Oct 15 11:02:39 	charon 		11[IKE] <con-mobile|21> EAP-MS-CHAPv2 verification failed, retry (1)
Oct 15 11:02:39 	charon 		11[IKE] <con-mobile|21> no EAP key found for hosts 'VPN-FQDN' - 'USER-LOGIN'
Oct 15 11:02:39 	charon 		11[ENC] <con-mobile|21> parsed IKE_AUTH request 3 [ EAP/RES/MSCHAPV2 ]
Oct 15 11:02:39 	charon 		11[NET] <con-mobile|21> received packet: from XX.XX.XX.XX[2726] to YY.YY.YY.YY[4500] (160 bytes)
Oct 15 11:02:39 	charon 		11[NET] <con-mobile|21> sending packet: from YY.YY.YY.YY[4500] to XX.XX.XX.XX[2726] (112 bytes)
Oct 15 11:02:39 	charon 		11[ENC] <con-mobile|21> generating IKE_AUTH response 2 [ EAP/REQ/MSCHAPV2 ]
Oct 15 11:02:39 	charon 		11[IKE] <con-mobile|21> initiating EAP_MSCHAPV2 method (id 0xAC)
Oct 15 11:02:39 	charon 		11[IKE] <con-mobile|21> received EAP identity 'USER-LOGIN'
Oct 15 11:02:39 	charon 		11[ENC] <con-mobile|21> parsed IKE_AUTH request 2 [ EAP/RES/ID ]
Oct 15 11:02:39 	charon 		11[NET] <con-mobile|21> received packet: from XX.XX.XX.XX[2726] to YY.YY.YY.YY[4500] (96 bytes)
Oct 15 11:02:39 	charon 		11[NET] <con-mobile|21> sending packet: from YY.YY.YY.YY[4500] to XX.XX.XX.XX[2726] (1188 bytes)
Oct 15 11:02:39 	charon 		11[NET] <con-mobile|21> sending packet: from YY.YY.YY.YY[4500] to XX.XX.XX.XX[2726] (1236 bytes)
Oct 15 11:02:39 	charon 		11[ENC] <con-mobile|21> generating IKE_AUTH response 1 [ EF(2/2) ]
Oct 15 11:02:39 	charon 		11[ENC] <con-mobile|21> generating IKE_AUTH response 1 [ EF(1/2) ]
Oct 15 11:02:39 	charon 		11[ENC] <con-mobile|21> splitting IKE message with length of 2352 bytes into 2 fragments
Oct 15 11:02:39 	charon 		11[ENC] <con-mobile|21> generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
Oct 15 11:02:39 	charon 		11[IKE] <con-mobile|21> sending end entity cert "CN=VPN-FQDN, C=zz, ST=zzz, L=zzz, O=zzz"
Oct 15 11:02:39 	charon 		11[IKE] <con-mobile|21> authentication of 'VPN-FQDN' (myself) with RSA signature successful
Oct 15 11:02:39 	charon 		11[IKE] <con-mobile|21> peer supports MOBIKE, but disabled in config
Oct 15 11:02:39 	charon 		11[IKE] <con-mobile|21> initiating EAP_IDENTITY method (id 0x00)
Oct 15 11:02:39 	charon 		11[CFG] <con-mobile|21> selected peer config 'con-mobile'
Oct 15 11:02:39 	charon 		11[CFG] <21> looking for peer configs matching YY.YY.YY.YY[%any]...XX.XX.XX.XX[172.30.240.110]
Oct 15 11:02:39 	charon 		11[IKE] <21> received 46 cert requests for an unknown ca
Oct 15 11:02:39 	charon 		11[IKE] <21> received cert request for "CN=internal-ca, C=zz, ST=zzz, L=zzz, O=zzz"
Oct 15 11:02:39 	charon 		11[IKE] <21> received cert request for "CN=VPN-FQDN, C=zz, ST=zzz, L=zzz, O=zzz"
Oct 15 11:02:39 	charon 		11[ENC] <21> parsed IKE_AUTH request 1 [ IDi CERTREQ N(MOBIKE_SUP) CPRQ(ADDR DNS NBNS SRV ADDR6 DNS6 SRV6) SA TSi TSr ]
Oct 15 11:02:39 	charon 		11[ENC] <21> received fragment #3 of 3, reassembling fragmented IKE message
Oct 15 11:02:39 	charon 		11[ENC] <21> parsed IKE_AUTH request 1 [ EF(3/3) ]
Oct 15 11:02:39 	charon 		11[NET] <21> received packet: from XX.XX.XX.XX[2726] to YY.YY.YY.YY[4500] (308 bytes)
Oct 15 11:02:39 	charon 		11[ENC] <21> received fragment #2 of 3, waiting for complete IKE message
Oct 15 11:02:39 	charon 		11[ENC] <21> parsed IKE_AUTH request 1 [ EF(2/3) ]
Oct 15 11:02:39 	charon 		11[NET] <21> received packet: from XX.XX.XX.XX[2726] to YY.YY.YY.YY[4500] (580 bytes)
Oct 15 11:02:39 	charon 		11[ENC] <21> received fragment #1 of 3, waiting for complete IKE message
Oct 15 11:02:39 	charon 		11[ENC] <21> parsed IKE_AUTH request 1 [ EF(1/3) ]
Oct 15 11:02:39 	charon 		11[NET] <21> received packet: from XX.XX.XX.XX[2726] to YY.YY.YY.YY[4500] (580 bytes)
Oct 15 11:02:39 	charon 		11[NET] <21> sending packet: from YY.YY.YY.YY[500] to XX.XX.XX.XX[500] (345 bytes)
Oct 15 11:02:39 	charon 		11[ENC] <21> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(MULT_AUTH) ]
Oct 15 11:02:39 	charon 		11[IKE] <21> sending cert request for "CN=internal-ca, C=zz, ST=zzz, L=zzz, O=zzz"
Oct 15 11:02:39 	charon 		11[IKE] <21> remote host is behind NAT
Oct 15 11:02:39 	charon 		11[IKE] <21> XX.XX.XX.XX is initiating an IKE_SA