Got stuck building IKEv2 w/ MFA for remote client

Hello,

i’m quite new to MikroTik.
Upto now: i did build a site-2-site IKEv2 tunnel with routing between networks, took some effort but works great now.
So i thought i’d use the same router (HexS) to create IKEv2 connection for remote clients.
I did study docs and forum a lot, the following was the resulting idea :

• MikroTik IPsec/IKEv2 behind a NAT-router/fw
• Radius server on the MikroTik on 127.0.0.1 to get the 2FA/MFA working (timebased authenticator app)
• Windows native VPN client via PowerShell config

But, … after some weeks of learning and experimenting …
I am rather stuck. Too many problems at once, too many variables, too little logging to tell me what is wrong.
I excluded the 2FA/MFA problem for now.
The router and the client both are internal networks. The forwarding (NAT) works.

The windows client needs certificates. Cant get that right. Help ?
I cannot seem to get much log (ipsec) from the MikroTik nor from the windows client. Anyone ?
Any ideas or config-examples ?
Any help would be greatly appreciated!

Certificate: the IPsec responder has to present the complete certificate chain that starts with its own certificate and contains any intermediate certificates all the way to the root CA - the certificate item on the /ip/ipsec/identity row is actually a list. The Windows machine acting as an IKEv2 initiator must have the root CA certificate in its “trusted CAs” store. The own certificate of the responder must contain the FQDN or the public address to which the Windows initiator connect in the SubjectAlternateNames list - CommonName is not enough. The key type (RSA/ECDSA) must match the ciphers used for DH, so only use ECDSA if you need that and know excactly what you are doing.

In practical terms, one way is to use Let’s Encrypt or other public authority to issue the own certificate for the responder, because then you don’t need to install anything on the Windows clients - the root CA certificate is distributed using Windows Update in this case. Another way is to use your own certification authority to issue the own certificate of the responder, but if you take this way, you must install the certificate of that CA to all the Windows clients into the trusted CA store.

For L2TP/IPsec, Windows by default do not accept a responder running on a private address, I have never tried whether it is the case also for IKEv2 responders. For a few clients or if centralized management is available, you can resolve this by modifying the registry; if that’s too complicated, a trick exists that makes the responder behave as if it was running on a public address although it is actually behind a NAT.

To see more in the ipsec logs on Mikrotik, issue the following command:
/system/logging/add topics=ipsec,!packet

As you already use some IKEv2 config, there may be conflicts that need to be resolved, so what does /ip/ipsec/export show right now? Obfuscate any my-id and remote-id items on the /ip/ipsec/identity rows before posting.

Hi,

for certificates only you can use this tutorial:
https://help.mikrotik.com/docs/spaces/ROS/pages/11993097/IPsec#IPsec-RoadWarriorsetupusingIKEv2withRSAauthentication

for cert + user/pass this tutorial:
https://help.mikrotik.com/docs/spaces/ROS/pages/11993097/IPsec#IPsec-RoadWarriorsetupusingIKEv2withEAP-MSCHAPv2authenticationhandledbyUserManager(RouterOSv7)

MFA is quite a bit complicated but it can be done using second method with UserMan..
Under user there is OTP Secret and you can create BASE-32 Secret and then use an Authentificator (Gogle Auth) to add this layer of additional security…

@hunter : those are exactly the sections i used to get started with it, but i cant get it working yet.
I have read the MFA authenticator/user-manager/radius but since i already have to much troubles i will leave that for later.
https://help.mikrotik.com/docs/spaces/ROS/pages/2555940/User+Manager#UserManager-MFAauthenticationforRouterOSuserlogin

@sindy : i tried many, the own-ca way.

 0 K A T local-cert         local-cert                               
 1 K A T webfig             10.0.x.xxx                               
 2 KLA T ca                 ca                                       
 3 K  I  TesTikDE           10.0.x.xxx             IP:10.0.x.xxx     
 4 K  I  TestFlap           TestFlap                                 
 5 K  R  TesTikDE_outside   80.aaa.bbb.cc          IP:80.aaa.bbb.cc  
 6 K  R  TesTikDE_dns       myname.ourdomain.de                      
 7 KLA T ca_outside         ca_outside                               
 8 KLA T ca_dns             ca_dns                                   
 9 K  I  TesTikDE_outside2  80.aaa.bbb.cc          IP:80.aaa.bbb.cc  
10 K  I  TesTikDE_dns2      myname.ourdomain.de

I did not try lets-encrypt yet, i will try that, it might solve problems with windows-importing (used the automatic-which-store…) i’m a little confused there.
Regarding the cyphers: No, i do not know exactly what i’m doing too many options…

Interested in what u mean by the behind-NAT-trick. I’m using 500/4500 nat-traversal now.

Logging: had topcis=ipsec,packet and tried topcis=ipsec also.
Changed it to ipsec,!packet See if thats better Thanx.

Export: (might be a mess, i tried too may things, need to clear it and start over i think)

# 2025-02-05 19:23:02 by RouterOS 7.16.2
# software id = GKW7-GIGP
# model = RB760iGS
/ip ipsec mode-config
add address-pool=TSDE_vpnpool address-prefix-length=32 name=ike2-conf
/ip ipsec policy group
add name=ike2-policies
/ip ipsec profile
set [ find default=yes ] dh-group=x25519,ecp384,ecp521 dpd-interval=2m dpd-maximum-failures=5 enc-algorithm=aes-256 hash-algorithm=sha512 prf-algorithm=sha512 proposal-check=strict
add dh-group=x25519,ecp256,ecp384,ecp521,modp8192,modp6144,modp4096,modp3072,modp2048 enc-algorithm=aes-256,aes-192,aes-128 hash-algorithm=sha256 name=TStest_IKEv2_ph1
/ip ipsec peer
add exchange-mode=ike2 name=peer1 passive=yes profile=TStest_IKEv2_ph1
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha512,sha256 disabled=yes enc-algorithms=chacha20poly1305,aes-256-cbc,aes-256-gcm pfs-group=ecp521
add auth-algorithms=sha512,sha256 enc-algorithms=chacha20poly1305,aes-256-cbc,aes-256-ctr,aes-256-gcm,aes-192-cbc,aes-192-ctr,aes-192-gcm,aes-128-cbc,aes-128-gcm name=TStest_IKEv2_ph2 pfs-group=none
/ip ipsec identity
add auth-method=digital-signature certificate=TesTikDE_dns generate-policy=port-strict match-by=certificate mode-config=ike2-conf peer=peer1 policy-template-group=ike2-policies remote-certificate=TestFlap remote-id=ignore
/ip ipsec policy
set 0 disabled=yes
add dst-address=10.0.x.0/24 group=ike2-policies proposal=TStest_IKEv2_ph2 src-address=0.0.0.0/0 template=yes

Yes, it is a mess now.. Sorry.

The server authentication is not very important, it is a situation where a handfull of capable staff need remote access to the companies servers &| network.
I had in mind to start with PSK-only but that didnt turn out to be so easy…

Question:
Keeping in mind that i want the radius-method later for MFA/Authenticator, which auth-method should i choose now (w/o radius) on both sides, to start with ?
A simple config (to start with) would be great. I need less options too choose from…

. Tried to delete but didnt work.

The ability to use ESP encapsulation into UDP and related stuff to traverse NAT is a capability of IPsec as a protocol; not accepting a responder behind NAT is a default behavior of the Windows embedded VPN client (at least in the L2TP/IPsec mode) that can be changed.

The trick consists in assigning the public address of the NAT device (to which the initiators connect) as a /32 one to some interface of the Mikrotik (ideally, and empty bridge) and creating a dst-nat rule that forwards UDP ports 500 and 4500 on the private WAN address of the Mikrotik to that public address (so you “compensate” the external NAT). That way, the NAT detection of IPsec only identifies the presence of NAT at the initiator side. The downside is that this trick breaks the NAT detection if the initiator is not behind a NAT, so if that may happen, it can only be used if the external NAT device at the responder side can be told to forward any incoming bare ESP traffic to the WAN IP of the Mikrotik.

It is. Without the ability of the initiator to verify that it is connecting to the correct server, a MITM or an impersonator could harvest the usernames and passwords.

Except RouterOS and Strongswan, I haven’t seen any IKEv2 implementation yet that would support PSK.

The embedded client of Windows has just two possibilities:

• authenticate itself to the server using a machine (not user) certificate, which cannot be “unlocked” per connection using a passphrase to the private key, so a stolen machine can connect (i.e. the only obstacle is the password to the Windows account)
• authenticate itself using username and password; in combination with the dynamically generated TOTP suffix to the password, it seems safer to me than the previous method. But a RADIUS server at responder side is mandatory for this method.

A working configuration follows:
/ip ipsec mode-config
add name=windows split-include=172.18.0.0/22
/ip ipsec policy group
add name=win-default
/ip ipsec profile
add dh-group=modp1024 dpd-interval=30s enc-algorithm=aes-256 hash-algorithm=sha256 name=windows
/ip ipsec peer
add exchange-mode=ike2 local-address=pub.lic.wan.ip name=ike2-responder passive=yes profile=windows send-initial-contact=no
/ip ipsec proposal
add name=windows-default pfs-group=none
/ip ipsec identity
add auth-method=eap-radius certificate=letsencrypt-autogen_2025-01-03T23:38:06Z,LetsEncryptR10 generate-policy=port-strict mode-config=windows peer=ike2-responder policy-template-group=win-default
/ip ipsec policy
add group=win-default proposal=windows-default template=yes

/user-manager router
add address=127.0.0.1 name=local

/radius
add address=127.0.0.1 called-id=pub.lic.wan.ip service=ipsec

I hope I haven’t forgotten any important bit when copy-pasting.

Except RouterOS and Strongswan, I haven’t seen any IKEv2 implementation yet that would support PSK.

Just as a little factoid, I have IKEv2 with PSK authentication working between RouterOS and a Fortigate.
https://docs.fortinet.com/document/fortigate/7.6.2/administration-guide/560886/pre-shared-key-vs-digital-certificates
I’d assume Forti uses an inhouse IPsec engine, not Strongswan?

…and this, kids, is what happens when you lose concentration when posting
What I actually wanted to say was that I haven’t seen any other kind of VPN client on a PC or phone that would support PSK along with IKEv2 except Strongswan (and even Strongswan for Android does not support that), then started thinking about the rumours that RouterOS uses Strongswan internally, and ended up posting a total nonsense. Of course not only Fortinet but also Cisco and other router brands do support IKEv2 with PSK.

 0 K A T local-cert         local-cert                               
 1 K A T webfig             10.0.x.xxx                               
 2 KLA T ca                 ca                                       
 3 K  I  TesTikDE           10.0.x.xxx             IP:10.0.x.xxx     
 ......

I would delete the CA and all certificates will be gone too..
Then create new ones:

/certificate
add common-name=CA name=CA key-size=4096 days-valid=3650
sign CA ca-crl-host=remote.somewhere.at
add common-name=1.2.3.4 subject-alt-name=DNS:remote.somewhere.at key-size=4096 key-usage=tls-server name=MyVPN days-valid=800
sign MyVPN ca=CA
add common-name=User1 subject-alt-name=DNS:User.Company key-size=4096 key-usage=tls-client name=User1 days-valid=800
sign User1 ca=CA

common-name=YourPublicIP
SAN=dns name

For IOS devices I had problem If I user the same CN and SAN. Or just CN… So I made SAN like this..

Client on computer needs: CA Public Key and User Public And Private.
All need to be imported into LocalMachine!

use the lines provided by Sindy and for certificates only change this:

/ip ipsec identity
add auth-method=digital-signature certificate=MyVPN,CA generate-policy=port-strict mode-config=ike2-conf peer=ike2 policy-template-group=ike2-policies

This is cert Only (no MFA possible).
If you need MFA You can use LetsEncrypt cert as Sindy .. or your certificates created above..
If you use LE cert no need to import anything on client! Just user+pass set in UserManager…
MFA works as decribed on the help page you linked!

Ok! Thanx for all the input.
Was away a bit, had to spend time on other things, but am back on it now.

(intermezzo:
1/ I already had a working PSK-VPN from another MikroTik, to a Cisco machine. Built that ~2 months ago, the MikroTik side that is.
2/ I need MFA later so i did go for what Sindy advices.)

I now have a working LetsEncrypt certificate on the new Mikrotik, that sits behind a quite standard DSL-modem/router.
The dsl-public address (80.153.x.y) has a real dns name, within our own domain, the MikroTik itself has an internal 10.0.a.b address.

I have created the fake WAN bridge with external address and dstnat-rule, but the MikroTik doesnt seem to need that for the automatic/ACME certificate-issuing.
That works, with a filtered port 80 forward thru the dsl-router, with or without the fake interface
I disabled it for now, can re-enable it later when needed for the VPN.

Starting work on the VPN now.

It seems to work partially ..
I see more logging, thats good.

What worries: no IKEv2 peer config for <client.pub.lic.ip>

I removed the local-address=pub.lic.wan.ip from the ipsec peer ike2-responder, that works now.
I added ecp384 to the dhgroups of the ‘windows’ phase1 proposal. I think that is a remainder of a Set-VPN… PS-command that i configured the windows-client with.

Next problem:
identity not found for peer: ADDR4: 192.168.179.7

That is the client’s wifi-local address. The client also sits behind its own dsl-router that providers it with a wifi connection.

ideas ?

i’ll go read the windows client config stuff again…
https://docs.netgate.com/pfsense/en/latest/recipes/ipsec-mobile-ikev2-client-windows.html
https://learn.microsoft.com/en-us/powershell/module/vpnclient/set-vpnconnection?view=windowsserver2025-ps
https://learn.microsoft.com/en-us/windows/security/operating-system-security/network-security/vpn/vpn-guide

…
There was a warning “peer does not exist” above indentity that contains ike2-reponder visible in webfig.
I open it, clicked the dropdownlist and chose the “ike2-reponder” again, clicked ‘OK’ and now its gone…
The problem has changed also now.
The “identity not found for peer: ADDR4: 192.168.179.7” is gone now.

But now, after entering username an password as defined in the /user-manager/user, the windows client says that the IKE-auth. references are unacceptable
I have seen that before.

Does the log show that IPsec sends a query to RADIUS?

there is no mention of radius in the log
I was looking into EKU right now

/ip ipsec mode-config
add address-pool=MY_vpnpool address-prefix-length=32 name=ike2-conf
add name=windows split-include=10.x.x.x/24
/ip ipsec policy group
add name=ike2-policies
add name=win-default
/ip ipsec profile
set [ find default=yes ] dh-group=x25519,ecp384,ecp521 dpd-interval=2m dpd-maximum-failures=5 enc-algorithm=aes-256 hash-algorithm=sha512 prf-algorithm=sha512 proposal-check=strict
add dh-group=ecp384,modp1024 dpd-interval=30s enc-algorithm=aes-256 hash-algorithm=sha256 name=windows
/ip ipsec peer
add exchange-mode=ike2 name=ike2-responder passive=yes profile=windows send-initial-contact=no
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha512,sha256 disabled=yes enc-algorithms=chacha20poly1305,aes-256-cbc,aes-256-gcm pfs-group=ecp521
add auth-algorithms=sha512,sha256 disabled=yes enc-algorithms=chacha20poly1305,aes-256-cbc,aes-256-ctr,aes-256-gcm,aes-192-cbc,aes-192-ctr,aes-192-gcm,aes-128-cbc,aes-128-gcm name=PreviousTEST_ph2 pfs-group=none
add name=windows-default pfs-group=none
/ip ipsec identity
add auth-method=eap-radius certificate=my.dnsname.com generate-policy=port-strict mode-config=windows peer=ike2-responder policy-template-group=win-default
/ip ipsec policy
set 0 disabled=yes
add group=win-default proposal=windows-default template=yes


The windows-client was using EAP-TTLS, changed that to EAP-MSCHAPv2 which did not really change the effects on the log, still no radius mentioned.

I do see : “adding payload:” CERT, EAP, SKF

So what is in the EKU of the my.dnsname.com certificate - is the tls-server bit set? And does the certificate use an ECP key, as you use one in DH-group in Phase 1 and Phase 2 proposals?

17:37:46 ipsec adding payload: EAP
17:37:46 ipsec,debug => (size 0x9)
17:37:46 ipsec ← ike2 reply, exchange: AUTH:1 client.pub.lic.ip[64374] hex:hex
17:37:46 ipsec fragmenting into 2 chunks
17:37:46 ipsec adding payload: SKF
17:37:46 ipsec,debug => (first 0x100 of 0x498)
17:37:46 ipsec,debug lot of hex data
17:37:46 ipsec adding payload: SKF
17:37:46 ipsec,debug => (first 0x100 of 0x348)
17:37:46 ipsec,debug lot of hex data again
17:37:46 ipsec,debug ===== sending 1204 bytes from mikrotik.lo.cal.ip[4500] to client.pub.lic.ip[64374]
17:37:46 ipsec,debug 1 times of 1208 bytes message will be sent to client.pub.lic.ip[64374]
17:37:46 ipsec,debug ===== sending 868 bytes from mikrotik.lo.cal.ip[4500] to client.pub.lic.ip[64374]
17:37:46 ipsec,debug 1 times of 872 bytes message will be sent to client.pub.lic.ip[64374]
17:37:57 ipsec,debug KA: mikrotik.lo.cal.ip[4500]->client.pub.lic.ip[64374]
17:37:57 ipsec,debug 1 times of 1 bytes message will be sent to client.pub.lic.ip[64374]
17:38:14 route,rpki,debug stats roas 0 roa 0 nodes4 0 nodes6 0
17:38:14 route,debug,calc route/calc/publish
17:38:14 route,rpki,debug wipe stats roas 0 roa 0 nodes4 0 nodes6 0
17:38:16 ipsec child negotiation timeout in state 2
17:38:16 ipsec,info killing ike2 SA: ike2-responder mikrotik.lo.cal.ip[4500]->client.pub.lic.ip[64374] spi:hex:hex
17:38:16 ipsec KA remove: mikrotik.lo.cal.ip[4500]->client.pub.lic.ip[64374]
17:38:16 ipsec,debug KA tree dump: mikrotik.lo.cal.ip[4500]->client.pub.lic.ip[64374] (in_use=1)
17:38:16 ipsec,debug KA removing this one…

EKU contains TLS server and client.
Added DisableIKENameEkuCheck=1 to the registry.

ECP key(?) i dont really know, dont think so.
I adjusted it / added it because the log metionned a mismatch.

I did try a new client on the windows side, default config.

P.S.
I succeeded in getting it back to using a proposal with dh=modp1024
The log shows a different sequence that ends similar (see above posted log).
The difference is:
After payload: EAP, SKF,SKF the following is repeated several times:
17:57:11 ipsec → ike2 request, exchange: AUTH:1 client.pub.lic.ip[64378]

PPS:
I do not have the fake external-IP interface yet!

Got the trick with local IP hiding by dst-nat working too. It doesnt help.
Logging better now, also. Created/edited 2 extensive logs, one without dst-nat, and one with dst-nat.
without dst-nat:

 12:17:39 ipsec -> ike2 request, exchange: SA_INIT:0 vpn.client.public.ip[64619] xxxxxxxxxxxxxxxx:0000000000000000
 12:17:39 ipsec ike2 respond
 12:17:39 ipsec payload seen: SA
 12:17:39 ipsec payload seen: KE
 12:17:39 ipsec payload seen: NONCE
 12:17:39 ipsec payload seen: NOTIFY
 12:17:39 ipsec payload seen: NOTIFY
 12:17:39 ipsec payload seen: NOTIFY
 12:17:39 ipsec payload seen: VID
 12:17:39 ipsec payload seen: VID
 12:17:39 ipsec payload seen: VID
 12:17:39 ipsec payload seen: VID
 12:17:39 ipsec processing payload: SA
 12:17:39 ipsec IKE Protocol: IKE
 12:17:39 ipsec  proposal #1
 12:17:39 ipsec   enc: 3des-cbc
 12:17:39 ipsec   prf: hmac-sha1
 12:17:39 ipsec   auth: sha1
 12:17:39 ipsec   dh: modp1024
 12:17:39 ipsec  proposal #2
 12:17:39 ipsec   enc: aes256-cbc
 12:17:39 ipsec   prf: hmac-sha1
 12:17:39 ipsec   auth: sha1
 12:17:39 ipsec   dh: modp1024
 12:17:39 ipsec  proposal #3
 12:17:39 ipsec   enc: 3des-cbc
 12:17:39 ipsec   prf: hmac-sha256
 12:17:39 ipsec   auth: sha256
 12:17:39 ipsec   dh: modp1024
 12:17:39 ipsec  proposal #4
 12:17:39 ipsec   enc: aes256-cbc
 12:17:39 ipsec   prf: hmac-sha256
 12:17:39 ipsec   auth: sha256
 12:17:39 ipsec   dh: modp1024
 12:17:39 ipsec  proposal #5
 12:17:39 ipsec   enc: 3des-cbc
 12:17:39 ipsec   prf: hmac-sha384
 12:17:39 ipsec   auth: sha384
 12:17:39 ipsec   dh: modp1024
 12:17:39 ipsec  proposal #6
 12:17:39 ipsec   enc: aes256-cbc
 12:17:39 ipsec   prf: hmac-sha384
 12:17:39 ipsec   auth: sha384
 12:17:39 ipsec   dh: modp1024
 12:17:39 ipsec matched proposal:
 12:17:39 ipsec  proposal #4
 12:17:39 ipsec   enc: aes256-cbc
 12:17:39 ipsec   prf: hmac-sha256
 12:17:39 ipsec   auth: sha256
 12:17:39 ipsec   dh: modp1024
 12:17:39 ipsec processing payload: KE
 12:17:39 ipsec ike2 respond finish: request, exchange: SA_INIT:0 vpn.client.public.ip[64619] xxxxxxxxxxxxxxxx:0000000000000000
 12:17:39 ipsec processing payload: NONCE
 12:17:39 ipsec adding payload: SA
 12:17:39 ipsec adding payload: KE
 12:17:39 ipsec adding payload: NONCE
 12:17:39 ipsec adding notify: NAT_DETECTION_SOURCE_IP
 12:17:39 ipsec adding notify: NAT_DETECTION_DESTINATION_IP
 12:17:39 ipsec adding notify: IKEV2_FRAGMENTATION_SUPPORTED
 12:17:39 ipsec adding payload: CERTREQ
 12:17:39 ipsec <- ike2 reply, exchange: SA_INIT:0 vpn.client.public.ip[64619] xxxxxxxxxxxxxxxx:yyyyyyyyyyyyyyyy
 12:17:39 ipsec,info new ike2 SA (R): ike2-responder mikro.tik.local.ip[500]-vpn.client.public.ip[64619] spi:yyyyyyyyyyyyyyyy:xxxxxxxxxxxxxxxx
 12:17:39 ipsec processing payloads: VID
 12:17:39 ipsec peer is MS Windows (ISAKMPOAKLEY 9)
 12:17:39 ipsec processing payloads: NOTIFY
 12:17:39 ipsec   notify: IKEV2_FRAGMENTATION_SUPPORTED
 12:17:39 ipsec   notify: NAT_DETECTION_SOURCE_IP
 12:17:39 ipsec   notify: NAT_DETECTION_DESTINATION_IP
 12:17:39 ipsec (NAT-T) REMOTE
 12:17:39 ipsec KA list add: mikro.tik.local.ip[4500]->vpn.client.public.ip[64619]
 12:17:39 ipsec fragmentation negotiated
 12:17:39 ipsec -> ike2 request, exchange: AUTH:1 vpn.client.public.ip[64620] xxxxxxxxxxxxxxxx:yyyyyyyyyyyyyyyy
 12:17:39 ipsec peer ports changed: 64619 -> 64620
 12:17:39 ipsec KA remove: mikro.tik.local.ip[4500]->vpn.client.public.ip[64619]
 12:17:39 ipsec KA list add: mikro.tik.local.ip[4500]->vpn.client.public.ip[64620]
 12:17:39 ipsec payload seen: SKF
 12:17:39 ipsec processing payload: ENC (not found)
 12:17:39 ipsec processing payload: SKF
 12:17:39 ipsec -> ike2 request, exchange: AUTH:1 vpn.client.public.ip[64620] xxxxxxxxxxxxxxxx:yyyyyyyyyyyyyyyy
 12:17:39 ipsec payload seen: SKF
 12:17:39 ipsec processing payload: ENC (not found)
 12:17:39 ipsec processing payload: SKF
 12:17:39 ipsec -> ike2 request, exchange: AUTH:1 vpn.client.public.ip[64620] xxxxxxxxxxxxxxxx:yyyyyyyyyyyyyyyy
 12:17:39 ipsec payload seen: SKF
 12:17:39 ipsec processing payload: ENC (not found)
 12:17:39 ipsec processing payload: SKF
 12:17:39 ipsec payload seen: ID_I
 12:17:39 ipsec payload seen: CERTREQ
 12:17:39 ipsec payload seen: NOTIFY
 12:17:39 ipsec payload seen: CONFIG
 12:17:39 ipsec payload seen: SA
 12:17:39 ipsec payload seen: TS_I
 12:17:39 ipsec payload seen: TS_R
 12:17:39 ipsec processing payloads: NOTIFY
 12:17:39 ipsec   notify: MOBIKE_SUPPORTED
 12:17:39 ipsec ike auth: respond
 12:17:39 ipsec processing payload: ID_I
 12:17:39 ipsec ID_I (ADDR4): vpn.client.local.ip
 12:17:39 ipsec processing payload: ID_R (not found)
 12:17:39 ipsec processing payload: AUTH (not found)
 12:17:39 ipsec processing payloads: NOTIFY
 12:17:39 ipsec   notify: MOBIKE_SUPPORTED
 12:17:39 ipsec ID_R (DER DN): CN=my.domainname.com
 12:17:39 ipsec adding payload: ID_R
 12:17:39 ipsec adding payload: AUTH
 12:17:39 ipsec Certificate:
 12:17:39 ipsec   serialNr:  <MyLetsEncryptCertificateSerialNumber>
 12:17:39 ipsec   issuer:    <C=US, O=Let\'s Encrypt, CN=R11>
 12:17:39 ipsec   subject:   <CN=my.domainname.com>
 12:17:39 ipsec   notBefore: Wed Feb 12 12:06:47 2025
 12:17:39 ipsec   notAfter:  Tue May 13 12:06:46 2025
 12:17:39 ipsec   selfSigned:0
 12:17:39 ipsec   extensions:
 12:17:39 ipsec     key usage: digital-signature, key-encipherment
 12:17:39 ipsec     extended key usage: tls-server, tls-client
 12:17:39 ipsec     basic constraints: isCa: FALSE
 12:17:39 ipsec     subject key id:  <MySubjectKeyId>
 12:17:39 ipsec     authority key id:<MyAuthorityKeyId>
 12:17:39 ipsec     subject alternative name:
 12:17:39 ipsec       DNS: my.domainname.com
 12:17:39 ipsec   signed with: SHA256+RSA
 12:17:39 ipsec [RSA-PUBLIC]
 12:17:39 ipsec modulus: <long hex>
 12:17:39 ipsec publicExponent: 10001
 12:17:39 ipsec adding payload: CERT
 12:17:39 ipsec adding payload: EAP
 12:17:39 ipsec <- ike2 reply, exchange: AUTH:1 vpn.client.public.ip[64620] xxxxxxxxxxxxxxxx:yyyyyyyyyyyyyyyy
 12:17:39 ipsec fragmenting into 2 chunks
 12:17:39 ipsec adding payload: SKF
 12:17:39 ipsec adding payload: SKF
 12:18:09 ipsec child negotiation timeout in state 2
 12:18:09 ipsec,info killing ike2 SA: ike2-responder mikro.tik.local.ip[4500]-vpn.client.public.ip[64620] spi:yyyyyyyyyyyyyyyy:xxxxxxxxxxxxxxxx
 12:18:09 ipsec KA remove: mikro.tik.local.ip[4500]->vpn.client.public.ip[64620]