Jul 20 16:18:34 sun charon: 01[DMN] starting charon (strongSwan Version 4.2.17) Jul 20 16:18:34 sun charon: 01[CFG] loading ca certificates from '/etc/ipsec.d/cacerts' Jul 20 16:18:34 sun charon: 01[CFG] loading aa certificates from '/etc/ipsec.d/aacerts' Jul 20 16:18:34 sun charon: 01[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts' Jul 20 16:18:34 sun charon: 01[CFG] loading attribute certificates from '/etc/ipsec.d/acerts' Jul 20 16:18:34 sun charon: 01[CFG] loading crls from '/etc/ipsec.d/crls' Jul 20 16:18:34 sun charon: 01[CFG] loading secrets from '/etc/ipsec.secrets' Jul 20 16:18:34 sun charon: 01[CFG] loaded IKE secret for 10.1.0.10 Jul 20 16:18:34 sun charon: 01[CFG] loaded IKE secret for 10.1.0.20 Jul 20 16:18:34 sun charon: 01[DMN] loaded plugins: aes des sha1 sha2 md5 gmp random hmac xcbc stroke kernel-netlink updown Jul 20 16:18:34 sun charon: 01[KNL] listening on interfaces: Jul 20 16:18:34 sun charon: 01[KNL] eth0 Jul 20 16:18:34 sun charon: 01[KNL] 192.168.0.2 Jul 20 16:18:34 sun charon: 01[KNL] fec0::2 Jul 20 16:18:34 sun charon: 01[KNL] fe80::fcfd:c0ff:fea8:2 Jul 20 16:18:34 sun charon: 01[KNL] eth1 Jul 20 16:18:34 sun charon: 01[KNL] 10.2.0.1 Jul 20 16:18:34 sun charon: 01[KNL] fec2::1 Jul 20 16:18:34 sun charon: 01[KNL] fe80::fcfd:aff:fe02:1 Jul 20 16:18:34 sun charon: 01[DMN] integrity test of libstrongswan code Jul 20 16:18:34 sun charon: 01[LIB] TEXT: 0x40024e08 + 52128 = 0x400319a8 Jul 20 16:18:34 sun charon: 01[LIB] RODATA: 0x40031a20 + 9716 = 0x40034014 Jul 20 16:18:34 sun charon: 01[LIB] SHA-1 HMAC key: strongSwan Version 4.2.17 Jul 20 16:18:34 sun charon: 01[LIB] SHA-1 HMAC sig: a8:79:ce:93:03:c1:35:1f:be:cd:2f:9b:ac:57:0d:9a Jul 20 16:18:34 sun charon: 01[DMN] integrity test passed Jul 20 16:18:34 sun charon: 01[JOB] spawning 16 worker threads Jul 20 16:18:34 sun charon: 03[CFG] received stroke: add connection 'nat-t' Jul 20 16:18:34 sun charon: 03[CFG] added configuration 'nat-t': 192.168.0.2[192.168.0.2]...%any[%any] Jul 20 16:18:37 sun charon: 10[NET] received packet: from 192.168.0.1[1027] to 192.168.0.2[500] Jul 20 16:18:37 sun charon: 10[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ] Jul 20 16:18:37 sun charon: 10[IKE] 192.168.0.1 is initiating an IKE_SA Jul 20 16:18:37 sun charon: 10[IKE] remote host is behind NAT Jul 20 16:18:37 sun charon: 10[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ] Jul 20 16:18:37 sun charon: 10[NET] sending packet: from 192.168.0.2[500] to 192.168.0.1[1027] Jul 20 16:18:37 sun charon: 11[NET] received packet: from 192.168.0.1[1027] to 192.168.0.2[4500] Jul 20 16:18:37 sun charon: 11[ENC] parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MOBIKE_SUP) N(ADD_6_ADDR) ] Jul 20 16:18:37 sun charon: 11[IKE] authentication of '10.1.0.10' with pre-shared key successful Jul 20 16:18:37 sun charon: 11[CFG] found matching peer config "nat-t": 192.168.0.2...%any with prio 21.5 Jul 20 16:18:37 sun charon: 11[IKE] peer supports MOBIKE Jul 20 16:18:37 sun charon: 11[IKE] authentication of '192.168.0.2' (myself) with pre-shared key Jul 20 16:18:37 sun charon: 11[IKE] scheduling reauthentication in 3400s Jul 20 16:18:37 sun charon: 11[IKE] maximum IKE_SA lifetime 3580s Jul 20 16:18:37 sun charon: 11[IKE] IKE_SA nat-t[1] established between 192.168.0.2[192.168.0.2]...192.168.0.1[10.1.0.10] Jul 20 16:18:37 sun charon: 11[IKE] CHILD_SA nat-t{1} established with SPIs c67d459b_i c87c6f54_o and TS 10.2.0.0/16 === 10.1.0.10/32 Jul 20 16:18:37 sun charon: 11[ENC] generating IKE_AUTH response 1 [ IDr AUTH SA TSi TSr N(AUTH_LFT) N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_6_ADDR) N(ADD_6_ADDR) ] Jul 20 16:18:37 sun charon: 11[NET] sending packet: from 192.168.0.2[4500] to 192.168.0.1[1027] Jul 20 16:18:40 sun charon: 12[NET] received packet: from 192.168.0.1[1028] to 192.168.0.2[500] Jul 20 16:18:40 sun charon: 12[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ] Jul 20 16:18:40 sun charon: 12[IKE] 192.168.0.1 is initiating an IKE_SA Jul 20 16:18:40 sun charon: 12[IKE] remote host is behind NAT Jul 20 16:18:40 sun charon: 12[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) ] Jul 20 16:18:40 sun charon: 12[NET] sending packet: from 192.168.0.2[500] to 192.168.0.1[1028] Jul 20 16:18:41 sun charon: 13[NET] received packet: from 192.168.0.1[1028] to 192.168.0.2[4500] Jul 20 16:18:41 sun charon: 13[ENC] parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MOBIKE_SUP) N(ADD_6_ADDR) ] Jul 20 16:18:41 sun charon: 13[IKE] authentication of '10.1.0.20' with pre-shared key successful Jul 20 16:18:41 sun charon: 13[CFG] found matching peer config "nat-t": 192.168.0.2...%any with prio 21.5 Jul 20 16:18:41 sun charon: 13[IKE] peer supports MOBIKE Jul 20 16:18:41 sun charon: 13[IKE] authentication of '192.168.0.2' (myself) with pre-shared key Jul 20 16:18:41 sun charon: 13[IKE] scheduling reauthentication in 3407s Jul 20 16:18:41 sun charon: 13[IKE] maximum IKE_SA lifetime 3587s Jul 20 16:18:41 sun charon: 13[IKE] IKE_SA nat-t[2] established between 192.168.0.2[192.168.0.2]...192.168.0.1[10.1.0.20] Jul 20 16:18:41 sun charon: 13[IKE] CHILD_SA nat-t{2} established with SPIs c5256f55_i cccc9d3a_o and TS 10.2.0.0/16 === 10.1.0.20/32 Jul 20 16:18:41 sun charon: 13[ENC] generating IKE_AUTH response 1 [ IDr AUTH SA TSi TSr N(AUTH_LFT) N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_6_ADDR) N(ADD_6_ADDR) ] Jul 20 16:18:41 sun charon: 13[NET] sending packet: from 192.168.0.2[4500] to 192.168.0.1[1028] Jul 20 16:18:58 sun charon: 01[DMN] signal of type SIGINT received. Shutting down Jul 20 16:18:58 sun charon: 01[IKE] deleting IKE_SA nat-t[1] between 192.168.0.2[192.168.0.2]...192.168.0.1[10.1.0.10] Jul 20 16:18:58 sun charon: 01[IKE] sending DELETE for IKE_SA nat-t[1] Jul 20 16:18:59 sun charon: 01[ENC] generating INFORMATIONAL request 0 [ D ] Jul 20 16:18:59 sun charon: 01[NET] sending packet: from 192.168.0.2[4500] to 192.168.0.1[1027] Jul 20 16:18:59 sun charon: 01[IKE] deleting IKE_SA nat-t[2] between 192.168.0.2[192.168.0.2]...192.168.0.1[10.1.0.20] Jul 20 16:18:59 sun charon: 01[IKE] sending DELETE for IKE_SA nat-t[2] Jul 20 16:18:59 sun charon: 01[ENC] generating INFORMATIONAL request 0 [ D ] Jul 20 16:18:59 sun charon: 01[NET] sending packet: from 192.168.0.2[4500] to 192.168.0.1[1028]