Nov 28 22:23:00 fw-1A newsyslog[77194]: logfile turned over due to size>1000K
Nov 28 22:23:00 fw-1A charon[61694]: 06[NET] <490> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
Nov 28 22:23:00 fw-1A charon[61694]: 06[ENC] <490> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> found matching ike config: 197.214.xxx.yyy...0.0.0.0/0, ::/0 with prio 1052
Nov 28 22:23:00 fw-1A charon[61694]: 06[IKE] <490> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
Nov 28 22:23:00 fw-1A charon[61694]: 06[IKE] <490> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
Nov 28 22:23:00 fw-1A charon[61694]: 06[IKE] <490> 165.165.172.58 is initiating an IKE_SA
Nov 28 22:23:00 fw-1A charon[61694]: 06[IKE] <490> IKE_SA (unnamed)[490] state change: CREATED => CONNECTING
Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> selecting proposal:
Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> selecting proposal:
Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> selecting proposal:
Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490>   proposal matches
Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> received supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> sending supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:23:00 fw-1A charon[61694]: 06[IKE] <490> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:23:00 fw-1A charon[61694]: 06[ENC] <490> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:23:00 fw-1A charon[61694]: 06[NET] <490> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
Nov 28 22:23:00 fw-1A charon[61694]: 06[NET] <490> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
Nov 28 22:23:00 fw-1A charon[61694]: 06[ENC] <490> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
Nov 28 22:23:00 fw-1A charon[61694]: 06[CFG] <490> no matching peer config found
Nov 28 22:23:00 fw-1A charon[61694]: 06[ENC] <490> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
Nov 28 22:23:00 fw-1A charon[61694]: 06[NET] <490> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
Nov 28 22:23:00 fw-1A charon[61694]: 06[IKE] <490> IKE_SA (unnamed)[490] state change: CONNECTING => DESTROYING
Nov 28 22:23:07 fw-1A charon[61694]: 06[NET] <con5|81> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (160 bytes)
Nov 28 22:23:07 fw-1A charon[61694]: 06[ENC] <con5|81> parsed INFORMATIONAL request 222 [ ]
Nov 28 22:23:07 fw-1A charon[61694]: 06[ENC] <con5|81> generating INFORMATIONAL response 222 [ ]
Nov 28 22:23:07 fw-1A charon[61694]: 06[NET] <con5|81> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:24:00 fw-1A charon[61694]: 07[NET] <491> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
Nov 28 22:24:00 fw-1A charon[61694]: 07[ENC] <491> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> found matching ike config: 197.214.xxx.yyy...0.0.0.0/0, ::/0 with prio 1052
Nov 28 22:24:00 fw-1A charon[61694]: 07[IKE] <491> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
Nov 28 22:24:00 fw-1A charon[61694]: 07[IKE] <491> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
Nov 28 22:24:00 fw-1A charon[61694]: 07[IKE] <491> 165.165.172.58 is initiating an IKE_SA
Nov 28 22:24:00 fw-1A charon[61694]: 07[IKE] <491> IKE_SA (unnamed)[491] state change: CREATED => CONNECTING
Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> selecting proposal:
Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> selecting proposal:
Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> selecting proposal:
Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491>   proposal matches
Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> received supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> sending supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:24:00 fw-1A charon[61694]: 07[IKE] <491> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:24:00 fw-1A charon[61694]: 07[ENC] <491> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:24:00 fw-1A charon[61694]: 07[NET] <491> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
Nov 28 22:24:00 fw-1A charon[61694]: 07[NET] <491> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
Nov 28 22:24:00 fw-1A charon[61694]: 07[ENC] <491> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
Nov 28 22:24:00 fw-1A charon[61694]: 07[CFG] <491> no matching peer config found
Nov 28 22:24:00 fw-1A charon[61694]: 07[ENC] <491> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
Nov 28 22:24:00 fw-1A charon[61694]: 07[NET] <491> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
Nov 28 22:24:00 fw-1A charon[61694]: 07[IKE] <491> IKE_SA (unnamed)[491] state change: CONNECTING => DESTROYING
Nov 28 22:24:32 fw-1A charon[61694]: 06[CFG] vici client 286 connected
Nov 28 22:24:32 fw-1A charon[61694]: 16[CFG] vici client 286 registered for: list-sa
Nov 28 22:24:32 fw-1A charon[61694]: 06[CFG] vici client 286 requests: list-sas
Nov 28 22:24:32 fw-1A charon[61694]: 11[CFG] vici client 286 disconnected
Nov 28 22:24:37 fw-1A charon[61694]: 06[CFG] vici client 287 connected
Nov 28 22:24:37 fw-1A charon[61694]: 11[CFG] vici client 287 registered for: list-sa
Nov 28 22:24:37 fw-1A charon[61694]: 06[CFG] vici client 287 requests: list-sas
Nov 28 22:24:37 fw-1A charon[61694]: 14[CFG] vici client 287 disconnected
Nov 28 22:24:42 fw-1A charon[61694]: 13[CFG] vici client 288 connected
Nov 28 22:24:42 fw-1A charon[61694]: 14[CFG] vici client 288 registered for: list-sa
Nov 28 22:24:42 fw-1A charon[61694]: 14[CFG] vici client 288 requests: list-sas
Nov 28 22:24:42 fw-1A charon[61694]: 05[CFG] vici client 288 disconnected
Nov 28 22:24:48 fw-1A charon[61694]: 05[CFG] vici client 289 connected
Nov 28 22:24:48 fw-1A charon[61694]: 15[CFG] vici client 289 registered for: list-sa
Nov 28 22:24:48 fw-1A charon[61694]: 14[CFG] vici client 289 requests: list-sas
Nov 28 22:24:48 fw-1A charon[61694]: 14[CFG] vici client 289 disconnected
Nov 28 22:24:53 fw-1A charon[61694]: 15[CFG] vici client 290 connected
Nov 28 22:24:53 fw-1A charon[61694]: 15[CFG] vici client 290 registered for: list-sa
Nov 28 22:24:53 fw-1A charon[61694]: 15[CFG] vici client 290 requests: list-sas
Nov 28 22:24:53 fw-1A charon[61694]: 06[CFG] vici client 290 disconnected
Nov 28 22:24:58 fw-1A charon[61694]: 06[CFG] vici client 291 connected
Nov 28 22:24:58 fw-1A charon[61694]: 15[CFG] vici client 291 registered for: list-sa
Nov 28 22:24:58 fw-1A charon[61694]: 06[CFG] vici client 291 requests: list-sas
Nov 28 22:24:58 fw-1A charon[61694]: 06[CFG] vici client 291 disconnected
Nov 28 22:25:00 fw-1A charon[61694]: 06[NET] <492> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
Nov 28 22:25:00 fw-1A charon[61694]: 06[ENC] <492> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> found matching ike config: 197.214.xxx.yyy...0.0.0.0/0, ::/0 with prio 1052
Nov 28 22:25:00 fw-1A charon[61694]: 06[IKE] <492> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
Nov 28 22:25:00 fw-1A charon[61694]: 06[IKE] <492> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
Nov 28 22:25:00 fw-1A charon[61694]: 06[IKE] <492> 165.165.172.58 is initiating an IKE_SA
Nov 28 22:25:00 fw-1A charon[61694]: 06[IKE] <492> IKE_SA (unnamed)[492] state change: CREATED => CONNECTING
Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> selecting proposal:
Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> selecting proposal:
Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> selecting proposal:
Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492>   proposal matches
Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> received supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> sending supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:25:00 fw-1A charon[61694]: 06[IKE] <492> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:25:00 fw-1A charon[61694]: 06[ENC] <492> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:25:00 fw-1A charon[61694]: 06[NET] <492> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
Nov 28 22:25:00 fw-1A charon[61694]: 06[NET] <492> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
Nov 28 22:25:00 fw-1A charon[61694]: 06[ENC] <492> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
Nov 28 22:25:00 fw-1A charon[61694]: 06[CFG] <492> no matching peer config found
Nov 28 22:25:00 fw-1A charon[61694]: 06[ENC] <492> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
Nov 28 22:25:00 fw-1A charon[61694]: 06[NET] <492> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
Nov 28 22:25:00 fw-1A charon[61694]: 06[IKE] <492> IKE_SA (unnamed)[492] state change: CONNECTING => DESTROYING
Nov 28 22:25:03 fw-1A charon[61694]: 10[CFG] vici client 292 connected
Nov 28 22:25:03 fw-1A charon[61694]: 08[CFG] vici client 292 registered for: list-sa
Nov 28 22:25:03 fw-1A charon[61694]: 06[CFG] vici client 292 requests: list-sas
Nov 28 22:25:03 fw-1A charon[61694]: 10[CFG] vici client 292 disconnected
Nov 28 22:25:07 fw-1A charon[61694]: 10[NET] <con5|81> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (144 bytes)
Nov 28 22:25:07 fw-1A charon[61694]: 10[ENC] <con5|81> parsed INFORMATIONAL request 223 [ ]
Nov 28 22:25:07 fw-1A charon[61694]: 10[ENC] <con5|81> generating INFORMATIONAL response 223 [ ]
Nov 28 22:25:07 fw-1A charon[61694]: 10[NET] <con5|81> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:25:08 fw-1A charon[61694]: 10[CFG] vici client 293 connected
Nov 28 22:25:08 fw-1A charon[61694]: 12[CFG] vici client 293 registered for: list-sa
Nov 28 22:25:08 fw-1A charon[61694]: 12[CFG] vici client 293 requests: list-sas
Nov 28 22:25:08 fw-1A charon[61694]: 10[CFG] vici client 293 disconnected
Nov 28 22:25:13 fw-1A charon[61694]: 10[CFG] vici client 294 connected
Nov 28 22:25:13 fw-1A charon[61694]: 10[CFG] vici client 294 registered for: list-sa
Nov 28 22:25:13 fw-1A charon[61694]: 10[CFG] vici client 294 requests: list-sas
Nov 28 22:25:13 fw-1A charon[61694]: 10[CFG] vici client 294 disconnected
Nov 28 22:25:18 fw-1A charon[61694]: 09[CFG] vici client 295 connected
Nov 28 22:25:18 fw-1A charon[61694]: 10[CFG] vici client 295 registered for: list-sa
Nov 28 22:25:18 fw-1A charon[61694]: 09[CFG] vici client 295 requests: list-sas
Nov 28 22:25:18 fw-1A charon[61694]: 07[CFG] vici client 295 disconnected
Nov 28 22:25:23 fw-1A charon[61694]: 09[CFG] vici client 296 connected
Nov 28 22:25:23 fw-1A charon[61694]: 09[CFG] vici client 296 registered for: list-sa
Nov 28 22:25:23 fw-1A charon[61694]: 09[CFG] vici client 296 requests: list-sas
Nov 28 22:25:23 fw-1A charon[61694]: 09[CFG] vici client 296 disconnected
Nov 28 22:25:25 fw-1A charon[61694]: 16[NET] <con5|81> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (720 bytes)
Nov 28 22:25:25 fw-1A charon[61694]: 16[ENC] <con5|81> parsed CREATE_CHILD_SA request 224 [ No KE N(REKEY_SA) SA TSi TSr ]
Nov 28 22:25:25 fw-1A charon[61694]: 16[CFG] <con5|81> selecting proposal:
Nov 28 22:25:25 fw-1A charon[61694]: 16[CFG] <con5|81>   proposal matches
Nov 28 22:25:25 fw-1A charon[61694]: 16[CFG] <con5|81> received proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:25:25 fw-1A charon[61694]: 16[CFG] <con5|81> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:25:25 fw-1A charon[61694]: 16[CFG] <con5|81> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:25:25 fw-1A charon[61694]: 16[CFG] <con5|81> selecting traffic selectors for us:
Nov 28 22:25:25 fw-1A charon[61694]: 16[CFG] <con5|81>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:25:25 fw-1A charon[61694]: 16[CFG] <con5|81> selecting traffic selectors for other:
Nov 28 22:25:25 fw-1A charon[61694]: 16[CFG] <con5|81>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:25:25 fw-1A charon[61694]: 16[CHD] <con5|81> CHILD_SA con5{99} state change: CREATED => INSTALLING
Nov 28 22:25:25 fw-1A charon[61694]: 16[CHD] <con5|81>   using AES_CBC for encryption
Nov 28 22:25:25 fw-1A charon[61694]: 16[CHD] <con5|81>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:25:25 fw-1A charon[61694]: 16[CHD] <con5|81> adding inbound ESP SA
Nov 28 22:25:25 fw-1A charon[61694]: 16[CHD] <con5|81>   SPI 0xcf165f83, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:25:25 fw-1A charon[61694]: 16[CHD] <con5|81> registering outbound ESP SA
Nov 28 22:25:25 fw-1A charon[61694]: 16[CHD] <con5|81>   SPI 0x055aad36, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:25:25 fw-1A charon[61694]: 16[IKE] <con5|81> inbound CHILD_SA con5{99} established with SPIs cf165f83_i 055aad36_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:25:25 fw-1A charon[61694]: 16[CHD] <con5|81> CHILD_SA con5{99} state change: INSTALLING => INSTALLED
Nov 28 22:25:25 fw-1A charon[61694]: 16[CHD] <con5|81> CHILD_SA con5{98} state change: INSTALLED => REKEYING
Nov 28 22:25:25 fw-1A charon[61694]: 16[CHD] <con5|81> CHILD_SA con5{98} state change: REKEYING => REKEYED
Nov 28 22:25:25 fw-1A charon[61694]: 16[ENC] <con5|81> generating CREATE_CHILD_SA response 224 [ N(ESP_TFC_PAD_N) SA No KE TSi TSr ]
Nov 28 22:25:25 fw-1A charon[61694]: 16[NET] <con5|81> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (480 bytes)
Nov 28 22:25:28 fw-1A charon[61694]: 16[CFG] vici client 297 connected
Nov 28 22:25:28 fw-1A charon[61694]: 11[CFG] vici client 297 registered for: list-sa
Nov 28 22:25:28 fw-1A charon[61694]: 09[CFG] vici client 297 requests: list-sas
Nov 28 22:25:28 fw-1A charon[61694]: 09[CFG] vici client 297 disconnected
Nov 28 22:25:29 fw-1A charon[61694]: 09[NET] <con5|81> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (288 bytes)
Nov 28 22:25:29 fw-1A charon[61694]: 09[ENC] <con5|81> parsed INFORMATIONAL request 225 [ D ]
Nov 28 22:25:29 fw-1A charon[61694]: 09[IKE] <con5|81> received DELETE for ESP CHILD_SA with SPI 0d5125b2
Nov 28 22:25:29 fw-1A charon[61694]: 09[IKE] <con5|81> closing CHILD_SA con5{98} with SPIs c11ef4fb_i (309199 bytes) 0d5125b2_o (449888 bytes) and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:25:29 fw-1A charon[61694]: 09[IKE] <con5|81> sending DELETE for ESP CHILD_SA with SPI c11ef4fb
Nov 28 22:25:29 fw-1A charon[61694]: 09[CHD] <con5|81> CHILD_SA con5{98} state change: REKEYED => DELETING
Nov 28 22:25:29 fw-1A charon[61694]: 09[IKE] <con5|81> CHILD_SA closed
Nov 28 22:25:29 fw-1A charon[61694]: 09[CHD] <con5|81> CHILD_SA con5{98} state change: DELETING => DELETED
Nov 28 22:25:29 fw-1A charon[61694]: 09[CHD] <con5|81> adding outbound ESP SA
Nov 28 22:25:29 fw-1A charon[61694]: 09[CHD] <con5|81>   SPI 0x055aad36, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:25:29 fw-1A charon[61694]: 09[IKE] <con5|81> outbound CHILD_SA con5{99} established with SPIs cf165f83_i 055aad36_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:25:29 fw-1A charon[61694]: 09[ENC] <con5|81> generating INFORMATIONAL response 225 [ D ]
Nov 28 22:25:29 fw-1A charon[61694]: 09[NET] <con5|81> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:25:33 fw-1A charon[61694]: 16[CFG] vici client 298 connected
Nov 28 22:25:33 fw-1A charon[61694]: 16[CFG] vici client 298 registered for: list-sa
Nov 28 22:25:33 fw-1A charon[61694]: 16[CFG] vici client 298 requests: list-sas
Nov 28 22:25:33 fw-1A charon[61694]: 05[CFG] vici client 298 disconnected
Nov 28 22:25:34 fw-1A charon[61694]: 16[IKE] <con5|81> queueing CHILD_DELETE task
Nov 28 22:25:34 fw-1A charon[61694]: 16[IKE] <con5|81> activating new tasks
Nov 28 22:25:34 fw-1A charon[61694]: 16[IKE] <con5|81>   activating CHILD_DELETE task
Nov 28 22:25:34 fw-1A charon[61694]: 16[CHD] <con5|81> CHILD_SA con5{98} state change: DELETED => DESTROYING
Nov 28 22:25:34 fw-1A charon[61694]: 16[IKE] <con5|81> activating new tasks
Nov 28 22:25:34 fw-1A charon[61694]: 16[IKE] <con5|81> nothing to initiate
Nov 28 22:25:38 fw-1A charon[61694]: 05[CFG] vici client 299 connected
Nov 28 22:25:38 fw-1A charon[61694]: 16[CFG] vici client 299 registered for: list-sa
Nov 28 22:25:38 fw-1A charon[61694]: 05[CFG] vici client 299 requests: list-sas
Nov 28 22:25:38 fw-1A charon[61694]: 16[CFG] vici client 299 disconnected
Nov 28 22:25:43 fw-1A charon[61694]: 16[CFG] vici client 300 connected
Nov 28 22:25:43 fw-1A charon[61694]: 16[CFG] vici client 300 registered for: list-sa
Nov 28 22:25:43 fw-1A charon[61694]: 16[CFG] vici client 300 requests: list-sas
Nov 28 22:25:43 fw-1A charon[61694]: 16[CFG] vici client 300 disconnected
Nov 28 22:25:48 fw-1A charon[61694]: 14[CFG] vici client 301 connected
Nov 28 22:25:48 fw-1A charon[61694]: 16[CFG] vici client 301 registered for: list-sa
Nov 28 22:25:48 fw-1A charon[61694]: 14[CFG] vici client 301 requests: list-sas
Nov 28 22:25:48 fw-1A charon[61694]: 14[CFG] vici client 301 disconnected
Nov 28 22:25:53 fw-1A charon[61694]: 14[CFG] vici client 302 connected
Nov 28 22:25:53 fw-1A charon[61694]: 16[CFG] vici client 302 registered for: list-sa
Nov 28 22:25:53 fw-1A charon[61694]: 16[CFG] vici client 302 requests: list-sas
Nov 28 22:25:53 fw-1A charon[61694]: 16[CFG] vici client 302 disconnected
Nov 28 22:25:58 fw-1A charon[61694]: 16[CFG] vici client 303 connected
Nov 28 22:25:58 fw-1A charon[61694]: 16[CFG] vici client 303 registered for: list-sa
Nov 28 22:25:58 fw-1A charon[61694]: 16[CFG] vici client 303 requests: list-sas
Nov 28 22:25:58 fw-1A charon[61694]: 08[CFG] vici client 303 disconnected
Nov 28 22:26:01 fw-1A charon[61694]: 08[NET] <493> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
Nov 28 22:26:01 fw-1A charon[61694]: 08[ENC] <493> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> found matching ike config: 197.214.xxx.yyy...0.0.0.0/0, ::/0 with prio 1052
Nov 28 22:26:01 fw-1A charon[61694]: 08[IKE] <493> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
Nov 28 22:26:01 fw-1A charon[61694]: 08[IKE] <493> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
Nov 28 22:26:01 fw-1A charon[61694]: 08[IKE] <493> 165.165.172.58 is initiating an IKE_SA
Nov 28 22:26:01 fw-1A charon[61694]: 08[IKE] <493> IKE_SA (unnamed)[493] state change: CREATED => CONNECTING
Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> selecting proposal:
Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> selecting proposal:
Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> selecting proposal:
Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493>   proposal matches
Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> received supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> sending supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:26:01 fw-1A charon[61694]: 08[IKE] <493> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:26:01 fw-1A charon[61694]: 08[ENC] <493> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:26:01 fw-1A charon[61694]: 08[NET] <493> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
Nov 28 22:26:01 fw-1A charon[61694]: 08[NET] <493> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
Nov 28 22:26:01 fw-1A charon[61694]: 08[ENC] <493> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
Nov 28 22:26:01 fw-1A charon[61694]: 08[CFG] <493> no matching peer config found
Nov 28 22:26:01 fw-1A charon[61694]: 08[ENC] <493> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
Nov 28 22:26:01 fw-1A charon[61694]: 08[NET] <493> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
Nov 28 22:26:01 fw-1A charon[61694]: 08[IKE] <493> IKE_SA (unnamed)[493] state change: CONNECTING => DESTROYING
Nov 28 22:26:04 fw-1A charon[61694]: 12[CFG] vici client 304 connected
Nov 28 22:26:04 fw-1A charon[61694]: 16[CFG] vici client 304 registered for: list-sa
Nov 28 22:26:04 fw-1A charon[61694]: 16[CFG] vici client 304 requests: list-sas
Nov 28 22:26:04 fw-1A charon[61694]: 12[CFG] vici client 304 disconnected
Nov 28 22:26:09 fw-1A charon[61694]: 16[CFG] vici client 305 connected
Nov 28 22:26:09 fw-1A charon[61694]: 07[CFG] vici client 305 registered for: list-sa
Nov 28 22:26:09 fw-1A charon[61694]: 07[CFG] vici client 305 requests: list-sas
Nov 28 22:26:09 fw-1A charon[61694]: 16[CFG] vici client 305 disconnected
Nov 28 22:26:14 fw-1A charon[61694]: 10[CFG] vici client 306 connected
Nov 28 22:26:14 fw-1A charon[61694]: 11[CFG] vici client 306 registered for: list-sa
Nov 28 22:26:14 fw-1A charon[61694]: 10[CFG] vici client 306 requests: list-sas
Nov 28 22:26:14 fw-1A charon[61694]: 10[CFG] vici client 306 disconnected
Nov 28 22:26:15 fw-1A charon[61694]: 10[CFG] vici client 307 connected
Nov 28 22:26:15 fw-1A charon[61694]: 16[CFG] vici client 307 registered for: list-sa
Nov 28 22:26:15 fw-1A charon[61694]: 16[CFG] vici client 307 requests: list-sas
Nov 28 22:26:15 fw-1A charon[61694]: 16[CFG] vici client 307 disconnected
Nov 28 22:26:19 fw-1A charon[61694]: 10[CFG] vici client 308 connected
Nov 28 22:26:19 fw-1A charon[61694]: 13[CFG] vici client 308 registered for: list-sa
Nov 28 22:26:19 fw-1A charon[61694]: 11[CFG] vici client 308 requests: list-sas
Nov 28 22:26:19 fw-1A charon[61694]: 11[CFG] vici client 308 disconnected
Nov 28 22:26:24 fw-1A charon[61694]: 11[CFG] vici client 309 connected
Nov 28 22:26:24 fw-1A charon[61694]: 10[CFG] vici client 309 registered for: list-sa
Nov 28 22:26:24 fw-1A charon[61694]: 11[CFG] vici client 309 requests: list-sas
Nov 28 22:26:24 fw-1A charon[61694]: 11[CFG] vici client 309 disconnected
Nov 28 22:26:29 fw-1A charon[61694]: 05[CFG] vici client 310 connected
Nov 28 22:26:29 fw-1A charon[61694]: 11[CFG] vici client 310 registered for: list-sa
Nov 28 22:26:29 fw-1A charon[61694]: 05[CFG] vici client 310 requests: list-sas
Nov 28 22:26:29 fw-1A charon[61694]: 15[CFG] vici client 310 disconnected
Nov 28 22:26:34 fw-1A charon[61694]: 15[CFG] vici client 311 connected
Nov 28 22:26:34 fw-1A charon[61694]: 14[CFG] vici client 311 registered for: list-sa
Nov 28 22:26:34 fw-1A charon[61694]: 15[CFG] vici client 311 requests: list-sas
Nov 28 22:26:34 fw-1A charon[61694]: 14[CFG] vici client 311 disconnected
Nov 28 22:26:39 fw-1A charon[61694]: 14[CFG] vici client 312 connected
Nov 28 22:26:39 fw-1A charon[61694]: 06[CFG] vici client 312 registered for: list-sa
Nov 28 22:26:39 fw-1A charon[61694]: 06[CFG] vici client 312 requests: list-sas
Nov 28 22:26:39 fw-1A charon[61694]: 05[CFG] vici client 312 disconnected
Nov 28 22:26:44 fw-1A charon[61694]: 05[CFG] vici client 313 connected
Nov 28 22:26:44 fw-1A charon[61694]: 12[CFG] vici client 313 registered for: list-sa
Nov 28 22:26:44 fw-1A charon[61694]: 08[CFG] vici client 313 requests: list-sas
Nov 28 22:26:44 fw-1A charon[61694]: 08[CFG] vici client 313 disconnected
Nov 28 22:27:01 fw-1A charon[61694]: 08[NET] <494> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
Nov 28 22:27:01 fw-1A charon[61694]: 08[ENC] <494> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> found matching ike config: 197.214.xxx.yyy...0.0.0.0/0, ::/0 with prio 1052
Nov 28 22:27:01 fw-1A charon[61694]: 08[IKE] <494> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
Nov 28 22:27:01 fw-1A charon[61694]: 08[IKE] <494> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
Nov 28 22:27:01 fw-1A charon[61694]: 08[IKE] <494> 165.165.172.58 is initiating an IKE_SA
Nov 28 22:27:01 fw-1A charon[61694]: 08[IKE] <494> IKE_SA (unnamed)[494] state change: CREATED => CONNECTING
Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> selecting proposal:
Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> selecting proposal:
Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> selecting proposal:
Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494>   proposal matches
Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> received supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> sending supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:27:01 fw-1A charon[61694]: 08[IKE] <494> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:27:01 fw-1A charon[61694]: 08[ENC] <494> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:27:01 fw-1A charon[61694]: 08[NET] <494> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
Nov 28 22:27:01 fw-1A charon[61694]: 08[NET] <494> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
Nov 28 22:27:01 fw-1A charon[61694]: 08[ENC] <494> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
Nov 28 22:27:01 fw-1A charon[61694]: 08[CFG] <494> no matching peer config found
Nov 28 22:27:01 fw-1A charon[61694]: 08[ENC] <494> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
Nov 28 22:27:01 fw-1A charon[61694]: 08[NET] <494> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
Nov 28 22:27:01 fw-1A charon[61694]: 08[IKE] <494> IKE_SA (unnamed)[494] state change: CONNECTING => DESTROYING
Nov 28 22:27:29 fw-1A charon[61694]: 08[NET] <con5|81> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (160 bytes)
Nov 28 22:27:29 fw-1A charon[61694]: 08[ENC] <con5|81> parsed INFORMATIONAL request 226 [ ]
Nov 28 22:27:29 fw-1A charon[61694]: 08[ENC] <con5|81> generating INFORMATIONAL response 226 [ ]
Nov 28 22:27:29 fw-1A charon[61694]: 08[NET] <con5|81> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:27:54 fw-1A charon[61694]: 07[CFG] vici client 314 connected
Nov 28 22:27:54 fw-1A charon[61694]: 05[CFG] vici client 314 requests: reload-settings
Nov 28 22:27:54 fw-1A charon[61694]: 05[CFG] ipseckey plugin is disabled
Nov 28 22:27:54 fw-1A charon[61694]: 05[CFG] loaded attribute INTERNAL_IP4_SUBNET: c0:a8:98:00:ff:ff:ff:f8
Nov 28 22:27:54 fw-1A charon[61694]: 05[CFG] loaded attribute UNITY_SPLIT_INCLUDE: c0:a8:98:00:ff:ff:ff:f8
Nov 28 22:27:54 fw-1A charon[61694]: 05[CFG] loaded attribute UNITY_BANNER: 4f:6e:6c:79:20:61:75:74:68:6f:72:69:73:65:64:20:75:73:65:72:73:20:6d:61:79:20:65:6e:74:65:72:20:68:65:72:65:21
Nov 28 22:27:54 fw-1A charon[61694]: 05[CFG] loaded attribute UNITY_PFS: 31:34
Nov 28 22:27:54 fw-1A charon[61694]: 05[CFG] loaded 4 entries for attr plugin configuration
Nov 28 22:27:54 fw-1A charon[61694]: 05[CFG] loaded 0 RADIUS server configurations
Nov 28 22:27:54 fw-1A charon[61694]: 07[CFG] vici client 314 disconnected
Nov 28 22:27:54 fw-1A charon[61694]: 05[CFG] vici client 315 connected
Nov 28 22:27:54 fw-1A charon[61694]: 07[CFG] vici client 315 requests: get-keys
Nov 28 22:27:54 fw-1A charon[61694]: 09[CFG] vici client 315 requests: get-shared
Nov 28 22:27:54 fw-1A charon[61694]: 09[CFG] vici client 315 requests: load-cert
Nov 28 22:27:54 fw-1A charon[61694]: 09[CFG] loaded certificate 'CN=fw.fast.za.net, C=ZA, ST=Western Cape, L=Cape Town, O=Abellard SS, OU=Hosting Services'
Nov 28 22:27:54 fw-1A charon[61694]: 07[CFG] vici client 315 requests: load-cert
Nov 28 22:27:54 fw-1A charon[61694]: 07[CFG] loaded certificate 'CN=Fastnet-CA-2, C=ZA, O=Abellard SS'
Nov 28 22:27:54 fw-1A charon[61694]: 16[CFG] vici client 315 requests: load-key
Nov 28 22:27:54 fw-1A charon[61694]: 16[CFG] loaded ANY private key
Nov 28 22:27:54 fw-1A charon[61694]: 09[CFG] vici client 315 requests: load-shared
Nov 28 22:27:54 fw-1A charon[61694]: 09[CFG] loaded IKE shared key with id 'ike-0' for: '%any', '192.168.0.2'
Nov 28 22:27:54 fw-1A charon[61694]: 09[CFG] vici client 315 requests: load-shared
Nov 28 22:27:54 fw-1A charon[61694]: 09[CFG] loaded IKE shared key with id 'ike-1' for: '%any', '41.164.68.170'
Nov 28 22:27:54 fw-1A charon[61694]: 09[CFG] vici client 315 requests: load-shared
Nov 28 22:27:54 fw-1A charon[61694]: 09[CFG] loaded IKE shared key with id 'ike-2' for: '%any', '%any'
Nov 28 22:27:54 fw-1A charon[61694]: 13[CFG] vici client 315 requests: load-shared
Nov 28 22:27:54 fw-1A charon[61694]: 13[CFG] loaded IKE shared key with id 'ike-4' for: '%any', '%any'
Nov 28 22:27:54 fw-1A charon[61694]: 13[CFG] vici client 315 requests: load-shared
Nov 28 22:27:54 fw-1A charon[61694]: 13[CFG] loaded EAP shared key with id 'eap-5' for: 'reliance.compost'
Nov 28 22:27:54 fw-1A charon[61694]: 13[CFG] vici client 315 requests: load-shared
Nov 28 22:27:54 fw-1A charon[61694]: 13[CFG] loaded EAP shared key with id 'eap-6' for: 'mac.pack'
Nov 28 22:27:54 fw-1A charon[61694]: 10[CFG] vici client 315 requests: load-shared
Nov 28 22:27:54 fw-1A charon[61694]: 10[CFG] loaded EAP shared key with id 'eap-7' for: 'greenway.farms'
Nov 28 22:27:54 fw-1A charon[61694]: 10[CFG] vici client 315 requests: unload-shared
Nov 28 22:27:54 fw-1A charon[61694]: 10[CFG] unloaded shared key with id 'eap-4'
Nov 28 22:27:54 fw-1A charon[61694]: 13[CFG] vici client 315 requests: get-authorities
Nov 28 22:27:54 fw-1A charon[61694]: 10[CFG] vici client 315 requests: get-pools
Nov 28 22:27:54 fw-1A charon[61694]: 10[CFG] vici client 315 requests: load-pool
Nov 28 22:27:54 fw-1A charon[61694]: 10[CFG] updated vici pool mobile-pool-v4: 10.10.10.0, 254 entries
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] vici client 315 requests: load-pool
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] updated vici pool mobile-userpool-1: 10.10.15.0, 254 entries
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] vici client 315 requests: load-pool
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] updated vici pool mobile-userpool-2: 10.10.10.0, 254 entries
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG] vici client 315 requests: load-pool
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG] updated vici pool mobile-userpool-3: 10.10.16.0, 254 entries
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG] vici client 315 requests: get-conns
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG] vici client 315 requests: load-conn
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]  conn bypass:
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   child bypasslan:
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    rekey_time = 3600
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    life_time = 3960
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    rand_time = 360
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    rekey_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    life_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    rand_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    rekey_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    life_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    rand_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    updown = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    hostaccess = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    ipcomp = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    mode = PASS
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    policies = 1
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    policies_fwd_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    dpd_action = none
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    start_action = trap
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    close_action = none
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    reqid = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    tfc = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    priority = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    interface = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    if_id_in = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    if_id_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    mark_in = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    mark_in_sa = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    mark_out = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    set_mark_in = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    set_mark_out = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    label = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    label_mode = system
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    inactivity = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    proposals = ESP:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/NO_EXT_SEQ, ESP:AES_CBC_128/AES_CBC_192/AES_CBC_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/HMAC_SHA1_96/AES_XCBC_96/NO_EXT_SEQ
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    local_ts = 192.168.131.0/24|/0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    remote_ts = 192.168.131.0/24|/0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    hw_offload = no
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    sha256_96 = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    copy_df = 1
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    copy_ecn = 1
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]    copy_dscp = out
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   version = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   local_addrs = %any
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   remote_addrs = 127.0.0.1
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   local_port = 500
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   remote_port = 500
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   send_certreq = 1
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   send_cert = CERT_SEND_IF_ASKED
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   ppk_id = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   ppk_required = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   mobike = 1
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   aggressive = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   dscp = 0x00
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   encap = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   dpd_delay = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   dpd_timeout = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   fragmentation = 2
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   childless = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   unique = UNIQUE_NO
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   keyingtries = 1
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   reauth_time = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   rekey_time = 14400
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   over_time = 1440
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   rand_time = 1440
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   proposals = IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/3DES_CBC/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/HMAC_SHA1_96/AES_XCBC_96/AES_CMAC_96/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192/MODP_2048, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192/MODP_2048
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   if_id_in = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   if_id_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   local:
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG]   remote:
Nov 28 22:27:54 fw-1A charon[61694]: 15[CFG] updated vici connection: bypass
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] vici client 315 requests: load-conn
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]  conn con3:
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   child con3:
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_time = 38876
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_time = 43196
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_time = 4320
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    updown = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    hostaccess = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    ipcomp = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mode = TUNNEL
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    policies = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    policies_fwd_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    dpd_action = trap
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    start_action = trap
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    close_action = none
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    reqid = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    tfc = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    priority = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    interface = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    if_id_in = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    if_id_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_in = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_in_sa = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_out = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    set_mark_in = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    set_mark_out = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    label = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    label_mode = system
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    inactivity = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_16_128/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_128/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    local_ts = 192.168.131.191/32|/0 192.168.131.177/32|/0 192.168.131.174/32|/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    remote_ts = 172.16.3.0/24|/0 172.16.3.0/24|/0 172.16.3.0/24|/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    hw_offload = no
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    sha256_96 = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_df = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_ecn = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_dscp = out
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   version = 2
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local_addrs = 197.214.xxx.yyy
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote_addrs = 105.27.113.66
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local_port = 500
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote_port = 500
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   send_certreq = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   send_cert = CERT_SEND_IF_ASKED
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   ppk_id = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   ppk_required = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   mobike = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   aggressive = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dscp = 0x00
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   encap = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dpd_delay = 10
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dpd_timeout = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   fragmentation = 2
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   childless = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   unique = UNIQUE_REPLACE
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   keyingtries = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   reauth_time = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   rekey_time = 77760
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   over_time = 8640
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   rand_time = 8640
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   proposals = IKE:AES_GCM_16_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   if_id_in = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   if_id_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local:
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    class = pre-shared key
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    id = 197.214.xxx.yyy
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote:
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    class = pre-shared key
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    id = 192.168.0.2
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] updated vici connection: con3
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] vici client 315 requests: load-conn
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]  conn con4:
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   child con4:
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_time = 38876
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_time = 43196
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_time = 4320
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    updown = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    hostaccess = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    ipcomp = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mode = TUNNEL
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    policies = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    policies_fwd_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    dpd_action = trap
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    start_action = trap
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    close_action = none
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    reqid = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    tfc = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    priority = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    interface = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    if_id_in = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    if_id_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_in = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_in_sa = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_out = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    set_mark_in = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    set_mark_out = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    label = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    label_mode = system
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    inactivity = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_16_128/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_128/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    local_ts = 192.168.131.191/32|/0 192.168.131.177/32|/0 192.168.131.174/32|/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    remote_ts = 172.16.3.0/24|/0 172.16.3.0/24|/0 172.16.3.0/24|/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    hw_offload = no
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    sha256_96 = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_df = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_ecn = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_dscp = out
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   version = 2
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local_addrs = 197.214.xxx.yyy
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote_addrs = 41.164.68.170
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local_port = 500
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote_port = 500
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   send_certreq = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   send_cert = CERT_SEND_IF_ASKED
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   ppk_id = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   ppk_required = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   mobike = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   aggressive = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dscp = 0x00
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   encap = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dpd_delay = 10
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dpd_timeout = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   fragmentation = 2
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   childless = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   unique = UNIQUE_REPLACE
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   keyingtries = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   reauth_time = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   rekey_time = 77760
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   over_time = 8640
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   rand_time = 8640
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   proposals = IKE:AES_GCM_16_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   if_id_in = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   if_id_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local:
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    class = pre-shared key
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    id = 197.214.xxx.yyy
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote:
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    class = pre-shared key
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    id = 41.164.68.170
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] updated vici connection: con4
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] vici client 315 requests: load-conn
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]  conn con5:
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   child con5:
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_time = 3240
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_time = 3600
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_time = 360
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    updown = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    hostaccess = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    ipcomp = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mode = TUNNEL
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    policies = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    policies_fwd_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    dpd_action = trap
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    start_action = trap
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    close_action = none
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    reqid = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    tfc = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    priority = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    interface = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    if_id_in = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    if_id_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_in = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_in_sa = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_out = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    set_mark_in = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    set_mark_out = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    label = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    label_mode = system
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    inactivity = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    proposals = ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    local_ts = 192.168.152.0/29|/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    remote_ts = 192.168.0.0/24|/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    hw_offload = no
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    sha256_96 = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_df = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_ecn = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_dscp = out
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   version = 2
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local_addrs = 197.214.xxx.yyy
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote_addrs = 196.250.128.24
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local_port = 500
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote_port = 500
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   send_certreq = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   send_cert = CERT_SEND_IF_ASKED
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   ppk_id = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   ppk_required = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   mobike = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   aggressive = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dscp = 0x00
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   encap = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dpd_delay = 10
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dpd_timeout = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   fragmentation = 2
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   childless = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   unique = UNIQUE_REPLACE
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   keyingtries = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   reauth_time = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   rekey_time = 25920
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   over_time = 2880
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   rand_time = 2880
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   proposals = IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   if_id_in = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   if_id_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local:
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    class = pre-shared key
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    id = 197.214.xxx.yyy
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote:
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    class = pre-shared key
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    id = %any
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] updated vici connection: con5
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG] vici client 315 requests: load-conn
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]  conn con-mobile:
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   child con-mobile:
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    rekey_time = 3240
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    life_time = 3600
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    rand_time = 360
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    rekey_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    life_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    rand_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    rekey_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    life_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    rand_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    updown = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    hostaccess = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    ipcomp = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    mode = TUNNEL
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    policies = 1
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    policies_fwd_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    dpd_action = none
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    start_action = none
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    close_action = none
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    reqid = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    tfc = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    priority = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    interface = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    if_id_in = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    if_id_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    mark_in = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    mark_in_sa = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    mark_out = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    set_mark_in = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    set_mark_out = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    label = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    label_mode = system
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    inactivity = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_192/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    local_ts = 192.168.152.0/29|/0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    remote_ts = dynamic
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    hw_offload = no
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    sha256_96 = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    copy_df = 1
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    copy_ecn = 1
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    copy_dscp = out
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   version = 2
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   local_addrs = 197.214.xxx.yyy
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   remote_addrs = 0.0.0.0/0, ::/0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   local_port = 500
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   remote_port = 500
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   send_certreq = 1
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   send_cert = CERT_ALWAYS_SEND
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   ppk_id = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   ppk_required = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   mobike = 1
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   aggressive = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   dscp = 0x00
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   encap = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   dpd_delay = 10
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   dpd_timeout = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   fragmentation = 2
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   childless = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   unique = UNIQUE_REPLACE
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   keyingtries = 1
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   reauth_time = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   rekey_time = 25920
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   over_time = 2880
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   rand_time = 2880
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   proposals = IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   if_id_in = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   if_id_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   local:
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    class = public key
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    id = fw.fast.za.net
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    cert = CN=fw.fast.za.net, C=ZA, ST=Western Cape, L=Cape Town, O=Abellard SS, OU=Hosting Services
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]   remote:
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    eap-type = EAP_MSCHAPV2
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    class = EAP
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    eap_id = %any
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG]    id = %any
Nov 28 22:27:54 fw-1A charon[61694]: 06[CFG] updated vici connection: con-mobile
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG] vici client 315 requests: load-conn
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]  conn con10:
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   version = 2
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   local_addrs = 197.214.xxx.yyy
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   remote_addrs = 165.165.172.58
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   local_port = 500
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   remote_port = 500
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   send_certreq = 1
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   send_cert = CERT_SEND_IF_ASKED
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   ppk_id = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   ppk_required = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   mobike = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   aggressive = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   dscp = 0x00
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   encap = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   dpd_delay = 10
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   dpd_timeout = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   fragmentation = 2
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   childless = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   unique = UNIQUE_REPLACE
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   keyingtries = 1
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   reauth_time = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   rekey_time = 25920
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   over_time = 2880
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   rand_time = 2880
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   proposals = IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   if_id_in = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   if_id_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   local:
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    class = pre-shared key
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    id = 197.214.xxx.yyy
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   remote:
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    class = pre-shared key
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    id = %any
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG] added vici connection: con10
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] vici client 315 requests: load-conn
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]  conn con-mobile-userpool-1:
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   child con-mobile:
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_time = 3240
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_time = 3600
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_time = 360
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    updown = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    hostaccess = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    ipcomp = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mode = TUNNEL
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    policies = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    policies_fwd_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    dpd_action = none
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    start_action = none
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    close_action = none
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    reqid = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    tfc = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    priority = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    interface = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    if_id_in = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    if_id_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_in = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_in_sa = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_out = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    set_mark_in = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    set_mark_out = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    label = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    label_mode = system
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    inactivity = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_192/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    local_ts = 192.168.152.0/29|/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    remote_ts = dynamic
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    hw_offload = no
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    sha256_96 = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_df = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_ecn = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_dscp = out
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   version = 2
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local_addrs = 197.214.xxx.yyy
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote_addrs = 0.0.0.0/0, ::/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local_port = 500
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote_port = 500
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   send_certreq = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   send_cert = CERT_ALWAYS_SEND
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   ppk_id = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   ppk_required = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   mobike = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   aggressive = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dscp = 0x00
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   encap = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dpd_delay = 10
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dpd_timeout = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   fragmentation = 2
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   childless = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   unique = UNIQUE_REPLACE
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   keyingtries = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   reauth_time = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   rekey_time = 25920
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   over_time = 2880
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   rand_time = 2880
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   proposals = IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   if_id_in = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   if_id_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local:
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    class = public key
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    id = fw.fast.za.net
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    cert = CN=fw.fast.za.net, C=ZA, ST=Western Cape, L=Cape Town, O=Abellard SS, OU=Hosting Services
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote:
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    eap-type = EAP_MSCHAPV2
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    class = EAP
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    eap_id = %any
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    id = reliance.compost
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] updated vici connection: con-mobile-userpool-1
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG] vici client 315 requests: load-conn
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]  conn con-mobile-userpool-2:
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   child con-mobile:
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    rekey_time = 3240
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    life_time = 3600
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    rand_time = 360
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    rekey_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    life_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    rand_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    rekey_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    life_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    rand_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    updown = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    hostaccess = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    ipcomp = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    mode = TUNNEL
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    policies = 1
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    policies_fwd_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    dpd_action = none
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    start_action = none
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    close_action = none
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    reqid = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    tfc = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    priority = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    interface = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    if_id_in = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    if_id_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    mark_in = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    mark_in_sa = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    mark_out = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    set_mark_in = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    set_mark_out = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    label = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    label_mode = system
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    inactivity = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_192/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    local_ts = 192.168.152.0/29|/0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    remote_ts = dynamic
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    hw_offload = no
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    sha256_96 = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    copy_df = 1
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    copy_ecn = 1
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    copy_dscp = out
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   version = 2
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   local_addrs = 197.214.xxx.yyy
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   remote_addrs = 0.0.0.0/0, ::/0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   local_port = 500
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   remote_port = 500
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   send_certreq = 1
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   send_cert = CERT_ALWAYS_SEND
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   ppk_id = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   ppk_required = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   mobike = 1
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   aggressive = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   dscp = 0x00
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   encap = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   dpd_delay = 10
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   dpd_timeout = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   fragmentation = 2
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   childless = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   unique = UNIQUE_REPLACE
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   keyingtries = 1
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   reauth_time = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   rekey_time = 25920
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   over_time = 2880
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   rand_time = 2880
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   proposals = IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   if_id_in = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   if_id_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   local:
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    class = public key
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    id = fw.fast.za.net
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    cert = CN=fw.fast.za.net, C=ZA, ST=Western Cape, L=Cape Town, O=Abellard SS, OU=Hosting Services
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]   remote:
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    eap-type = EAP_MSCHAPV2
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    class = EAP
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    eap_id = %any
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG]    id = mac.pack
Nov 28 22:27:54 fw-1A charon[61694]: 12[CFG] updated vici connection: con-mobile-userpool-2
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] vici client 315 requests: load-conn
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]  conn con-mobile-userpool-3:
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   child con-mobile:
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_time = 3240
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_time = 3600
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_time = 360
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_bytes = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rekey_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    life_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    rand_packets = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    updown = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    hostaccess = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    ipcomp = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mode = TUNNEL
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    policies = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    policies_fwd_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    dpd_action = none
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    start_action = none
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    close_action = none
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    reqid = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    tfc = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    priority = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    interface = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    if_id_in = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    if_id_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_in = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_in_sa = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    mark_out = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    set_mark_in = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    set_mark_out = 0/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    label = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    label_mode = system
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    inactivity = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_192/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    local_ts = 192.168.152.0/29|/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    remote_ts = dynamic
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    hw_offload = no
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    sha256_96 = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_df = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_ecn = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    copy_dscp = out
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   version = 2
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local_addrs = 197.214.xxx.yyy
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote_addrs = 0.0.0.0/0, ::/0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local_port = 500
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote_port = 500
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   send_certreq = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   send_cert = CERT_ALWAYS_SEND
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   ppk_id = (null)
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   ppk_required = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   mobike = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   aggressive = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dscp = 0x00
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   encap = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dpd_delay = 10
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   dpd_timeout = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   fragmentation = 2
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   childless = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   unique = UNIQUE_REPLACE
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   keyingtries = 1
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   reauth_time = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   rekey_time = 25920
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   over_time = 2880
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   rand_time = 2880
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   proposals = IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   if_id_in = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   if_id_out = 0
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   local:
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    class = public key
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    id = fw.fast.za.net
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    cert = CN=fw.fast.za.net, C=ZA, ST=Western Cape, L=Cape Town, O=Abellard SS, OU=Hosting Services
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]   remote:
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    eap-type = EAP_MSCHAPV2
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    class = EAP
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    eap_id = %any
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG]    id = greenway.farms
Nov 28 22:27:54 fw-1A charon[61694]: 11[CFG] updated vici connection: con-mobile-userpool-3
Nov 28 22:27:54 fw-1A charon[61694]: 14[CFG] vici client 315 disconnected
Nov 28 22:28:01 fw-1A charon[61694]: 14[NET] <495> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
Nov 28 22:28:01 fw-1A charon[61694]: 14[ENC] <495> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495>   candidate: 197.214.xxx.yyy...165.165.172.58, prio 3100
Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495> found matching ike config: 197.214.xxx.yyy...165.165.172.58 with prio 3100
Nov 28 22:28:01 fw-1A charon[61694]: 14[IKE] <495> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
Nov 28 22:28:01 fw-1A charon[61694]: 14[IKE] <495> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
Nov 28 22:28:01 fw-1A charon[61694]: 14[IKE] <495> 165.165.172.58 is initiating an IKE_SA
Nov 28 22:28:01 fw-1A charon[61694]: 14[IKE] <495> IKE_SA (unnamed)[495] state change: CREATED => CONNECTING
Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495> selecting proposal:
Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495> selecting proposal:
Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495> selecting proposal:
Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495>   proposal matches
Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495> received supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495> sending supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:28:01 fw-1A charon[61694]: 14[IKE] <495> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:28:01 fw-1A charon[61694]: 14[ENC] <495> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:28:01 fw-1A charon[61694]: 14[NET] <495> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
Nov 28 22:28:01 fw-1A charon[61694]: 14[NET] <495> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
Nov 28 22:28:01 fw-1A charon[61694]: 14[ENC] <495> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <495>   candidate "con10", match: 20/1/3100 (me/other/ike)
Nov 28 22:28:01 fw-1A charon[61694]: 14[CFG] <con10|495> selected peer config 'con10'
Nov 28 22:28:01 fw-1A charon[61694]: 14[IKE] <con10|495> tried 4 shared keys for '197.214.xxx.yyy' - '165.165.172.58', but MAC mismatched
Nov 28 22:28:01 fw-1A charon[61694]: 14[ENC] <con10|495> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
Nov 28 22:28:01 fw-1A charon[61694]: 14[NET] <con10|495> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
Nov 28 22:28:01 fw-1A charon[61694]: 14[IKE] <con10|495> IKE_SA con10[495] state change: CONNECTING => DESTROYING
Nov 28 22:29:01 fw-1A charon[61694]: 14[NET] <496> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
Nov 28 22:29:01 fw-1A charon[61694]: 14[ENC] <496> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496>   candidate: 197.214.xxx.yyy...165.165.172.58, prio 3100
Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496> found matching ike config: 197.214.xxx.yyy...165.165.172.58 with prio 3100
Nov 28 22:29:01 fw-1A charon[61694]: 14[IKE] <496> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
Nov 28 22:29:01 fw-1A charon[61694]: 14[IKE] <496> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
Nov 28 22:29:01 fw-1A charon[61694]: 14[IKE] <496> 165.165.172.58 is initiating an IKE_SA
Nov 28 22:29:01 fw-1A charon[61694]: 14[IKE] <496> IKE_SA (unnamed)[496] state change: CREATED => CONNECTING
Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496> selecting proposal:
Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496> selecting proposal:
Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496> selecting proposal:
Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496>   proposal matches
Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496> received supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496> sending supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:29:01 fw-1A charon[61694]: 14[IKE] <496> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:29:01 fw-1A charon[61694]: 14[ENC] <496> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:29:01 fw-1A charon[61694]: 14[NET] <496> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
Nov 28 22:29:01 fw-1A charon[61694]: 14[NET] <496> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
Nov 28 22:29:01 fw-1A charon[61694]: 14[ENC] <496> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <496>   candidate "con10", match: 20/1/3100 (me/other/ike)
Nov 28 22:29:01 fw-1A charon[61694]: 14[CFG] <con10|496> selected peer config 'con10'
Nov 28 22:29:01 fw-1A charon[61694]: 14[IKE] <con10|496> tried 4 shared keys for '197.214.xxx.yyy' - '165.165.172.58', but MAC mismatched
Nov 28 22:29:01 fw-1A charon[61694]: 14[ENC] <con10|496> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
Nov 28 22:29:01 fw-1A charon[61694]: 14[NET] <con10|496> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
Nov 28 22:29:01 fw-1A charon[61694]: 14[IKE] <con10|496> IKE_SA con10[496] state change: CONNECTING => DESTROYING
Nov 28 22:29:29 fw-1A charon[61694]: 14[NET] <con5|81> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (96 bytes)
Nov 28 22:29:29 fw-1A charon[61694]: 14[ENC] <con5|81> parsed INFORMATIONAL request 227 [ ]
Nov 28 22:29:29 fw-1A charon[61694]: 14[ENC] <con5|81> generating INFORMATIONAL response 227 [ ]
Nov 28 22:29:29 fw-1A charon[61694]: 14[NET] <con5|81> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:30:01 fw-1A charon[61694]: 07[NET] <497> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
Nov 28 22:30:01 fw-1A charon[61694]: 07[ENC] <497> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497>   candidate: 197.214.xxx.yyy...165.165.172.58, prio 3100
Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497> found matching ike config: 197.214.xxx.yyy...165.165.172.58 with prio 3100
Nov 28 22:30:01 fw-1A charon[61694]: 07[IKE] <497> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
Nov 28 22:30:01 fw-1A charon[61694]: 07[IKE] <497> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
Nov 28 22:30:01 fw-1A charon[61694]: 07[IKE] <497> 165.165.172.58 is initiating an IKE_SA
Nov 28 22:30:01 fw-1A charon[61694]: 07[IKE] <497> IKE_SA (unnamed)[497] state change: CREATED => CONNECTING
Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497> selecting proposal:
Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497> selecting proposal:
Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497> selecting proposal:
Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497>   proposal matches
Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497> received supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497> sending supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:30:01 fw-1A charon[61694]: 07[IKE] <497> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:30:01 fw-1A charon[61694]: 07[ENC] <497> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:30:01 fw-1A charon[61694]: 07[NET] <497> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
Nov 28 22:30:01 fw-1A charon[61694]: 07[NET] <497> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
Nov 28 22:30:01 fw-1A charon[61694]: 07[ENC] <497> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <497>   candidate "con10", match: 20/1/3100 (me/other/ike)
Nov 28 22:30:01 fw-1A charon[61694]: 07[CFG] <con10|497> selected peer config 'con10'
Nov 28 22:30:01 fw-1A charon[61694]: 07[IKE] <con10|497> tried 4 shared keys for '197.214.xxx.yyy' - '165.165.172.58', but MAC mismatched
Nov 28 22:30:01 fw-1A charon[61694]: 07[ENC] <con10|497> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
Nov 28 22:30:01 fw-1A charon[61694]: 07[NET] <con10|497> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
Nov 28 22:30:01 fw-1A charon[61694]: 07[IKE] <con10|497> IKE_SA con10[497] state change: CONNECTING => DESTROYING
Nov 28 22:31:01 fw-1A charon[61694]: 07[NET] <498> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
Nov 28 22:31:01 fw-1A charon[61694]: 07[ENC] <498> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498>   candidate: 197.214.xxx.yyy...165.165.172.58, prio 3100
Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498> found matching ike config: 197.214.xxx.yyy...165.165.172.58 with prio 3100
Nov 28 22:31:01 fw-1A charon[61694]: 07[IKE] <498> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
Nov 28 22:31:01 fw-1A charon[61694]: 07[IKE] <498> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
Nov 28 22:31:01 fw-1A charon[61694]: 07[IKE] <498> 165.165.172.58 is initiating an IKE_SA
Nov 28 22:31:01 fw-1A charon[61694]: 07[IKE] <498> IKE_SA (unnamed)[498] state change: CREATED => CONNECTING
Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498> selecting proposal:
Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498> selecting proposal:
Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498> selecting proposal:
Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498>   proposal matches
Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498> received supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498> sending supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:31:01 fw-1A charon[61694]: 07[IKE] <498> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:31:01 fw-1A charon[61694]: 07[ENC] <498> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:31:01 fw-1A charon[61694]: 07[NET] <498> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
Nov 28 22:31:01 fw-1A charon[61694]: 07[NET] <498> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
Nov 28 22:31:01 fw-1A charon[61694]: 07[ENC] <498> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <498>   candidate "con10", match: 20/1/3100 (me/other/ike)
Nov 28 22:31:01 fw-1A charon[61694]: 07[CFG] <con10|498> selected peer config 'con10'
Nov 28 22:31:01 fw-1A charon[61694]: 07[IKE] <con10|498> tried 4 shared keys for '197.214.xxx.yyy' - '165.165.172.58', but MAC mismatched
Nov 28 22:31:01 fw-1A charon[61694]: 07[ENC] <con10|498> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
Nov 28 22:31:01 fw-1A charon[61694]: 07[NET] <con10|498> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
Nov 28 22:31:01 fw-1A charon[61694]: 07[IKE] <con10|498> IKE_SA con10[498] state change: CONNECTING => DESTROYING
Nov 28 22:31:06 fw-1A charon[61694]: 07[IKE] <con4|17> sending DPD request
Nov 28 22:31:06 fw-1A charon[61694]: 09[IKE] <con3|18> sending DPD request
Nov 28 22:31:06 fw-1A charon[61694]: 09[IKE] <con3|18> queueing IKE_DPD task
Nov 28 22:31:06 fw-1A charon[61694]: 09[IKE] <con3|18> activating new tasks
Nov 28 22:31:06 fw-1A charon[61694]: 09[IKE] <con3|18>   activating IKE_DPD task
Nov 28 22:31:06 fw-1A charon[61694]: 07[IKE] <con4|17> queueing IKE_DPD task
Nov 28 22:31:06 fw-1A charon[61694]: 09[ENC] <con3|18> generating INFORMATIONAL request 525 [ ]
Nov 28 22:31:06 fw-1A charon[61694]: 07[IKE] <con4|17> activating new tasks
Nov 28 22:31:06 fw-1A charon[61694]: 07[IKE] <con4|17>   activating IKE_DPD task
Nov 28 22:31:06 fw-1A charon[61694]: 07[ENC] <con4|17> generating INFORMATIONAL request 520 [ ]
Nov 28 22:31:06 fw-1A charon[61694]: 09[NET] <con3|18> sending packet: from 197.214.xxx.yyy[4500] to 105.27.113.66[4500] (57 bytes)
Nov 28 22:31:06 fw-1A charon[61694]: 07[NET] <con4|17> sending packet: from 197.214.xxx.yyy[500] to 41.164.68.170[500] (57 bytes)
Nov 28 22:31:06 fw-1A charon[61694]: 07[NET] <con3|18> received packet: from 105.27.113.66[4500] to 197.214.xxx.yyy[4500] (65 bytes)
Nov 28 22:31:06 fw-1A charon[61694]: 07[ENC] <con3|18> parsed INFORMATIONAL response 525 [ ]
Nov 28 22:31:06 fw-1A charon[61694]: 07[IKE] <con3|18> activating new tasks
Nov 28 22:31:06 fw-1A charon[61694]: 07[IKE] <con3|18> nothing to initiate
Nov 28 22:31:06 fw-1A charon[61694]: 07[NET] <con4|17> received packet: from 41.164.68.170[500] to 197.214.xxx.yyy[500] (65 bytes)
Nov 28 22:31:06 fw-1A charon[61694]: 07[ENC] <con4|17> parsed INFORMATIONAL response 520 [ ]
Nov 28 22:31:06 fw-1A charon[61694]: 07[IKE] <con4|17> activating new tasks
Nov 28 22:31:06 fw-1A charon[61694]: 07[IKE] <con4|17> nothing to initiate
Nov 28 22:31:15 fw-1A charon[61694]: 16[CFG] vici client 316 connected
Nov 28 22:31:15 fw-1A charon[61694]: 09[CFG] vici client 316 registered for: list-sa
Nov 28 22:31:15 fw-1A charon[61694]: 16[CFG] vici client 316 requests: list-sas
Nov 28 22:31:15 fw-1A charon[61694]: 09[CFG] vici client 316 disconnected
Nov 28 22:31:29 fw-1A charon[61694]: 13[NET] <con5|81> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (160 bytes)
Nov 28 22:31:29 fw-1A charon[61694]: 13[ENC] <con5|81> parsed INFORMATIONAL request 228 [ ]
Nov 28 22:31:29 fw-1A charon[61694]: 13[ENC] <con5|81> generating INFORMATIONAL response 228 [ ]
Nov 28 22:31:29 fw-1A charon[61694]: 13[NET] <con5|81> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:32:01 fw-1A charon[61694]: 10[NET] <499> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
Nov 28 22:32:01 fw-1A charon[61694]: 10[ENC] <499> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499>   candidate: 197.214.xxx.yyy...165.165.172.58, prio 3100
Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499> found matching ike config: 197.214.xxx.yyy...165.165.172.58 with prio 3100
Nov 28 22:32:01 fw-1A charon[61694]: 10[IKE] <499> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
Nov 28 22:32:01 fw-1A charon[61694]: 10[IKE] <499> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
Nov 28 22:32:01 fw-1A charon[61694]: 10[IKE] <499> 165.165.172.58 is initiating an IKE_SA
Nov 28 22:32:01 fw-1A charon[61694]: 10[IKE] <499> IKE_SA (unnamed)[499] state change: CREATED => CONNECTING
Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499> selecting proposal:
Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499> selecting proposal:
Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499> selecting proposal:
Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499>   proposal matches
Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499> received supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499> sending supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:32:01 fw-1A charon[61694]: 10[IKE] <499> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:32:01 fw-1A charon[61694]: 10[ENC] <499> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:32:01 fw-1A charon[61694]: 10[NET] <499> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
Nov 28 22:32:01 fw-1A charon[61694]: 10[NET] <499> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
Nov 28 22:32:01 fw-1A charon[61694]: 10[ENC] <499> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <499>   candidate "con10", match: 20/1/3100 (me/other/ike)
Nov 28 22:32:01 fw-1A charon[61694]: 10[CFG] <con10|499> selected peer config 'con10'
Nov 28 22:32:01 fw-1A charon[61694]: 10[IKE] <con10|499> tried 4 shared keys for '197.214.xxx.yyy' - '165.165.172.58', but MAC mismatched
Nov 28 22:32:01 fw-1A charon[61694]: 10[ENC] <con10|499> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
Nov 28 22:32:01 fw-1A charon[61694]: 10[NET] <con10|499> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
Nov 28 22:32:01 fw-1A charon[61694]: 10[IKE] <con10|499> IKE_SA con10[499] state change: CONNECTING => DESTROYING
Nov 28 22:32:46 fw-1A charon[61694]: 15[CFG] vici client 317 connected
Nov 28 22:32:46 fw-1A charon[61694]: 10[CFG] vici client 317 registered for: list-sa
Nov 28 22:32:46 fw-1A charon[61694]: 15[CFG] vici client 317 requests: list-sas
Nov 28 22:32:46 fw-1A charon[61694]: 06[CFG] vici client 317 disconnected
Nov 28 22:32:51 fw-1A charon[61694]: 06[CFG] vici client 318 connected
Nov 28 22:32:51 fw-1A charon[61694]: 11[CFG] vici client 318 registered for: list-sa
Nov 28 22:32:51 fw-1A charon[61694]: 10[CFG] vici client 318 requests: list-sas
Nov 28 22:32:51 fw-1A charon[61694]: 10[CFG] vici client 318 disconnected
Nov 28 22:32:56 fw-1A charon[61694]: 06[CFG] vici client 319 connected
Nov 28 22:32:56 fw-1A charon[61694]: 06[CFG] vici client 319 registered for: list-sa
Nov 28 22:32:56 fw-1A charon[61694]: 12[CFG] vici client 320 connected
Nov 28 22:32:56 fw-1A charon[61694]: 08[CFG] vici client 320 registered for: list-sa
Nov 28 22:32:56 fw-1A charon[61694]: 08[CFG] vici client 319 requests: list-sas
Nov 28 22:32:56 fw-1A charon[61694]: 05[CFG] vici client 320 requests: list-sas
Nov 28 22:32:56 fw-1A charon[61694]: 06[CFG] vici client 320 disconnected
Nov 28 22:32:56 fw-1A charon[61694]: 06[CFG] vici client 319 disconnected
Nov 28 22:32:56 fw-1A charon[61694]: 06[CFG] vici client 321 connected
Nov 28 22:32:56 fw-1A charon[61694]: 08[CFG] vici client 321 registered for: control-log
Nov 28 22:32:56 fw-1A charon[61694]: 06[CFG] vici client 321 requests: terminate
Nov 28 22:32:56 fw-1A charon[61694]: 06[CFG] vici terminate IKE_SA #81
Nov 28 22:32:56 fw-1A charon[61694]: 08[IKE] <con5|81> queueing IKE_DELETE task
Nov 28 22:32:56 fw-1A charon[61694]: 08[IKE] <con5|81> activating new tasks
Nov 28 22:32:56 fw-1A charon[61694]: 08[IKE] <con5|81>   activating IKE_DELETE task
Nov 28 22:32:56 fw-1A charon[61694]: 08[IKE] <con5|81> deleting IKE_SA con5[81] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:32:56 fw-1A charon[61694]: 08[IKE] <con5|81> IKE_SA con5[81] state change: ESTABLISHED => DELETING
Nov 28 22:32:56 fw-1A charon[61694]: 08[IKE] <con5|81> sending DELETE for IKE_SA con5[81]
Nov 28 22:32:56 fw-1A charon[61694]: 08[ENC] <con5|81> generating INFORMATIONAL request 0 [ D ]
Nov 28 22:32:57 fw-1A charon[61694]: 08[NET] <con5|81> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:32:57 fw-1A charon[61694]: 08[IKE] <con5|81> IKE_SA con5[81] state change: DELETING => DESTROYING
Nov 28 22:32:57 fw-1A charon[61694]: 08[CHD] <con5|81> CHILD_SA con5{99} state change: INSTALLED => DESTROYING
Nov 28 22:32:57 fw-1A charon[61694]: 08[CFG] vici client 321 disconnected
Nov 28 22:32:58 fw-1A charon[61694]: 10[KNL] creating acquire job for policy 197.214.xxx.yyy/32|/0 === 196.250.128.24/32|/0 with reqid {2}
Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> queueing IKE_VENDOR task
Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> queueing IKE_INIT task
Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> queueing IKE_NATD task
Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> queueing IKE_CERT_PRE task
Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> queueing IKE_AUTH task
Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> queueing IKE_CERT_POST task
Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> queueing IKE_CONFIG task
Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> queueing IKE_AUTH_LIFETIME task
Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> queueing IKE_ESTABLISH task
Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> queueing CHILD_CREATE task
Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> activating new tasks
Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500>   activating IKE_VENDOR task
Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500>   activating IKE_INIT task
Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500>   activating IKE_NATD task
Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500>   activating IKE_CERT_PRE task
Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500>   activating IKE_AUTH task
Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500>   activating IKE_CERT_POST task
Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500>   activating IKE_CONFIG task
Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500>   activating IKE_AUTH_LIFETIME task
Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500>   activating IKE_ESTABLISH task
Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500>   activating CHILD_CREATE task
Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> initiating IKE_SA con5[500] to 196.250.128.24
Nov 28 22:32:58 fw-1A charon[61694]: 08[IKE] <con5|500> IKE_SA con5[500] state change: CREATED => CONNECTING
Nov 28 22:32:58 fw-1A charon[61694]: 08[CFG] <con5|500> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:32:58 fw-1A charon[61694]: 08[CFG] <con5|500> sending supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:32:58 fw-1A charon[61694]: 08[ENC] <con5|500> generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Nov 28 22:32:58 fw-1A charon[61694]: 08[NET] <con5|500> sending packet: from 197.214.xxx.yyy[500] to 196.250.128.24[500] (464 bytes)
Nov 28 22:33:01 fw-1A charon[61694]: 08[NET] <501> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
Nov 28 22:33:01 fw-1A charon[61694]: 08[ENC] <501> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501>   candidate: 197.214.xxx.yyy...165.165.172.58, prio 3100
Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501> found matching ike config: 197.214.xxx.yyy...165.165.172.58 with prio 3100
Nov 28 22:33:01 fw-1A charon[61694]: 08[IKE] <501> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
Nov 28 22:33:01 fw-1A charon[61694]: 08[IKE] <501> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
Nov 28 22:33:01 fw-1A charon[61694]: 08[IKE] <501> 165.165.172.58 is initiating an IKE_SA
Nov 28 22:33:01 fw-1A charon[61694]: 08[IKE] <501> IKE_SA (unnamed)[501] state change: CREATED => CONNECTING
Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501> selecting proposal:
Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501> selecting proposal:
Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501> selecting proposal:
Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501>   proposal matches
Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501> received supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501> sending supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:33:01 fw-1A charon[61694]: 08[IKE] <501> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:01 fw-1A charon[61694]: 08[ENC] <501> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:01 fw-1A charon[61694]: 08[NET] <501> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
Nov 28 22:33:01 fw-1A charon[61694]: 08[NET] <501> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
Nov 28 22:33:01 fw-1A charon[61694]: 08[ENC] <501> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <501>   candidate "con10", match: 20/1/3100 (me/other/ike)
Nov 28 22:33:01 fw-1A charon[61694]: 08[CFG] <con10|501> selected peer config 'con10'
Nov 28 22:33:01 fw-1A charon[61694]: 08[IKE] <con10|501> tried 4 shared keys for '197.214.xxx.yyy' - '165.165.172.58', but MAC mismatched
Nov 28 22:33:01 fw-1A charon[61694]: 08[ENC] <con10|501> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
Nov 28 22:33:01 fw-1A charon[61694]: 08[NET] <con10|501> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
Nov 28 22:33:01 fw-1A charon[61694]: 08[IKE] <con10|501> IKE_SA con10[501] state change: CONNECTING => DESTROYING
Nov 28 22:33:02 fw-1A charon[61694]: 10[CFG] vici client 322 connected
Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] vici client 322 registered for: list-sa
Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] vici client 322 requests: list-sas
Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] vici client 322 disconnected
Nov 28 22:33:02 fw-1A charon[61694]: 08[IKE] <con5|500> retransmit 1 of request with message ID 0
Nov 28 22:33:02 fw-1A charon[61694]: 08[NET] <con5|500> sending packet: from 197.214.xxx.yyy[500] to 196.250.128.24[500] (464 bytes)
Nov 28 22:33:02 fw-1A charon[61694]: 08[NET] <con5|500> received packet: from 196.250.128.24[500] to 197.214.xxx.yyy[500] (437 bytes)
Nov 28 22:33:02 fw-1A charon[61694]: 08[ENC] <con5|500> parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) CERTREQ ]
Nov 28 22:33:02 fw-1A charon[61694]: 08[IKE] <con5|500> received FRAGMENTATION_SUPPORTED notify
Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] <con5|500> selecting proposal:
Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] <con5|500>   proposal matches
Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] <con5|500> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] <con5|500> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] <con5|500> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:02 fw-1A charon[61694]: 08[IKE] <con5|500> remote host is behind NAT
Nov 28 22:33:02 fw-1A charon[61694]: 08[IKE] <con5|500> reinitiating already active tasks
Nov 28 22:33:02 fw-1A charon[61694]: 08[IKE] <con5|500>   IKE_CERT_PRE task
Nov 28 22:33:02 fw-1A charon[61694]: 08[IKE] <con5|500>   IKE_AUTH task
Nov 28 22:33:02 fw-1A charon[61694]: 08[IKE] <con5|500> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:02 fw-1A charon[61694]: 08[IKE] <con5|500> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:02 fw-1A charon[61694]: 08[IKE] <con5|500> successfully created shared key MAC
Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] <con5|500> proposing traffic selectors for us:
Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] <con5|500>  192.168.152.0/29|/0
Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] <con5|500> proposing traffic selectors for other:
Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] <con5|500>  192.168.0.0/24|/0
Nov 28 22:33:02 fw-1A charon[61694]: 08[CFG] <con5|500> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:02 fw-1A charon[61694]: 08[IKE] <con5|500> establishing CHILD_SA con5{100} reqid 2
Nov 28 22:33:02 fw-1A charon[61694]: 08[ENC] <con5|500> generating IKE_AUTH request 1 [ IDi CERTREQ AUTH N(ESP_TFC_PAD_N) SA TSi TSr N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Nov 28 22:33:02 fw-1A charon[61694]: 08[NET] <con5|500> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (272 bytes)
Nov 28 22:33:04 fw-1A charon[61694]: 08[NET] <502> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:04 fw-1A charon[61694]: 08[ENC] <502> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <502> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <502> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <502> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <502> IKE_SA (unnamed)[502] state change: CREATED => CONNECTING
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502> selecting proposal:
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502>   proposal matches
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <502> remote host is behind NAT
Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <502> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:04 fw-1A charon[61694]: 08[ENC] <502> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:04 fw-1A charon[61694]: 08[NET] <502> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:04 fw-1A charon[61694]: 08[NET] <502> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:04 fw-1A charon[61694]: 08[ENC] <502> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <502>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502> selected peer config 'con5'
Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> successfully created shared key MAC
Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> IKE_SA con5[502] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> IKE_SA con5[502] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> scheduling rekeying in 23877s
Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> maximum IKE_SA lifetime 26757s
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502> proposing traffic selectors for us:
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502>  192.168.152.0/29|/0
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502> proposing traffic selectors for other:
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502>  192.168.0.0/24|/0
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502>   candidate "con5" with prio 5+5
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502> found matching child config "con5" with prio 10
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502> selecting proposal:
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502>   proposal matches
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502> selecting traffic selectors for us:
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502> selecting traffic selectors for other:
Nov 28 22:33:04 fw-1A charon[61694]: 08[CFG] <con5|502>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:04 fw-1A charon[61694]: 08[CHD] <con5|502> CHILD_SA con5{101} state change: CREATED => INSTALLING
Nov 28 22:33:04 fw-1A charon[61694]: 08[CHD] <con5|502>   using AES_CBC for encryption
Nov 28 22:33:04 fw-1A charon[61694]: 08[CHD] <con5|502>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:04 fw-1A charon[61694]: 08[CHD] <con5|502> adding inbound ESP SA
Nov 28 22:33:04 fw-1A charon[61694]: 08[CHD] <con5|502>   SPI 0xc2d18b5b, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:04 fw-1A charon[61694]: 08[CHD] <con5|502> adding outbound ESP SA
Nov 28 22:33:04 fw-1A charon[61694]: 08[CHD] <con5|502>   SPI 0x030759c0, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> CHILD_SA con5{101} established with SPIs c2d18b5b_i 030759c0_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:04 fw-1A charon[61694]: 08[CHD] <con5|502> CHILD_SA con5{101} state change: INSTALLING => INSTALLED
Nov 28 22:33:04 fw-1A charon[61694]: 08[ENC] <con5|502> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:04 fw-1A charon[61694]: 08[NET] <con5|502> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:04 fw-1A charon[61694]: 08[NET] <con5|502> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (224 bytes)
Nov 28 22:33:04 fw-1A charon[61694]: 08[ENC] <con5|502> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> received DELETE for IKE_SA con5[502]
Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> deleting IKE_SA con5[502] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> IKE_SA con5[502] state change: ESTABLISHED => DELETING
Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> IKE_SA deleted
Nov 28 22:33:04 fw-1A charon[61694]: 08[ENC] <con5|502> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:04 fw-1A charon[61694]: 08[NET] <con5|502> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:04 fw-1A charon[61694]: 08[IKE] <con5|502> IKE_SA con5[502] state change: DELETING => DESTROYING
Nov 28 22:33:04 fw-1A charon[61694]: 08[CHD] <con5|502> CHILD_SA con5{101} state change: INSTALLED => DESTROYING
Nov 28 22:33:06 fw-1A charon[61694]: 07[IKE] <con5|500> retransmit 1 of request with message ID 1
Nov 28 22:33:06 fw-1A charon[61694]: 07[NET] <con5|500> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (272 bytes)
Nov 28 22:33:06 fw-1A charon[61694]: 07[KNL] creating acquire job for policy 197.214.xxx.yyy/32|/0 === 196.250.128.24/32|/0 with reqid {2}
Nov 28 22:33:06 fw-1A charon[61694]: 08[CFG] ignoring acquire for reqid 2, connection attempt pending
Nov 28 22:33:07 fw-1A charon[61694]: 07[CFG] vici client 323 connected
Nov 28 22:33:07 fw-1A charon[61694]: 07[CFG] vici client 323 registered for: list-sa
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] vici client 323 requests: list-sas
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] vici client 323 disconnected
Nov 28 22:33:07 fw-1A charon[61694]: 08[NET] <503> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:07 fw-1A charon[61694]: 08[ENC] <503> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <503> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <503> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <503> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <503> IKE_SA (unnamed)[503] state change: CREATED => CONNECTING
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503> selecting proposal:
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503>   proposal matches
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <503> remote host is behind NAT
Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <503> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:07 fw-1A charon[61694]: 08[ENC] <503> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:07 fw-1A charon[61694]: 08[NET] <503> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:07 fw-1A charon[61694]: 08[NET] <503> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (448 bytes)
Nov 28 22:33:07 fw-1A charon[61694]: 08[ENC] <503> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <503>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503> selected peer config 'con5'
Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> successfully created shared key MAC
Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> IKE_SA con5[503] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> IKE_SA con5[503] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> scheduling rekeying in 23540s
Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> maximum IKE_SA lifetime 26420s
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503> proposing traffic selectors for us:
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503>  192.168.152.0/29|/0
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503> proposing traffic selectors for other:
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503>  192.168.0.0/24|/0
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503>   candidate "con5" with prio 5+5
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503> found matching child config "con5" with prio 10
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503> selecting proposal:
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503>   proposal matches
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503> selecting traffic selectors for us:
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503> selecting traffic selectors for other:
Nov 28 22:33:07 fw-1A charon[61694]: 08[CFG] <con5|503>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:07 fw-1A charon[61694]: 08[CHD] <con5|503> CHILD_SA con5{102} state change: CREATED => INSTALLING
Nov 28 22:33:07 fw-1A charon[61694]: 08[CHD] <con5|503>   using AES_CBC for encryption
Nov 28 22:33:07 fw-1A charon[61694]: 08[CHD] <con5|503>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:07 fw-1A charon[61694]: 08[CHD] <con5|503> adding inbound ESP SA
Nov 28 22:33:07 fw-1A charon[61694]: 08[CHD] <con5|503>   SPI 0xcc807271, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:07 fw-1A charon[61694]: 08[CHD] <con5|503> adding outbound ESP SA
Nov 28 22:33:07 fw-1A charon[61694]: 08[CHD] <con5|503>   SPI 0x084c0e20, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> CHILD_SA con5{102} established with SPIs cc807271_i 084c0e20_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:07 fw-1A charon[61694]: 08[CHD] <con5|503> CHILD_SA con5{102} state change: INSTALLING => INSTALLED
Nov 28 22:33:07 fw-1A charon[61694]: 08[ENC] <con5|503> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:07 fw-1A charon[61694]: 08[NET] <con5|503> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:07 fw-1A charon[61694]: 08[NET] <con5|503> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (272 bytes)
Nov 28 22:33:07 fw-1A charon[61694]: 08[ENC] <con5|503> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> received DELETE for IKE_SA con5[503]
Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> deleting IKE_SA con5[503] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> IKE_SA con5[503] state change: ESTABLISHED => DELETING
Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> IKE_SA deleted
Nov 28 22:33:07 fw-1A charon[61694]: 08[ENC] <con5|503> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:07 fw-1A charon[61694]: 08[NET] <con5|503> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:07 fw-1A charon[61694]: 08[IKE] <con5|503> IKE_SA con5[503] state change: DELETING => DESTROYING
Nov 28 22:33:07 fw-1A charon[61694]: 08[CHD] <con5|503> CHILD_SA con5{102} state change: INSTALLED => DESTROYING
Nov 28 22:33:09 fw-1A charon[61694]: 13[NET] <504> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:09 fw-1A charon[61694]: 13[ENC] <504> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <504> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <504> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <504> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <504> IKE_SA (unnamed)[504] state change: CREATED => CONNECTING
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504> selecting proposal:
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504>   proposal matches
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <504> remote host is behind NAT
Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <504> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:09 fw-1A charon[61694]: 13[ENC] <504> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:09 fw-1A charon[61694]: 13[NET] <504> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:09 fw-1A charon[61694]: 13[NET] <504> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:09 fw-1A charon[61694]: 13[ENC] <504> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <504>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504> selected peer config 'con5'
Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> successfully created shared key MAC
Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> IKE_SA con5[504] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> IKE_SA con5[504] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> scheduling rekeying in 25556s
Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> maximum IKE_SA lifetime 28436s
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504> proposing traffic selectors for us:
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504>  192.168.152.0/29|/0
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504> proposing traffic selectors for other:
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504>  192.168.0.0/24|/0
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504>   candidate "con5" with prio 5+5
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504> found matching child config "con5" with prio 10
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504> selecting proposal:
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504>   proposal matches
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504> selecting traffic selectors for us:
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504> selecting traffic selectors for other:
Nov 28 22:33:09 fw-1A charon[61694]: 13[CFG] <con5|504>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:09 fw-1A charon[61694]: 13[CHD] <con5|504> CHILD_SA con5{103} state change: CREATED => INSTALLING
Nov 28 22:33:09 fw-1A charon[61694]: 13[CHD] <con5|504>   using AES_CBC for encryption
Nov 28 22:33:09 fw-1A charon[61694]: 13[CHD] <con5|504>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:09 fw-1A charon[61694]: 13[CHD] <con5|504> adding inbound ESP SA
Nov 28 22:33:09 fw-1A charon[61694]: 13[CHD] <con5|504>   SPI 0xce651735, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:09 fw-1A charon[61694]: 13[CHD] <con5|504> adding outbound ESP SA
Nov 28 22:33:09 fw-1A charon[61694]: 13[CHD] <con5|504>   SPI 0x08ef2527, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> CHILD_SA con5{103} established with SPIs ce651735_i 08ef2527_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:09 fw-1A charon[61694]: 13[CHD] <con5|504> CHILD_SA con5{103} state change: INSTALLING => INSTALLED
Nov 28 22:33:09 fw-1A charon[61694]: 13[ENC] <con5|504> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:09 fw-1A charon[61694]: 13[NET] <con5|504> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:09 fw-1A charon[61694]: 13[NET] <con5|504> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (288 bytes)
Nov 28 22:33:09 fw-1A charon[61694]: 13[ENC] <con5|504> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> received DELETE for IKE_SA con5[504]
Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> deleting IKE_SA con5[504] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> IKE_SA con5[504] state change: ESTABLISHED => DELETING
Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> IKE_SA deleted
Nov 28 22:33:09 fw-1A charon[61694]: 13[ENC] <con5|504> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:09 fw-1A charon[61694]: 13[NET] <con5|504> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:09 fw-1A charon[61694]: 13[IKE] <con5|504> IKE_SA con5[504] state change: DELETING => DESTROYING
Nov 28 22:33:09 fw-1A charon[61694]: 13[CHD] <con5|504> CHILD_SA con5{103} state change: INSTALLED => DESTROYING
Nov 28 22:33:11 fw-1A charon[61694]: 13[NET] <505> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:11 fw-1A charon[61694]: 13[ENC] <505> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <505> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <505> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <505> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <505> IKE_SA (unnamed)[505] state change: CREATED => CONNECTING
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505> selecting proposal:
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505>   proposal matches
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <505> remote host is behind NAT
Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <505> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:11 fw-1A charon[61694]: 13[ENC] <505> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:11 fw-1A charon[61694]: 13[NET] <505> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:11 fw-1A charon[61694]: 13[NET] <505> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:11 fw-1A charon[61694]: 13[ENC] <505> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <505>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505> selected peer config 'con5'
Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> successfully created shared key MAC
Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> IKE_SA con5[505] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> IKE_SA con5[505] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> scheduling rekeying in 25108s
Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> maximum IKE_SA lifetime 27988s
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505> proposing traffic selectors for us:
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505>  192.168.152.0/29|/0
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505> proposing traffic selectors for other:
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505>  192.168.0.0/24|/0
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505>   candidate "con5" with prio 5+5
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505> found matching child config "con5" with prio 10
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505> selecting proposal:
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505>   proposal matches
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505> selecting traffic selectors for us:
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505> selecting traffic selectors for other:
Nov 28 22:33:11 fw-1A charon[61694]: 13[CFG] <con5|505>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:11 fw-1A charon[61694]: 13[CHD] <con5|505> CHILD_SA con5{104} state change: CREATED => INSTALLING
Nov 28 22:33:11 fw-1A charon[61694]: 13[CHD] <con5|505>   using AES_CBC for encryption
Nov 28 22:33:11 fw-1A charon[61694]: 13[CHD] <con5|505>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:11 fw-1A charon[61694]: 13[CHD] <con5|505> adding inbound ESP SA
Nov 28 22:33:11 fw-1A charon[61694]: 13[CHD] <con5|505>   SPI 0xc93ed738, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:11 fw-1A charon[61694]: 13[CHD] <con5|505> adding outbound ESP SA
Nov 28 22:33:11 fw-1A charon[61694]: 13[CHD] <con5|505>   SPI 0x078be48f, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> CHILD_SA con5{104} established with SPIs c93ed738_i 078be48f_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:11 fw-1A charon[61694]: 13[CHD] <con5|505> CHILD_SA con5{104} state change: INSTALLING => INSTALLED
Nov 28 22:33:11 fw-1A charon[61694]: 13[ENC] <con5|505> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:11 fw-1A charon[61694]: 13[NET] <con5|505> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:11 fw-1A charon[61694]: 13[NET] <con5|505> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (256 bytes)
Nov 28 22:33:11 fw-1A charon[61694]: 13[ENC] <con5|505> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> received DELETE for IKE_SA con5[505]
Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> deleting IKE_SA con5[505] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> IKE_SA con5[505] state change: ESTABLISHED => DELETING
Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> IKE_SA deleted
Nov 28 22:33:11 fw-1A charon[61694]: 13[ENC] <con5|505> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:11 fw-1A charon[61694]: 13[NET] <con5|505> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:11 fw-1A charon[61694]: 13[IKE] <con5|505> IKE_SA con5[505] state change: DELETING => DESTROYING
Nov 28 22:33:11 fw-1A charon[61694]: 13[CHD] <con5|505> CHILD_SA con5{104} state change: INSTALLED => DESTROYING
Nov 28 22:33:12 fw-1A charon[61694]: 09[CFG] vici client 324 connected
Nov 28 22:33:12 fw-1A charon[61694]: 11[CFG] vici client 324 registered for: list-sa
Nov 28 22:33:12 fw-1A charon[61694]: 09[CFG] vici client 324 requests: list-sas
Nov 28 22:33:12 fw-1A charon[61694]: 11[CFG] vici client 324 disconnected
Nov 28 22:33:13 fw-1A charon[61694]: 11[NET] <506> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:13 fw-1A charon[61694]: 11[ENC] <506> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <506> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <506> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <506> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <506> IKE_SA (unnamed)[506] state change: CREATED => CONNECTING
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506> selecting proposal:
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506>   proposal matches
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <506> remote host is behind NAT
Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <506> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:13 fw-1A charon[61694]: 11[ENC] <506> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:13 fw-1A charon[61694]: 11[NET] <506> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|500> retransmit 2 of request with message ID 1
Nov 28 22:33:13 fw-1A charon[61694]: 11[NET] <con5|500> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (272 bytes)
Nov 28 22:33:13 fw-1A charon[61694]: 11[NET] <506> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (416 bytes)
Nov 28 22:33:13 fw-1A charon[61694]: 11[ENC] <506> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <506>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506> selected peer config 'con5'
Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> successfully created shared key MAC
Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> IKE_SA con5[506] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> IKE_SA con5[506] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> scheduling rekeying in 24980s
Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> maximum IKE_SA lifetime 27860s
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506> proposing traffic selectors for us:
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506>  192.168.152.0/29|/0
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506> proposing traffic selectors for other:
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506>  192.168.0.0/24|/0
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506>   candidate "con5" with prio 5+5
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506> found matching child config "con5" with prio 10
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506> selecting proposal:
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506>   proposal matches
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506> selecting traffic selectors for us:
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506> selecting traffic selectors for other:
Nov 28 22:33:13 fw-1A charon[61694]: 11[CFG] <con5|506>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:13 fw-1A charon[61694]: 11[CHD] <con5|506> CHILD_SA con5{105} state change: CREATED => INSTALLING
Nov 28 22:33:13 fw-1A charon[61694]: 11[CHD] <con5|506>   using AES_CBC for encryption
Nov 28 22:33:13 fw-1A charon[61694]: 11[CHD] <con5|506>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:13 fw-1A charon[61694]: 11[CHD] <con5|506> adding inbound ESP SA
Nov 28 22:33:13 fw-1A charon[61694]: 11[CHD] <con5|506>   SPI 0xcbe7fb7e, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:13 fw-1A charon[61694]: 11[CHD] <con5|506> adding outbound ESP SA
Nov 28 22:33:13 fw-1A charon[61694]: 11[CHD] <con5|506>   SPI 0x0ccae478, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> CHILD_SA con5{105} established with SPIs cbe7fb7e_i 0ccae478_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:13 fw-1A charon[61694]: 11[CHD] <con5|506> CHILD_SA con5{105} state change: INSTALLING => INSTALLED
Nov 28 22:33:13 fw-1A charon[61694]: 11[ENC] <con5|506> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:13 fw-1A charon[61694]: 11[NET] <con5|506> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:13 fw-1A charon[61694]: 11[NET] <con5|506> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (240 bytes)
Nov 28 22:33:13 fw-1A charon[61694]: 11[ENC] <con5|506> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> received DELETE for IKE_SA con5[506]
Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> deleting IKE_SA con5[506] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> IKE_SA con5[506] state change: ESTABLISHED => DELETING
Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> IKE_SA deleted
Nov 28 22:33:13 fw-1A charon[61694]: 11[ENC] <con5|506> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:13 fw-1A charon[61694]: 11[NET] <con5|506> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:13 fw-1A charon[61694]: 11[IKE] <con5|506> IKE_SA con5[506] state change: DELETING => DESTROYING
Nov 28 22:33:13 fw-1A charon[61694]: 11[CHD] <con5|506> CHILD_SA con5{105} state change: INSTALLED => DESTROYING
Nov 28 22:33:14 fw-1A charon[61694]: 09[KNL] creating acquire job for policy 197.214.xxx.yyy/32|/0 === 196.250.128.24/32|/0 with reqid {2}
Nov 28 22:33:14 fw-1A charon[61694]: 11[CFG] ignoring acquire for reqid 2, connection attempt pending
Nov 28 22:33:15 fw-1A charon[61694]: 11[NET] <507> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:15 fw-1A charon[61694]: 11[ENC] <507> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:15 fw-1A charon[61694]: 11[IKE] <507> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:15 fw-1A charon[61694]: 11[IKE] <507> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:15 fw-1A charon[61694]: 11[IKE] <507> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:15 fw-1A charon[61694]: 11[IKE] <507> IKE_SA (unnamed)[507] state change: CREATED => CONNECTING
Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507> selecting proposal:
Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507>   proposal matches
Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:15 fw-1A charon[61694]: 11[CFG] <507> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:15 fw-1A charon[61694]: 11[IKE] <507> remote host is behind NAT
Nov 28 22:33:15 fw-1A charon[61694]: 11[IKE] <507> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:15 fw-1A charon[61694]: 11[ENC] <507> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:15 fw-1A charon[61694]: 11[NET] <507> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:16 fw-1A charon[61694]: 11[NET] <507> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (480 bytes)
Nov 28 22:33:16 fw-1A charon[61694]: 11[ENC] <507> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <507> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <507>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <507>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507> selected peer config 'con5'
Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> successfully created shared key MAC
Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> IKE_SA con5[507] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> IKE_SA con5[507] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> scheduling rekeying in 23264s
Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> maximum IKE_SA lifetime 26144s
Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507> proposing traffic selectors for us:
Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507>  192.168.152.0/29|/0
Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507> proposing traffic selectors for other:
Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507>  192.168.0.0/24|/0
Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507>   candidate "con5" with prio 5+5
Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507> found matching child config "con5" with prio 10
Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507> selecting proposal:
Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507>   proposal matches
Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507> selecting traffic selectors for us:
Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507> selecting traffic selectors for other:
Nov 28 22:33:16 fw-1A charon[61694]: 11[CFG] <con5|507>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:16 fw-1A charon[61694]: 11[CHD] <con5|507> CHILD_SA con5{106} state change: CREATED => INSTALLING
Nov 28 22:33:16 fw-1A charon[61694]: 11[CHD] <con5|507>   using AES_CBC for encryption
Nov 28 22:33:16 fw-1A charon[61694]: 11[CHD] <con5|507>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:16 fw-1A charon[61694]: 11[CHD] <con5|507> adding inbound ESP SA
Nov 28 22:33:16 fw-1A charon[61694]: 11[CHD] <con5|507>   SPI 0xcddd25a1, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:16 fw-1A charon[61694]: 11[CHD] <con5|507> adding outbound ESP SA
Nov 28 22:33:16 fw-1A charon[61694]: 11[CHD] <con5|507>   SPI 0x01d6cf21, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> CHILD_SA con5{106} established with SPIs cddd25a1_i 01d6cf21_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:16 fw-1A charon[61694]: 11[CHD] <con5|507> CHILD_SA con5{106} state change: INSTALLING => INSTALLED
Nov 28 22:33:16 fw-1A charon[61694]: 11[ENC] <con5|507> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:16 fw-1A charon[61694]: 11[NET] <con5|507> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:16 fw-1A charon[61694]: 11[NET] <con5|507> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (224 bytes)
Nov 28 22:33:16 fw-1A charon[61694]: 11[ENC] <con5|507> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> received DELETE for IKE_SA con5[507]
Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> deleting IKE_SA con5[507] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> IKE_SA con5[507] state change: ESTABLISHED => DELETING
Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> IKE_SA deleted
Nov 28 22:33:16 fw-1A charon[61694]: 11[ENC] <con5|507> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:16 fw-1A charon[61694]: 11[NET] <con5|507> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:16 fw-1A charon[61694]: 11[IKE] <con5|507> IKE_SA con5[507] state change: DELETING => DESTROYING
Nov 28 22:33:16 fw-1A charon[61694]: 11[CHD] <con5|507> CHILD_SA con5{106} state change: INSTALLED => DESTROYING
Nov 28 22:33:17 fw-1A charon[61694]: 11[CFG] vici client 325 connected
Nov 28 22:33:17 fw-1A charon[61694]: 12[CFG] vici client 325 registered for: list-sa
Nov 28 22:33:17 fw-1A charon[61694]: 12[CFG] vici client 325 requests: list-sas
Nov 28 22:33:17 fw-1A charon[61694]: 05[CFG] vici client 325 disconnected
Nov 28 22:33:18 fw-1A charon[61694]: 05[NET] <508> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:18 fw-1A charon[61694]: 05[ENC] <508> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <508> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <508> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <508> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <508> IKE_SA (unnamed)[508] state change: CREATED => CONNECTING
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508> selecting proposal:
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508>   proposal matches
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <508> remote host is behind NAT
Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <508> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:18 fw-1A charon[61694]: 05[ENC] <508> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:18 fw-1A charon[61694]: 05[NET] <508> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:18 fw-1A charon[61694]: 05[NET] <508> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:18 fw-1A charon[61694]: 05[ENC] <508> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <508>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508> selected peer config 'con5'
Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> successfully created shared key MAC
Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> IKE_SA con5[508] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> IKE_SA con5[508] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> scheduling rekeying in 24090s
Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> maximum IKE_SA lifetime 26970s
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508> proposing traffic selectors for us:
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508>  192.168.152.0/29|/0
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508> proposing traffic selectors for other:
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508>  192.168.0.0/24|/0
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508>   candidate "con5" with prio 5+5
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508> found matching child config "con5" with prio 10
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508> selecting proposal:
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508>   proposal matches
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508> selecting traffic selectors for us:
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508> selecting traffic selectors for other:
Nov 28 22:33:18 fw-1A charon[61694]: 05[CFG] <con5|508>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:18 fw-1A charon[61694]: 05[CHD] <con5|508> CHILD_SA con5{107} state change: CREATED => INSTALLING
Nov 28 22:33:18 fw-1A charon[61694]: 05[CHD] <con5|508>   using AES_CBC for encryption
Nov 28 22:33:18 fw-1A charon[61694]: 05[CHD] <con5|508>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:18 fw-1A charon[61694]: 05[CHD] <con5|508> adding inbound ESP SA
Nov 28 22:33:18 fw-1A charon[61694]: 05[CHD] <con5|508>   SPI 0xc97c52ca, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:18 fw-1A charon[61694]: 05[CHD] <con5|508> adding outbound ESP SA
Nov 28 22:33:18 fw-1A charon[61694]: 05[CHD] <con5|508>   SPI 0x04e45bf1, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> CHILD_SA con5{107} established with SPIs c97c52ca_i 04e45bf1_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:18 fw-1A charon[61694]: 05[CHD] <con5|508> CHILD_SA con5{107} state change: INSTALLING => INSTALLED
Nov 28 22:33:18 fw-1A charon[61694]: 05[ENC] <con5|508> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:18 fw-1A charon[61694]: 05[NET] <con5|508> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:18 fw-1A charon[61694]: 05[NET] <con5|508> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (256 bytes)
Nov 28 22:33:18 fw-1A charon[61694]: 05[ENC] <con5|508> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> received DELETE for IKE_SA con5[508]
Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> deleting IKE_SA con5[508] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> IKE_SA con5[508] state change: ESTABLISHED => DELETING
Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> IKE_SA deleted
Nov 28 22:33:18 fw-1A charon[61694]: 05[ENC] <con5|508> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:18 fw-1A charon[61694]: 05[NET] <con5|508> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:18 fw-1A charon[61694]: 05[IKE] <con5|508> IKE_SA con5[508] state change: DELETING => DESTROYING
Nov 28 22:33:18 fw-1A charon[61694]: 05[CHD] <con5|508> CHILD_SA con5{107} state change: INSTALLED => DESTROYING
Nov 28 22:33:19 fw-1A charon[61694]: 06[NET] <509> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:19 fw-1A charon[61694]: 06[ENC] <509> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:19 fw-1A charon[61694]: 06[IKE] <509> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:19 fw-1A charon[61694]: 06[IKE] <509> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:19 fw-1A charon[61694]: 06[IKE] <509> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:19 fw-1A charon[61694]: 06[IKE] <509> IKE_SA (unnamed)[509] state change: CREATED => CONNECTING
Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509> selecting proposal:
Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509>   proposal matches
Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:19 fw-1A charon[61694]: 06[CFG] <509> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:19 fw-1A charon[61694]: 06[IKE] <509> remote host is behind NAT
Nov 28 22:33:19 fw-1A charon[61694]: 06[IKE] <509> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:19 fw-1A charon[61694]: 06[ENC] <509> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:19 fw-1A charon[61694]: 06[NET] <509> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:20 fw-1A charon[61694]: 06[NET] <509> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (464 bytes)
Nov 28 22:33:20 fw-1A charon[61694]: 06[ENC] <509> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <509> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <509>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <509>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509> selected peer config 'con5'
Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> successfully created shared key MAC
Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> IKE_SA con5[509] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> IKE_SA con5[509] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> scheduling rekeying in 24386s
Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> maximum IKE_SA lifetime 27266s
Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509> proposing traffic selectors for us:
Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509>  192.168.152.0/29|/0
Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509> proposing traffic selectors for other:
Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509>  192.168.0.0/24|/0
Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509>   candidate "con5" with prio 5+5
Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509> found matching child config "con5" with prio 10
Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509> selecting proposal:
Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509>   proposal matches
Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509> selecting traffic selectors for us:
Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509> selecting traffic selectors for other:
Nov 28 22:33:20 fw-1A charon[61694]: 06[CFG] <con5|509>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:20 fw-1A charon[61694]: 06[CHD] <con5|509> CHILD_SA con5{108} state change: CREATED => INSTALLING
Nov 28 22:33:20 fw-1A charon[61694]: 06[CHD] <con5|509>   using AES_CBC for encryption
Nov 28 22:33:20 fw-1A charon[61694]: 06[CHD] <con5|509>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:20 fw-1A charon[61694]: 06[CHD] <con5|509> adding inbound ESP SA
Nov 28 22:33:20 fw-1A charon[61694]: 06[CHD] <con5|509>   SPI 0xc7c5b389, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:20 fw-1A charon[61694]: 06[CHD] <con5|509> adding outbound ESP SA
Nov 28 22:33:20 fw-1A charon[61694]: 06[CHD] <con5|509>   SPI 0x0c046a0d, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> CHILD_SA con5{108} established with SPIs c7c5b389_i 0c046a0d_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:20 fw-1A charon[61694]: 06[CHD] <con5|509> CHILD_SA con5{108} state change: INSTALLING => INSTALLED
Nov 28 22:33:20 fw-1A charon[61694]: 06[ENC] <con5|509> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:20 fw-1A charon[61694]: 06[NET] <con5|509> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:20 fw-1A charon[61694]: 06[NET] <con5|509> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (272 bytes)
Nov 28 22:33:20 fw-1A charon[61694]: 06[ENC] <con5|509> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> received DELETE for IKE_SA con5[509]
Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> deleting IKE_SA con5[509] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> IKE_SA con5[509] state change: ESTABLISHED => DELETING
Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> IKE_SA deleted
Nov 28 22:33:20 fw-1A charon[61694]: 06[ENC] <con5|509> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:20 fw-1A charon[61694]: 06[NET] <con5|509> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:20 fw-1A charon[61694]: 06[IKE] <con5|509> IKE_SA con5[509] state change: DELETING => DESTROYING
Nov 28 22:33:20 fw-1A charon[61694]: 06[CHD] <con5|509> CHILD_SA con5{108} state change: INSTALLED => DESTROYING
Nov 28 22:33:21 fw-1A charon[61694]: 06[NET] <510> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:21 fw-1A charon[61694]: 06[ENC] <510> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <510> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <510> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <510> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <510> IKE_SA (unnamed)[510] state change: CREATED => CONNECTING
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510> selecting proposal:
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510>   proposal matches
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <510> remote host is behind NAT
Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <510> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:21 fw-1A charon[61694]: 06[ENC] <510> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:21 fw-1A charon[61694]: 06[NET] <510> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:21 fw-1A charon[61694]: 06[NET] <510> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:21 fw-1A charon[61694]: 06[ENC] <510> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <510>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510> selected peer config 'con5'
Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> successfully created shared key MAC
Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> IKE_SA con5[510] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> IKE_SA con5[510] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> scheduling rekeying in 25333s
Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> maximum IKE_SA lifetime 28213s
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510> proposing traffic selectors for us:
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510>  192.168.152.0/29|/0
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510> proposing traffic selectors for other:
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510>  192.168.0.0/24|/0
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510>   candidate "con5" with prio 5+5
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510> found matching child config "con5" with prio 10
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510> selecting proposal:
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510>   proposal matches
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510> selecting traffic selectors for us:
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510> selecting traffic selectors for other:
Nov 28 22:33:21 fw-1A charon[61694]: 06[CFG] <con5|510>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:21 fw-1A charon[61694]: 06[CHD] <con5|510> CHILD_SA con5{109} state change: CREATED => INSTALLING
Nov 28 22:33:21 fw-1A charon[61694]: 06[CHD] <con5|510>   using AES_CBC for encryption
Nov 28 22:33:21 fw-1A charon[61694]: 06[CHD] <con5|510>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:21 fw-1A charon[61694]: 06[CHD] <con5|510> adding inbound ESP SA
Nov 28 22:33:21 fw-1A charon[61694]: 06[CHD] <con5|510>   SPI 0xc9cbb3c8, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:21 fw-1A charon[61694]: 06[CHD] <con5|510> adding outbound ESP SA
Nov 28 22:33:21 fw-1A charon[61694]: 06[CHD] <con5|510>   SPI 0x04db23c4, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> CHILD_SA con5{109} established with SPIs c9cbb3c8_i 04db23c4_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:21 fw-1A charon[61694]: 06[CHD] <con5|510> CHILD_SA con5{109} state change: INSTALLING => INSTALLED
Nov 28 22:33:21 fw-1A charon[61694]: 06[ENC] <con5|510> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:21 fw-1A charon[61694]: 06[NET] <con5|510> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:21 fw-1A charon[61694]: 06[NET] <con5|510> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (256 bytes)
Nov 28 22:33:21 fw-1A charon[61694]: 06[ENC] <con5|510> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> received DELETE for IKE_SA con5[510]
Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> deleting IKE_SA con5[510] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> IKE_SA con5[510] state change: ESTABLISHED => DELETING
Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> IKE_SA deleted
Nov 28 22:33:21 fw-1A charon[61694]: 06[ENC] <con5|510> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:21 fw-1A charon[61694]: 06[NET] <con5|510> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:21 fw-1A charon[61694]: 06[IKE] <con5|510> IKE_SA con5[510] state change: DELETING => DESTROYING
Nov 28 22:33:21 fw-1A charon[61694]: 06[CHD] <con5|510> CHILD_SA con5{109} state change: INSTALLED => DESTROYING
Nov 28 22:33:22 fw-1A charon[61694]: 10[CFG] vici client 326 connected
Nov 28 22:33:22 fw-1A charon[61694]: 14[CFG] vici client 326 registered for: list-sa
Nov 28 22:33:22 fw-1A charon[61694]: 06[CFG] vici client 326 requests: list-sas
Nov 28 22:33:22 fw-1A charon[61694]: 14[CFG] vici client 326 disconnected
Nov 28 22:33:23 fw-1A charon[61694]: 06[NET] <511> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:23 fw-1A charon[61694]: 06[ENC] <511> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <511> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <511> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <511> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <511> IKE_SA (unnamed)[511] state change: CREATED => CONNECTING
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511> selecting proposal:
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511>   proposal matches
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <511> remote host is behind NAT
Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <511> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:23 fw-1A charon[61694]: 06[ENC] <511> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:23 fw-1A charon[61694]: 06[NET] <511> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:23 fw-1A charon[61694]: 06[NET] <511> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (480 bytes)
Nov 28 22:33:23 fw-1A charon[61694]: 06[ENC] <511> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <511>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511> selected peer config 'con5'
Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> successfully created shared key MAC
Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> IKE_SA con5[511] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> IKE_SA con5[511] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> scheduling rekeying in 24949s
Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> maximum IKE_SA lifetime 27829s
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511> proposing traffic selectors for us:
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511>  192.168.152.0/29|/0
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511> proposing traffic selectors for other:
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511>  192.168.0.0/24|/0
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511>   candidate "con5" with prio 5+5
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511> found matching child config "con5" with prio 10
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511> selecting proposal:
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511>   proposal matches
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511> selecting traffic selectors for us:
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511> selecting traffic selectors for other:
Nov 28 22:33:23 fw-1A charon[61694]: 06[CFG] <con5|511>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:23 fw-1A charon[61694]: 06[CHD] <con5|511> CHILD_SA con5{110} state change: CREATED => INSTALLING
Nov 28 22:33:23 fw-1A charon[61694]: 06[CHD] <con5|511>   using AES_CBC for encryption
Nov 28 22:33:23 fw-1A charon[61694]: 06[CHD] <con5|511>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:23 fw-1A charon[61694]: 06[CHD] <con5|511> adding inbound ESP SA
Nov 28 22:33:23 fw-1A charon[61694]: 06[CHD] <con5|511>   SPI 0xcef661c0, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:23 fw-1A charon[61694]: 06[CHD] <con5|511> adding outbound ESP SA
Nov 28 22:33:23 fw-1A charon[61694]: 06[CHD] <con5|511>   SPI 0x080c67f0, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> CHILD_SA con5{110} established with SPIs cef661c0_i 080c67f0_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:23 fw-1A charon[61694]: 06[CHD] <con5|511> CHILD_SA con5{110} state change: INSTALLING => INSTALLED
Nov 28 22:33:23 fw-1A charon[61694]: 06[ENC] <con5|511> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:23 fw-1A charon[61694]: 06[NET] <con5|511> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:23 fw-1A charon[61694]: 06[NET] <con5|511> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (288 bytes)
Nov 28 22:33:23 fw-1A charon[61694]: 06[ENC] <con5|511> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> received DELETE for IKE_SA con5[511]
Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> deleting IKE_SA con5[511] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> IKE_SA con5[511] state change: ESTABLISHED => DELETING
Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> IKE_SA deleted
Nov 28 22:33:23 fw-1A charon[61694]: 06[ENC] <con5|511> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:23 fw-1A charon[61694]: 06[NET] <con5|511> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:23 fw-1A charon[61694]: 06[IKE] <con5|511> IKE_SA con5[511] state change: DELETING => DESTROYING
Nov 28 22:33:23 fw-1A charon[61694]: 06[CHD] <con5|511> CHILD_SA con5{110} state change: INSTALLED => DESTROYING
Nov 28 22:33:24 fw-1A charon[61694]: 06[NET] <512> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:24 fw-1A charon[61694]: 06[ENC] <512> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:24 fw-1A charon[61694]: 06[IKE] <512> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:24 fw-1A charon[61694]: 06[IKE] <512> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:24 fw-1A charon[61694]: 06[IKE] <512> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:24 fw-1A charon[61694]: 06[IKE] <512> IKE_SA (unnamed)[512] state change: CREATED => CONNECTING
Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512> selecting proposal:
Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512>   proposal matches
Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:24 fw-1A charon[61694]: 06[CFG] <512> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:24 fw-1A charon[61694]: 06[IKE] <512> remote host is behind NAT
Nov 28 22:33:24 fw-1A charon[61694]: 06[IKE] <512> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:24 fw-1A charon[61694]: 06[ENC] <512> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:24 fw-1A charon[61694]: 06[NET] <512> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:25 fw-1A charon[61694]: 06[NET] <512> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (416 bytes)
Nov 28 22:33:25 fw-1A charon[61694]: 06[ENC] <512> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <512> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <512>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <512>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512> selected peer config 'con5'
Nov 28 22:33:25 fw-1A charon[61694]: 06[IKE] <con5|512> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:25 fw-1A charon[61694]: 06[IKE] <con5|512> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:25 fw-1A charon[61694]: 06[IKE] <con5|512> successfully created shared key MAC
Nov 28 22:33:25 fw-1A charon[61694]: 06[IKE] <con5|512> IKE_SA con5[512] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:25 fw-1A charon[61694]: 06[IKE] <con5|512> IKE_SA con5[512] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:25 fw-1A charon[61694]: 06[IKE] <con5|512> scheduling rekeying in 24417s
Nov 28 22:33:25 fw-1A charon[61694]: 06[IKE] <con5|512> maximum IKE_SA lifetime 27297s
Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512> proposing traffic selectors for us:
Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512>  192.168.152.0/29|/0
Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512> proposing traffic selectors for other:
Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512>  192.168.0.0/24|/0
Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512>   candidate "con5" with prio 5+5
Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512> found matching child config "con5" with prio 10
Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512> selecting proposal:
Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512>   proposal matches
Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512> selecting traffic selectors for us:
Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512> selecting traffic selectors for other:
Nov 28 22:33:25 fw-1A charon[61694]: 06[CFG] <con5|512>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:25 fw-1A charon[61694]: 06[CHD] <con5|512> CHILD_SA con5{111} state change: CREATED => INSTALLING
Nov 28 22:33:25 fw-1A charon[61694]: 06[CHD] <con5|512>   using AES_CBC for encryption
Nov 28 22:33:25 fw-1A charon[61694]: 06[CHD] <con5|512>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:25 fw-1A charon[61694]: 06[CHD] <con5|512> adding inbound ESP SA
Nov 28 22:33:25 fw-1A charon[61694]: 06[CHD] <con5|512>   SPI 0xc3f36f40, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:25 fw-1A charon[61694]: 06[CHD] <con5|512> adding outbound ESP SA
Nov 28 22:33:25 fw-1A charon[61694]: 06[CHD] <con5|512>   SPI 0x0f8fdfa2, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:25 fw-1A charon[61694]: 06[IKE] <con5|512> CHILD_SA con5{111} established with SPIs c3f36f40_i 0f8fdfa2_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:25 fw-1A charon[61694]: 06[CHD] <con5|512> CHILD_SA con5{111} state change: INSTALLING => INSTALLED
Nov 28 22:33:25 fw-1A charon[61694]: 06[ENC] <con5|512> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:25 fw-1A charon[61694]: 06[NET] <con5|512> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:25 fw-1A charon[61694]: 07[NET] <con5|512> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (288 bytes)
Nov 28 22:33:25 fw-1A charon[61694]: 07[ENC] <con5|512> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:25 fw-1A charon[61694]: 07[IKE] <con5|512> received DELETE for IKE_SA con5[512]
Nov 28 22:33:25 fw-1A charon[61694]: 07[IKE] <con5|512> deleting IKE_SA con5[512] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:25 fw-1A charon[61694]: 07[IKE] <con5|512> IKE_SA con5[512] state change: ESTABLISHED => DELETING
Nov 28 22:33:25 fw-1A charon[61694]: 07[IKE] <con5|512> IKE_SA deleted
Nov 28 22:33:25 fw-1A charon[61694]: 07[ENC] <con5|512> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:25 fw-1A charon[61694]: 07[NET] <con5|512> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:25 fw-1A charon[61694]: 07[IKE] <con5|512> IKE_SA con5[512] state change: DELETING => DESTROYING
Nov 28 22:33:25 fw-1A charon[61694]: 07[CHD] <con5|512> CHILD_SA con5{111} state change: INSTALLED => DESTROYING
Nov 28 22:33:26 fw-1A charon[61694]: 07[IKE] <con5|500> retransmit 3 of request with message ID 1
Nov 28 22:33:26 fw-1A charon[61694]: 07[NET] <con5|500> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (272 bytes)
Nov 28 22:33:26 fw-1A charon[61694]: 07[KNL] creating acquire job for policy 197.214.xxx.yyy/32|/0 === 196.250.128.24/32|/0 with reqid {2}
Nov 28 22:33:26 fw-1A charon[61694]: 07[CFG] ignoring acquire for reqid 2, connection attempt pending
Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] vici client 327 connected
Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] vici client 327 registered for: list-sa
Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] vici client 327 requests: list-sas
Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] vici client 327 disconnected
Nov 28 22:33:27 fw-1A charon[61694]: 16[NET] <513> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:27 fw-1A charon[61694]: 16[ENC] <513> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:27 fw-1A charon[61694]: 16[IKE] <513> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:27 fw-1A charon[61694]: 16[IKE] <513> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:27 fw-1A charon[61694]: 16[IKE] <513> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:27 fw-1A charon[61694]: 16[IKE] <513> IKE_SA (unnamed)[513] state change: CREATED => CONNECTING
Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513> selecting proposal:
Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513>   proposal matches
Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:27 fw-1A charon[61694]: 16[CFG] <513> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:27 fw-1A charon[61694]: 16[IKE] <513> remote host is behind NAT
Nov 28 22:33:27 fw-1A charon[61694]: 16[IKE] <513> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:27 fw-1A charon[61694]: 16[ENC] <513> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:27 fw-1A charon[61694]: 16[NET] <513> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:28 fw-1A charon[61694]: 16[NET] <513> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:28 fw-1A charon[61694]: 16[ENC] <513> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <513> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <513>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <513>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513> selected peer config 'con5'
Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> successfully created shared key MAC
Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> IKE_SA con5[513] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> IKE_SA con5[513] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> scheduling rekeying in 25789s
Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> maximum IKE_SA lifetime 28669s
Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513> proposing traffic selectors for us:
Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513>  192.168.152.0/29|/0
Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513> proposing traffic selectors for other:
Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513>  192.168.0.0/24|/0
Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513>   candidate "con5" with prio 5+5
Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513> found matching child config "con5" with prio 10
Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513> selecting proposal:
Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513>   proposal matches
Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513> selecting traffic selectors for us:
Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513> selecting traffic selectors for other:
Nov 28 22:33:28 fw-1A charon[61694]: 16[CFG] <con5|513>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:28 fw-1A charon[61694]: 16[CHD] <con5|513> CHILD_SA con5{112} state change: CREATED => INSTALLING
Nov 28 22:33:28 fw-1A charon[61694]: 16[CHD] <con5|513>   using AES_CBC for encryption
Nov 28 22:33:28 fw-1A charon[61694]: 16[CHD] <con5|513>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:28 fw-1A charon[61694]: 16[CHD] <con5|513> adding inbound ESP SA
Nov 28 22:33:28 fw-1A charon[61694]: 16[CHD] <con5|513>   SPI 0xc192f06a, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:28 fw-1A charon[61694]: 16[CHD] <con5|513> adding outbound ESP SA
Nov 28 22:33:28 fw-1A charon[61694]: 16[CHD] <con5|513>   SPI 0x04846a05, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> CHILD_SA con5{112} established with SPIs c192f06a_i 04846a05_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:28 fw-1A charon[61694]: 16[CHD] <con5|513> CHILD_SA con5{112} state change: INSTALLING => INSTALLED
Nov 28 22:33:28 fw-1A charon[61694]: 16[ENC] <con5|513> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:28 fw-1A charon[61694]: 16[NET] <con5|513> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:28 fw-1A charon[61694]: 16[NET] <con5|513> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (240 bytes)
Nov 28 22:33:28 fw-1A charon[61694]: 16[ENC] <con5|513> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> received DELETE for IKE_SA con5[513]
Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> deleting IKE_SA con5[513] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> IKE_SA con5[513] state change: ESTABLISHED => DELETING
Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> IKE_SA deleted
Nov 28 22:33:28 fw-1A charon[61694]: 16[ENC] <con5|513> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:28 fw-1A charon[61694]: 16[NET] <con5|513> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:28 fw-1A charon[61694]: 16[IKE] <con5|513> IKE_SA con5[513] state change: DELETING => DESTROYING
Nov 28 22:33:28 fw-1A charon[61694]: 16[CHD] <con5|513> CHILD_SA con5{112} state change: INSTALLED => DESTROYING
Nov 28 22:33:30 fw-1A charon[61694]: 13[NET] <514> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:30 fw-1A charon[61694]: 13[ENC] <514> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <514> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <514> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <514> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <514> IKE_SA (unnamed)[514] state change: CREATED => CONNECTING
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514> selecting proposal:
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514>   proposal matches
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <514> remote host is behind NAT
Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <514> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:30 fw-1A charon[61694]: 13[ENC] <514> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:30 fw-1A charon[61694]: 13[NET] <514> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:30 fw-1A charon[61694]: 13[NET] <514> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (464 bytes)
Nov 28 22:33:30 fw-1A charon[61694]: 13[ENC] <514> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <514>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514> selected peer config 'con5'
Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> successfully created shared key MAC
Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> IKE_SA con5[514] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> IKE_SA con5[514] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> scheduling rekeying in 23522s
Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> maximum IKE_SA lifetime 26402s
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514> proposing traffic selectors for us:
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514>  192.168.152.0/29|/0
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514> proposing traffic selectors for other:
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514>  192.168.0.0/24|/0
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514>   candidate "con5" with prio 5+5
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514> found matching child config "con5" with prio 10
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514> selecting proposal:
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514>   proposal matches
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514> selecting traffic selectors for us:
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514> selecting traffic selectors for other:
Nov 28 22:33:30 fw-1A charon[61694]: 13[CFG] <con5|514>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:30 fw-1A charon[61694]: 13[CHD] <con5|514> CHILD_SA con5{113} state change: CREATED => INSTALLING
Nov 28 22:33:30 fw-1A charon[61694]: 13[CHD] <con5|514>   using AES_CBC for encryption
Nov 28 22:33:30 fw-1A charon[61694]: 13[CHD] <con5|514>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:30 fw-1A charon[61694]: 13[CHD] <con5|514> adding inbound ESP SA
Nov 28 22:33:30 fw-1A charon[61694]: 13[CHD] <con5|514>   SPI 0xc452e5ac, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:30 fw-1A charon[61694]: 13[CHD] <con5|514> adding outbound ESP SA
Nov 28 22:33:30 fw-1A charon[61694]: 13[CHD] <con5|514>   SPI 0x0856ef79, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> CHILD_SA con5{113} established with SPIs c452e5ac_i 0856ef79_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:30 fw-1A charon[61694]: 13[CHD] <con5|514> CHILD_SA con5{113} state change: INSTALLING => INSTALLED
Nov 28 22:33:30 fw-1A charon[61694]: 13[ENC] <con5|514> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:30 fw-1A charon[61694]: 13[NET] <con5|514> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:30 fw-1A charon[61694]: 13[NET] <con5|514> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (272 bytes)
Nov 28 22:33:30 fw-1A charon[61694]: 13[ENC] <con5|514> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> received DELETE for IKE_SA con5[514]
Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> deleting IKE_SA con5[514] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> IKE_SA con5[514] state change: ESTABLISHED => DELETING
Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> IKE_SA deleted
Nov 28 22:33:30 fw-1A charon[61694]: 13[ENC] <con5|514> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:30 fw-1A charon[61694]: 13[NET] <con5|514> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:30 fw-1A charon[61694]: 13[IKE] <con5|514> IKE_SA con5[514] state change: DELETING => DESTROYING
Nov 28 22:33:30 fw-1A charon[61694]: 13[CHD] <con5|514> CHILD_SA con5{113} state change: INSTALLED => DESTROYING
Nov 28 22:33:32 fw-1A charon[61694]: 13[CFG] vici client 328 connected
Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] vici client 328 registered for: list-sa
Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] vici client 328 requests: list-sas
Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] vici client 328 disconnected
Nov 28 22:33:32 fw-1A charon[61694]: 09[NET] <515> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:32 fw-1A charon[61694]: 09[ENC] <515> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:32 fw-1A charon[61694]: 09[IKE] <515> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:32 fw-1A charon[61694]: 09[IKE] <515> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:32 fw-1A charon[61694]: 09[IKE] <515> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:32 fw-1A charon[61694]: 09[IKE] <515> IKE_SA (unnamed)[515] state change: CREATED => CONNECTING
Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515> selecting proposal:
Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515>   proposal matches
Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:32 fw-1A charon[61694]: 09[CFG] <515> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:32 fw-1A charon[61694]: 09[IKE] <515> remote host is behind NAT
Nov 28 22:33:32 fw-1A charon[61694]: 09[IKE] <515> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:32 fw-1A charon[61694]: 09[ENC] <515> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:32 fw-1A charon[61694]: 09[NET] <515> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:33 fw-1A charon[61694]: 09[NET] <515> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:33 fw-1A charon[61694]: 09[ENC] <515> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <515> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <515>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <515>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515> selected peer config 'con5'
Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> successfully created shared key MAC
Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> IKE_SA con5[515] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> IKE_SA con5[515] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> scheduling rekeying in 24703s
Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> maximum IKE_SA lifetime 27583s
Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515> proposing traffic selectors for us:
Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515>  192.168.152.0/29|/0
Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515> proposing traffic selectors for other:
Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515>  192.168.0.0/24|/0
Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515>   candidate "con5" with prio 5+5
Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515> found matching child config "con5" with prio 10
Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515> selecting proposal:
Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515>   proposal matches
Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515> selecting traffic selectors for us:
Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515> selecting traffic selectors for other:
Nov 28 22:33:33 fw-1A charon[61694]: 09[CFG] <con5|515>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:33 fw-1A charon[61694]: 09[CHD] <con5|515> CHILD_SA con5{114} state change: CREATED => INSTALLING
Nov 28 22:33:33 fw-1A charon[61694]: 09[CHD] <con5|515>   using AES_CBC for encryption
Nov 28 22:33:33 fw-1A charon[61694]: 09[CHD] <con5|515>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:33 fw-1A charon[61694]: 09[CHD] <con5|515> adding inbound ESP SA
Nov 28 22:33:33 fw-1A charon[61694]: 09[CHD] <con5|515>   SPI 0xc33c10fc, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:33 fw-1A charon[61694]: 09[CHD] <con5|515> adding outbound ESP SA
Nov 28 22:33:33 fw-1A charon[61694]: 09[CHD] <con5|515>   SPI 0x0183f6e0, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> CHILD_SA con5{114} established with SPIs c33c10fc_i 0183f6e0_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:33 fw-1A charon[61694]: 09[CHD] <con5|515> CHILD_SA con5{114} state change: INSTALLING => INSTALLED
Nov 28 22:33:33 fw-1A charon[61694]: 09[ENC] <con5|515> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:33 fw-1A charon[61694]: 09[NET] <con5|515> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:33 fw-1A charon[61694]: 09[NET] <con5|515> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (272 bytes)
Nov 28 22:33:33 fw-1A charon[61694]: 09[ENC] <con5|515> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> received DELETE for IKE_SA con5[515]
Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> deleting IKE_SA con5[515] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> IKE_SA con5[515] state change: ESTABLISHED => DELETING
Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> IKE_SA deleted
Nov 28 22:33:33 fw-1A charon[61694]: 09[ENC] <con5|515> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:33 fw-1A charon[61694]: 09[NET] <con5|515> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:33 fw-1A charon[61694]: 09[IKE] <con5|515> IKE_SA con5[515] state change: DELETING => DESTROYING
Nov 28 22:33:33 fw-1A charon[61694]: 09[CHD] <con5|515> CHILD_SA con5{114} state change: INSTALLED => DESTROYING
Nov 28 22:33:35 fw-1A charon[61694]: 09[NET] <516> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:35 fw-1A charon[61694]: 09[ENC] <516> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <516> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <516> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <516> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <516> IKE_SA (unnamed)[516] state change: CREATED => CONNECTING
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516> selecting proposal:
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516>   proposal matches
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <516> remote host is behind NAT
Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <516> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:35 fw-1A charon[61694]: 09[ENC] <516> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:35 fw-1A charon[61694]: 09[NET] <516> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:35 fw-1A charon[61694]: 09[NET] <516> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (448 bytes)
Nov 28 22:33:35 fw-1A charon[61694]: 09[ENC] <516> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <516>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516> selected peer config 'con5'
Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> successfully created shared key MAC
Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> IKE_SA con5[516] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> IKE_SA con5[516] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> scheduling rekeying in 23799s
Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> maximum IKE_SA lifetime 26679s
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516> proposing traffic selectors for us:
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516>  192.168.152.0/29|/0
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516> proposing traffic selectors for other:
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516>  192.168.0.0/24|/0
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516>   candidate "con5" with prio 5+5
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516> found matching child config "con5" with prio 10
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516> selecting proposal:
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516>   proposal matches
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516> selecting traffic selectors for us:
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516> selecting traffic selectors for other:
Nov 28 22:33:35 fw-1A charon[61694]: 09[CFG] <con5|516>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:35 fw-1A charon[61694]: 09[CHD] <con5|516> CHILD_SA con5{115} state change: CREATED => INSTALLING
Nov 28 22:33:35 fw-1A charon[61694]: 09[CHD] <con5|516>   using AES_CBC for encryption
Nov 28 22:33:35 fw-1A charon[61694]: 09[CHD] <con5|516>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:35 fw-1A charon[61694]: 09[CHD] <con5|516> adding inbound ESP SA
Nov 28 22:33:35 fw-1A charon[61694]: 09[CHD] <con5|516>   SPI 0xc3637b16, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:35 fw-1A charon[61694]: 09[CHD] <con5|516> adding outbound ESP SA
Nov 28 22:33:35 fw-1A charon[61694]: 09[CHD] <con5|516>   SPI 0x0dea770c, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> CHILD_SA con5{115} established with SPIs c3637b16_i 0dea770c_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:35 fw-1A charon[61694]: 09[CHD] <con5|516> CHILD_SA con5{115} state change: INSTALLING => INSTALLED
Nov 28 22:33:35 fw-1A charon[61694]: 09[ENC] <con5|516> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:35 fw-1A charon[61694]: 09[NET] <con5|516> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:35 fw-1A charon[61694]: 09[NET] <con5|516> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (256 bytes)
Nov 28 22:33:35 fw-1A charon[61694]: 09[ENC] <con5|516> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> received DELETE for IKE_SA con5[516]
Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> deleting IKE_SA con5[516] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> IKE_SA con5[516] state change: ESTABLISHED => DELETING
Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> IKE_SA deleted
Nov 28 22:33:35 fw-1A charon[61694]: 09[ENC] <con5|516> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:35 fw-1A charon[61694]: 09[NET] <con5|516> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:35 fw-1A charon[61694]: 09[IKE] <con5|516> IKE_SA con5[516] state change: DELETING => DESTROYING
Nov 28 22:33:35 fw-1A charon[61694]: 09[CHD] <con5|516> CHILD_SA con5{115} state change: INSTALLED => DESTROYING
Nov 28 22:33:36 fw-1A charon[61694]: 09[NET] <517> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:36 fw-1A charon[61694]: 09[ENC] <517> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:36 fw-1A charon[61694]: 09[IKE] <517> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:36 fw-1A charon[61694]: 09[IKE] <517> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:36 fw-1A charon[61694]: 09[IKE] <517> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:36 fw-1A charon[61694]: 09[IKE] <517> IKE_SA (unnamed)[517] state change: CREATED => CONNECTING
Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517> selecting proposal:
Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517>   proposal matches
Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:36 fw-1A charon[61694]: 09[CFG] <517> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:36 fw-1A charon[61694]: 09[IKE] <517> remote host is behind NAT
Nov 28 22:33:36 fw-1A charon[61694]: 09[IKE] <517> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:36 fw-1A charon[61694]: 09[ENC] <517> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:36 fw-1A charon[61694]: 09[NET] <517> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:36 fw-1A charon[61694]: 11[KNL] creating acquire job for policy 197.214.xxx.yyy/32|/0 === 196.250.128.24/32|/0 with reqid {2}
Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] ignoring acquire for reqid 2, connection attempt pending
Nov 28 22:33:36 fw-1A charon[61694]: 05[NET] <517> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (448 bytes)
Nov 28 22:33:36 fw-1A charon[61694]: 05[ENC] <517> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <517> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <517>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <517>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517> selected peer config 'con5'
Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> successfully created shared key MAC
Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> IKE_SA con5[517] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> IKE_SA con5[517] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> scheduling rekeying in 25465s
Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> maximum IKE_SA lifetime 28345s
Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517> proposing traffic selectors for us:
Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517>  192.168.152.0/29|/0
Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517> proposing traffic selectors for other:
Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517>  192.168.0.0/24|/0
Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517>   candidate "con5" with prio 5+5
Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517> found matching child config "con5" with prio 10
Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517> selecting proposal:
Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517>   proposal matches
Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517> selecting traffic selectors for us:
Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517> selecting traffic selectors for other:
Nov 28 22:33:36 fw-1A charon[61694]: 05[CFG] <con5|517>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:36 fw-1A charon[61694]: 05[CHD] <con5|517> CHILD_SA con5{116} state change: CREATED => INSTALLING
Nov 28 22:33:36 fw-1A charon[61694]: 05[CHD] <con5|517>   using AES_CBC for encryption
Nov 28 22:33:36 fw-1A charon[61694]: 05[CHD] <con5|517>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:36 fw-1A charon[61694]: 05[CHD] <con5|517> adding inbound ESP SA
Nov 28 22:33:36 fw-1A charon[61694]: 05[CHD] <con5|517>   SPI 0xcaf804ca, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:36 fw-1A charon[61694]: 05[CHD] <con5|517> adding outbound ESP SA
Nov 28 22:33:36 fw-1A charon[61694]: 05[CHD] <con5|517>   SPI 0x049c39c4, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> CHILD_SA con5{116} established with SPIs caf804ca_i 049c39c4_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:36 fw-1A charon[61694]: 05[CHD] <con5|517> CHILD_SA con5{116} state change: INSTALLING => INSTALLED
Nov 28 22:33:36 fw-1A charon[61694]: 05[ENC] <con5|517> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:36 fw-1A charon[61694]: 05[NET] <con5|517> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:36 fw-1A charon[61694]: 05[NET] <con5|517> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (224 bytes)
Nov 28 22:33:36 fw-1A charon[61694]: 05[ENC] <con5|517> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> received DELETE for IKE_SA con5[517]
Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> deleting IKE_SA con5[517] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> IKE_SA con5[517] state change: ESTABLISHED => DELETING
Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> IKE_SA deleted
Nov 28 22:33:36 fw-1A charon[61694]: 05[ENC] <con5|517> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:36 fw-1A charon[61694]: 05[NET] <con5|517> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:36 fw-1A charon[61694]: 05[IKE] <con5|517> IKE_SA con5[517] state change: DELETING => DESTROYING
Nov 28 22:33:36 fw-1A charon[61694]: 05[CHD] <con5|517> CHILD_SA con5{116} state change: INSTALLED => DESTROYING
Nov 28 22:33:37 fw-1A charon[61694]: 11[CFG] vici client 329 connected
Nov 28 22:33:37 fw-1A charon[61694]: 05[CFG] vici client 329 registered for: list-sa
Nov 28 22:33:37 fw-1A charon[61694]: 12[CFG] vici client 329 requests: list-sas
Nov 28 22:33:37 fw-1A charon[61694]: 05[CFG] vici client 329 disconnected
Nov 28 22:33:38 fw-1A charon[61694]: 12[NET] <518> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:38 fw-1A charon[61694]: 12[ENC] <518> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <518> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <518> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <518> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <518> IKE_SA (unnamed)[518] state change: CREATED => CONNECTING
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518> selecting proposal:
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518>   proposal matches
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <518> remote host is behind NAT
Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <518> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:38 fw-1A charon[61694]: 12[ENC] <518> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:38 fw-1A charon[61694]: 12[NET] <518> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:38 fw-1A charon[61694]: 12[NET] <518> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:38 fw-1A charon[61694]: 12[ENC] <518> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <518>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518> selected peer config 'con5'
Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> successfully created shared key MAC
Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> IKE_SA con5[518] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> IKE_SA con5[518] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> scheduling rekeying in 24758s
Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> maximum IKE_SA lifetime 27638s
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518> proposing traffic selectors for us:
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518>  192.168.152.0/29|/0
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518> proposing traffic selectors for other:
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518>  192.168.0.0/24|/0
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518>   candidate "con5" with prio 5+5
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518> found matching child config "con5" with prio 10
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518> selecting proposal:
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518>   proposal matches
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518> selecting traffic selectors for us:
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518> selecting traffic selectors for other:
Nov 28 22:33:38 fw-1A charon[61694]: 12[CFG] <con5|518>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:38 fw-1A charon[61694]: 12[CHD] <con5|518> CHILD_SA con5{117} state change: CREATED => INSTALLING
Nov 28 22:33:38 fw-1A charon[61694]: 12[CHD] <con5|518>   using AES_CBC for encryption
Nov 28 22:33:38 fw-1A charon[61694]: 12[CHD] <con5|518>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:38 fw-1A charon[61694]: 12[CHD] <con5|518> adding inbound ESP SA
Nov 28 22:33:38 fw-1A charon[61694]: 12[CHD] <con5|518>   SPI 0xc8017065, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:38 fw-1A charon[61694]: 12[CHD] <con5|518> adding outbound ESP SA
Nov 28 22:33:38 fw-1A charon[61694]: 12[CHD] <con5|518>   SPI 0x0cfa1146, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> CHILD_SA con5{117} established with SPIs c8017065_i 0cfa1146_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:38 fw-1A charon[61694]: 12[CHD] <con5|518> CHILD_SA con5{117} state change: INSTALLING => INSTALLED
Nov 28 22:33:38 fw-1A charon[61694]: 12[ENC] <con5|518> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:38 fw-1A charon[61694]: 12[NET] <con5|518> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:38 fw-1A charon[61694]: 12[NET] <con5|518> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (256 bytes)
Nov 28 22:33:38 fw-1A charon[61694]: 12[ENC] <con5|518> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> received DELETE for IKE_SA con5[518]
Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> deleting IKE_SA con5[518] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> IKE_SA con5[518] state change: ESTABLISHED => DELETING
Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> IKE_SA deleted
Nov 28 22:33:38 fw-1A charon[61694]: 12[ENC] <con5|518> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:38 fw-1A charon[61694]: 12[NET] <con5|518> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:38 fw-1A charon[61694]: 12[IKE] <con5|518> IKE_SA con5[518] state change: DELETING => DESTROYING
Nov 28 22:33:38 fw-1A charon[61694]: 12[CHD] <con5|518> CHILD_SA con5{117} state change: INSTALLED => DESTROYING
Nov 28 22:33:39 fw-1A charon[61694]: 10[NET] <519> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:39 fw-1A charon[61694]: 10[ENC] <519> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <519> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <519> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <519> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <519> IKE_SA (unnamed)[519] state change: CREATED => CONNECTING
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519> selecting proposal:
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519>   proposal matches
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <519> remote host is behind NAT
Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <519> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:39 fw-1A charon[61694]: 10[ENC] <519> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:39 fw-1A charon[61694]: 10[NET] <519> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:39 fw-1A charon[61694]: 10[NET] <519> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (448 bytes)
Nov 28 22:33:39 fw-1A charon[61694]: 10[ENC] <519> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <519>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519> selected peer config 'con5'
Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> successfully created shared key MAC
Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> IKE_SA con5[519] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> IKE_SA con5[519] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> scheduling rekeying in 23940s
Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> maximum IKE_SA lifetime 26820s
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519> proposing traffic selectors for us:
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519>  192.168.152.0/29|/0
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519> proposing traffic selectors for other:
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519>  192.168.0.0/24|/0
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519>   candidate "con5" with prio 5+5
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519> found matching child config "con5" with prio 10
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519> selecting proposal:
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519>   proposal matches
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519> selecting traffic selectors for us:
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519> selecting traffic selectors for other:
Nov 28 22:33:39 fw-1A charon[61694]: 10[CFG] <con5|519>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:39 fw-1A charon[61694]: 10[CHD] <con5|519> CHILD_SA con5{118} state change: CREATED => INSTALLING
Nov 28 22:33:39 fw-1A charon[61694]: 10[CHD] <con5|519>   using AES_CBC for encryption
Nov 28 22:33:39 fw-1A charon[61694]: 10[CHD] <con5|519>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:39 fw-1A charon[61694]: 10[CHD] <con5|519> adding inbound ESP SA
Nov 28 22:33:39 fw-1A charon[61694]: 10[CHD] <con5|519>   SPI 0xcb89c1a5, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:39 fw-1A charon[61694]: 10[CHD] <con5|519> adding outbound ESP SA
Nov 28 22:33:39 fw-1A charon[61694]: 10[CHD] <con5|519>   SPI 0x0d4a3019, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> CHILD_SA con5{118} established with SPIs cb89c1a5_i 0d4a3019_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:39 fw-1A charon[61694]: 10[CHD] <con5|519> CHILD_SA con5{118} state change: INSTALLING => INSTALLED
Nov 28 22:33:39 fw-1A charon[61694]: 10[ENC] <con5|519> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:39 fw-1A charon[61694]: 10[NET] <con5|519> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:39 fw-1A charon[61694]: 10[NET] <con5|519> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (240 bytes)
Nov 28 22:33:39 fw-1A charon[61694]: 10[ENC] <con5|519> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> received DELETE for IKE_SA con5[519]
Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> deleting IKE_SA con5[519] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> IKE_SA con5[519] state change: ESTABLISHED => DELETING
Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> IKE_SA deleted
Nov 28 22:33:39 fw-1A charon[61694]: 10[ENC] <con5|519> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:39 fw-1A charon[61694]: 10[NET] <con5|519> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:39 fw-1A charon[61694]: 10[IKE] <con5|519> IKE_SA con5[519] state change: DELETING => DESTROYING
Nov 28 22:33:39 fw-1A charon[61694]: 10[CHD] <con5|519> CHILD_SA con5{118} state change: INSTALLED => DESTROYING
Nov 28 22:33:41 fw-1A charon[61694]: 10[NET] <520> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:41 fw-1A charon[61694]: 10[ENC] <520> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:41 fw-1A charon[61694]: 10[IKE] <520> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:41 fw-1A charon[61694]: 10[IKE] <520> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:41 fw-1A charon[61694]: 10[IKE] <520> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:41 fw-1A charon[61694]: 10[IKE] <520> IKE_SA (unnamed)[520] state change: CREATED => CONNECTING
Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520> selecting proposal:
Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520>   proposal matches
Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:41 fw-1A charon[61694]: 10[CFG] <520> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:41 fw-1A charon[61694]: 10[IKE] <520> remote host is behind NAT
Nov 28 22:33:41 fw-1A charon[61694]: 10[IKE] <520> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:41 fw-1A charon[61694]: 10[ENC] <520> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:41 fw-1A charon[61694]: 10[NET] <520> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:42 fw-1A charon[61694]: 10[NET] <520> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:42 fw-1A charon[61694]: 10[ENC] <520> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <520> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <520>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <520>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520> selected peer config 'con5'
Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> successfully created shared key MAC
Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> IKE_SA con5[520] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> IKE_SA con5[520] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> scheduling rekeying in 24669s
Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> maximum IKE_SA lifetime 27549s
Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520> proposing traffic selectors for us:
Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520>  192.168.152.0/29|/0
Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520> proposing traffic selectors for other:
Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520>  192.168.0.0/24|/0
Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520>   candidate "con5" with prio 5+5
Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520> found matching child config "con5" with prio 10
Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520> selecting proposal:
Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520>   proposal matches
Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520> selecting traffic selectors for us:
Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520> selecting traffic selectors for other:
Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] <con5|520>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:42 fw-1A charon[61694]: 10[CHD] <con5|520> CHILD_SA con5{119} state change: CREATED => INSTALLING
Nov 28 22:33:42 fw-1A charon[61694]: 10[CHD] <con5|520>   using AES_CBC for encryption
Nov 28 22:33:42 fw-1A charon[61694]: 10[CHD] <con5|520>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:42 fw-1A charon[61694]: 10[CHD] <con5|520> adding inbound ESP SA
Nov 28 22:33:42 fw-1A charon[61694]: 10[CHD] <con5|520>   SPI 0xc3851522, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:42 fw-1A charon[61694]: 10[CHD] <con5|520> adding outbound ESP SA
Nov 28 22:33:42 fw-1A charon[61694]: 10[CHD] <con5|520>   SPI 0x0b8b0563, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> CHILD_SA con5{119} established with SPIs c3851522_i 0b8b0563_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:42 fw-1A charon[61694]: 10[CHD] <con5|520> CHILD_SA con5{119} state change: INSTALLING => INSTALLED
Nov 28 22:33:42 fw-1A charon[61694]: 10[ENC] <con5|520> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:42 fw-1A charon[61694]: 10[NET] <con5|520> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:42 fw-1A charon[61694]: 10[NET] <con5|520> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (272 bytes)
Nov 28 22:33:42 fw-1A charon[61694]: 10[ENC] <con5|520> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> received DELETE for IKE_SA con5[520]
Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> deleting IKE_SA con5[520] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> IKE_SA con5[520] state change: ESTABLISHED => DELETING
Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> IKE_SA deleted
Nov 28 22:33:42 fw-1A charon[61694]: 10[ENC] <con5|520> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:42 fw-1A charon[61694]: 10[NET] <con5|520> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:42 fw-1A charon[61694]: 10[IKE] <con5|520> IKE_SA con5[520] state change: DELETING => DESTROYING
Nov 28 22:33:42 fw-1A charon[61694]: 10[CHD] <con5|520> CHILD_SA con5{119} state change: INSTALLED => DESTROYING
Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] vici client 330 connected
Nov 28 22:33:42 fw-1A charon[61694]: 06[CFG] vici client 330 registered for: list-sa
Nov 28 22:33:42 fw-1A charon[61694]: 10[CFG] vici client 330 requests: list-sas
Nov 28 22:33:42 fw-1A charon[61694]: 06[CFG] vici client 330 disconnected
Nov 28 22:33:44 fw-1A charon[61694]: 08[NET] <521> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:44 fw-1A charon[61694]: 08[ENC] <521> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <521> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <521> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <521> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <521> IKE_SA (unnamed)[521] state change: CREATED => CONNECTING
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521> selecting proposal:
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521>   proposal matches
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <521> remote host is behind NAT
Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <521> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:44 fw-1A charon[61694]: 08[ENC] <521> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:44 fw-1A charon[61694]: 08[NET] <521> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:44 fw-1A charon[61694]: 08[NET] <521> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:44 fw-1A charon[61694]: 08[ENC] <521> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <521>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521> selected peer config 'con5'
Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> successfully created shared key MAC
Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> IKE_SA con5[521] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> IKE_SA con5[521] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> scheduling rekeying in 25897s
Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> maximum IKE_SA lifetime 28777s
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521> proposing traffic selectors for us:
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521>  192.168.152.0/29|/0
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521> proposing traffic selectors for other:
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521>  192.168.0.0/24|/0
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521>   candidate "con5" with prio 5+5
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521> found matching child config "con5" with prio 10
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521> selecting proposal:
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521>   proposal matches
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521> selecting traffic selectors for us:
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521> selecting traffic selectors for other:
Nov 28 22:33:44 fw-1A charon[61694]: 08[CFG] <con5|521>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:44 fw-1A charon[61694]: 08[CHD] <con5|521> CHILD_SA con5{120} state change: CREATED => INSTALLING
Nov 28 22:33:44 fw-1A charon[61694]: 08[CHD] <con5|521>   using AES_CBC for encryption
Nov 28 22:33:44 fw-1A charon[61694]: 08[CHD] <con5|521>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:44 fw-1A charon[61694]: 08[CHD] <con5|521> adding inbound ESP SA
Nov 28 22:33:44 fw-1A charon[61694]: 08[CHD] <con5|521>   SPI 0xcc27e2f4, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:44 fw-1A charon[61694]: 08[CHD] <con5|521> adding outbound ESP SA
Nov 28 22:33:44 fw-1A charon[61694]: 08[CHD] <con5|521>   SPI 0x07607c9a, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> CHILD_SA con5{120} established with SPIs cc27e2f4_i 07607c9a_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:44 fw-1A charon[61694]: 08[CHD] <con5|521> CHILD_SA con5{120} state change: INSTALLING => INSTALLED
Nov 28 22:33:44 fw-1A charon[61694]: 08[ENC] <con5|521> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:44 fw-1A charon[61694]: 08[NET] <con5|521> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:44 fw-1A charon[61694]: 08[NET] <con5|521> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (224 bytes)
Nov 28 22:33:44 fw-1A charon[61694]: 08[ENC] <con5|521> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> received DELETE for IKE_SA con5[521]
Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> deleting IKE_SA con5[521] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> IKE_SA con5[521] state change: ESTABLISHED => DELETING
Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> IKE_SA deleted
Nov 28 22:33:44 fw-1A charon[61694]: 08[ENC] <con5|521> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:44 fw-1A charon[61694]: 08[NET] <con5|521> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:44 fw-1A charon[61694]: 08[IKE] <con5|521> IKE_SA con5[521] state change: DELETING => DESTROYING
Nov 28 22:33:44 fw-1A charon[61694]: 08[CHD] <con5|521> CHILD_SA con5{120} state change: INSTALLED => DESTROYING
Nov 28 22:33:46 fw-1A charon[61694]: 08[NET] <522> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:46 fw-1A charon[61694]: 08[ENC] <522> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <522> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <522> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <522> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <522> IKE_SA (unnamed)[522] state change: CREATED => CONNECTING
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522> selecting proposal:
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522>   proposal matches
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <522> remote host is behind NAT
Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <522> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:46 fw-1A charon[61694]: 08[ENC] <522> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:46 fw-1A charon[61694]: 08[NET] <522> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:46 fw-1A charon[61694]: 08[NET] <522> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (480 bytes)
Nov 28 22:33:46 fw-1A charon[61694]: 08[ENC] <522> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <522>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522> selected peer config 'con5'
Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> successfully created shared key MAC
Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> IKE_SA con5[522] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> IKE_SA con5[522] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> scheduling rekeying in 24182s
Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> maximum IKE_SA lifetime 27062s
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522> proposing traffic selectors for us:
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522>  192.168.152.0/29|/0
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522> proposing traffic selectors for other:
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522>  192.168.0.0/24|/0
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522>   candidate "con5" with prio 5+5
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522> found matching child config "con5" with prio 10
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522> selecting proposal:
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522>   proposal matches
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522> selecting traffic selectors for us:
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522> selecting traffic selectors for other:
Nov 28 22:33:46 fw-1A charon[61694]: 08[CFG] <con5|522>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:46 fw-1A charon[61694]: 08[CHD] <con5|522> CHILD_SA con5{121} state change: CREATED => INSTALLING
Nov 28 22:33:46 fw-1A charon[61694]: 08[CHD] <con5|522>   using AES_CBC for encryption
Nov 28 22:33:46 fw-1A charon[61694]: 08[CHD] <con5|522>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:46 fw-1A charon[61694]: 08[CHD] <con5|522> adding inbound ESP SA
Nov 28 22:33:46 fw-1A charon[61694]: 08[CHD] <con5|522>   SPI 0xcce36c6d, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:46 fw-1A charon[61694]: 08[CHD] <con5|522> adding outbound ESP SA
Nov 28 22:33:46 fw-1A charon[61694]: 08[CHD] <con5|522>   SPI 0x0b86ed32, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> CHILD_SA con5{121} established with SPIs cce36c6d_i 0b86ed32_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:46 fw-1A charon[61694]: 08[CHD] <con5|522> CHILD_SA con5{121} state change: INSTALLING => INSTALLED
Nov 28 22:33:46 fw-1A charon[61694]: 08[ENC] <con5|522> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:46 fw-1A charon[61694]: 08[NET] <con5|522> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:46 fw-1A charon[61694]: 08[NET] <con5|522> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (288 bytes)
Nov 28 22:33:46 fw-1A charon[61694]: 08[ENC] <con5|522> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> received DELETE for IKE_SA con5[522]
Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> deleting IKE_SA con5[522] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> IKE_SA con5[522] state change: ESTABLISHED => DELETING
Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> IKE_SA deleted
Nov 28 22:33:46 fw-1A charon[61694]: 08[ENC] <con5|522> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:46 fw-1A charon[61694]: 08[NET] <con5|522> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:46 fw-1A charon[61694]: 08[IKE] <con5|522> IKE_SA con5[522] state change: DELETING => DESTROYING
Nov 28 22:33:46 fw-1A charon[61694]: 08[CHD] <con5|522> CHILD_SA con5{121} state change: INSTALLED => DESTROYING
Nov 28 22:33:47 fw-1A charon[61694]: 16[CFG] vici client 331 connected
Nov 28 22:33:47 fw-1A charon[61694]: 15[CFG] vici client 331 registered for: list-sa
Nov 28 22:33:47 fw-1A charon[61694]: 15[CFG] vici client 331 requests: list-sas
Nov 28 22:33:47 fw-1A charon[61694]: 07[CFG] vici client 331 disconnected
Nov 28 22:33:48 fw-1A charon[61694]: 07[NET] <523> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:48 fw-1A charon[61694]: 07[ENC] <523> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:48 fw-1A charon[61694]: 07[IKE] <523> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:48 fw-1A charon[61694]: 07[IKE] <523> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:48 fw-1A charon[61694]: 07[IKE] <523> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:48 fw-1A charon[61694]: 07[IKE] <523> IKE_SA (unnamed)[523] state change: CREATED => CONNECTING
Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523> selecting proposal:
Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523>   proposal matches
Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:48 fw-1A charon[61694]: 07[CFG] <523> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:48 fw-1A charon[61694]: 07[IKE] <523> remote host is behind NAT
Nov 28 22:33:48 fw-1A charon[61694]: 07[IKE] <523> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:48 fw-1A charon[61694]: 07[ENC] <523> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:48 fw-1A charon[61694]: 07[NET] <523> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:48 fw-1A charon[61694]: 15[NET] <523> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (416 bytes)
Nov 28 22:33:48 fw-1A charon[61694]: 15[ENC] <523> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <523> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <523>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <523>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523> selected peer config 'con5'
Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> successfully created shared key MAC
Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> IKE_SA con5[523] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> IKE_SA con5[523] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> scheduling rekeying in 25413s
Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> maximum IKE_SA lifetime 28293s
Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523> proposing traffic selectors for us:
Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523>  192.168.152.0/29|/0
Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523> proposing traffic selectors for other:
Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523>  192.168.0.0/24|/0
Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523>   candidate "con5" with prio 5+5
Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523> found matching child config "con5" with prio 10
Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523> selecting proposal:
Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523>   proposal matches
Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523> selecting traffic selectors for us:
Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523> selecting traffic selectors for other:
Nov 28 22:33:48 fw-1A charon[61694]: 15[CFG] <con5|523>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:48 fw-1A charon[61694]: 15[CHD] <con5|523> CHILD_SA con5{122} state change: CREATED => INSTALLING
Nov 28 22:33:48 fw-1A charon[61694]: 15[CHD] <con5|523>   using AES_CBC for encryption
Nov 28 22:33:48 fw-1A charon[61694]: 15[CHD] <con5|523>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:48 fw-1A charon[61694]: 15[CHD] <con5|523> adding inbound ESP SA
Nov 28 22:33:48 fw-1A charon[61694]: 15[CHD] <con5|523>   SPI 0xcbea0cf2, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:48 fw-1A charon[61694]: 15[CHD] <con5|523> adding outbound ESP SA
Nov 28 22:33:48 fw-1A charon[61694]: 15[CHD] <con5|523>   SPI 0x001db44e, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> CHILD_SA con5{122} established with SPIs cbea0cf2_i 001db44e_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:48 fw-1A charon[61694]: 15[CHD] <con5|523> CHILD_SA con5{122} state change: INSTALLING => INSTALLED
Nov 28 22:33:48 fw-1A charon[61694]: 15[ENC] <con5|523> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:48 fw-1A charon[61694]: 15[NET] <con5|523> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:48 fw-1A charon[61694]: 15[NET] <con5|523> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (240 bytes)
Nov 28 22:33:48 fw-1A charon[61694]: 15[ENC] <con5|523> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> received DELETE for IKE_SA con5[523]
Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> deleting IKE_SA con5[523] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> IKE_SA con5[523] state change: ESTABLISHED => DELETING
Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> IKE_SA deleted
Nov 28 22:33:48 fw-1A charon[61694]: 15[ENC] <con5|523> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:48 fw-1A charon[61694]: 15[NET] <con5|523> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:48 fw-1A charon[61694]: 15[IKE] <con5|523> IKE_SA con5[523] state change: DELETING => DESTROYING
Nov 28 22:33:48 fw-1A charon[61694]: 15[CHD] <con5|523> CHILD_SA con5{122} state change: INSTALLED => DESTROYING
Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <con5|500> retransmit 4 of request with message ID 1
Nov 28 22:33:50 fw-1A charon[61694]: 16[NET] <con5|500> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (272 bytes)
Nov 28 22:33:50 fw-1A charon[61694]: 16[NET] <524> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:50 fw-1A charon[61694]: 16[ENC] <524> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <524> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <524> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <524> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <524> IKE_SA (unnamed)[524] state change: CREATED => CONNECTING
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524> selecting proposal:
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524>   proposal matches
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <524> remote host is behind NAT
Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <524> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:50 fw-1A charon[61694]: 16[ENC] <524> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:50 fw-1A charon[61694]: 16[NET] <524> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:50 fw-1A charon[61694]: 16[NET] <524> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (448 bytes)
Nov 28 22:33:50 fw-1A charon[61694]: 16[ENC] <524> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <524>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524> selected peer config 'con5'
Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <con5|524> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <con5|524> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <con5|524> successfully created shared key MAC
Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <con5|524> IKE_SA con5[524] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <con5|524> IKE_SA con5[524] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <con5|524> scheduling rekeying in 23267s
Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <con5|524> maximum IKE_SA lifetime 26147s
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524> proposing traffic selectors for us:
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524>  192.168.152.0/29|/0
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524> proposing traffic selectors for other:
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524>  192.168.0.0/24|/0
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524>   candidate "con5" with prio 5+5
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524> found matching child config "con5" with prio 10
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524> selecting proposal:
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524>   proposal matches
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524> selecting traffic selectors for us:
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524> selecting traffic selectors for other:
Nov 28 22:33:50 fw-1A charon[61694]: 16[CFG] <con5|524>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:50 fw-1A charon[61694]: 16[CHD] <con5|524> CHILD_SA con5{123} state change: CREATED => INSTALLING
Nov 28 22:33:50 fw-1A charon[61694]: 16[CHD] <con5|524>   using AES_CBC for encryption
Nov 28 22:33:50 fw-1A charon[61694]: 16[CHD] <con5|524>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:50 fw-1A charon[61694]: 16[CHD] <con5|524> adding inbound ESP SA
Nov 28 22:33:50 fw-1A charon[61694]: 16[CHD] <con5|524>   SPI 0xc529b09c, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:50 fw-1A charon[61694]: 16[CHD] <con5|524> adding outbound ESP SA
Nov 28 22:33:50 fw-1A charon[61694]: 16[CHD] <con5|524>   SPI 0x0c709430, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:50 fw-1A charon[61694]: 16[IKE] <con5|524> CHILD_SA con5{123} established with SPIs c529b09c_i 0c709430_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:50 fw-1A charon[61694]: 16[CHD] <con5|524> CHILD_SA con5{123} state change: INSTALLING => INSTALLED
Nov 28 22:33:50 fw-1A charon[61694]: 16[ENC] <con5|524> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:50 fw-1A charon[61694]: 16[NET] <con5|524> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:51 fw-1A charon[61694]: 16[NET] <525> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:51 fw-1A charon[61694]: 16[ENC] <525> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <525> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <525> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <525> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <525> IKE_SA (unnamed)[525] state change: CREATED => CONNECTING
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525> selecting proposal:
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525>   proposal matches
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <525> remote host is behind NAT
Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <525> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:51 fw-1A charon[61694]: 16[ENC] <525> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:51 fw-1A charon[61694]: 16[NET] <525> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:51 fw-1A charon[61694]: 16[NET] <525> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (480 bytes)
Nov 28 22:33:51 fw-1A charon[61694]: 16[ENC] <525> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <525>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525> selected peer config 'con5'
Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> successfully created shared key MAC
Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|524> destroying duplicate IKE_SA for peer '20.0.0.100', received INITIAL_CONTACT
Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|524> IKE_SA con5[524] state change: ESTABLISHED => DESTROYING
Nov 28 22:33:51 fw-1A charon[61694]: 16[CHD] <con5|524> CHILD_SA con5{123} state change: INSTALLED => DESTROYING
Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> IKE_SA con5[525] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> IKE_SA con5[525] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> scheduling rekeying in 23310s
Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> maximum IKE_SA lifetime 26190s
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525> proposing traffic selectors for us:
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525>  192.168.152.0/29|/0
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525> proposing traffic selectors for other:
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525>  192.168.0.0/24|/0
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525>   candidate "con5" with prio 5+5
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525> found matching child config "con5" with prio 10
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525> selecting proposal:
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525>   proposal matches
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525> selecting traffic selectors for us:
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525> selecting traffic selectors for other:
Nov 28 22:33:51 fw-1A charon[61694]: 16[CFG] <con5|525>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:51 fw-1A charon[61694]: 16[CHD] <con5|525> CHILD_SA con5{124} state change: CREATED => INSTALLING
Nov 28 22:33:51 fw-1A charon[61694]: 16[CHD] <con5|525>   using AES_CBC for encryption
Nov 28 22:33:51 fw-1A charon[61694]: 16[CHD] <con5|525>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:51 fw-1A charon[61694]: 16[CHD] <con5|525> adding inbound ESP SA
Nov 28 22:33:51 fw-1A charon[61694]: 16[CHD] <con5|525>   SPI 0xc6a9ccf2, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:51 fw-1A charon[61694]: 16[CHD] <con5|525> adding outbound ESP SA
Nov 28 22:33:51 fw-1A charon[61694]: 16[CHD] <con5|525>   SPI 0x0897adb0, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> CHILD_SA con5{124} established with SPIs c6a9ccf2_i 0897adb0_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:51 fw-1A charon[61694]: 16[CHD] <con5|525> CHILD_SA con5{124} state change: INSTALLING => INSTALLED
Nov 28 22:33:51 fw-1A charon[61694]: 16[ENC] <con5|525> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:51 fw-1A charon[61694]: 16[NET] <con5|525> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:51 fw-1A charon[61694]: 16[NET] <con5|525> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (224 bytes)
Nov 28 22:33:51 fw-1A charon[61694]: 16[ENC] <con5|525> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> received DELETE for IKE_SA con5[525]
Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> deleting IKE_SA con5[525] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> IKE_SA con5[525] state change: ESTABLISHED => DELETING
Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> IKE_SA deleted
Nov 28 22:33:51 fw-1A charon[61694]: 16[ENC] <con5|525> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:51 fw-1A charon[61694]: 16[NET] <con5|525> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:51 fw-1A charon[61694]: 16[IKE] <con5|525> IKE_SA con5[525] state change: DELETING => DESTROYING
Nov 28 22:33:51 fw-1A charon[61694]: 16[CHD] <con5|525> CHILD_SA con5{124} state change: INSTALLED => DESTROYING
Nov 28 22:33:52 fw-1A charon[61694]: 09[CFG] vici client 332 connected
Nov 28 22:33:52 fw-1A charon[61694]: 11[CFG] vici client 332 registered for: list-sa
Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] vici client 332 requests: list-sas
Nov 28 22:33:52 fw-1A charon[61694]: 09[CFG] vici client 332 disconnected
Nov 28 22:33:52 fw-1A charon[61694]: 16[NET] <526> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:52 fw-1A charon[61694]: 16[ENC] <526> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:52 fw-1A charon[61694]: 16[IKE] <526> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:52 fw-1A charon[61694]: 16[IKE] <526> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:52 fw-1A charon[61694]: 16[IKE] <526> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:52 fw-1A charon[61694]: 16[IKE] <526> IKE_SA (unnamed)[526] state change: CREATED => CONNECTING
Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526> selecting proposal:
Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526>   proposal matches
Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:52 fw-1A charon[61694]: 16[CFG] <526> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:52 fw-1A charon[61694]: 16[IKE] <526> remote host is behind NAT
Nov 28 22:33:52 fw-1A charon[61694]: 16[IKE] <526> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:52 fw-1A charon[61694]: 16[ENC] <526> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:52 fw-1A charon[61694]: 16[NET] <526> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:52 fw-1A charon[61694]: 16[KNL] creating acquire job for policy 197.214.xxx.yyy/32|/0 === 196.250.128.24/32|/0 with reqid {2}
Nov 28 22:33:52 fw-1A charon[61694]: 09[CFG] ignoring acquire for reqid 2, connection attempt pending
Nov 28 22:33:53 fw-1A charon[61694]: 09[NET] <526> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (416 bytes)
Nov 28 22:33:53 fw-1A charon[61694]: 09[ENC] <526> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <526> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <526>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <526>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526> selected peer config 'con5'
Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> successfully created shared key MAC
Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> IKE_SA con5[526] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> IKE_SA con5[526] state change: CONNECTING => ESTABLISHED
Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> scheduling rekeying in 24229s
Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> maximum IKE_SA lifetime 27109s
Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526> proposing traffic selectors for us:
Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526>  192.168.152.0/29|/0
Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526> proposing traffic selectors for other:
Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526>  192.168.0.0/24|/0
Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526>   candidate "con5" with prio 5+5
Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526> found matching child config "con5" with prio 10
Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526> selecting proposal:
Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526>   proposal matches
Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526> selecting traffic selectors for us:
Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526> selecting traffic selectors for other:
Nov 28 22:33:53 fw-1A charon[61694]: 09[CFG] <con5|526>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:33:53 fw-1A charon[61694]: 09[CHD] <con5|526> CHILD_SA con5{125} state change: CREATED => INSTALLING
Nov 28 22:33:53 fw-1A charon[61694]: 09[CHD] <con5|526>   using AES_CBC for encryption
Nov 28 22:33:53 fw-1A charon[61694]: 09[CHD] <con5|526>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:33:53 fw-1A charon[61694]: 09[CHD] <con5|526> adding inbound ESP SA
Nov 28 22:33:53 fw-1A charon[61694]: 09[CHD] <con5|526>   SPI 0xc6613c03, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:33:53 fw-1A charon[61694]: 09[CHD] <con5|526> adding outbound ESP SA
Nov 28 22:33:53 fw-1A charon[61694]: 09[CHD] <con5|526>   SPI 0x0afa2b32, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> CHILD_SA con5{125} established with SPIs c6613c03_i 0afa2b32_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:33:53 fw-1A charon[61694]: 09[CHD] <con5|526> CHILD_SA con5{125} state change: INSTALLING => INSTALLED
Nov 28 22:33:53 fw-1A charon[61694]: 09[ENC] <con5|526> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:33:53 fw-1A charon[61694]: 09[NET] <con5|526> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:33:53 fw-1A charon[61694]: 09[NET] <con5|526> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (288 bytes)
Nov 28 22:33:53 fw-1A charon[61694]: 09[ENC] <con5|526> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> received DELETE for IKE_SA con5[526]
Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> deleting IKE_SA con5[526] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> IKE_SA con5[526] state change: ESTABLISHED => DELETING
Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> IKE_SA deleted
Nov 28 22:33:53 fw-1A charon[61694]: 09[ENC] <con5|526> generating INFORMATIONAL response 2 [ ]
Nov 28 22:33:53 fw-1A charon[61694]: 09[NET] <con5|526> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:33:53 fw-1A charon[61694]: 09[IKE] <con5|526> IKE_SA con5[526] state change: DELETING => DESTROYING
Nov 28 22:33:53 fw-1A charon[61694]: 09[CHD] <con5|526> CHILD_SA con5{125} state change: INSTALLED => DESTROYING
Nov 28 22:33:54 fw-1A charon[61694]: 09[NET] <527> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:33:54 fw-1A charon[61694]: 09[ENC] <527> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:33:54 fw-1A charon[61694]: 09[IKE] <527> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:33:54 fw-1A charon[61694]: 09[IKE] <527> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:33:54 fw-1A charon[61694]: 09[IKE] <527> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:33:54 fw-1A charon[61694]: 09[IKE] <527> IKE_SA (unnamed)[527] state change: CREATED => CONNECTING
Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527> selecting proposal:
Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527>   proposal matches
Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:54 fw-1A charon[61694]: 09[CFG] <527> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:33:54 fw-1A charon[61694]: 09[IKE] <527> remote host is behind NAT
Nov 28 22:33:54 fw-1A charon[61694]: 09[IKE] <527> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:33:54 fw-1A charon[61694]: 09[ENC] <527> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:33:54 fw-1A charon[61694]: 09[NET] <527> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:33:57 fw-1A charon[61694]: 09[CFG] vici client 333 connected
Nov 28 22:33:57 fw-1A charon[61694]: 05[CFG] vici client 333 registered for: list-sa
Nov 28 22:33:57 fw-1A charon[61694]: 12[CFG] vici client 333 requests: list-sas
Nov 28 22:33:57 fw-1A charon[61694]: 12[CFG] vici client 333 disconnected
Nov 28 22:34:01 fw-1A charon[61694]: 14[NET] <528> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
Nov 28 22:34:01 fw-1A charon[61694]: 14[ENC] <528> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528>   candidate: 197.214.xxx.yyy...165.165.172.58, prio 3100
Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528> found matching ike config: 197.214.xxx.yyy...165.165.172.58 with prio 3100
Nov 28 22:34:01 fw-1A charon[61694]: 14[IKE] <528> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
Nov 28 22:34:01 fw-1A charon[61694]: 14[IKE] <528> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
Nov 28 22:34:01 fw-1A charon[61694]: 14[IKE] <528> 165.165.172.58 is initiating an IKE_SA
Nov 28 22:34:01 fw-1A charon[61694]: 14[IKE] <528> IKE_SA (unnamed)[528] state change: CREATED => CONNECTING
Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528> selecting proposal:
Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528> selecting proposal:
Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528> selecting proposal:
Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528>   proposal matches
Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528> received supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528> sending supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:34:01 fw-1A charon[61694]: 14[IKE] <528> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:34:01 fw-1A charon[61694]: 14[ENC] <528> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:34:01 fw-1A charon[61694]: 14[NET] <528> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
Nov 28 22:34:01 fw-1A charon[61694]: 14[NET] <528> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
Nov 28 22:34:01 fw-1A charon[61694]: 14[ENC] <528> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <528>   candidate "con10", match: 20/1/3100 (me/other/ike)
Nov 28 22:34:01 fw-1A charon[61694]: 14[CFG] <con10|528> selected peer config 'con10'
Nov 28 22:34:01 fw-1A charon[61694]: 14[IKE] <con10|528> tried 4 shared keys for '197.214.xxx.yyy' - '165.165.172.58', but MAC mismatched
Nov 28 22:34:01 fw-1A charon[61694]: 14[ENC] <con10|528> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
Nov 28 22:34:01 fw-1A charon[61694]: 14[NET] <con10|528> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
Nov 28 22:34:01 fw-1A charon[61694]: 14[IKE] <con10|528> IKE_SA con10[528] state change: CONNECTING => DESTROYING
Nov 28 22:34:02 fw-1A charon[61694]: 14[CFG] vici client 334 connected
Nov 28 22:34:02 fw-1A charon[61694]: 10[CFG] vici client 334 registered for: list-sa
Nov 28 22:34:02 fw-1A charon[61694]: 10[CFG] vici client 334 requests: list-sas
Nov 28 22:34:02 fw-1A charon[61694]: 14[CFG] vici client 334 disconnected
Nov 28 22:34:02 fw-1A charon[61694]: 14[KNL] creating acquire job for policy 197.214.xxx.yyy/32|/0 === 196.250.128.24/32|/0 with reqid {2}
Nov 28 22:34:02 fw-1A charon[61694]: 14[CFG] ignoring acquire for reqid 2, connection attempt pending
Nov 28 22:34:09 fw-1A charon[61694]: 14[NET] <527> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (480 bytes)
Nov 28 22:34:09 fw-1A charon[61694]: 14[ENC] <527> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <527> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <527>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <527>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527> selected peer config 'con5'
Nov 28 22:34:09 fw-1A charon[61694]: 14[IKE] <con5|527> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:34:09 fw-1A charon[61694]: 14[IKE] <con5|527> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:34:09 fw-1A charon[61694]: 14[IKE] <con5|527> successfully created shared key MAC
Nov 28 22:34:09 fw-1A charon[61694]: 14[IKE] <con5|527> IKE_SA con5[527] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:34:09 fw-1A charon[61694]: 14[IKE] <con5|527> IKE_SA con5[527] state change: CONNECTING => ESTABLISHED
Nov 28 22:34:09 fw-1A charon[61694]: 14[IKE] <con5|527> scheduling rekeying in 24079s
Nov 28 22:34:09 fw-1A charon[61694]: 14[IKE] <con5|527> maximum IKE_SA lifetime 26959s
Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527> proposing traffic selectors for us:
Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527>  192.168.152.0/29|/0
Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527> proposing traffic selectors for other:
Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527>  192.168.0.0/24|/0
Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527>   candidate "con5" with prio 5+5
Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527> found matching child config "con5" with prio 10
Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527> selecting proposal:
Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527>   proposal matches
Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527> selecting traffic selectors for us:
Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527> selecting traffic selectors for other:
Nov 28 22:34:09 fw-1A charon[61694]: 14[CFG] <con5|527>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:34:09 fw-1A charon[61694]: 14[CHD] <con5|527> CHILD_SA con5{126} state change: CREATED => INSTALLING
Nov 28 22:34:09 fw-1A charon[61694]: 14[CHD] <con5|527>   using AES_CBC for encryption
Nov 28 22:34:09 fw-1A charon[61694]: 14[CHD] <con5|527>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:34:09 fw-1A charon[61694]: 14[CHD] <con5|527> adding inbound ESP SA
Nov 28 22:34:09 fw-1A charon[61694]: 14[CHD] <con5|527>   SPI 0xcf80dceb, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:34:09 fw-1A charon[61694]: 14[CHD] <con5|527> adding outbound ESP SA
Nov 28 22:34:09 fw-1A charon[61694]: 14[CHD] <con5|527>   SPI 0x00cbf5c9, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:34:09 fw-1A charon[61694]: 14[IKE] <con5|527> CHILD_SA con5{126} established with SPIs cf80dceb_i 00cbf5c9_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:34:09 fw-1A charon[61694]: 14[CHD] <con5|527> CHILD_SA con5{126} state change: INSTALLING => INSTALLED
Nov 28 22:34:09 fw-1A charon[61694]: 14[ENC] <con5|527> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:34:09 fw-1A charon[61694]: 14[NET] <con5|527> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:34:10 fw-1A charon[61694]: 14[NET] <529> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:34:10 fw-1A charon[61694]: 14[ENC] <529> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:34:10 fw-1A charon[61694]: 14[IKE] <529> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:34:10 fw-1A charon[61694]: 14[IKE] <529> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:34:10 fw-1A charon[61694]: 14[IKE] <529> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:34:10 fw-1A charon[61694]: 14[IKE] <529> IKE_SA (unnamed)[529] state change: CREATED => CONNECTING
Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529> selecting proposal:
Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529>   proposal matches
Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:34:10 fw-1A charon[61694]: 14[CFG] <529> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:34:10 fw-1A charon[61694]: 14[IKE] <529> remote host is behind NAT
Nov 28 22:34:10 fw-1A charon[61694]: 14[IKE] <529> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:34:10 fw-1A charon[61694]: 14[ENC] <529> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:34:10 fw-1A charon[61694]: 14[NET] <529> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:34:11 fw-1A charon[61694]: 14[NET] <529> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (480 bytes)
Nov 28 22:34:11 fw-1A charon[61694]: 14[ENC] <529> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <529> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <529>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <529>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529> selected peer config 'con5'
Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> successfully created shared key MAC
Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|527> destroying duplicate IKE_SA for peer '20.0.0.100', received INITIAL_CONTACT
Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|527> IKE_SA con5[527] state change: ESTABLISHED => DESTROYING
Nov 28 22:34:11 fw-1A charon[61694]: 14[CHD] <con5|527> CHILD_SA con5{126} state change: INSTALLED => DESTROYING
Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> IKE_SA con5[529] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> IKE_SA con5[529] state change: CONNECTING => ESTABLISHED
Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> scheduling rekeying in 23284s
Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> maximum IKE_SA lifetime 26164s
Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529> proposing traffic selectors for us:
Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529>  192.168.152.0/29|/0
Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529> proposing traffic selectors for other:
Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529>  192.168.0.0/24|/0
Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529>   candidate "con5" with prio 5+5
Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529> found matching child config "con5" with prio 10
Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529> selecting proposal:
Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529>   proposal matches
Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529> selecting traffic selectors for us:
Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529> selecting traffic selectors for other:
Nov 28 22:34:11 fw-1A charon[61694]: 14[CFG] <con5|529>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:34:11 fw-1A charon[61694]: 14[CHD] <con5|529> CHILD_SA con5{127} state change: CREATED => INSTALLING
Nov 28 22:34:11 fw-1A charon[61694]: 14[CHD] <con5|529>   using AES_CBC for encryption
Nov 28 22:34:11 fw-1A charon[61694]: 14[CHD] <con5|529>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:34:11 fw-1A charon[61694]: 14[CHD] <con5|529> adding inbound ESP SA
Nov 28 22:34:11 fw-1A charon[61694]: 14[CHD] <con5|529>   SPI 0xcfc2ea23, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:34:11 fw-1A charon[61694]: 14[CHD] <con5|529> adding outbound ESP SA
Nov 28 22:34:11 fw-1A charon[61694]: 14[CHD] <con5|529>   SPI 0x0b7a00f6, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> CHILD_SA con5{127} established with SPIs cfc2ea23_i 0b7a00f6_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:34:11 fw-1A charon[61694]: 14[CHD] <con5|529> CHILD_SA con5{127} state change: INSTALLING => INSTALLED
Nov 28 22:34:11 fw-1A charon[61694]: 14[ENC] <con5|529> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:34:11 fw-1A charon[61694]: 14[NET] <con5|529> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:34:11 fw-1A charon[61694]: 14[NET] <con5|529> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (224 bytes)
Nov 28 22:34:11 fw-1A charon[61694]: 14[ENC] <con5|529> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> received DELETE for IKE_SA con5[529]
Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> deleting IKE_SA con5[529] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> IKE_SA con5[529] state change: ESTABLISHED => DELETING
Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> IKE_SA deleted
Nov 28 22:34:11 fw-1A charon[61694]: 14[ENC] <con5|529> generating INFORMATIONAL response 2 [ ]
Nov 28 22:34:11 fw-1A charon[61694]: 14[NET] <con5|529> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:34:11 fw-1A charon[61694]: 14[IKE] <con5|529> IKE_SA con5[529] state change: DELETING => DESTROYING
Nov 28 22:34:11 fw-1A charon[61694]: 14[CHD] <con5|529> CHILD_SA con5{127} state change: INSTALLED => DESTROYING
Nov 28 22:34:12 fw-1A charon[61694]: 08[NET] <530> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:34:12 fw-1A charon[61694]: 08[ENC] <530> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <530> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <530> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <530> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <530> IKE_SA (unnamed)[530] state change: CREATED => CONNECTING
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530> selecting proposal:
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530>   proposal matches
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <530> remote host is behind NAT
Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <530> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:34:12 fw-1A charon[61694]: 08[ENC] <530> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:34:12 fw-1A charon[61694]: 08[NET] <530> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:34:12 fw-1A charon[61694]: 08[NET] <530> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:34:12 fw-1A charon[61694]: 08[ENC] <530> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <530>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530> selected peer config 'con5'
Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> successfully created shared key MAC
Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> IKE_SA con5[530] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> IKE_SA con5[530] state change: CONNECTING => ESTABLISHED
Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> scheduling rekeying in 24097s
Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> maximum IKE_SA lifetime 26977s
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530> proposing traffic selectors for us:
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530>  192.168.152.0/29|/0
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530> proposing traffic selectors for other:
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530>  192.168.0.0/24|/0
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530>   candidate "con5" with prio 5+5
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530> found matching child config "con5" with prio 10
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530> selecting proposal:
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530>   proposal matches
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530> selecting traffic selectors for us:
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530> selecting traffic selectors for other:
Nov 28 22:34:12 fw-1A charon[61694]: 08[CFG] <con5|530>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:34:12 fw-1A charon[61694]: 08[CHD] <con5|530> CHILD_SA con5{128} state change: CREATED => INSTALLING
Nov 28 22:34:12 fw-1A charon[61694]: 08[CHD] <con5|530>   using AES_CBC for encryption
Nov 28 22:34:12 fw-1A charon[61694]: 08[CHD] <con5|530>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:34:12 fw-1A charon[61694]: 08[CHD] <con5|530> adding inbound ESP SA
Nov 28 22:34:12 fw-1A charon[61694]: 08[CHD] <con5|530>   SPI 0xc78811d2, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:34:12 fw-1A charon[61694]: 08[CHD] <con5|530> adding outbound ESP SA
Nov 28 22:34:12 fw-1A charon[61694]: 08[CHD] <con5|530>   SPI 0x004f7288, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> CHILD_SA con5{128} established with SPIs c78811d2_i 004f7288_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:34:12 fw-1A charon[61694]: 08[CHD] <con5|530> CHILD_SA con5{128} state change: INSTALLING => INSTALLED
Nov 28 22:34:12 fw-1A charon[61694]: 08[ENC] <con5|530> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:34:12 fw-1A charon[61694]: 08[NET] <con5|530> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:34:12 fw-1A charon[61694]: 08[NET] <con5|530> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (240 bytes)
Nov 28 22:34:12 fw-1A charon[61694]: 08[ENC] <con5|530> parsed INFORMATIONAL request 2 [ N(AUTH_FAILED) ]
Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> received DELETE for IKE_SA con5[530]
Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> deleting IKE_SA con5[530] between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> IKE_SA con5[530] state change: ESTABLISHED => DELETING
Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> IKE_SA deleted
Nov 28 22:34:12 fw-1A charon[61694]: 08[ENC] <con5|530> generating INFORMATIONAL response 2 [ ]
Nov 28 22:34:12 fw-1A charon[61694]: 08[NET] <con5|530> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:34:12 fw-1A charon[61694]: 08[IKE] <con5|530> IKE_SA con5[530] state change: DELETING => DESTROYING
Nov 28 22:34:12 fw-1A charon[61694]: 08[CHD] <con5|530> CHILD_SA con5{128} state change: INSTALLED => DESTROYING
Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] vici client 335 connected
Nov 28 22:34:13 fw-1A charon[61694]: 14[CFG] vici client 335 requests: reload-settings
Nov 28 22:34:13 fw-1A charon[61694]: 14[CFG] ipseckey plugin is disabled
Nov 28 22:34:13 fw-1A charon[61694]: 14[CFG] loaded attribute INTERNAL_IP4_SUBNET: c0:a8:98:00:ff:ff:ff:f8
Nov 28 22:34:13 fw-1A charon[61694]: 14[CFG] loaded attribute UNITY_SPLIT_INCLUDE: c0:a8:98:00:ff:ff:ff:f8
Nov 28 22:34:13 fw-1A charon[61694]: 14[CFG] loaded attribute UNITY_BANNER: 4f:6e:6c:79:20:61:75:74:68:6f:72:69:73:65:64:20:75:73:65:72:73:20:6d:61:79:20:65:6e:74:65:72:20:68:65:72:65:21
Nov 28 22:34:13 fw-1A charon[61694]: 14[CFG] loaded attribute UNITY_PFS: 31:34
Nov 28 22:34:13 fw-1A charon[61694]: 14[CFG] loaded 4 entries for attr plugin configuration
Nov 28 22:34:13 fw-1A charon[61694]: 14[CFG] loaded 0 RADIUS server configurations
Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] vici client 335 disconnected
Nov 28 22:34:13 fw-1A charon[61694]: 14[CFG] vici client 336 connected
Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] vici client 336 requests: get-keys
Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] vici client 336 requests: get-shared
Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] vici client 336 requests: load-cert
Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] loaded certificate 'CN=fw.fast.za.net, C=ZA, ST=Western Cape, L=Cape Town, O=Abellard SS, OU=Hosting Services'
Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] vici client 336 requests: load-cert
Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] loaded certificate 'CN=Fastnet-CA-2, C=ZA, O=Abellard SS'
Nov 28 22:34:13 fw-1A charon[61694]: 13[CFG] vici client 336 requests: load-key
Nov 28 22:34:13 fw-1A charon[61694]: 13[CFG] loaded ANY private key
Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] vici client 336 requests: load-shared
Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] loaded IKE shared key with id 'ike-0' for: '%any', '192.168.0.2'
Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] vici client 336 requests: load-shared
Nov 28 22:34:13 fw-1A charon[61694]: 07[CFG] loaded IKE shared key with id 'ike-1' for: '%any', '41.164.68.170'
Nov 28 22:34:13 fw-1A charon[61694]: 13[CFG] vici client 336 requests: load-shared
Nov 28 22:34:13 fw-1A charon[61694]: 13[CFG] loaded IKE shared key with id 'ike-2' for: '%any', '%any'
Nov 28 22:34:13 fw-1A charon[61694]: 11[CFG] vici client 336 requests: load-shared
Nov 28 22:34:13 fw-1A charon[61694]: 11[CFG] loaded EAP shared key with id 'eap-4' for: 'reliance.compost'
Nov 28 22:34:13 fw-1A charon[61694]: 11[CFG] vici client 336 requests: load-shared
Nov 28 22:34:13 fw-1A charon[61694]: 11[CFG] loaded EAP shared key with id 'eap-5' for: 'mac.pack'
Nov 28 22:34:13 fw-1A charon[61694]: 13[CFG] vici client 336 requests: load-shared
Nov 28 22:34:13 fw-1A charon[61694]: 13[CFG] loaded EAP shared key with id 'eap-6' for: 'greenway.farms'
Nov 28 22:34:13 fw-1A charon[61694]: 16[CFG] vici client 336 requests: unload-shared
Nov 28 22:34:13 fw-1A charon[61694]: 16[CFG] unloaded shared key with id 'eap-7'
Nov 28 22:34:13 fw-1A charon[61694]: 16[CFG] vici client 336 requests: unload-shared
Nov 28 22:34:13 fw-1A charon[61694]: 16[CFG] unloaded shared key with id 'ike-4'
Nov 28 22:34:13 fw-1A charon[61694]: 16[CFG] vici client 336 requests: get-authorities
Nov 28 22:34:13 fw-1A charon[61694]: 09[CFG] vici client 336 requests: get-pools
Nov 28 22:34:13 fw-1A charon[61694]: 09[CFG] vici client 336 requests: load-pool
Nov 28 22:34:13 fw-1A charon[61694]: 09[CFG] updated vici pool mobile-pool-v4: 10.10.10.0, 254 entries
Nov 28 22:34:13 fw-1A charon[61694]: 09[CFG] vici client 336 requests: load-pool
Nov 28 22:34:13 fw-1A charon[61694]: 09[CFG] updated vici pool mobile-userpool-1: 10.10.15.0, 254 entries
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] vici client 336 requests: load-pool
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] updated vici pool mobile-userpool-2: 10.10.10.0, 254 entries
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] vici client 336 requests: load-pool
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] updated vici pool mobile-userpool-3: 10.10.16.0, 254 entries
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] vici client 336 requests: get-conns
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] vici client 336 requests: load-conn
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]  conn bypass:
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   child bypasslan:
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_time = 3600
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_time = 3960
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_time = 360
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    updown = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    hostaccess = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    ipcomp = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mode = PASS
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    policies = 1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    policies_fwd_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    dpd_action = none
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    start_action = trap
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    close_action = none
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    reqid = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    tfc = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    priority = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    interface = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    if_id_in = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    if_id_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_in = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_in_sa = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_out = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    set_mark_in = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    set_mark_out = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    label = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    label_mode = system
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    inactivity = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    proposals = ESP:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/NO_EXT_SEQ, ESP:AES_CBC_128/AES_CBC_192/AES_CBC_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/HMAC_SHA1_96/AES_XCBC_96/NO_EXT_SEQ
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    local_ts = 192.168.131.0/24|/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    remote_ts = 192.168.131.0/24|/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    hw_offload = no
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    sha256_96 = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_df = 1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_ecn = 1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_dscp = out
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   version = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local_addrs = %any
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote_addrs = 127.0.0.1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local_port = 500
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote_port = 500
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   send_certreq = 1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   send_cert = CERT_SEND_IF_ASKED
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   ppk_id = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   ppk_required = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   mobike = 1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   aggressive = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dscp = 0x00
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   encap = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dpd_delay = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dpd_timeout = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   fragmentation = 2
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   childless = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   unique = UNIQUE_NO
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   keyingtries = 1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   reauth_time = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   rekey_time = 14400
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   over_time = 1440
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   rand_time = 1440
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   proposals = IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/3DES_CBC/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/HMAC_SHA1_96/AES_XCBC_96/AES_CMAC_96/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192/MODP_2048, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/PRF_AES128_XCBC/PRF_AES128_CMAC/PRF_HMAC_SHA1/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192/MODP_2048
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   if_id_in = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   if_id_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local:
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote:
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] updated vici connection: bypass
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG] vici client 336 requests: load-conn
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]  conn con3:
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   child con3:
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rekey_time = 38876
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    life_time = 43196
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rand_time = 4320
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rekey_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    life_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rand_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rekey_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    life_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rand_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    updown = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    hostaccess = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    ipcomp = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    mode = TUNNEL
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    policies = 1
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    policies_fwd_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    dpd_action = trap
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    start_action = trap
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    close_action = none
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    reqid = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    tfc = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    priority = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    interface = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    if_id_in = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    if_id_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    mark_in = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    mark_in_sa = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    mark_out = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    set_mark_in = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    set_mark_out = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    label = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    label_mode = system
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    inactivity = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_16_128/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_128/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    local_ts = 192.168.131.191/32|/0 192.168.131.177/32|/0 192.168.131.174/32|/0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    remote_ts = 172.16.3.0/24|/0 172.16.3.0/24|/0 172.16.3.0/24|/0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    hw_offload = no
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    sha256_96 = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    copy_df = 1
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    copy_ecn = 1
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    copy_dscp = out
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   version = 2
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   local_addrs = 197.214.xxx.yyy
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   remote_addrs = 105.27.113.66
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   local_port = 500
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   remote_port = 500
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   send_certreq = 1
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   send_cert = CERT_SEND_IF_ASKED
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   ppk_id = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   ppk_required = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   mobike = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   aggressive = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   dscp = 0x00
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   encap = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   dpd_delay = 10
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   dpd_timeout = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   fragmentation = 2
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   childless = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   unique = UNIQUE_REPLACE
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   keyingtries = 1
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   reauth_time = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   rekey_time = 77760
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   over_time = 8640
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   rand_time = 8640
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   proposals = IKE:AES_GCM_16_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   if_id_in = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   if_id_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   local:
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    class = pre-shared key
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    id = 197.214.xxx.yyy
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   remote:
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    class = pre-shared key
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    id = 192.168.0.2
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG] updated vici connection: con3
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG] vici client 336 requests: load-conn
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]  conn con4:
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   child con4:
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rekey_time = 38876
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    life_time = 43196
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rand_time = 4320
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rekey_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    life_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rand_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rekey_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    life_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    rand_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    updown = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    hostaccess = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    ipcomp = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    mode = TUNNEL
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    policies = 1
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    policies_fwd_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    dpd_action = trap
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    start_action = trap
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    close_action = none
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    reqid = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    tfc = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    priority = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    interface = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    if_id_in = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    if_id_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    mark_in = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    mark_in_sa = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    mark_out = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    set_mark_in = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    set_mark_out = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    label = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    label_mode = system
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    inactivity = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_16_128/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_128/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    local_ts = 192.168.131.191/32|/0 192.168.131.177/32|/0 192.168.131.174/32|/0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    remote_ts = 172.16.3.0/24|/0 172.16.3.0/24|/0 172.16.3.0/24|/0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    hw_offload = no
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    sha256_96 = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    copy_df = 1
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    copy_ecn = 1
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    copy_dscp = out
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   version = 2
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   local_addrs = 197.214.xxx.yyy
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   remote_addrs = 41.164.68.170
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   local_port = 500
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   remote_port = 500
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   send_certreq = 1
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   send_cert = CERT_SEND_IF_ASKED
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   ppk_id = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   ppk_required = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   mobike = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   aggressive = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   dscp = 0x00
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   encap = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   dpd_delay = 10
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   dpd_timeout = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   fragmentation = 2
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   childless = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   unique = UNIQUE_REPLACE
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   keyingtries = 1
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   reauth_time = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   rekey_time = 77760
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   over_time = 8640
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   rand_time = 8640
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   proposals = IKE:AES_GCM_16_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   if_id_in = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   if_id_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   local:
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    class = pre-shared key
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    id = 197.214.xxx.yyy
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]   remote:
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    class = pre-shared key
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG]    id = 41.164.68.170
Nov 28 22:34:13 fw-1A charon[61694]: 10[CFG] updated vici connection: con4
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] vici client 336 requests: load-conn
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]  conn con5:
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   child con5:
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_time = 3240
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_time = 3600
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_time = 360
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    updown = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    hostaccess = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    ipcomp = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mode = TUNNEL
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    policies = 1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    policies_fwd_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    dpd_action = trap
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    start_action = trap
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    close_action = none
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    reqid = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    tfc = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    priority = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    interface = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    if_id_in = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    if_id_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_in = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_in_sa = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_out = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    set_mark_in = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    set_mark_out = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    label = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    label_mode = system
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    inactivity = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    proposals = ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    local_ts = 192.168.152.0/29|/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    remote_ts = 192.168.0.0/24|/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    hw_offload = no
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    sha256_96 = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_df = 1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_ecn = 1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_dscp = out
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   version = 2
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local_addrs = 197.214.xxx.yyy
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote_addrs = 196.250.128.24
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local_port = 500
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote_port = 500
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   send_certreq = 1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   send_cert = CERT_SEND_IF_ASKED
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   ppk_id = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   ppk_required = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   mobike = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   aggressive = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dscp = 0x00
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   encap = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dpd_delay = 10
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dpd_timeout = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   fragmentation = 2
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   childless = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   unique = UNIQUE_REPLACE
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   keyingtries = 1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   reauth_time = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   rekey_time = 25920
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   over_time = 2880
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   rand_time = 2880
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   proposals = IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   if_id_in = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   if_id_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local:
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    class = pre-shared key
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    id = 197.214.xxx.yyy
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote:
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    class = pre-shared key
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    id = %any
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] updated vici connection: con5
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] vici client 336 requests: load-conn
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]  conn con-mobile:
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   child con-mobile:
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_time = 3240
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_time = 3600
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_time = 360
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    updown = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    hostaccess = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    ipcomp = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mode = TUNNEL
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    policies = 1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    policies_fwd_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    dpd_action = none
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    start_action = none
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    close_action = none
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    reqid = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    tfc = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    priority = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    interface = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    if_id_in = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    if_id_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_in = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_in_sa = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_out = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    set_mark_in = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    set_mark_out = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    label = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    label_mode = system
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    inactivity = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_192/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    local_ts = 192.168.152.0/29|/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    remote_ts = dynamic
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    hw_offload = no
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    sha256_96 = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_df = 1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_ecn = 1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_dscp = out
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   version = 2
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local_addrs = 197.214.xxx.yyy
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote_addrs = 0.0.0.0/0, ::/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local_port = 500
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote_port = 500
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   send_certreq = 1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   send_cert = CERT_ALWAYS_SEND
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   ppk_id = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   ppk_required = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   mobike = 1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   aggressive = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dscp = 0x00
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   encap = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dpd_delay = 10
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dpd_timeout = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   fragmentation = 2
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   childless = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   unique = UNIQUE_REPLACE
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   keyingtries = 1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   reauth_time = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   rekey_time = 25920
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   over_time = 2880
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   rand_time = 2880
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   proposals = IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   if_id_in = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   if_id_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local:
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    class = public key
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    id = fw.fast.za.net
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    cert = CN=fw.fast.za.net, C=ZA, ST=Western Cape, L=Cape Town, O=Abellard SS, OU=Hosting Services
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote:
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    eap-type = EAP_MSCHAPV2
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    class = EAP
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    eap_id = %any
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    id = %any
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] updated vici connection: con-mobile
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG] vici client 336 requests: load-conn
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]  conn con-mobile-userpool-1:
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   child con-mobile:
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    rekey_time = 3240
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    life_time = 3600
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    rand_time = 360
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    rekey_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    life_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    rand_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    rekey_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    life_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    rand_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    updown = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    hostaccess = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    ipcomp = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    mode = TUNNEL
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    policies = 1
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    policies_fwd_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    dpd_action = none
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    start_action = none
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    close_action = none
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    reqid = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    tfc = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    priority = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    interface = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    if_id_in = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    if_id_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    mark_in = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    mark_in_sa = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    mark_out = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    set_mark_in = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    set_mark_out = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    label = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    label_mode = system
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    inactivity = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_192/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    local_ts = 192.168.152.0/29|/0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    remote_ts = dynamic
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    hw_offload = no
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    sha256_96 = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    copy_df = 1
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    copy_ecn = 1
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    copy_dscp = out
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   version = 2
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   local_addrs = 197.214.xxx.yyy
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   remote_addrs = 0.0.0.0/0, ::/0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   local_port = 500
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   remote_port = 500
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   send_certreq = 1
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   send_cert = CERT_ALWAYS_SEND
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   ppk_id = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   ppk_required = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   mobike = 1
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   aggressive = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   dscp = 0x00
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   encap = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   dpd_delay = 10
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   dpd_timeout = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   fragmentation = 2
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   childless = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   unique = UNIQUE_REPLACE
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   keyingtries = 1
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   reauth_time = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   rekey_time = 25920
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   over_time = 2880
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   rand_time = 2880
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   proposals = IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   if_id_in = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   if_id_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   local:
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    class = public key
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    id = fw.fast.za.net
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    cert = CN=fw.fast.za.net, C=ZA, ST=Western Cape, L=Cape Town, O=Abellard SS, OU=Hosting Services
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]   remote:
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    eap-type = EAP_MSCHAPV2
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    class = EAP
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    eap_id = %any
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG]    id = reliance.compost
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG] updated vici connection: con-mobile-userpool-1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] vici client 336 requests: load-conn
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]  conn con-mobile-userpool-2:
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   child con-mobile:
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_time = 3240
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_time = 3600
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_time = 360
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rekey_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    life_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    rand_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    updown = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    hostaccess = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    ipcomp = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mode = TUNNEL
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    policies = 1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    policies_fwd_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    dpd_action = none
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    start_action = none
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    close_action = none
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    reqid = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    tfc = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    priority = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    interface = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    if_id_in = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    if_id_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_in = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_in_sa = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    mark_out = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    set_mark_in = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    set_mark_out = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    label = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    label_mode = system
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    inactivity = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_192/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    local_ts = 192.168.152.0/29|/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    remote_ts = dynamic
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    hw_offload = no
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    sha256_96 = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_df = 1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_ecn = 1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    copy_dscp = out
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   version = 2
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local_addrs = 197.214.xxx.yyy
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote_addrs = 0.0.0.0/0, ::/0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local_port = 500
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote_port = 500
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   send_certreq = 1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   send_cert = CERT_ALWAYS_SEND
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   ppk_id = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   ppk_required = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   mobike = 1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   aggressive = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dscp = 0x00
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   encap = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dpd_delay = 10
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   dpd_timeout = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   fragmentation = 2
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   childless = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   unique = UNIQUE_REPLACE
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   keyingtries = 1
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   reauth_time = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   rekey_time = 25920
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   over_time = 2880
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   rand_time = 2880
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   proposals = IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   if_id_in = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   if_id_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   local:
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    class = public key
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    id = fw.fast.za.net
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    cert = CN=fw.fast.za.net, C=ZA, ST=Western Cape, L=Cape Town, O=Abellard SS, OU=Hosting Services
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]   remote:
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    eap-type = EAP_MSCHAPV2
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    class = EAP
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    eap_id = %any
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG]    id = mac.pack
Nov 28 22:34:13 fw-1A charon[61694]: 12[CFG] updated vici connection: con-mobile-userpool-2
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG] vici client 336 requests: load-conn
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]  conn con-mobile-userpool-3:
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   child con-mobile:
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    rekey_time = 3240
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    life_time = 3600
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    rand_time = 360
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    rekey_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    life_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    rand_bytes = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    rekey_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    life_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    rand_packets = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    updown = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    hostaccess = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    ipcomp = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    mode = TUNNEL
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    policies = 1
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    policies_fwd_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    dpd_action = none
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    start_action = none
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    close_action = none
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    reqid = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    tfc = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    priority = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    interface = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    if_id_in = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    if_id_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    mark_in = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    mark_in_sa = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    mark_out = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    set_mark_in = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    set_mark_out = 0/0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    label = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    label_mode = system
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    inactivity = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    proposals = ESP:AES_GCM_16_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_12_256/MODP_2048/NO_EXT_SEQ, ESP:AES_GCM_8_256/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_192/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ, ESP:AES_CBC_128/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    local_ts = 192.168.152.0/29|/0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    remote_ts = dynamic
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    hw_offload = no
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    sha256_96 = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    copy_df = 1
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    copy_ecn = 1
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    copy_dscp = out
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   version = 2
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   local_addrs = 197.214.xxx.yyy
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   remote_addrs = 0.0.0.0/0, ::/0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   local_port = 500
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   remote_port = 500
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   send_certreq = 1
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   send_cert = CERT_ALWAYS_SEND
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   ppk_id = (null)
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   ppk_required = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   mobike = 1
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   aggressive = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   dscp = 0x00
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   encap = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   dpd_delay = 10
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   dpd_timeout = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   fragmentation = 2
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   childless = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   unique = UNIQUE_REPLACE
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   keyingtries = 1
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   reauth_time = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   rekey_time = 25920
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   over_time = 2880
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   rand_time = 2880
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   proposals = IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   if_id_in = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   if_id_out = 0
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   local:
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    class = public key
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    id = fw.fast.za.net
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    cert = CN=fw.fast.za.net, C=ZA, ST=Western Cape, L=Cape Town, O=Abellard SS, OU=Hosting Services
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]   remote:
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    eap-type = EAP_MSCHAPV2
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    class = EAP
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    eap_id = %any
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG]    id = greenway.farms
Nov 28 22:34:13 fw-1A charon[61694]: 06[CFG] updated vici connection: con-mobile-userpool-3
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG] vici client 336 requests: unload-conn
Nov 28 22:34:13 fw-1A charon[61694]: 05[CFG] vici client 336 disconnected
Nov 28 22:34:14 fw-1A charon[61694]: 05[KNL] creating acquire job for policy 197.214.xxx.yyy/32|/0 === 196.250.128.24/32|/0 with reqid {2}
Nov 28 22:34:14 fw-1A charon[61694]: 06[CFG] ignoring acquire for reqid 2, connection attempt pending
Nov 28 22:34:16 fw-1A charon[61694]: 05[CFG] vici client 337 connected
Nov 28 22:34:16 fw-1A charon[61694]: 14[CFG] vici client 337 registered for: list-sa
Nov 28 22:34:16 fw-1A charon[61694]: 14[CFG] vici client 337 requests: list-sas
Nov 28 22:34:16 fw-1A charon[61694]: 14[CFG] vici client 337 disconnected
Nov 28 22:34:20 fw-1A charon[61694]: 05[NET] <531> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (432 bytes)
Nov 28 22:34:20 fw-1A charon[61694]: 05[ENC] <531> parsed IKE_SA_INIT request 0 [ N(FRAG_SUP) N(NATD_D_IP) N(NATD_S_IP) No KE SA ]
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531> looking for an IKEv2 config for 197.214.xxx.yyy...196.250.128.24
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531>   candidate: 197.214.xxx.yyy...196.250.128.24, prio 3100
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531> found matching ike config: 197.214.xxx.yyy...196.250.128.24 with prio 3100
Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <531> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[4500]
Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <531> remote endpoint changed from 0.0.0.0 to 196.250.128.24[4500]
Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <531> 196.250.128.24 is initiating an IKE_SA
Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <531> IKE_SA (unnamed)[531] state change: CREATED => CONNECTING
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531> selecting proposal:
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531>   proposal matches
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531> configured proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531> selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <531> remote host is behind NAT
Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <531> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:34:20 fw-1A charon[61694]: 05[ENC] <531> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:34:20 fw-1A charon[61694]: 05[NET] <531> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (481 bytes)
Nov 28 22:34:20 fw-1A charon[61694]: 05[NET] <531> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (480 bytes)
Nov 28 22:34:20 fw-1A charon[61694]: 05[ENC] <531> parsed IKE_AUTH request 1 [ IDi AUTH N(INIT_CONTACT) SA TSi TSr ]
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531> looking for peer configs matching 197.214.xxx.yyy[%any]...196.250.128.24[20.0.0.100]
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531>   candidate "con5", match: 1/1/3100 (me/other/ike)
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <531>   candidate "con-mobile", match: 1/1/1052 (me/other/ike)
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531> selected peer config 'con5'
Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <con5|531> authentication of '20.0.0.100' with pre-shared key successful
Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <con5|531> authentication of '197.214.xxx.yyy' (myself) with pre-shared key
Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <con5|531> successfully created shared key MAC
Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <con5|531> IKE_SA con5[531] established between 197.214.xxx.yyy[197.214.xxx.yyy]...196.250.128.24[20.0.0.100]
Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <con5|531> IKE_SA con5[531] state change: CONNECTING => ESTABLISHED
Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <con5|531> scheduling rekeying in 24763s
Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <con5|531> maximum IKE_SA lifetime 27643s
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531> looking for a child config for 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531> proposing traffic selectors for us:
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531>  192.168.152.0/29|/0
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531> proposing traffic selectors for other:
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531>  192.168.0.0/24|/0
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531>   candidate "con5" with prio 5+5
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531> found matching child config "con5" with prio 10
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531> selecting proposal:
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531>   proposal matches
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531> received proposals: ESP:AES_CBC_256/AES_GCM_16_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531> configured proposals: ESP:AES_CBC_256/HMAC_SHA2_256_128/MODP_2048/NO_EXT_SEQ
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531> selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531> selecting traffic selectors for us:
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531>  config: 192.168.152.0/29|/0, received: 192.168.152.0/29|/0 => match: 192.168.152.0/29|/0
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531> selecting traffic selectors for other:
Nov 28 22:34:20 fw-1A charon[61694]: 05[CFG] <con5|531>  config: 192.168.0.0/24|/0, received: 192.168.0.0/24|/0 => match: 192.168.0.0/24|/0
Nov 28 22:34:20 fw-1A charon[61694]: 05[CHD] <con5|531> CHILD_SA con5{129} state change: CREATED => INSTALLING
Nov 28 22:34:20 fw-1A charon[61694]: 05[CHD] <con5|531>   using AES_CBC for encryption
Nov 28 22:34:20 fw-1A charon[61694]: 05[CHD] <con5|531>   using HMAC_SHA2_256_128 for integrity
Nov 28 22:34:20 fw-1A charon[61694]: 05[CHD] <con5|531> adding inbound ESP SA
Nov 28 22:34:20 fw-1A charon[61694]: 05[CHD] <con5|531>   SPI 0xcaa0a900, src 196.250.128.24 dst 197.214.xxx.yyy
Nov 28 22:34:20 fw-1A charon[61694]: 05[CHD] <con5|531> adding outbound ESP SA
Nov 28 22:34:20 fw-1A charon[61694]: 05[CHD] <con5|531>   SPI 0x03392f22, src 197.214.xxx.yyy dst 196.250.128.24
Nov 28 22:34:20 fw-1A charon[61694]: 05[IKE] <con5|531> CHILD_SA con5{129} established with SPIs caa0a900_i 03392f22_o and TS 192.168.152.0/29|/0 === 192.168.0.0/24|/0
Nov 28 22:34:20 fw-1A charon[61694]: 05[CHD] <con5|531> CHILD_SA con5{129} state change: INSTALLING => INSTALLED
Nov 28 22:34:20 fw-1A charon[61694]: 05[ENC] <con5|531> generating IKE_AUTH response 1 [ IDr AUTH N(ESP_TFC_PAD_N) SA TSi TSr ]
Nov 28 22:34:20 fw-1A charon[61694]: 05[NET] <con5|531> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (224 bytes)
Nov 28 22:34:21 fw-1A charon[61694]: 08[CFG] vici client 338 connected
Nov 28 22:34:21 fw-1A charon[61694]: 05[CFG] vici client 338 registered for: list-sa
Nov 28 22:34:21 fw-1A charon[61694]: 05[CFG] vici client 338 requests: list-sas
Nov 28 22:34:21 fw-1A charon[61694]: 15[CFG] vici client 338 disconnected
Nov 28 22:34:27 fw-1A charon[61694]: 07[CFG] vici client 339 connected
Nov 28 22:34:27 fw-1A charon[61694]: 11[CFG] vici client 339 registered for: list-sa
Nov 28 22:34:27 fw-1A charon[61694]: 11[CFG] vici client 339 requests: list-sas
Nov 28 22:34:27 fw-1A charon[61694]: 07[CFG] vici client 339 disconnected
Nov 28 22:34:32 fw-1A charon[61694]: 11[IKE] <con5|500> retransmit 5 of request with message ID 1
Nov 28 22:34:32 fw-1A charon[61694]: 11[NET] <con5|500> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (272 bytes)
Nov 28 22:34:32 fw-1A charon[61694]: 11[CFG] vici client 340 connected
Nov 28 22:34:32 fw-1A charon[61694]: 07[CFG] vici client 340 registered for: list-sa
Nov 28 22:34:32 fw-1A charon[61694]: 07[CFG] vici client 340 requests: list-sas
Nov 28 22:34:32 fw-1A charon[61694]: 13[CFG] vici client 340 disconnected
Nov 28 22:34:37 fw-1A charon[61694]: 13[CFG] vici client 341 connected
Nov 28 22:34:37 fw-1A charon[61694]: 09[CFG] vici client 341 registered for: list-sa
Nov 28 22:34:37 fw-1A charon[61694]: 09[CFG] vici client 341 requests: list-sas
Nov 28 22:34:37 fw-1A charon[61694]: 13[CFG] vici client 341 disconnected
Nov 28 22:34:42 fw-1A charon[61694]: 11[CFG] vici client 342 connected
Nov 28 22:34:42 fw-1A charon[61694]: 11[CFG] vici client 342 registered for: list-sa
Nov 28 22:34:42 fw-1A charon[61694]: 13[CFG] vici client 342 requests: list-sas
Nov 28 22:34:42 fw-1A charon[61694]: 13[CFG] vici client 342 disconnected
Nov 28 22:34:47 fw-1A charon[61694]: 13[CFG] vici client 343 connected
Nov 28 22:34:47 fw-1A charon[61694]: 10[CFG] vici client 343 registered for: list-sa
Nov 28 22:34:47 fw-1A charon[61694]: 10[CFG] vici client 343 requests: list-sas
Nov 28 22:34:47 fw-1A charon[61694]: 10[CFG] vici client 343 disconnected
Nov 28 22:34:47 fw-1A charon[61694]: 10[IKE] <con5|531> sending DPD request
Nov 28 22:34:47 fw-1A charon[61694]: 10[IKE] <con5|531> queueing IKE_DPD task
Nov 28 22:34:47 fw-1A charon[61694]: 10[IKE] <con5|531> activating new tasks
Nov 28 22:34:47 fw-1A charon[61694]: 10[IKE] <con5|531>   activating IKE_DPD task
Nov 28 22:34:47 fw-1A charon[61694]: 10[ENC] <con5|531> generating INFORMATIONAL request 0 [ ]
Nov 28 22:34:47 fw-1A charon[61694]: 10[NET] <con5|531> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:34:48 fw-1A charon[61694]: 10[NET] <con5|531> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (96 bytes)
Nov 28 22:34:48 fw-1A charon[61694]: 10[ENC] <con5|531> parsed INFORMATIONAL response 0 [ ]
Nov 28 22:34:48 fw-1A charon[61694]: 10[IKE] <con5|531> activating new tasks
Nov 28 22:34:48 fw-1A charon[61694]: 10[IKE] <con5|531> nothing to initiate
Nov 28 22:34:52 fw-1A charon[61694]: 12[CFG] vici client 344 connected
Nov 28 22:34:52 fw-1A charon[61694]: 16[CFG] vici client 344 registered for: list-sa
Nov 28 22:34:52 fw-1A charon[61694]: 12[CFG] vici client 344 requests: list-sas
Nov 28 22:34:52 fw-1A charon[61694]: 16[CFG] vici client 344 disconnected
Nov 28 22:34:57 fw-1A charon[61694]: 12[CFG] vici client 345 connected
Nov 28 22:34:57 fw-1A charon[61694]: 12[CFG] vici client 345 registered for: list-sa
Nov 28 22:34:57 fw-1A charon[61694]: 06[CFG] vici client 345 requests: list-sas
Nov 28 22:34:57 fw-1A charon[61694]: 12[CFG] vici client 345 disconnected
Nov 28 22:35:01 fw-1A charon[61694]: 14[NET] <532> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
Nov 28 22:35:01 fw-1A charon[61694]: 14[ENC] <532> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> found matching ike config: 197.214.xxx.yyy...0.0.0.0/0, ::/0 with prio 1052
Nov 28 22:35:01 fw-1A charon[61694]: 14[IKE] <532> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
Nov 28 22:35:01 fw-1A charon[61694]: 14[IKE] <532> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
Nov 28 22:35:01 fw-1A charon[61694]: 14[IKE] <532> 165.165.172.58 is initiating an IKE_SA
Nov 28 22:35:01 fw-1A charon[61694]: 14[IKE] <532> IKE_SA (unnamed)[532] state change: CREATED => CONNECTING
Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> selecting proposal:
Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> selecting proposal:
Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> selecting proposal:
Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532>   proposal matches
Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> received supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> sending supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:35:01 fw-1A charon[61694]: 14[IKE] <532> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:35:01 fw-1A charon[61694]: 14[ENC] <532> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:35:01 fw-1A charon[61694]: 14[NET] <532> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
Nov 28 22:35:01 fw-1A charon[61694]: 14[NET] <532> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
Nov 28 22:35:01 fw-1A charon[61694]: 14[ENC] <532> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
Nov 28 22:35:01 fw-1A charon[61694]: 14[CFG] <532> no matching peer config found
Nov 28 22:35:01 fw-1A charon[61694]: 14[ENC] <532> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
Nov 28 22:35:01 fw-1A charon[61694]: 14[NET] <532> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
Nov 28 22:35:01 fw-1A charon[61694]: 14[IKE] <532> IKE_SA (unnamed)[532] state change: CONNECTING => DESTROYING
Nov 28 22:35:02 fw-1A charon[61694]: 06[CFG] vici client 346 connected
Nov 28 22:35:02 fw-1A charon[61694]: 14[CFG] vici client 346 registered for: list-sa
Nov 28 22:35:02 fw-1A charon[61694]: 06[CFG] vici client 346 requests: list-sas
Nov 28 22:35:02 fw-1A charon[61694]: 08[CFG] vici client 346 disconnected
Nov 28 22:35:07 fw-1A charon[61694]: 08[CFG] vici client 347 connected
Nov 28 22:35:07 fw-1A charon[61694]: 05[CFG] vici client 347 registered for: list-sa
Nov 28 22:35:07 fw-1A charon[61694]: 05[CFG] vici client 347 requests: list-sas
Nov 28 22:35:07 fw-1A charon[61694]: 08[CFG] vici client 347 disconnected
Nov 28 22:35:12 fw-1A charon[61694]: 08[CFG] vici client 348 connected
Nov 28 22:35:12 fw-1A charon[61694]: 15[CFG] vici client 348 registered for: list-sa
Nov 28 22:35:12 fw-1A charon[61694]: 06[CFG] vici client 348 requests: list-sas
Nov 28 22:35:12 fw-1A charon[61694]: 08[CFG] vici client 348 disconnected
Nov 28 22:35:17 fw-1A charon[61694]: 08[CFG] vici client 349 connected
Nov 28 22:35:17 fw-1A charon[61694]: 09[CFG] vici client 349 registered for: list-sa
Nov 28 22:35:17 fw-1A charon[61694]: 09[CFG] vici client 349 requests: list-sas
Nov 28 22:35:17 fw-1A charon[61694]: 09[CFG] vici client 349 disconnected
Nov 28 22:35:22 fw-1A charon[61694]: 06[CFG] vici client 350 connected
Nov 28 22:35:22 fw-1A charon[61694]: 07[CFG] vici client 350 registered for: list-sa
Nov 28 22:35:22 fw-1A charon[61694]: 06[CFG] vici client 350 requests: list-sas
Nov 28 22:35:22 fw-1A charon[61694]: 09[CFG] vici client 350 disconnected
Nov 28 22:35:27 fw-1A charon[61694]: 06[CFG] vici client 351 connected
Nov 28 22:35:27 fw-1A charon[61694]: 11[CFG] vici client 351 registered for: list-sa
Nov 28 22:35:27 fw-1A charon[61694]: 11[CFG] vici client 351 requests: list-sas
Nov 28 22:35:27 fw-1A charon[61694]: 11[CFG] vici client 351 disconnected
Nov 28 22:35:32 fw-1A charon[61694]: 06[CFG] vici client 352 connected
Nov 28 22:35:32 fw-1A charon[61694]: 06[CFG] vici client 352 registered for: list-sa
Nov 28 22:35:32 fw-1A charon[61694]: 13[CFG] vici client 352 requests: list-sas
Nov 28 22:35:32 fw-1A charon[61694]: 11[CFG] vici client 352 disconnected
Nov 28 22:35:37 fw-1A charon[61694]: 11[CFG] vici client 353 connected
Nov 28 22:35:37 fw-1A charon[61694]: 10[CFG] vici client 353 registered for: list-sa
Nov 28 22:35:37 fw-1A charon[61694]: 11[CFG] vici client 353 requests: list-sas
Nov 28 22:35:37 fw-1A charon[61694]: 10[CFG] vici client 353 disconnected
Nov 28 22:35:43 fw-1A charon[61694]: 11[CFG] vici client 354 connected
Nov 28 22:35:43 fw-1A charon[61694]: 11[CFG] vici client 354 registered for: list-sa
Nov 28 22:35:43 fw-1A charon[61694]: 16[CFG] vici client 354 requests: list-sas
Nov 28 22:35:43 fw-1A charon[61694]: 16[CFG] vici client 354 disconnected
Nov 28 22:35:47 fw-1A charon[61694]: 16[IKE] <con5|500> giving up after 5 retransmits
Nov 28 22:35:47 fw-1A charon[61694]: 16[IKE] <con5|500> establishing IKE_SA failed, peer not responding
Nov 28 22:35:47 fw-1A charon[61694]: 16[IKE] <con5|500> IKE_SA con5[500] state change: CONNECTING => DESTROYING
Nov 28 22:35:47 fw-1A charon[61694]: 16[CHD] <con5|500> CHILD_SA con5{100} state change: CREATED => DESTROYING
Nov 28 22:35:47 fw-1A charon[61694]: 16[KNL] <con5|500> unable to delete SAD entry with SPI cd555938: No such process (3)
Nov 28 22:35:48 fw-1A charon[61694]: 12[CFG] vici client 355 connected
Nov 28 22:35:48 fw-1A charon[61694]: 11[CFG] vici client 355 registered for: list-sa
Nov 28 22:35:48 fw-1A charon[61694]: 11[CFG] vici client 355 requests: list-sas
Nov 28 22:35:48 fw-1A charon[61694]: 11[CFG] vici client 355 disconnected
Nov 28 22:35:53 fw-1A charon[61694]: 14[CFG] vici client 356 connected
Nov 28 22:35:53 fw-1A charon[61694]: 12[CFG] vici client 356 registered for: list-sa
Nov 28 22:35:53 fw-1A charon[61694]: 12[CFG] vici client 356 requests: list-sas
Nov 28 22:35:53 fw-1A charon[61694]: 14[CFG] vici client 356 disconnected
Nov 28 22:35:58 fw-1A charon[61694]: 05[CFG] vici client 357 connected
Nov 28 22:35:58 fw-1A charon[61694]: 14[CFG] vici client 357 registered for: list-sa
Nov 28 22:35:58 fw-1A charon[61694]: 14[CFG] vici client 357 requests: list-sas
Nov 28 22:35:58 fw-1A charon[61694]: 14[CFG] vici client 357 disconnected
Nov 28 22:35:58 fw-1A charon[61694]: 05[IKE] <con5|531> sending DPD request
Nov 28 22:35:58 fw-1A charon[61694]: 05[IKE] <con5|531> queueing IKE_DPD task
Nov 28 22:35:58 fw-1A charon[61694]: 05[IKE] <con5|531> activating new tasks
Nov 28 22:35:58 fw-1A charon[61694]: 05[IKE] <con5|531>   activating IKE_DPD task
Nov 28 22:35:58 fw-1A charon[61694]: 05[ENC] <con5|531> generating INFORMATIONAL request 1 [ ]
Nov 28 22:35:58 fw-1A charon[61694]: 05[NET] <con5|531> sending packet: from 197.214.xxx.yyy[4500] to 196.250.128.24[4500] (80 bytes)
Nov 28 22:35:58 fw-1A charon[61694]: 05[NET] <con5|531> received packet: from 196.250.128.24[4500] to 197.214.xxx.yyy[4500] (112 bytes)
Nov 28 22:35:58 fw-1A charon[61694]: 05[ENC] <con5|531> parsed INFORMATIONAL response 1 [ ]
Nov 28 22:35:58 fw-1A charon[61694]: 05[IKE] <con5|531> activating new tasks
Nov 28 22:35:58 fw-1A charon[61694]: 05[IKE] <con5|531> nothing to initiate
Nov 28 22:36:01 fw-1A charon[61694]: 15[NET] <533> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (1128 bytes)
Nov 28 22:36:01 fw-1A charon[61694]: 15[ENC] <533> parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> looking for an IKEv2 config for 197.214.xxx.yyy...165.165.172.58
Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533>   candidate: 197.214.xxx.yyy...0.0.0.0/0, ::/0, prio 1052
Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> found matching ike config: 197.214.xxx.yyy...0.0.0.0/0, ::/0 with prio 1052
Nov 28 22:36:01 fw-1A charon[61694]: 15[IKE] <533> local endpoint changed from 0.0.0.0[500] to 197.214.xxx.yyy[500]
Nov 28 22:36:01 fw-1A charon[61694]: 15[IKE] <533> remote endpoint changed from 0.0.0.0 to 165.165.172.58[500]
Nov 28 22:36:01 fw-1A charon[61694]: 15[IKE] <533> 165.165.172.58 is initiating an IKE_SA
Nov 28 22:36:01 fw-1A charon[61694]: 15[IKE] <533> IKE_SA (unnamed)[533] state change: CREATED => CONNECTING
Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> selecting proposal:
Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> selecting proposal:
Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533>   no acceptable ENCRYPTION_ALGORITHM found
Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> selecting proposal:
Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533>   proposal matches
Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> received proposals: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_128/AES_CBC_192/AES_CBC_256/AES_CTR_128/AES_CTR_192/AES_CTR_256/CAMELLIA_CBC_128/CAMELLIA_CBC_192/CAMELLIA_CBC_256/CAMELLIA_CTR_128/CAMELLIA_CTR_192/CAMELLIA_CTR_256/HMAC_SHA2_256_128/HMAC_SHA2_384_192/HMAC_SHA2_512_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192, IKE:AES_GCM_16_128/AES_GCM_16_192/AES_GCM_16_256/AES_CCM_16_128/AES_CCM_16_192/AES_CCM_16_256/CHACHA20_POLY1305/AES_GCM_12_128/AES_GCM_12_192/AES_GCM_12_256/AES_GCM_8_128/AES_GCM_8_192/AES_GCM_8_256/AES_CCM_12_128/AES_CCM_12_192/AES_CCM_12_256/AES_CCM_8_128/AES_CCM_8_192/AES_CCM_8_256/PRF_HMAC_SHA2_256/PRF_HMAC_SHA2_384/PRF_HMAC_SHA2_512/MODP_2048/ECP_256/ECP_384/ECP_521/ECP_256_BP/ECP_384_BP/ECP_512_BP/CURVE_25519/CURVE_448/MODP_3072/MODP_4096/MODP_6144/MODP_8192
Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> configured proposals: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048, IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> selected proposal: IKE:AES_GCM_16_256/PRF_HMAC_SHA2_256/MODP_2048
Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> received supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> sending supported signature hash algorithms: sha256 sha384 sha512 identity
Nov 28 22:36:01 fw-1A charon[61694]: 15[IKE] <533> sending cert request for "CN=Fastnet-CA-2, C=ZA, O=Abellard SS"
Nov 28 22:36:01 fw-1A charon[61694]: 15[ENC] <533> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
Nov 28 22:36:01 fw-1A charon[61694]: 15[NET] <533> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (489 bytes)
Nov 28 22:36:01 fw-1A charon[61694]: 15[NET] <533> received packet: from 165.165.172.58[500] to 197.214.xxx.yyy[500] (373 bytes)
Nov 28 22:36:01 fw-1A charon[61694]: 15[ENC] <533> parsed IKE_AUTH request 1 [ IDi IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> looking for peer configs matching 197.214.xxx.yyy[197.214.xxx.yyy]...165.165.172.58[165.165.172.58]
Nov 28 22:36:01 fw-1A charon[61694]: 15[CFG] <533> no matching peer config found
Nov 28 22:36:01 fw-1A charon[61694]: 15[ENC] <533> generating IKE_AUTH response 1 [ N(AUTH_FAILED) ]
Nov 28 22:36:01 fw-1A charon[61694]: 15[NET] <533> sending packet: from 197.214.xxx.yyy[500] to 165.165.172.58[500] (65 bytes)
Nov 28 22:36:01 fw-1A charon[61694]: 15[IKE] <533> IKE_SA (unnamed)[533] state change: CONNECTING => DESTROYING
Nov 28 22:36:03 fw-1A charon[61694]: 05[CFG] vici client 358 connected
Nov 28 22:36:03 fw-1A charon[61694]: 05[CFG] vici client 358 registered for: list-sa
Nov 28 22:36:03 fw-1A charon[61694]: 15[CFG] vici client 358 requests: list-sas
Nov 28 22:36:03 fw-1A charon[61694]: 08[CFG] vici client 358 disconnected
Nov 28 22:36:08 fw-1A charon[61694]: 15[CFG] vici client 359 connected
Nov 28 22:36:08 fw-1A charon[61694]: 08[CFG] vici client 359 registered for: list-sa
Nov 28 22:36:08 fw-1A charon[61694]: 15[CFG] vici client 359 requests: list-sas
Nov 28 22:36:08 fw-1A charon[61694]: 15[CFG] vici client 359 disconnected
Nov 28 22:36:13 fw-1A charon[61694]: 09[CFG] vici client 360 connected
Nov 28 22:36:13 fw-1A charon[61694]: 09[CFG] vici client 360 registered for: list-sa
Nov 28 22:36:13 fw-1A charon[61694]: 09[CFG] vici client 360 requests: list-sas
Nov 28 22:36:13 fw-1A charon[61694]: 07[CFG] vici client 360 disconnected
Nov 28 22:36:16 fw-1A charon[61694]: 09[CFG] vici client 361 connected
Nov 28 22:36:16 fw-1A charon[61694]: 07[CFG] vici client 361 registered for: list-sa
Nov 28 22:36:16 fw-1A charon[61694]: 09[CFG] vici client 361 requests: list-sas
Nov 28 22:36:16 fw-1A charon[61694]: 06[CFG] vici client 361 disconnected
Nov 28 22:36:18 fw-1A charon[61694]: 09[CFG] vici client 362 connected
Nov 28 22:36:18 fw-1A charon[61694]: 06[CFG] vici client 362 registered for: list-sa
Nov 28 22:36:18 fw-1A charon[61694]: 09[CFG] vici client 362 requests: list-sas
Nov 28 22:36:18 fw-1A charon[61694]: 09[CFG] vici client 362 disconnected
Nov 28 22:36:23 fw-1A charon[61694]: 10[CFG] vici client 363 connected
Nov 28 22:36:23 fw-1A charon[61694]: 09[CFG] vici client 363 registered for: list-sa
Nov 28 22:36:23 fw-1A charon[61694]: 09[CFG] vici client 363 requests: list-sas
Nov 28 22:36:23 fw-1A charon[61694]: 10[CFG] vici client 363 disconnected