Nov  4 16:52:50 routersec ipsec_starter[37503]: 'bypasslan' shunt PASS policy installed
Nov  4 16:52:50 routersec ipsec_starter[37503]:
Nov  4 16:52:50 routersec charon: 06[CFG] received stroke: add connection 'con1000'
Nov  4 16:52:50 routersec charon: 06[CFG] conn con1000
Nov  4 16:52:50 routersec charon: 06[CFG]   left=192.0.2.101
Nov  4 16:52:50 routersec charon: 06[CFG]   leftsubnet=192.168.205.0/24
Nov  4 16:52:50 routersec charon: 06[CFG]   leftauth=psk
Nov  4 16:52:50 routersec charon: 06[CFG]   leftid=ROUTERSEC
Nov  4 16:52:50 routersec charon: 06[CFG]   right=routerpri.netmid.test
Nov  4 16:52:50 routersec charon: 06[CFG]   rightsubnet=192.168.100.0/24
Nov  4 16:52:50 routersec charon: 06[CFG]   rightauth=psk
Nov  4 16:52:50 routersec charon: 06[CFG]   rightid=ROUTERPRO
Nov  4 16:52:50 routersec charon: 06[CFG]   ike=aes256-sha1-modp1536!
Nov  4 16:52:50 routersec charon: 06[CFG]   esp=aes256-sha1-modp1536!
Nov  4 16:52:50 routersec charon: 06[CFG]   dpddelay=60
Nov  4 16:52:50 routersec charon: 06[CFG]   dpdtimeout=360
Nov  4 16:52:50 routersec charon: 06[CFG]   dpdaction=1
Nov  4 16:52:50 routersec charon: 06[CFG]   sha256_96=no
Nov  4 16:52:50 routersec charon: 06[CFG]   mediation=no
Nov  4 16:52:50 routersec charon: 06[CFG]   keyexchange=ikev1
Nov  4 16:52:50 routersec charon: 06[CFG] added configuration 'con1000'
### Start 1
Nov  4 16:53:13 routersec charon: 06[MGR] checkout IKEv1 SA with SPIs 1c938aa078759c1e_i 3e6735651b17614f_r
Nov  4 16:53:13 routersec charon: 06[MGR] IKE_SA (unnamed)[16] successfully checked out
Nov  4 16:53:13 routersec charon: 06[JOB] deleting half open IKE_SA with 192.0.2.100 after timeout
Nov  4 16:53:13 routersec charon: 06[JOB] <16> deleting half open IKE_SA with 192.0.2.100 after timeout
Nov  4 16:53:13 routersec charon: 06[MGR] <16> checkin and destroy IKE_SA (unnamed)[16]
Nov  4 16:53:13 routersec charon: 06[IKE] <16> IKE_SA (unnamed)[16] state change: CONNECTING => DESTROYING
Nov  4 16:53:13 routersec charon: 06[MGR] checkin and destroy of IKE_SA successful
Nov  4 16:53:14 routersec charon: 06[MGR] checkout IKEv1 SA by message with SPIs 2e4626e0abeeeb64_i 0000000000000000_r
Nov  4 16:53:14 routersec charon: 06[MGR] created IKE_SA (unnamed)[17]
Nov  4 16:53:14 routersec charon: 06[NET] <17> received packet: from 192.0.2.100[500] to 192.0.2.101[500] (188 bytes)
Nov  4 16:53:14 routersec charon: 06[ENC] parsed ID_PROT request 0 [ SA V V V V V ]
Nov  4 16:53:14 routersec charon: 06[ENC] <17> parsed ID_PROT request 0 [ SA V V V V V ]
Nov  4 16:53:14 routersec charon: 06[CFG] <17> looking for an ike config for 192.0.2.101...192.0.2.100
Nov  4 16:53:14 routersec charon: 06[CFG] <17>   candidate: %any...%any, prio 24
Nov  4 16:53:14 routersec charon: 06[CFG] <17>   candidate: 192.0.2.101...routerpri.netmid.test, prio 3100
Nov  4 16:53:14 routersec charon: 06[CFG] <17> found matching ike config: 192.0.2.101...routerpri.netmid.test with prio 3100
Nov  4 16:53:14 routersec charon: 06[ENC] received unknown vendor ID: ee:ef:a3:78:09:e3:2a:d4:de:4f:6b:01:0c:26:a6:40
Nov  4 16:53:14 routersec charon: 06[ENC] <17> received unknown vendor ID: ee:ef:a3:78:09:e3:2a:d4:de:4f:6b:01:0c:26:a6:40
Nov  4 16:53:14 routersec charon: 06[IKE] <17> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
Nov  4 16:53:14 routersec charon: 06[IKE] <17> received draft-ietf-ipsec-nat-t-ike-03 vendor ID
Nov  4 16:53:14 routersec charon: 06[IKE] <17> received NAT-T (RFC 3947) vendor ID
Nov  4 16:53:14 routersec charon: 06[IKE] <17> received DPD vendor ID
Nov  4 16:53:14 routersec charon: 06[IKE] <17> 192.0.2.100 is initiating a Main Mode IKE_SA
Nov  4 16:53:14 routersec charon: 06[IKE] <17> IKE_SA (unnamed)[17] state change: CREATED => CONNECTING
Nov  4 16:53:14 routersec charon: 06[CFG] <17> selecting proposal:
Nov  4 16:53:14 routersec charon: 06[CFG] <17>   proposal matches
Nov  4 16:53:14 routersec charon: 06[CFG] <17> received proposals: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536
Nov  4 16:53:14 routersec charon: 06[CFG] <17> configured proposals: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536
Nov  4 16:53:14 routersec charon: 06[CFG] <17> selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1536
Nov  4 16:53:14 routersec charon: 06[IKE] <17> sending XAuth vendor ID
Nov  4 16:53:14 routersec charon: 06[IKE] <17> sending DPD vendor ID
Nov  4 16:53:14 routersec charon: 06[IKE] <17> sending NAT-T (RFC 3947) vendor ID
Nov  4 16:53:14 routersec charon: 06[ENC] generating ID_PROT response 0 [ SA V V V ]
Nov  4 16:53:14 routersec charon: 06[ENC] <17> generating ID_PROT response 0 [ SA V V V ]
Nov  4 16:53:14 routersec charon: 06[NET] <17> sending packet: from 192.0.2.101[500] to 192.0.2.100[500] (140 bytes)
Nov  4 16:53:14 routersec charon: 06[MGR] <17> checkin IKE_SA (unnamed)[17]
Nov  4 16:53:14 routersec charon: 06[MGR] <17> checkin of IKE_SA successful
Nov  4 16:53:14 routersec charon: 06[MGR] checkout IKEv1 SA by message with SPIs 2e4626e0abeeeb64_i 1bfa2210c2119411_r
Nov  4 16:53:14 routersec charon: 06[MGR] IKE_SA (unnamed)[17] successfully checked out
Nov  4 16:53:14 routersec charon: 06[NET] <17> received packet: from 192.0.2.100[500] to 192.0.2.101[500] (292 bytes)
Nov  4 16:53:14 routersec charon: 06[ENC] parsed ID_PROT request 0 [ KE No NAT-D NAT-D ]
Nov  4 16:53:14 routersec charon: 06[ENC] <17> parsed ID_PROT request 0 [ KE No NAT-D NAT-D ]
Nov  4 16:53:14 routersec charon: 06[CFG] <17>   candidate "bypasslan", match: 1/1/24 (me/other/ike)
Nov  4 16:53:14 routersec charon: 06[CFG] <17>   candidate "con1000", match: 1/1/3100 (me/other/ike)
Nov  4 16:53:14 routersec charon: 06[ENC] generating ID_PROT response 0 [ KE No NAT-D NAT-D ]
Nov  4 16:53:14 routersec charon: 06[ENC] <17> generating ID_PROT response 0 [ KE No NAT-D NAT-D ]
Nov  4 16:53:14 routersec charon: 06[NET] <17> sending packet: from 192.0.2.101[500] to 192.0.2.100[500] (308 bytes)
Nov  4 16:53:14 routersec charon: 06[MGR] <17> checkin IKE_SA (unnamed)[17]
Nov  4 16:53:14 routersec charon: 06[MGR] <17> checkin of IKE_SA successful
### Abbruch
Nov  4 16:53:44 routersec charon: 06[MGR] checkout IKEv1 SA with SPIs 2e4626e0abeeeb64_i 1bfa2210c2119411_r
Nov  4 16:53:44 routersec charon: 06[MGR] IKE_SA (unnamed)[17] successfully checked out
Nov  4 16:53:44 routersec charon: 06[JOB] deleting half open IKE_SA with 192.0.2.100 after timeout
Nov  4 16:53:44 routersec charon: 06[JOB] <17> deleting half open IKE_SA with 192.0.2.100 after timeout
Nov  4 16:53:44 routersec charon: 06[MGR] <17> checkin and destroy IKE_SA (unnamed)[17]
Nov  4 16:53:44 routersec charon: 06[IKE] <17> IKE_SA (unnamed)[17] state change: CONNECTING => DESTROYING
Nov  4 16:53:44 routersec charon: 06[MGR] checkin and destroy of IKE_SA successful
### Start 2
Nov  4 16:53:45 routersec charon: 06[MGR] checkout IKEv1 SA by message with SPIs e0747ebd2c68dc0b_i 0000000000000000_r
Nov  4 16:53:45 routersec charon: 06[MGR] created IKE_SA (unnamed)[18]
Nov  4 16:53:45 routersec charon: 06[NET] <18> received packet: from 192.0.2.100[500] to 192.0.2.101[500] (188 bytes)
Nov  4 16:53:45 routersec charon: 06[ENC] parsed ID_PROT request 0 [ SA V V V V V ]
Nov  4 16:53:45 routersec charon: 06[ENC] <18> parsed ID_PROT request 0 [ SA V V V V V ]
Nov  4 16:53:45 routersec charon: 06[CFG] <18> looking for an ike config for 192.0.2.101...192.0.2.100
Nov  4 16:53:45 routersec charon: 06[CFG] <18>   candidate: %any...%any, prio 24
Nov  4 16:53:45 routersec charon: 06[CFG] <18>   candidate: 192.0.2.101...routerpri.netmid.test, prio 3100

.
.
.