Mar 10 19:42:44 sun systemd[1]: Starting strongswan.service - strongSwan IPsec IKEv1/IKEv2 daemon using swanctl...
Mar 10 19:42:44 sun charon-systemd: 00[DMN] Starting charon-systemd IKE daemon (strongSwan 6.0.1, Linux 6.13.6, x86_64)
Mar 10 19:42:44 sun charon-systemd: 00[LIB] providers loaded by OpenSSL: legacy default
Mar 10 19:42:44 sun charon-systemd: 00[LIB] loaded plugins: charon-systemd random nonce openssl pem pkcs1 curl revocation vici kernel-netlink socket-default updown
Mar 10 19:42:44 sun charon-systemd: 00[JOB] spawning 16 worker threads
Mar 10 19:42:44 sun charon-systemd: 11[CFG] loaded certificate 'C=CH, O=strongSwan Project, CN=sun.strongswan.org'
Mar 10 19:42:44 sun charon-systemd: 09[CFG] loaded certificate 'C=CH, O=strongSwan Project, CN=strongSwan Root CA'
Mar 10 19:42:44 sun charon-systemd: 11[CFG] loaded RSA private key
Mar 10 19:42:44 sun charon-systemd: 12[CFG] added vici connection: host-host
Mar 10 19:42:44 sun swanctl[18796]: loaded certificate from '/etc/swanctl/x509/sunCert.pem'
Mar 10 19:42:44 sun swanctl[18796]: loaded certificate from '/etc/swanctl/x509ca/strongswanCert.pem'
Mar 10 19:42:44 sun swanctl[18796]: loaded rsa key from '/etc/swanctl/rsa/sunKey.pem'
Mar 10 19:42:44 sun swanctl[18796]: loaded authority 'strongswan'
Mar 10 19:42:44 sun swanctl[18796]: successfully loaded 1 authorities, 0 unloaded
Mar 10 19:42:44 sun swanctl[18796]: no pools found, 0 unloaded
Mar 10 19:42:44 sun swanctl[18796]: loaded connection 'host-host'
Mar 10 19:42:44 sun swanctl[18796]: successfully loaded 1 connections, 0 unloaded
Mar 10 19:42:44 sun systemd[1]: Started strongswan.service - strongSwan IPsec IKEv1/IKEv2 daemon using swanctl.
Mar 10 19:42:45 sun charon-systemd: 08[NET] received packet: from fec0::1[500] to fec0::2[500] (240 bytes)
Mar 10 19:42:45 sun charon-systemd: 08[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
Mar 10 19:42:45 sun charon-systemd: 08[IKE] fec0::1 is initiating an IKE_SA
Mar 10 19:42:45 sun charon-systemd: 08[CFG] selected proposal: IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/CURVE_25519
Mar 10 19:42:45 sun charon-systemd: 08[IKE] sending cert request for "C=CH, O=strongSwan Project, CN=strongSwan Root CA"
Mar 10 19:42:45 sun charon-systemd: 08[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
Mar 10 19:42:45 sun charon-systemd: 08[NET] sending packet: from fec0::2[500] to fec0::1[500] (273 bytes)
Mar 10 19:42:45 sun charon-systemd: 09[NET] received packet: from fec0::1[500] to fec0::2[500] (1220 bytes)
Mar 10 19:42:45 sun charon-systemd: 09[ENC] parsed IKE_AUTH request 1 [ EF(1/2) ]
Mar 10 19:42:45 sun charon-systemd: 09[ENC] received fragment #1 of 2, waiting for complete IKE message
Mar 10 19:42:45 sun charon-systemd: 07[NET] received packet: from fec0::1[500] to fec0::2[500] (756 bytes)
Mar 10 19:42:45 sun charon-systemd: 07[ENC] parsed IKE_AUTH request 1 [ EF(2/2) ]
Mar 10 19:42:45 sun charon-systemd: 07[ENC] received fragment #2 of 2, reassembled fragmented IKE message (1904 bytes)
Mar 10 19:42:45 sun charon-systemd: 07[ENC] parsed IKE_AUTH request 1 [ IDi CERT N(INIT_CONTACT) CERTREQ IDr AUTH SA TSi TSr N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
Mar 10 19:42:45 sun charon-systemd: 07[IKE] received cert request for "C=CH, O=strongSwan Project, CN=strongSwan Root CA"
Mar 10 19:42:45 sun charon-systemd: 07[IKE] received end entity cert "C=CH, O=strongSwan Project, CN=moon.strongswan.org"
Mar 10 19:42:45 sun charon-systemd: 07[CFG] looking for peer configs matching fec0::2[sun.strongswan.org]...fec0::1[moon.strongswan.org]
Mar 10 19:42:45 sun charon-systemd: 07[CFG] selected peer config 'host-host'
Mar 10 19:42:45 sun charon-systemd: 07[CFG]   using certificate "C=CH, O=strongSwan Project, CN=moon.strongswan.org"
Mar 10 19:42:45 sun charon-systemd: 07[CFG]   using trusted ca certificate "C=CH, O=strongSwan Project, CN=strongSwan Root CA"
Mar 10 19:42:45 sun charon-systemd: 07[CFG]   reached self-signed root ca with a path length of 0
Mar 10 19:42:45 sun charon-systemd: 07[CFG] checking certificate status of "C=CH, O=strongSwan Project, CN=moon.strongswan.org"
Mar 10 19:42:45 sun charon-systemd: 07[CFG]   fetching crl from 'http://ip6-winnetou.strongswan.org/strongswan.crl' ...
Mar 10 19:42:45 sun charon-systemd: 07[CFG]   using trusted certificate "C=CH, O=strongSwan Project, CN=strongSwan Root CA"
Mar 10 19:42:45 sun charon-systemd: 07[CFG]   crl correctly signed by "C=CH, O=strongSwan Project, CN=strongSwan Root CA"
Mar 10 19:42:45 sun charon-systemd: 07[CFG]   crl is valid: until Mar 25 18:47:43 2025
Mar 10 19:42:45 sun charon-systemd: 07[CFG] certificate status is good
Mar 10 19:42:45 sun charon-systemd: 07[IKE] authentication of 'moon.strongswan.org' with RSA_EMSA_PKCS1_SHA2_256 successful
Mar 10 19:42:45 sun charon-systemd: 07[IKE] authentication of 'sun.strongswan.org' (myself) with RSA_EMSA_PKCS1_SHA2_256 successful
Mar 10 19:42:45 sun charon-systemd: 07[IKE] sending end entity cert "C=CH, O=strongSwan Project, CN=sun.strongswan.org"
Mar 10 19:42:45 sun charon-systemd: 07[IKE] IKE_SA host-host[1] established between fec0::2[sun.strongswan.org]...fec0::1[moon.strongswan.org]
Mar 10 19:42:45 sun charon-systemd: 07[IKE] scheduling rekeying in 14208s
Mar 10 19:42:45 sun charon-systemd: 07[IKE] maximum IKE_SA lifetime 15648s
Mar 10 19:42:45 sun charon-systemd: 07[CFG] selected proposal: ESP:AES_CBC_128/HMAC_SHA2_256_128/NO_EXT_SEQ
Mar 10 19:42:45 sun charon-systemd: 07[IKE] CHILD_SA host-host{1} established with SPIs c22f8e44_i c6c00f60_o and TS fec0::2/128 === fec0::1/128
Mar 10 19:42:45 sun charon-systemd: 07[ENC] generating IKE_AUTH response 1 [ IDr CERT AUTH SA TSi TSr ]
Mar 10 19:42:45 sun charon-systemd: 07[ENC] splitting IKE message (1808 bytes) into 2 fragments
Mar 10 19:42:45 sun charon-systemd: 07[ENC] generating IKE_AUTH response 1 [ EF(1/2) ]
Mar 10 19:42:45 sun charon-systemd: 07[ENC] generating IKE_AUTH response 1 [ EF(2/2) ]
Mar 10 19:42:45 sun charon-systemd: 07[NET] sending packet: from fec0::2[500] to fec0::1[500] (1220 bytes)
Mar 10 19:42:45 sun charon-systemd: 07[NET] sending packet: from fec0::2[500] to fec0::1[500] (660 bytes)
Mar 10 19:42:48 sun charon-systemd: 07[NET] received packet: from fec0::1[500] to fec0::2[500] (80 bytes)
Mar 10 19:42:48 sun charon-systemd: 07[ENC] parsed INFORMATIONAL request 2 [ D ]
Mar 10 19:42:48 sun charon-systemd: 07[IKE] received DELETE for IKE_SA host-host[1]
Mar 10 19:42:48 sun charon-systemd: 07[IKE] deleting IKE_SA host-host[1] between fec0::2[sun.strongswan.org]...fec0::1[moon.strongswan.org]
Mar 10 19:42:48 sun charon-systemd: 07[IKE] IKE_SA deleted
Mar 10 19:42:48 sun charon-systemd: 07[ENC] generating INFORMATIONAL response 2 [ ]
Mar 10 19:42:48 sun charon-systemd: 07[NET] sending packet: from fec0::2[500] to fec0::1[500] (80 bytes)
Mar 10 19:42:48 sun charon-systemd: 00[DMN] SIGTERM received, shutting down
Mar 10 19:42:48 sun systemd[1]: Stopping strongswan.service - strongSwan IPsec IKEv1/IKEv2 daemon using swanctl...
Mar 10 19:42:48 sun systemd[1]: strongswan.service: Deactivated successfully.
Mar 10 19:42:48 sun systemd[1]: Stopped strongswan.service - strongSwan IPsec IKEv1/IKEv2 daemon using swanctl.