[525] state change: DELETING => DESTROYING
  3140. Nov 28 22:33:51 fw-1A charon[61694]: 16[CHD] <con5|525> CHILD_SA con5{124} state change: INSTALLED => DESTROYING
  3141. Nov 28 22:33:52 fw-1A charon[61694]: 09[CFG] vici client 332 connected
  3142. Nov 28 22:33:52 fw-1A charon[61694]: 11[CFG] vici client 332 registered for: list-sa
  3143. Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] vici client 332 requests: list-sas
  3144. Nov 28 22:33:52 fw-1A charon[61694]: 09[CFG] vici client 332 disconnected
  3145. Nov 28 22:33:52 fw-1A charon[61694]: 16[NET] <526> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  3146. Nov 28 22:33:52 fw-1A charon[61694]: 16[ENC] <526> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  3147. Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  3148. Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  3149. Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3150. Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3151. Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3152. Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3153. Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  3154. Nov 28 22:33:52 fw-1A charon[61694]: 16[IKE] <526> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  3155. Nov 28 22:33:52 fw-1A charon[61694]: 16[IKE] <526> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  3156. Nov 28 22:33:52 fw-1A charon[61694]: 16[IKE] <526> 196.250.128.24 is initiating an IKE_SA
  3157. Nov 28 22:33:52 fw-1A charon[61694]: 16[IKE] <526> IKE_SA (unnamed)[526] state change: CREATED => CONNECTING
  3158. Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526> selecting proposal:
  3159. Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526>   proposal matches
  3160. Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  3161. Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  3162. Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  3163. Nov 28 22:33:52 fw-1A charon[61694]: 16[IKE] <526> remote host is behind NAT
  3164. Nov 28 22:33:52 fw-1A charon[61694]: 16[IKE] <526> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  3165. Nov 28 22:33:52 fw-1A charon[61694]: 16[ENC] <526> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  3166. Nov 28 22:33:52 fw-1A charon[61694]: 16[NET] <526> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  3167. Nov 28 22:33:52 fw-1A charon[61694]: 16[KNL] creating acquire job for policy 197.214.xxx.yyy/32|/0 === 196.250.128.24/32|/0 with reqid {2}
  3168. Nov 28 22:33:52 fw-1A charon[61694]: 09[CFG] ignoring acquire for reqid 2, connection attempt pending
  3169. Nov 28 22:33:53 fw-1A charon[61694]: 09[NET] <526> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (416 bytes)
  3170. Nov 28 22:33:53 fw-1A charon[61694]: 09[ENC] <526> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  3171. Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <526> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  3172. Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <526>   candidate "con5", match: 1/1/3100 (me/other/ike)
  3173. Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <526>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  3174. Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526> selected peer config 'con5'
  3175. Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> authentication of '20.0.0.100' with pre-shared key successful
  3176. Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  3177. Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> successfully created shared key MAC
  3178. Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> IKE_SA con5[526] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  3179. Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> IKE_SA con5[526] state change: CONNECTING => ESTABLISHED
  3180. Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> scheduling rekeying in 24229s
  3181. Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> maximum IKE_SA lifetime 27109s
  3182. Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  3183. Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526> proposing traffic selectors for us:
  3184. Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526>  192.168.152.0/29|/0
  3185. Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526> proposing traffic selectors for other:
  3186. Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526>  192.168.0.0/24|/0
  3187. Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526>   candidate "con5" with prio 5+5
  3188. Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526> found matching child config "con5" with prio 10
  3189. Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526> selecting proposal:
  3190. Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526>   proposal matches
  3191. Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  3192. Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  3193. Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  3194. Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526> selecting traffic selectors for us:
  3195. Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  3196. Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526> selecting traffic selectors for other:
  3197. Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  3198. Nov 28 22:33:53 fw-1A charon[61694]: 09[CHD] <con5|526> CHILD_SA con5{125} state change: CREATED => INSTALLING
  3199. Nov 28 22:33:53 fw-1A charon[61694]: 09[CHD] <con5|526>   using AES_CBC for encryption
  3200. Nov 28 22:33:53 fw-1A charon[61694]: 09[CHD] <con5|526>   using HMAC_SHA2_256_128 for integrity
  3201. Nov 28 22:33:53 fw-1A charon[61694]: 09[CHD] <con5|526> adding inbound ESP SA
  3202. Nov 28 22:33:53 fw-1A charon[61694]: 09[CHD] <con5|526>   SPI 0xc6613c03, src 196.250.128.24 dst 197.214.xxx.yyy
  3203. Nov 28 22:33:53 fw-1A charon[61694]: 09[CHD] <con5|526> adding outbound ESP SA
  3204. Nov 28 22:33:53 fw-1A charon[61694]: 09[CHD] <con5|526>   SPI 0x0afa2b32, src 197.214.xxx.yyy dst 196.250.128.24
  3205. Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> CHILD_SA con5{125} established with SPIs c6613c03_i 0afa2b32_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  3206. Nov 28 22:33:53 fw-1A charon[61694]: 09[CHD] <con5|526> CHILD_SA con5{125} state change: INSTALLING => INSTALLED
  3207. Nov 28 22:33:53 fw-1A charon[61694]: 09[ENC] <con5|526> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  3208. Nov 28 22:33:53 fw-1A charon[61694]: 09[NET] <con5|526> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  3209. Nov 28 22:33:53 fw-1A charon[61694]: 09[NET] <con5|526> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (288 bytes)
  3210. Nov 28 22:33:53 fw-1A charon[61694]: 09[ENC] <con5|526> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  3211. Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> received DELETE for IKE_SA con5[526]
  3212. Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> deleting IKE_SA con5[526] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  3213. Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> IKE_SA con5[526] state change: ESTABLISHED => DELETING
  3214. Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> IKE_SA deleted
  3215. Nov 28 22:33:53 fw-1A charon[61694]: 09[ENC] <con5|526> generating INFORMATIONAL response 2 [ ]
  3216. Nov 28 22:33:53 fw-1A charon[61694]: 09[NET] <con5|526> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  3217. Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> IKE_SA con5[526] state change: DELETING => DESTROYING
  3218. Nov 28 22:33:53 fw-1A charon[61694]: 09[CHD] <con5|526> CHILD_SA con5{125} state change: INSTALLED => DESTROYING
  3219. Nov 28 22:33:54 fw-1A charon[61694]: 09[NET] <527> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  3220. Nov 28 22:33:54 fw-1A charon[61694]: 09[ENC] <527> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  3221. Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  3222. Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  3223. Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3224. Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3225. Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3226. Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3227. Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  3228. Nov 28 22:33:54 fw-1A charon[61694]: 09[IKE] <527> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  3229. Nov 28 22:33:54 fw-1A charon[61694]: 09[IKE] <527> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  3230. Nov 28 22:33:54 fw-1A charon[61694]: 09[IKE] <527> 196.250.128.24 is initiating an IKE_SA
  3231. Nov 28 22:33:54 fw-1A charon[61694]: 09[IKE] <527> IKE_SA (unnamed)[527] state change: CREATED => CONNECTING
  3232. Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527> selecting proposal:
  3233. Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527>   proposal matches
  3234. Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  3235. Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  3236. Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  3237. Nov 28 22:33:54 fw-1A charon[61694]: 09[IKE] <527> remote host is behind NAT
  3238. Nov 28 22:33:54 fw-1A charon[61694]: 09[IKE] <527> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  3239. Nov 28 22:33:54 fw-1A charon[61694]: 09[ENC] <527> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  3240. Nov 28 22:33:54 fw-1A charon[61694]: 09[NET] <527> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  3241. Nov 28 22:33:57 fw-1A charon[61694]: 09[CFG] vici client 333 connected
  3242. Nov 28 22:33:57 fw-1A charon[61694]: 05[CFG] vici client 333 registered for: list-sa
  3243. Nov 28 22:33:57 fw-1A charon[61694]: 12[CFG] vici client 333 requests: list-sas
  3244. Nov 28 22:33:57 fw-1A charon[61694]: 12[CFG] vici client 333 disconnected
  3245. Nov 28 22:34:01 fw-1A charon[61694]: 14[NET] <528> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
  3246. Nov 28 22:34:01 fw-1A charon[61694]: 14[ENC] <528> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
  3247. Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
  3248. Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3249. Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3250. Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3251. Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3252. Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528>   candidate: 197.214.xxx.yyy...165.165.172.58, prio 3100
  3253. Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528> found matching ike config: 197.214.xxx.yyy...165.165.172.58 with prio 3100
  3254. Nov 28 22:34:01 fw-1A charon[61694]: 14[IKE] <528> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
  3255. Nov 28 22:34:01 fw-1A charon[61694]: 14[IKE] <528> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
  3256. Nov 28 22:34:01 fw-1A charon[61694]: 14[IKE] <528> 165.165.172.58 is initiating an IKE_SA
  3257. Nov 28 22:34:01 fw-1A charon[61694]: 14[IKE] <528> IKE_SA (unnamed)[528] state change: CREATED => CONNECTING
  3258. Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528> selecting proposal:
  3259. Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528>   no acceptable ENCRYPTION_ALGORITHM found
  3260. Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528> selecting proposal:
  3261. Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528>   no acceptable ENCRYPTION_ALGORITHM found
  3262. Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528> selecting proposal:
  3263. Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528>   proposal matches
  3264. Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
  3265. Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  3266. Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
  3267. Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528> received supported signature hash algorithms: sha256 sha384 sha512 identity
  3268. Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528> sending supported signature hash algorithms: sha256 sha384 sha512 identity
  3269. Nov 28 22:34:01 fw-1A charon[61694]: 14[IKE] <528> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  3270. Nov 28 22:34:01 fw-1A charon[61694]: 14[ENC] <528> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
  3271. Nov 28 22:34:01 fw-1A charon[61694]: 14[NET] <528> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
  3272. Nov 28 22:34:01 fw-1A charon[61694]: 14[NET] <528> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
  3273. Nov 28 22:34:01 fw-1A charon[61694]: 14[ENC] <528> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
  3274. Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
  3275. Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528>   candidate "con10", match: 20/1/3100 (me/other/ike)
  3276. Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <con10|528> selected peer config 'con10'
  3277. Nov 28 22:34:01 fw-1A charon[61694]: 14[IKE] <con10|528> tried 4 shared keys for '197.214.xxx.yyy' - '165.165.172.58', but MAC mismatched
  3278. Nov 28 22:34:01 fw-1A charon[61694]: 14[ENC] <con10|528> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
  3279. Nov 28 22:34:01 fw-1A charon[61694]: 14[NET] <con10|528> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
  3280. Nov 28 22:34:01 fw-1A charon[61694]: 14[IKE] <con10|528> IKE_SA con10[528] state change: CONNECTING => DESTROYING
  3281. Nov 28 22:34:02 fw-1A charon[61694]: 14[CFG] vici client 334 connected
  3282. Nov 28 22:34:02 fw-1A charon[61694]: 10[CFG] vici client 334 registered for: list-sa
  3283. Nov 28 22:34:02 fw-1A charon[61694]: 10[CFG] vici client 334 requests: list-sas
  3284. Nov 28 22:34:02 fw-1A charon[61694]: 14[CFG] vici client 334 disconnected
  3285. Nov 28 22:34:02 fw-1A charon[61694]: 14[KNL] creating acquire job for policy 197.214.xxx.yyy/32|/0 === 196.250.128.24/32|/0 with reqid {2}
  3286. Nov 28 22:34:02 fw-1A charon[61694]: 14[CFG] ignoring acquire for reqid 2, connection attempt pending
  3287. Nov 28 22:34:09 fw-1A charon[61694]: 14[NET] <527> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (480 bytes)
  3288. Nov 28 22:34:09 fw-1A charon[61694]: 14[ENC] <527> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  3289. Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <527> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  3290. Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <527>   candidate "con5", match: 1/1/3100 (me/other/ike)
  3291. Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <527>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  3292. Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527> selected peer config 'con5'
  3293. Nov 28 22:34:09 fw-1A charon[61694]: 14[IKE] <con5|527> authentication of '20.0.0.100' with pre-shared key successful
  3294. Nov 28 22:34:09 fw-1A charon[61694]: 14[IKE] <con5|527> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  3295. Nov 28 22:34:09 fw-1A charon[61694]: 14[IKE] <con5|527> successfully created shared key MAC
  3296. Nov 28 22:34:09 fw-1A charon[61694]: 14[IKE] <con5|527> IKE_SA con5[527] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  3297. Nov 28 22:34:09 fw-1A charon[61694]: 14[IKE] <con5|527> IKE_SA con5[527] state change: CONNECTING => ESTABLISHED
  3298. Nov 28 22:34:09 fw-1A charon[61694]: 14[IKE] <con5|527> scheduling rekeying in 24079s
  3299. Nov 28 22:34:09 fw-1A charon[61694]: 14[IKE] <con5|527> maximum IKE_SA lifetime 26959s
  3300. Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  3301. Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527> proposing traffic selectors for us:
  3302. Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527>  192.168.152.0/29|/0
  3303. Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527> proposing traffic selectors for other:
  3304. Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527>  192.168.0.0/24|/0
  3305. Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527>   candidate "con5" with prio 5+5
  3306. Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527> found matching child config "con5" with prio 10
  3307. Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527> selecting proposal:
  3308. Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527>   proposal matches
  3309. Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  3310. Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  3311. Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  3312. Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527> selecting traffic selectors for us:
  3313. Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  3314. Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527> selecting traffic selectors for other:
  3315. Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  3316. Nov 28 22:34:09 fw-1A charon[61694]: 14[CHD] <con5|527> CHILD_SA con5{126} state change: CREATED => INSTALLING
  3317. Nov 28 22:34:09 fw-1A charon[61694]: 14[CHD] <con5|527>   using AES_CBC for encryption
  3318. Nov 28 22:34:09 fw-1A charon[61694]: 14[CHD] <con5|527>   using HMAC_SHA2_256_128 for integrity
  3319. Nov 28 22:34:09 fw-1A charon[61694]: 14[CHD] <con5|527> adding inbound ESP SA
  3320. Nov 28 22:34:09 fw-1A charon[61694]: 14[CHD] <con5|527>   SPI 0xcf80dceb, src 196.250.128.24 dst 197.214.xxx.yyy
  3321. Nov 28 22:34:09 fw-1A charon[61694]: 14[CHD] <con5|527> adding outbound ESP SA
  3322. Nov 28 22:34:09 fw-1A charon[61694]: 14[CHD] <con5|527>   SPI 0x00cbf5c9, src 197.214.xxx.yyy dst 196.250.128.24
  3323. Nov 28 22:34:09 fw-1A charon[61694]: 14[IKE] <con5|527> CHILD_SA con5{126} established with SPIs cf80dceb_i 00cbf5c9_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  3324. Nov 28 22:34:09 fw-1A charon[61694]: 14[CHD] <con5|527> CHILD_SA con5{126} state change: INSTALLING => INSTALLED
  3325. Nov 28 22:34:09 fw-1A charon[61694]: 14[ENC] <con5|527> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  3326. Nov 28 22:34:09 fw-1A charon[61694]: 14[NET] <con5|527> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  3327. Nov 28 22:34:10 fw-1A charon[61694]: 14[NET] <529> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  3328. Nov 28 22:34:10 fw-1A charon[61694]: 14[ENC] <529> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  3329. Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  3330. Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  3331. Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3332. Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3333. Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3334. Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3335. Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  3336. Nov 28 22:34:10 fw-1A charon[61694]: 14[IKE] <529> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  3337. Nov 28 22:34:10 fw-1A charon[61694]: 14[IKE] <529> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  3338. Nov 28 22:34:10 fw-1A charon[61694]: 14[IKE] <529> 196.250.128.24 is initiating an IKE_SA
  3339. Nov 28 22:34:10 fw-1A charon[61694]: 14[IKE] <529> IKE_SA (unnamed)[529] state change: CREATED => CONNECTING
  3340. Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529> selecting proposal:
  3341. Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529>   proposal matches
  3342. Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  3343. Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  3344. Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  3345. Nov 28 22:34:10 fw-1A charon[61694]: 14[IKE] <529> remote host is behind NAT
  3346. Nov 28 22:34:10 fw-1A charon[61694]: 14[IKE] <529> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  3347. Nov 28 22:34:10 fw-1A charon[61694]: 14[ENC] <529> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  3348. Nov 28 22:34:10 fw-1A charon[61694]: 14[NET] <529> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  3349. Nov 28 22:34:11 fw-1A charon[61694]: 14[NET] <529> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (480 bytes)
  3350. Nov 28 22:34:11 fw-1A charon[61694]: 14[ENC] <529> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  3351. Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <529> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  3352. Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <529>   candidate "con5", match: 1/1/3100 (me/other/ike)
  3353. Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <529>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  3354. Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529> selected peer config 'con5'
  3355. Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> authentication of '20.0.0.100' with pre-shared key successful
  3356. Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  3357. Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> successfully created shared key MAC
  3358. Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|527> destroying duplicate IKE_SA for peer '20.0.0.100', received INITIAL_CONTACT
  3359. Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|527> IKE_SA con5[527] state change: ESTABLISHED => DESTROYING
  3360. Nov 28 22:34:11 fw-1A charon[61694]: 14[CHD] <con5|527> CHILD_SA con5{126} state change: INSTALLED => DESTROYING
  3361. Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> IKE_SA con5[529] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  3362. Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> IKE_SA con5[529] state change: CONNECTING => ESTABLISHED
  3363. Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> scheduling rekeying in 23284s
  3364. Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> maximum IKE_SA lifetime 26164s
  3365. Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  3366. Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529> proposing traffic selectors for us:
  3367. Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529>  192.168.152.0/29|/0
  3368. Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529> proposing traffic selectors for other:
  3369. Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529>  192.168.0.0/24|/0
  3370. Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529>   candidate "con5" with prio 5+5
  3371. Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529> found matching child config "con5" with prio 10
  3372. Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529> selecting proposal:
  3373. Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529>   proposal matches
  3374. Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  3375. Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  3376. Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  3377. Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529> selecting traffic selectors for us:
  3378. Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  3379. Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529> selecting traffic selectors for other:
  3380. Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  3381. Nov 28 22:34:11 fw-1A charon[61694]: 14[CHD] <con5|529> CHILD_SA con5{127} state change: CREATED => INSTALLING
  3382. Nov 28 22:34:11 fw-1A charon[61694]: 14[CHD] <con5|529>   using AES_CBC for encryption
  3383. Nov 28 22:34:11 fw-1A charon[61694]: 14[CHD] <con5|529>   using HMAC_SHA2_256_128 for integrity
  3384. Nov 28 22:34:11 fw-1A charon[61694]: 14[CHD] <con5|529> adding inbound ESP SA
  3385. Nov 28 22:34:11 fw-1A charon[61694]: 14[CHD] <con5|529>   SPI 0xcfc2ea23, src 196.250.128.24 dst 197.214.xxx.yyy
  3386. Nov 28 22:34:11 fw-1A charon[61694]: 14[CHD] <con5|529> adding outbound ESP SA
  3387. Nov 28 22:34:11 fw-1A charon[61694]: 14[CHD] <con5|529>   SPI 0x0b7a00f6, src 197.214.xxx.yyy dst 196.250.128.24
  3388. Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> CHILD_SA con5{127} established with SPIs cfc2ea23_i 0b7a00f6_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  3389. Nov 28 22:34:11 fw-1A charon[61694]: 14[CHD] <con5|529> CHILD_SA con5{127} state change: INSTALLING => INSTALLED
  3390. Nov 28 22:34:11 fw-1A charon[61694]: 14[ENC] <con5|529> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  3391. Nov 28 22:34:11 fw-1A charon[61694]: 14[NET] <con5|529> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  3392. Nov 28 22:34:11 fw-1A charon[61694]: 14[NET] <con5|529> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (224 bytes)
  3393. Nov 28 22:34:11 fw-1A charon[61694]: 14[ENC] <con5|529> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  3394. Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> received DELETE for IKE_SA con5[529]
  3395. Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> deleting IKE_SA con5[529] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  3396. Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> IKE_SA con5[529] state change: ESTABLISHED => DELETING
  3397. Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> IKE_SA deleted
  3398. Nov 28 22:34:11 fw-1A charon[61694]: 14[ENC] <con5|529> generating INFORMATIONAL response 2 [ ]
  3399. Nov 28 22:34:11 fw-1A charon[61694]: 14[NET] <con5|529> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  3400. Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> IKE_SA con5[529] state change: DELETING => DESTROYING
  3401. Nov 28 22:34:11 fw-1A charon[61694]: 14[CHD] <con5|529> CHILD_SA con5{127} state change: INSTALLED => DESTROYING
  3402. Nov 28 22:34:12 fw-1A charon[61694]: 08[NET] <530> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  3403. Nov 28 22:34:12 fw-1A charon[61694]: 08[ENC] <530> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  3404. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  3405. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  3406. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3407. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3408. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3409. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  3410. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  3411. Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <530> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  3412. Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <530> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  3413. Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <530> 196.250.128.24 is initiating an IKE_SA
  3414. Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <530> IKE_SA (unnamed)[530] state change: CREATED => CONNECTING
  3415. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530> selecting proposal:
  3416. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530>   proposal matches
  3417. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  3418. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  3419. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  3420. Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <530> remote host is behind NAT
  3421. Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <530> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  3422. Nov 28 22:34:12 fw-1A charon[61694]: 08[ENC] <530> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  3423. Nov 28 22:34:12 fw-1A charon[61694]: 08[NET] <530> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  3424. Nov 28 22:34:12 fw-1A charon[61694]: 08[NET] <530> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  3425. Nov 28 22:34:12 fw-1A charon[61694]: 08[ENC] <530> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  3426. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  3427. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530>   candidate "con5", match: 1/1/3100 (me/other/ike)
  3428. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  3429. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530> selected peer config 'con5'
  3430. Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> authentication of '20.0.0.100' with pre-shared key successful
  3431. Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  3432. Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> successfully created shared key MAC
  3433. Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> IKE_SA con5[530] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  3434. Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> IKE_SA con5[530] state change: CONNECTING => ESTABLISHED
  3435. Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> scheduling rekeying in 24097s
  3436. Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> maximum IKE_SA lifetime 26977s
  3437. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  3438. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530> proposing traffic selectors for us:
  3439. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530>  192.168.152.0/29|/0
  3440. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530> proposing traffic selectors for other:
  3441. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530>  192.168.0.0/24|/0
  3442. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530>   candidate "con5" with prio 5+5
  3443. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530> found matching child config "con5" with prio 10
  3444. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530> selecting proposal:
  3445. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530>   proposal matches
  3446. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  3447. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  3448. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  3449. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530> selecting traffic selectors for us:
  3450. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  3451. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530> selecting traffic selectors for other:
  3452. Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  3453. Nov 28 22:34:12 fw-1A charon[61694]: 08[CHD] <con5|530> CHILD_SA con5{128} state change: CREATED => INSTALLING
  3454. Nov 28 22:34:12 fw-1A charon[61694]: 08[CHD] <con5|530>   using AES_CBC for encryption
  3455. Nov 28 22:34:12 fw-1A charon[61694]: 08[CHD] <con5|530>   using HMAC_SHA2_256_128 for integrity
  3456. Nov 28 22:34:12 fw-1A charon[61694]: 08[CHD] <con5|530> adding inbound ESP SA
  3457. Nov 28 22:34:12 fw-1A charon[61694]: 08[CHD] <con5|530>   SPI 0xc78811d2, src 196.250.128.24 dst 197.214.xxx.yyy
  3458. Nov 28 22:34:12 fw-1A charon[61694]: 08[CHD] <con5|530> adding outbound ESP SA
  3459. Nov 28 22:34:12 fw-1A charon[61694]: 08[CHD] <con5|530>   SPI 0x004f7288, src 197.214.xxx.yyy dst 196.250.128.24
  3460. Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> CHILD_SA con5{128} established with SPIs c78811d2_i 004f7288_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  3461. Nov 28 22:34:12 fw-1A charon[61694]: 08[CHD] <con5|530> CHILD_SA con5{128} state change: INSTALLING => INSTALLED
  3462. Nov 28 22:34:12 fw-1A charon[61694]: 08[ENC] <con5|530> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  3463. Nov 28 22:34:12 fw-1A charon[61694]: 08[NET] <con5|530> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  3464. Nov 28 22:34:12 fw-1A charon[61694]: 08[NET] <con5|530> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (240 bytes)
  3465. Nov 28 22:34:12 fw-1A charon[61694]: 08[ENC] <con5|530> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
  3466. Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> received DELETE for IKE_SA con5[530]
  3467. Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> deleting IKE_SA con5[530] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  3468. Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> IKE_SA con5[530] state change: ESTABLISHED => DELETING
  3469. Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> IKE_SA deleted
  3470. Nov 28 22:34:12 fw-1A charon[61694]: 08[ENC] <con5|530> generating INFORMATIONAL response 2 [ ]
  3471. Nov 28 22:34:12 fw-1A charon[61694]: 08[NET] <con5|530> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  3472. Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> IKE_SA con5[530] state change: DELETING => DESTROYING
  3473. Nov 28 22:34:12 fw-1A charon[61694]: 08[CHD] <con5|530> CHILD_SA con5{128} state change: INSTALLED => DESTROYING
  3474. Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] vici client 335 connected
  3475. Nov 28 22:34:13 fw-1A charon[61694]: 14[CFG] vici client 335 requests: reload-settings
  3476. Nov 28 22:34:13 fw-1A charon[61694]: 14[CFG] ipseckey plugin is disabled
  3477. Nov 28 22:34:13 fw-1A charon[61694]: 14[CFG] loaded attribute INTERNAL_IP4_SUBNET: c0:a8:98:00:ff:ff:ff:f8
  3478. Nov 28 22:34:13 fw-1A charon[61694]: 14[CFG] loaded attribute UNITY_SPLIT_INCLUDE: c0:a8:98:00:ff:ff:ff:f8
  3479. Nov 28 22:34:13 fw-1A charon[61694]: 14[CFG] loaded attribute UNITY_BANNER: 4f:6e:6c:79:20:61:75:74:68:6f:72:69:73:65:64:20:75:73:65:72:73:20:6d:61:79:20:65:6e:74:65:72:20:68:65:72:65:21
  3480. Nov 28 22:34:13 fw-1A charon[61694]: 14[CFG] loaded attribute UNITY_PFS: 31:34
  3481. Nov 28 22:34:13 fw-1A charon[61694]: 14[CFG] loaded 4 entries for attr plugin configuration
  3482. Nov 28 22:34:13 fw-1A charon[61694]: 14[CFG] loaded 0 RADIUS server configurations
  3483. Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] vici client 335 disconnected
  3484. Nov 28 22:34:13 fw-1A charon[61694]: 14[CFG] vici client 336 connected
  3485. Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] vici client 336 requests: get-keys
  3486. Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] vici client 336 requests: get-shared
  3487. Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] vici client 336 requests: load-cert
  3488. Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] loaded certificate 'CN=fw.fast.za.net, C=ZA, ST=Western Cape, L=Cape Town, O=Abellard SS, OU=Hosting Services'
  3489. Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] vici client 336 requests: load-cert
  3490. Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] loaded certificate 'CN=Fastnet-CA-2, C=ZA, O=Abellard SS'
  3491. Nov 28 22:34:13 fw-1A charon[61694]: 13[CFG] vici client 336 requests: load-key
  3492. Nov 28 22:34:13 fw-1A charon[61694]: 13[CFG] loaded ANY private key
  3493. Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] vici client 336 requests: load-shared
  3494. Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] loaded IKE shared key with id 'ike-0' for: '%any', '192.168.0.2'
  3495. Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] vici client 336 requests: load-shared
  3496. Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] loaded IKE shared key with id 'ike-1' for: '%any', '41.164.68.170'
  3497. Nov 28 22:34:13 fw-1A charon[61694]: 13[CFG] vici client 336 requests: load-shared
  3498. Nov 28 22:34:13 fw-1A charon[61694]: 13[CFG] loaded IKE shared key with id 'ike-2' for: '%any', '%any'
  3499. Nov 28 22:34:13 fw-1A charon[61694]: 11[CFG] vici client 336 requests: load-shared
  3500. Nov 28 22:34:13 fw-1A charon[61694]: 11[CFG] loaded EAP shared key with id 'eap-4' for: 'reliance.compost'
  3501. Nov 28 22:34:13 fw-1A charon[61694]: 11[CFG] vici client 336 requests: load-shared
  3502. Nov 28 22:34:13 fw-1A charon[61694]: 11[CFG] loaded EAP shared key with id 'eap-5' for: 'mac.pack'
  3503. Nov 28 22:34:13 fw-1A charon[61694]: 13[CFG] vici client 336 requests: load-shared
  3504. Nov 28 22:34:13 fw-1A charon[61694]: 13[CFG] loaded EAP shared key with id 'eap-6' for: 'greenway.farms'
  3505. Nov 28 22:34:13 fw-1A charon[61694]: 16[CFG] vici client 336 requests: unload-shared
  3506. Nov 28 22:34:13 fw-1A charon[61694]: 16[CFG] unloaded shared key with id 'eap-7'
  3507. Nov 28 22:34:13 fw-1A charon[61694]: 16[CFG] vici client 336 requests: unload-shared
  3508. Nov 28 22:34:13 fw-1A charon[61694]: 16[CFG] unloaded shared key with id 'ike-4'
  3509. Nov 28 22:34:13 fw-1A charon[61694]: 16[CFG] vici client 336 requests: get-authorities
  3510. Nov 28 22:34:13 fw-1A charon[61694]: 09[CFG] vici client 336 requests: get-pools
  3511. Nov 28 22:34:13 fw-1A charon[61694]: 09[CFG] vici client 336 requests: load-pool
  3512. Nov 28 22:34:13 fw-1A charon[61694]: 09[CFG] updated vici pool mobile-pool-v4: 10.10.10.0, 254 entries
  3513. Nov 28 22:34:13 fw-1A charon[61694]: 09[CFG] vici client 336 requests: load-pool
  3514. Nov 28 22:34:13 fw-1A charon[61694]: 09[CFG] updated vici pool mobile-userpool-1: 10.10.15.0, 254 entries
  3515. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] vici client 336 requests: load-pool
  3516. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] updated vici pool mobile-userpool-2: 10.10.10.0, 254 entries
  3517. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] vici client 336 requests: load-pool
  3518. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] updated vici pool mobile-userpool-3: 10.10.16.0, 254 entries
  3519. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] vici client 336 requests: get-conns
  3520. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] vici client 336 requests: load-conn
  3521. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]  conn bypass:
  3522. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   child bypasslan:
  3523. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_time = 3600
  3524. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_time = 3960
  3525. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_time = 360
  3526. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_bytes = 0
  3527. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_bytes = 0
  3528. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_bytes = 0
  3529. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_packets = 0
  3530. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_packets = 0
  3531. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_packets = 0
  3532. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    updown = (null)
  3533. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    hostaccess = 0
  3534. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    ipcomp = 0
  3535. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mode = PASS
  3536. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    policies = 1
  3537. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    policies_fwd_out = 0
  3538. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    dpd_action = none
  3539. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    start_action = trap
  3540. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    close_action = none
  3541. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    reqid = 0
  3542. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    tfc = 0
  3543. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    priority = 0
  3544. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    interface = (null)
  3545. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    if_id_in = 0
  3546. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    if_id_out = 0
  3547. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_in = 0/0
  3548. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_in_sa = 0
  3549. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_out = 0/0
  3550. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    set_mark_in = 0/0
  3551. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    set_mark_out = 0/0
  3552. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    label = (null)
  3553. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    label_mode = system
  3554. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    inactivity = 0
  3555. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    proposals = ESP:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/NO_EXT_SEQ, ESP:AES_CBC_128/AES_CBC_192/AES_CBC_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/HMAC_SHA1_96/AES_XCBC_96/NO_EXT_SEQ
  3556. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    local_ts = 192.168.131.0/24|/0
  3557. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    remote_ts = 192.168.131.0/24|/0
  3558. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    hw_offload = no
  3559. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    sha256_96 = 0
  3560. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_df = 1
  3561. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_ecn = 1
  3562. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_dscp = out
  3563. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   version = 0
  3564. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local_addrs = %any
  3565. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote_addrs = 127.0.0.1
  3566. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local_port = 500
  3567. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote_port = 500
  3568. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   send_certreq = 1
  3569. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   send_cert = CERT_SEND_IF_ASKED
  3570. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   ppk_id = (null)
  3571. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   ppk_required = 0
  3572. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   mobike = 1
  3573. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   aggressive = 0
  3574. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dscp = 0x00
  3575. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   encap = 0
  3576. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dpd_delay = 0
  3577. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dpd_timeout = 0
  3578. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   fragmentation = 2
  3579. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   childless = 0
  3580. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   unique = UNIQUE_NO
  3581. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   keyingtries = 1
  3582. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   reauth_time = 0
  3583. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   rekey_time = 14400
  3584. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   over_time = 1440
  3585. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   rand_time = 1440
  3586. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   proposals = IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/3DES_CBC/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/HMAC_SHA1_96/AES_XCBC_96/AES_CMAC_96/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192/MODP_2048, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192/MODP_2048
  3587. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   if_id_in = 0
  3588. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   if_id_out = 0
  3589. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local:
  3590. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote:
  3591. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] updated vici connection: bypass
  3592. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG] vici client 336 requests: load-conn
  3593. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]  conn con3:
  3594. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   child con3:
  3595. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rekey_time = 38876
  3596. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    life_time = 43196
  3597. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rand_time = 4320
  3598. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rekey_bytes = 0
  3599. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    life_bytes = 0
  3600. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rand_bytes = 0
  3601. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rekey_packets = 0
  3602. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    life_packets = 0
  3603. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rand_packets = 0
  3604. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    updown = (null)
  3605. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    hostaccess = 0
  3606. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    ipcomp = 0
  3607. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    mode = TUNNEL
  3608. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    policies = 1
  3609. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    policies_fwd_out = 0
  3610. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    dpd_action = trap
  3611. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    start_action = trap
  3612. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    close_action = none
  3613. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    reqid = 0
  3614. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    tfc = 0
  3615. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    priority = 0
  3616. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    interface = (null)
  3617. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    if_id_in = 0
  3618. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    if_id_out = 0
  3619. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    mark_in = 0/0
  3620. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    mark_in_sa = 0
  3621. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    mark_out = 0/0
  3622. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    set_mark_in = 0/0
  3623. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    set_mark_out = 0/0
  3624. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    label = (null)
  3625. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    label_mode = system
  3626. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    inactivity = 0
  3627. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_16_128/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_128/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_128/MODP_2048/NO_EXT_SEQ
  3628. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    local_ts = 192.168.131.191/32|/0 192.168.131.177/32|/0 192.168.131.174/32|/0
  3629. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    remote_ts = 172.16.3.0/24|/0 172.16.3.0/24|/0 172.16.3.0/24|/0
  3630. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    hw_offload = no
  3631. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    sha256_96 = 0
  3632. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    copy_df = 1
  3633. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    copy_ecn = 1
  3634. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    copy_dscp = out
  3635. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   version = 2
  3636. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   local_addrs = 197.214.xxx.yyy
  3637. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   remote_addrs = 105.27.113.66
  3638. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   local_port = 500
  3639. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   remote_port = 500
  3640. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   send_certreq = 1
  3641. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   send_cert = CERT_SEND_IF_ASKED
  3642. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   ppk_id = (null)
  3643. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   ppk_required = 0
  3644. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   mobike = 0
  3645. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   aggressive = 0
  3646. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   dscp = 0x00
  3647. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   encap = 0
  3648. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   dpd_delay = 10
  3649. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   dpd_timeout = 0
  3650. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   fragmentation = 2
  3651. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   childless = 0
  3652. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   unique = UNIQUE_REPLACE
  3653. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   keyingtries = 1
  3654. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   reauth_time = 0
  3655. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   rekey_time = 77760
  3656. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   over_time = 8640
  3657. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   rand_time = 8640
  3658. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   proposals = IKE:AES_GCM_16_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
  3659. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   if_id_in = 0
  3660. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   if_id_out = 0
  3661. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   local:
  3662. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    class = pre-shared key
  3663. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    id = 197.214.xxx.yyy
  3664. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   remote:
  3665. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    class = pre-shared key
  3666. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    id = 192.168.0.2
  3667. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG] updated vici connection: con3
  3668. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG] vici client 336 requests: load-conn
  3669. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]  conn con4:
  3670. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   child con4:
  3671. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rekey_time = 38876
  3672. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    life_time = 43196
  3673. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rand_time = 4320
  3674. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rekey_bytes = 0
  3675. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    life_bytes = 0
  3676. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rand_bytes = 0
  3677. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rekey_packets = 0
  3678. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    life_packets = 0
  3679. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rand_packets = 0
  3680. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    updown = (null)
  3681. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    hostaccess = 0
  3682. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    ipcomp = 0
  3683. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    mode = TUNNEL
  3684. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    policies = 1
  3685. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    policies_fwd_out = 0
  3686. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    dpd_action = trap
  3687. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    start_action = trap
  3688. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    close_action = none
  3689. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    reqid = 0
  3690. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    tfc = 0
  3691. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    priority = 0
  3692. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    interface = (null)
  3693. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    if_id_in = 0
  3694. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    if_id_out = 0
  3695. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    mark_in = 0/0
  3696. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    mark_in_sa = 0
  3697. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    mark_out = 0/0
  3698. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    set_mark_in = 0/0
  3699. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    set_mark_out = 0/0
  3700. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    label = (null)
  3701. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    label_mode = system
  3702. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    inactivity = 0
  3703. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_16_128/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_128/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_128/MODP_2048/NO_EXT_SEQ
  3704. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    local_ts = 192.168.131.191/32|/0 192.168.131.177/32|/0 192.168.131.174/32|/0
  3705. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    remote_ts = 172.16.3.0/24|/0 172.16.3.0/24|/0 172.16.3.0/24|/0
  3706. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    hw_offload = no
  3707. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    sha256_96 = 0
  3708. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    copy_df = 1
  3709. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    copy_ecn = 1
  3710. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    copy_dscp = out
  3711. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   version = 2
  3712. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   local_addrs = 197.214.xxx.yyy
  3713. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   remote_addrs = 41.164.68.170
  3714. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   local_port = 500
  3715. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   remote_port = 500
  3716. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   send_certreq = 1
  3717. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   send_cert = CERT_SEND_IF_ASKED
  3718. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   ppk_id = (null)
  3719. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   ppk_required = 0
  3720. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   mobike = 0
  3721. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   aggressive = 0
  3722. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   dscp = 0x00
  3723. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   encap = 0
  3724. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   dpd_delay = 10
  3725. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   dpd_timeout = 0
  3726. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   fragmentation = 2
  3727. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   childless = 0
  3728. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   unique = UNIQUE_REPLACE
  3729. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   keyingtries = 1
  3730. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   reauth_time = 0
  3731. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   rekey_time = 77760
  3732. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   over_time = 8640
  3733. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   rand_time = 8640
  3734. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   proposals = IKE:AES_GCM_16_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
  3735. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   if_id_in = 0
  3736. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   if_id_out = 0
  3737. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   local:
  3738. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    class = pre-shared key
  3739. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    id = 197.214.xxx.yyy
  3740. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   remote:
  3741. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    class = pre-shared key
  3742. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    id = 41.164.68.170
  3743. Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG] updated vici connection: con4
  3744. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] vici client 336 requests: load-conn
  3745. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]  conn con5:
  3746. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   child con5:
  3747. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_time = 3240
  3748. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_time = 3600
  3749. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_time = 360
  3750. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_bytes = 0
  3751. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_bytes = 0
  3752. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_bytes = 0
  3753. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_packets = 0
  3754. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_packets = 0
  3755. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_packets = 0
  3756. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    updown = (null)
  3757. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    hostaccess = 0
  3758. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    ipcomp = 0
  3759. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mode = TUNNEL
  3760. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    policies = 1
  3761. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    policies_fwd_out = 0
  3762. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    dpd_action = trap
  3763. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    start_action = trap
  3764. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    close_action = none
  3765. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    reqid = 0
  3766. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    tfc = 0
  3767. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    priority = 0
  3768. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    interface = (null)
  3769. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    if_id_in = 0
  3770. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    if_id_out = 0
  3771. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_in = 0/0
  3772. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_in_sa = 0
  3773. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_out = 0/0
  3774. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    set_mark_in = 0/0
  3775. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    set_mark_out = 0/0
  3776. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    label = (null)
  3777. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    label_mode = system
  3778. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    inactivity = 0
  3779. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    proposals = ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  3780. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    local_ts = 192.168.152.0/29|/0
  3781. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    remote_ts = 192.168.0.0/24|/0
  3782. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    hw_offload = no
  3783. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    sha256_96 = 0
  3784. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_df = 1
  3785. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_ecn = 1
  3786. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_dscp = out
  3787. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   version = 2
  3788. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local_addrs = 197.214.xxx.yyy
  3789. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote_addrs = 196.250.128.24
  3790. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local_port = 500
  3791. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote_port = 500
  3792. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   send_certreq = 1
  3793. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   send_cert = CERT_SEND_IF_ASKED
  3794. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   ppk_id = (null)
  3795. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   ppk_required = 0
  3796. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   mobike = 0
  3797. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   aggressive = 0
  3798. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dscp = 0x00
  3799. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   encap = 0
  3800. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dpd_delay = 10
  3801. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dpd_timeout = 0
  3802. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   fragmentation = 2
  3803. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   childless = 0
  3804. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   unique = UNIQUE_REPLACE
  3805. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   keyingtries = 1
  3806. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   reauth_time = 0
  3807. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   rekey_time = 25920
  3808. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   over_time = 2880
  3809. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   rand_time = 2880
  3810. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   proposals = IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  3811. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   if_id_in = 0
  3812. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   if_id_out = 0
  3813. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local:
  3814. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    class = pre-shared key
  3815. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    id = 197.214.xxx.yyy
  3816. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote:
  3817. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    class = pre-shared key
  3818. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    id = %any
  3819. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] updated vici connection: con5
  3820. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] vici client 336 requests: load-conn
  3821. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]  conn con-mobile:
  3822. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   child con-mobile:
  3823. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_time = 3240
  3824. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_time = 3600
  3825. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_time = 360
  3826. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_bytes = 0
  3827. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_bytes = 0
  3828. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_bytes = 0
  3829. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_packets = 0
  3830. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_packets = 0
  3831. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_packets = 0
  3832. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    updown = (null)
  3833. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    hostaccess = 0
  3834. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    ipcomp = 0
  3835. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mode = TUNNEL
  3836. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    policies = 1
  3837. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    policies_fwd_out = 0
  3838. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    dpd_action = none
  3839. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    start_action = none
  3840. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    close_action = none
  3841. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    reqid = 0
  3842. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    tfc = 0
  3843. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    priority = 0
  3844. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    interface = (null)
  3845. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    if_id_in = 0
  3846. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    if_id_out = 0
  3847. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_in = 0/0
  3848. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_in_sa = 0
  3849. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_out = 0/0
  3850. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    set_mark_in = 0/0
  3851. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    set_mark_out = 0/0
  3852. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    label = (null)
  3853. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    label_mode = system
  3854. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    inactivity = 0
  3855. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_192/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  3856. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    local_ts = 192.168.152.0/29|/0
  3857. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    remote_ts = dynamic
  3858. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    hw_offload = no
  3859. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    sha256_96 = 0
  3860. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_df = 1
  3861. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_ecn = 1
  3862. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_dscp = out
  3863. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   version = 2
  3864. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local_addrs = 197.214.xxx.yyy
  3865. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote_addrs = 0.0.0.0/0, ::/0
  3866. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local_port = 500
  3867. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote_port = 500
  3868. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   send_certreq = 1
  3869. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   send_cert = CERT_ALWAYS_SEND
  3870. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   ppk_id = (null)
  3871. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   ppk_required = 0
  3872. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   mobike = 1
  3873. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   aggressive = 0
  3874. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dscp = 0x00
  3875. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   encap = 0
  3876. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dpd_delay = 10
  3877. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dpd_timeout = 0
  3878. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   fragmentation = 2
  3879. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   childless = 0
  3880. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   unique = UNIQUE_REPLACE
  3881. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   keyingtries = 1
  3882. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   reauth_time = 0
  3883. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   rekey_time = 25920
  3884. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   over_time = 2880
  3885. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   rand_time = 2880
  3886. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   proposals = IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  3887. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   if_id_in = 0
  3888. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   if_id_out = 0
  3889. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local:
  3890. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    class = public key
  3891. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    id = fw.fast.za.net
  3892. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    cert = CN=fw.fast.za.net, C=ZA, ST=Western Cape, L=Cape Town, O=Abellard SS, OU=Hosting Services
  3893. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote:
  3894. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    eap-type = EAP_MSCHAPV2
  3895. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    class = EAP
  3896. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    eap_id = %any
  3897. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    id = %any
  3898. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] updated vici connection: con-mobile
  3899. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG] vici client 336 requests: load-conn
  3900. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]  conn con-mobile-userpool-1:
  3901. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   child con-mobile:
  3902. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    rekey_time = 3240
  3903. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    life_time = 3600
  3904. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    rand_time = 360
  3905. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    rekey_bytes = 0
  3906. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    life_bytes = 0
  3907. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    rand_bytes = 0
  3908. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    rekey_packets = 0
  3909. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    life_packets = 0
  3910. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    rand_packets = 0
  3911. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    updown = (null)
  3912. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    hostaccess = 0
  3913. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    ipcomp = 0
  3914. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    mode = TUNNEL
  3915. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    policies = 1
  3916. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    policies_fwd_out = 0
  3917. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    dpd_action = none
  3918. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    start_action = none
  3919. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    close_action = none
  3920. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    reqid = 0
  3921. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    tfc = 0
  3922. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    priority = 0
  3923. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    interface = (null)
  3924. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    if_id_in = 0
  3925. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    if_id_out = 0
  3926. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    mark_in = 0/0
  3927. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    mark_in_sa = 0
  3928. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    mark_out = 0/0
  3929. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    set_mark_in = 0/0
  3930. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    set_mark_out = 0/0
  3931. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    label = (null)
  3932. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    label_mode = system
  3933. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    inactivity = 0
  3934. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_192/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  3935. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    local_ts = 192.168.152.0/29|/0
  3936. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    remote_ts = dynamic
  3937. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    hw_offload = no
  3938. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    sha256_96 = 0
  3939. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    copy_df = 1
  3940. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    copy_ecn = 1
  3941. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    copy_dscp = out
  3942. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   version = 2
  3943. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   local_addrs = 197.214.xxx.yyy
  3944. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   remote_addrs = 0.0.0.0/0, ::/0
  3945. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   local_port = 500
  3946. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   remote_port = 500
  3947. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   send_certreq = 1
  3948. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   send_cert = CERT_ALWAYS_SEND
  3949. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   ppk_id = (null)
  3950. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   ppk_required = 0
  3951. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   mobike = 1
  3952. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   aggressive = 0
  3953. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   dscp = 0x00
  3954. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   encap = 0
  3955. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   dpd_delay = 10
  3956. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   dpd_timeout = 0
  3957. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   fragmentation = 2
  3958. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   childless = 0
  3959. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   unique = UNIQUE_REPLACE
  3960. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   keyingtries = 1
  3961. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   reauth_time = 0
  3962. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   rekey_time = 25920
  3963. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   over_time = 2880
  3964. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   rand_time = 2880
  3965. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   proposals = IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  3966. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   if_id_in = 0
  3967. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   if_id_out = 0
  3968. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   local:
  3969. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    class = public key
  3970. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    id = fw.fast.za.net
  3971. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    cert = CN=fw.fast.za.net, C=ZA, ST=Western Cape, L=Cape Town, O=Abellard SS, OU=Hosting Services
  3972. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   remote:
  3973. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    eap-type = EAP_MSCHAPV2
  3974. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    class = EAP
  3975. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    eap_id = %any
  3976. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    id = reliance.compost
  3977. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG] updated vici connection: con-mobile-userpool-1
  3978. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] vici client 336 requests: load-conn
  3979. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]  conn con-mobile-userpool-2:
  3980. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   child con-mobile:
  3981. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_time = 3240
  3982. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_time = 3600
  3983. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_time = 360
  3984. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_bytes = 0
  3985. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_bytes = 0
  3986. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_bytes = 0
  3987. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_packets = 0
  3988. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_packets = 0
  3989. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_packets = 0
  3990. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    updown = (null)
  3991. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    hostaccess = 0
  3992. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    ipcomp = 0
  3993. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mode = TUNNEL
  3994. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    policies = 1
  3995. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    policies_fwd_out = 0
  3996. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    dpd_action = none
  3997. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    start_action = none
  3998. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    close_action = none
  3999. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    reqid = 0
  4000. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    tfc = 0
  4001. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    priority = 0
  4002. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    interface = (null)
  4003. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    if_id_in = 0
  4004. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    if_id_out = 0
  4005. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_in = 0/0
  4006. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_in_sa = 0
  4007. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_out = 0/0
  4008. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    set_mark_in = 0/0
  4009. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    set_mark_out = 0/0
  4010. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    label = (null)
  4011. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    label_mode = system
  4012. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    inactivity = 0
  4013. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_192/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  4014. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    local_ts = 192.168.152.0/29|/0
  4015. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    remote_ts = dynamic
  4016. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    hw_offload = no
  4017. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    sha256_96 = 0
  4018. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_df = 1
  4019. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_ecn = 1
  4020. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_dscp = out
  4021. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   version = 2
  4022. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local_addrs = 197.214.xxx.yyy
  4023. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote_addrs = 0.0.0.0/0, ::/0
  4024. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local_port = 500
  4025. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote_port = 500
  4026. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   send_certreq = 1
  4027. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   send_cert = CERT_ALWAYS_SEND
  4028. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   ppk_id = (null)
  4029. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   ppk_required = 0
  4030. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   mobike = 1
  4031. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   aggressive = 0
  4032. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dscp = 0x00
  4033. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   encap = 0
  4034. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dpd_delay = 10
  4035. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dpd_timeout = 0
  4036. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   fragmentation = 2
  4037. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   childless = 0
  4038. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   unique = UNIQUE_REPLACE
  4039. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   keyingtries = 1
  4040. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   reauth_time = 0
  4041. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   rekey_time = 25920
  4042. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   over_time = 2880
  4043. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   rand_time = 2880
  4044. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   proposals = IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  4045. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   if_id_in = 0
  4046. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   if_id_out = 0
  4047. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local:
  4048. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    class = public key
  4049. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    id = fw.fast.za.net
  4050. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    cert = CN=fw.fast.za.net, C=ZA, ST=Western Cape, L=Cape Town, O=Abellard SS, OU=Hosting Services
  4051. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote:
  4052. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    eap-type = EAP_MSCHAPV2
  4053. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    class = EAP
  4054. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    eap_id = %any
  4055. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    id = mac.pack
  4056. Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] updated vici connection: con-mobile-userpool-2
  4057. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG] vici client 336 requests: load-conn
  4058. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]  conn con-mobile-userpool-3:
  4059. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   child con-mobile:
  4060. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    rekey_time = 3240
  4061. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    life_time = 3600
  4062. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    rand_time = 360
  4063. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    rekey_bytes = 0
  4064. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    life_bytes = 0
  4065. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    rand_bytes = 0
  4066. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    rekey_packets = 0
  4067. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    life_packets = 0
  4068. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    rand_packets = 0
  4069. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    updown = (null)
  4070. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    hostaccess = 0
  4071. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    ipcomp = 0
  4072. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    mode = TUNNEL
  4073. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    policies = 1
  4074. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    policies_fwd_out = 0
  4075. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    dpd_action = none
  4076. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    start_action = none
  4077. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    close_action = none
  4078. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    reqid = 0
  4079. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    tfc = 0
  4080. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    priority = 0
  4081. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    interface = (null)
  4082. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    if_id_in = 0
  4083. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    if_id_out = 0
  4084. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    mark_in = 0/0
  4085. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    mark_in_sa = 0
  4086. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    mark_out = 0/0
  4087. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    set_mark_in = 0/0
  4088. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    set_mark_out = 0/0
  4089. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    label = (null)
  4090. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    label_mode = system
  4091. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    inactivity = 0
  4092. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_192/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  4093. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    local_ts = 192.168.152.0/29|/0
  4094. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    remote_ts = dynamic
  4095. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    hw_offload = no
  4096. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    sha256_96 = 0
  4097. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    copy_df = 1
  4098. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    copy_ecn = 1
  4099. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    copy_dscp = out
  4100. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   version = 2
  4101. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   local_addrs = 197.214.xxx.yyy
  4102. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   remote_addrs = 0.0.0.0/0, ::/0
  4103. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   local_port = 500
  4104. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   remote_port = 500
  4105. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   send_certreq = 1
  4106. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   send_cert = CERT_ALWAYS_SEND
  4107. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   ppk_id = (null)
  4108. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   ppk_required = 0
  4109. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   mobike = 1
  4110. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   aggressive = 0
  4111. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   dscp = 0x00
  4112. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   encap = 0
  4113. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   dpd_delay = 10
  4114. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   dpd_timeout = 0
  4115. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   fragmentation = 2
  4116. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   childless = 0
  4117. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   unique = UNIQUE_REPLACE
  4118. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   keyingtries = 1
  4119. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   reauth_time = 0
  4120. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   rekey_time = 25920
  4121. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   over_time = 2880
  4122. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   rand_time = 2880
  4123. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   proposals = IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  4124. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   if_id_in = 0
  4125. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   if_id_out = 0
  4126. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   local:
  4127. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    class = public key
  4128. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    id = fw.fast.za.net
  4129. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    cert = CN=fw.fast.za.net, C=ZA, ST=Western Cape, L=Cape Town, O=Abellard SS, OU=Hosting Services
  4130. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   remote:
  4131. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    eap-type = EAP_MSCHAPV2
  4132. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    class = EAP
  4133. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    eap_id = %any
  4134. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    id = greenway.farms
  4135. Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG] updated vici connection: con-mobile-userpool-3
  4136. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG] vici client 336 requests: unload-conn
  4137. Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG] vici client 336 disconnected
  4138. Nov 28 22:34:14 fw-1A charon[61694]: 05[KNL] creating acquire job for policy 197.214.xxx.yyy/32|/0 === 196.250.128.24/32|/0 with reqid {2}
  4139. Nov 28 22:34:14 fw-1A charon[61694]: 06[CFG] ignoring acquire for reqid 2, connection attempt pending
  4140. Nov 28 22:34:16 fw-1A charon[61694]: 05[CFG] vici client 337 connected
  4141. Nov 28 22:34:16 fw-1A charon[61694]: 14[CFG] vici client 337 registered for: list-sa
  4142. Nov 28 22:34:16 fw-1A charon[61694]: 14[CFG] vici client 337 requests: list-sas
  4143. Nov 28 22:34:16 fw-1A charon[61694]: 14[CFG] vici client 337 disconnected
  4144. Nov 28 22:34:20 fw-1A charon[61694]: 05[NET] <531> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
  4145. Nov 28 22:34:20 fw-1A charon[61694]: 05[ENC] <531> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
  4146. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
  4147. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
  4148. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  4149. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  4150. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  4151. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  4152. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
  4153. Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <531> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
  4154. Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <531> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
  4155. Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <531> 196.250.128.24 is initiating an IKE_SA
  4156. Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <531> IKE_SA (unnamed)[531] state change: CREATED => CONNECTING
  4157. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531> selecting proposal:
  4158. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531>   proposal matches
  4159. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  4160. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  4161. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  4162. Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <531> remote host is behind NAT
  4163. Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <531> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  4164. Nov 28 22:34:20 fw-1A charon[61694]: 05[ENC] <531> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
  4165. Nov 28 22:34:20 fw-1A charon[61694]: 05[NET] <531> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
  4166. Nov 28 22:34:20 fw-1A charon[61694]: 05[NET] <531> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (480 bytes)
  4167. Nov 28 22:34:20 fw-1A charon[61694]: 05[ENC] <531> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
  4168. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
  4169. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531>   candidate "con5", match: 1/1/3100 (me/other/ike)
  4170. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
  4171. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531> selected peer config 'con5'
  4172. Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <con5|531> authentication of '20.0.0.100' with pre-shared key successful
  4173. Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <con5|531> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
  4174. Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <con5|531> successfully created shared key MAC
  4175. Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <con5|531> IKE_SA con5[531] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
  4176. Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <con5|531> IKE_SA con5[531] state change: CONNECTING => ESTABLISHED
  4177. Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <con5|531> scheduling rekeying in 24763s
  4178. Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <con5|531> maximum IKE_SA lifetime 27643s
  4179. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  4180. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531> proposing traffic selectors for us:
  4181. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531>  192.168.152.0/29|/0
  4182. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531> proposing traffic selectors for other:
  4183. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531>  192.168.0.0/24|/0
  4184. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531>   candidate "con5" with prio 5+5
  4185. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531> found matching child config "con5" with prio 10
  4186. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531> selecting proposal:
  4187. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531>   proposal matches
  4188. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  4189. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
  4190. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
  4191. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531> selecting traffic selectors for us:
  4192. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
  4193. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531> selecting traffic selectors for other:
  4194. Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
  4195. Nov 28 22:34:20 fw-1A charon[61694]: 05[CHD] <con5|531> CHILD_SA con5{129} state change: CREATED => INSTALLING
  4196. Nov 28 22:34:20 fw-1A charon[61694]: 05[CHD] <con5|531>   using AES_CBC for encryption
  4197. Nov 28 22:34:20 fw-1A charon[61694]: 05[CHD] <con5|531>   using HMAC_SHA2_256_128 for integrity
  4198. Nov 28 22:34:20 fw-1A charon[61694]: 05[CHD] <con5|531> adding inbound ESP SA
  4199. Nov 28 22:34:20 fw-1A charon[61694]: 05[CHD] <con5|531>   SPI 0xcaa0a900, src 196.250.128.24 dst 197.214.xxx.yyy
  4200. Nov 28 22:34:20 fw-1A charon[61694]: 05[CHD] <con5|531> adding outbound ESP SA
  4201. Nov 28 22:34:20 fw-1A charon[61694]: 05[CHD] <con5|531>   SPI 0x03392f22, src 197.214.xxx.yyy dst 196.250.128.24
  4202. Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <con5|531> CHILD_SA con5{129} established with SPIs caa0a900_i 03392f22_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
  4203. Nov 28 22:34:20 fw-1A charon[61694]: 05[CHD] <con5|531> CHILD_SA con5{129} state change: INSTALLING => INSTALLED
  4204. Nov 28 22:34:20 fw-1A charon[61694]: 05[ENC] <con5|531> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
  4205. Nov 28 22:34:20 fw-1A charon[61694]: 05[NET] <con5|531> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
  4206. Nov 28 22:34:21 fw-1A charon[61694]: 08[CFG] vici client 338 connected
  4207. Nov 28 22:34:21 fw-1A charon[61694]: 05[CFG] vici client 338 registered for: list-sa
  4208. Nov 28 22:34:21 fw-1A charon[61694]: 05[CFG] vici client 338 requests: list-sas
  4209. Nov 28 22:34:21 fw-1A charon[61694]: 15[CFG] vici client 338 disconnected
  4210. Nov 28 22:34:27 fw-1A charon[61694]: 07[CFG] vici client 339 connected
  4211. Nov 28 22:34:27 fw-1A charon[61694]: 11[CFG] vici client 339 registered for: list-sa
  4212. Nov 28 22:34:27 fw-1A charon[61694]: 11[CFG] vici client 339 requests: list-sas
  4213. Nov 28 22:34:27 fw-1A charon[61694]: 07[CFG] vici client 339 disconnected
  4214. Nov 28 22:34:32 fw-1A charon[61694]: 11[IKE] <con5|500> retransmit 5 of request with message ID 1
  4215. Nov 28 22:34:32 fw-1A charon[61694]: 11[NET] <con5|500> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (272 bytes)
  4216. Nov 28 22:34:32 fw-1A charon[61694]: 11[CFG] vici client 340 connected
  4217. Nov 28 22:34:32 fw-1A charon[61694]: 07[CFG] vici client 340 registered for: list-sa
  4218. Nov 28 22:34:32 fw-1A charon[61694]: 07[CFG] vici client 340 requests: list-sas
  4219. Nov 28 22:34:32 fw-1A charon[61694]: 13[CFG] vici client 340 disconnected
  4220. Nov 28 22:34:37 fw-1A charon[61694]: 13[CFG] vici client 341 connected
  4221. Nov 28 22:34:37 fw-1A charon[61694]: 09[CFG] vici client 341 registered for: list-sa
  4222. Nov 28 22:34:37 fw-1A charon[61694]: 09[CFG] vici client 341 requests: list-sas
  4223. Nov 28 22:34:37 fw-1A charon[61694]: 13[CFG] vici client 341 disconnected
  4224. Nov 28 22:34:42 fw-1A charon[61694]: 11[CFG] vici client 342 connected
  4225. Nov 28 22:34:42 fw-1A charon[61694]: 11[CFG] vici client 342 registered for: list-sa
  4226. Nov 28 22:34:42 fw-1A charon[61694]: 13[CFG] vici client 342 requests: list-sas
  4227. Nov 28 22:34:42 fw-1A charon[61694]: 13[CFG] vici client 342 disconnected
  4228. Nov 28 22:34:47 fw-1A charon[61694]: 13[CFG] vici client 343 connected
  4229. Nov 28 22:34:47 fw-1A charon[61694]: 10[CFG] vici client 343 registered for: list-sa
  4230. Nov 28 22:34:47 fw-1A charon[61694]: 10[CFG] vici client 343 requests: list-sas
  4231. Nov 28 22:34:47 fw-1A charon[61694]: 10[CFG] vici client 343 disconnected
  4232. Nov 28 22:34:47 fw-1A charon[61694]: 10[IKE] <con5|531> sending DPD request
  4233. Nov 28 22:34:47 fw-1A charon[61694]: 10[IKE] <con5|531> queueing IKE_DPD task
  4234. Nov 28 22:34:47 fw-1A charon[61694]: 10[IKE] <con5|531> activating new tasks
  4235. Nov 28 22:34:47 fw-1A charon[61694]: 10[IKE] <con5|531>   activating IKE_DPD task
  4236. Nov 28 22:34:47 fw-1A charon[61694]: 10[ENC] <con5|531> generating INFORMATIONAL request 0 [ ]
  4237. Nov 28 22:34:47 fw-1A charon[61694]: 10[NET] <con5|531> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  4238. Nov 28 22:34:48 fw-1A charon[61694]: 10[NET] <con5|531> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (96 bytes)
  4239. Nov 28 22:34:48 fw-1A charon[61694]: 10[ENC] <con5|531> parsed INFORMATIONAL response 0 [ ]
  4240. Nov 28 22:34:48 fw-1A charon[61694]: 10[IKE] <con5|531> activating new tasks
  4241. Nov 28 22:34:48 fw-1A charon[61694]: 10[IKE] <con5|531> nothing to initiate
  4242. Nov 28 22:34:52 fw-1A charon[61694]: 12[CFG] vici client 344 connected
  4243. Nov 28 22:34:52 fw-1A charon[61694]: 16[CFG] vici client 344 registered for: list-sa
  4244. Nov 28 22:34:52 fw-1A charon[61694]: 12[CFG] vici client 344 requests: list-sas
  4245. Nov 28 22:34:52 fw-1A charon[61694]: 16[CFG] vici client 344 disconnected
  4246. Nov 28 22:34:57 fw-1A charon[61694]: 12[CFG] vici client 345 connected
  4247. Nov 28 22:34:57 fw-1A charon[61694]: 12[CFG] vici client 345 registered for: list-sa
  4248. Nov 28 22:34:57 fw-1A charon[61694]: 06[CFG] vici client 345 requests: list-sas
  4249. Nov 28 22:34:57 fw-1A charon[61694]: 12[CFG] vici client 345 disconnected
  4250. Nov 28 22:35:01 fw-1A charon[61694]: 14[NET] <532> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
  4251. Nov 28 22:35:01 fw-1A charon[61694]: 14[ENC] <532> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
  4252. Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
  4253. Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  4254. Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  4255. Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  4256. Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  4257. Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> found matching ike config: 197.214.xxx.yyy...0.0.0.0/0, ::/0 with prio 1052
  4258. Nov 28 22:35:01 fw-1A charon[61694]: 14[IKE] <532> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
  4259. Nov 28 22:35:01 fw-1A charon[61694]: 14[IKE] <532> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
  4260. Nov 28 22:35:01 fw-1A charon[61694]: 14[IKE] <532> 165.165.172.58 is initiating an IKE_SA
  4261. Nov 28 22:35:01 fw-1A charon[61694]: 14[IKE] <532> IKE_SA (unnamed)[532] state change: CREATED => CONNECTING
  4262. Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> selecting proposal:
  4263. Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532>   no acceptable ENCRYPTION_ALGORITHM found
  4264. Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> selecting proposal:
  4265. Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532>   no acceptable ENCRYPTION_ALGORITHM found
  4266. Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> selecting proposal:
  4267. Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532>   proposal matches
  4268. Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
  4269. Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  4270. Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
  4271. Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> received supported signature hash algorithms: sha256 sha384 sha512 identity
  4272. Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> sending supported signature hash algorithms: sha256 sha384 sha512 identity
  4273. Nov 28 22:35:01 fw-1A charon[61694]: 14[IKE] <532> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  4274. Nov 28 22:35:01 fw-1A charon[61694]: 14[ENC] <532> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
  4275. Nov 28 22:35:01 fw-1A charon[61694]: 14[NET] <532> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
  4276. Nov 28 22:35:01 fw-1A charon[61694]: 14[NET] <532> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
  4277. Nov 28 22:35:01 fw-1A charon[61694]: 14[ENC] <532> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
  4278. Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
  4279. Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> no matching peer config found
  4280. Nov 28 22:35:01 fw-1A charon[61694]: 14[ENC] <532> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
  4281. Nov 28 22:35:01 fw-1A charon[61694]: 14[NET] <532> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
  4282. Nov 28 22:35:01 fw-1A charon[61694]: 14[IKE] <532> IKE_SA (unnamed)[532] state change: CONNECTING => DESTROYING
  4283. Nov 28 22:35:02 fw-1A charon[61694]: 06[CFG] vici client 346 connected
  4284. Nov 28 22:35:02 fw-1A charon[61694]: 14[CFG] vici client 346 registered for: list-sa
  4285. Nov 28 22:35:02 fw-1A charon[61694]: 06[CFG] vici client 346 requests: list-sas
  4286. Nov 28 22:35:02 fw-1A charon[61694]: 08[CFG] vici client 346 disconnected
  4287. Nov 28 22:35:07 fw-1A charon[61694]: 08[CFG] vici client 347 connected
  4288. Nov 28 22:35:07 fw-1A charon[61694]: 05[CFG] vici client 347 registered for: list-sa
  4289. Nov 28 22:35:07 fw-1A charon[61694]: 05[CFG] vici client 347 requests: list-sas
  4290. Nov 28 22:35:07 fw-1A charon[61694]: 08[CFG] vici client 347 disconnected
  4291. Nov 28 22:35:12 fw-1A charon[61694]: 08[CFG] vici client 348 connected
  4292. Nov 28 22:35:12 fw-1A charon[61694]: 15[CFG] vici client 348 registered for: list-sa
  4293. Nov 28 22:35:12 fw-1A charon[61694]: 06[CFG] vici client 348 requests: list-sas
  4294. Nov 28 22:35:12 fw-1A charon[61694]: 08[CFG] vici client 348 disconnected
  4295. Nov 28 22:35:17 fw-1A charon[61694]: 08[CFG] vici client 349 connected
  4296. Nov 28 22:35:17 fw-1A charon[61694]: 09[CFG] vici client 349 registered for: list-sa
  4297. Nov 28 22:35:17 fw-1A charon[61694]: 09[CFG] vici client 349 requests: list-sas
  4298. Nov 28 22:35:17 fw-1A charon[61694]: 09[CFG] vici client 349 disconnected
  4299. Nov 28 22:35:22 fw-1A charon[61694]: 06[CFG] vici client 350 connected
  4300. Nov 28 22:35:22 fw-1A charon[61694]: 07[CFG] vici client 350 registered for: list-sa
  4301. Nov 28 22:35:22 fw-1A charon[61694]: 06[CFG] vici client 350 requests: list-sas
  4302. Nov 28 22:35:22 fw-1A charon[61694]: 09[CFG] vici client 350 disconnected
  4303. Nov 28 22:35:27 fw-1A charon[61694]: 06[CFG] vici client 351 connected
  4304. Nov 28 22:35:27 fw-1A charon[61694]: 11[CFG] vici client 351 registered for: list-sa
  4305. Nov 28 22:35:27 fw-1A charon[61694]: 11[CFG] vici client 351 requests: list-sas
  4306. Nov 28 22:35:27 fw-1A charon[61694]: 11[CFG] vici client 351 disconnected
  4307. Nov 28 22:35:32 fw-1A charon[61694]: 06[CFG] vici client 352 connected
  4308. Nov 28 22:35:32 fw-1A charon[61694]: 06[CFG] vici client 352 registered for: list-sa
  4309. Nov 28 22:35:32 fw-1A charon[61694]: 13[CFG] vici client 352 requests: list-sas
  4310. Nov 28 22:35:32 fw-1A charon[61694]: 11[CFG] vici client 352 disconnected
  4311. Nov 28 22:35:37 fw-1A charon[61694]: 11[CFG] vici client 353 connected
  4312. Nov 28 22:35:37 fw-1A charon[61694]: 10[CFG] vici client 353 registered for: list-sa
  4313. Nov 28 22:35:37 fw-1A charon[61694]: 11[CFG] vici client 353 requests: list-sas
  4314. Nov 28 22:35:37 fw-1A charon[61694]: 10[CFG] vici client 353 disconnected
  4315. Nov 28 22:35:43 fw-1A charon[61694]: 11[CFG] vici client 354 connected
  4316. Nov 28 22:35:43 fw-1A charon[61694]: 11[CFG] vici client 354 registered for: list-sa
  4317. Nov 28 22:35:43 fw-1A charon[61694]: 16[CFG] vici client 354 requests: list-sas
  4318. Nov 28 22:35:43 fw-1A charon[61694]: 16[CFG] vici client 354 disconnected
  4319. Nov 28 22:35:47 fw-1A charon[61694]: 16[IKE] <con5|500> giving up after 5 retransmits
  4320. Nov 28 22:35:47 fw-1A charon[61694]: 16[IKE] <con5|500> establishing IKE_SA failed, peer not responding
  4321. Nov 28 22:35:47 fw-1A charon[61694]: 16[IKE] <con5|500> IKE_SA con5[500] state change: CONNECTING => DESTROYING
  4322. Nov 28 22:35:47 fw-1A charon[61694]: 16[CHD] <con5|500> CHILD_SA con5{100} state change: CREATED => DESTROYING
  4323. Nov 28 22:35:47 fw-1A charon[61694]: 16[KNL] <con5|500> unable to delete SAD entry with SPI cd555938: No such process (3)
  4324. Nov 28 22:35:48 fw-1A charon[61694]: 12[CFG] vici client 355 connected
  4325. Nov 28 22:35:48 fw-1A charon[61694]: 11[CFG] vici client 355 registered for: list-sa
  4326. Nov 28 22:35:48 fw-1A charon[61694]: 11[CFG] vici client 355 requests: list-sas
  4327. Nov 28 22:35:48 fw-1A charon[61694]: 11[CFG] vici client 355 disconnected
  4328. Nov 28 22:35:53 fw-1A charon[61694]: 14[CFG] vici client 356 connected
  4329. Nov 28 22:35:53 fw-1A charon[61694]: 12[CFG] vici client 356 registered for: list-sa
  4330. Nov 28 22:35:53 fw-1A charon[61694]: 12[CFG] vici client 356 requests: list-sas
  4331. Nov 28 22:35:53 fw-1A charon[61694]: 14[CFG] vici client 356 disconnected
  4332. Nov 28 22:35:58 fw-1A charon[61694]: 05[CFG] vici client 357 connected
  4333. Nov 28 22:35:58 fw-1A charon[61694]: 14[CFG] vici client 357 registered for: list-sa
  4334. Nov 28 22:35:58 fw-1A charon[61694]: 14[CFG] vici client 357 requests: list-sas
  4335. Nov 28 22:35:58 fw-1A charon[61694]: 14[CFG] vici client 357 disconnected
  4336. Nov 28 22:35:58 fw-1A charon[61694]: 05[IKE] <con5|531> sending DPD request
  4337. Nov 28 22:35:58 fw-1A charon[61694]: 05[IKE] <con5|531> queueing IKE_DPD task
  4338. Nov 28 22:35:58 fw-1A charon[61694]: 05[IKE] <con5|531> activating new tasks
  4339. Nov 28 22:35:58 fw-1A charon[61694]: 05[IKE] <con5|531>   activating IKE_DPD task
  4340. Nov 28 22:35:58 fw-1A charon[61694]: 05[ENC] <con5|531> generating INFORMATIONAL request 1 [ ]
  4341. Nov 28 22:35:58 fw-1A charon[61694]: 05[NET] <con5|531> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
  4342. Nov 28 22:35:58 fw-1A charon[61694]: 05[NET] <con5|531> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (112 bytes)
  4343. Nov 28 22:35:58 fw-1A charon[61694]: 05[ENC] <con5|531> parsed INFORMATIONAL response 1 [ ]
  4344. Nov 28 22:35:58 fw-1A charon[61694]: 05[IKE] <con5|531> activating new tasks
  4345. Nov 28 22:35:58 fw-1A charon[61694]: 05[IKE] <con5|531> nothing to initiate
  4346. Nov 28 22:36:01 fw-1A charon[61694]: 15[NET] <533> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
  4347. Nov 28 22:36:01 fw-1A charon[61694]: 15[ENC] <533> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
  4348. Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
  4349. Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  4350. Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  4351. Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  4352. Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
  4353. Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> found matching ike config: 197.214.xxx.yyy...0.0.0.0/0, ::/0 with prio 1052
  4354. Nov 28 22:36:01 fw-1A charon[61694]: 15[IKE] <533> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
  4355. Nov 28 22:36:01 fw-1A charon[61694]: 15[IKE] <533> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
  4356. Nov 28 22:36:01 fw-1A charon[61694]: 15[IKE] <533> 165.165.172.58 is initiating an IKE_SA
  4357. Nov 28 22:36:01 fw-1A charon[61694]: 15[IKE] <533> IKE_SA (unnamed)[533] state change: CREATED => CONNECTING
  4358. Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> selecting proposal:
  4359. Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533>   no acceptable ENCRYPTION_ALGORITHM found
  4360. Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> selecting proposal:
  4361. Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533>   no acceptable ENCRYPTION_ALGORITHM found
  4362. Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> selecting proposal:
  4363. Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533>   proposal matches
  4364. Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
  4365. Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
  4366. Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
  4367. Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> received supported signature hash algorithms: sha256 sha384 sha512 identity
  4368. Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> sending supported signature hash algorithms: sha256 sha384 sha512 identity
  4369. Nov 28 22:36:01 fw-1A charon[61694]: 15[IKE] <533> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
  4370. Nov 28 22:36:01 fw-1A charon[61694]: 15[ENC] <533> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
  4371. Nov 28 22:36:01 fw-1A charon[61694]: 15[NET] <533> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
  4372. Nov 28 22:36:01 fw-1A charon[61694]: 15[NET] <533> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
  4373. Nov 28 22:36:01 fw-1A charon[61694]: 15[ENC] <533> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
  4374. Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
  4375. Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> no matching peer config found
  4376. Nov 28 22:36:01 fw-1A charon[61694]: 15[ENC] <533> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
  4377. Nov 28 22:36:01 fw-1A charon[61694]: 15[NET] <533> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
  4378. Nov 28 22:36:01 fw-1A charon[61694]: 15[IKE] <533> IKE_SA (unnamed)[533] state change: CONNECTING => DESTROYING
  4379. Nov 28 22:36:03 fw-1A charon[61694]: 05[CFG] vici client 358 connected
  4380. Nov 28 22:36:03 fw-1A charon[61694]: 05[CFG] vici client 358 registered for: list-sa
  4381. Nov 28 22:36:03 fw-1A charon[61694]: 15[CFG] vici client 358 requests: list-sas
  4382. Nov 28 22:36:03 fw-1A charon[61694]: 08[CFG] vici client 358 disconnected
  4383. Nov 28 22:36:08 fw-1A charon[61694]: 15[CFG] vici client 359 connected
  4384. Nov 28 22:36:08 fw-1A charon[61694]: 08[CFG] vici client 359 registered for: list-sa
  4385. Nov 28 22:36:08 fw-1A charon[61694]: 15[CFG] vici client 359 requests: list-sas
  4386. Nov 28 22:36:08 fw-1A charon[61694]: 15[CFG] vici client 359 disconnected
  4387. Nov 28 22:36:13 fw-1A charon[61694]: 09[CFG] vici client 360 connected
  4388. Nov 28 22:36:13 fw-1A charon[61694]: 09[CFG] vici client 360 registered for: list-sa
  4389. Nov 28 22:36:13 fw-1A charon[61694]: 09[CFG] vici client 360 requests: list-sas
  4390. Nov 28 22:36:13 fw-1A charon[61694]: 07[CFG] vici client 360 disconnected
  4391. Nov 28 22:36:16 fw-1A charon[61694]: 09[CFG] vici client 361 connected
  4392. Nov 28 22:36:16 fw-1A charon[61694]: 07[CFG] vici client 361 registered for: list-sa
  4393. Nov 28 22:36:16 fw-1A charon[61694]: 09[CFG] vici client 361 requests: list-sas
  4394. Nov 28 22:36:16 fw-1A charon[61694]: 06[CFG] vici client 361 disconnected
  4395. Nov 28 22:36:18 fw-1A charon[61694]: 09[CFG] vici client 362 connected
  4396. Nov 28 22:36:18 fw-1A charon[61694]: 06[CFG] vici client 362 registered for: list-sa
  4397. Nov 28 22:36:18 fw-1A charon[61694]: 09[CFG] vici client 362 requests: list-sas
  4398. Nov 28 22:36:18 fw-1A charon[61694]: 09[CFG] vici client 362 disconnected
  4399. Nov 28 22:36:23 fw-1A charon[61694]: 10[CFG] vici client 363 connected
  4400. Nov 28 22:36:23 fw-1A charon[61694]: 09[CFG] vici client 363 registered for: list-sa
  4401. Nov 28 22:36:23 fw-1A charon[61694]: 09[CFG] vici client 363 requests: list-sas
  4402. Nov 28 22:36:23 fw-1A charon[61694]: 10[CFG] vici client 363 disconnected
  4403.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!