Mar 10 19:46:05 dave charon: 00[DMN] Starting IKE charon daemon (strongSwan 6.0.1, Linux 6.13.6, x86_64)
Mar 10 19:46:06 dave charon: 00[LIB] providers loaded by OpenSSL: legacy default
Mar 10 19:46:06 dave charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Mar 10 19:46:06 dave charon: 00[CFG]   loaded ca certificate "C=CH, O=strongSwan Project, CN=strongSwan Root CA" from '/etc/ipsec.d/cacerts/strongswanCert.pem'
Mar 10 19:46:06 dave charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Mar 10 19:46:06 dave charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Mar 10 19:46:06 dave charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Mar 10 19:46:06 dave charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'
Mar 10 19:46:06 dave charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'
Mar 10 19:46:06 dave charon: 00[CFG]   loaded RSA private key from '/etc/ipsec.d/private/daveKey.pem'
Mar 10 19:46:06 dave charon: 00[LIB] loaded plugins: charon random nonce openssl pem pkcs1 curl revocation stroke kernel-netlink socket-default updown
Mar 10 19:46:06 dave charon: 00[JOB] spawning 16 worker threads
Mar 10 19:46:06 dave charon: 08[CFG] received stroke: add connection 'home'
Mar 10 19:46:06 dave charon: 08[CFG]   loaded certificate "C=CH, O=strongSwan Project, OU=Accounting, CN=dave@strongswan.org" from 'daveCert.pem'
Mar 10 19:46:06 dave charon: 08[CFG] added configuration 'home'
Mar 10 19:46:06 dave charon: 12[CFG] received stroke: initiate 'home'
Mar 10 19:46:06 dave charon: 14[IKE] initiating IKE_SA home[1] to 192.168.0.1
Mar 10 19:46:06 dave charon: 14[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Mar 10 19:46:06 dave charon: 14[NET] sending packet: from 192.168.0.200[500] to 192.168.0.1[500] (924 bytes)
Mar 10 19:46:07 dave charon: 15[NET] received packet: from 192.168.0.1[500] to 192.168.0.200[500] (313 bytes)
Mar 10 19:46:07 dave charon: 15[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(HTTP_CERT_LOOK) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
Mar 10 19:46:07 dave charon: 15[CFG] selected proposal: IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/ECP_256
Mar 10 19:46:07 dave charon: 15[IKE] received cert request for "C=CH, O=strongSwan Project, CN=strongSwan Root CA"
Mar 10 19:46:07 dave charon: 15[IKE] sending cert request for "C=CH, O=strongSwan Project, CN=strongSwan Root CA"
Mar 10 19:46:07 dave charon: 15[IKE] authentication of 'dave@strongswan.org' (myself) with RSA_EMSA_PKCS1_SHA2_256 successful
Mar 10 19:46:07 dave charon: 15[IKE] sending end entity cert "C=CH, O=strongSwan Project, OU=Accounting, CN=dave@strongswan.org"
Mar 10 19:46:07 dave charon: 15[IKE] establishing CHILD_SA home{1}
Mar 10 19:46:07 dave charon: 15[ENC] generating IKE_AUTH request 1 [ IDi CERT N(INIT_CONTACT) N(HTTP_CERT_LOOK) CERTREQ IDr AUTH CPRQ(ADDR6) SA TSi TSr N(MOBIKE_SUP) N(ADD_6_ADDR) N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Mar 10 19:46:07 dave charon: 15[ENC] splitting IKE message (2080 bytes) into 2 fragments
Mar 10 19:46:07 dave charon: 15[ENC] generating IKE_AUTH request 1 [ EF(1/2) ]
Mar 10 19:46:07 dave charon: 15[ENC] generating IKE_AUTH request 1 [ EF(2/2) ]
Mar 10 19:46:07 dave charon: 15[NET] sending packet: from 192.168.0.200[4500] to 192.168.0.1[4500] (1236 bytes)
Mar 10 19:46:07 dave charon: 15[NET] sending packet: from 192.168.0.200[4500] to 192.168.0.1[4500] (916 bytes)
Mar 10 19:46:07 dave charon: 16[NET] received packet: from 192.168.0.1[4500] to 192.168.0.200[4500] (1236 bytes)
Mar 10 19:46:07 dave charon: 16[ENC] parsed IKE_AUTH response 1 [ EF(1/2) ]
Mar 10 19:46:07 dave charon: 16[ENC] received fragment #1 of 2, waiting for complete IKE message
Mar 10 19:46:07 dave charon: 05[NET] received packet: from 192.168.0.1[4500] to 192.168.0.200[4500] (756 bytes)
Mar 10 19:46:07 dave charon: 05[ENC] parsed IKE_AUTH response 1 [ EF(2/2) ]
Mar 10 19:46:07 dave charon: 05[ENC] received fragment #2 of 2, reassembled fragmented IKE message (1920 bytes)
Mar 10 19:46:07 dave charon: 05[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH CPRP(ADDR6) SA TSi TSr N(AUTH_LFT) N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_6_ADDR) N(ADD_6_ADDR) ]
Mar 10 19:46:07 dave charon: 05[IKE] received end entity cert "C=CH, O=strongSwan Project, CN=moon.strongswan.org"
Mar 10 19:46:07 dave charon: 05[CFG]   using certificate "C=CH, O=strongSwan Project, CN=moon.strongswan.org"
Mar 10 19:46:07 dave charon: 05[CFG]   using trusted ca certificate "C=CH, O=strongSwan Project, CN=strongSwan Root CA"
Mar 10 19:46:07 dave charon: 05[CFG]   reached self-signed root ca with a path length of 0
Mar 10 19:46:07 dave charon: 05[CFG] checking certificate status of "C=CH, O=strongSwan Project, CN=moon.strongswan.org"
Mar 10 19:46:07 dave charon: 05[CFG]   fetching crl from 'http://crl.strongswan.org/strongswan.crl' ...
Mar 10 19:46:07 dave charon: 05[CFG]   using trusted certificate "C=CH, O=strongSwan Project, CN=strongSwan Root CA"
Mar 10 19:46:07 dave charon: 05[CFG]   crl correctly signed by "C=CH, O=strongSwan Project, CN=strongSwan Root CA"
Mar 10 19:46:07 dave charon: 05[CFG]   crl is valid: until Mar 25 18:47:43 2025
Mar 10 19:46:07 dave charon: 05[CFG] certificate status is good
Mar 10 19:46:07 dave charon: 05[IKE] authentication of 'moon.strongswan.org' with RSA_EMSA_PKCS1_SHA2_256 successful
Mar 10 19:46:07 dave charon: 05[IKE] installing new virtual IP fec3::2
Mar 10 19:46:07 dave charon: 05[IKE] received AUTH_LIFETIME of 3325s, scheduling reauthentication in 3145s
Mar 10 19:46:07 dave charon: 05[IKE] peer supports MOBIKE
Mar 10 19:46:07 dave charon: 05[IKE] IKE_SA home[1] established between 192.168.0.200[dave@strongswan.org]...192.168.0.1[moon.strongswan.org]
Mar 10 19:46:07 dave charon: 05[IKE] reauthentication already scheduled in 3145s
Mar 10 19:46:07 dave charon: 05[IKE] maximum IKE_SA lifetime 3325s
Mar 10 19:46:07 dave charon: 05[CFG] selected proposal: ESP:AES_CBC_128/HMAC_SHA2_256_128/NO_EXT_SEQ
Mar 10 19:46:07 dave charon: 05[IKE] CHILD_SA home{1} established with SPIs cb67b77a_i cd82690a_o and TS fec3::2/128 === fec1::/16
Mar 10 19:46:08 dave charon: 11[NET] received packet: from 192.168.0.1[4500] to 192.168.0.200[4500] (80 bytes)
Mar 10 19:46:08 dave charon: 11[ENC] parsed INFORMATIONAL request 0 [ D ]
Mar 10 19:46:08 dave charon: 11[IKE] received DELETE for IKE_SA home[1]
Mar 10 19:46:08 dave charon: 11[IKE] deleting IKE_SA home[1] between 192.168.0.200[dave@strongswan.org]...192.168.0.1[moon.strongswan.org]
Mar 10 19:46:08 dave charon: 11[IKE] IKE_SA deleted
Mar 10 19:46:08 dave charon: 11[ENC] generating INFORMATIONAL response 0 [ ]
Mar 10 19:46:08 dave charon: 11[NET] sending packet: from 192.168.0.200[4500] to 192.168.0.1[4500] (80 bytes)
Mar 10 19:46:10 dave charon: 00[DMN] SIGINT received, shutting down