IKEv2 / transport is not working in 2.2.4

kennylam

Same setting of transport mode works fine in IKEv1, but not in IKEv2. However the tunnel mode is working in the same IKEv2 Phase 1 settings.

Testing enviroment:
LAN to LAN,
192.168.1.1 <-transport-> 192.168.2.1

–----------------------
Aug 20 00:05:46 charon: 12[NET] <con1|8>sending packet: from 192.168.1.1[4500] to 192.168.2.1[4500] (76 bytes)
Aug 20 00:05:51 charon: 12[NET] <con1|8>received packet: from 192.168.2.1[4500] to 192.168.1.1[4500] (544 bytes)
Aug 20 00:05:51 charon: 12[ENC] <con1|8>parsed CREATE_CHILD_SA request 19 [ EF(1/3) ]
Aug 20 00:05:51 charon: 12[ENC] <con1|8>received fragment #1 of 3, waiting for complete IKE message
Aug 20 00:05:51 charon: 16[NET] <con1|8>received packet: from 192.168.2.1[4500] to 192.168.1.1[4500] (144 bytes)
Aug 20 00:05:51 charon: 16[ENC] <con1|8>parsed CREATE_CHILD_SA request 19 [ EF(3/3) ]
Aug 20 00:05:51 charon: 16[ENC] <con1|8>received fragment #3 of 3, waiting for complete IKE message
Aug 20 00:05:51 charon: 08[NET] <con1|8>received packet: from 192.168.2.1[4500] to 192.168.1.1[4500] (544 bytes)
Aug 20 00:05:51 charon: 08[ENC] <con1|8>parsed CREATE_CHILD_SA request 19 [ EF(2/3) ]
Aug 20 00:05:51 charon: 08[ENC] <con1|8>received fragment #2 of 3, reassembling fragmented IKE message
Aug 20 00:05:51 charon: 08[ENC] <con1|8>parsed CREATE_CHILD_SA request 19 [ N(USE_TRANSP) N(ESP_TFC_PAD_N) SA No TSi TSr ]
Aug 20 00:05:51 charon: 08[IKE] <con1|8>received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding
Aug 20 00:05:51 charon: 08[IKE] <con1|8>received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding
Aug 20 00:05:51 charon: 08[IKE] <con1|8>traffic selectors 192.168.1.1/32|/0 192.168.1.1/32|/0 === 192.168.2.1/32|/0 192.168.2.1/32|/0 inacceptable
Aug 20 00:05:51 charon: 08[IKE] <con1|8>traffic selectors 192.168.1.1/32|/0 192.168.1.1/32|/0 === 192.168.2.1/32|/0 192.168.2.1/32|/0 inacceptable
Aug 20 00:05:51 charon: 08[IKE] <con1|8>failed to establish CHILD_SA, keeping IKE_SA
Aug 20 00:05:51 charon: 08[IKE] <con1|8>failed to establish CHILD_SA, keeping IKE_SA
Aug 20 00:05:51 charon: 08[ENC] <con1|8>generating CREATE_CHILD_SA response 19 [ N(TS_UNACCEPT) ]
–----------------------</con1|8></con1|8></con1|8></con1|8></con1|8></con1|8></con1|8></con1|8></con1|8></con1|8></con1|8></con1|8></con1|8></con1|8></con1|8></con1|8></con1|8></con1|8>