Nov 17 12:12:29 alice charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.6.1, Linux 4.10.17, x86_64)
Nov 17 12:12:29 alice charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Nov 17 12:12:29 alice charon: 00[CFG]   loaded ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA" from '/etc/ipsec.d/cacerts/strongswanCert.pem'
Nov 17 12:12:29 alice charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Nov 17 12:12:29 alice charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Nov 17 12:12:29 alice charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Nov 17 12:12:29 alice charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'
Nov 17 12:12:29 alice charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'
Nov 17 12:12:29 alice charon: 00[CFG]   loaded RSA private key from '/etc/ipsec.d/private/aliceKey.pem'
Nov 17 12:12:29 alice charon: 00[CFG]   loaded IKE secret for 6cu1UTVw@medsrv.org
Nov 17 12:12:29 alice charon: 00[LIB] loaded plugins: charon random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
Nov 17 12:12:29 alice charon: 00[JOB] spawning 16 worker threads
Nov 17 12:12:29 alice charon: 05[CFG] received stroke: add connection 'medsrv'
Nov 17 12:12:29 alice charon: 05[CFG] added configuration 'medsrv'
Nov 17 12:12:29 alice charon: 06[CFG] received stroke: add connection 'peer'
Nov 17 12:12:29 alice charon: 06[CFG]   loaded certificate "C=CH, O=Linux strongSwan, OU=Sales, CN=alice@strongswan.org" from 'aliceCert.pem'
Nov 17 12:12:29 alice charon: 06[CFG] added configuration 'peer'
Nov 17 12:12:29 alice charon: 09[CFG] received stroke: initiate 'peer'
Nov 17 12:12:29 alice charon: 09[IKE] initiating mediation connection
Nov 17 12:12:29 alice charon: 12[IKE] initiating IKE_SA medsrv[2] to 192.168.0.100
Nov 17 12:12:29 alice charon: 12[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) N(ME_MED) ]
Nov 17 12:12:29 alice charon: 12[NET] sending packet: from 10.1.0.10[500] to 192.168.0.100[500] (352 bytes)
Nov 17 12:12:29 alice charon: 13[NET] received packet: from 192.168.0.100[500] to 10.1.0.10[500] (273 bytes)
Nov 17 12:12:29 alice charon: 13[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(ME_MED) N(MULT_AUTH) ]
Nov 17 12:12:29 alice charon: 13[IKE] local host is behind NAT, sending keep alives
Nov 17 12:12:29 alice charon: 13[IKE] received cert request for "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Nov 17 12:12:29 alice charon: 13[IKE] sending cert request for "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Nov 17 12:12:29 alice charon: 13[IKE] authentication of '6cu1UTVw@medsrv.org' (myself) with pre-shared key
Nov 17 12:12:29 alice charon: 13[ENC] generating IKE_AUTH request 1 [ IDi N(INIT_CONTACT) CERTREQ IDr AUTH N(ME_EP) N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Nov 17 12:12:29 alice charon: 13[NET] sending packet: from 10.1.0.10[4500] to 192.168.0.100[4500] (240 bytes)
Nov 17 12:12:29 alice charon: 14[NET] received packet: from 192.168.0.100[4500] to 10.1.0.10[4500] (1236 bytes)
Nov 17 12:12:29 alice charon: 14[ENC] parsed IKE_AUTH response 1 [ EF(1/2) ]
Nov 17 12:12:29 alice charon: 14[ENC] received fragment #1 of 2, waiting for complete IKE message
Nov 17 12:12:29 alice charon: 15[NET] received packet: from 192.168.0.100[4500] to 10.1.0.10[4500] (324 bytes)
Nov 17 12:12:29 alice charon: 15[ENC] parsed IKE_AUTH response 1 [ EF(2/2) ]
Nov 17 12:12:29 alice charon: 15[ENC] received fragment #2 of 2, reassembling fragmented IKE message
Nov 17 12:12:29 alice charon: 15[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH N(AUTH_LFT) N(ME_EP) N(TS_UNACCEPT) ]
Nov 17 12:12:29 alice charon: 15[IKE] received end entity cert "C=CH, O=Linux strongSwan, OU=Research, CN=carol@strongswan.org"
Nov 17 12:12:29 alice charon: 15[IKE] received SERVER_REFLEXIVE ME_ENDPOINT 192.168.0.1[1105]
Nov 17 12:12:29 alice charon: 15[CFG]   using certificate "C=CH, O=Linux strongSwan, OU=Research, CN=carol@strongswan.org"
Nov 17 12:12:29 alice charon: 15[CFG]   using trusted ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Nov 17 12:12:29 alice charon: 15[CFG] checking certificate status of "C=CH, O=Linux strongSwan, OU=Research, CN=carol@strongswan.org"
Nov 17 12:12:29 alice charon: 15[CFG]   fetching crl from 'http://crl.strongswan.org/strongswan.crl' ...
Nov 17 12:12:29 alice charon: 15[CFG]   using trusted certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Nov 17 12:12:29 alice charon: 15[CFG]   crl correctly signed by "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Nov 17 12:12:29 alice charon: 15[CFG]   crl is valid: until Dec 17 10:53:01 2017
Nov 17 12:12:29 alice charon: 15[CFG] certificate status is good
Nov 17 12:12:29 alice charon: 15[CFG]   reached self-signed root ca with a path length of 0
Nov 17 12:12:29 alice charon: 15[IKE] authentication of 'carol@strongswan.org' with RSA_EMSA_PKCS1_SHA2_256 successful
Nov 17 12:12:29 alice charon: 15[IKE] IKE_SA medsrv[2] established between 10.1.0.10[6cu1UTVw@medsrv.org]...192.168.0.100[carol@strongswan.org]
Nov 17 12:12:29 alice charon: 15[IKE] scheduling reauthentication in 3319s
Nov 17 12:12:29 alice charon: 15[IKE] maximum IKE_SA lifetime 3499s
Nov 17 12:12:29 alice charon: 15[IKE] received AUTH_LIFETIME of 3366s, scheduling reauthentication in 3186s
Nov 17 12:12:29 alice charon: 09[ENC] generating ME_CONNECT request 2 [ N(ME_CID) N(ME_CKEY) N(ME_CB) N(ME_EP) N(ME_EP) N(ME_EP) IDp ]
Nov 17 12:12:29 alice charon: 09[NET] sending packet: from 10.1.0.10[4500] to 192.168.0.100[4500] (208 bytes)
Nov 17 12:12:29 alice charon: 16[NET] received packet: from 192.168.0.100[4500] to 10.1.0.10[4500] (80 bytes)
Nov 17 12:12:29 alice charon: 16[ENC] parsed ME_CONNECT response 2 [ ]
Nov 17 12:12:29 alice charon: 05[NET] received packet: from 192.168.0.100[4500] to 10.1.0.10[4500] (208 bytes)
Nov 17 12:12:29 alice charon: 05[ENC] parsed ME_CONNECT request 0 [ N(ME_R) N(ME_CID) N(ME_CKEY) N(ME_EP) N(ME_EP) N(ME_EP) IDp ]
Nov 17 12:12:29 alice charon: 05[IKE] received HOST ME_ENDPOINT 10.2.0.10[4500]
Nov 17 12:12:29 alice charon: 05[IKE] received HOST ME_ENDPOINT fec2::10[4500]
Nov 17 12:12:29 alice charon: 05[IKE] received SERVER_REFLEXIVE ME_ENDPOINT 192.168.0.2[1200]
Nov 17 12:12:29 alice charon: 05[IKE] received ME_CONNECT
Nov 17 12:12:29 alice charon: 05[IKE] pairs on checklist d3:fa:f8:b0:
Nov 17 12:12:29 alice charon: 05[IKE]  * 10.1.0.10[4500] - 10.2.0.10[4500] (33554432)
Nov 17 12:12:29 alice charon: 05[IKE]  * fec1::10[4500] - fec2::10[4500] (33554432)
Nov 17 12:12:29 alice charon: 05[IKE]  * 10.1.0.10[4500] - 192.168.0.2[1200] (33554432)
Nov 17 12:12:29 alice charon: 05[IKE]  * 10.1.0.10[4500] - 10.2.0.10[4500] (33554432)
Nov 17 12:12:29 alice charon: 05[IKE]  * 10.1.0.10[4500] - 192.168.0.2[1200] (8519680)
Nov 17 12:12:29 alice charon: 05[IKE] pruning endpoint pair 10.1.0.10[4500] - 10.2.0.10[4500] with priority 33554432
Nov 17 12:12:29 alice charon: 05[IKE] pruning endpoint pair 10.1.0.10[4500] - 192.168.0.2[1200] with priority 8519680
Nov 17 12:12:29 alice charon: 07[IKE] no triggered check queued, sending an ordinary check
Nov 17 12:12:29 alice charon: 07[ENC] generating INFORMATIONAL request 1 [ N(ME_CID) N(ME_EP) N(ME_CAUTH) ]
Nov 17 12:12:29 alice charon: 07[NET] sending packet: from 10.1.0.10[4500] to 10.2.0.10[4500] (84 bytes)
Nov 17 12:12:29 alice charon: 05[ENC] generating ME_CONNECT response 0 [ ]
Nov 17 12:12:29 alice charon: 05[NET] sending packet: from 10.1.0.10[4500] to 192.168.0.100[4500] (80 bytes)
Nov 17 12:12:29 alice charon: 08[NET] sending packet: from 10.1.0.10[4500] to 10.2.0.10[4500] (84 bytes)
Nov 17 12:12:29 alice charon: 08[IKE] no triggered check queued, sending an ordinary check
Nov 17 12:12:29 alice charon: 08[ENC] generating INFORMATIONAL request 2 [ N(ME_CID) N(ME_EP) N(ME_CAUTH) ]
Nov 17 12:12:29 alice charon: 08[NET] sending packet: from fec1::10[4500] to fec2::10[4500] (84 bytes)
Nov 17 12:12:29 alice charon: 04[NET] error writing to socket: Network is unreachable
Nov 17 12:12:29 alice charon: 11[NET] sending packet: from 10.1.0.10[4500] to 10.2.0.10[4500] (84 bytes)
Nov 17 12:12:29 alice charon: 06[NET] sending packet: from fec1::10[4500] to fec2::10[4500] (84 bytes)
Nov 17 12:12:29 alice charon: 06[IKE] no triggered check queued, sending an ordinary check
Nov 17 12:12:29 alice charon: 06[ENC] generating INFORMATIONAL request 3 [ N(ME_CID) N(ME_EP) N(ME_CAUTH) ]
Nov 17 12:12:29 alice charon: 06[NET] sending packet: from 10.1.0.10[4500] to 192.168.0.2[1200] (84 bytes)
Nov 17 12:12:29 alice charon: 04[NET] error writing to socket: Network is unreachable
Nov 17 12:12:29 alice charon: 13[NET] received unencrypted informational: from 192.168.0.2[1200] to 10.1.0.10[4500]
Nov 17 12:12:29 alice charon: 13[ENC] parsed INFORMATIONAL response 3 [ N(ME_CID) N(ME_EP) N(ME_CAUTH) ]
Nov 17 12:12:29 alice charon: 13[IKE] endpoint pair '3' is valid: '10.1.0.10[4500]' - '192.168.0.2[1200]'
Nov 17 12:12:29 alice charon: 14[NET] sending packet: from fec1::10[4500] to fec2::10[4500] (84 bytes)
Nov 17 12:12:29 alice charon: 04[NET] error writing to socket: Network is unreachable
Nov 17 12:12:29 alice charon: 15[NET] received unencrypted informational: from 192.168.0.2[1200] to 10.1.0.10[4500]
Nov 17 12:12:29 alice charon: 15[ENC] parsed INFORMATIONAL request 3 [ N(ME_CID) N(ME_EP) N(ME_CAUTH) ]
Nov 17 12:12:29 alice charon: 15[ENC] generating INFORMATIONAL response 3 [ N(ME_CID) N(ME_EP) N(ME_CAUTH) ]
Nov 17 12:12:29 alice charon: 15[NET] sending packet: from 10.1.0.10[4500] to 192.168.0.2[1200] (88 bytes)
Nov 17 12:12:29 alice charon: 16[IKE] no triggered check queued, sending an ordinary check
Nov 17 12:12:29 alice charon: 16[IKE] no pairs in waiting state, aborting
Nov 17 12:12:29 alice charon: 07[NET] sending packet: from 10.1.0.10[4500] to 10.2.0.10[4500] (84 bytes)
Nov 17 12:12:29 alice charon: 05[NET] sending packet: from fec1::10[4500] to fec2::10[4500] (84 bytes)
Nov 17 12:12:29 alice charon: 04[NET] error writing to socket: Network is unreachable
Nov 17 12:12:29 alice charon: 08[NET] sending packet: from 10.1.0.10[4500] to 10.2.0.10[4500] (84 bytes)
Nov 17 12:12:29 alice charon: 10[NET] sending packet: from fec1::10[4500] to fec2::10[4500] (84 bytes)
Nov 17 12:12:29 alice charon: 04[NET] error writing to socket: Network is unreachable
Nov 17 12:12:29 alice charon: 11[NET] sending packet: from 10.1.0.10[4500] to 10.2.0.10[4500] (84 bytes)
Nov 17 12:12:29 alice charon: 12[NET] sending packet: from fec1::10[4500] to fec2::10[4500] (84 bytes)
Nov 17 12:12:29 alice charon: 04[NET] error writing to socket: Network is unreachable
Nov 17 12:12:29 alice charon: 06[NET] sending packet: from 10.1.0.10[4500] to 10.2.0.10[4500] (84 bytes)
Nov 17 12:12:29 alice charon: 13[NET] sending packet: from fec1::10[4500] to fec2::10[4500] (84 bytes)
Nov 17 12:12:29 alice charon: 04[NET] error writing to socket: Network is unreachable
Nov 17 12:12:30 alice charon: 15[NET] sending packet: from 10.1.0.10[4500] to 10.2.0.10[4500] (84 bytes)
Nov 17 12:12:30 alice charon: 07[IKE] initiating IKE_SA peer[1] to 192.168.0.2
Nov 17 12:12:30 alice charon: 07[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) N(ME_CID) ]
Nov 17 12:12:30 alice charon: 07[NET] sending packet: from 10.1.0.10[4500] to 192.168.0.2[1200] (356 bytes)
Nov 17 12:12:30 alice charon: 08[NET] received packet: from 192.168.0.2[1200] to 10.1.0.10[4500] (265 bytes)
Nov 17 12:12:30 alice charon: 08[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(MULT_AUTH) ]
Nov 17 12:12:30 alice charon: 08[IKE] local host is behind NAT, sending keep alives
Nov 17 12:12:30 alice charon: 08[IKE] remote host is behind NAT
Nov 17 12:12:30 alice charon: 08[IKE] received cert request for "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Nov 17 12:12:30 alice charon: 08[IKE] sending cert request for "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Nov 17 12:12:30 alice charon: 08[IKE] authentication of 'alice@strongswan.org' (myself) with RSA_EMSA_PKCS1_SHA2_256 successful
Nov 17 12:12:30 alice charon: 08[IKE] sending end entity cert "C=CH, O=Linux strongSwan, OU=Sales, CN=alice@strongswan.org"
Nov 17 12:12:30 alice charon: 08[IKE] establishing CHILD_SA peer{1}
Nov 17 12:12:30 alice charon: 10[IKE] checklist with id 'd3:fa:f8:b0' not found, can't retransmit connectivity check
Nov 17 12:12:30 alice charon: 08[ENC] generating IKE_AUTH request 1 [ IDi CERT N(INIT_CONTACT) CERTREQ IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Nov 17 12:12:30 alice charon: 08[ENC] splitting IKE message with length of 1680 bytes into 2 fragments
Nov 17 12:12:30 alice charon: 08[ENC] generating IKE_AUTH request 1 [ EF(1/2) ]
Nov 17 12:12:30 alice charon: 08[ENC] generating IKE_AUTH request 1 [ EF(2/2) ]
Nov 17 12:12:30 alice charon: 08[NET] sending packet: from 10.1.0.10[4500] to 192.168.0.2[1200] (1236 bytes)
Nov 17 12:12:30 alice charon: 08[NET] sending packet: from 10.1.0.10[4500] to 192.168.0.2[1200] (516 bytes)
Nov 17 12:12:30 alice charon: 11[NET] received packet: from 192.168.0.2[1200] to 10.1.0.10[4500] (1236 bytes)
Nov 17 12:12:30 alice charon: 11[ENC] parsed IKE_AUTH response 1 [ EF(1/2) ]
Nov 17 12:12:30 alice charon: 11[ENC] received fragment #1 of 2, waiting for complete IKE message
Nov 17 12:12:30 alice charon: 11[NET] received packet: from 192.168.0.2[1200] to 10.1.0.10[4500] (388 bytes)
Nov 17 12:12:30 alice charon: 11[ENC] parsed IKE_AUTH response 1 [ EF(2/2) ]
Nov 17 12:12:30 alice charon: 11[ENC] received fragment #2 of 2, reassembling fragmented IKE message
Nov 17 12:12:30 alice charon: 11[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH SA TSi TSr N(AUTH_LFT) ]
Nov 17 12:12:30 alice charon: 11[IKE] received end entity cert "C=CH, O=Linux strongSwan, OU=Research, CN=bob@strongswan.org"
Nov 17 12:12:30 alice charon: 11[CFG]   using certificate "C=CH, O=Linux strongSwan, OU=Research, CN=bob@strongswan.org"
Nov 17 12:12:30 alice charon: 11[CFG]   using trusted ca certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Nov 17 12:12:30 alice charon: 11[CFG] checking certificate status of "C=CH, O=Linux strongSwan, OU=Research, CN=bob@strongswan.org"
Nov 17 12:12:30 alice charon: 11[CFG]   using trusted certificate "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Nov 17 12:12:30 alice charon: 11[CFG]   crl correctly signed by "C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
Nov 17 12:12:30 alice charon: 11[CFG]   crl is valid: until Dec 17 10:53:01 2017
Nov 17 12:12:30 alice charon: 11[CFG]   using cached crl
Nov 17 12:12:30 alice charon: 11[CFG] certificate status is good
Nov 17 12:12:30 alice charon: 11[CFG]   reached self-signed root ca with a path length of 0
Nov 17 12:12:30 alice charon: 11[IKE] authentication of 'bob@strongswan.org' with RSA_EMSA_PKCS1_SHA2_256 successful
Nov 17 12:12:30 alice charon: 11[IKE] IKE_SA peer[1] established between 10.1.0.10[alice@strongswan.org]...192.168.0.2[bob@strongswan.org]
Nov 17 12:12:30 alice charon: 11[IKE] scheduling reauthentication in 3406s
Nov 17 12:12:30 alice charon: 11[IKE] maximum IKE_SA lifetime 3586s
Nov 17 12:12:30 alice charon: 11[IKE] CHILD_SA peer{1} established with SPIs c063523e_i c75fd8f6_o and TS 10.1.0.10/32 === 10.2.0.10/32
Nov 17 12:12:30 alice charon: 11[IKE] received AUTH_LIFETIME of 3412s, scheduling reauthentication in 3232s
Nov 17 12:12:31 alice charon: 09[IKE] checklist with id 'd3:fa:f8:b0' not found, can't retransmit connectivity check
Nov 17 12:12:31 alice charon: 13[NET] received packet: from 192.168.0.2[1200] to 10.1.0.10[4500] (80 bytes)
Nov 17 12:12:31 alice charon: 13[ENC] parsed INFORMATIONAL request 0 [ D ]
Nov 17 12:12:31 alice charon: 13[IKE] received DELETE for IKE_SA peer[1]
Nov 17 12:12:31 alice charon: 13[IKE] deleting IKE_SA peer[1] between 10.1.0.10[alice@strongswan.org]...192.168.0.2[bob@strongswan.org]
Nov 17 12:12:31 alice charon: 13[IKE] IKE_SA deleted
Nov 17 12:12:31 alice charon: 13[ENC] generating INFORMATIONAL response 0 [ ]
Nov 17 12:12:31 alice charon: 13[NET] sending packet: from 10.1.0.10[4500] to 192.168.0.2[1200] (80 bytes)
Nov 17 12:12:31 alice charon: 00[DMN] signal of type SIGINT received. Shutting down
Nov 17 12:12:31 alice charon: 00[IKE] deleting IKE_SA medsrv[2] between 10.1.0.10[6cu1UTVw@medsrv.org]...192.168.0.100[carol@strongswan.org]
Nov 17 12:12:31 alice charon: 00[IKE] sending DELETE for IKE_SA medsrv[2]
Nov 17 12:12:31 alice charon: 00[ENC] generating INFORMATIONAL request 3 [ D ]
Nov 17 12:12:31 alice charon: 00[NET] sending packet: from 10.1.0.10[4500] to 192.168.0.100[4500] (80 bytes)