May 1 02:01:46 dave charon: 00[DMN] Starting IKEv2 charon daemon (strongSwan 4.6.3) May 1 02:01:46 dave charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts' May 1 02:01:46 dave charon: 00[CFG] loaded ca certificate "C=CH, O=Linux strongSwan, OU=RFC3779, CN=strongSwan RFC3779 CA" from '/etc/ipsec.d/cacerts/strongswanCert.pem' May 1 02:01:46 dave charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts' May 1 02:01:46 dave charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts' May 1 02:01:46 dave charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts' May 1 02:01:46 dave charon: 00[CFG] loading crls from '/etc/ipsec.d/crls' May 1 02:01:46 dave charon: 00[CFG] loading secrets from '/etc/ipsec.secrets' May 1 02:01:46 dave charon: 00[CFG] loaded RSA private key from '/etc/ipsec.d/private/daveKey.pem' May 1 02:01:46 dave charon: 00[KNL] listening on interfaces: May 1 02:01:46 dave charon: 00[KNL] eth0 May 1 02:01:46 dave charon: 00[KNL] 192.168.0.200 May 1 02:01:46 dave charon: 00[KNL] fec0::20 May 1 02:01:46 dave charon: 00[KNL] fe80::fcfd:c0ff:fea8:c8 May 1 02:01:46 dave charon: 00[DMN] loaded plugins: curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation addrblock hmac xcbc stroke kernel-netlink socket-default updown May 1 02:01:46 dave charon: 00[JOB] spawning 16 worker threads May 1 02:01:47 dave charon: 08[CFG] received stroke: add ca 'strongswan' May 1 02:01:47 dave charon: 08[CFG] added ca 'strongswan' May 1 02:01:47 dave charon: 08[CFG] received stroke: add connection 'home' May 1 02:01:47 dave charon: 08[CFG] loaded certificate "C=CH, O=Linux strongSwan, OU=RFC3779, CN=dave@strongswan.org" from 'daveCert.pem' May 1 02:01:47 dave charon: 08[CFG] added configuration 'home' May 1 02:01:50 dave charon: 13[CFG] received stroke: initiate 'home' May 1 02:01:50 dave charon: 06[IKE] initiating IKE_SA home[1] to fec0::1 May 1 02:01:50 dave charon: 06[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ] May 1 02:01:50 dave charon: 06[NET] sending packet: from fec0::20[500] to fec0::1[500] May 1 02:01:50 dave charon: 05[NET] received packet: from fec0::1[500] to fec0::20[500] May 1 02:01:50 dave charon: 05[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HTTP_CERT_LOOK) CERTREQ N(MULT_AUTH) ] May 1 02:01:50 dave charon: 05[IKE] received cert request for "C=CH, O=Linux strongSwan, OU=RFC3779, CN=strongSwan RFC3779 CA" May 1 02:01:50 dave charon: 05[IKE] sending cert request for "C=CH, O=Linux strongSwan, OU=RFC3779, CN=strongSwan RFC3779 CA" May 1 02:01:50 dave charon: 05[IKE] authentication of 'dave@strongswan.org' (myself) with RSA signature successful May 1 02:01:50 dave charon: 05[IKE] sending hash-and-url "http://ip6-winnetou.strongswan.org/certs/rfc3779/6b5aec8fe9dcb8d0f707490abc84ab0890a7d2da" May 1 02:01:50 dave charon: 05[IKE] sending end entity cert "C=CH, O=Linux strongSwan, OU=RFC3779, CN=dave@strongswan.org" May 1 02:01:50 dave charon: 05[IKE] establishing CHILD_SA home May 1 02:01:50 dave charon: 05[ENC] generating IKE_AUTH request 1 [ IDi CERT N(INIT_CONTACT) N(HTTP_CERT_LOOK) CERTREQ IDr AUTH SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(MULT_AUTH) N(EAP_ONLY) ] May 1 02:01:50 dave charon: 05[NET] sending packet: from fec0::20[4500] to fec0::1[4500] May 1 02:01:51 dave charon: 04[NET] received packet: from fec0::1[4500] to fec0::20[4500] May 1 02:01:51 dave charon: 04[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH SA TSi TSr N(AUTH_LFT) N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_6_ADDR) ] May 1 02:01:51 dave charon: 04[IKE] received hash-and-url for end entity cert "http://ip6-winnetou.strongswan.org/certs/rfc3779/533394399c61128c957881790d70511537798da1" May 1 02:01:51 dave charon: 04[CFG] fetching certificate from 'http://ip6-winnetou.strongswan.org/certs/rfc3779/533394399c61128c957881790d70511537798da1' ... May 1 02:01:52 dave charon: 04[CFG] fetched certificate "C=CH, O=Linux strongSwan, OU=RFC3779, CN=moon.strongswan.org" May 1 02:01:52 dave charon: 04[CFG] using certificate "C=CH, O=Linux strongSwan, OU=RFC3779, CN=moon.strongswan.org" May 1 02:01:52 dave charon: 04[CFG] using trusted ca certificate "C=CH, O=Linux strongSwan, OU=RFC3779, CN=strongSwan RFC3779 CA" May 1 02:01:52 dave charon: 04[CFG] checking certificate status of "C=CH, O=Linux strongSwan, OU=RFC3779, CN=moon.strongswan.org" May 1 02:01:52 dave charon: 04[CFG] fetching crl from 'http://ip6-winnetou.strongswan.org/strongswan_rfc3779.crl' ... May 1 02:01:52 dave charon: 04[CFG] using trusted certificate "C=CH, O=Linux strongSwan, OU=RFC3779, CN=strongSwan RFC3779 CA" May 1 02:01:52 dave charon: 04[CFG] crl correctly signed by "C=CH, O=Linux strongSwan, OU=RFC3779, CN=strongSwan RFC3779 CA" May 1 02:01:52 dave charon: 04[CFG] crl is valid: until May 15 20:17:23 2012 May 1 02:01:52 dave charon: 04[CFG] certificate status is good May 1 02:01:52 dave charon: 04[CFG] reached self-signed root ca with a path length of 0 May 1 02:01:52 dave charon: 04[IKE] authentication of 'moon.strongswan.org' with RSA signature successful May 1 02:01:52 dave charon: 04[IKE] IKE_SA home[1] established between fec0::20[dave@strongswan.org]...fec0::1[moon.strongswan.org] May 1 02:01:52 dave charon: 04[IKE] scheduling reauthentication in 3406s May 1 02:01:52 dave charon: 04[IKE] maximum IKE_SA lifetime 3586s May 1 02:01:52 dave charon: 04[IKE] checking certificate-based traffic selector constraints [RFC 3779] May 1 02:01:52 dave charon: 04[IKE] TS fec1::/16 is contained in address block constraint fec1::/16 May 1 02:01:52 dave charon: 04[IKE] CHILD_SA home{1} established with SPIs cda3155d_i c69edca7_o and TS fec0::20/128 === fec1::/16 May 1 02:01:52 dave charon: 04[IKE] received AUTH_LIFETIME of 3311s, scheduling reauthentication in 3131s May 1 02:01:52 dave charon: 04[IKE] peer supports MOBIKE May 1 02:02:34 dave charon: 00[DMN] signal of type SIGINT received. Shutting down May 1 02:02:34 dave charon: 00[IKE] deleting IKE_SA home[1] between fec0::20[dave@strongswan.org]...fec0::1[moon.strongswan.org] May 1 02:02:34 dave charon: 00[IKE] sending DELETE for IKE_SA home[1] May 1 02:02:34 dave charon: 00[ENC] generating INFORMATIONAL request 2 [ D ] May 1 02:02:34 dave charon: 00[NET] sending packet: from fec0::20[4500] to fec0::1[4500]