Jun 17 11:22:36 localhost pluto[2117]: "ikev2-cp": IKE SA proposals:
Jun 17 11:22:36 localhost pluto[2117]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 11:22:36 localhost pluto[2117]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 11:22:36 localhost pluto[2117]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 11:22:36 localhost pluto[2117]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 11:22:36 localhost pluto[2117]: "ikev2-cp": Child SA proposals:
Jun 17 11:22:36 localhost pluto[2117]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 17 11:22:36 localhost pluto[2117]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 17 11:22:36 localhost pluto[2117]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 17 11:22:36 localhost pluto[2117]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 17 11:22:36 localhost pluto[2117]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 17 11:22:36 localhost pluto[2117]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 17 11:22:36 localhost pluto[2117]: "ikev2-cp": added IKEv2 connection
Jun 17 11:22:50 localhost pluto[2353]: "ikev2-cp": IKE SA proposals:
Jun 17 11:22:50 localhost pluto[2353]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 11:22:50 localhost pluto[2353]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 11:22:50 localhost pluto[2353]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 11:22:50 localhost pluto[2353]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 11:22:50 localhost pluto[2353]: "ikev2-cp": Child SA proposals:
Jun 17 11:22:50 localhost pluto[2353]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 17 11:22:50 localhost pluto[2353]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 17 11:22:50 localhost pluto[2353]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 17 11:22:50 localhost pluto[2353]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 17 11:22:50 localhost pluto[2353]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 17 11:22:50 localhost pluto[2353]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 17 11:22:50 localhost pluto[2353]: "ikev2-cp": added IKEv2 connection
Jun 17 12:06:21 localhost pluto[2843]: "ikev2-cp": IKE SA proposals:
Jun 17 12:06:21 localhost pluto[2843]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 12:06:21 localhost pluto[2843]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 12:06:21 localhost pluto[2843]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 12:06:21 localhost pluto[2843]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 12:06:21 localhost pluto[2843]: "ikev2-cp": Child SA proposals:
Jun 17 12:06:21 localhost pluto[2843]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 17 12:06:21 localhost pluto[2843]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 17 12:06:21 localhost pluto[2843]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 17 12:06:21 localhost pluto[2843]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 17 12:06:21 localhost pluto[2843]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 17 12:06:21 localhost pluto[2843]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 17 12:06:21 localhost pluto[2843]: "ikev2-cp": added IKEv2 connection
Jun 17 12:20:59 localhost sudo:    hckao : TTY=pts/0 ; PWD=/home/hckao ; USER=root ; COMMAND=/bin/cp /etc/ipsec.d/ikev2.conf /var/www/html/x96/ikev2.conf.org
Jun 17 12:21:17 localhost sudo:    hckao : TTY=pts/0 ; PWD=/home/hckao ; USER=root ; COMMAND=/bin/chmod 755 /var/www/html/x96/ikev2.conf.org
Jun 17 12:36:02 localhost sudo:    hckao : TTY=pts/0 ; PWD=/etc ; USER=root ; COMMAND=/bin/chmod 755 /var/www/html/x96/authlog.txt /var/www/html/x96/crontab.txt /var/www/html/x96/hosts.allow.txt /var/www/html/x96/hosts.deny.txt /var/www/html/x96/ikev2.conf.org /var/www/html/x96/instr.txt /var/www/html/x96/IOS用戶端安裝注意事項.txt /var/www/html/x96/ipsec.conf.org.txt /var/www/html/x96/iptables.rules.20220617.org.txt /var/www/html/x96/iptables.rules.edit.txt /var/www/html/x96/iptables.rules.org.txt /var/www/html/x96/syslog.txt /var/www/html/x96/vpn.sh.txt /var/www/html/x96/x96mini新機安裝vpn紀錄.txt /var/www/html/x96/xl2tpd.conf.old-2022-06-16-13_38_54.org.txt /var/www/html/x96/xl2tpd.conf.org.txt /var/www/html/x96/中文環境設定.txt /var/www/html/x96/安裝vpn時的小注意事項.txt
Jun 17 13:14:59 localhost pluto[2131]: "ikev2-cp": IKE SA proposals:
Jun 17 13:14:59 localhost pluto[2131]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 13:14:59 localhost pluto[2131]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 13:14:59 localhost pluto[2131]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 13:14:59 localhost pluto[2131]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 13:14:59 localhost pluto[2131]: "ikev2-cp": Child SA proposals:
Jun 17 13:14:59 localhost pluto[2131]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 17 13:14:59 localhost pluto[2131]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 17 13:14:59 localhost pluto[2131]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 17 13:14:59 localhost pluto[2131]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 17 13:14:59 localhost pluto[2131]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 17 13:15:00 localhost pluto[2131]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 17 13:15:00 localhost pluto[2131]: "ikev2-cp": added IKEv2 connection
Jun 17 13:15:13 localhost pluto[2366]: "ikev2-cp": IKE SA proposals:
Jun 17 13:15:13 localhost pluto[2366]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 13:15:13 localhost pluto[2366]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 13:15:13 localhost pluto[2366]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 13:15:13 localhost pluto[2366]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 13:15:13 localhost pluto[2366]: "ikev2-cp": Child SA proposals:
Jun 17 13:15:13 localhost pluto[2366]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 17 13:15:13 localhost pluto[2366]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 17 13:15:13 localhost pluto[2366]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 17 13:15:13 localhost pluto[2366]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 17 13:15:13 localhost pluto[2366]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 17 13:15:14 localhost pluto[2366]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 17 13:15:14 localhost pluto[2366]: "ikev2-cp": added IKEv2 connection
Jun 17 13:40:16 localhost pluto[2851]: "ikev2-cp": IKE SA proposals:
Jun 17 13:40:16 localhost pluto[2851]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 13:40:16 localhost pluto[2851]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 13:40:16 localhost pluto[2851]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 13:40:16 localhost pluto[2851]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 13:40:16 localhost pluto[2851]: "ikev2-cp": Child SA proposals:
Jun 17 13:40:16 localhost pluto[2851]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 17 13:40:16 localhost pluto[2851]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 17 13:40:16 localhost pluto[2851]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 17 13:40:16 localhost pluto[2851]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 17 13:40:16 localhost pluto[2851]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 17 13:40:16 localhost pluto[2851]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 17 13:40:16 localhost pluto[2851]: "ikev2-cp": added IKEv2 connection
Jun 17 13:49:56 localhost sudo:    hckao : TTY=pts/0 ; PWD=/home/hckao ; USER=root ; COMMAND=/bin/cp /etc/ipsec.d/ikev2.conf /var/www/html/x96/ikev2.conf.now.txt
Jun 17 13:50:10 localhost sudo:    hckao : TTY=pts/0 ; PWD=/home/hckao ; USER=root ; COMMAND=/bin/chmod 755 /var/www/html/x96/ikev2.conf.now.txt
Jun 17 14:39:24 localhost pluto[3341]: "ikev2-cp": IKE SA proposals:
Jun 17 14:39:24 localhost pluto[3341]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 14:39:24 localhost pluto[3341]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 14:39:24 localhost pluto[3341]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 14:39:24 localhost pluto[3341]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 14:39:24 localhost pluto[3341]: "ikev2-cp": Child SA proposals:
Jun 17 14:39:24 localhost pluto[3341]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 17 14:39:24 localhost pluto[3341]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 17 14:39:24 localhost pluto[3341]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 17 14:39:24 localhost pluto[3341]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 17 14:39:24 localhost pluto[3341]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 17 14:39:24 localhost pluto[3341]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 17 14:39:24 localhost pluto[3341]: "ikev2-cp": added IKEv2 connection
Jun 17 16:47:41 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #1: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048[first-match]
Jun 17 16:47:41 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #1: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
Jun 17 16:47:41 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #1: processing decrypted IKE_AUTH request: SK{IDi,CERT,N(INITIAL_CONTACT),IDr,AUTH,CP,N(ESP_TFC_PADDING_NOT_SUPPORTED),N(NON_FIRST_FRAGMENTS_ALSO),SA,TSi,TSr,N(MOBIKE_SUPPORTED)}
Jun 17 16:47:41 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #1: reloaded private key matching left certificate 'x96.ddns.net'
Jun 17 16:47:41 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #1: responder established IKE SA; authenticated using PKCS#1 1.5 RSA with SHA1 and peer certificate 'CN=vpnclient, O=IKEv2 VPN' issued by CA 'CN=IKEv2 VPN CA, O=IKEv2 VPN'
Jun 17 16:47:42 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #2: proposal 1:ESP=AES_GCM_C_128-DISABLED SPI=0edc08db chosen from remote proposals 1:ESP:ENCR=AES_GCM_C_128;ESN=DISABLED[first-match]
Jun 17 16:47:42 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #2: responder established Child SA using #1; IPsec tunnel [0.0.0.0-255.255.255.255:0-65535 0] -> [192.168.9.82-192.168.9.82:0-65535 0] {ESPinUDP=>0x0edc08db <0x7b7a360a xfrm=AES_GCM_16_128-NONE NATD=223.137.157.240:49230 DPD=active}
Jun 17 16:57:09 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 17 16:59:09 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 17 16:59:39 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 17 16:59:40 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 1 seconds for response
Jun 17 17:01:30 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 17 17:01:30 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 1 seconds for response
Jun 17 17:02:01 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 17 17:02:42 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 17 17:02:43 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 1 seconds for response
Jun 17 17:03:14 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 17 17:03:44 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 17 17:03:45 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 1 seconds for response
Jun 17 17:04:45 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 17 17:04:46 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 1 seconds for response
Jun 17 17:05:17 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 17 17:07:02 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 17 17:07:03 localhost pluto[3341]: "ikev2-cp"[1] 223.137.157.240 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 1 seconds for response
Jun 17 17:11:43 localhost pluto[2020]: "ikev2-cp": IKE SA proposals:
Jun 17 17:11:43 localhost pluto[2020]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 17:11:43 localhost pluto[2020]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 17:11:43 localhost pluto[2020]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 17:11:43 localhost pluto[2020]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 17:11:43 localhost pluto[2020]: "ikev2-cp": Child SA proposals:
Jun 17 17:11:43 localhost pluto[2020]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 17 17:11:43 localhost pluto[2020]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 17 17:11:43 localhost pluto[2020]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 17 17:11:43 localhost pluto[2020]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 17 17:11:43 localhost pluto[2020]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 17 17:11:43 localhost pluto[2020]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 17 17:11:43 localhost pluto[2020]: "ikev2-cp": added IKEv2 connection
Jun 17 17:11:58 localhost pluto[2606]: "ikev2-cp": IKE SA proposals:
Jun 17 17:11:58 localhost pluto[2606]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 17:11:58 localhost pluto[2606]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 17:11:58 localhost pluto[2606]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 17:11:58 localhost pluto[2606]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 17:11:58 localhost pluto[2606]: "ikev2-cp": Child SA proposals:
Jun 17 17:11:58 localhost pluto[2606]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 17 17:11:58 localhost pluto[2606]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 17 17:11:58 localhost pluto[2606]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 17 17:11:58 localhost pluto[2606]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 17 17:11:58 localhost pluto[2606]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 17 17:11:58 localhost pluto[2606]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 17 17:11:58 localhost pluto[2606]: "ikev2-cp": added IKEv2 connection
Jun 17 17:12:43 localhost pluto[2825]: "ikev2-cp": IKE SA proposals:
Jun 17 17:12:43 localhost pluto[2825]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 17:12:43 localhost pluto[2825]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 17:12:43 localhost pluto[2825]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 17:12:43 localhost pluto[2825]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 17:12:43 localhost pluto[2825]: "ikev2-cp": Child SA proposals:
Jun 17 17:12:43 localhost pluto[2825]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 17 17:12:43 localhost pluto[2825]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 17 17:12:43 localhost pluto[2825]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 17 17:12:43 localhost pluto[2825]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 17 17:12:43 localhost pluto[2825]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 17 17:12:43 localhost pluto[2825]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 17 17:12:43 localhost pluto[2825]: "ikev2-cp": added IKEv2 connection
Jun 17 17:13:38 localhost pluto[2825]: "ikev2-cp"[1] 223.137.157.240 #1: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048[first-match]
Jun 17 17:13:38 localhost pluto[2825]: "ikev2-cp"[1] 223.137.157.240 #1: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
Jun 17 17:13:38 localhost pluto[2825]: "ikev2-cp"[1] 223.137.157.240 #1: processing decrypted IKE_AUTH request: SK{IDi,CERT,N(INITIAL_CONTACT),IDr,AUTH,CP,N(ESP_TFC_PADDING_NOT_SUPPORTED),N(NON_FIRST_FRAGMENTS_ALSO),SA,TSi,TSr,N(MOBIKE_SUPPORTED)}
Jun 17 17:13:38 localhost pluto[2825]: "ikev2-cp"[1] 223.137.157.240 #1: reloaded private key matching left certificate 'x96.ddns.net'
Jun 17 17:13:38 localhost pluto[2825]: "ikev2-cp"[1] 223.137.157.240 #1: responder established IKE SA; authenticated using PKCS#1 1.5 RSA with SHA1 and peer certificate 'CN=vpnclient, O=IKEv2 VPN' issued by CA 'CN=IKEv2 VPN CA, O=IKEv2 VPN'
Jun 17 17:13:38 localhost pluto[2825]: "ikev2-cp"[1] 223.137.157.240 #2: proposal 1:ESP=AES_GCM_C_128-DISABLED SPI=04b5c933 chosen from remote proposals 1:ESP:ENCR=AES_GCM_C_128;ESN=DISABLED[first-match]
Jun 17 17:13:38 localhost pluto[2825]: "ikev2-cp"[1] 223.137.157.240 #2: responder established Child SA using #1; IPsec tunnel [0.0.0.0-255.255.255.255:0-65535 0] -> [192.168.9.82-192.168.9.82:0-65535 0] {ESPinUDP=>0x04b5c933 <0x38e348ef xfrm=AES_GCM_16_128-NONE NATD=223.137.157.240:49230 DPD=active}
Jun 17 17:24:06 localhost pluto[2825]: "ikev2-cp"[1] 223.137.157.240 #2: ESP traffic information: in=7MB out=148MB
Jun 17 17:24:06 localhost pluto[2825]: "ikev2-cp"[1] 223.137.157.240 #1: deleting state (STATE_V2_ESTABLISHED_IKE_SA) aged 628.642066s and NOT sending notification
Jun 17 17:24:06 localhost pluto[2825]: "ikev2-cp"[1] 223.137.157.240: deleting connection instance with peer 223.137.157.240 {isakmp=#0/ipsec=#0}
Jun 17 18:11:51 localhost pluto[3338]: "ikev2-cp": IKE SA proposals:
Jun 17 18:11:51 localhost pluto[3338]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 18:11:51 localhost pluto[3338]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 18:11:51 localhost pluto[3338]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 18:11:51 localhost pluto[3338]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 17 18:11:51 localhost pluto[3338]: "ikev2-cp": Child SA proposals:
Jun 17 18:11:51 localhost pluto[3338]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 17 18:11:51 localhost pluto[3338]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 17 18:11:51 localhost pluto[3338]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 17 18:11:51 localhost pluto[3338]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 17 18:11:51 localhost pluto[3338]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 17 18:11:51 localhost pluto[3338]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 17 18:11:51 localhost pluto[3338]: "ikev2-cp": added IKEv2 connection
Jun 17 19:19:16 localhost pluto[3338]: "ikev2-cp"[1] 1.160.9.106 #1: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048[first-match]
Jun 17 19:19:16 localhost pluto[3338]: "ikev2-cp"[1] 1.160.9.106 #1: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
Jun 17 19:19:16 localhost pluto[3338]: "ikev2-cp"[1] 1.160.9.106 #1: processing decrypted IKE_AUTH request: SK{IDi,CERT,N(INITIAL_CONTACT),IDr,AUTH,CP,N(ESP_TFC_PADDING_NOT_SUPPORTED),N(NON_FIRST_FRAGMENTS_ALSO),SA,TSi,TSr,N(MOBIKE_SUPPORTED)}
Jun 17 19:19:16 localhost pluto[3338]: "ikev2-cp"[1] 1.160.9.106 #1: reloaded private key matching left certificate 'x96.ddns.net'
Jun 17 19:19:16 localhost pluto[3338]: "ikev2-cp"[1] 1.160.9.106 #1: responder established IKE SA; authenticated using PKCS#1 1.5 RSA with SHA1 and peer certificate 'CN=vpnclient, O=IKEv2 VPN' issued by CA 'CN=IKEv2 VPN CA, O=IKEv2 VPN'
Jun 17 19:19:17 localhost pluto[3338]: "ikev2-cp"[1] 1.160.9.106 #2: proposal 1:ESP=AES_GCM_C_128-DISABLED SPI=0b692fc6 chosen from remote proposals 1:ESP:ENCR=AES_GCM_C_128;ESN=DISABLED[first-match]
Jun 17 19:19:17 localhost pluto[3338]: "ikev2-cp"[1] 1.160.9.106 #2: responder established Child SA using #1; IPsec tunnel [0.0.0.0-255.255.255.255:0-65535 0] -> [192.168.9.82-192.168.9.82:0-65535 0] {ESPinUDP=>0x0b692fc6 <0x1ddcd892 xfrm=AES_GCM_16_128-NONE NATD=1.160.9.106:4500 DPD=active}
Jun 17 19:21:58 localhost pluto[3338]: "ikev2-cp"[1] 1.160.9.106 #2: ESP traffic information: in=567KB out=4MB
Jun 17 19:21:58 localhost pluto[3338]: "ikev2-cp"[1] 1.160.9.106 #1: deleting state (STATE_V2_ESTABLISHED_IKE_SA) aged 161.488391s and NOT sending notification
Jun 17 19:21:58 localhost pluto[3338]: "ikev2-cp"[1] 1.160.9.106: deleting connection instance with peer 1.160.9.106 {isakmp=#0/ipsec=#0}
Jun 18 05:31:02 localhost pluto[5329]: "ikev2-cp": IKE SA proposals:
Jun 18 05:31:02 localhost pluto[5329]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 18 05:31:02 localhost pluto[5329]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 18 05:31:02 localhost pluto[5329]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 18 05:31:02 localhost pluto[5329]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 18 05:31:02 localhost pluto[5329]: "ikev2-cp": Child SA proposals:
Jun 18 05:31:02 localhost pluto[5329]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 18 05:31:02 localhost pluto[5329]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 18 05:31:02 localhost pluto[5329]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 18 05:31:02 localhost pluto[5329]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 18 05:31:02 localhost pluto[5329]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 18 05:31:02 localhost pluto[5329]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 18 05:31:02 localhost pluto[5329]: "ikev2-cp": added IKEv2 connection
Jun 19 05:31:02 localhost pluto[8624]: "ikev2-cp": IKE SA proposals:
Jun 19 05:31:02 localhost pluto[8624]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 19 05:31:02 localhost pluto[8624]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 19 05:31:02 localhost pluto[8624]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 19 05:31:02 localhost pluto[8624]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 19 05:31:02 localhost pluto[8624]: "ikev2-cp": Child SA proposals:
Jun 19 05:31:02 localhost pluto[8624]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 19 05:31:02 localhost pluto[8624]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 19 05:31:02 localhost pluto[8624]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 19 05:31:02 localhost pluto[8624]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 19 05:31:02 localhost pluto[8624]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 19 05:31:02 localhost pluto[8624]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 19 05:31:02 localhost pluto[8624]: "ikev2-cp": added IKEv2 connection
Jun 19 14:07:24 localhost pluto[8624]: "ikev2-cp"[1] 1.160.8.119 #1: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048[first-match]
Jun 19 14:07:24 localhost pluto[8624]: "ikev2-cp"[1] 1.160.8.119 #1: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
Jun 19 14:07:24 localhost pluto[8624]: "ikev2-cp"[1] 1.160.8.119 #1: processing decrypted IKE_AUTH request: SK{IDi,CERT,N(INITIAL_CONTACT),IDr,AUTH,CP,N(ESP_TFC_PADDING_NOT_SUPPORTED),N(NON_FIRST_FRAGMENTS_ALSO),SA,TSi,TSr,N(MOBIKE_SUPPORTED)}
Jun 19 14:07:24 localhost pluto[8624]: "ikev2-cp"[1] 1.160.8.119 #1: NSS: ERROR: TLS Client certificate O=IKEv2 VPN,CN=IKEv2 VPN CA invalid: SEC_ERROR_BAD_SIGNATURE: Peer's certificate has an invalid signature.
Jun 19 14:07:24 localhost pluto[8624]: "ikev2-cp"[1] 1.160.8.119 #1: NSS: end certificate invalid
Jun 19 14:07:24 localhost pluto[8624]: "ikev2-cp"[1] 1.160.8.119 #1: X509: certificate payload rejected for this connection
Jun 19 14:07:24 localhost pluto[8624]: "ikev2-cp"[1] 1.160.8.119 #1: authentication failed: no certificate matched PKCS#1 1.5 RSA with SHA1 and '@phic'
Jun 19 14:07:24 localhost pluto[8624]: "ikev2-cp"[1] 1.160.8.119 #1: responding to IKE_AUTH message (ID 1) from 1.160.8.119:4500 with encrypted notification AUTHENTICATION_FAILED
Jun 19 14:07:24 localhost pluto[8624]: "ikev2-cp"[1] 1.160.8.119 #1: encountered fatal error in state STATE_V2_PARENT_R1
Jun 19 14:07:24 localhost pluto[8624]: "ikev2-cp"[1] 1.160.8.119 #1: deleting state (STATE_V2_PARENT_R1) aged 0.165018s and NOT sending notification
Jun 19 14:07:24 localhost pluto[8624]: "ikev2-cp"[1] 1.160.8.119: deleting connection instance with peer 1.160.8.119 {isakmp=#0/ipsec=#0}
Jun 19 14:07:24 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #2: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048[first-match]
Jun 19 14:07:24 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #3: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048[first-match]
Jun 19 14:07:24 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #3: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
Jun 19 14:07:24 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #2: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
Jun 19 14:07:24 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #3: processing decrypted IKE_AUTH request: SK{IDi,CERT,N(INITIAL_CONTACT),IDr,AUTH,CP,N(ESP_TFC_PADDING_NOT_SUPPORTED),N(NON_FIRST_FRAGMENTS_ALSO),SA,TSi,TSr,N(MOBIKE_SUPPORTED)}
Jun 19 14:07:24 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #3: NSS: ERROR: TLS Client certificate O=IKEv2 VPN,CN=IKEv2 VPN CA invalid: SEC_ERROR_BAD_SIGNATURE: Peer's certificate has an invalid signature.
Jun 19 14:07:24 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #3: NSS: end certificate invalid
Jun 19 14:07:24 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #3: X509: certificate payload rejected for this connection
Jun 19 14:07:24 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #3: authentication failed: no certificate matched PKCS#1 1.5 RSA with SHA1 and '@phic'
Jun 19 14:07:24 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #3: responding to IKE_AUTH message (ID 1) from 1.160.8.119:4500 with encrypted notification AUTHENTICATION_FAILED
Jun 19 14:07:24 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #3: encountered fatal error in state STATE_V2_PARENT_R1
Jun 19 14:07:24 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #3: deleting state (STATE_V2_PARENT_R1) aged 0.12595s and NOT sending notification
Jun 19 14:07:25 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #2: processing decrypted IKE_AUTH request: SK{IDi,CERT,N(INITIAL_CONTACT),IDr,AUTH,CP,N(ESP_TFC_PADDING_NOT_SUPPORTED),N(NON_FIRST_FRAGMENTS_ALSO),SA,TSi,TSr,N(MOBIKE_SUPPORTED)}
Jun 19 14:07:25 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #4: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048[first-match]
Jun 19 14:07:25 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #2: NSS: ERROR: TLS Client certificate O=IKEv2 VPN,CN=IKEv2 VPN CA invalid: SEC_ERROR_BAD_SIGNATURE: Peer's certificate has an invalid signature.
Jun 19 14:07:25 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #2: NSS: end certificate invalid
Jun 19 14:07:25 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #2: X509: certificate payload rejected for this connection
Jun 19 14:07:25 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #2: authentication failed: no certificate matched PKCS#1 1.5 RSA with SHA1 and '@phic'
Jun 19 14:07:25 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #2: responding to IKE_AUTH message (ID 1) from 1.160.8.119:4500 with encrypted notification AUTHENTICATION_FAILED
Jun 19 14:07:25 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #2: encountered fatal error in state STATE_V2_PARENT_R1
Jun 19 14:07:25 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #2: deleting state (STATE_V2_PARENT_R1) aged 0.170592s and NOT sending notification
Jun 19 14:07:25 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #4: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
Jun 19 14:07:27 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #5: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048[first-match]
Jun 19 14:07:27 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #5: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
Jun 19 14:07:27 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #5: processing decrypted IKE_AUTH request: SK{IDi,CERT,N(INITIAL_CONTACT),IDr,AUTH,CP,N(ESP_TFC_PADDING_NOT_SUPPORTED),N(NON_FIRST_FRAGMENTS_ALSO),SA,TSi,TSr,N(MOBIKE_SUPPORTED)}
Jun 19 14:07:27 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #5: NSS: ERROR: TLS Client certificate O=IKEv2 VPN,CN=IKEv2 VPN CA invalid: SEC_ERROR_BAD_SIGNATURE: Peer's certificate has an invalid signature.
Jun 19 14:07:27 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #5: NSS: end certificate invalid
Jun 19 14:07:27 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #5: X509: certificate payload rejected for this connection
Jun 19 14:07:27 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #5: authentication failed: no certificate matched PKCS#1 1.5 RSA with SHA1 and '@phic'
Jun 19 14:07:27 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #5: responding to IKE_AUTH message (ID 1) from 1.160.8.119:4500 with encrypted notification AUTHENTICATION_FAILED
Jun 19 14:07:27 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #5: encountered fatal error in state STATE_V2_PARENT_R1
Jun 19 14:07:27 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #5: deleting state (STATE_V2_PARENT_R1) aged 0.128528s and NOT sending notification
Jun 19 14:07:27 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #6: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048[first-match]
Jun 19 14:07:27 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #6: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
Jun 19 14:07:27 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #6: processing decrypted IKE_AUTH request: SK{IDi,CERT,N(INITIAL_CONTACT),IDr,AUTH,CP,N(ESP_TFC_PADDING_NOT_SUPPORTED),N(NON_FIRST_FRAGMENTS_ALSO),SA,TSi,TSr,N(MOBIKE_SUPPORTED)}
Jun 19 14:07:27 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #6: NSS: ERROR: TLS Client certificate O=IKEv2 VPN,CN=IKEv2 VPN CA invalid: SEC_ERROR_BAD_SIGNATURE: Peer's certificate has an invalid signature.
Jun 19 14:07:27 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #6: NSS: end certificate invalid
Jun 19 14:07:27 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #6: X509: certificate payload rejected for this connection
Jun 19 14:07:27 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #6: authentication failed: no certificate matched PKCS#1 1.5 RSA with SHA1 and '@phic'
Jun 19 14:07:27 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #6: responding to IKE_AUTH message (ID 1) from 1.160.8.119:4500 with encrypted notification AUTHENTICATION_FAILED
Jun 19 14:07:27 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #6: encountered fatal error in state STATE_V2_PARENT_R1
Jun 19 14:07:27 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #6: deleting state (STATE_V2_PARENT_R1) aged 0.097186s and NOT sending notification
Jun 19 14:07:30 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #7: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048[first-match]
Jun 19 14:07:30 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #7: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
Jun 19 14:07:30 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #7: processing decrypted IKE_AUTH request: SK{IDi,CERT,N(INITIAL_CONTACT),IDr,AUTH,CP,N(ESP_TFC_PADDING_NOT_SUPPORTED),N(NON_FIRST_FRAGMENTS_ALSO),SA,TSi,TSr,N(MOBIKE_SUPPORTED)}
Jun 19 14:07:30 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #7: NSS: ERROR: TLS Client certificate O=IKEv2 VPN,CN=IKEv2 VPN CA invalid: SEC_ERROR_BAD_SIGNATURE: Peer's certificate has an invalid signature.
Jun 19 14:07:30 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #7: NSS: end certificate invalid
Jun 19 14:07:30 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #7: X509: certificate payload rejected for this connection
Jun 19 14:07:30 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #7: authentication failed: no certificate matched PKCS#1 1.5 RSA with SHA1 and '@phic'
Jun 19 14:07:30 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #7: responding to IKE_AUTH message (ID 1) from 1.160.8.119:4500 with encrypted notification AUTHENTICATION_FAILED
Jun 19 14:07:30 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #7: encountered fatal error in state STATE_V2_PARENT_R1
Jun 19 14:07:30 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #7: deleting state (STATE_V2_PARENT_R1) aged 0.125708s and NOT sending notification
Jun 19 14:07:30 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #8: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048[first-match]
Jun 19 14:07:30 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #8: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
Jun 19 14:07:30 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #8: processing decrypted IKE_AUTH request: SK{IDi,CERT,N(INITIAL_CONTACT),IDr,AUTH,CP,N(ESP_TFC_PADDING_NOT_SUPPORTED),N(NON_FIRST_FRAGMENTS_ALSO),SA,TSi,TSr,N(MOBIKE_SUPPORTED)}
Jun 19 14:07:30 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #8: NSS: ERROR: TLS Client certificate O=IKEv2 VPN,CN=IKEv2 VPN CA invalid: SEC_ERROR_BAD_SIGNATURE: Peer's certificate has an invalid signature.
Jun 19 14:07:30 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #8: NSS: end certificate invalid
Jun 19 14:07:30 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #8: X509: certificate payload rejected for this connection
Jun 19 14:07:30 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #8: authentication failed: no certificate matched PKCS#1 1.5 RSA with SHA1 and '@phic'
Jun 19 14:07:30 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #8: responding to IKE_AUTH message (ID 1) from 1.160.8.119:4500 with encrypted notification AUTHENTICATION_FAILED
Jun 19 14:07:30 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #8: encountered fatal error in state STATE_V2_PARENT_R1
Jun 19 14:07:30 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #8: deleting state (STATE_V2_PARENT_R1) aged 0.090905s and NOT sending notification
Jun 19 14:08:20 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #9: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048[first-match]
Jun 19 14:08:20 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #9: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
Jun 19 14:08:20 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #9: processing decrypted IKE_AUTH request: SK{IDi,CERT,N(INITIAL_CONTACT),IDr,AUTH,CP,N(ESP_TFC_PADDING_NOT_SUPPORTED),N(NON_FIRST_FRAGMENTS_ALSO),SA,TSi,TSr,N(MOBIKE_SUPPORTED)}
Jun 19 14:08:20 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #9: reloaded private key matching left certificate 'x96.ddns.net'
Jun 19 14:08:20 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #9: switched to "ikev2-cp"[3] 1.160.8.119
Jun 19 14:08:20 localhost pluto[8624]: "ikev2-cp"[3] 1.160.8.119 #9: responder established IKE SA; authenticated using PKCS#1 1.5 RSA with SHA1 and peer certificate '@vpnclient' issued by CA 'CN=IKEv2 VPN CA, O=IKEv2 VPN'
Jun 19 14:08:20 localhost pluto[8624]: "ikev2-cp"[3] 1.160.8.119 #10: proposal 1:ESP=AES_GCM_C_128-DISABLED SPI=001a3cb9 chosen from remote proposals 1:ESP:ENCR=AES_GCM_C_128;ESN=DISABLED[first-match]
Jun 19 14:08:20 localhost pluto[8624]: "ikev2-cp"[3] 1.160.8.119 #10: responder established Child SA using #9; IPsec tunnel [0.0.0.0-255.255.255.255:0-65535 0] -> [192.168.9.82-192.168.9.82:0-65535 0] {ESPinUDP=>0x001a3cb9 <0xe1393762 xfrm=AES_GCM_16_128-NONE NATD=1.160.8.119:4500 DPD=active}
Jun 19 14:08:24 localhost pluto[8624]: "ikev2-cp"[3] 1.160.8.119 #10: ESP traffic information: in=625B out=1KB
Jun 19 14:08:25 localhost pluto[8624]: "ikev2-cp"[3] 1.160.8.119 #9: deleting state (STATE_V2_ESTABLISHED_IKE_SA) aged 4.653836s and NOT sending notification
Jun 19 14:08:25 localhost pluto[8624]: "ikev2-cp"[3] 1.160.8.119: deleting connection instance with peer 1.160.8.119 {isakmp=#0/ipsec=#0}
Jun 19 14:10:45 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #4: deleting incomplete state after 200 seconds
Jun 19 14:10:45 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119 #4: deleting state (STATE_V2_PARENT_R1) aged 200.02825s and NOT sending notification
Jun 19 14:10:45 localhost pluto[8624]: "ikev2-cp"[2] 1.160.8.119: deleting connection instance with peer 1.160.8.119 {isakmp=#0/ipsec=#0}
Jun 19 23:30:16 localhost pluto[8624]: "ikev2-cp"[4] 1.160.8.119 #12: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048[first-match]
Jun 19 23:30:16 localhost pluto[8624]: "ikev2-cp"[4] 1.160.8.119 #12: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
Jun 19 23:30:16 localhost pluto[8624]: "ikev2-cp"[4] 1.160.8.119 #12: processing decrypted IKE_AUTH request: SK{IDi,CERT,N(INITIAL_CONTACT),IDr,AUTH,CP,N(ESP_TFC_PADDING_NOT_SUPPORTED),N(NON_FIRST_FRAGMENTS_ALSO),SA,TSi,TSr,N(MOBIKE_SUPPORTED)}
Jun 19 23:30:16 localhost pluto[8624]: "ikev2-cp"[4] 1.160.8.119 #12: responder established IKE SA; authenticated using PKCS#1 1.5 RSA with SHA1 and peer certificate 'CN=vpnclient, O=IKEv2 VPN' issued by CA 'CN=IKEv2 VPN CA, O=IKEv2 VPN'
Jun 19 23:30:16 localhost pluto[8624]: "ikev2-cp"[4] 1.160.8.119 #13: proposal 1:ESP=AES_GCM_C_128-DISABLED SPI=0a96ec0c chosen from remote proposals 1:ESP:ENCR=AES_GCM_C_128;ESN=DISABLED[first-match]
Jun 19 23:30:16 localhost pluto[8624]: "ikev2-cp"[4] 1.160.8.119 #13: responder established Child SA using #12; IPsec tunnel [0.0.0.0-255.255.255.255:0-65535 0] -> [192.168.9.82-192.168.9.82:0-65535 0] {ESPinUDP=>0x0a96ec0c <0xbe84564f xfrm=AES_GCM_16_128-NONE NATD=1.160.8.119:4500 DPD=active}
Jun 19 23:44:26 localhost pluto[8624]: "ikev2-cp"[4] 1.160.8.119 #13: ESP traffic information: in=106MB out=115MB
Jun 19 23:44:26 localhost pluto[8624]: "ikev2-cp"[4] 1.160.8.119 #12: deleting state (STATE_V2_ESTABLISHED_IKE_SA) aged 849.958355s and NOT sending notification
Jun 19 23:44:26 localhost pluto[8624]: "ikev2-cp"[4] 1.160.8.119: deleting connection instance with peer 1.160.8.119 {isakmp=#0/ipsec=#0}
Jun 20 02:44:11 localhost pluto[8624]: "ikev2-cp"[5] 138.197.101.95 #14: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_128;ENCR=AES_CBC_192;ENCR=AES_CBC_256;ENCR=3DES;INTEG=HMAC_SHA2_256_128;INTEG=HMAC_SHA2_384_192;INTEG=HMAC_SHA2_512_256;INTEG=AES_XCBC_96;INTEG=AES_CMAC_96;INTEG=HMAC_SHA1_96;PRF=AES128_XCBC;PRF=AES128_CMAC;PRF=HMAC_SHA2_256;PRF=HMAC_SHA2_384;PRF=HMAC_SHA2_512;PRF=HMAC_SHA1;DH=CURVE25519;DH=MODP3072;DH=MODP4096;DH=MODP6144;DH=MODP8192;DH=MODP2048[first-match]
Jun 20 02:44:11 localhost pluto[8624]: "ikev2-cp"[5] 138.197.101.95 #14: initiator guessed wrong keying material group (CURVE25519); responding with INVALID_KE_PAYLOAD requesting MODP2048
Jun 20 02:44:11 localhost pluto[8624]: "ikev2-cp"[5] 138.197.101.95 #14: responding to IKE_SA_INIT message (ID 0) from 138.197.101.95:37486 with unencrypted notification INVALID_KE_PAYLOAD
Jun 20 02:44:11 localhost pluto[8624]: "ikev2-cp"[5] 138.197.101.95 #14: encountered fatal error in state STATE_V2_PARENT_R0
Jun 20 02:44:11 localhost pluto[8624]: "ikev2-cp"[5] 138.197.101.95 #14: deleting state (STATE_V2_PARENT_R0) aged 0.001205s and NOT sending notification
Jun 20 02:44:11 localhost pluto[8624]: "ikev2-cp"[5] 138.197.101.95: deleting connection instance with peer 138.197.101.95 {isakmp=#0/ipsec=#0}
Jun 20 02:44:12 localhost pluto[8624]: "ikev2-cp"[6] 138.197.101.95 #15: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_128;ENCR=AES_CBC_192;ENCR=AES_CBC_256;ENCR=3DES;INTEG=HMAC_SHA2_256_128;INTEG=HMAC_SHA2_384_192;INTEG=HMAC_SHA2_512_256;INTEG=AES_XCBC_96;INTEG=AES_CMAC_96;INTEG=HMAC_SHA1_96;PRF=AES128_XCBC;PRF=AES128_CMAC;PRF=HMAC_SHA2_256;PRF=HMAC_SHA2_384;PRF=HMAC_SHA2_512;PRF=HMAC_SHA1;DH=CURVE25519;DH=MODP3072;DH=MODP4096;DH=MODP6144;DH=MODP8192;DH=MODP2048[first-match]
Jun 20 02:44:12 localhost pluto[8624]: "ikev2-cp"[6] 138.197.101.95 #15: initiator guessed wrong keying material group (CURVE25519); responding with INVALID_KE_PAYLOAD requesting MODP2048
Jun 20 02:44:12 localhost pluto[8624]: "ikev2-cp"[6] 138.197.101.95 #15: responding to IKE_SA_INIT message (ID 0) from 138.197.101.95:34396 with unencrypted notification INVALID_KE_PAYLOAD
Jun 20 02:44:12 localhost pluto[8624]: "ikev2-cp"[6] 138.197.101.95 #15: encountered fatal error in state STATE_V2_PARENT_R0
Jun 20 02:44:12 localhost pluto[8624]: "ikev2-cp"[6] 138.197.101.95 #15: deleting state (STATE_V2_PARENT_R0) aged 0.001148s and NOT sending notification
Jun 20 02:44:12 localhost pluto[8624]: "ikev2-cp"[6] 138.197.101.95: deleting connection instance with peer 138.197.101.95 {isakmp=#0/ipsec=#0}
Jun 20 02:44:12 localhost pluto[8624]: "ikev2-cp"[7] 138.197.101.95 #16: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_128;ENCR=AES_CBC_192;ENCR=AES_CBC_256;ENCR=3DES;INTEG=HMAC_SHA2_256_128;INTEG=HMAC_SHA2_384_192;INTEG=HMAC_SHA2_512_256;INTEG=AES_XCBC_96;INTEG=AES_CMAC_96;INTEG=HMAC_SHA1_96;PRF=AES128_XCBC;PRF=AES128_CMAC;PRF=HMAC_SHA2_256;PRF=HMAC_SHA2_384;PRF=HMAC_SHA2_512;PRF=HMAC_SHA1;DH=MODP2048;DH=CURVE25519;DH=MODP3072;DH=MODP4096;DH=MODP6144;DH=MODP8192[first-match]
Jun 20 02:44:12 localhost pluto[8624]: "ikev2-cp"[7] 138.197.101.95 #16: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
Jun 20 02:44:12 localhost pluto[8624]: "ikev2-cp"[7] 138.197.101.95 #16: processing decrypted IKE_AUTH request: SK{IDi,N(INITIAL_CONTACT),CP,SA,TSi,TSr,N(MOBIKE_SUPPORTED),N(NO_ADDITIONAL_ADDRESSES),N(EAP_ONLY_AUTHENTICATION),N(IKEV2_MESSAGE_ID_SYNC_SUPPORTED)}
Jun 20 02:44:12 localhost pluto[8624]: "ikev2-cp"[7] 138.197.101.95 #16: Peer attempted EAP authentication, but IKE_AUTH is required
Jun 20 02:44:12 localhost pluto[8624]: "ikev2-cp"[7] 138.197.101.95 #16: responding to IKE_AUTH message (ID 1) from 138.197.101.95:34396 with encrypted notification AUTHENTICATION_FAILED
Jun 20 02:44:12 localhost pluto[8624]: "ikev2-cp"[7] 138.197.101.95 #16: encountered fatal error in state STATE_V2_PARENT_R1
Jun 20 02:44:12 localhost pluto[8624]: "ikev2-cp"[7] 138.197.101.95 #16: deleting state (STATE_V2_PARENT_R1) aged 0.279058s and NOT sending notification
Jun 20 02:44:12 localhost pluto[8624]: "ikev2-cp"[7] 138.197.101.95: deleting connection instance with peer 138.197.101.95 {isakmp=#0/ipsec=#0}
Jun 20 05:31:02 localhost pluto[12364]: "ikev2-cp": IKE SA proposals:
Jun 20 05:31:02 localhost pluto[12364]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 05:31:02 localhost pluto[12364]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 05:31:02 localhost pluto[12364]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 05:31:02 localhost pluto[12364]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 05:31:02 localhost pluto[12364]: "ikev2-cp": Child SA proposals:
Jun 20 05:31:02 localhost pluto[12364]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 20 05:31:02 localhost pluto[12364]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 20 05:31:02 localhost pluto[12364]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 20 05:31:02 localhost pluto[12364]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 20 05:31:02 localhost pluto[12364]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 20 05:31:02 localhost pluto[12364]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 20 05:31:02 localhost pluto[12364]: "ikev2-cp": added IKEv2 connection
Jun 20 13:17:13 localhost pluto[2181]: "ikev2-cp": IKE SA proposals:
Jun 20 13:17:13 localhost pluto[2181]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 13:17:13 localhost pluto[2181]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 13:17:13 localhost pluto[2181]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 13:17:13 localhost pluto[2181]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 13:17:13 localhost pluto[2181]: "ikev2-cp": Child SA proposals:
Jun 20 13:17:13 localhost pluto[2181]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 20 13:17:13 localhost pluto[2181]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 20 13:17:13 localhost pluto[2181]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 20 13:17:13 localhost pluto[2181]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 20 13:17:13 localhost pluto[2181]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 20 13:17:13 localhost pluto[2181]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 20 13:17:13 localhost pluto[2181]: "ikev2-cp": added IKEv2 connection
Jun 20 13:17:27 localhost pluto[2409]: "ikev2-cp": IKE SA proposals:
Jun 20 13:17:27 localhost pluto[2409]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 13:17:27 localhost pluto[2409]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 13:17:27 localhost pluto[2409]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 13:17:27 localhost pluto[2409]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 13:17:27 localhost pluto[2409]: "ikev2-cp": Child SA proposals:
Jun 20 13:17:27 localhost pluto[2409]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 20 13:17:27 localhost pluto[2409]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 20 13:17:27 localhost pluto[2409]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 20 13:17:27 localhost pluto[2409]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 20 13:17:27 localhost pluto[2409]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 20 13:17:27 localhost pluto[2409]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 20 13:17:27 localhost pluto[2409]: "ikev2-cp": added IKEv2 connection
Jun 20 13:42:03 localhost pluto[2900]: "ikev2-cp": IKE SA proposals:
Jun 20 13:42:03 localhost pluto[2900]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 13:42:03 localhost pluto[2900]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 13:42:03 localhost pluto[2900]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 13:42:03 localhost pluto[2900]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 13:42:03 localhost pluto[2900]: "ikev2-cp": Child SA proposals:
Jun 20 13:42:03 localhost pluto[2900]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 20 13:42:03 localhost pluto[2900]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 20 13:42:03 localhost pluto[2900]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 20 13:42:03 localhost pluto[2900]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 20 13:42:03 localhost pluto[2900]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 20 13:42:03 localhost pluto[2900]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 20 13:42:03 localhost pluto[2900]: "ikev2-cp": added IKEv2 connection
Jun 20 14:41:11 localhost pluto[3450]: "ikev2-cp": IKE SA proposals:
Jun 20 14:41:11 localhost pluto[3450]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 14:41:11 localhost pluto[3450]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 14:41:11 localhost pluto[3450]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 14:41:11 localhost pluto[3450]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 14:41:11 localhost pluto[3450]: "ikev2-cp": Child SA proposals:
Jun 20 14:41:11 localhost pluto[3450]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 20 14:41:11 localhost pluto[3450]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 20 14:41:11 localhost pluto[3450]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 20 14:41:11 localhost pluto[3450]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 20 14:41:11 localhost pluto[3450]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 20 14:41:11 localhost pluto[3450]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 20 14:41:11 localhost pluto[3450]: "ikev2-cp": added IKEv2 connection
Jun 20 16:39:39 localhost pluto[2174]: "ikev2-cp": IKE SA proposals:
Jun 20 16:39:39 localhost pluto[2174]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 16:39:39 localhost pluto[2174]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 16:39:39 localhost pluto[2174]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 16:39:39 localhost pluto[2174]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 16:39:39 localhost pluto[2174]: "ikev2-cp": Child SA proposals:
Jun 20 16:39:39 localhost pluto[2174]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 20 16:39:39 localhost pluto[2174]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 20 16:39:39 localhost pluto[2174]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 20 16:39:39 localhost pluto[2174]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 20 16:39:39 localhost pluto[2174]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 20 16:39:39 localhost pluto[2174]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 20 16:39:39 localhost pluto[2174]: "ikev2-cp": added IKEv2 connection
Jun 20 16:39:53 localhost pluto[2402]: "ikev2-cp": IKE SA proposals:
Jun 20 16:39:53 localhost pluto[2402]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 16:39:53 localhost pluto[2402]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 16:39:53 localhost pluto[2402]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 16:39:53 localhost pluto[2402]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 16:39:53 localhost pluto[2402]: "ikev2-cp": Child SA proposals:
Jun 20 16:39:53 localhost pluto[2402]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 20 16:39:53 localhost pluto[2402]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 20 16:39:53 localhost pluto[2402]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 20 16:39:53 localhost pluto[2402]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 20 16:39:53 localhost pluto[2402]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 20 16:39:53 localhost pluto[2402]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 20 16:39:53 localhost pluto[2402]: "ikev2-cp": added IKEv2 connection
Jun 20 16:40:47 localhost pluto[3004]: "ikev2-cp": IKE SA proposals:
Jun 20 16:40:47 localhost pluto[3004]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 16:40:47 localhost pluto[3004]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 16:40:47 localhost pluto[3004]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 16:40:47 localhost pluto[3004]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 16:40:47 localhost pluto[3004]: "ikev2-cp": Child SA proposals:
Jun 20 16:40:47 localhost pluto[3004]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 20 16:40:47 localhost pluto[3004]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 20 16:40:47 localhost pluto[3004]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 20 16:40:47 localhost pluto[3004]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 20 16:40:47 localhost pluto[3004]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 20 16:40:47 localhost pluto[3004]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 20 16:40:47 localhost pluto[3004]: "ikev2-cp": added IKEv2 connection
Jun 20 17:39:55 localhost pluto[4924]: "ikev2-cp": IKE SA proposals:
Jun 20 17:39:55 localhost pluto[4924]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 17:39:55 localhost pluto[4924]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 17:39:55 localhost pluto[4924]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 17:39:55 localhost pluto[4924]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 20 17:39:55 localhost pluto[4924]: "ikev2-cp": Child SA proposals:
Jun 20 17:39:55 localhost pluto[4924]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 20 17:39:55 localhost pluto[4924]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 20 17:39:55 localhost pluto[4924]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 20 17:39:55 localhost pluto[4924]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 20 17:39:55 localhost pluto[4924]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 20 17:39:55 localhost pluto[4924]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 20 17:39:55 localhost pluto[4924]: "ikev2-cp": added IKEv2 connection
Jun 20 18:17:52 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119 #1: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_256;INTEG=HMAC_SHA2_256_128;DH=MODP2048[first-match]
Jun 20 18:17:52 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119 #1: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
Jun 20 18:17:52 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119 #1: processing decrypted IKE_AUTH request: SK{IDi,CERT,N(INITIAL_CONTACT),IDr,AUTH,CP,N(ESP_TFC_PADDING_NOT_SUPPORTED),N(NON_FIRST_FRAGMENTS_ALSO),SA,TSi,TSr,N(MOBIKE_SUPPORTED)}
Jun 20 18:17:52 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119 #1: reloaded private key matching left certificate 'x96.ddns.net'
Jun 20 18:17:52 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119 #1: responder established IKE SA; authenticated using PKCS#1 1.5 RSA with SHA1 and peer certificate 'CN=vpnclient, O=IKEv2 VPN' issued by CA 'CN=IKEv2 VPN CA, O=IKEv2 VPN'
Jun 20 18:17:52 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119 #2: proposal 1:ESP=AES_GCM_C_128-DISABLED SPI=00017eb9 chosen from remote proposals 1:ESP:ENCR=AES_GCM_C_128;ESN=DISABLED[first-match]
Jun 20 18:17:52 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119 #2: responder established Child SA using #1; IPsec tunnel [0.0.0.0-255.255.255.255:0-65535 0] -> [192.168.9.82-192.168.9.82:0-65535 0] {ESPinUDP=>0x00017eb9 <0x5042fe92 xfrm=AES_GCM_16_128-NONE NATD=1.160.8.119:4500 DPD=active}
Jun 20 21:07:20 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 20 21:34:28 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 20 21:44:43 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 20 21:59:30 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 20 22:03:14 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 20 22:20:53 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 20 22:32:16 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 20 22:35:21 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 20 22:36:55 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 20 22:39:45 localhost pluto[4924]: message repeated 4 times: [ "ikev2-cp"[1] 1.160.8.119 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response]
Jun 20 22:49:03 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 20 23:06:36 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 20 23:09:19 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 20 23:22:03 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 0.5 seconds for response
Jun 20 23:22:04 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119 #1: STATE_V2_ESTABLISHED_IKE_SA: retransmission; will wait 1 seconds for response
Jun 20 23:31:46 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119 #2: ESP traffic information: in=94MB out=272MB
Jun 20 23:31:47 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119 #1: deleting state (STATE_V2_ESTABLISHED_IKE_SA) aged 18834.82955s and NOT sending notification
Jun 20 23:31:47 localhost pluto[4924]: "ikev2-cp"[1] 1.160.8.119: deleting connection instance with peer 1.160.8.119 {isakmp=#0/ipsec=#0}
Jun 21 05:31:02 localhost pluto[6673]: "ikev2-cp": IKE SA proposals:
Jun 21 05:31:02 localhost pluto[6673]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 21 05:31:02 localhost pluto[6673]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 21 05:31:02 localhost pluto[6673]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 21 05:31:02 localhost pluto[6673]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 21 05:31:02 localhost pluto[6673]: "ikev2-cp": Child SA proposals:
Jun 21 05:31:02 localhost pluto[6673]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 21 05:31:02 localhost pluto[6673]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 21 05:31:02 localhost pluto[6673]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 21 05:31:02 localhost pluto[6673]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 21 05:31:02 localhost pluto[6673]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 21 05:31:02 localhost pluto[6673]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 21 05:31:02 localhost pluto[6673]: "ikev2-cp": added IKEv2 connection
Jun 22 05:31:02 localhost pluto[11615]: "ikev2-cp": IKE SA proposals:
Jun 22 05:31:02 localhost pluto[11615]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 22 05:31:02 localhost pluto[11615]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 22 05:31:02 localhost pluto[11615]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 22 05:31:02 localhost pluto[11615]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 22 05:31:02 localhost pluto[11615]: "ikev2-cp": Child SA proposals:
Jun 22 05:31:02 localhost pluto[11615]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 22 05:31:02 localhost pluto[11615]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 22 05:31:02 localhost pluto[11615]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 22 05:31:02 localhost pluto[11615]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 22 05:31:02 localhost pluto[11615]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 22 05:31:02 localhost pluto[11615]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 22 05:31:02 localhost pluto[11615]: "ikev2-cp": added IKEv2 connection
Jun 22 18:30:19 localhost pluto[11615]: "ikev2-cp"[1] 161.35.236.116 #10: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_128;ENCR=AES_CBC_192;ENCR=AES_CBC_256;ENCR=3DES;INTEG=HMAC_SHA2_256_128;INTEG=HMAC_SHA2_384_192;INTEG=HMAC_SHA2_512_256;INTEG=AES_XCBC_96;INTEG=AES_CMAC_96;INTEG=HMAC_SHA1_96;PRF=AES128_XCBC;PRF=AES128_CMAC;PRF=HMAC_SHA2_256;PRF=HMAC_SHA2_384;PRF=HMAC_SHA2_512;PRF=HMAC_SHA1;DH=CURVE25519;DH=MODP3072;DH=MODP4096;DH=MODP6144;DH=MODP8192;DH=MODP2048[first-match]
Jun 22 18:30:19 localhost pluto[11615]: "ikev2-cp"[1] 161.35.236.116 #10: initiator guessed wrong keying material group (CURVE25519); responding with INVALID_KE_PAYLOAD requesting MODP2048
Jun 22 18:30:19 localhost pluto[11615]: "ikev2-cp"[1] 161.35.236.116 #10: responding to IKE_SA_INIT message (ID 0) from 161.35.236.116:53552 with unencrypted notification INVALID_KE_PAYLOAD
Jun 22 18:30:19 localhost pluto[11615]: "ikev2-cp"[1] 161.35.236.116 #10: encountered fatal error in state STATE_V2_PARENT_R0
Jun 22 18:30:19 localhost pluto[11615]: "ikev2-cp"[1] 161.35.236.116 #10: deleting state (STATE_V2_PARENT_R0) aged 0.001206s and NOT sending notification
Jun 22 18:30:19 localhost pluto[11615]: "ikev2-cp"[1] 161.35.236.116: deleting connection instance with peer 161.35.236.116 {isakmp=#0/ipsec=#0}
Jun 22 18:30:20 localhost pluto[11615]: "ikev2-cp"[2] 161.35.236.116 #11: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_128;ENCR=AES_CBC_192;ENCR=AES_CBC_256;ENCR=3DES;INTEG=HMAC_SHA2_256_128;INTEG=HMAC_SHA2_384_192;INTEG=HMAC_SHA2_512_256;INTEG=AES_XCBC_96;INTEG=AES_CMAC_96;INTEG=HMAC_SHA1_96;PRF=AES128_XCBC;PRF=AES128_CMAC;PRF=HMAC_SHA2_256;PRF=HMAC_SHA2_384;PRF=HMAC_SHA2_512;PRF=HMAC_SHA1;DH=CURVE25519;DH=MODP3072;DH=MODP4096;DH=MODP6144;DH=MODP8192;DH=MODP2048[first-match]
Jun 22 18:30:20 localhost pluto[11615]: "ikev2-cp"[2] 161.35.236.116 #11: initiator guessed wrong keying material group (CURVE25519); responding with INVALID_KE_PAYLOAD requesting MODP2048
Jun 22 18:30:20 localhost pluto[11615]: "ikev2-cp"[2] 161.35.236.116 #11: responding to IKE_SA_INIT message (ID 0) from 161.35.236.116:43895 with unencrypted notification INVALID_KE_PAYLOAD
Jun 22 18:30:20 localhost pluto[11615]: "ikev2-cp"[2] 161.35.236.116 #11: encountered fatal error in state STATE_V2_PARENT_R0
Jun 22 18:30:20 localhost pluto[11615]: "ikev2-cp"[2] 161.35.236.116 #11: deleting state (STATE_V2_PARENT_R0) aged 0.001056s and NOT sending notification
Jun 22 18:30:20 localhost pluto[11615]: "ikev2-cp"[2] 161.35.236.116: deleting connection instance with peer 161.35.236.116 {isakmp=#0/ipsec=#0}
Jun 22 18:30:20 localhost pluto[11615]: "ikev2-cp"[3] 161.35.236.116 #12: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_128;ENCR=AES_CBC_192;ENCR=AES_CBC_256;ENCR=3DES;INTEG=HMAC_SHA2_256_128;INTEG=HMAC_SHA2_384_192;INTEG=HMAC_SHA2_512_256;INTEG=AES_XCBC_96;INTEG=AES_CMAC_96;INTEG=HMAC_SHA1_96;PRF=AES128_XCBC;PRF=AES128_CMAC;PRF=HMAC_SHA2_256;PRF=HMAC_SHA2_384;PRF=HMAC_SHA2_512;PRF=HMAC_SHA1;DH=MODP2048;DH=CURVE25519;DH=MODP3072;DH=MODP4096;DH=MODP6144;DH=MODP8192[first-match]
Jun 22 18:30:20 localhost pluto[11615]: "ikev2-cp"[3] 161.35.236.116 #12: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
Jun 22 18:30:20 localhost pluto[11615]: "ikev2-cp"[3] 161.35.236.116 #12: processing decrypted IKE_AUTH request: SK{IDi,N(INITIAL_CONTACT),CP,SA,TSi,TSr,N(MOBIKE_SUPPORTED),N(NO_ADDITIONAL_ADDRESSES),N(EAP_ONLY_AUTHENTICATION),N(IKEV2_MESSAGE_ID_SYNC_SUPPORTED)}
Jun 22 18:30:20 localhost pluto[11615]: "ikev2-cp"[3] 161.35.236.116 #12: Peer attempted EAP authentication, but IKE_AUTH is required
Jun 22 18:30:20 localhost pluto[11615]: "ikev2-cp"[3] 161.35.236.116 #12: responding to IKE_AUTH message (ID 1) from 161.35.236.116:43895 with encrypted notification AUTHENTICATION_FAILED
Jun 22 18:30:20 localhost pluto[11615]: "ikev2-cp"[3] 161.35.236.116 #12: encountered fatal error in state STATE_V2_PARENT_R1
Jun 22 18:30:20 localhost pluto[11615]: "ikev2-cp"[3] 161.35.236.116 #12: deleting state (STATE_V2_PARENT_R1) aged 0.219448s and NOT sending notification
Jun 22 18:30:20 localhost pluto[11615]: "ikev2-cp"[3] 161.35.236.116: deleting connection instance with peer 161.35.236.116 {isakmp=#0/ipsec=#0}
Jun 23 02:58:55 localhost pluto[11615]: "ikev2-cp"[4] 77.243.181.54 #13: proposal 1 has incorrect SPI size (8), expected 0; ignored
Jun 23 02:58:55 localhost pluto[11615]: "ikev2-cp"[4] 77.243.181.54 #13: proposal 2 has unexpected Protocol ID 3; expected IKE
Jun 23 02:58:55 localhost pluto[11615]: "ikev2-cp"[4] 77.243.181.54 #13: no local proposal matches remote proposals 1:IKE:[spi-size] 2:ESP:[unexpected-protoid]
Jun 23 02:58:55 localhost pluto[11615]: "ikev2-cp"[4] 77.243.181.54 #13: responding to IKE_SA_INIT message (ID 0) from 77.243.181.54:57239 with unencrypted notification NO_PROPOSAL_CHOSEN
Jun 23 02:58:55 localhost pluto[11615]: "ikev2-cp"[4] 77.243.181.54 #13: encountered fatal error in state STATE_V2_PARENT_R0
Jun 23 02:58:55 localhost pluto[11615]: "ikev2-cp"[4] 77.243.181.54 #13: deleting state (STATE_V2_PARENT_R0) aged 0.001202s and NOT sending notification
Jun 23 02:58:55 localhost pluto[11615]: "ikev2-cp"[4] 77.243.181.54: deleting connection instance with peer 77.243.181.54 {isakmp=#0/ipsec=#0}
Jun 23 05:31:02 localhost pluto[14703]: "ikev2-cp": IKE SA proposals:
Jun 23 05:31:02 localhost pluto[14703]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 23 05:31:02 localhost pluto[14703]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 23 05:31:02 localhost pluto[14703]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 23 05:31:02 localhost pluto[14703]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 23 05:31:02 localhost pluto[14703]: "ikev2-cp": Child SA proposals:
Jun 23 05:31:02 localhost pluto[14703]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 23 05:31:02 localhost pluto[14703]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 23 05:31:02 localhost pluto[14703]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 23 05:31:02 localhost pluto[14703]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 23 05:31:02 localhost pluto[14703]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 23 05:31:02 localhost pluto[14703]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 23 05:31:02 localhost pluto[14703]: "ikev2-cp": added IKEv2 connection
Jun 23 12:19:23 localhost pluto[14703]: "ikev2-cp"[1] 34.228.167.183 #1: proposal 1 has incorrect SPI size (8), expected 0; ignored
Jun 23 12:19:23 localhost pluto[14703]: "ikev2-cp"[1] 34.228.167.183 #1: proposal 2 has unexpected Protocol ID 3; expected IKE
Jun 23 12:19:23 localhost pluto[14703]: "ikev2-cp"[1] 34.228.167.183 #1: no local proposal matches remote proposals 1:IKE:[spi-size] 2:ESP:[unexpected-protoid]
Jun 23 12:19:23 localhost pluto[14703]: "ikev2-cp"[1] 34.228.167.183 #1: responding to IKE_SA_INIT message (ID 0) from 34.228.167.183:51306 with unencrypted notification NO_PROPOSAL_CHOSEN
Jun 23 12:19:23 localhost pluto[14703]: "ikev2-cp"[1] 34.228.167.183 #1: encountered fatal error in state STATE_V2_PARENT_R0
Jun 23 12:19:23 localhost pluto[14703]: "ikev2-cp"[1] 34.228.167.183 #1: deleting state (STATE_V2_PARENT_R0) aged 0.001062s and NOT sending notification
Jun 23 12:19:23 localhost pluto[14703]: "ikev2-cp"[1] 34.228.167.183: deleting connection instance with peer 34.228.167.183 {isakmp=#0/ipsec=#0}
Jun 23 17:07:54 localhost pluto[14703]: "ikev2-cp"[2] 106.75.5.253 #2: no local proposal matches remote proposals 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_512;INTEG=HMAC_SHA2_512_256;DH=ECP_384
Jun 23 17:07:54 localhost pluto[14703]: "ikev2-cp"[2] 106.75.5.253 #2: responding to IKE_SA_INIT message (ID 0) from 106.75.5.253:58914 with unencrypted notification NO_PROPOSAL_CHOSEN
Jun 23 17:07:54 localhost pluto[14703]: "ikev2-cp"[2] 106.75.5.253 #2: encountered fatal error in state STATE_V2_PARENT_R0
Jun 23 17:07:54 localhost pluto[14703]: "ikev2-cp"[2] 106.75.5.253 #2: deleting state (STATE_V2_PARENT_R0) aged 0.000859s and NOT sending notification
Jun 23 17:07:54 localhost pluto[14703]: "ikev2-cp"[2] 106.75.5.253: deleting connection instance with peer 106.75.5.253 {isakmp=#0/ipsec=#0}
Jun 23 17:08:15 localhost pluto[14703]: "ikev2-cp"[3] 106.75.21.224 #3: no local proposal matches remote proposals 1:IKE:ENCR=AES_CBC_256;PRF=HMAC_SHA2_512;INTEG=HMAC_SHA2_512_256;DH=ECP_384
Jun 23 17:08:15 localhost pluto[14703]: "ikev2-cp"[3] 106.75.21.224 #3: responding to IKE_SA_INIT message (ID 0) from 106.75.21.224:57561 with unencrypted notification NO_PROPOSAL_CHOSEN
Jun 23 17:08:15 localhost pluto[14703]: "ikev2-cp"[3] 106.75.21.224 #3: encountered fatal error in state STATE_V2_PARENT_R0
Jun 23 17:08:15 localhost pluto[14703]: "ikev2-cp"[3] 106.75.21.224 #3: deleting state (STATE_V2_PARENT_R0) aged 0.00085s and NOT sending notification
Jun 23 17:08:15 localhost pluto[14703]: "ikev2-cp"[3] 106.75.21.224: deleting connection instance with peer 106.75.21.224 {isakmp=#0/ipsec=#0}
Jun 24 05:31:02 localhost pluto[17367]: "ikev2-cp": IKE SA proposals:
Jun 24 05:31:02 localhost pluto[17367]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 24 05:31:02 localhost pluto[17367]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 24 05:31:02 localhost pluto[17367]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 24 05:31:02 localhost pluto[17367]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 24 05:31:02 localhost pluto[17367]: "ikev2-cp": Child SA proposals:
Jun 24 05:31:02 localhost pluto[17367]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 24 05:31:02 localhost pluto[17367]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 24 05:31:02 localhost pluto[17367]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 24 05:31:02 localhost pluto[17367]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 24 05:31:02 localhost pluto[17367]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 24 05:31:02 localhost pluto[17367]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 24 05:31:02 localhost pluto[17367]: "ikev2-cp": added IKEv2 connection
Jun 25 05:31:02 localhost pluto[20356]: "ikev2-cp": IKE SA proposals:
Jun 25 05:31:02 localhost pluto[20356]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 25 05:31:02 localhost pluto[20356]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 25 05:31:02 localhost pluto[20356]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 25 05:31:02 localhost pluto[20356]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 25 05:31:02 localhost pluto[20356]: "ikev2-cp": Child SA proposals:
Jun 25 05:31:02 localhost pluto[20356]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 25 05:31:02 localhost pluto[20356]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 25 05:31:02 localhost pluto[20356]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 25 05:31:02 localhost pluto[20356]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 25 05:31:02 localhost pluto[20356]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 25 05:31:02 localhost pluto[20356]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 25 05:31:02 localhost pluto[20356]: "ikev2-cp": added IKEv2 connection
Jun 25 09:58:22 localhost pluto[20356]: "ikev2-cp"[1] 161.35.236.116 #1: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_128;ENCR=AES_CBC_192;ENCR=AES_CBC_256;ENCR=3DES;INTEG=HMAC_SHA2_256_128;INTEG=HMAC_SHA2_384_192;INTEG=HMAC_SHA2_512_256;INTEG=AES_XCBC_96;INTEG=AES_CMAC_96;INTEG=HMAC_SHA1_96;PRF=AES128_XCBC;PRF=AES128_CMAC;PRF=HMAC_SHA2_256;PRF=HMAC_SHA2_384;PRF=HMAC_SHA2_512;PRF=HMAC_SHA1;DH=CURVE25519;DH=MODP3072;DH=MODP4096;DH=MODP6144;DH=MODP8192;DH=MODP2048[first-match]
Jun 25 09:58:22 localhost pluto[20356]: "ikev2-cp"[1] 161.35.236.116 #1: initiator guessed wrong keying material group (CURVE25519); responding with INVALID_KE_PAYLOAD requesting MODP2048
Jun 25 09:58:22 localhost pluto[20356]: "ikev2-cp"[1] 161.35.236.116 #1: responding to IKE_SA_INIT message (ID 0) from 161.35.236.116:40203 with unencrypted notification INVALID_KE_PAYLOAD
Jun 25 09:58:22 localhost pluto[20356]: "ikev2-cp"[1] 161.35.236.116 #1: encountered fatal error in state STATE_V2_PARENT_R0
Jun 25 09:58:22 localhost pluto[20356]: "ikev2-cp"[1] 161.35.236.116 #1: deleting state (STATE_V2_PARENT_R0) aged 0.001227s and NOT sending notification
Jun 25 09:58:22 localhost pluto[20356]: "ikev2-cp"[1] 161.35.236.116: deleting connection instance with peer 161.35.236.116 {isakmp=#0/ipsec=#0}
Jun 25 09:58:22 localhost pluto[20356]: "ikev2-cp"[2] 161.35.236.116 #2: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_128;ENCR=AES_CBC_192;ENCR=AES_CBC_256;ENCR=3DES;INTEG=HMAC_SHA2_256_128;INTEG=HMAC_SHA2_384_192;INTEG=HMAC_SHA2_512_256;INTEG=AES_XCBC_96;INTEG=AES_CMAC_96;INTEG=HMAC_SHA1_96;PRF=AES128_XCBC;PRF=AES128_CMAC;PRF=HMAC_SHA2_256;PRF=HMAC_SHA2_384;PRF=HMAC_SHA2_512;PRF=HMAC_SHA1;DH=CURVE25519;DH=MODP3072;DH=MODP4096;DH=MODP6144;DH=MODP8192;DH=MODP2048[first-match]
Jun 25 09:58:22 localhost pluto[20356]: "ikev2-cp"[2] 161.35.236.116 #2: initiator guessed wrong keying material group (CURVE25519); responding with INVALID_KE_PAYLOAD requesting MODP2048
Jun 25 09:58:22 localhost pluto[20356]: "ikev2-cp"[2] 161.35.236.116 #2: responding to IKE_SA_INIT message (ID 0) from 161.35.236.116:51892 with unencrypted notification INVALID_KE_PAYLOAD
Jun 25 09:58:22 localhost pluto[20356]: "ikev2-cp"[2] 161.35.236.116 #2: encountered fatal error in state STATE_V2_PARENT_R0
Jun 25 09:58:22 localhost pluto[20356]: "ikev2-cp"[2] 161.35.236.116 #2: deleting state (STATE_V2_PARENT_R0) aged 0.001087s and NOT sending notification
Jun 25 09:58:22 localhost pluto[20356]: "ikev2-cp"[2] 161.35.236.116: deleting connection instance with peer 161.35.236.116 {isakmp=#0/ipsec=#0}
Jun 25 09:58:23 localhost pluto[20356]: "ikev2-cp"[3] 161.35.236.116 #3: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_128;ENCR=AES_CBC_192;ENCR=AES_CBC_256;ENCR=3DES;INTEG=HMAC_SHA2_256_128;INTEG=HMAC_SHA2_384_192;INTEG=HMAC_SHA2_512_256;INTEG=AES_XCBC_96;INTEG=AES_CMAC_96;INTEG=HMAC_SHA1_96;PRF=AES128_XCBC;PRF=AES128_CMAC;PRF=HMAC_SHA2_256;PRF=HMAC_SHA2_384;PRF=HMAC_SHA2_512;PRF=HMAC_SHA1;DH=MODP2048;DH=CURVE25519;DH=MODP3072;DH=MODP4096;DH=MODP6144;DH=MODP8192[first-match]
Jun 25 09:58:23 localhost pluto[20356]: "ikev2-cp"[3] 161.35.236.116 #3: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
Jun 25 09:58:23 localhost pluto[20356]: "ikev2-cp"[3] 161.35.236.116 #3: processing decrypted IKE_AUTH request: SK{IDi,N(INITIAL_CONTACT),CP,SA,TSi,TSr,N(MOBIKE_SUPPORTED),N(NO_ADDITIONAL_ADDRESSES),N(EAP_ONLY_AUTHENTICATION),N(IKEV2_MESSAGE_ID_SYNC_SUPPORTED)}
Jun 25 09:58:23 localhost pluto[20356]: "ikev2-cp"[3] 161.35.236.116 #3: Peer attempted EAP authentication, but IKE_AUTH is required
Jun 25 09:58:23 localhost pluto[20356]: "ikev2-cp"[3] 161.35.236.116 #3: responding to IKE_AUTH message (ID 1) from 161.35.236.116:51892 with encrypted notification AUTHENTICATION_FAILED
Jun 25 09:58:23 localhost pluto[20356]: "ikev2-cp"[3] 161.35.236.116 #3: encountered fatal error in state STATE_V2_PARENT_R1
Jun 25 09:58:23 localhost pluto[20356]: "ikev2-cp"[3] 161.35.236.116 #3: deleting state (STATE_V2_PARENT_R1) aged 0.231349s and NOT sending notification
Jun 25 09:58:23 localhost pluto[20356]: "ikev2-cp"[3] 161.35.236.116: deleting connection instance with peer 161.35.236.116 {isakmp=#0/ipsec=#0}
Jun 26 05:31:02 localhost pluto[24152]: "ikev2-cp": IKE SA proposals:
Jun 26 05:31:02 localhost pluto[24152]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 26 05:31:02 localhost pluto[24152]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 26 05:31:02 localhost pluto[24152]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 26 05:31:02 localhost pluto[24152]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 26 05:31:02 localhost pluto[24152]: "ikev2-cp": Child SA proposals:
Jun 26 05:31:02 localhost pluto[24152]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 26 05:31:02 localhost pluto[24152]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 26 05:31:02 localhost pluto[24152]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 26 05:31:02 localhost pluto[24152]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 26 05:31:02 localhost pluto[24152]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 26 05:31:02 localhost pluto[24152]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 26 05:31:02 localhost pluto[24152]: "ikev2-cp": added IKEv2 connection
Jun 26 10:48:57 localhost pluto[24152]: "ikev2-cp"[1] 138.197.101.95 #2: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_128;ENCR=AES_CBC_192;ENCR=AES_CBC_256;ENCR=3DES;INTEG=HMAC_SHA2_256_128;INTEG=HMAC_SHA2_384_192;INTEG=HMAC_SHA2_512_256;INTEG=AES_XCBC_96;INTEG=AES_CMAC_96;INTEG=HMAC_SHA1_96;PRF=AES128_XCBC;PRF=AES128_CMAC;PRF=HMAC_SHA2_256;PRF=HMAC_SHA2_384;PRF=HMAC_SHA2_512;PRF=HMAC_SHA1;DH=CURVE25519;DH=MODP3072;DH=MODP4096;DH=MODP6144;DH=MODP8192;DH=MODP2048[first-match]
Jun 26 10:48:57 localhost pluto[24152]: "ikev2-cp"[1] 138.197.101.95 #2: initiator guessed wrong keying material group (CURVE25519); responding with INVALID_KE_PAYLOAD requesting MODP2048
Jun 26 10:48:57 localhost pluto[24152]: "ikev2-cp"[1] 138.197.101.95 #2: responding to IKE_SA_INIT message (ID 0) from 138.197.101.95:51149 with unencrypted notification INVALID_KE_PAYLOAD
Jun 26 10:48:57 localhost pluto[24152]: "ikev2-cp"[1] 138.197.101.95 #2: encountered fatal error in state STATE_V2_PARENT_R0
Jun 26 10:48:57 localhost pluto[24152]: "ikev2-cp"[1] 138.197.101.95 #2: deleting state (STATE_V2_PARENT_R0) aged 0.001051s and NOT sending notification
Jun 26 10:48:57 localhost pluto[24152]: "ikev2-cp"[1] 138.197.101.95: deleting connection instance with peer 138.197.101.95 {isakmp=#0/ipsec=#0}
Jun 26 10:48:57 localhost pluto[24152]: "ikev2-cp"[2] 138.197.101.95 #3: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_128;ENCR=AES_CBC_192;ENCR=AES_CBC_256;ENCR=3DES;INTEG=HMAC_SHA2_256_128;INTEG=HMAC_SHA2_384_192;INTEG=HMAC_SHA2_512_256;INTEG=AES_XCBC_96;INTEG=AES_CMAC_96;INTEG=HMAC_SHA1_96;PRF=AES128_XCBC;PRF=AES128_CMAC;PRF=HMAC_SHA2_256;PRF=HMAC_SHA2_384;PRF=HMAC_SHA2_512;PRF=HMAC_SHA1;DH=CURVE25519;DH=MODP3072;DH=MODP4096;DH=MODP6144;DH=MODP8192;DH=MODP2048[first-match]
Jun 26 10:48:57 localhost pluto[24152]: "ikev2-cp"[2] 138.197.101.95 #3: initiator guessed wrong keying material group (CURVE25519); responding with INVALID_KE_PAYLOAD requesting MODP2048
Jun 26 10:48:57 localhost pluto[24152]: "ikev2-cp"[2] 138.197.101.95 #3: responding to IKE_SA_INIT message (ID 0) from 138.197.101.95:42923 with unencrypted notification INVALID_KE_PAYLOAD
Jun 26 10:48:57 localhost pluto[24152]: "ikev2-cp"[2] 138.197.101.95 #3: encountered fatal error in state STATE_V2_PARENT_R0
Jun 26 10:48:57 localhost pluto[24152]: "ikev2-cp"[2] 138.197.101.95 #3: deleting state (STATE_V2_PARENT_R0) aged 0.001156s and NOT sending notification
Jun 26 10:48:57 localhost pluto[24152]: "ikev2-cp"[2] 138.197.101.95: deleting connection instance with peer 138.197.101.95 {isakmp=#0/ipsec=#0}
Jun 26 10:48:57 localhost pluto[24152]: "ikev2-cp"[3] 138.197.101.95 #4: proposal 1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048 chosen from remote proposals 1:IKE:ENCR=AES_CBC_128;ENCR=AES_CBC_192;ENCR=AES_CBC_256;ENCR=3DES;INTEG=HMAC_SHA2_256_128;INTEG=HMAC_SHA2_384_192;INTEG=HMAC_SHA2_512_256;INTEG=AES_XCBC_96;INTEG=AES_CMAC_96;INTEG=HMAC_SHA1_96;PRF=AES128_XCBC;PRF=AES128_CMAC;PRF=HMAC_SHA2_256;PRF=HMAC_SHA2_384;PRF=HMAC_SHA2_512;PRF=HMAC_SHA1;DH=MODP2048;DH=CURVE25519;DH=MODP3072;DH=MODP4096;DH=MODP6144;DH=MODP8192[first-match]
Jun 26 10:48:57 localhost pluto[24152]: "ikev2-cp"[3] 138.197.101.95 #4: sent IKE_SA_INIT reply {cipher=AES_CBC_256 integ=HMAC_SHA2_256_128 prf=HMAC_SHA2_256 group=MODP2048}
Jun 26 10:48:58 localhost pluto[24152]: "ikev2-cp"[3] 138.197.101.95 #4: processing decrypted IKE_AUTH request: SK{IDi,N(INITIAL_CONTACT),CP,SA,TSi,TSr,N(MOBIKE_SUPPORTED),N(NO_ADDITIONAL_ADDRESSES),N(EAP_ONLY_AUTHENTICATION),N(IKEV2_MESSAGE_ID_SYNC_SUPPORTED)}
Jun 26 10:48:58 localhost pluto[24152]: "ikev2-cp"[3] 138.197.101.95 #4: Peer attempted EAP authentication, but IKE_AUTH is required
Jun 26 10:48:58 localhost pluto[24152]: "ikev2-cp"[3] 138.197.101.95 #4: responding to IKE_AUTH message (ID 1) from 138.197.101.95:42923 with encrypted notification AUTHENTICATION_FAILED
Jun 26 10:48:58 localhost pluto[24152]: "ikev2-cp"[3] 138.197.101.95 #4: encountered fatal error in state STATE_V2_PARENT_R1
Jun 26 10:48:58 localhost pluto[24152]: "ikev2-cp"[3] 138.197.101.95 #4: deleting state (STATE_V2_PARENT_R1) aged 0.265073s and NOT sending notification
Jun 26 10:48:58 localhost pluto[24152]: "ikev2-cp"[3] 138.197.101.95: deleting connection instance with peer 138.197.101.95 {isakmp=#0/ipsec=#0}
Jun 27 05:31:01 localhost pluto[27370]: "ikev2-cp": IKE SA proposals:
Jun 27 05:31:01 localhost pluto[27370]: "ikev2-cp":   1:IKE=AES_CBC_256-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 27 05:31:01 localhost pluto[27370]: "ikev2-cp":   2:IKE=AES_CBC_128-HMAC_SHA2_256-HMAC_SHA2_256_128-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 27 05:31:01 localhost pluto[27370]: "ikev2-cp":   3:IKE=AES_CBC_256-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 27 05:31:01 localhost pluto[27370]: "ikev2-cp":   4:IKE=AES_CBC_128-HMAC_SHA1-HMAC_SHA1_96-MODP2048+MODP3072+MODP4096+MODP8192+ECP_256+ECP_384+ECP_521+CURVE25519
Jun 27 05:31:01 localhost pluto[27370]: "ikev2-cp": Child SA proposals:
Jun 27 05:31:01 localhost pluto[27370]: "ikev2-cp":   1:ESP=AES_GCM_C_128+AES_GCM_C_256-NONE-NONE-ENABLED+DISABLED
Jun 27 05:31:01 localhost pluto[27370]: "ikev2-cp":   2:ESP=AES_CBC_128-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 27 05:31:01 localhost pluto[27370]: "ikev2-cp":   3:ESP=AES_CBC_256-HMAC_SHA1_96-NONE-ENABLED+DISABLED
Jun 27 05:31:02 localhost pluto[27370]: "ikev2-cp":   4:ESP=AES_CBC_128-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 27 05:31:02 localhost pluto[27370]: "ikev2-cp":   5:ESP=AES_CBC_256-HMAC_SHA2_256_128-NONE-ENABLED+DISABLED
Jun 27 05:31:02 localhost pluto[27370]: "ikev2-cp": loaded private key matching left certificate 'x96.ddns.net'
Jun 27 05:31:02 localhost pluto[27370]: "ikev2-cp": added IKEv2 connection