Hi,
Are you still having the same problem?
I am experiencing this issue on macOS ventura 13.2.1.
Config mikrotik server:
/ip ipsec mode-config
add address-pool=pool_full name=cfg_ikev2
/ip ipsec policy group
add name=group_ikev2
/ip ipsec profile
set [ find default=yes ] dh-group=modp1024 enc-algorithm=aes-128
add dh-group=ecp256,ecp384,ecp521,modp2048 enc-algorithm=aes-256,aes-192,aes-128 hash-algorithm=sha256 name=pf_pha1_ikev2 prf-algorithm=sha256
/ip ipsec peer
add exchange-mode=ike2 name=peer_ikev2 passive=yes profile=pf_pha1_ikev2 send-initial-contact=no
/ip ipsec proposal
set [ find default=yes ] disabled=yes enc-algorithms=aes-128-cbc pfs-group=none
add auth-algorithms=sha512,sha256,sha1 name=pp_pha2_ikev2 pfs-group=none
/ip ipsec identity
add auth-method=eap-radius certificate=IKEv2_SV.new.crt comment="To_Radius" generate-policy=port-strict mode-config=cfg_ikev2 peer=peer_ikev2 policy-template-group=\
group_ikev2
/ip ipsec policy
set 0 disabled=yes
add comment=Policy_IKEv2 group=group_ikev2 proposal=pp_pha2_ikev2 template=yes
/ip ipsec settings
set interim-update=1m xauth-use-radius=yes
Some log messages:
Client: 1.1.1.1
Server: 2.2.2.2
FQDN: vpn2.serverexample.com
Feb/21/2023 12:13:24 ipsec ike2 respond finish: request, exchange: SA_INIT:0 1.1.1.1[500] 2c045a2d3530d05e:0000000000000000
Feb/21/2023 12:13:24 ipsec processing payload: NONCE
Feb/21/2023 12:13:24 ipsec adding payload: SA
Feb/21/2023 12:13:24 ipsec,debug => (size 0x30)
Feb/21/2023 12:13:24 ipsec adding payload: KE
Feb/21/2023 12:13:24 ipsec,debug => (first 0x100 of 0x108)
Feb/21/2023 12:13:24 ipsec adding payload: NONCE
Feb/21/2023 12:13:24 ipsec,debug => (size 0x1c)
Feb/21/2023 12:13:24 ipsec adding notify: NAT_DETECTION_SOURCE_IP
Feb/21/2023 12:13:24 ipsec adding notify: NAT_DETECTION_DESTINATION_IP
Feb/21/2023 12:13:24 ipsec adding notify: IKEV2_FRAGMENTATION_SUPPORTED
Feb/21/2023 12:13:24 ipsec adding payload: CERTREQ
Feb/21/2023 12:13:24 ipsec <- ike2 reply, exchange: SA_INIT:0 1.1.1.1[500] 2c045a2d3530d05e:a2bfd64d7df81189
Feb/21/2023 12:13:24 ipsec,debug ===== sending 437 bytes from 2.2.2.2[500] to 1.1.1.1[500]
Feb/21/2023 12:13:24 ipsec,debug 1 times of 437 bytes message will be sent to 1.1.1.1[500]
Feb/21/2023 12:13:24 ipsec,debug => skeyseed (size 0x20)
Feb/21/2023 12:13:24 ipsec,debug 3c46b50d bf3352ff e47fb88b bfa9b929 e7d20da1 9a4ba82e 48cd488b 00e52b43
Feb/21/2023 12:13:24 ipsec,debug => keymat (size 0x20)
Feb/21/2023 12:13:24 ipsec,debug 4434e8e7 0b425fca d9586ab9 0dee48e6 a32c7fc3 254a356f 7d51d86f 96344b18
Feb/21/2023 12:13:24 ipsec,debug => SK_ai (size 0x20)
Feb/21/2023 12:13:24 ipsec,debug acd8cdcb 9233e191 dc73dd79 a26b2826 2fe0d778 44138176 6039028e d093134c
Feb/21/2023 12:13:24 ipsec,debug => SK_ar (size 0x20)
Feb/21/2023 12:13:24 ipsec,debug 3136f5d6 06cdd399 5e2ea0dc db99aa3a a6a7cdb3 8dcdbff0 c42e9f9f 397b4ed9
Feb/21/2023 12:13:24 ipsec,debug => SK_ei (size 0x20)
Feb/21/2023 12:13:24 ipsec,debug a16f295e f6f48303 69d239fe ff1e2798 0296eedb e59bf390 152abf63 a9a07370
Feb/21/2023 12:13:24 ipsec,debug => SK_er (size 0x20)
Feb/21/2023 12:13:24 ipsec,debug b3a92f3b 3c69b68a e49f5bd1 6db61fff 50e77637 50020f4b 8668d4f2 4ad7a31a
Feb/21/2023 12:13:24 ipsec,debug => SK_pi (size 0x20)
Feb/21/2023 12:13:24 ipsec,debug d6378fd0 67540671 65068930 86512a9f 3076001c 396fadae 80dd5f3b dbb580da
Feb/21/2023 12:13:24 ipsec,debug => SK_pr (size 0x20)
Feb/21/2023 12:13:24 ipsec,debug 05f279c0 a4ece297 26b3828a 1884652f 42d0ec0e 64f1db63 4c3ca361 47af46ef
Feb/21/2023 12:13:24 ipsec,info new ike2 SA (R): peer_ikev2 2.2.2.2[500]-1.1.1.1[500] spi:a2bfd64d7df81189:2c045a2d3530d05e
Feb/21/2023 12:13:24 ipsec processing payloads: VID (none found)
Feb/21/2023 12:13:24 ipsec processing payloads: NOTIFY
Feb/21/2023 12:13:24 ipsec notify: REDIRECT_SUPPORTED
Feb/21/2023 12:13:24 ipsec notify: NAT_DETECTION_SOURCE_IP
Feb/21/2023 12:13:24 ipsec notify: NAT_DETECTION_DESTINATION_IP
Feb/21/2023 12:13:24 ipsec notify: IKEV2_FRAGMENTATION_SUPPORTED
Feb/21/2023 12:13:24 ipsec (NAT-T) REMOTE LOCAL
Feb/21/2023 12:13:24 ipsec KA list add: 2.2.2.2[4500]->1.1.1.1[4500]
Feb/21/2023 12:13:24 ipsec fragmentation negotiated
Feb/21/2023 12:13:25 ipsec,debug ===== received 512 bytes from 1.1.1.1[4500] to 2.2.2.2[4500]
Feb/21/2023 12:13:25 ipsec -> ike2 request, exchange: AUTH:1 1.1.1.1[4500] 2c045a2d3530d05e:a2bfd64d7df81189
Feb/21/2023 12:13:25 ipsec payload seen: ENC (484 bytes)
Feb/21/2023 12:13:25 ipsec processing payload: ENC
Feb/21/2023 12:13:25 ipsec,debug => iv (size 0x10)
Feb/21/2023 12:13:25 ipsec,debug f050105d e9d9f3e0 14522bab 675bdeb4
Feb/21/2023 12:13:25 ipsec,debug decrypted packet
Feb/21/2023 12:13:25 ipsec payload seen: ID_I (12 bytes)
Feb/21/2023 12:13:25 ipsec payload seen: NOTIFY (8 bytes)
Feb/21/2023 12:13:25 ipsec payload seen: ID_R (26 bytes)
Feb/21/2023 12:13:25 ipsec payload seen: CONFIG (40 bytes)
Feb/21/2023 12:13:25 ipsec payload seen: NOTIFY (8 bytes)
Feb/21/2023 12:13:25 ipsec payload seen: NOTIFY (8 bytes)
Feb/21/2023 12:13:25 ipsec payload seen: SA (200 bytes)
Feb/21/2023 12:13:25 ipsec payload seen: TS_I (64 bytes)
Feb/21/2023 12:13:25 ipsec payload seen: TS_R (64 bytes)
Feb/21/2023 12:13:25 ipsec payload seen: NOTIFY (8 bytes)
Feb/21/2023 12:13:25 ipsec processing payloads: NOTIFY
Feb/21/2023 12:13:25 ipsec notify: INITIAL_CONTACT
Feb/21/2023 12:13:25 ipsec notify: ESP_TFC_PADDING_NOT_SUPPORTED
Feb/21/2023 12:13:25 ipsec notify: NON_FIRST_FRAGMENTS_ALSO
Feb/21/2023 12:13:25 ipsec notify: MOBIKE_SUPPORTED
Feb/21/2023 12:13:25 ipsec ike auth: respond
Feb/21/2023 12:13:25 ipsec processing payload: ID_I
Feb/21/2023 12:13:25 ipsec ID_I (ADDR4): 192.168.86.149
Feb/21/2023 12:13:25 ipsec processing payload: ID_R
Feb/21/2023 12:13:25 ipsec ID_R (FQDN): vpn2.serverexample.com
Feb/21/2023 12:13:25 ipsec processing payload: AUTH (not found)
Feb/21/2023 12:13:25 ipsec requested server id: vpn2.serverexample.com
Feb/21/2023 12:13:25 ipsec processing payloads: NOTIFY
Feb/21/2023 12:13:25 ipsec notify: INITIAL_CONTACT
Feb/21/2023 12:13:25 ipsec notify: ESP_TFC_PADDING_NOT_SUPPORTED
Feb/21/2023 12:13:25 ipsec notify: NON_FIRST_FRAGMENTS_ALSO
Feb/21/2023 12:13:25 ipsec notify: MOBIKE_SUPPORTED
Feb/21/2023 12:13:25 ipsec ID_R (FQDN): vpn2.serverexample.com
Feb/21/2023 12:13:25 ipsec adding payload: ID_R
Feb/21/2023 12:13:25 ipsec,debug => (size 0x1a)
Feb/21/2023 12:13:25 ipsec,debug 0000001a 02000000 6c696e6b 322e6d79 77766c69 6e6b2e63 6f6d
Feb/21/2023 12:13:25 ipsec cert: C=SP, S=SP, L=VA, O=OPS Servers, OU=OPS IT We, CN=SV_vpn2.serverexample.com
Feb/21/2023 12:13:25 ipsec adding payload: CERT
Feb/21/2023 12:13:25 ipsec,debug => (first 0x100 of 0x265)
Feb/21/2023 12:13:25 ipsec,debug => auth nonce (size 0x10)
Feb/21/2023 12:13:25 ipsec,debug 3f8b407a c07ead09 ae0dd1c9 31deb7dd
Feb/21/2023 12:13:25 ipsec,debug => SK_p (size 0x20)
Feb/21/2023 12:13:25 ipsec,debug 05f279c0 a4ece297 26b3828a 1884652f 42d0ec0e 64f1db63 4c3ca361 47af46ef
Feb/21/2023 12:13:25 ipsec,debug => idhash (size 0x20)
Feb/21/2023 12:13:25 ipsec,debug 088f262b d712d809 26b74b7f 2bca3ae7 4041521d 738c61da b2bfd777 f5797d16
Feb/21/2023 12:13:25 ipsec,debug => my auth (size 0x40)
Feb/21/2023 12:13:25 ipsec,debug bc1f73ef 0874960b 64784007 5cf3b8e0 9b1dbac3 1d7878a4 327fa0bf 6b6962da
Feb/21/2023 12:13:25 ipsec,debug 38d14cb7 26f537f1 429bec18 76bf9d47 527e1dcc 6d6c3f2a 6ff7485b 70393181
Feb/21/2023 12:13:25 ipsec adding payload: AUTH
Feb/21/2023 12:13:25 ipsec,debug => (size 0x48)
Feb/21/2023 12:13:25 ipsec,debug 00000048 09000000 bc1f73ef 0874960b 64784007 5cf3b8e0 9b1dbac3 1d7878a4
Feb/21/2023 12:13:25 ipsec,debug 327fa0bf 6b6962da 38d14cb7 26f537f1 429bec18 76bf9d47 527e1dcc 6d6c3f2a
Feb/21/2023 12:13:25 ipsec,debug 6ff7485b 70393181
Feb/21/2023 12:13:25 ipsec adding payload: EAP
Feb/21/2023 12:13:25 ipsec,debug => (size 0x9)
Feb/21/2023 12:13:25 ipsec,debug 00000009 01000005 01
Feb/21/2023 12:13:25 ipsec <- ike2 reply, exchange: AUTH:1 1.1.1.1[4500] 2c045a2d3530d05e:a2bfd64d7df81189
Feb/21/2023 12:13:25 ipsec,debug ===== sending 912 bytes from 2.2.2.2[4500] to 1.1.1.1[4500]
Feb/21/2023 12:13:25 ipsec,debug 1 times of 916 bytes message will be sent to 1.1.1.1[4500]
Feb/21/2023 12:13:26 ipsec,debug KA: 2.2.2.2[4500]->1.1.1.1[4500]
Feb/21/2023 12:13:26 ipsec,debug 1 times of 1 bytes message will be sent to 1.1.1.1[4500]
Feb/21/2023 12:13:46 ipsec,debug KA: 2.2.2.2[4500]->1.1.1.1[4500]
Feb/21/2023 12:13:46 ipsec,debug 1 times of 1 bytes message will be sent to 1.1.1.1[4500]
Feb/21/2023 12:13:54 ipsec child negitiation timeout in state 2
Feb/21/2023 12:13:54 ipsec,info killing ike2 SA: peer_ikev2 2.2.2.2[4500]-1.1.1.1[4500] spi:a2bfd64d7df81189:2c045a2d3530d05e
Feb/21/2023 12:13:54 ipsec KA remove: 2.2.2.2[4500]->1.1.1.1[4500]
Feb/21/2023 12:13:54 ipsec,debug KA tree dump: 2.2.2.2[4500]->1.1.1.1[4500] (in_use=1)
Feb/21/2023 12:13:54 ipsec,debug KA removing this one...
Support for 4 days with no response yet.
Thanks!
Regards,