Hi,
i have a problem with VPN connection I’m trying to set up. The complication is that mikrotik router is behind ADSL router (ZyXEL).
So I set up DMZ for Mikrotik on ZyXEL router. Mikrotik router has 10.0.0.50 static IP and its providing network 10.0.1.0/28 which I’m trying to connect to remote network

I have successfully established phase1 connection:

But can’t go through phase2:

Router config:

jul/23/2019 15:31:30 by RouterOS 6.44.3

software id = PNK7-8NB6

model = 2011iLS

serial number = 7DD20A95F8DA

/interface bridge
add admin-mac=74:4D:28:2F:97:79 auto-mac=no comment=defconf name=bridge
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip ipsec profile
add dh-group=modp2048 dpd-interval=1m40s enc-algorithm=aes-256
hash-algorithm=sha256 lifetime=24m name=TFS_profile nat-traversal=no
/ip ipsec peer
add address=52.57.130.45/32 name=TFS_preProd_peer profile=TFS_profile
/ip ipsec proposal
set [ find default=yes ] disabled=yes
add auth-algorithms=sha256 enc-algorithms=aes-256-cbc lifetime=24m name=
TFS_proposal pfs-group=modp2048
/ip pool
add name=default-dhcp ranges=10.0.1.1-10.0.1.100
add name=dhcp ranges=10.0.1.0/28
/ip dhcp-server
add address-pool=default-dhcp interface=bridge name=defconf
add address-pool=dhcp disabled=no interface=bridge name=dhcp1
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge comment=defconf interface=ether6
add bridge=bridge comment=defconf interface=ether7
add bridge=bridge comment=defconf interface=ether8
add bridge=bridge comment=defconf interface=ether9
add bridge=bridge comment=defconf interface=ether10
add bridge=bridge comment=defconf interface=sfp1
add bridge=bridge disabled=yes interface=ether1
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface detect-internet
set detect-interface-list=all
/interface list member
add comment=defconf interface=ether1 list=WAN
add interface=ether2 list=LAN
add interface=ether3 list=LAN
add interface=ether4 list=LAN
add interface=ether5 list=LAN
add interface=ether6 list=LAN
add interface=ether7 list=LAN
add interface=ether8 list=LAN
add interface=ether9 list=LAN
add interface=ether10 list=LAN
add interface=sfp1 list=LAN
add interface=bridge list=LAN
/ip address
add address=10.0.1.1/28 interface=ether2 network=10.0.1.0
add address=10.0.0.50/8 interface=ether1 network=10.0.0.0
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid interface=ether1
/ip dhcp-server network
add address=10.0.0.0/8 comment=defconf gateway=10.0.0.50 netmask=8
add address=10.0.1.0/28 gateway=10.0.1.1 netmask=28
/ip dns
set allow-remote-requests=yes servers=10.0.0.141
/ip dns static
add address=10.0.1.1 name=router.lan
/ip firewall filter
add action=accept chain=input protocol=ipsec-ah
add action=accept chain=input protocol=ipsec-esp
add action=accept chain=input port=500 protocol=udp
add action=accept chain=input port=4500 protocol=udp
add action=accept chain=input comment=
“defconf: accept established,related,untracked” connection-state=
established,related,untracked
add action=drop chain=input comment=“defconf: drop invalid” connection-state=
invalid disabled=yes
add action=accept chain=input comment=“defconf: accept ICMP” protocol=icmp
add action=accept chain=forward comment=“defconf: accept in ipsec policy”
ipsec-policy=in,ipsec
add action=accept chain=forward comment=“defconf: accept out ipsec policy”
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment=“defconf: fasttrack”
connection-state=established,related
add action=accept chain=forward comment=
“defconf: accept established,related, untracked” connection-state=
established,related,untracked
add action=drop chain=forward comment=“defconf: drop invalid”
connection-limit=!10,32 connection-state=invalid disabled=yes
add action=drop chain=forward comment=
“defconf: drop all from WAN not DSTNATed” connection-nat-state=!dstnat
connection-state=new disabled=yes in-interface-list=WAN
/ip firewall mangle
add action=log chain=prerouting disabled=yes log-prefix=AAAA src-address=
52.57.130.45
add action=log chain=prerouting disabled=yes log=yes log-prefix=AA protocol=
ipsec-esp
add action=log chain=prerouting disabled=yes log=yes log-prefix=__ protocol=
udp src-port=500,4500
/ip firewall nat
add action=accept chain=srcnat dst-address=10.123.113.29 src-address=
10.0.1.0/28
add action=masquerade chain=srcnat comment=“defconf: masquerade”
ipsec-policy=out,none out-interface-list=WAN
/ip ipsec identity
add peer=TFS_preProd_peer secret=**********
/ip ipsec policy
add dst-address=10.123.113.29/32 proposal=TFS_proposal sa-dst-address=
52.57.130.45 sa-src-address=46.13.73.241 src-address=10.0.0.50/32
src-port=500 tunnel=yes
set 1 disabled=yes
/ip route
add distance=1 gateway=10.0.0.138
add disabled=yes distance=1 dst-address=46.13.73.241/32 gateway=10.123.113.29
add disabled=yes distance=1 dst-address=52.57.130.45/32 gateway=ether1
/system clock
set time-zone-name=Europe/Prague
/system logging
add topics=ipsec
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN

From mikrotik log:

15:34:11 ipsec,debug compute IV for phase2
15:34:11 ipsec,debug phase1 last IV:
15:34:11 ipsec,debug fed4e9a8 e800f30c f149a8a4 0395444b c1e99bcc
15:34:11 ipsec,debug hash(sha2_256)
15:34:11 ipsec,debug encryption(aes)
15:34:11 ipsec,debug phase2 IV computed:
15:34:11 ipsec,debug 94124878 5f8beb88 cde2b431 c7393bc7
15:34:11 ipsec,debug HASH with:
15:34:11 ipsec,debug c1e99bcc 0000001c 00000001 01100001 ccac3fa1 61594452 8dd011f
4 ce327007
15:34:11 ipsec,debug hmac(hmac_sha2_256)
15:34:11 ipsec,debug HASH computed:
15:34:11 ipsec,debug fa03505f 240e5255 ee11181d 3dfd105f 9c58563c a892844d 9deaf50
d 7b9cc54c
15:34:11 ipsec,debug begin encryption.
15:34:11 ipsec,debug encryption(aes)
15:34:11 ipsec,debug pad length = 16
15:34:11 ipsec,debug 0c000024 fa03505f 240e5255 ee11181d 3dfd105f 9c58563c a892844
d 9deaf50d
15:34:11 ipsec,debug 7b9cc54c 0000001c 00000001 01100001 ccac3fa1 61594452 8dd011f
4 ce327007
15:34:11 ipsec,debug 2107367b 7af1e393 ba25a6fa c2b1990f
15:34:11 ipsec,debug encryption(aes)
15:34:11 ipsec,debug with key:
15:34:11 ipsec,debug f9f0bb68 08ab893e 698c1bf5 e10f03f0 4c858f1d 3b53da60 1084a9b
3 bb4619f7
15:34:11 ipsec,debug encrypted payload by IV:
15:34:11 ipsec,debug 94124878 5f8beb88 cde2b431 c7393bc7
15:34:11 ipsec,debug save IV for next:
15:34:11 ipsec,debug 9472e9da e905c828 64032370 87e7b936
15:34:11 ipsec,debug encrypted.
15:34:11 ipsec,debug 108 bytes from 10.0.0.50[500] to 52.57.130.45[500]
15:34:11 ipsec,debug 1 times of 108 bytes message will be sent to 52.57.130.45[500
]
15:34:11 ipsec,debug,packet ccac3fa1 61594452 8dd011f4 ce327007 08100501 c1e99bcc
0000006c dbf69ee5
15:34:11 ipsec,debug,packet 9edfc7b0 cc2ed2b3 7a96259c f29f36e3 5e81ddb9 e7bad3fc
52235b34 ddd67797
15:34:11 ipsec,debug,packet fee31214 9b6ac1c4 82143780 8c2b5c45 1beefbb1 ac5c65cb
6b55c156 9472e9da
15:34:11 ipsec,debug,packet e905c828 64032370 87e7b936
15:34:11 ipsec,debug sendto Information delete.
15:34:11 ipsec,info ISAKMP-SA deleted 10.0.0.50[500]-52.57.130.45[500] spi:ccac3fa
161594452:8dd011f4ce327007 rekey:1
15:34:11 ipsec,debug an undead schedule has been deleted.
15:34:11 system,info ipsec peer TFS_preProd_peer changed by admin
15:34:11 ipsec,debug ===
15:34:11 ipsec,info initiate new phase 1 (Identity Protection): 10.0.0.50[500]<=>5
2.57.130.45[500]
15:34:11 ipsec,debug new cookie:
15:34:11 ipsec,debug 2ba46988e906ed5c
15:34:11 ipsec,debug add payload of len 52, next type 13
15:34:11 ipsec,debug add payload of len 16, next type 13
15:34:11 ipsec,debug add payload of len 16, next type 0
15:34:11 ipsec,debug 124 bytes from 10.0.0.50[500] to 52.57.130.45[500]
15:34:11 ipsec,debug 1 times of 124 bytes message will be sent to 52.57.130.45[500
]
15:34:11 ipsec,debug,packet 2ba46988 e906ed5c 00000000 00000000 01100200 00000000
0000007c 0d000038
15:34:11 ipsec,debug,packet 00000001 00000001 0000002c 01010001 00000024 01010000
800b0001 800c05a0
15:34:11 ipsec,debug,packet 80010007 800e0100 80030001 80020004 8004000e 0d000014
12f5f28c 457168a9
15:34:11 ipsec,debug,packet 702d9fe2 74cc0100 00000014 afcad713 68a1f1c9 6b8696fc
77570100
15:34:11 ipsec sent phase1 packet 10.0.0.50[500]<=>52.57.130.45[500] 2ba46988e906e
d5c:0000000000000000
15:34:11 ipsec,debug ===== received 144 bytes from 52.57.130.45[500] to 10.0.0.50[
500]
15:34:11 ipsec,debug,packet 2ba46988 e906ed5c a40ab059 364d34ee 01100200 00000000
00000090 0d000038
15:34:11 ipsec,debug,packet 00000001 00000001 0000002c 01010001 00000024 01010000
800b0001 800c05a0
15:34:11 ipsec,debug,packet 80010007 800e0100 80030001 80020004 8004000e 0d000014
12f5f28c 457168a9
15:34:11 ipsec,debug,packet 702d9fe2 74cc0100 0d000014 afcad713 68a1f1c9 6b8696fc
77570100 00000014
15:34:11 ipsec,debug,packet a9b9b103 4f7e50a2 513b47b1 00bb85a9
15:34:11 ipsec,debug begin.
15:34:11 ipsec,debug seen nptype=1(sa) len=56
15:34:11 ipsec,debug seen nptype=13(vid) len=20
15:34:11 ipsec,debug seen nptype=13(vid) len=20
15:34:11 ipsec,debug seen nptype=13(vid) len=20
15:34:11 ipsec,debug succeed.
15:34:11 ipsec received Vendor ID: CISCO-UNITY
15:34:11 ipsec received Vendor ID: DPD
15:34:11 ipsec,debug remote supports DPD
15:34:11 ipsec,debug received unknown Vendor ID
15:34:11 ipsec,debug a9b9b103 4f7e50a2 513b47b1 00bb85a9
15:34:11 ipsec,debug total SA len=52
15:34:11 ipsec,debug 00000001 00000001 0000002c 01010001 00000024 01010000 800b000
1 800c05a0
15:34:11 ipsec,debug 80010007 800e0100 80030001 80020004 8004000e
15:34:11 ipsec,debug begin.
15:34:11 ipsec,debug seen nptype=2(prop) len=44
15:34:11 ipsec,debug succeed.
15:34:11 ipsec,debug proposal #1 len=44
15:34:11 ipsec,debug begin.
15:34:11 ipsec,debug seen nptype=3(trns) len=36
15:34:11 ipsec,debug succeed.
15:34:11 ipsec,debug transform #1 len=36
15:34:11 ipsec,debug type=Life Type, flag=0x8000, lorv=seconds
15:34:11 ipsec,debug type=Life Duration, flag=0x8000, lorv=1440
15:34:11 ipsec,debug type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
15:34:11 ipsec,debug encryption(aes)
15:34:11 ipsec,debug type=Key Length, flag=0x8000, lorv=256
15:34:11 ipsec,debug type=Authentication Method, flag=0x8000, lorv=pre-shared key
15:34:11 ipsec,debug type=Hash Algorithm, flag=0x8000, lorv=4
15:34:11 ipsec,debug hash(sha2_256)
15:34:11 ipsec,debug type=Group Description, flag=0x8000, lorv=2048-bit MODP group

15:34:11 ipsec,debug dh(modp2048)
15:34:11 ipsec,debug pair 1:
15:34:11 ipsec,debug 0x491410: next=(nil) tnext=(nil)
15:34:11 ipsec,debug proposal #1: 1 transform
15:34:11 ipsec,debug -checking with pre-shared key auth-
15:34:11 ipsec,debug prop#=1, prot-id=ISAKMP, spi-size=0, #trns=1
15:34:11 ipsec,debug trns#=1, trns-id=IKE
15:34:11 ipsec,debug type=Life Type, flag=0x8000, lorv=seconds
15:34:11 ipsec,debug type=Life Duration, flag=0x8000, lorv=1440
15:34:11 ipsec,debug type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC
15:34:11 ipsec,debug type=Key Length, flag=0x8000, lorv=256
15:34:11 ipsec,debug type=Authentication Method, flag=0x8000, lorv=pre-shared key
15:34:11 ipsec,debug type=Hash Algorithm, flag=0x8000, lorv=4
15:34:11 ipsec,debug type=Group Description, flag=0x8000, lorv=2048-bit MODP group

15:34:11 ipsec,debug -compare proposal #1: Local:Peer
15:34:11 ipsec,debug (lifetime = 1440:1440)
15:34:11 ipsec,debug (lifebyte = 0:0)
15:34:11 ipsec,debug enctype = AES-CBC:AES-CBC
15:34:11 ipsec,debug (encklen = 256:256)
15:34:11 ipsec,debug hashtype = 4:4
15:34:11 ipsec,debug authmethod = pre-shared key:pre-shared key
15:34:11 ipsec,debug dh_group = 2048-bit MODP group:2048-bit MODP group
15:34:11 ipsec,debug -an acceptable proposal found-
15:34:11 ipsec,debug dh(modp2048)
15:34:11 ipsec,debug -agreed on pre-shared key auth-
15:34:11 ipsec,debug ===
15:34:11 ipsec,debug dh(modp2048)
15:34:12 ipsec,debug compute DH’s private.
15:34:12 ipsec,debug 5deab771 5ded8327 8fe71812 9e5541ff 10a4637b 48492c15 816d043
7 cd0562fc
15:34:12 ipsec,debug 2d902eac 2120153e b6489e5f 6b14d714 f5e3f4b1 166f46f0 4aca20d
4 90b3e201
15:34:12 ipsec,debug a387e5e3 54e43323 c60c9f9f 30305f6c 33b9a01b 35b68d5c 2d7162e
4 10731c7b
15:34:12 ipsec,debug 4aff98c0 44e99652 e251a264 864aa285 47cac067 adeafce2 40e2203
a ee536db2
15:34:12 ipsec,debug d1dc41a9 193f1828 045e65f8 620a77bb 2620f00e e2416438 a249d93
1 33b596f7
15:34:12 ipsec,debug 2aa43285 4d678297 c9a89abe 8f9a5586 6a54e5d0 6eab09bd df4d801
b fd967c78
15:34:12 ipsec,debug a9545a7a 24789cfa bece82a4 71f11097 463ca316 efc7d897 62c105e
e 9c82ba09
15:34:12 ipsec,debug bed26ee0 3046b3a3 a6143a74 cc8aeba8 fa6f73cf d00c537d cf6a3a1
8 d6e1f2cd
15:34:12 ipsec,debug compute DH’s public.
15:34:12 ipsec,debug 24d945e8 ed137b46 08f3b3a6 9ef73bf3 ee05679e d73e730c 4d68860
6 08b658ea
15:34:12 ipsec,debug c469dbae 7ce22f75 034b4c5b b6650667 5f048581 c1373a61 72904cd
c 135911c7
15:34:12 ipsec,debug 6a89ce8d fdab9eaf a6a4067a 2c14ba96 d4efe527 f9adf5f6 2e05b94
3 64005c03
15:34:12 ipsec,debug 3577f8f2 f6626bb2 31edeff2 1eb24961 49956074 32ec0cfa fb18ea6
d 4b547e87
15:34:12 ipsec,debug 1833c08d bd07970c 6c03ebe2 51c74fb2 2430344a 6a15964a 5b026bb
f ff3706d1
15:34:12 ipsec,debug 06fa0319 b75efc81 4441158a 7d9e640e 12cf90f0 987b513e 8804504
5 7889bcb4
15:34:12 ipsec,debug 71e8c1a7 af759e2f f8b4ad6b 50b0b0ba f26d5462 90a950f4 cd9ced5
e d6968020
15:34:12 ipsec,debug 2ddabfad b389b38c d201e55f e8885f14 25a277e1 5b00ab21 6c41d8d
4 6d2f1d5b
15:34:12 ipsec,debug add payload of len 256, next type 10
15:34:12 ipsec,debug add payload of len 24, next type 0
15:34:12 ipsec,debug 316 bytes from 10.0.0.50[500] to 52.57.130.45[500]
15:34:12 ipsec,debug 1 times of 316 bytes message will be sent to 52.57.130.45[500
]
15:34:12 ipsec,debug,packet 2ba46988 e906ed5c a40ab059 364d34ee 04100200 00000000
0000013c 0a000104
15:34:12 ipsec,debug,packet 24d945e8 ed137b46 08f3b3a6 9ef73bf3 ee05679e d73e730c
4d688606 08b658ea
15:34:12 ipsec,debug,packet c469dbae 7ce22f75 034b4c5b b6650667 5f048581 c1373a61
72904cdc 135911c7
15:34:12 ipsec,debug,packet 6a89ce8d fdab9eaf a6a4067a 2c14ba96 d4efe527 f9adf5f6
2e05b943 64005c03
15:34:12 ipsec,debug,packet 3577f8f2 f6626bb2 31edeff2 1eb24961 49956074 32ec0cfa
fb18ea6d 4b547e87
15:34:12 ipsec,debug,packet 1833c08d bd07970c 6c03ebe2 51c74fb2 2430344a 6a15964a
5b026bbf ff3706d1
15:34:12 ipsec,debug,packet 06fa0319 b75efc81 4441158a 7d9e640e 12cf90f0 987b513e
88045045 7889bcb4
15:34:12 ipsec,debug,packet 71e8c1a7 af759e2f f8b4ad6b 50b0b0ba f26d5462 90a950f4
cd9ced5e d6968020
15:34:12 ipsec,debug,packet 2ddabfad b389b38c d201e55f e8885f14 25a277e1 5b00ab21
6c41d8d4 6d2f1d5b
15:34:12 ipsec,debug,packet 0000001c 915ebfbe 20f17dd5 8fa2a5a9 5d813027 a890e6d0
a2d1a43a
15:34:12 ipsec sent phase1 packet 10.0.0.50[500]<=>52.57.130.45[500] 2ba46988e906e
d5c:a40ab059364d34ee
15:34:12 ipsec,debug ===== received 308 bytes from 52.57.130.45[500] to 10.0.0.50[
500]
15:34:12 ipsec,debug,packet 2ba46988 e906ed5c a40ab059 364d34ee 04100200 00000000
00000134 0a000104
15:34:12 ipsec,debug,packet 61f9a2ed 610edc48 beee0233 11129686 b3a036ca 1725d29d
feaf54e5 5e582972
15:34:12 ipsec,debug,packet 7243abc7 54a8dc4f bc837d65 e1ca7b4c b8373f0f 4a781b89
28ebb8d9 97d8d6ce
15:34:12 ipsec,debug,packet 08660a8b 55424303 e3c7e28f ea885158 10f3b4fa cfef9c92
958a8db7 eb094712
15:34:12 ipsec,debug,packet 40ab9dcb 5ca62b8f adf4a830 33d904d6 3b079b96 bb58ecca
a0d89f67 b680a0fb
15:34:12 ipsec,debug,packet 2590c022 435d483b 66800136 9d72e00d 5ca4bd6c 6b779e1a
48e792bc 6a90d8a7
15:34:12 ipsec,debug,packet 4e54b0d0 4460b80f 95f6701a 6346a33f 98aa5bbe 998a67a3
a9f74789 84895249
15:34:12 ipsec,debug,packet d91bb7bc f78efd8c 75866404 4b5478ee abda35d3 082aa642
c5d9bfd5 91934008
15:34:12 ipsec,debug,packet 191a61cb ee979d46 fb5593d4 5b864090 42fcd469 c24dade8
14a5cb71 7b6518b2
15:34:12 ipsec,debug,packet 00000014 793414ad 7daa6374 12db2258 5953e72f
15:34:12 ipsec,debug begin.
15:34:12 ipsec,debug seen nptype=4(ke) len=260
15:34:12 ipsec,debug seen nptype=10(nonce) len=20
15:34:12 ipsec,debug succeed.
15:34:12 ipsec,debug ===
15:34:12 ipsec,debug dh(modp2048)
15:34:12 ipsec,debug compute DH’s shared.
15:34:12 ipsec,debug
15:34:12 ipsec,debug ac4b13e3 cfe6e1db 3f9b1d69 0e5a516d adeb1414 18471ef5 9733175
2 eded8337
15:34:12 ipsec,debug 07b10c18 fc9185e2 cb47b442 1776382e 6fda9d12 dcc96419 2b09373
2 0e061122
15:34:12 ipsec,debug 5aed1cc4 481609b1 67783b28 4d0441a3 ddbddda6 5fd814b1 13e94a5
d 52c5a638
15:34:12 ipsec,debug 9383df48 e557e461 c6cd3353 a0a3d124 1281c97c a7b63a04 7f8bb72
4 b701ffdf
15:34:12 ipsec,debug c5406baf 3cbec4b0 0bb93370 441e7561 37d6db66 cbcf3c50 ce25abc
e 115d8299
15:34:12 ipsec,debug b7ea72c1 641f9aee c2e5745d 2ceaeb41 edeb1ebb 9efd7af2 f22d879
f 69fdddc4
15:34:12 ipsec,debug dd1bbebf 74f5aec5 469dbc72 be000ca0 694173dd 5348a466 a4bedd6
1 0a37a0db
15:34:12 ipsec,debug 5df82937 8a025d08 ace4514b 853ded06 9553022b a562fd6c 9cba503
1 587ff0ca
15:34:12 ipsec,debug nonce 1:
15:34:12 ipsec,debug 915ebfbe 20f17dd5 8fa2a5a9 5d813027 a890e6d0 a2d1a43a
15:34:12 ipsec,debug nonce 2:
15:34:12 ipsec,debug 793414ad 7daa6374 12db2258 5953e72f
15:34:12 ipsec,debug hmac(hmac_sha2_256)
15:34:12 ipsec,debug SKEYID computed:
15:34:12 ipsec,debug 92705e5a b2de7d09 72b9ec70 1888b0fa e5b0b2c3 a7273d17 73165d6
5 2be1ebe3
15:34:12 ipsec,debug hmac(hmac_sha2_256)
15:34:12 ipsec,debug SKEYID_d computed:
15:34:12 ipsec,debug 2da874b6 ff1ad69a 5297e72d 6b5eac3b f156cd87 a1933251 c0c65c7
1 39d222f8
15:34:12 ipsec,debug hmac(hmac_sha2_256)
15:34:12 ipsec,debug SKEYID_a computed:
15:34:12 ipsec,debug 4feb20cf ebb45ede b220c052 9f6a15fb e8920000 d9062ab1 a92a531
1 f78b56e0
15:34:12 ipsec,debug hmac(hmac_sha2_256)
15:34:12 ipsec,debug SKEYID_e computed:
15:34:12 ipsec,debug e321b001 3872d078 aca238b6 9fd69c5e 88d52a3e 70259d49 1be32a6
6 3159739a
15:34:12 ipsec,debug encryption(aes)
15:34:12 ipsec,debug hash(sha2_256)
15:34:12 ipsec,debug final encryption key computed:
15:34:12 ipsec,debug e321b001 3872d078 aca238b6 9fd69c5e 88d52a3e 70259d49 1be32a6
6 3159739a
15:34:12 ipsec,debug hash(sha2_256)
15:34:12 ipsec,debug encryption(aes)
15:34:12 ipsec,debug IV computed:
15:34:12 ipsec,debug e07dfc5d a081f94a 5d41a84a b3727382
15:34:12 ipsec,debug use ID type of IPv4_address
15:34:12 ipsec,debug HASH with:
15:34:12 ipsec,debug 24d945e8 ed137b46 08f3b3a6 9ef73bf3 ee05679e d73e730c 4d68860
6 08b658ea
15:34:12 ipsec,debug c469dbae 7ce22f75 034b4c5b b6650667 5f048581 c1373a61 72904cd
c 135911c7
15:34:12 ipsec,debug 6a89ce8d fdab9eaf a6a4067a 2c14ba96 d4efe527 f9adf5f6 2e05b94
3 64005c03
15:34:12 ipsec,debug 3577f8f2 f6626bb2 31edeff2 1eb24961 49956074 32ec0cfa fb18ea6
d 4b547e87
15:34:12 ipsec,debug 1833c08d bd07970c 6c03ebe2 51c74fb2 2430344a 6a15964a 5b026bb
f ff3706d1
15:34:12 ipsec,debug 06fa0319 b75efc81 4441158a 7d9e640e 12cf90f0 987b513e 8804504
5 7889bcb4
15:34:12 ipsec,debug 71e8c1a7 af759e2f f8b4ad6b 50b0b0ba f26d5462 90a950f4 cd9ced5
e d6968020
15:34:12 ipsec,debug 2ddabfad b389b38c d201e55f e8885f14 25a277e1 5b00ab21 6c41d8d
4 6d2f1d5b
15:34:12 ipsec,debug 61f9a2ed 610edc48 beee0233 11129686 b3a036ca 1725d29d feaf54e
5 5e582972
15:34:12 ipsec,debug 7243abc7 54a8dc4f bc837d65 e1ca7b4c b8373f0f 4a781b89 28ebb8d
9 97d8d6ce
15:34:12 ipsec,debug 08660a8b 55424303 e3c7e28f ea885158 10f3b4fa cfef9c92 958a8db
7 eb094712
15:34:12 ipsec,debug 40ab9dcb 5ca62b8f adf4a830 33d904d6 3b079b96 bb58ecca a0d89f6
7 b680a0fb
15:34:12 ipsec,debug 2590c022 435d483b 66800136 9d72e00d 5ca4bd6c 6b779e1a 48e792b
c 6a90d8a7
15:34:12 ipsec,debug 4e54b0d0 4460b80f 95f6701a 6346a33f 98aa5bbe 998a67a3 a9f7478
9 84895249
15:34:12 ipsec,debug d91bb7bc f78efd8c 75866404 4b5478ee abda35d3 082aa642 c5d9bfd
5 91934008
15:34:12 ipsec,debug 191a61cb ee979d46 fb5593d4 5b864090 42fcd469 c24dade8 14a5cb7
1 7b6518b2
15:34:12 ipsec,debug 2ba46988 e906ed5c a40ab059 364d34ee 00000001 00000001 0000002
c 01010001
15:34:12 ipsec,debug 00000024 01010000 800b0001 800c05a0 80010007 800e0100 8003000
1 80020004
15:34:12 ipsec,debug 8004000e 011101f4 0a000032
15:34:12 ipsec,debug hmac(hmac_sha2_256)
15:34:12 ipsec,debug HASH computed:
15:34:12 ipsec,debug 499ad36d 40fd0b02 5bbe1674 8280e61d 808530e6 86017486 ae9d20b
b 8a6d4106
15:34:12 ipsec,debug add payload of len 8, next type 8
15:34:12 ipsec,debug add payload of len 32, next type 0
15:34:12 ipsec,debug begin encryption.
15:34:12 ipsec,debug encryption(aes)
15:34:12 ipsec,debug pad length = 16
15:34:12 ipsec,debug 0800000c 011101f4 0a000032 00000024 499ad36d 40fd0b02 5bbe167
4 8280e61d
15:34:12 ipsec,debug 808530e6 86017486 ae9d20bb 8a6d4106 e5d6f76e 563e87d0 43e1231
3 e612f30f
15:34:12 ipsec,debug encryption(aes)
15:34:12 ipsec,debug with key:
15:34:12 ipsec,debug e321b001 3872d078 aca238b6 9fd69c5e 88d52a3e 70259d49 1be32a6
6 3159739a
15:34:12 ipsec,debug encrypted payload by IV:
15:34:12 ipsec,debug e07dfc5d a081f94a 5d41a84a b3727382
15:34:12 ipsec,debug save IV for next:
15:34:12 ipsec,debug 8ccfb8ef 0df4e709 d9a6a915 5286c07f
15:34:12 ipsec,debug encrypted.
15:34:12 ipsec,debug 92 bytes from 10.0.0.50[500] to 52.57.130.45[500]
15:34:12 ipsec,debug 1 times of 92 bytes message will be sent to 52.57.130.45[500]

15:34:12 ipsec,debug,packet 2ba46988 e906ed5c a40ab059 364d34ee 05100201 00000000
0000005c 41fed14c
15:34:12 ipsec,debug,packet d6443102 fe7d7471 8c7e9fc1 d69c78df 545bdb92 f4e6893c
f358af4d 4e067f67
15:34:12 ipsec,debug,packet ebb632b1 9e9e1a13 7e766c76 8ccfb8ef 0df4e709 d9a6a915
5286c07f
15:34:12 ipsec sent phase1 packet 10.0.0.50[500]<=>52.57.130.45[500] 2ba46988e906e
d5c:a40ab059364d34ee
15:34:12 ipsec,debug ===== received 92 bytes from 52.57.130.45[500] to 10.0.0.50[5
00]
15:34:12 ipsec,debug,packet 2ba46988 e906ed5c a40ab059 364d34ee 05100201 00000000
0000005c d1e7de03
15:34:12 ipsec,debug,packet ec050d7c 6b44dd2b c261c8bd 5206f0ae abe22638 abcb8e8d
f1769a8c 2e78d647
15:34:12 ipsec,debug,packet 2ed838fe a6fde611 f6cfc09e 64a67a8f 8f9f1933 917ada42
003be903
15:34:12 ipsec,debug encryption(aes)
15:34:12 ipsec,debug IV was saved for next processing:
15:34:12 ipsec,debug 64a67a8f 8f9f1933 917ada42 003be903
15:34:12 ipsec,debug encryption(aes)
15:34:12 ipsec,debug with key:
15:34:12 ipsec,debug e321b001 3872d078 aca238b6 9fd69c5e 88d52a3e 70259d49 1be32a6
6 3159739a
15:34:12 ipsec,debug decrypted payload by IV:
15:34:12 ipsec,debug 8ccfb8ef 0df4e709 d9a6a915 5286c07f
15:34:12 ipsec,debug decrypted payload, but not trimed.
15:34:12 ipsec,debug 0800000c 01000000 3439822d 00000024 356dd398 bed074fe d7e4701
c 428a0d1d
15:34:12 ipsec,debug e0979cc3 746bba82 5e17f1ab c85f53ef 8df6bcdf 96aede10 2909fb5
5 a51cc710
15:34:12 ipsec,debug padding len=17
15:34:12 ipsec,debug skip to trim padding.
15:34:12 ipsec,debug decrypted.
15:34:12 ipsec,debug 2ba46988 e906ed5c a40ab059 364d34ee 05100201 00000000 0000005
c 0800000c
15:34:12 ipsec,debug 01000000 3439822d 00000024 356dd398 bed074fe d7e4701c 428a0d1
d e0979cc3
15:34:12 ipsec,debug 746bba82 5e17f1ab c85f53ef 8df6bcdf 96aede10 2909fb55 a51cc71
0
15:34:12 ipsec,debug begin.
15:34:12 ipsec,debug seen nptype=5(id) len=12
15:34:12 ipsec,debug seen nptype=8(hash) len=36
15:34:12 ipsec,debug succeed.
15:34:12 ipsec,debug HASH received:
15:34:12 ipsec,debug 356dd398 bed074fe d7e4701c 428a0d1d e0979cc3 746bba82 5e17f1a
b c85f53ef
15:34:12 ipsec,debug HASH with:
15:34:12 ipsec,debug 61f9a2ed 610edc48 beee0233 11129686 b3a036ca 1725d29d feaf54e
5 5e582972
15:34:12 ipsec,debug 7243abc7 54a8dc4f bc837d65 e1ca7b4c b8373f0f 4a781b89 28ebb8d
9 97d8d6ce
15:34:12 ipsec,debug 08660a8b 55424303 e3c7e28f ea885158 10f3b4fa cfef9c92 958a8db
7 eb094712
15:34:12 ipsec,debug 40ab9dcb 5ca62b8f adf4a830 33d904d6 3b079b96 bb58ecca a0d89f6
7 b680a0fb
15:34:12 ipsec,debug 2590c022 435d483b 66800136 9d72e00d 5ca4bd6c 6b779e1a 48e792b
c 6a90d8a7
15:34:12 ipsec,debug 4e54b0d0 4460b80f 95f6701a 6346a33f 98aa5bbe 998a67a3 a9f7478
9 84895249
15:34:12 ipsec,debug d91bb7bc f78efd8c 75866404 4b5478ee abda35d3 082aa642 c5d9bfd
5 91934008
15:34:12 ipsec,debug 191a61cb ee979d46 fb5593d4 5b864090 42fcd469 c24dade8 14a5cb7
1 7b6518b2
15:34:12 ipsec,debug 24d945e8 ed137b46 08f3b3a6 9ef73bf3 ee05679e d73e730c 4d68860
6 08b658ea
15:34:12 ipsec,debug c469dbae 7ce22f75 034b4c5b b6650667 5f048581 c1373a61 72904cd
c 135911c7
15:34:12 ipsec,debug 6a89ce8d fdab9eaf a6a4067a 2c14ba96 d4efe527 f9adf5f6 2e05b94
3 64005c03
15:34:12 ipsec,debug 3577f8f2 f6626bb2 31edeff2 1eb24961 49956074 32ec0cfa fb18ea6
d 4b547e87
15:34:12 ipsec,debug 1833c08d bd07970c 6c03ebe2 51c74fb2 2430344a 6a15964a 5b026bb
f ff3706d1
15:34:12 ipsec,debug 06fa0319 b75efc81 4441158a 7d9e640e 12cf90f0 987b513e 8804504
5 7889bcb4
15:34:12 ipsec,debug 71e8c1a7 af759e2f f8b4ad6b 50b0b0ba f26d5462 90a950f4 cd9ced5
e d6968020
15:34:12 ipsec,debug 2ddabfad b389b38c d201e55f e8885f14 25a277e1 5b00ab21 6c41d8d
4 6d2f1d5b
15:34:12 ipsec,debug a40ab059 364d34ee 2ba46988 e906ed5c 00000001 00000001 0000002
c 01010001
15:34:12 ipsec,debug 00000024 01010000 800b0001 800c05a0 80010007 800e0100 8003000
1 80020004
15:34:12 ipsec,debug 8004000e 01000000 3439822d
15:34:12 ipsec,debug hmac(hmac_sha2_256)
15:34:12 ipsec,debug HASH computed:
15:34:12 ipsec,debug 356dd398 bed074fe d7e4701c 428a0d1d e0979cc3 746bba82 5e17f1a
b c85f53ef
15:34:12 ipsec,debug HASH for PSK validated.
15:34:12 ipsec,debug 52.57.130.45 peer’s ID:
15:34:12 ipsec,debug 01000000 3439822d
15:34:12 ipsec,debug ===
15:34:12 ipsec,info ISAKMP-SA established 10.0.0.50[500]-52.57.130.45[500] spi:2ba
46988e906ed5c:a40ab059364d34ee
15:34:12 ipsec,debug ===
15:34:42 system,info,account user admin logged in via local

Can anyone help please?

Thanks!

Your only /ip ipsec profile used by your only /ip ipsec peer says nat-traversal=no whereas the sa-src-address of the /ip ipsec policy is a private one, that’s one point.
Another point for later on is the src-port=500 in the policy - do you have any particular reason to only use the policy to transport only packets from local ports (TCP and UDP) 500? Or is it a misunderstanding of the role of this parameter?

Hi Sindy,
first of all thank you for reply. I’m very “network beginner” and those things are misunderstanding.
I checked “NAT Traversal” in IPsec Profile and remove the 500 port from Policy

Sadly it’s the same and i cant see any changes.

Thanks!

You seem to be another victim of my not enough sleep yesterday, I wonder who else is

Probably due to that I have noticed the existence of NAT at your end (as it pops up at maybe 10 places in the OP) but not the other related misconfiguration of the policy - the sa-src-address must be locally meaningful for the Mikrotik, so either use 0.0.0.0 to let it choose (like it does in case of the local address of the peer), or use 10.0.0.50 if you have reserved a fixed lease for the Tik on the Zyxel. The Tik cannot even attempt to establish a policy which requires an sa-src-address which is not available on the Tik (which may be a dynamic state, that’s why it does not complain otherwise).

If still no joy, post the updated config with all the modifications done so far.

yea, i feel like i will not have healty sleep until this Tik is properly set up

But you are awesome, thanks for describing reasons why there must be sa-src-address locally meaningful for the Mikrotik.
I changed it to 10.0.0.50 (also tried 0.0.0.0) and I can see some changes.
In IPsec->Policies is PH2 State = msg1 sent

cfg:

/interface bridge
add admin-mac=74:4D:28:2F:97:79 auto-mac=no comment=defconf name=bridge
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip ipsec profile
add dh-group=modp2048 dpd-interval=1m40s enc-algorithm=aes-256
hash-algorithm=sha256 lifetime=24m name=TFS_profile
/ip ipsec peer
add address=52.57.130.45/32 name=TFS_preProd_peer profile=TFS_profile
/ip ipsec proposal
set [ find default=yes ] disabled=yes
add auth-algorithms=sha256 enc-algorithms=aes-256-cbc lifetime=24m name=
TFS_proposal pfs-group=modp2048
/ip pool
add name=default-dhcp ranges=10.0.1.1-10.0.1.100
add name=dhcp ranges=10.0.1.0/28
/ip dhcp-server
add address-pool=default-dhcp interface=bridge name=defconf
add address-pool=dhcp disabled=no interface=bridge name=dhcp1
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge comment=defconf interface=ether6
add bridge=bridge comment=defconf interface=ether7
add bridge=bridge comment=defconf interface=ether8
add bridge=bridge comment=defconf interface=ether9
add bridge=bridge comment=defconf interface=ether10
add bridge=bridge comment=defconf interface=sfp1
add bridge=bridge disabled=yes interface=ether1
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface detect-internet
set detect-interface-list=all
/interface list member
add comment=defconf interface=ether1 list=WAN
add interface=ether2 list=LAN
add interface=ether3 list=LAN
add interface=ether4 list=LAN
add interface=ether5 list=LAN
add interface=ether6 list=LAN
add interface=ether7 list=LAN
add interface=ether8 list=LAN
add interface=ether9 list=LAN
add interface=ether10 list=LAN
add interface=sfp1 list=LAN
add interface=bridge list=LAN
/ip address
add address=10.0.1.1/28 interface=ether2 network=10.0.1.0
add address=10.0.0.50/8 interface=ether1 network=10.0.0.0
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid interface=ether1
/ip dhcp-server network
add address=10.0.0.0/8 comment=defconf gateway=10.0.0.50 netmask=8
add address=10.0.1.0/28 gateway=10.0.1.1 netmask=28
/ip dns
set allow-remote-requests=yes servers=10.0.0.141
/ip dns static
add address=10.0.1.1 name=router.lan
/ip firewall filter
add action=accept chain=input protocol=ipsec-ah
add action=accept chain=input protocol=ipsec-esp
add action=accept chain=input port=500 protocol=udp
add action=accept chain=input port=4500 protocol=udp
add action=accept chain=input comment=
“defconf: accept established,related,untracked” connection-state=
established,related,untracked
add action=drop chain=input comment=“defconf: drop invalid” connection-state=
invalid disabled=yes
add action=accept chain=input comment=“defconf: accept ICMP” protocol=icmp
add action=accept chain=forward comment=“defconf: accept in ipsec policy”
ipsec-policy=in,ipsec
add action=accept chain=forward comment=“defconf: accept out ipsec policy”
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment=“defconf: fasttrack”
connection-state=established,related
add action=accept chain=forward comment=
“defconf: accept established,related, untracked” connection-state=
established,related,untracked
add action=drop chain=forward comment=“defconf: drop invalid”
connection-limit=!10,32 connection-state=invalid disabled=yes
add action=drop chain=forward comment=
“defconf: drop all from WAN not DSTNATed” connection-nat-state=!dstnat
connection-state=new disabled=yes in-interface-list=WAN
/ip firewall mangle
add action=log chain=prerouting disabled=yes log-prefix=AAAA src-address=
52.57.130.45
add action=log chain=prerouting disabled=yes log=yes log-prefix=AA protocol=
ipsec-esp
add action=log chain=prerouting disabled=yes log=yes log-prefix=__ protocol=
udp src-port=500,4500
/ip firewall nat
add action=accept chain=srcnat dst-address=10.123.113.29 src-address=
10.0.1.0/28
add action=masquerade chain=srcnat comment=“defconf: masquerade”
ipsec-policy=out,none out-interface-list=WAN
/ip ipsec identity
add peer=TFS_preProd_peer secret=*************
/ip ipsec policy
add dst-address=10.123.113.29/32 proposal=TFS_proposal sa-dst-address=
52.57.130.45 sa-src-address=10.0.0.50 src-address=10.0.0.50/32 tunnel=yes
set 1 disabled=yes
/ip route
add distance=1 gateway=10.0.0.138
add disabled=yes distance=1 dst-address=46.13.73.241/32 gateway=10.123.113.29
add disabled=yes distance=1 dst-address=52.57.130.45/32 gateway=ether1
/system clock
set time-zone-name=Europe/Prague
/system logging
add topics=ipsec
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN

You want to see the log?

Thanks!

EDIT:
when the PH2 state is msg1 sent, in Installed SAs is this:

Why there is Auth. and Encr. Algorithms “none”?

Unfortnately yes, as the policy proposal configuration seems fine to me.

I’d assume it is because none have been negotiated yet. IPsec permits to set several options for each in the proposal, so even though in your case there’s just one of each type, /ip ipsec installed-sa print (or its GUI equivalent) probably shows the negotiation result.

Here it is, can you see any problem there?
thanks

10:00:32 ipsec,debug,packet 3fc78ea2 7c3c1f3b 72e5ec6b 39616bbb 55cafc6c c597a4ab 8ef5d4cc 266a3286 
10:00:32 ipsec,debug,packet de58cbc8 535efb75 ce08c7e8 0aa46039 319f9e47 7a49eb4e 49207600 cd4ee740 
10:00:32 ipsec,debug,packet db2925a5 8884dbaa edf45392 e0e76b33 70ffe0dc 493b0265 4f258591 91bd5b23 
10:00:32 ipsec,debug,packet f5017b72 ec5c6204 e44d42cf a775de47 6790369f c06f46bb 35b7d273 77672ef8 
10:00:32 ipsec,debug,packet 2a353e4f 7ec02a20 06fd2fc2 fc974198 c1ee05ad 880cefaa 8adfbb35 df7e8f06 
10:00:32 ipsec,debug,packet 5947f69a d9e8b80b fc7cc334 d7d902d7 17fb57b1 40908509 d6c9bbe4 0725aba0 
10:00:32 ipsec,debug,packet df3c8c5d 6692b901 19087bb5 00189de2 7da6832e 233fd675 228ab372 e93f7fb0 
10:00:32 ipsec,debug,packet 758d3c98 7a9404e5 c137da68 a2bdea0d 60d8391a d4a50730 98868dff b646a957 
10:00:32 ipsec,debug,packet b63358fd e1e0f2af 6d7d6045 dc1da9e6 18328213 4b41619d 83a2b20b 4341d0bf 
10:00:32 ipsec,debug,packet 305b9bf0 bb1e5e1e 311c4c5b 886592bd 11aea933 15036986 c6224038 831f1b66 
10:00:32 ipsec,debug,packet 7717b9ad 6d7b641e 4cc51d76 793aba61 8eb01877 68b90fca b112e950 b1c11201 
10:00:32 ipsec,debug,packet 25b4a364 04deaff9 f79908f9 2afe0944 cad53e20 c0b073f7 026c8f9c ab785d76 
10:00:32 ipsec,debug,packet 42f8f55f 3e509f07 44cbbf3a 6b4659ef 66dc4c1d 48f649f7 ab2ad739 
10:00:32 ipsec resent phase2 packet 10.0.0.50[500]<=>52.57.130.45[500] 213ed39c297fa428:24aabba09c714c
d5:a70b982f 
10:00:42 ipsec,debug 444 bytes from 10.0.0.50[500] to 52.57.130.45[500] 
10:00:42 ipsec,debug 1 times of 444 bytes message will be sent to 52.57.130.45[500] 
10:00:42 ipsec,debug,packet 213ed39c 297fa428 24aabba0 9c714cd5 08102001 a70b982f 000001bc e0f337c4 
10:00:42 ipsec,debug,packet 3fc78ea2 7c3c1f3b 72e5ec6b 39616bbb 55cafc6c c597a4ab 8ef5d4cc 266a3286 
10:00:42 ipsec,debug,packet de58cbc8 535efb75 ce08c7e8 0aa46039 319f9e47 7a49eb4e 49207600 cd4ee740 
10:00:42 ipsec,debug,packet db2925a5 8884dbaa edf45392 e0e76b33 70ffe0dc 493b0265 4f258591 91bd5b23 
10:00:42 ipsec,debug,packet f5017b72 ec5c6204 e44d42cf a775de47 6790369f c06f46bb 35b7d273 77672ef8 
10:00:42 ipsec,debug,packet 2a353e4f 7ec02a20 06fd2fc2 fc974198 c1ee05ad 880cefaa 8adfbb35 df7e8f06 
10:00:42 ipsec,debug,packet 5947f69a d9e8b80b fc7cc334 d7d902d7 17fb57b1 40908509 d6c9bbe4 0725aba0 
10:00:42 ipsec,debug,packet df3c8c5d 6692b901 19087bb5 00189de2 7da6832e 233fd675 228ab372 e93f7fb0 
10:00:42 ipsec,debug,packet 758d3c98 7a9404e5 c137da68 a2bdea0d 60d8391a d4a50730 98868dff b646a957 
10:00:42 ipsec,debug,packet b63358fd e1e0f2af 6d7d6045 dc1da9e6 18328213 4b41619d 83a2b20b 4341d0bf 
10:00:42 ipsec,debug,packet 305b9bf0 bb1e5e1e 311c4c5b 886592bd 11aea933 15036986 c6224038 831f1b66 
10:00:42 ipsec,debug,packet 7717b9ad 6d7b641e 4cc51d76 793aba61 8eb01877 68b90fca b112e950 b1c11201 
10:00:42 ipsec,debug,packet 25b4a364 04deaff9 f79908f9 2afe0944 cad53e20 c0b073f7 026c8f9c ab785d76 
10:00:42 ipsec,debug,packet 42f8f55f 3e509f07 44cbbf3a 6b4659ef 66dc4c1d 48f649f7 ab2ad739 
10:00:42 ipsec resent phase2 packet 10.0.0.50[500]<=>52.57.130.45[500] 213ed39c297fa428:24aabba09c714c
d5:a70b982f 
10:00:52 ipsec 52.57.130.45 give up to get IPsec-SA due to time up to wait. 
10:00:52 ipsec,debug an undead schedule has been deleted. 
10:00:52 ipsec IPsec-SA expired: ESP/Tunnel 52.57.130.45[500]->10.0.0.50[500] spi=0xeacbd6a 
10:01:54 ipsec,debug 52.57.130.45 DPD monitoring.... 
10:01:54 ipsec,debug compute IV for phase2 
10:01:54 ipsec,debug phase1 last IV: 
10:01:54 ipsec,debug 193c5998 587fbc1d 9e24de8a 67cbed7f 90c27bab 
10:01:54 ipsec,debug hash(sha2_256) 
10:01:54 ipsec,debug encryption(aes) 
10:01:54 ipsec,debug phase2 IV computed: 
10:01:54 ipsec,debug c1eed073 ffd56a0d 0b23c92b b6cfc9d2 
10:01:54 ipsec,debug HASH with: 
10:01:54 ipsec,debug 90c27bab 00000020 00000001 01108d28 213ed39c 297fa428 24aabba0 9c714cd5 
10:01:54 ipsec,debug 00000c04 
10:01:54 ipsec,debug hmac(hmac_sha2_256) 
10:01:54 ipsec,debug HASH computed: 
10:01:54 ipsec,debug b11a97bf 731decc7 f29cf840 0ea77f63 895bc165 25fcc345 1f613732 edfeb60a 
10:01:54 ipsec,debug begin encryption. 
10:01:54 ipsec,debug encryption(aes) 
10:01:54 ipsec,debug pad length = 12 
10:01:54 ipsec,debug 0b000024 b11a97bf 731decc7 f29cf840 0ea77f63 895bc165 25fcc345 1f613732 
10:01:54 ipsec,debug edfeb60a 00000020 00000001 01108d28 213ed39c 297fa428 24aabba0 9c714cd5 
10:01:54 ipsec,debug 00000c04 2b3ddc04 d693d916 6a85880b 
10:01:54 ipsec,debug encryption(aes) 
10:01:54 ipsec,debug with key: 
10:01:54 ipsec,debug 7bd51937 9d3aa677 96dabe47 1f110bb5 5851acdc fe64595d 3bd8763d 4b5af445 
10:01:54 ipsec,debug encrypted payload by IV: 
10:01:54 ipsec,debug c1eed073 ffd56a0d 0b23c92b b6cfc9d2 
10:01:54 ipsec,debug save IV for next: 
10:01:54 ipsec,debug 6b4ab65a 181b882a 4b3c1ec8 4f236c78 
10:01:54 ipsec,debug encrypted. 
10:01:54 ipsec,debug 108 bytes from 10.0.0.50[500] to 52.57.130.45[500] 
10:01:54 ipsec,debug 1 times of 108 bytes message will be sent to 52.57.130.45[500] 
10:01:54 ipsec,debug,packet 213ed39c 297fa428 24aabba0 9c714cd5 08100501 90c27bab 0000006c 0e949b10 
10:01:54 ipsec,debug,packet 3473c050 b8db3265 2b1a1899 32805bfb 75461d05 1feec0e7 90c8ea02 8b2cd44a 
10:01:54 ipsec,debug,packet 7f96bc21 8e20cd57 8dc4f0c9 4bc1508f c81443a3 e92fa61f 6a0b3bab 6b4ab65a 
10:01:54 ipsec,debug,packet 181b882a 4b3c1ec8 4f236c78 
10:01:54 ipsec,debug sendto Information notify. 
10:01:54 ipsec,debug 52.57.130.45 DPD R-U-There sent (0) 
10:01:54 ipsec,debug 52.57.130.45 rescheduling send_r_u (5). 
10:01:54 ipsec,debug ===== received 108 bytes from 52.57.130.45[500] to 10.0.0.50[500] 
10:01:54 ipsec,debug,packet 213ed39c 297fa428 24aabba0 9c714cd5 08100501 0c27831b 0000006c 15f597ee 
10:01:54 ipsec,debug,packet 06e9dd47 ec274c5e 58465c25 ffddcad8 60d228b4 b4deb834 654d1e33 6171c421 
10:01:54 ipsec,debug,packet c7f0190b ce813c95 ea612b3d c920667f 4df70a01 a6c0f1cb 90d750b3 5e61695f 
10:01:54 ipsec,debug,packet 9a06eafa b7dd1716 031ff5c0 
10:01:54 ipsec,debug receive Information. 
10:01:54 ipsec,debug compute IV for phase2 
10:01:54 ipsec,debug phase1 last IV: 
10:01:54 ipsec,debug 193c5998 587fbc1d 9e24de8a 67cbed7f 0c27831b 
10:01:54 ipsec,debug hash(sha2_256) 
10:01:54 ipsec,debug encryption(aes) 
10:01:54 ipsec,debug phase2 IV computed: 
10:01:54 ipsec,debug 2aab896b f707a0d2 d1b5731a d4e2185c 
10:01:54 ipsec,debug encryption(aes) 
10:01:54 ipsec,debug IV was saved for next processing: 
10:01:54 ipsec,debug 5e61695f 9a06eafa b7dd1716 031ff5c0 
10:01:54 ipsec,debug encryption(aes) 
10:01:54 ipsec,debug with key: 
10:01:54 ipsec,debug 7bd51937 9d3aa677 96dabe47 1f110bb5 5851acdc fe64595d 3bd8763d 4b5af445 
10:01:54 ipsec,debug decrypted payload by IV: 
10:01:54 ipsec,debug 2aab896b f707a0d2 d1b5731a d4e2185c 
10:01:54 ipsec,debug decrypted payload, but not trimed. 
10:01:54 ipsec,debug 0b000024 f9faa5c8 241ff705 ce895cf6 e58390ed 933614cb 820e6a2a 2359e653 
10:01:54 ipsec,debug 9d458278 00000020 00000001 01108d29 213ed39c 297fa428 24aabba0 9c714cd5 
10:01:54 ipsec,debug 00000c04 62022148 69445f84 a1525d0c 
10:01:54 ipsec,debug padding len=13 
10:01:54 ipsec,debug skip to trim padding. 
10:01:54 ipsec,debug decrypted. 
10:01:54 ipsec,debug 213ed39c 297fa428 24aabba0 9c714cd5 08100501 0c27831b 0000006c 0b000024 
10:01:54 ipsec,debug f9faa5c8 241ff705 ce895cf6 e58390ed 933614cb 820e6a2a 2359e653 9d458278 
10:01:54 ipsec,debug 00000020 00000001 01108d29 213ed39c 297fa428 24aabba0 9c714cd5 00000c04 
10:01:54 ipsec,debug 62022148 69445f84 a1525d0c 
10:01:54 ipsec,debug HASH with: 
10:01:54 ipsec,debug 0c27831b 00000020 00000001 01108d29 213ed39c 297fa428 24aabba0 9c714cd5 
10:01:54 ipsec,debug 00000c04 
10:01:54 ipsec,debug hmac(hmac_sha2_256) 
10:01:54 ipsec,debug HASH computed: 
10:01:54 ipsec,debug f9faa5c8 241ff705 ce895cf6 e58390ed 933614cb 820e6a2a 2359e653 9d458278 
10:01:54 ipsec,debug hash validated. 
10:01:54 ipsec,debug begin. 
10:01:54 ipsec,debug seen nptype=8(hash) len=36 
10:01:54 ipsec,debug seen nptype=11(notify) len=32 
10:01:54 ipsec,debug succeed. 
10:01:54 ipsec,debug 52.57.130.45 notify: R_U_THERE_ACK 
10:01:54 ipsec,debug 52.57.130.45 DPD R-U-There-Ack received 
10:01:54 ipsec,debug received an R-U-THERE-ACK

I do. First, the log does not cover the complete startup from phase 1.
Second, even from the fragment you have sent it is clear that the NAT detection has failed - most likely because NAT-T is disabled on the remote peer. If it succeeded, the IKE communication would have to migrate to port 4500, but it stays on 500. The consequence is that even if phase 2 succeeded, the traffic would not get through unless the Zyxel can forward also ESP from its WAN to a configured address on LAN.

I’m not 100% sure that the failure of NAT detection is caused by remote configuration as I’ve seen cases in the past where it was failing at one end and working at the other one (it was IKEv2, though). Hint, using /log print follow-only file=ipsec-startup you bypass the problem of cli window buffer being too small to hold the complete log.

Depending on the contents of the log we can think of further steps.

Ok, this should cover it all

# jul/24/2019 10:43:26 by RouterOS 6.44.3
# software id = PNK7-8NB6
#
10:43:33 ipsec,debug Removing PH1... 
10:43:33 ipsec,debug compute IV for phase2 
10:43:33 ipsec,debug phase1 last IV: 
10:43:33 ipsec,debug 06c72df1 76b60177 2db77551 948f7f84 b1cc0021 
10:43:33 ipsec,debug hash(sha2_256) 
10:43:33 ipsec,debug encryption(aes) 
10:43:33 ipsec,debug phase2 IV computed: 
10:43:33 ipsec,debug 5ca657fa cf4afec2 a1c345db 2f532709 
10:43:33 ipsec,debug HASH with: 
10:43:33 ipsec,debug b1cc0021 0000001c 00000001 01100001 8e81f56c cfdbdbd5 d730ef4d 1eb098ef 
10:43:33 ipsec,debug hmac(hmac_sha2_256) 
10:43:33 ipsec,debug HASH computed: 
10:43:33 ipsec,debug acb53ab6 58dd096c 5650ebbf c110a592 827f366e 1eb046ac 02c8aa10 d028fd64 
10:43:33 ipsec,debug begin encryption. 
10:43:33 ipsec,debug encryption(aes) 
10:43:33 ipsec,debug pad length = 16 
10:43:33 ipsec,debug 0c000024 acb53ab6 58dd096c 5650ebbf c110a592 827f366e 1eb046ac 02c8aa10 
10:43:33 ipsec,debug d028fd64 0000001c 00000001 01100001 8e81f56c cfdbdbd5 d730ef4d 1eb098ef 
10:43:33 ipsec,debug 26a5684d 4570de23 af600fc2 361aa10f 
10:43:33 ipsec,debug encryption(aes) 
10:43:33 ipsec,debug with key: 
10:43:33 ipsec,debug 7ae492d6 bf5e4518 67f7ab68 31574923 10931b09 7b7a7568 cd50b7d0 3c85fd36 
10:43:33 ipsec,debug encrypted payload by IV: 
10:43:33 ipsec,debug 5ca657fa cf4afec2 a1c345db 2f532709 
10:43:33 ipsec,debug save IV for next: 
10:43:33 ipsec,debug 3b870d5f e855332d 7c6e61ed b9694d12 
10:43:33 ipsec,debug encrypted. 
10:43:33 ipsec,debug 108 bytes from 10.0.0.50[500] to 52.57.130.45[500] 
10:43:33 ipsec,debug 1 times of 108 bytes message will be sent to 52.57.130.45[500] 
10:43:33 ipsec,debug,packet 8e81f56c cfdbdbd5 d730ef4d 1eb098ef 08100501 b1cc0021 0000006c 6d4ab66f 
10:43:33 ipsec,debug,packet e347db79 e2c131d3 546a6c47 7951b369 f507337b 10cbc15e b2d0f755 97a3a02c 
10:43:33 ipsec,debug,packet f2ce09c5 ae1047ad 7412d9f4 cdb2ac8b 65fd281e 6a4077ff 69cd3df3 3b870d5f 
10:43:33 ipsec,debug,packet e855332d 7c6e61ed b9694d12 
10:43:33 ipsec,debug sendto Information delete. 
10:43:33 ipsec,info ISAKMP-SA deleted 10.0.0.50[500]-52.57.130.45[500] spi:8e81f56ccfdbdbd5:d730ef4d1eb098ef rekey:1 
10:43:33 ipsec,debug an undead schedule has been deleted. 
10:43:33 system,info ipsec peer TFS_preProd_peer changed by admin 
10:43:34 ipsec,debug === 
10:43:34 ipsec,info initiate new phase 1 (Identity Protection): 10.0.0.50[500]<=>52.57.130.45[500] 
10:43:34 ipsec,debug new cookie: 
10:43:34 ipsec,debug 80aa7431489be59e 
10:43:34 ipsec,debug add payload of len 52, next type 13 
10:43:34 ipsec,debug add payload of len 16, next type 13 
10:43:34 ipsec,debug add payload of len 16, next type 13 
10:43:34 ipsec,debug add payload of len 16, next type 13 
10:43:34 ipsec,debug add payload of len 16, next type 13 
10:43:34 ipsec,debug add payload of len 16, next type 13 
10:43:34 ipsec,debug add payload of len 16, next type 13 
10:43:34 ipsec,debug add payload of len 16, next type 13 
10:43:34 ipsec,debug add payload of len 16, next type 13 
10:43:34 ipsec,debug add payload of len 16, next type 13 
10:43:34 ipsec,debug add payload of len 16, next type 13 
10:43:34 ipsec,debug add payload of len 16, next type 13 
10:43:34 ipsec,debug add payload of len 16, next type 13 
10:43:34 ipsec,debug add payload of len 16, next type 0 
10:43:34 ipsec,debug 344 bytes from 10.0.0.50[500] to 52.57.130.45[500] 
10:43:34 ipsec,debug 1 times of 344 bytes message will be sent to 52.57.130.45[500] 
10:43:34 ipsec,debug,packet 80aa7431 489be59e 00000000 00000000 01100200 00000000 00000158 0d000038 
10:43:34 ipsec,debug,packet 00000001 00000001 0000002c 01010001 00000024 01010000 800b0001 800c05a0 
10:43:34 ipsec,debug,packet 80010007 800e0100 80030001 80020004 8004000e 0d000014 4a131c81 07035845 
10:43:34 ipsec,debug,packet 5c5728f2 0e95452f 0d000014 8f8d8382 6d246b6f c7a8a6a4 28c11de8 0d000014 
10:43:34 ipsec,debug,packet 439b59f8 ba676c4c 7737ae22 eab8f582 0d000014 4d1e0e13 6deafa34 c4f3ea9f 
10:43:34 ipsec,debug,packet 02ec7285 0d000014 80d0bb3d ef54565e e84645d4 c85ce3ee 0d000014 9909b64e 
10:43:34 ipsec,debug,packet ed937c65 73de52ac e952fa6b 0d000014 7d9419a6 5310ca6f 2c179d92 15529d56 
10:43:34 ipsec,debug,packet 0d000014 cd604643 35df21f8 7cfdb2fc 68b6a448 0d000014 90cb8091 3ebb696e 
10:43:34 ipsec,debug,packet 086381b5 ec427b1f 0d000014 16f6ca16 e4a4066d 83821a0f 0aeaa862 0d000014 
10:43:34 ipsec,debug,packet 4485152d 18b6bbcd 0be8a846 9579ddcc 0d000014 12f5f28c 457168a9 702d9fe2 
10:43:34 ipsec,debug,packet 74cc0100 00000014 afcad713 68a1f1c9 6b8696fc 77570100 
10:43:34 ipsec sent phase1 packet 10.0.0.50[500]<=>52.57.130.45[500] 80aa7431489be59e:0000000000000000 
10:43:34 ipsec,debug ===== received 144 bytes from 52.57.130.45[500] to 10.0.0.50[500] 
10:43:34 ipsec,debug,packet 80aa7431 489be59e 81fd1634 89559ff5 01100200 00000000 00000090 0d000038 
10:43:34 ipsec,debug,packet 00000001 00000001 0000002c 01010001 00000024 01010000 800b0001 800c05a0 
10:43:34 ipsec,debug,packet 80010007 800e0100 80030001 80020004 8004000e 0d000014 12f5f28c 457168a9 
10:43:34 ipsec,debug,packet 702d9fe2 74cc0100 0d000014 afcad713 68a1f1c9 6b8696fc 77570100 00000014 
10:43:34 ipsec,debug,packet a9b9b103 4f7e50a2 513b47b1 00bb85a9 
10:43:34 ipsec,debug begin. 
10:43:34 ipsec,debug seen nptype=1(sa) len=56 
10:43:34 ipsec,debug seen nptype=13(vid) len=20 
10:43:34 ipsec,debug seen nptype=13(vid) len=20 
10:43:34 ipsec,debug seen nptype=13(vid) len=20 
10:43:34 ipsec,debug succeed. 
10:43:34 ipsec received Vendor ID: CISCO-UNITY 
10:43:34 ipsec received Vendor ID: DPD 
10:43:34 ipsec,debug remote supports DPD 
10:43:34 ipsec,debug received unknown Vendor ID 
10:43:34 ipsec,debug a9b9b103 4f7e50a2 513b47b1 00bb85a9 
10:43:34 ipsec,debug total SA len=52 
10:43:34 ipsec,debug 00000001 00000001 0000002c 01010001 00000024 01010000 800b0001 800c05a0 
10:43:34 ipsec,debug 80010007 800e0100 80030001 80020004 8004000e 
10:43:34 ipsec,debug begin. 
10:43:34 ipsec,debug seen nptype=2(prop) len=44 
10:43:34 ipsec,debug succeed. 
10:43:34 ipsec,debug proposal #1 len=44 
10:43:34 ipsec,debug begin. 
10:43:34 ipsec,debug seen nptype=3(trns) len=36 
10:43:34 ipsec,debug succeed. 
10:43:34 ipsec,debug transform #1 len=36 
10:43:34 ipsec,debug type=Life Type, flag=0x8000, lorv=seconds 
10:43:34 ipsec,debug type=Life Duration, flag=0x8000, lorv=1440 
10:43:34 ipsec,debug type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC 
10:43:34 ipsec,debug encryption(aes) 
10:43:34 ipsec,debug type=Key Length, flag=0x8000, lorv=256 
10:43:34 ipsec,debug type=Authentication Method, flag=0x8000, lorv=pre-shared key 
10:43:34 ipsec,debug type=Hash Algorithm, flag=0x8000, lorv=4 
10:43:34 ipsec,debug hash(sha2_256) 
10:43:34 ipsec,debug type=Group Description, flag=0x8000, lorv=2048-bit MODP group 
10:43:34 ipsec,debug dh(modp2048) 
10:43:34 ipsec,debug pair 1: 
10:43:34 ipsec,debug  0x4978d8: next=(nil) tnext=(nil) 
10:43:34 ipsec,debug proposal #1: 1 transform 
10:43:34 ipsec,debug -checking with pre-shared key auth- 
10:43:34 ipsec,debug prop#=1, prot-id=ISAKMP, spi-size=0, #trns=1 
10:43:34 ipsec,debug trns#=1, trns-id=IKE 
10:43:34 ipsec,debug type=Life Type, flag=0x8000, lorv=seconds 
10:43:34 ipsec,debug type=Life Duration, flag=0x8000, lorv=1440 
10:43:34 ipsec,debug type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC 
10:43:34 ipsec,debug type=Key Length, flag=0x8000, lorv=256 
10:43:34 ipsec,debug type=Authentication Method, flag=0x8000, lorv=pre-shared key 
10:43:34 ipsec,debug type=Hash Algorithm, flag=0x8000, lorv=4 
10:43:34 ipsec,debug type=Group Description, flag=0x8000, lorv=2048-bit MODP group 
10:43:34 ipsec,debug -compare proposal #1: Local:Peer 
10:43:34 ipsec,debug (lifetime = 1440:1440) 
10:43:34 ipsec,debug (lifebyte = 0:0) 
10:43:34 ipsec,debug enctype = AES-CBC:AES-CBC 
10:43:34 ipsec,debug (encklen = 256:256) 
10:43:34 ipsec,debug hashtype = 4:4 
10:43:34 ipsec,debug authmethod = pre-shared key:pre-shared key 
10:43:34 ipsec,debug dh_group = 2048-bit MODP group:2048-bit MODP group 
10:43:34 ipsec,debug -an acceptable proposal found- 
10:43:34 ipsec,debug dh(modp2048) 
10:43:34 ipsec,debug -agreed on pre-shared key auth- 
10:43:34 ipsec,debug === 
10:43:34 ipsec,debug dh(modp2048) 
10:43:35 ipsec,debug compute DH's private. 
10:43:35 ipsec,debug 7860ab20 c212e1ac b18fdb7a 9ec33fe5 dc7e5a95 ba3f65d2 2ff23a84 160a46eb 
10:43:35 ipsec,debug 3f656fc7 f44fc81b b0885067 8d4469ca c6f24297 9757ce62 4c2b5c65 af6cf99f 
10:43:35 ipsec,debug 51fb1c2d a8738590 d6a15d8d fb1c91ef 77c47cb1 5ced292c a69f4bc3 331ad2a0 
10:43:35 ipsec,debug 2a0e6851 b815eb4c 393d7934 9d9ca544 be5bbddd 0dca71d7 81d83668 db727f96 
10:43:35 ipsec,debug 504c3a97 983f24d4 a738d229 292e5c27 1c3d76e5 e0338ca0 e09589b7 ca23fec4 
10:43:35 ipsec,debug a078a1fd d0d387f9 2dfc2059 a17a43ae 5c74711c 14dd913a b435ff68 a49d1d4d 
10:43:35 ipsec,debug fef3102f 3c8c84c0 c1c2e45c 4f72ba75 c6f46b9d 5bdade2b e348020d 6e91578b 
10:43:35 ipsec,debug b43b268f 069c19b4 45de551e 68251fda b04d56a3 601dd562 08199129 b01ecb2f 
10:43:35 ipsec,debug compute DH's public. 
10:43:35 ipsec,debug 9183a2af f0442292 536f0b32 6e202f12 c11ab0d3 6e116b5c 1e7ef157 7b8dc56d 
10:43:35 ipsec,debug b41403be 24d6f86d fb01c96f 60c635e6 b56c8f0f 7bd27051 16f813ba 9b3acfcc 
10:43:35 ipsec,debug dd5f9fc7 8890b7f7 c52e3f30 aa3affaf 46dcdc1d 32209d57 fc1c8e3c 373c9689 
10:43:35 ipsec,debug 450f9082 1798b7df 2a1082bc 13173af5 3b3e4752 412b5749 bf381742 98cb17c6 
10:43:35 ipsec,debug f03b44d6 8f767ad8 6c235cc4 e3b71155 088b1918 e0c5e699 8120dca7 8ffcf6d1 
10:43:35 ipsec,debug bcfd9677 df7f438c acde543d 2b46dcf3 3a3a85e9 8abb08fb 84f868c2 9c1808d7 
10:43:35 ipsec,debug 6f8ff039 0494ceae 8980b181 1ba15e4c e951623b 53d31412 73f75543 d7b24228 
10:43:35 ipsec,debug 3cb64909 03886edf e68ad6be 5d6de4f9 34d507fc 961f59d0 c757cadf ff6f818e 
10:43:35 ipsec,debug add payload of len 256, next type 10 
10:43:35 ipsec,debug add payload of len 24, next type 0 
10:43:35 ipsec,debug 316 bytes from 10.0.0.50[500] to 52.57.130.45[500] 
10:43:35 ipsec,debug 1 times of 316 bytes message will be sent to 52.57.130.45[500] 
10:43:35 ipsec,debug,packet 80aa7431 489be59e 81fd1634 89559ff5 04100200 00000000 0000013c 0a000104 
10:43:35 ipsec,debug,packet 9183a2af f0442292 536f0b32 6e202f12 c11ab0d3 6e116b5c 1e7ef157 7b8dc56d 
10:43:35 ipsec,debug,packet b41403be 24d6f86d fb01c96f 60c635e6 b56c8f0f 7bd27051 16f813ba 9b3acfcc 
10:43:35 ipsec,debug,packet dd5f9fc7 8890b7f7 c52e3f30 aa3affaf 46dcdc1d 32209d57 fc1c8e3c 373c9689 
10:43:35 ipsec,debug,packet 450f9082 1798b7df 2a1082bc 13173af5 3b3e4752 412b5749 bf381742 98cb17c6 
10:43:35 ipsec,debug,packet f03b44d6 8f767ad8 6c235cc4 e3b71155 088b1918 e0c5e699 8120dca7 8ffcf6d1 
10:43:35 ipsec,debug,packet bcfd9677 df7f438c acde543d 2b46dcf3 3a3a85e9 8abb08fb 84f868c2 9c1808d7 
10:43:35 ipsec,debug,packet 6f8ff039 0494ceae 8980b181 1ba15e4c e951623b 53d31412 73f75543 d7b24228 
10:43:35 ipsec,debug,packet 3cb64909 03886edf e68ad6be 5d6de4f9 34d507fc 961f59d0 c757cadf ff6f818e 
10:43:35 ipsec,debug,packet 0000001c e18a88b6 9867b772 6743d7f8 59d9b74b 6512034b fcdeed26 
10:43:35 ipsec sent phase1 packet 10.0.0.50[500]<=>52.57.130.45[500] 80aa7431489be59e:81fd163489559ff5 
10:43:35 ipsec,debug ===== received 308 bytes from 52.57.130.45[500] to 10.0.0.50[500] 
10:43:35 ipsec,debug,packet 80aa7431 489be59e 81fd1634 89559ff5 04100200 00000000 00000134 0a000104 
10:43:35 ipsec,debug,packet 1bf5ae2b 65fd93ca 5805533b f8d19cc7 83bab51e ea5901ee df4e316f 291da9b8 
10:43:35 ipsec,debug,packet c9c64cd0 cae2d977 b18be246 72b7398a 2e2d08f3 89f9329c f32678a1 7f22a545 
10:43:35 ipsec,debug,packet ead5db1e 8834c4f1 b4c31b02 c42dd429 48c1dbb2 7a78f04d ecbe6ecf cf911393 
10:43:35 ipsec,debug,packet d01bbd4f 3daae70e 8ab9d28b 86a00501 115f9be1 f2bfdaea 0d93fa19 ee3b19c2 
10:43:35 ipsec,debug,packet 6473179f 15e87973 98b68bf0 4e27d25d de6f70cc 9785f652 37ec9ae8 573a977e 
10:43:35 ipsec,debug,packet 96f52f67 b681d3cf 7d170e05 ddb732b1 e861c83d fc5da2ba 9ee7372b 8f93dd43 
10:43:35 ipsec,debug,packet 36b5a21c 310ca888 0eab71ef d242772c 7ae79ae2 4eee3c16 d6bec7a8 3d190a9c 
10:43:35 ipsec,debug,packet fa090c70 d24c9c51 512c3510 3390fc39 c2b2036a b2672f04 cf32604b 7489ee3b 
10:43:35 ipsec,debug,packet 00000014 c636be7b 26f0e528 6e800f7f bc739234 
10:43:35 ipsec,debug begin. 
10:43:35 ipsec,debug seen nptype=4(ke) len=260 
10:43:35 ipsec,debug seen nptype=10(nonce) len=20 
10:43:35 ipsec,debug succeed. 
10:43:35 ipsec,debug === 
10:43:35 ipsec,debug dh(modp2048) 
10:43:35 ipsec,debug compute DH's shared. 
10:43:35 ipsec,debug 
10:43:35 ipsec,debug 3bd4cb16 dc0661c8 7f9311cb eea18c72 144fc2e7 ddc52083 7b94f1fe 67fbcf7d 
10:43:35 ipsec,debug b3086a74 a8d636e8 0c0785d3 370aca41 aacf88c7 cdb09c38 aca67e8b a79f379b 
10:43:35 ipsec,debug 8e2aec3f beb98aae 23a71410 75bf4a4e 02b66241 c1ceb80a 3f6321ce a8f38b4e 
10:43:35 ipsec,debug c2b7975d 73b33c58 d1dbac6e 2079df3f 4e615397 47ab586c 3986be8b abddf7e3 
10:43:35 ipsec,debug cd871be6 9f69ef33 e8a06602 f97a2de3 46c53b87 d8015c9d 3e7a3dcc 8517244a 
10:43:35 ipsec,debug f27d7c6c dedecaf4 7674d9fa 04318191 5785161f efb6ba25 69b0dd13 854bc81d 
10:43:35 ipsec,debug 943f4a87 c700f3f3 d331bdfc f438f16c c3ee5ead fc4a7011 84170dba 7e0916d1 
10:43:35 ipsec,debug 3997b1c7 230480f4 16f0d438 132353a4 159542bf 7bedfde2 2db58c5d 772c6c84 
10:43:35 ipsec,debug nonce 1:  
10:43:35 ipsec,debug e18a88b6 9867b772 6743d7f8 59d9b74b 6512034b fcdeed26 
10:43:35 ipsec,debug nonce 2:  
10:43:35 ipsec,debug c636be7b 26f0e528 6e800f7f bc739234 
10:43:35 ipsec,debug hmac(hmac_sha2_256) 
10:43:35 ipsec,debug SKEYID computed: 
10:43:35 ipsec,debug 12b64ec0 deb83380 3942ab20 90d735d8 85f33a50 2ffd677f 5260ff53 0cbbff7c 
10:43:35 ipsec,debug hmac(hmac_sha2_256) 
10:43:35 ipsec,debug SKEYID_d computed: 
10:43:35 ipsec,debug eb46cc4e 8e9976ea 17adb8c5 2da220c7 d54381f2 22a87f2c c0219492 874f64d5 
10:43:35 ipsec,debug hmac(hmac_sha2_256) 
10:43:35 ipsec,debug SKEYID_a computed: 
10:43:35 ipsec,debug 27300d1e 6df4ca66 0bf2e974 bba485c5 8c8aa502 dbde54b4 f4c7e79f 73d12e5b 
10:43:35 ipsec,debug hmac(hmac_sha2_256) 
10:43:35 ipsec,debug SKEYID_e computed: 
10:43:35 ipsec,debug c600ea37 b6741ee4 c2fc416f 7870975a 60da12db 3381fd21 7757baa6 df387a67 
10:43:35 ipsec,debug encryption(aes) 
10:43:35 ipsec,debug hash(sha2_256) 
10:43:35 ipsec,debug final encryption key computed: 
10:43:35 ipsec,debug c600ea37 b6741ee4 c2fc416f 7870975a 60da12db 3381fd21 7757baa6 df387a67 
10:43:35 ipsec,debug hash(sha2_256) 
10:43:35 ipsec,debug encryption(aes) 
10:43:35 ipsec,debug IV computed: 
10:43:35 ipsec,debug 3b1edeff 0db3008c 4ea3a803 3969d5c8 
10:43:35 ipsec,debug use ID type of IPv4_address 
10:43:35 ipsec,debug HASH with: 
10:43:35 ipsec,debug 9183a2af f0442292 536f0b32 6e202f12 c11ab0d3 6e116b5c 1e7ef157 7b8dc56d 
10:43:35 ipsec,debug b41403be 24d6f86d fb01c96f 60c635e6 b56c8f0f 7bd27051 16f813ba 9b3acfcc 
10:43:35 ipsec,debug dd5f9fc7 8890b7f7 c52e3f30 aa3affaf 46dcdc1d 32209d57 fc1c8e3c 373c9689 
10:43:35 ipsec,debug 450f9082 1798b7df 2a1082bc 13173af5 3b3e4752 412b5749 bf381742 98cb17c6 
10:43:35 ipsec,debug f03b44d6 8f767ad8 6c235cc4 e3b71155 088b1918 e0c5e699 8120dca7 8ffcf6d1 
10:43:35 ipsec,debug bcfd9677 df7f438c acde543d 2b46dcf3 3a3a85e9 8abb08fb 84f868c2 9c1808d7 
10:43:35 ipsec,debug 6f8ff039 0494ceae 8980b181 1ba15e4c e951623b 53d31412 73f75543 d7b24228 
10:43:35 ipsec,debug 3cb64909 03886edf e68ad6be 5d6de4f9 34d507fc 961f59d0 c757cadf ff6f818e 
10:43:35 ipsec,debug 1bf5ae2b 65fd93ca 5805533b f8d19cc7 83bab51e ea5901ee df4e316f 291da9b8 
10:43:35 ipsec,debug c9c64cd0 cae2d977 b18be246 72b7398a 2e2d08f3 89f9329c f32678a1 7f22a545 
10:43:35 ipsec,debug ead5db1e 8834c4f1 b4c31b02 c42dd429 48c1dbb2 7a78f04d ecbe6ecf cf911393 
10:43:35 ipsec,debug d01bbd4f 3daae70e 8ab9d28b 86a00501 115f9be1 f2bfdaea 0d93fa19 ee3b19c2 
10:43:35 ipsec,debug 6473179f 15e87973 98b68bf0 4e27d25d de6f70cc 9785f652 37ec9ae8 573a977e 
10:43:35 ipsec,debug 96f52f67 b681d3cf 7d170e05 ddb732b1 e861c83d fc5da2ba 9ee7372b 8f93dd43 
10:43:35 ipsec,debug 36b5a21c 310ca888 0eab71ef d242772c 7ae79ae2 4eee3c16 d6bec7a8 3d190a9c 
10:43:35 ipsec,debug fa090c70 d24c9c51 512c3510 3390fc39 c2b2036a b2672f04 cf32604b 7489ee3b 
10:43:35 ipsec,debug 80aa7431 489be59e 81fd1634 89559ff5 00000001 00000001 0000002c 01010001 
10:43:35 ipsec,debug 00000024 01010000 800b0001 800c05a0 80010007 800e0100 80030001 80020004 
10:43:35 ipsec,debug 8004000e 011101f4 0a000032 
10:43:35 ipsec,debug hmac(hmac_sha2_256) 
10:43:35 ipsec,debug HASH computed: 
10:43:35 ipsec,debug 51cadd4f 4af97a7c cb23b2c3 9b22fc0c 03fa7b27 d2ef1dff 0f70371e 14ccb99e 
10:43:35 ipsec,debug add payload of len 8, next type 8 
10:43:35 ipsec,debug add payload of len 32, next type 0 
10:43:35 ipsec,debug begin encryption. 
10:43:35 ipsec,debug encryption(aes) 
10:43:35 ipsec,debug pad length = 16 
10:43:35 ipsec,debug 0800000c 011101f4 0a000032 00000024 51cadd4f 4af97a7c cb23b2c3 9b22fc0c 
10:43:35 ipsec,debug 03fa7b27 d2ef1dff 0f70371e 14ccb99e eb21a514 2c787dab d1e5081f 3de2a90f 
10:43:35 ipsec,debug encryption(aes) 
10:43:35 ipsec,debug with key: 
10:43:35 ipsec,debug c600ea37 b6741ee4 c2fc416f 7870975a 60da12db 3381fd21 7757baa6 df387a67 
10:43:35 ipsec,debug encrypted payload by IV: 
10:43:35 ipsec,debug 3b1edeff 0db3008c 4ea3a803 3969d5c8 
10:43:35 ipsec,debug save IV for next: 
10:43:35 ipsec,debug 060e36b3 e09e5cea 3c0182a1 91d3bd4d 
10:43:35 ipsec,debug encrypted. 
10:43:35 ipsec,debug 92 bytes from 10.0.0.50[500] to 52.57.130.45[500] 
10:43:35 ipsec,debug 1 times of 92 bytes message will be sent to 52.57.130.45[500] 
10:43:35 ipsec,debug,packet 80aa7431 489be59e 81fd1634 89559ff5 05100201 00000000 0000005c 5523981f 
10:43:35 ipsec,debug,packet d80b941b 392a620a b96898c9 0af6e1f6 ed6b15e3 8ca0c2c9 1fd920e6 0306b5eb 
10:43:35 ipsec,debug,packet 52c9b538 9750e898 29d54a76 060e36b3 e09e5cea 3c0182a1 91d3bd4d 
10:43:35 ipsec sent phase1 packet 10.0.0.50[500]<=>52.57.130.45[500] 80aa7431489be59e:81fd163489559ff5 
10:43:35 ipsec,debug ===== received 92 bytes from 52.57.130.45[500] to 10.0.0.50[500] 
10:43:35 ipsec,debug,packet 80aa7431 489be59e 81fd1634 89559ff5 05100201 00000000 0000005c 1216b400 
10:43:35 ipsec,debug,packet 3dca53ac d7e03ea2 778a6c93 8893bd72 9505626d 01245c50 92d49518 feac5d26 
10:43:35 ipsec,debug,packet 79d39260 f3727f31 aed8a9dc 760bca8f 617171eb b873f106 a43f0cd9 
10:43:35 ipsec,debug encryption(aes) 
10:43:35 ipsec,debug IV was saved for next processing: 
10:43:35 ipsec,debug 760bca8f 617171eb b873f106 a43f0cd9 
10:43:35 ipsec,debug encryption(aes) 
10:43:35 ipsec,debug with key: 
10:43:35 ipsec,debug c600ea37 b6741ee4 c2fc416f 7870975a 60da12db 3381fd21 7757baa6 df387a67 
10:43:35 ipsec,debug decrypted payload by IV: 
10:43:35 ipsec,debug 060e36b3 e09e5cea 3c0182a1 91d3bd4d 
10:43:35 ipsec,debug decrypted payload, but not trimed. 
10:43:35 ipsec,debug 0800000c 01000000 3439822d 00000024 835ba559 f9ffa043 dc4ab118 a2f39b9f 
10:43:35 ipsec,debug be74b7eb 77c19f95 19e3b14f 6abeadf2 563cd9e1 7c87778f 7a29a9f2 ddf9d010 
10:43:35 ipsec,debug padding len=17 
10:43:35 ipsec,debug skip to trim padding. 
10:43:35 ipsec,debug decrypted. 
10:43:35 ipsec,debug 80aa7431 489be59e 81fd1634 89559ff5 05100201 00000000 0000005c 0800000c 
10:43:35 ipsec,debug 01000000 3439822d 00000024 835ba559 f9ffa043 dc4ab118 a2f39b9f be74b7eb 
10:43:35 ipsec,debug 77c19f95 19e3b14f 6abeadf2 563cd9e1 7c87778f 7a29a9f2 ddf9d010 
10:43:35 ipsec,debug begin. 
10:43:35 ipsec,debug seen nptype=5(id) len=12 
10:43:35 ipsec,debug seen nptype=8(hash) len=36 
10:43:35 ipsec,debug succeed. 
10:43:35 ipsec,debug HASH received: 
10:43:35 ipsec,debug 835ba559 f9ffa043 dc4ab118 a2f39b9f be74b7eb 77c19f95 19e3b14f 6abeadf2 
10:43:35 ipsec,debug HASH with: 
10:43:35 ipsec,debug 1bf5ae2b 65fd93ca 5805533b f8d19cc7 83bab51e ea5901ee df4e316f 291da9b8 
10:43:35 ipsec,debug c9c64cd0 cae2d977 b18be246 72b7398a 2e2d08f3 89f9329c f32678a1 7f22a545 
10:43:35 ipsec,debug ead5db1e 8834c4f1 b4c31b02 c42dd429 48c1dbb2 7a78f04d ecbe6ecf cf911393 
10:43:35 ipsec,debug d01bbd4f 3daae70e 8ab9d28b 86a00501 115f9be1 f2bfdaea 0d93fa19 ee3b19c2 
10:43:35 ipsec,debug 6473179f 15e87973 98b68bf0 4e27d25d de6f70cc 9785f652 37ec9ae8 573a977e 
10:43:35 ipsec,debug 96f52f67 b681d3cf 7d170e05 ddb732b1 e861c83d fc5da2ba 9ee7372b 8f93dd43 
10:43:35 ipsec,debug 36b5a21c 310ca888 0eab71ef d242772c 7ae79ae2 4eee3c16 d6bec7a8 3d190a9c 
10:43:35 ipsec,debug fa090c70 d24c9c51 512c3510 3390fc39 c2b2036a b2672f04 cf32604b 7489ee3b 
10:43:35 ipsec,debug 9183a2af f0442292 536f0b32 6e202f12 c11ab0d3 6e116b5c 1e7ef157 7b8dc56d 
10:43:35 ipsec,debug b41403be 24d6f86d fb01c96f 60c635e6 b56c8f0f 7bd27051 16f813ba 9b3acfcc 
10:43:35 ipsec,debug dd5f9fc7 8890b7f7 c52e3f30 aa3affaf 46dcdc1d 32209d57 fc1c8e3c 373c9689 
10:43:35 ipsec,debug 450f9082 1798b7df 2a1082bc 13173af5 3b3e4752 412b5749 bf381742 98cb17c6 
10:43:35 ipsec,debug f03b44d6 8f767ad8 6c235cc4 e3b71155 088b1918 e0c5e699 8120dca7 8ffcf6d1 
10:43:35 ipsec,debug bcfd9677 df7f438c acde543d 2b46dcf3 3a3a85e9 8abb08fb 84f868c2 9c1808d7 
10:43:35 ipsec,debug 6f8ff039 0494ceae 8980b181 1ba15e4c e951623b 53d31412 73f75543 d7b24228 
10:43:35 ipsec,debug 3cb64909 03886edf e68ad6be 5d6de4f9 34d507fc 961f59d0 c757cadf ff6f818e 
10:43:35 ipsec,debug 81fd1634 89559ff5 80aa7431 489be59e 00000001 00000001 0000002c 01010001 
10:43:35 ipsec,debug 00000024 01010000 800b0001 800c05a0 80010007 800e0100 80030001 80020004 
10:43:35 ipsec,debug 8004000e 01000000 3439822d 
10:43:35 ipsec,debug hmac(hmac_sha2_256) 
10:43:35 ipsec,debug HASH computed: 
10:43:35 ipsec,debug 835ba559 f9ffa043 dc4ab118 a2f39b9f be74b7eb 77c19f95 19e3b14f 6abeadf2 
10:43:35 ipsec,debug HASH for PSK validated. 
10:43:35 ipsec,debug 52.57.130.45 peer's ID: 
10:43:35 ipsec,debug 01000000 3439822d 
10:43:35 ipsec,debug === 
10:43:35 ipsec ph2 possible after ph1 creation 
10:43:35 ipsec,debug  (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=Tunnel reqid=0:0) 
10:43:35 ipsec,debug   (trns_id=3DES encklen=0 authtype=hmac-sha1) 
10:43:35 ipsec,debug begin QUICK mode. 
10:43:35 ipsec,debug === 
10:43:35 ipsec,debug begin QUICK mode. 
10:43:35 ipsec initiate new phase 2 negotiation: 10.0.0.50[500]<=>52.57.130.45[500] 
10:43:35 ipsec,debug compute IV for phase2 
10:43:35 ipsec,debug phase1 last IV: 
10:43:35 ipsec,debug 760bca8f 617171eb b873f106 a43f0cd9 8635f64f 
10:43:35 ipsec,debug hash(sha2_256) 
10:43:35 ipsec,debug encryption(aes) 
10:43:35 ipsec,debug phase2 IV computed: 
10:43:35 ipsec,debug 2191fd56 99e98987 8e8b2cb3 234e3d38 
10:43:35 ipsec,debug call pfkey_send_getspi a8 
10:43:35 ipsec,debug pfkey GETSPI sent: ESP/Tunnel 52.57.130.45[500]->10.0.0.50[500]  
10:43:35 ipsec,debug pfkey getspi sent. 
10:43:35 ipsec,info ISAKMP-SA established 10.0.0.50[500]-52.57.130.45[500] spi:80aa7431489be59e:81fd163489559ff5 
10:43:35 ipsec,debug === 
10:43:35 ipsec,debug use local ID type IPv4_address 
10:43:35 ipsec,debug use remote ID type IPv4_address 
10:43:35 ipsec,debug IDci: 
10:43:35 ipsec,debug 01000000 0a000032 
10:43:35 ipsec,debug IDcr: 
10:43:35 ipsec,debug 01000000 0a7b711d 
10:43:35 ipsec,debug add payload of len 44, next type 10 
10:43:35 ipsec,debug add payload of len 24, next type 5 
10:43:35 ipsec,debug add payload of len 8, next type 5 
10:43:35 ipsec,debug add payload of len 8, next type 0 
10:43:35 ipsec,debug HASH with: 
10:43:35 ipsec,debug 8635f64f 0a000030 00000001 00000001 00000024 01030401 0fb8d1ee 00000018 
10:43:35 ipsec,debug 01030000 80010001 800205a0 80040001 80050002 0500001c bc1d74b2 d94ce742 
10:43:35 ipsec,debug ea7c319b 63708b60 54c7c8f4 b00e03a9 0500000c 01000000 0a000032 0000000c 
10:43:35 ipsec,debug 01000000 0a7b711d 
10:43:35 ipsec,debug hmac(hmac_sha2_256) 
10:43:35 ipsec,debug HASH computed: 
10:43:35 ipsec,debug f0268b1c 71312437 491186b5 b2ce6514 77f54a88 ba9a689e f12d72a4 75830fb4 
10:43:35 ipsec,debug add payload of len 32, next type 1 
10:43:35 ipsec,debug begin encryption. 
10:43:35 ipsec,debug encryption(aes) 
10:43:35 ipsec,debug pad length = 8 
10:43:35 ipsec,debug 01000024 f0268b1c 71312437 491186b5 b2ce6514 77f54a88 ba9a689e f12d72a4 
10:43:35 ipsec,debug 75830fb4 0a000030 00000001 00000001 00000024 01030401 0fb8d1ee 00000018 
10:43:35 ipsec,debug 01030000 80010001 800205a0 80040001 80050002 0500001c bc1d74b2 d94ce742 
10:43:35 ipsec,debug ea7c319b 63708b60 54c7c8f4 b00e03a9 0500000c 01000000 0a000032 0000000c 
10:43:35 ipsec,debug 01000000 0a7b711d 35ae5f52 a8bcfb07 
10:43:35 ipsec,debug encryption(aes) 
10:43:35 ipsec,debug with key: 
10:43:35 ipsec,debug c600ea37 b6741ee4 c2fc416f 7870975a 60da12db 3381fd21 7757baa6 df387a67 
10:43:35 ipsec,debug encrypted payload by IV: 
10:43:35 ipsec,debug 2191fd56 99e98987 8e8b2cb3 234e3d38 
10:43:35 ipsec,debug save IV for next: 
10:43:35 ipsec,debug b1b9db58 01f232e4 590eb5d7 79a43abe 
10:43:35 ipsec,debug encrypted. 
10:43:35 ipsec,debug 172 bytes from 10.0.0.50[500] to 52.57.130.45[500] 
10:43:35 ipsec,debug 1 times of 172 bytes message will be sent to 52.57.130.45[500] 
10:43:35 ipsec,debug,packet 80aa7431 489be59e 81fd1634 89559ff5 08102001 8635f64f 000000ac 21d5acaf 
10:43:35 ipsec,debug,packet a9f4ca22 9405f30d f4f9fedf 7f6d39f5 7cedbafa 1d3b926c ede7442a 2fe0f4f7 
10:43:35 ipsec,debug,packet 2b5d13b7 e96b79a1 0a9c7874 30eef096 e92a5fd6 c0fb731b a3f37556 9291a91d 
10:43:35 ipsec,debug,packet ebe67f4c 4eaed1bd 65bce45f 4fcb9caa 802692c3 da09ec1e 553c5cce d0fe0d78 
10:43:35 ipsec,debug,packet 1ee3a6e2 5f3044d8 fb4830f0 ab783fd7 775fab29 c79f2e7f cd7dd18b b1b9db58 
10:43:35 ipsec,debug,packet 01f232e4 590eb5d7 79a43abe 
10:43:35 ipsec sent phase2 packet 10.0.0.50[500]<=>52.57.130.45[500] 80aa7431489be59e:81fd163489559ff5:8635f64f 
10:43:45 ipsec,debug 172 bytes from 10.0.0.50[500] to 52.57.130.45[500] 
10:43:45 ipsec,debug 1 times of 172 bytes message will be sent to 52.57.130.45[500] 
10:43:45 ipsec,debug,packet 80aa7431 489be59e 81fd1634 89559ff5 08102001 8635f64f 000000ac 21d5acaf 
10:43:45 ipsec,debug,packet a9f4ca22 9405f30d f4f9fedf 7f6d39f5 7cedbafa 1d3b926c ede7442a 2fe0f4f7 
10:43:45 ipsec,debug,packet 2b5d13b7 e96b79a1 0a9c7874 30eef096 e92a5fd6 c0fb731b a3f37556 9291a91d 
10:43:45 ipsec,debug,packet ebe67f4c 4eaed1bd 65bce45f 4fcb9caa 802692c3 da09ec1e 553c5cce d0fe0d78 
10:43:45 ipsec,debug,packet 1ee3a6e2 5f3044d8 fb4830f0 ab783fd7 775fab29 c79f2e7f cd7dd18b b1b9db58 
10:43:45 ipsec,debug,packet 01f232e4 590eb5d7 79a43abe 
10:43:45 ipsec resent phase2 packet 10.0.0.50[500]<=>52.57.130.45[500] 80aa7431489be59e:81fd163489559ff5:8635f64f 
10:43:55 ipsec,debug 172 bytes from 10.0.0.50[500] to 52.57.130.45[500] 
10:43:55 ipsec,debug 1 times of 172 bytes message will be sent to 52.57.130.45[500] 
10:43:55 ipsec,debug,packet 80aa7431 489be59e 81fd1634 89559ff5 08102001 8635f64f 000000ac 21d5acaf 
10:43:55 ipsec,debug,packet a9f4ca22 9405f30d f4f9fedf 7f6d39f5 7cedbafa 1d3b926c ede7442a 2fe0f4f7 
10:43:55 ipsec,debug,packet 2b5d13b7 e96b79a1 0a9c7874 30eef096 e92a5fd6 c0fb731b a3f37556 9291a91d 
10:43:55 ipsec,debug,packet ebe67f4c 4eaed1bd 65bce45f 4fcb9caa 802692c3 da09ec1e 553c5cce d0fe0d78 
10:43:55 ipsec,debug,packet 1ee3a6e2 5f3044d8 fb4830f0 ab783fd7 775fab29 c79f2e7f cd7dd18b b1b9db58 
10:43:55 ipsec,debug,packet 01f232e4 590eb5d7 79a43abe 
10:43:55 ipsec resent phase2 packet 10.0.0.50[500]<=>52.57.130.45[500] 80aa7431489be59e:81fd163489559ff5:8635f64f 
10:43:58 dhcp,info dhcp1 deassigned 10.0.1.7 from E8:94:F6:02:84:0A 
10:44:05 ipsec IPsec-SA expired: ESP/Tunnel 52.57.130.45[500]->10.0.0.50[500] spi=0xfb8d1ee 
10:44:05 ipsec,debug the expire message is received but the handler has not been established. 
10:44:05 ipsec 52.57.130.45 give up to get IPsec-SA due to time up to wait. 
10:44:05 ipsec,debug an undead schedule has been deleted.

Also I received message from other side:

lets downgrade the security parameters at phase 2, it might help. So I have changed the parameters as below, please do the same at your end and lets test:
Encryption: 3des
Authentication: sha1
DH Group: no pfs
Lifetime: 1440 sec

I changed it in IPsec Proposal. Is it correct? Because those algorithms are also in IPsec Profile (but there i can’t uncheck DH group)

As supposed, the remote party doesn’t advertise NAT-T support.

Given that the remote admin seems to be flexible and cooperative, ask him to activate it. I can imagine that he doesn’t realize the need as the NAT is not at his end, but both peers must enable support of the mechanism so that it could work.

proposal = phase 2 parameters, profile = phase 1 parameters.
Other than that it is searching for lost keys where there is light instead of where you know you’ve actually lost them, so you can return back to the stronger encryption once you get through with the current settings.

Off topic, what is your main activity (besides networking)?

Thank you, i contacted the remote admin to check it.

My main activity is something like data engineering. I’m developing on SQL Server
For you is networking your only job? You seems pretty educated

I’m a troubleshooter by heart and profession. As recently most resolvable troubles seem to exist in computer networks, I turned into a network troubleshooter. The reason I asked is that we constantly look for technicians and developers and already your OP was very well done. But I’m not sure about the importance of databases in our products.

Yea, i like things to do properly and nice looking. I have little bit of graphic designer eye and also read lots of reddit/forums.


Back to the VPN..
remote admin enabled NAT-T and traffic jumped to port 4500 as you predicted
Log is now like this:

12:15:46 ipsec,debug Removing PH1... 
12:15:46 ipsec,debug Deleting a Ph2... 
12:15:46 ipsec,debug an undead schedule has been deleted. 
12:15:46 ipsec,debug an undead schedule has been deleted. 
12:15:46 ipsec,debug compute IV for phase2 
12:15:46 ipsec,debug phase1 last IV: 
12:15:46 ipsec,debug a966138d b1edf0c4 41727691 d792241a dbcdcf1e 
12:15:46 ipsec,debug hash(sha2_256) 
12:15:46 ipsec,debug encryption(aes) 
12:15:46 ipsec,debug phase2 IV computed: 
12:15:46 ipsec,debug 0a0d64b5 4612aefc 9bf8a8ac ce3d09d4 
12:15:46 ipsec,debug HASH with: 
12:15:46 ipsec,debug dbcdcf1e 0000001c 00000001 01100001 81000b6a c852e0a1 8c430978 ea7d01fa 
12:15:46 ipsec,debug hmac(hmac_sha2_256) 
12:15:46 ipsec,debug HASH computed: 
12:15:46 ipsec,debug 7ec4fefb 234e9663 f896ca0e 47ea1256 c9634043 95393bce 66eea100 8564b487 
12:15:46 ipsec,debug begin encryption. 
12:15:46 ipsec,debug encryption(aes) 
12:15:46 ipsec,debug pad length = 16 
12:15:46 ipsec,debug 0c000024 7ec4fefb 234e9663 f896ca0e 47ea1256 c9634043 95393bce 66eea100 
12:15:46 ipsec,debug 8564b487 0000001c 00000001 01100001 81000b6a c852e0a1 8c430978 ea7d01fa 
12:15:46 ipsec,debug bdef2158 69ad6fe2 e12bf1a0 bd7b060f 
12:15:46 ipsec,debug encryption(aes) 
12:15:46 ipsec,debug with key: 
12:15:46 ipsec,debug ac8c4590 234ae6b5 9f5eb4b3 e9003954 f29c5cfb 36062109 433ef874 851b0b30 
12:15:46 ipsec,debug encrypted payload by IV: 
12:15:46 ipsec,debug 0a0d64b5 4612aefc 9bf8a8ac ce3d09d4 
12:15:46 ipsec,debug save IV for next: 
12:15:46 ipsec,debug 65bafb2f 3f06e4cb 2d5175dc a555a6b5 
12:15:46 ipsec,debug encrypted. 
12:15:46 ipsec,debug 108 bytes from 10.0.0.50[4500] to 52.57.130.45[4500] 
12:15:46 ipsec,debug 1 times of 112 bytes message will be sent to 52.57.130.45[4500] 
12:15:46 ipsec,debug,packet 81000b6a c852e0a1 8c430978 ea7d01fa 08100501 dbcdcf1e 0000006c 9ae67576 
12:15:46 ipsec,debug,packet 9d69320b 7cacd777 84c3107f d519a00c a02ea75d 9a15b0db 712c519e 3611e1c6 
12:15:46 ipsec,debug,packet c5fdaace 60a06ea2 7ef9aa6d b8af7694 e60bfb46 cab5f73d f44e19e4 65bafb2f 
12:15:46 ipsec,debug,packet 3f06e4cb 2d5175dc a555a6b5 
12:15:46 ipsec,debug sendto Information delete. 
12:15:46 ipsec,info ISAKMP-SA deleted 10.0.0.50[4500]-52.57.130.45[4500] spi:81000b6ac852e0a1:8c430978ea7d01fa rekey:1 
12:15:46 ipsec KA remove: 10.0.0.50[4500]->52.57.130.45[4500] 
12:15:46 ipsec,debug KA tree dump: 10.0.0.50[4500]->52.57.130.45[4500] (in_use=1) 
12:15:46 ipsec,debug KA removing this one... 
12:15:46 ipsec,debug an undead schedule has been deleted. 
12:15:46 system,info ipsec peer TFS_preProd_peer changed by admin 
12:15:47 ipsec,debug === 
12:15:47 ipsec,info initiate new phase 1 (Identity Protection): 10.0.0.50[500]<=>52.57.130.45[500] 
12:15:47 ipsec,debug new cookie: 
12:15:47 ipsec,debug 470140c332ac90ea 
12:15:47 ipsec,debug add payload of len 52, next type 13 
12:15:47 ipsec,debug add payload of len 16, next type 13 
12:15:47 ipsec,debug add payload of len 16, next type 13 
12:15:47 ipsec,debug add payload of len 16, next type 13 
12:15:47 ipsec,debug add payload of len 16, next type 13 
12:15:47 ipsec,debug add payload of len 16, next type 13 
12:15:47 ipsec,debug add payload of len 16, next type 13 
12:15:47 ipsec,debug add payload of len 16, next type 13 
12:15:47 ipsec,debug add payload of len 16, next type 13 
12:15:47 ipsec,debug add payload of len 16, next type 13 
12:15:47 ipsec,debug add payload of len 16, next type 13 
12:15:47 ipsec,debug add payload of len 16, next type 13 
12:15:47 ipsec,debug add payload of len 16, next type 13 
12:15:47 ipsec,debug add payload of len 16, next type 0 
12:15:47 ipsec,debug 344 bytes from 10.0.0.50[500] to 52.57.130.45[500] 
12:15:47 ipsec,debug 1 times of 344 bytes message will be sent to 52.57.130.45[500] 
12:15:47 ipsec,debug,packet 470140c3 32ac90ea 00000000 00000000 01100200 00000000 00000158 0d000038 
12:15:47 ipsec,debug,packet 00000001 00000001 0000002c 01010001 00000024 01010000 800b0001 800c05a0 
12:15:47 ipsec,debug,packet 80010007 800e0100 80030001 80020004 8004000e 0d000014 4a131c81 07035845 
12:15:47 ipsec,debug,packet 5c5728f2 0e95452f 0d000014 8f8d8382 6d246b6f c7a8a6a4 28c11de8 0d000014 
12:15:47 ipsec,debug,packet 439b59f8 ba676c4c 7737ae22 eab8f582 0d000014 4d1e0e13 6deafa34 c4f3ea9f 
12:15:47 ipsec,debug,packet 02ec7285 0d000014 80d0bb3d ef54565e e84645d4 c85ce3ee 0d000014 9909b64e 
12:15:47 ipsec,debug,packet ed937c65 73de52ac e952fa6b 0d000014 7d9419a6 5310ca6f 2c179d92 15529d56 
12:15:47 ipsec,debug,packet 0d000014 cd604643 35df21f8 7cfdb2fc 68b6a448 0d000014 90cb8091 3ebb696e 
12:15:47 ipsec,debug,packet 086381b5 ec427b1f 0d000014 16f6ca16 e4a4066d 83821a0f 0aeaa862 0d000014 
12:15:47 ipsec,debug,packet 4485152d 18b6bbcd 0be8a846 9579ddcc 0d000014 12f5f28c 457168a9 702d9fe2 
12:15:47 ipsec,debug,packet 74cc0100 00000014 afcad713 68a1f1c9 6b8696fc 77570100 
12:15:47 ipsec sent phase1 packet 10.0.0.50[500]<=>52.57.130.45[500] 470140c332ac90ea:0000000000000000 
12:15:47 ipsec,debug ===== received 164 bytes from 52.57.130.45[500] to 10.0.0.50[500] 
12:15:47 ipsec,debug,packet 470140c3 32ac90ea 29365d8e 8b057040 01100200 00000000 000000a4 0d000038 
12:15:47 ipsec,debug,packet 00000001 00000001 0000002c 01010001 00000024 01010000 800b0001 800c05a0 
12:15:47 ipsec,debug,packet 80010007 800e0100 80030001 80020004 8004000e 0d000014 12f5f28c 457168a9 
12:15:47 ipsec,debug,packet 702d9fe2 74cc0100 0d000014 4a131c81 07035845 5c5728f2 0e95452f 0d000014 
12:15:47 ipsec,debug,packet afcad713 68a1f1c9 6b8696fc 77570100 00000014 a9b9b103 4f7e50a2 513b47b1 
12:15:47 ipsec,debug,packet 00bb85a9 
12:15:47 ipsec,debug begin. 
12:15:47 ipsec,debug seen nptype=1(sa) len=56 
12:15:47 ipsec,debug seen nptype=13(vid) len=20 
12:15:47 ipsec,debug seen nptype=13(vid) len=20 
12:15:47 ipsec,debug seen nptype=13(vid) len=20 
12:15:47 ipsec,debug seen nptype=13(vid) len=20 
12:15:47 ipsec,debug succeed. 
12:15:47 ipsec received Vendor ID: CISCO-UNITY 
12:15:47 ipsec received Vendor ID: RFC 3947 
12:15:47 ipsec received Vendor ID: DPD 
12:15:47 ipsec,debug remote supports DPD 
12:15:47 ipsec,debug received unknown Vendor ID 
12:15:47 ipsec,debug a9b9b103 4f7e50a2 513b47b1 00bb85a9 
12:15:47 ipsec 52.57.130.45 Selected NAT-T version: RFC 3947 
12:15:47 ipsec,debug total SA len=52 
12:15:47 ipsec,debug 00000001 00000001 0000002c 01010001 00000024 01010000 800b0001 800c05a0 
12:15:47 ipsec,debug 80010007 800e0100 80030001 80020004 8004000e 
12:15:47 ipsec,debug begin. 
12:15:47 ipsec,debug seen nptype=2(prop) len=44 
12:15:47 ipsec,debug succeed. 
12:15:47 ipsec,debug proposal #1 len=44 
12:15:47 ipsec,debug begin. 
12:15:47 ipsec,debug seen nptype=3(trns) len=36 
12:15:47 ipsec,debug succeed. 
12:15:47 ipsec,debug transform #1 len=36 
12:15:47 ipsec,debug type=Life Type, flag=0x8000, lorv=seconds 
12:15:47 ipsec,debug type=Life Duration, flag=0x8000, lorv=1440 
12:15:47 ipsec,debug type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC 
12:15:47 ipsec,debug encryption(aes) 
12:15:47 ipsec,debug type=Key Length, flag=0x8000, lorv=256 
12:15:47 ipsec,debug type=Authentication Method, flag=0x8000, lorv=pre-shared key 
12:15:47 ipsec,debug type=Hash Algorithm, flag=0x8000, lorv=4 
12:15:47 ipsec,debug hash(sha2_256) 
12:15:47 ipsec,debug type=Group Description, flag=0x8000, lorv=2048-bit MODP group 
12:15:47 ipsec,debug dh(modp2048) 
12:15:47 ipsec,debug pair 1: 
12:15:47 ipsec,debug  0x4969e0: next=(nil) tnext=(nil) 
12:15:47 ipsec,debug proposal #1: 1 transform 
12:15:47 ipsec,debug -checking with pre-shared key auth- 
12:15:47 ipsec,debug prop#=1, prot-id=ISAKMP, spi-size=0, #trns=1 
12:15:47 ipsec,debug trns#=1, trns-id=IKE 
12:15:47 ipsec,debug type=Life Type, flag=0x8000, lorv=seconds 
12:15:47 ipsec,debug type=Life Duration, flag=0x8000, lorv=1440 
12:15:47 ipsec,debug type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC 
12:15:47 ipsec,debug type=Key Length, flag=0x8000, lorv=256 
12:15:47 ipsec,debug type=Authentication Method, flag=0x8000, lorv=pre-shared key 
12:15:47 ipsec,debug type=Hash Algorithm, flag=0x8000, lorv=4 
12:15:47 ipsec,debug type=Group Description, flag=0x8000, lorv=2048-bit MODP group 
12:15:47 ipsec,debug -compare proposal #1: Local:Peer 
12:15:47 ipsec,debug (lifetime = 1440:1440) 
12:15:47 ipsec,debug (lifebyte = 0:0) 
12:15:47 ipsec,debug enctype = AES-CBC:AES-CBC 
12:15:47 ipsec,debug (encklen = 256:256) 
12:15:47 ipsec,debug hashtype = 4:4 
12:15:47 ipsec,debug authmethod = pre-shared key:pre-shared key 
12:15:47 ipsec,debug dh_group = 2048-bit MODP group:2048-bit MODP group 
12:15:47 ipsec,debug -an acceptable proposal found- 
12:15:47 ipsec,debug dh(modp2048) 
12:15:47 ipsec,debug -agreed on pre-shared key auth- 
12:15:47 ipsec,debug === 
12:15:47 ipsec,debug dh(modp2048) 
12:15:48 ipsec,debug compute DH's private. 
12:15:48 ipsec,debug 5e98a0b0 2b933575 95a40cf2 03789cbe 85a51bef cb8d466d fcce98e6 b452eb54 
12:15:48 ipsec,debug 9ea835a3 665f891a 0156fea1 59227947 2c0b37e6 adfdf194 fb3db76c 54c4fb31 
12:15:48 ipsec,debug 13fead4c d96bb579 fbae33aa de067d20 fc699522 31195f1f 5e083f2b 89f895bd 
12:15:48 ipsec,debug 2cb39165 b7440541 5c11c14e ecb29f3e d07206bc 4183b771 2ffef5c3 7fabf9a2 
12:15:48 ipsec,debug 2f325cb7 408d61af 78607a31 b6b83248 4c4ce402 9b158d6c e09e1cd4 be65efd8 
12:15:48 ipsec,debug 24e8d9fe 1a2c414a 33cd8f30 030ea519 a7107ac2 ab09eece c0942376 8380e20e 
12:15:48 ipsec,debug 1f68dc58 799f3270 54212baf 94c876d8 cff9868c 8c9ab145 7e4c08c1 a6e8c722 
12:15:48 ipsec,debug 449f0641 c1150ed8 f913348b 39254600 7b107a72 2bfe7caa f89ab560 a6912459 
12:15:48 ipsec,debug compute DH's public. 
12:15:48 ipsec,debug 8fac0ab2 da9667b2 33de4c9a ace81436 f0ea4862 f9c76503 220fe0ec fe78b444 
12:15:48 ipsec,debug 32883514 48d31a46 e5baebb9 ac90d2fd 89e91f8f d8e9561a 8bedb0f8 85035a15 
12:15:48 ipsec,debug 80edc71e 47a5bbce c3311787 60ca07c1 cfa1b19e 1dd46150 321dff93 777ecb0a 
12:15:48 ipsec,debug d0e29329 c9c20c9b 0fe8feca b0794510 ed960eeb 9436f920 ca731d00 1517d50d 
12:15:48 ipsec,debug 672e714e 88ddce20 b07cd40c dc1d7156 83d0a30e cfed9dfe 9f05d5f5 a06a4f74 
12:15:48 ipsec,debug 0b68ef30 be12ee3c 185f5bd4 7b61a274 5f599f73 c0726c5b fd726c43 ad1fd4c0 
12:15:48 ipsec,debug 6bdd3a06 7b2d15e4 e5bc45b9 c41bfe40 764a23e0 1b38d785 f7531278 6245e4cf 
12:15:48 ipsec,debug 3f7a41ac 98933925 44b4bdd0 8bf3182d 052bfa9d 2bab0ba8 f1ca2a6d 49686af8 
12:15:48 ipsec 52.57.130.45 Hashing 52.57.130.45[500] with algo #4  
12:15:48 ipsec,debug hash(sha2_256) 
12:15:48 ipsec 10.0.0.50 Hashing 10.0.0.50[500] with algo #4  
12:15:48 ipsec,debug hash(sha2_256) 
12:15:48 ipsec Adding remote and local NAT-D payloads. 
12:15:48 ipsec,debug add payload of len 256, next type 10 
12:15:48 ipsec,debug add payload of len 24, next type 20 
12:15:48 ipsec,debug add payload of len 32, next type 20 
12:15:48 ipsec,debug add payload of len 32, next type 0 
12:15:48 ipsec,debug 388 bytes from 10.0.0.50[500] to 52.57.130.45[500] 
12:15:48 ipsec,debug 1 times of 388 bytes message will be sent to 52.57.130.45[500] 
12:15:48 ipsec,debug,packet 470140c3 32ac90ea 29365d8e 8b057040 04100200 00000000 00000184 0a000104 
12:15:48 ipsec,debug,packet 8fac0ab2 da9667b2 33de4c9a ace81436 f0ea4862 f9c76503 220fe0ec fe78b444 
12:15:48 ipsec,debug,packet 32883514 48d31a46 e5baebb9 ac90d2fd 89e91f8f d8e9561a 8bedb0f8 85035a15 
12:15:48 ipsec,debug,packet 80edc71e 47a5bbce c3311787 60ca07c1 cfa1b19e 1dd46150 321dff93 777ecb0a 
12:15:48 ipsec,debug,packet d0e29329 c9c20c9b 0fe8feca b0794510 ed960eeb 9436f920 ca731d00 1517d50d 
12:15:48 ipsec,debug,packet 672e714e 88ddce20 b07cd40c dc1d7156 83d0a30e cfed9dfe 9f05d5f5 a06a4f74 
12:15:48 ipsec,debug,packet 0b68ef30 be12ee3c 185f5bd4 7b61a274 5f599f73 c0726c5b fd726c43 ad1fd4c0 
12:15:48 ipsec,debug,packet 6bdd3a06 7b2d15e4 e5bc45b9 c41bfe40 764a23e0 1b38d785 f7531278 6245e4cf 
12:15:48 ipsec,debug,packet 3f7a41ac 98933925 44b4bdd0 8bf3182d 052bfa9d 2bab0ba8 f1ca2a6d 49686af8 
12:15:48 ipsec,debug,packet 1400001c d129cac4 2e5faa33 62c32ae2 4e16d0ce 4f98e66c a0815f09 14000024 
12:15:48 ipsec,debug,packet 447cb0c6 5cf28acf d63d4eec 4443a667 c2c4c474 ed6ec19c 92cf1cd7 bd0fb20f 
12:15:48 ipsec,debug,packet 00000024 6805275c d70d2a03 164334c7 12725141 cc6b1aad 934457b8 e269ced6 
12:15:48 ipsec,debug,packet 64ee61e7 
12:15:48 ipsec sent phase1 packet 10.0.0.50[500]<=>52.57.130.45[500] 470140c332ac90ea:29365d8e8b057040 
12:15:48 ipsec,debug ===== received 380 bytes from 52.57.130.45[500] to 10.0.0.50[500] 
12:15:48 ipsec,debug,packet 470140c3 32ac90ea 29365d8e 8b057040 04100200 00000000 0000017c 0a000104 
12:15:48 ipsec,debug,packet a7829b6d 020dfcf0 8b2cd659 3b5b6a6f 29094efe da57b5f2 e3030aac 97edc05d 
12:15:48 ipsec,debug,packet c8d4ba6a 0f036910 eb5e66ac 65accf30 8eb618a7 f0f38830 93b2647f 76b21b8b 
12:15:48 ipsec,debug,packet beb1cb22 3eb4b1e8 59e69848 843cc54b 3a600c21 e6fe5369 4a2bda72 3c80794b 
12:15:48 ipsec,debug,packet 1cfc0f14 f2c35e12 07aadbd4 1925cb30 df9994fd a83a0858 c8baedb4 80009e1f 
12:15:48 ipsec,debug,packet 8c8ad440 a76b86f5 f6b083cd 9f564963 dcac22de a18c822a 120c4859 3672a094 
12:15:48 ipsec,debug,packet 5268deb4 db5109e7 c86fa094 40a23cd5 bbf143bd b75fc83c 4b1328e4 ca56fb45 
12:15:48 ipsec,debug,packet 8a1d84e6 3e4350a8 a1f0af00 e8d2b645 22fc721a 9567cb82 a5538572 9d684e89 
12:15:48 ipsec,debug,packet e5725917 b79365d0 47092cd5 ec5a0a02 20616e36 766e04e8 ae60f9ab e3301e71 
12:15:48 ipsec,debug,packet 14000014 a4a3484a d54b6674 093e8264 636d2275 14000024 42628995 29463a83 
12:15:48 ipsec,debug,packet cc36337e 04419db4 e0fa7547 b31f2c24 cb77c603 b8862829 00000024 74e7707e 
12:15:48 ipsec,debug,packet 47bbaa38 aaf3e27c 84da5bc6 6fc63fca 714c47e3 80c47dc1 97eb35f0 
12:15:48 ipsec,debug begin. 
12:15:48 ipsec,debug seen nptype=4(ke) len=260 
12:15:48 ipsec,debug seen nptype=10(nonce) len=20 
12:15:48 ipsec,debug seen nptype=20(nat-d) len=36 
12:15:48 ipsec,debug seen nptype=20(nat-d) len=36 
12:15:48 ipsec,debug succeed. 
12:15:48 ipsec 10.0.0.50 Hashing 10.0.0.50[500] with algo #4  
12:15:48 ipsec,debug hash(sha2_256) 
12:15:48 ipsec NAT-D payload #0 doesn't match 
12:15:48 ipsec 52.57.130.45 Hashing 52.57.130.45[500] with algo #4  
12:15:48 ipsec,debug hash(sha2_256) 
12:15:48 ipsec NAT-D payload #1 doesn't match 
12:15:48 ipsec NAT detected: ME PEER 
12:15:48 ipsec KA list add: 10.0.0.50[4500]->52.57.130.45[4500] 
12:15:48 ipsec,debug === 
12:15:48 ipsec,debug dh(modp2048) 
12:15:49 ipsec,debug compute DH's shared. 
12:15:49 ipsec,debug 
12:15:49 ipsec,debug bed08650 e656dab7 efd5d4c0 602b96dd 2eb5bd68 ce005cd7 74b5aab2 e136fcf9 
12:15:49 ipsec,debug fba1aad5 a4f591d1 0d0e761f 43b24f04 113f83be cd6be196 f0f31fb5 a65c67fa 
12:15:49 ipsec,debug bcc855c8 6c19e995 cc8d645f 76e9db99 5a53113a d0e72538 20ca3701 b7775c8b 
12:15:49 ipsec,debug 1ade0c27 5895b68b 52eaf9fd 713fdb3d acc89a8e 3749c1fd eddd9d3a 268693cb 
12:15:49 ipsec,debug b6ece31b e0be7c8d a61d1bf5 ccc11f0b 42985e0e ee68b8ba 10bb8eb2 6e04099c 
12:15:49 ipsec,debug f3c3a9e1 f836a411 db7a988b bbce0cf9 fcd28ad5 d56656d4 a69f7f6d d2733e18 
12:15:49 ipsec,debug eb070355 3b42e25f 05bc5100 cf3bd65e 67791f8a 5dad3bb9 97ac5dd3 c63033b1 
12:15:49 ipsec,debug 64b96af0 ed9e5920 ea1a26e1 d8c40590 ad1e85fb a761d95b 16030999 b78cbe59 
12:15:49 ipsec,debug nonce 1:  
12:15:49 ipsec,debug d129cac4 2e5faa33 62c32ae2 4e16d0ce 4f98e66c a0815f09 
12:15:49 ipsec,debug nonce 2:  
12:15:49 ipsec,debug a4a3484a d54b6674 093e8264 636d2275 
12:15:49 ipsec,debug hmac(hmac_sha2_256) 
12:15:49 ipsec,debug SKEYID computed: 
12:15:49 ipsec,debug 741a6215 d2b268d3 7dc8966f 7805ab5b d0ec87a8 c6a767aa 1215a256 86324799 
12:15:49 ipsec,debug hmac(hmac_sha2_256) 
12:15:49 ipsec,debug SKEYID_d computed: 
12:15:49 ipsec,debug 7bace0fd 0185e3ef 5bed0d63 f3a6dda2 da684249 fc0fe4a8 856d3312 fa9917cd 
12:15:49 ipsec,debug hmac(hmac_sha2_256) 
12:15:49 ipsec,debug SKEYID_a computed: 
12:15:49 ipsec,debug 6b17be01 123bad03 0cf5e3f8 edb39844 96dd8971 3c471100 67c9e8b4 25b71ee1 
12:15:49 ipsec,debug hmac(hmac_sha2_256) 
12:15:49 ipsec,debug SKEYID_e computed: 
12:15:49 ipsec,debug d1de60f8 ee0b8049 97335713 6ca363a3 4ee10919 f8d860d9 1942a1c6 1c0363a7 
12:15:49 ipsec,debug encryption(aes) 
12:15:49 ipsec,debug hash(sha2_256) 
12:15:49 ipsec,debug final encryption key computed: 
12:15:49 ipsec,debug d1de60f8 ee0b8049 97335713 6ca363a3 4ee10919 f8d860d9 1942a1c6 1c0363a7 
12:15:49 ipsec,debug hash(sha2_256) 
12:15:49 ipsec,debug encryption(aes) 
12:15:49 ipsec,debug IV computed: 
12:15:49 ipsec,debug 6ddd2b6b acf1630d 9da040ee fb685a46 
12:15:49 ipsec,debug use ID type of IPv4_address 
12:15:49 ipsec,debug HASH with: 
12:15:49 ipsec,debug 8fac0ab2 da9667b2 33de4c9a ace81436 f0ea4862 f9c76503 220fe0ec fe78b444 
12:15:49 ipsec,debug 32883514 48d31a46 e5baebb9 ac90d2fd 89e91f8f d8e9561a 8bedb0f8 85035a15 
12:15:49 ipsec,debug 80edc71e 47a5bbce c3311787 60ca07c1 cfa1b19e 1dd46150 321dff93 777ecb0a 
12:15:49 ipsec,debug d0e29329 c9c20c9b 0fe8feca b0794510 ed960eeb 9436f920 ca731d00 1517d50d 
12:15:49 ipsec,debug 672e714e 88ddce20 b07cd40c dc1d7156 83d0a30e cfed9dfe 9f05d5f5 a06a4f74 
12:15:49 ipsec,debug 0b68ef30 be12ee3c 185f5bd4 7b61a274 5f599f73 c0726c5b fd726c43 ad1fd4c0 
12:15:49 ipsec,debug 6bdd3a06 7b2d15e4 e5bc45b9 c41bfe40 764a23e0 1b38d785 f7531278 6245e4cf 
12:15:49 ipsec,debug 3f7a41ac 98933925 44b4bdd0 8bf3182d 052bfa9d 2bab0ba8 f1ca2a6d 49686af8 
12:15:49 ipsec,debug a7829b6d 020dfcf0 8b2cd659 3b5b6a6f 29094efe da57b5f2 e3030aac 97edc05d 
12:15:49 ipsec,debug c8d4ba6a 0f036910 eb5e66ac 65accf30 8eb618a7 f0f38830 93b2647f 76b21b8b 
12:15:49 ipsec,debug beb1cb22 3eb4b1e8 59e69848 843cc54b 3a600c21 e6fe5369 4a2bda72 3c80794b 
12:15:49 ipsec,debug 1cfc0f14 f2c35e12 07aadbd4 1925cb30 df9994fd a83a0858 c8baedb4 80009e1f 
12:15:49 ipsec,debug 8c8ad440 a76b86f5 f6b083cd 9f564963 dcac22de a18c822a 120c4859 3672a094 
12:15:49 ipsec,debug 5268deb4 db5109e7 c86fa094 40a23cd5 bbf143bd b75fc83c 4b1328e4 ca56fb45 
12:15:49 ipsec,debug 8a1d84e6 3e4350a8 a1f0af00 e8d2b645 22fc721a 9567cb82 a5538572 9d684e89 
12:15:49 ipsec,debug e5725917 b79365d0 47092cd5 ec5a0a02 20616e36 766e04e8 ae60f9ab e3301e71 
12:15:49 ipsec,debug 470140c3 32ac90ea 29365d8e 8b057040 00000001 00000001 0000002c 01010001 
12:15:49 ipsec,debug 00000024 01010000 800b0001 800c05a0 80010007 800e0100 80030001 80020004 
12:15:49 ipsec,debug 8004000e 011101f4 0a000032 
12:15:49 ipsec,debug hmac(hmac_sha2_256) 
12:15:49 ipsec,debug HASH computed: 
12:15:49 ipsec,debug f3c01846 e3ccf279 7b7e673f 6713799d 789eb042 9b138b17 62fa23ef ca2cf7e5 
12:15:49 ipsec,debug add payload of len 8, next type 8 
12:15:49 ipsec,debug add payload of len 32, next type 0 
12:15:49 ipsec,debug begin encryption. 
12:15:49 ipsec,debug encryption(aes) 
12:15:49 ipsec,debug pad length = 16 
12:15:49 ipsec,debug 0800000c 011101f4 0a000032 00000024 f3c01846 e3ccf279 7b7e673f 6713799d 
12:15:49 ipsec,debug 789eb042 9b138b17 62fa23ef ca2cf7e5 cd7209cb b9b9d0d7 56db8bd2 eba8540f 
12:15:49 ipsec,debug encryption(aes) 
12:15:49 ipsec,debug with key: 
12:15:49 ipsec,debug d1de60f8 ee0b8049 97335713 6ca363a3 4ee10919 f8d860d9 1942a1c6 1c0363a7 
12:15:49 ipsec,debug encrypted payload by IV: 
12:15:49 ipsec,debug 6ddd2b6b acf1630d 9da040ee fb685a46 
12:15:49 ipsec,debug save IV for next: 
12:15:49 ipsec,debug 55deba37 567c8a53 f02ce410 9700b2c4 
12:15:49 ipsec,debug encrypted. 
12:15:49 ipsec,debug 92 bytes from 10.0.0.50[4500] to 52.57.130.45[4500] 
12:15:49 ipsec,debug 1 times of 96 bytes message will be sent to 52.57.130.45[4500] 
12:15:49 ipsec,debug,packet 470140c3 32ac90ea 29365d8e 8b057040 05100201 00000000 0000005c ab401910 
12:15:49 ipsec,debug,packet 5e6b6509 b0f7235b 9c2f7ca5 918aa24e 6eead2df 5e2354e6 91779ea1 a0724a06 
12:15:49 ipsec,debug,packet 211fa01a cb316aca 9db96310 55deba37 567c8a53 f02ce410 9700b2c4 
12:15:49 ipsec sent phase1 packet 10.0.0.50[4500]<=>52.57.130.45[4500] 470140c332ac90ea:29365d8e8b057040 
12:15:49 ipsec,debug ===== received 380 bytes from 52.57.130.45[500] to 10.0.0.50[500] 
12:15:49 ipsec,debug,packet 470140c3 32ac90ea 29365d8e 8b057040 04100200 00000000 0000017c 0a000104 
12:15:49 ipsec,debug,packet a7829b6d 020dfcf0 8b2cd659 3b5b6a6f 29094efe da57b5f2 e3030aac 97edc05d 
12:15:49 ipsec,debug,packet c8d4ba6a 0f036910 eb5e66ac 65accf30 8eb618a7 f0f38830 93b2647f 76b21b8b 
12:15:49 ipsec,debug,packet beb1cb22 3eb4b1e8 59e69848 843cc54b 3a600c21 e6fe5369 4a2bda72 3c80794b 
12:15:49 ipsec,debug,packet 1cfc0f14 f2c35e12 07aadbd4 1925cb30 df9994fd a83a0858 c8baedb4 80009e1f 
12:15:49 ipsec,debug,packet 8c8ad440 a76b86f5 f6b083cd 9f564963 dcac22de a18c822a 120c4859 3672a094 
12:15:49 ipsec,debug,packet 5268deb4 db5109e7 c86fa094 40a23cd5 bbf143bd b75fc83c 4b1328e4 ca56fb45 
12:15:49 ipsec,debug,packet 8a1d84e6 3e4350a8 a1f0af00 e8d2b645 22fc721a 9567cb82 a5538572 9d684e89 
12:15:49 ipsec,debug,packet e5725917 b79365d0 47092cd5 ec5a0a02 20616e36 766e04e8 ae60f9ab e3301e71 
12:15:49 ipsec,debug,packet 14000014 a4a3484a d54b6674 093e8264 636d2275 14000024 42628995 29463a83 
12:15:49 ipsec,debug,packet cc36337e 04419db4 e0fa7547 b31f2c24 cb77c603 b8862829 00000024 74e7707e 
12:15:49 ipsec,debug,packet 47bbaa38 aaf3e27c 84da5bc6 6fc63fca 714c47e3 80c47dc1 97eb35f0 
12:15:49 ipsec,info the packet is retransmitted by 52.57.130.45[500]. 
12:15:49 ipsec,debug ===== received 92 bytes from 52.57.130.45[4500] to 10.0.0.50[4500] 
12:15:49 ipsec,debug,packet 470140c3 32ac90ea 29365d8e 8b057040 05100201 00000000 0000005c 16edf015 
12:15:49 ipsec,debug,packet f66ce4a2 3aec988b b2ac30f8 8eeaa00c f4a4afc0 fe53aad0 479914a0 a872b4e0 
12:15:49 ipsec,debug,packet 2a21fa34 6abbd686 379c0a87 a00ed669 0f917053 e1c821d7 e5a37241 
12:15:49 ipsec,debug encryption(aes) 
12:15:49 ipsec,debug IV was saved for next processing: 
12:15:49 ipsec,debug a00ed669 0f917053 e1c821d7 e5a37241 
12:15:49 ipsec,debug encryption(aes) 
12:15:49 ipsec,debug with key: 
12:15:49 ipsec,debug d1de60f8 ee0b8049 97335713 6ca363a3 4ee10919 f8d860d9 1942a1c6 1c0363a7 
12:15:49 ipsec,debug decrypted payload by IV: 
12:15:49 ipsec,debug 55deba37 567c8a53 f02ce410 9700b2c4 
12:15:49 ipsec,debug decrypted payload, but not trimed. 
12:15:49 ipsec,debug 0800000c 01000000 3439822d 00000024 c6b53591 d03d1a4c b36240f6 412f548e 
12:15:49 ipsec,debug 9f766087 db3154b8 c2f924b3 5a46c8b5 3c142afc 2d696796 bd33a32c 4d8d4910 
12:15:49 ipsec,debug padding len=17 
12:15:49 ipsec,debug skip to trim padding. 
12:15:49 ipsec,debug decrypted. 
12:15:49 ipsec,debug 470140c3 32ac90ea 29365d8e 8b057040 05100201 00000000 0000005c 0800000c 
12:15:49 ipsec,debug 01000000 3439822d 00000024 c6b53591 d03d1a4c b36240f6 412f548e 9f766087 
12:15:49 ipsec,debug db3154b8 c2f924b3 5a46c8b5 3c142afc 2d696796 bd33a32c 4d8d4910 
12:15:49 ipsec,debug begin. 
12:15:49 ipsec,debug seen nptype=5(id) len=12 
12:15:49 ipsec,debug seen nptype=8(hash) len=36 
12:15:49 ipsec,debug succeed. 
12:15:49 ipsec,debug HASH received: 
12:15:49 ipsec,debug c6b53591 d03d1a4c b36240f6 412f548e 9f766087 db3154b8 c2f924b3 5a46c8b5 
12:15:49 ipsec,debug HASH with: 
12:15:49 ipsec,debug a7829b6d 020dfcf0 8b2cd659 3b5b6a6f 29094efe da57b5f2 e3030aac 97edc05d 
12:15:49 ipsec,debug c8d4ba6a 0f036910 eb5e66ac 65accf30 8eb618a7 f0f38830 93b2647f 76b21b8b 
12:15:49 ipsec,debug beb1cb22 3eb4b1e8 59e69848 843cc54b 3a600c21 e6fe5369 4a2bda72 3c80794b 
12:15:49 ipsec,debug 1cfc0f14 f2c35e12 07aadbd4 1925cb30 df9994fd a83a0858 c8baedb4 80009e1f 
12:15:49 ipsec,debug 8c8ad440 a76b86f5 f6b083cd 9f564963 dcac22de a18c822a 120c4859 3672a094 
12:15:49 ipsec,debug 5268deb4 db5109e7 c86fa094 40a23cd5 bbf143bd b75fc83c 4b1328e4 ca56fb45 
12:15:49 ipsec,debug 8a1d84e6 3e4350a8 a1f0af00 e8d2b645 22fc721a 9567cb82 a5538572 9d684e89 
12:15:49 ipsec,debug e5725917 b79365d0 47092cd5 ec5a0a02 20616e36 766e04e8 ae60f9ab e3301e71 
12:15:49 ipsec,debug 8fac0ab2 da9667b2 33de4c9a ace81436 f0ea4862 f9c76503 220fe0ec fe78b444 
12:15:49 ipsec,debug 32883514 48d31a46 e5baebb9 ac90d2fd 89e91f8f d8e9561a 8bedb0f8 85035a15 
12:15:49 ipsec,debug 80edc71e 47a5bbce c3311787 60ca07c1 cfa1b19e 1dd46150 321dff93 777ecb0a 
12:15:49 ipsec,debug d0e29329 c9c20c9b 0fe8feca b0794510 ed960eeb 9436f920 ca731d00 1517d50d 
12:15:49 ipsec,debug 672e714e 88ddce20 b07cd40c dc1d7156 83d0a30e cfed9dfe 9f05d5f5 a06a4f74 
12:15:49 ipsec,debug 0b68ef30 be12ee3c 185f5bd4 7b61a274 5f599f73 c0726c5b fd726c43 ad1fd4c0 
12:15:49 ipsec,debug 6bdd3a06 7b2d15e4 e5bc45b9 c41bfe40 764a23e0 1b38d785 f7531278 6245e4cf 
12:15:49 ipsec,debug 3f7a41ac 98933925 44b4bdd0 8bf3182d 052bfa9d 2bab0ba8 f1ca2a6d 49686af8 
12:15:49 ipsec,debug 29365d8e 8b057040 470140c3 32ac90ea 00000001 00000001 0000002c 01010001 
12:15:49 ipsec,debug 00000024 01010000 800b0001 800c05a0 80010007 800e0100 80030001 80020004 
12:15:49 ipsec,debug 8004000e 01000000 3439822d 
12:15:49 ipsec,debug hmac(hmac_sha2_256) 
12:15:49 ipsec,debug HASH computed: 
12:15:49 ipsec,debug c6b53591 d03d1a4c b36240f6 412f548e 9f766087 db3154b8 c2f924b3 5a46c8b5 
12:15:49 ipsec,debug HASH for PSK validated. 
12:15:49 ipsec,debug 52.57.130.45 peer's ID: 
12:15:49 ipsec,debug 01000000 3439822d 
12:15:49 ipsec,debug === 
12:15:49 ipsec ph2 possible after ph1 creation 
12:15:49 ipsec,debug  (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=Tunnel reqid=0:0) 
12:15:49 ipsec,debug   (trns_id=3DES encklen=0 authtype=hmac-sha1) 
12:15:49 ipsec,debug begin QUICK mode. 
12:15:49 ipsec,debug === 
12:15:49 ipsec,debug begin QUICK mode. 
12:15:49 ipsec initiate new phase 2 negotiation: 10.0.0.50[4500]<=>52.57.130.45[4500] 
12:15:49 ipsec,debug compute IV for phase2 
12:15:49 ipsec,debug phase1 last IV: 
12:15:49 ipsec,debug a00ed669 0f917053 e1c821d7 e5a37241 b7b552aa 
12:15:49 ipsec,debug hash(sha2_256) 
12:15:49 ipsec,debug encryption(aes) 
12:15:49 ipsec,debug phase2 IV computed: 
12:15:49 ipsec,debug 5638a50f 15dbb299 68fc7a66 978c2a2b 
12:15:49 ipsec,debug call pfkey_send_getspi 102 
12:15:49 ipsec,debug pfkey GETSPI sent: ESP/Tunnel 52.57.130.45[4500]->10.0.0.50[4500]  
12:15:49 ipsec,debug pfkey getspi sent. 
12:15:49 ipsec,info ISAKMP-SA established 10.0.0.50[4500]-52.57.130.45[4500] spi:470140c332ac90ea:29365d8e8b057040 
12:15:49 ipsec,debug === 
12:15:49 ipsec NAT detected -> UDP encapsulation (ENC_MODE 1->3). 
12:15:49 ipsec,debug use local ID type IPv4_address 
12:15:49 ipsec,debug use remote ID type IPv4_address 
12:15:49 ipsec,debug IDci: 
12:15:49 ipsec,debug 01000000 0a000032 
12:15:49 ipsec,debug IDcr: 
12:15:49 ipsec,debug 01000000 0a7b711d 
12:15:49 ipsec,debug add payload of len 44, next type 10 
12:15:49 ipsec,debug add payload of len 24, next type 5 
12:15:49 ipsec,debug add payload of len 8, next type 5 
12:15:49 ipsec,debug add payload of len 8, next type 0 
12:15:49 ipsec,debug HASH with: 
12:15:49 ipsec,debug b7b552aa 0a000030 00000001 00000001 00000024 01030401 0d471290 00000018 
12:15:49 ipsec,debug 01030000 80010001 800205a0 80040003 80050002 0500001c b0d15081 2b534411 
12:15:49 ipsec,debug 4fa71221 6c34a5a9 4d18172a 520a0872 0500000c 01000000 0a000032 0000000c 
12:15:49 ipsec,debug 01000000 0a7b711d 
12:15:49 ipsec,debug hmac(hmac_sha2_256) 
12:15:49 ipsec,debug HASH computed: 
12:15:49 ipsec,debug 12828cf5 87e48a55 7cbe6df3 985c2fc1 4180a42d 212aa0c0 1ce95f32 81f43bad 
12:15:49 ipsec,debug add payload of len 32, next type 1 
12:15:49 ipsec,debug begin encryption. 
12:15:49 ipsec,debug encryption(aes) 
12:15:49 ipsec,debug pad length = 8 
12:15:49 ipsec,debug 01000024 12828cf5 87e48a55 7cbe6df3 985c2fc1 4180a42d 212aa0c0 1ce95f32 
12:15:49 ipsec,debug 81f43bad 0a000030 00000001 00000001 00000024 01030401 0d471290 00000018 
12:15:49 ipsec,debug 01030000 80010001 800205a0 80040003 80050002 0500001c b0d15081 2b534411 
12:15:49 ipsec,debug 4fa71221 6c34a5a9 4d18172a 520a0872 0500000c 01000000 0a000032 0000000c 
12:15:49 ipsec,debug 01000000 0a7b711d 675d19c9 d11a9107 
12:15:49 ipsec,debug encryption(aes) 
12:15:49 ipsec,debug with key: 
12:15:49 ipsec,debug d1de60f8 ee0b8049 97335713 6ca363a3 4ee10919 f8d860d9 1942a1c6 1c0363a7 
12:15:49 ipsec,debug encrypted payload by IV: 
12:15:49 ipsec,debug 5638a50f 15dbb299 68fc7a66 978c2a2b 
12:15:49 ipsec,debug save IV for next: 
12:15:49 ipsec,debug 9dd64853 0ec65460 bf5fd93e c9865b91 
12:15:49 ipsec,debug encrypted. 
12:15:49 ipsec,debug 172 bytes from 10.0.0.50[4500] to 52.57.130.45[4500] 
12:15:49 ipsec,debug 1 times of 176 bytes message will be sent to 52.57.130.45[4500] 
12:15:49 ipsec,debug,packet 470140c3 32ac90ea 29365d8e 8b057040 08102001 b7b552aa 000000ac a26a2793 
12:15:49 ipsec,debug,packet 2a68d149 d31efd27 31f2b41d 39649e80 082d0924 6c4a5487 11ca7eaf b867424d 
12:15:49 ipsec,debug,packet e85a4b00 18671a5b 2e6f6f66 9a3d8265 730f0255 b84d872d b1ec1e09 ee82f755 
12:15:49 ipsec,debug,packet e9f270d0 e66e3b16 93f7e94d e294c8c0 100f91c2 1eb78843 a9c260ed d12370c4 
12:15:49 ipsec,debug,packet 99972c85 26185e21 2dc8755e 03d67478 b90b0bac 6a77e5a8 abcf3994 9dd64853 
12:15:49 ipsec,debug,packet 0ec65460 bf5fd93e c9865b91 
12:15:49 ipsec sent phase2 packet 10.0.0.50[4500]<=>52.57.130.45[4500] 470140c332ac90ea:29365d8e8b057040:b7b552aa 
12:15:59 ipsec,debug 172 bytes from 10.0.0.50[4500] to 52.57.130.45[4500] 
12:15:59 ipsec,debug 1 times of 176 bytes message will be sent to 52.57.130.45[4500] 
12:15:59 ipsec,debug,packet 470140c3 32ac90ea 29365d8e 8b057040 08102001 b7b552aa 000000ac a26a2793 
12:15:59 ipsec,debug,packet 2a68d149 d31efd27 31f2b41d 39649e80 082d0924 6c4a5487 11ca7eaf b867424d 
12:15:59 ipsec,debug,packet e85a4b00 18671a5b 2e6f6f66 9a3d8265 730f0255 b84d872d b1ec1e09 ee82f755 
12:15:59 ipsec,debug,packet e9f270d0 e66e3b16 93f7e94d e294c8c0 100f91c2 1eb78843 a9c260ed d12370c4 
12:15:59 ipsec,debug,packet 99972c85 26185e21 2dc8755e 03d67478 b90b0bac 6a77e5a8 abcf3994 9dd64853 
12:15:59 ipsec,debug,packet 0ec65460 bf5fd93e c9865b91 
12:15:59 ipsec resent phase2 packet 10.0.0.50[4500]<=>52.57.130.45[4500] 470140c332ac90ea:29365d8e8b057040:b7b552aa 
12:16:00 ipsec IPsec-SA expired: ESP/Tunnel 52.57.130.45[500]->10.0.0.50[500] spi=0xdd99441 
12:16:01 ipsec,debug KA: 10.0.0.50[4500]->52.57.130.45[4500] 
12:16:01 ipsec,debug 1 times of 1 bytes message will be sent to 52.57.130.45[4500] 
12:16:01 ipsec,debug,packet ff 
12:16:09 ipsec,debug 172 bytes from 10.0.0.50[4500] to 52.57.130.45[4500] 
12:16:09 ipsec,debug 1 times of 176 bytes message will be sent to 52.57.130.45[4500] 
12:16:09 ipsec,debug,packet 470140c3 32ac90ea 29365d8e 8b057040 08102001 b7b552aa 000000ac a26a2793 
12:16:09 ipsec,debug,packet 2a68d149 d31efd27 31f2b41d 39649e80 082d0924 6c4a5487 11ca7eaf b867424d 
12:16:09 ipsec,debug,packet e85a4b00 18671a5b 2e6f6f66 9a3d8265 730f0255 b84d872d b1ec1e09 ee82f755 
12:16:09 ipsec,debug,packet e9f270d0 e66e3b16 93f7e94d e294c8c0 100f91c2 1eb78843 a9c260ed d12370c4 
12:16:09 ipsec,debug,packet 99972c85 26185e21 2dc8755e 03d67478 b90b0bac 6a77e5a8 abcf3994 9dd64853 
12:16:09 ipsec,debug,packet 0ec65460 bf5fd93e c9865b91 
12:16:09 ipsec resent phase2 packet 10.0.0.50[4500]<=>52.57.130.45[4500] 470140c332ac90ea:29365d8e8b057040:b7b552aa 
12:16:19 ipsec 52.57.130.45 give up to get IPsec-SA due to time up to wait. 
12:16:19 ipsec,debug an undead schedule has been deleted. 
12:16:19 ipsec IPsec-SA expired: ESP/Tunnel 52.57.130.45[500]->10.0.0.50[500] spi=0xd471290 
12:16:21 ipsec,debug KA: 10.0.0.50[4500]->52.57.130.45[4500] 
12:16:21 ipsec,debug 1 times of 1 bytes message will be sent to 52.57.130.45[4500] 
12:16:21 ipsec,debug,packet ff

Good. So now we can see:

12:15:47 ipsec 52.xx.xx.xx Selected NAT-T version: RFC 3947
…
12:15:48 ipsec 10.0.0.50 Hashing 10.0.0.50[500] with algo #4
12:15:48 ipsec,debug hash(sha2_256)
12:15:48 ipsec NAT-D payload #0 doesn’t match
12:15:48 ipsec 52.xx.xx.xx Hashing 52.xx.xx.xx[500] with algo #4
12:15:48 ipsec,debug hash(sha2_256)
12:15:48 ipsec NAT-D payload #1 doesn’t match
12:15:48 ipsec NAT detected: ME PEER
12:15:48 ipsec KA list add: 10.0.0.50[4500]->52.xx.xx.xx[4500]
…
12:15:49 ipsec ph2 possible after ph1 creation
12:15:49 ipsec,debug (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=Tunnel reqid=0:0)
12:15:49 ipsec,debug (trns_id=3DES encklen=0 authtype=hmac-sha1)
12:15:49 ipsec,debug begin QUICK mode.
…
12:15:49 ipsec NAT detected → UDP encapsulation (ENC_MODE 1->3).
12:15:49 ipsec,debug use local ID type IPv4_address
12:15:49 ipsec,debug use remote ID type IPv4_address
12:15:49 ipsec,debug IDci:
12:15:49 ipsec,debug 01000000 0a000032
12:15:49 ipsec,debug IDcr:
12:15:49 ipsec,debug 01000000 0a7b711d

The line just above shows that the remote guy actually does have NAT at his end as well!


12:15:49 ipsec sent phase2 packet 10.0.0.50[4500]<=>52.xx.xx.xx[4500] 470140c332ac90ea:29365d8e8b057040:b7b552aa
…
12:15:59 ipsec resent phase2 packet 10.0.0.50[4500]<=>52.xx.xx.xx[4500] 470140c332ac90ea:29365d8e8b057040:b7b552aa
…
12:16:00 ipsec IPsec-SA expired: ESP/Tunnel 52.57.130.45[500]->10.0.0.50[500] spi=0xdd99441

And here the story ends.

I’m no IPsec expert so the following is a speculation: I haven’t noticed a reference to QUICK mode at phase 2 ever before, and the exchange-mode in the peer is main, so it is not related. Hence I conclude that there is exactly one option per each of (enc-algorithm, auth-algorithm, dh-group), the negotiation phase is skipped.

Therefore I suggest to add one more enc-algorithm to your proposal and try again, to see whether the log won’t show some mismatch between the peer’s configurations (or the peer may be not support this kind of “null negotiation”).

I cant see any changes when i add aditional enc-algorithm to Proposal.
I have no idea how to continue..

So the QUICK mode appears there again? May I see the log from “ipsec ph2 possible after ph1 creation” onwards?

P.

Yes, in log there is still QUICK mode. But dont know how to turn it of. Or if it should be tourned of

Log is here:

# jul/24/2019 15:55:51 by RouterOS 6.44.3
# software id = PNK7-8NB6
#
15:55:53 ipsec,debug Removing PH1... 
15:55:53 ipsec,debug compute IV for phase2 
15:55:53 ipsec,debug phase1 last IV: 
15:55:53 ipsec,debug 35279bc2 a875d52e 1728f98f 3b6fa788 e1e6f5c2 
15:55:53 ipsec,debug hash(sha2_256) 
15:55:53 ipsec,debug encryption(aes) 
15:55:53 ipsec,debug phase2 IV computed: 
15:55:53 ipsec,debug 5eb8f586 a1f30092 7d7ba1d0 d3df3efb 
15:55:53 ipsec,debug HASH with: 
15:55:53 ipsec,debug e1e6f5c2 0000001c 00000001 01100001 c5d4f25a f2966ac8 e17aeb21 c0b7e7f1 
15:55:53 ipsec,debug hmac(hmac_sha2_256) 
15:55:53 ipsec,debug HASH computed: 
15:55:53 ipsec,debug 0dcf6adb 8b59bbaf 50b40562 25bedc0d aeec7d5e 5225007a 448d1969 648b899e 
15:55:53 ipsec,debug begin encryption. 
15:55:53 ipsec,debug encryption(aes) 
15:55:53 ipsec,debug pad length = 16 
15:55:53 ipsec,debug 0c000024 0dcf6adb 8b59bbaf 50b40562 25bedc0d aeec7d5e 5225007a 448d1969 
15:55:53 ipsec,debug 648b899e 0000001c 00000001 01100001 c5d4f25a f2966ac8 e17aeb21 c0b7e7f1 
15:55:53 ipsec,debug 258c1bf9 4aae00f8 8d84b1b9 f58a230f 
15:55:53 ipsec,debug encryption(aes) 
15:55:53 ipsec,debug with key: 
15:55:53 ipsec,debug 7be071fd dd7c5eec a534ca25 e7743d52 04180245 20568311 6656ad38 7c40d138 
15:55:53 ipsec,debug encrypted payload by IV: 
15:55:53 ipsec,debug 5eb8f586 a1f30092 7d7ba1d0 d3df3efb 
15:55:53 ipsec,debug save IV for next: 
15:55:53 ipsec,debug adb9eee5 269fb4cc ea7d68ca b7011c94 
15:55:53 ipsec,debug encrypted. 
15:55:53 ipsec,debug 108 bytes from 10.0.0.50[4500] to 52.57.130.45[4500] 
15:55:53 ipsec,debug 1 times of 112 bytes message will be sent to 52.57.130.45[4500] 
15:55:53 ipsec,debug,packet c5d4f25a f2966ac8 e17aeb21 c0b7e7f1 08100501 e1e6f5c2 0000006c 926bb827 
15:55:53 ipsec,debug,packet 971e9626 d4d875f5 581c6877 9c750779 fb6a780e 5b09e317 e7e19ca8 092dbbae 
15:55:53 ipsec,debug,packet e346b0d7 9e6965ae 0c39814d aae65829 46a5e9b4 1cc09a9f 4046c1f4 adb9eee5 
15:55:53 ipsec,debug,packet 269fb4cc ea7d68ca b7011c94 
15:55:53 ipsec,debug sendto Information delete. 
15:55:53 ipsec,info ISAKMP-SA deleted 10.0.0.50[4500]-52.57.130.45[4500] spi:c5d4f25af2966ac8:e17aeb21c0b7e7f1 rekey:1 
15:55:53 ipsec KA remove: 10.0.0.50[4500]->52.57.130.45[4500] 
15:55:53 ipsec,debug KA tree dump: 10.0.0.50[4500]->52.57.130.45[4500] (in_use=1) 
15:55:53 ipsec,debug KA removing this one... 
15:55:53 ipsec,debug an undead schedule has been deleted. 
15:55:53 system,info ipsec peer TFS_preProd_peer changed by admin 
15:55:53 ipsec,debug === 
15:55:53 ipsec,info initiate new phase 1 (Identity Protection): 10.0.0.50[500]<=>52.57.130.45[500] 
15:55:53 ipsec,debug new cookie: 
15:55:53 ipsec,debug 7ece5bb29c38803a 
15:55:53 ipsec,debug add payload of len 52, next type 13 
15:55:53 ipsec,debug add payload of len 16, next type 13 
15:55:53 ipsec,debug add payload of len 16, next type 13 
15:55:53 ipsec,debug add payload of len 16, next type 13 
15:55:53 ipsec,debug add payload of len 16, next type 13 
15:55:53 ipsec,debug add payload of len 16, next type 13 
15:55:53 ipsec,debug add payload of len 16, next type 13 
15:55:53 ipsec,debug add payload of len 16, next type 13 
15:55:53 ipsec,debug add payload of len 16, next type 13 
15:55:53 ipsec,debug add payload of len 16, next type 13 
15:55:53 ipsec,debug add payload of len 16, next type 13 
15:55:53 ipsec,debug add payload of len 16, next type 13 
15:55:53 ipsec,debug add payload of len 16, next type 13 
15:55:53 ipsec,debug add payload of len 16, next type 0 
15:55:53 ipsec,debug 344 bytes from 10.0.0.50[500] to 52.57.130.45[500] 
15:55:53 ipsec,debug 1 times of 344 bytes message will be sent to 52.57.130.45[500] 
15:55:53 ipsec,debug,packet 7ece5bb2 9c38803a 00000000 00000000 01100200 00000000 00000158 0d000038 
15:55:53 ipsec,debug,packet 00000001 00000001 0000002c 01010001 00000024 01010000 800b0001 800c05a0 
15:55:53 ipsec,debug,packet 80010007 800e0100 80030001 80020004 8004000e 0d000014 4a131c81 07035845 
15:55:53 ipsec,debug,packet 5c5728f2 0e95452f 0d000014 8f8d8382 6d246b6f c7a8a6a4 28c11de8 0d000014 
15:55:53 ipsec,debug,packet 439b59f8 ba676c4c 7737ae22 eab8f582 0d000014 4d1e0e13 6deafa34 c4f3ea9f 
15:55:53 ipsec,debug,packet 02ec7285 0d000014 80d0bb3d ef54565e e84645d4 c85ce3ee 0d000014 9909b64e 
15:55:53 ipsec,debug,packet ed937c65 73de52ac e952fa6b 0d000014 7d9419a6 5310ca6f 2c179d92 15529d56 
15:55:53 ipsec,debug,packet 0d000014 cd604643 35df21f8 7cfdb2fc 68b6a448 0d000014 90cb8091 3ebb696e 
15:55:53 ipsec,debug,packet 086381b5 ec427b1f 0d000014 16f6ca16 e4a4066d 83821a0f 0aeaa862 0d000014 
15:55:53 ipsec,debug,packet 4485152d 18b6bbcd 0be8a846 9579ddcc 0d000014 12f5f28c 457168a9 702d9fe2 
15:55:53 ipsec,debug,packet 74cc0100 00000014 afcad713 68a1f1c9 6b8696fc 77570100 
15:55:53 ipsec sent phase1 packet 10.0.0.50[500]<=>52.57.130.45[500] 7ece5bb29c38803a:0000000000000000 
15:55:53 ipsec,debug ===== received 164 bytes from 52.57.130.45[500] to 10.0.0.50[500] 
15:55:53 ipsec,debug,packet 7ece5bb2 9c38803a 12f7db90 afd4ee30 01100200 00000000 000000a4 0d000038 
15:55:53 ipsec,debug,packet 00000001 00000001 0000002c 01010001 00000024 01010000 800b0001 800c05a0 
15:55:53 ipsec,debug,packet 80010007 800e0100 80030001 80020004 8004000e 0d000014 12f5f28c 457168a9 
15:55:53 ipsec,debug,packet 702d9fe2 74cc0100 0d000014 4a131c81 07035845 5c5728f2 0e95452f 0d000014 
15:55:53 ipsec,debug,packet afcad713 68a1f1c9 6b8696fc 77570100 00000014 a9b9b103 4f7e50a2 513b47b1 
15:55:53 ipsec,debug,packet 00bb85a9 
15:55:53 ipsec,debug begin. 
15:55:53 ipsec,debug seen nptype=1(sa) len=56 
15:55:53 ipsec,debug seen nptype=13(vid) len=20 
15:55:53 ipsec,debug seen nptype=13(vid) len=20 
15:55:53 ipsec,debug seen nptype=13(vid) len=20 
15:55:53 ipsec,debug seen nptype=13(vid) len=20 
15:55:53 ipsec,debug succeed. 
15:55:53 ipsec received Vendor ID: CISCO-UNITY 
15:55:53 ipsec received Vendor ID: RFC 3947 
15:55:53 ipsec received Vendor ID: DPD 
15:55:53 ipsec,debug remote supports DPD 
15:55:53 ipsec,debug received unknown Vendor ID 
15:55:53 ipsec,debug a9b9b103 4f7e50a2 513b47b1 00bb85a9 
15:55:53 ipsec 52.57.130.45 Selected NAT-T version: RFC 3947 
15:55:53 ipsec,debug total SA len=52 
15:55:53 ipsec,debug 00000001 00000001 0000002c 01010001 00000024 01010000 800b0001 800c05a0 
15:55:53 ipsec,debug 80010007 800e0100 80030001 80020004 8004000e 
15:55:53 ipsec,debug begin. 
15:55:53 ipsec,debug seen nptype=2(prop) len=44 
15:55:53 ipsec,debug succeed. 
15:55:53 ipsec,debug proposal #1 len=44 
15:55:53 ipsec,debug begin. 
15:55:53 ipsec,debug seen nptype=3(trns) len=36 
15:55:53 ipsec,debug succeed. 
15:55:53 ipsec,debug transform #1 len=36 
15:55:53 ipsec,debug type=Life Type, flag=0x8000, lorv=seconds 
15:55:53 ipsec,debug type=Life Duration, flag=0x8000, lorv=1440 
15:55:53 ipsec,debug type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC 
15:55:53 ipsec,debug encryption(aes) 
15:55:53 ipsec,debug type=Key Length, flag=0x8000, lorv=256 
15:55:53 ipsec,debug type=Authentication Method, flag=0x8000, lorv=pre-shared key 
15:55:53 ipsec,debug type=Hash Algorithm, flag=0x8000, lorv=4 
15:55:53 ipsec,debug hash(sha2_256) 
15:55:53 ipsec,debug type=Group Description, flag=0x8000, lorv=2048-bit MODP group 
15:55:53 ipsec,debug dh(modp2048) 
15:55:53 ipsec,debug pair 1: 
15:55:53 ipsec,debug  0x491940: next=(nil) tnext=(nil) 
15:55:53 ipsec,debug proposal #1: 1 transform 
15:55:53 ipsec,debug -checking with pre-shared key auth- 
15:55:53 ipsec,debug prop#=1, prot-id=ISAKMP, spi-size=0, #trns=1 
15:55:53 ipsec,debug trns#=1, trns-id=IKE 
15:55:53 ipsec,debug type=Life Type, flag=0x8000, lorv=seconds 
15:55:53 ipsec,debug type=Life Duration, flag=0x8000, lorv=1440 
15:55:53 ipsec,debug type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC 
15:55:53 ipsec,debug type=Key Length, flag=0x8000, lorv=256 
15:55:53 ipsec,debug type=Authentication Method, flag=0x8000, lorv=pre-shared key 
15:55:53 ipsec,debug type=Hash Algorithm, flag=0x8000, lorv=4 
15:55:53 ipsec,debug type=Group Description, flag=0x8000, lorv=2048-bit MODP group 
15:55:53 ipsec,debug -compare proposal #1: Local:Peer 
15:55:53 ipsec,debug (lifetime = 1440:1440) 
15:55:53 ipsec,debug (lifebyte = 0:0) 
15:55:53 ipsec,debug enctype = AES-CBC:AES-CBC 
15:55:53 ipsec,debug (encklen = 256:256) 
15:55:53 ipsec,debug hashtype = 4:4 
15:55:53 ipsec,debug authmethod = pre-shared key:pre-shared key 
15:55:53 ipsec,debug dh_group = 2048-bit MODP group:2048-bit MODP group 
15:55:53 ipsec,debug -an acceptable proposal found- 
15:55:53 ipsec,debug dh(modp2048) 
15:55:53 ipsec,debug -agreed on pre-shared key auth- 
15:55:53 ipsec,debug === 
15:55:53 ipsec,debug dh(modp2048) 
15:55:54 ipsec,debug compute DH's private. 
15:55:54 ipsec,debug 76c07416 f1cce0f9 bec3249a 0aa2d887 df802d6b 03979207 f5dafce0 1b4fb7b0 
15:55:54 ipsec,debug b7a95369 649310ac 8b21f643 27af5df8 523bfabf bd06309b 2186c284 4ec16c6a 
15:55:54 ipsec,debug fc3d41e8 07ef4280 65b4c82f a2a2a2b1 aca4e7e9 5d1e9caf ed2d0a54 c99e2436 
15:55:54 ipsec,debug e5d1acdd 95764923 b619d054 ddd31057 4c3002e6 771c1b29 52243f10 1507e2cf 
15:55:54 ipsec,debug 8c3d3c2b 228e52c9 9a69545c 47ff3339 f8aac141 3be393e4 6f09f845 08b8ad71 
15:55:54 ipsec,debug f810fd7b 099fc59c ed73f8d4 309ad7d7 9ad217ed 914306e0 4491b9c3 47f004e4 
15:55:54 ipsec,debug 8dca342c 0470e673 3f2eeedc 3f8e6ce5 a665cd86 27ad0258 401c5c41 8bd7f4ec 
15:55:54 ipsec,debug 3bb1d2bd 321ff4fa 56629c0e da1f9dc5 b958a4dd 59bd23a8 316947b3 a8d4fa7a 
15:55:54 ipsec,debug compute DH's public. 
15:55:54 ipsec,debug 2294ceea 6315fdd6 613a2e13 bc52bb92 fe12e3d4 35bbdfd0 52ac1e39 cf18423e 
15:55:54 ipsec,debug 950e5167 c482244a 33cc284c d4a81573 96cc7acc ac3386ca c5919195 1a7e9dce 
15:55:54 ipsec,debug a6553ae3 62f8dc30 ae80adec ec913853 4219aec9 60d5b5c0 8b8a2154 a0bc90aa 
15:55:54 ipsec,debug 0c1f5048 21fe2124 2e364994 881b6dbc 0e846019 4ffd9743 9fef2d50 9b4d7cb2 
15:55:54 ipsec,debug 01391b16 d0a94fcf abd3455c 8819035a 2e79aa3a c7802f74 9bf77750 f1b2833f 
15:55:54 ipsec,debug 83ae1503 0bea6fa5 65fa3e81 84e9b39c 01520a06 3ae168b5 48aca15b b9665556 
15:55:54 ipsec,debug be9035b6 4cab5853 42bc4902 f455bcc9 a4cf2cf2 3a216b55 ebff3837 1ccc0213 
15:55:54 ipsec,debug 0bb7f9e2 3e3e21e0 6bc2da49 f0119aaf a716258d 65bb5a85 7eccdd31 ea2477f5 
15:55:54 ipsec 52.57.130.45 Hashing 52.57.130.45[500] with algo #4  
15:55:54 ipsec,debug hash(sha2_256) 
15:55:54 ipsec 10.0.0.50 Hashing 10.0.0.50[500] with algo #4  
15:55:54 ipsec,debug hash(sha2_256) 
15:55:54 ipsec Adding remote and local NAT-D payloads. 
15:55:54 ipsec,debug add payload of len 256, next type 10 
15:55:54 ipsec,debug add payload of len 24, next type 20 
15:55:54 ipsec,debug add payload of len 32, next type 20 
15:55:54 ipsec,debug add payload of len 32, next type 0 
15:55:54 ipsec,debug 388 bytes from 10.0.0.50[500] to 52.57.130.45[500] 
15:55:54 ipsec,debug 1 times of 388 bytes message will be sent to 52.57.130.45[500] 
15:55:54 ipsec,debug,packet 7ece5bb2 9c38803a 12f7db90 afd4ee30 04100200 00000000 00000184 0a000104 
15:55:54 ipsec,debug,packet 2294ceea 6315fdd6 613a2e13 bc52bb92 fe12e3d4 35bbdfd0 52ac1e39 cf18423e 
15:55:54 ipsec,debug,packet 950e5167 c482244a 33cc284c d4a81573 96cc7acc ac3386ca c5919195 1a7e9dce 
15:55:54 ipsec,debug,packet a6553ae3 62f8dc30 ae80adec ec913853 4219aec9 60d5b5c0 8b8a2154 a0bc90aa 
15:55:54 ipsec,debug,packet 0c1f5048 21fe2124 2e364994 881b6dbc 0e846019 4ffd9743 9fef2d50 9b4d7cb2 
15:55:54 ipsec,debug,packet 01391b16 d0a94fcf abd3455c 8819035a 2e79aa3a c7802f74 9bf77750 f1b2833f 
15:55:54 ipsec,debug,packet 83ae1503 0bea6fa5 65fa3e81 84e9b39c 01520a06 3ae168b5 48aca15b b9665556 
15:55:54 ipsec,debug,packet be9035b6 4cab5853 42bc4902 f455bcc9 a4cf2cf2 3a216b55 ebff3837 1ccc0213 
15:55:54 ipsec,debug,packet 0bb7f9e2 3e3e21e0 6bc2da49 f0119aaf a716258d 65bb5a85 7eccdd31 ea2477f5 
15:55:54 ipsec,debug,packet 1400001c f8926ea4 c30755ff 39447292 4ad7901c bc22899d 0ab4b7f2 14000024 
15:55:54 ipsec,debug,packet 44342264 de925a6b 043f9c80 e9264fbd 129f2759 0a4ed75c f124a70a f2b5373a 
15:55:54 ipsec,debug,packet 00000024 74be64b9 8a9956ad fb75bdd1 9c8506e1 0e3e6a8b 6a26052f 82a3ca7a 
15:55:54 ipsec,debug,packet 66ac5463 
15:55:54 ipsec sent phase1 packet 10.0.0.50[500]<=>52.57.130.45[500] 7ece5bb29c38803a:12f7db90afd4ee30 
15:55:54 ipsec,debug ===== received 380 bytes from 52.57.130.45[500] to 10.0.0.50[500] 
15:55:54 ipsec,debug,packet 7ece5bb2 9c38803a 12f7db90 afd4ee30 04100200 00000000 0000017c 0a000104 
15:55:54 ipsec,debug,packet 86726a20 81f4c5a9 dcbab20a 59993b16 d9613210 f1822369 ba607186 ad289879 
15:55:54 ipsec,debug,packet 81fe5c9d 639f802b fbd23c56 a597c2df dfb801ce 3e489197 7ff7b792 432376fe 
15:55:54 ipsec,debug,packet a1bdd0de 6e9bc23f 5edacc52 d9b4398d d3a151dd 7b1e4954 a6820408 19f26bb0 
15:55:54 ipsec,debug,packet 4c542286 24d1b35c fdfbb85d 49259ada e3c321c5 294d3af7 30dba580 6c62c871 
15:55:54 ipsec,debug,packet a8405f10 7d53b9cc 52a9b020 ceadcd3f 27b0df0c e2774aed 4617bd09 11b254ac 
15:55:54 ipsec,debug,packet 63e68ff9 2bbfa3bc c70b3d6e 7a2bed06 3c02f44e eabdec09 ccf45e83 f24e7253 
15:55:54 ipsec,debug,packet 29dac4a8 4dbba82e a1053c4f 847f7caa afae5e37 666f07ab 04034039 e22fad4b 
15:55:54 ipsec,debug,packet 543c5a5e 05b106ce b5fa59b7 079a1d23 dba92214 151b41a2 3bf6c4e3 0a4ebeb3 
15:55:54 ipsec,debug,packet 14000014 2c92e5dc 9cd93f41 8cb656e1 1fca7ad5 14000024 75bd6cc0 5973f6ed 
15:55:54 ipsec,debug,packet 46815209 484f708a a6e6cbd0 02fe846e 69b1e1a3 aa289fa2 00000024 13a0a3e8 
15:55:54 ipsec,debug,packet e703665e 1ceb36b3 9b7a49b6 f2599ff8 2800ee31 20228cb1 7dad2d63 
15:55:54 ipsec,debug begin. 
15:55:54 ipsec,debug seen nptype=4(ke) len=260 
15:55:54 ipsec,debug seen nptype=10(nonce) len=20 
15:55:54 ipsec,debug seen nptype=20(nat-d) len=36 
15:55:54 ipsec,debug seen nptype=20(nat-d) len=36 
15:55:54 ipsec,debug succeed. 
15:55:54 ipsec 10.0.0.50 Hashing 10.0.0.50[500] with algo #4  
15:55:54 ipsec,debug hash(sha2_256) 
15:55:54 ipsec NAT-D payload #0 doesn't match 
15:55:54 ipsec 52.57.130.45 Hashing 52.57.130.45[500] with algo #4  
15:55:54 ipsec,debug hash(sha2_256) 
15:55:54 ipsec NAT-D payload #1 doesn't match 
15:55:54 ipsec NAT detected: ME PEER 
15:55:54 ipsec KA list add: 10.0.0.50[4500]->52.57.130.45[4500] 
15:55:54 ipsec,debug === 
15:55:54 ipsec,debug dh(modp2048) 
15:55:54 ipsec,debug compute DH's shared. 
15:55:54 ipsec,debug 
15:55:54 ipsec,debug d3314343 a208ca6a 311f0437 094b65ed 77b41e5b a0c50ced 4367fb99 d1cea6f0 
15:55:54 ipsec,debug f84344ae d659b9bc 0a34a09c abd70ae6 e46ab5a2 5967586d 9ad56ed9 f0ff39ba 
15:55:54 ipsec,debug 8057fd0a 2640af25 a99980f2 e7941f16 c9f9468b 3db57726 c133fb10 ef5d44f1 
15:55:54 ipsec,debug 03d54de3 b445c158 b576b4d4 e02877e8 f7d129e8 5ff5c60b f51d9d9f dd5811f4 
15:55:54 ipsec,debug a9cc4b88 45e6efb1 767a1eb8 c99a553c aa51db73 f64a2e9c 39d8f5b0 f0e08de2 
15:55:54 ipsec,debug 91e8d80e 68be3d67 e800af37 0d895928 29b2dd3d 82a338c0 9ed565ef a1fb3ed3 
15:55:54 ipsec,debug 2cd833b3 df00edfc b3672ecc 9f684d6a bb88f8a2 b6661b78 42204e16 62bbf593 
15:55:54 ipsec,debug 86e01840 5d2319d8 231fe03b 070baed4 713ab2a3 451fb185 fb7e0a7e f728eb27 
15:55:54 ipsec,debug nonce 1:  
15:55:54 ipsec,debug f8926ea4 c30755ff 39447292 4ad7901c bc22899d 0ab4b7f2 
15:55:54 ipsec,debug nonce 2:  
15:55:54 ipsec,debug 2c92e5dc 9cd93f41 8cb656e1 1fca7ad5 
15:55:54 ipsec,debug hmac(hmac_sha2_256) 
15:55:54 ipsec,debug SKEYID computed: 
15:55:54 ipsec,debug 8e982956 333f2900 adea6c47 d970904f 9ee7b6b1 834bee32 4752df78 c1075553 
15:55:54 ipsec,debug hmac(hmac_sha2_256) 
15:55:54 ipsec,debug SKEYID_d computed: 
15:55:54 ipsec,debug c1aaa9b3 335bd890 9cfb099a 443f0692 b05e0b34 d459da4b 5b6528e0 02e654ed 
15:55:54 ipsec,debug hmac(hmac_sha2_256) 
15:55:54 ipsec,debug SKEYID_a computed: 
15:55:54 ipsec,debug 9de895e0 7c5c78d1 feb89a85 5cb63e33 8c4b9220 ef25fff4 711d44ac add35c66 
15:55:54 ipsec,debug hmac(hmac_sha2_256) 
15:55:54 ipsec,debug SKEYID_e computed: 
15:55:54 ipsec,debug 036c67ea cb181c52 c7f44ce2 52acabca 96658a44 2c985660 82c55ec1 fe00e2cb 
15:55:54 ipsec,debug encryption(aes) 
15:55:54 ipsec,debug hash(sha2_256) 
15:55:54 ipsec,debug final encryption key computed: 
15:55:54 ipsec,debug 036c67ea cb181c52 c7f44ce2 52acabca 96658a44 2c985660 82c55ec1 fe00e2cb 
15:55:54 ipsec,debug hash(sha2_256) 
15:55:54 ipsec,debug encryption(aes) 
15:55:54 ipsec,debug IV computed: 
15:55:54 ipsec,debug ecf6bea1 54453b95 4bfd88cc 5f93347e 
15:55:54 ipsec,debug use ID type of IPv4_address 
15:55:54 ipsec,debug HASH with: 
15:55:54 ipsec,debug 2294ceea 6315fdd6 613a2e13 bc52bb92 fe12e3d4 35bbdfd0 52ac1e39 cf18423e 
15:55:54 ipsec,debug 950e5167 c482244a 33cc284c d4a81573 96cc7acc ac3386ca c5919195 1a7e9dce 
15:55:54 ipsec,debug a6553ae3 62f8dc30 ae80adec ec913853 4219aec9 60d5b5c0 8b8a2154 a0bc90aa 
15:55:54 ipsec,debug 0c1f5048 21fe2124 2e364994 881b6dbc 0e846019 4ffd9743 9fef2d50 9b4d7cb2 
15:55:54 ipsec,debug 01391b16 d0a94fcf abd3455c 8819035a 2e79aa3a c7802f74 9bf77750 f1b2833f 
15:55:54 ipsec,debug 83ae1503 0bea6fa5 65fa3e81 84e9b39c 01520a06 3ae168b5 48aca15b b9665556 
15:55:54 ipsec,debug be9035b6 4cab5853 42bc4902 f455bcc9 a4cf2cf2 3a216b55 ebff3837 1ccc0213 
15:55:54 ipsec,debug 0bb7f9e2 3e3e21e0 6bc2da49 f0119aaf a716258d 65bb5a85 7eccdd31 ea2477f5 
15:55:54 ipsec,debug 86726a20 81f4c5a9 dcbab20a 59993b16 d9613210 f1822369 ba607186 ad289879 
15:55:54 ipsec,debug 81fe5c9d 639f802b fbd23c56 a597c2df dfb801ce 3e489197 7ff7b792 432376fe 
15:55:54 ipsec,debug a1bdd0de 6e9bc23f 5edacc52 d9b4398d d3a151dd 7b1e4954 a6820408 19f26bb0 
15:55:54 ipsec,debug 4c542286 24d1b35c fdfbb85d 49259ada e3c321c5 294d3af7 30dba580 6c62c871 
15:55:54 ipsec,debug a8405f10 7d53b9cc 52a9b020 ceadcd3f 27b0df0c e2774aed 4617bd09 11b254ac 
15:55:54 ipsec,debug 63e68ff9 2bbfa3bc c70b3d6e 7a2bed06 3c02f44e eabdec09 ccf45e83 f24e7253 
15:55:54 ipsec,debug 29dac4a8 4dbba82e a1053c4f 847f7caa afae5e37 666f07ab 04034039 e22fad4b 
15:55:54 ipsec,debug 543c5a5e 05b106ce b5fa59b7 079a1d23 dba92214 151b41a2 3bf6c4e3 0a4ebeb3 
15:55:54 ipsec,debug 7ece5bb2 9c38803a 12f7db90 afd4ee30 00000001 00000001 0000002c 01010001 
15:55:54 ipsec,debug 00000024 01010000 800b0001 800c05a0 80010007 800e0100 80030001 80020004 
15:55:54 ipsec,debug 8004000e 011101f4 0a000032 
15:55:54 ipsec,debug hmac(hmac_sha2_256) 
15:55:54 ipsec,debug HASH computed: 
15:55:54 ipsec,debug 61574965 7f19453f 0979db09 4b742cfb 810b7bd6 e6370d5a 2c500212 a73e0f64 
15:55:54 ipsec,debug add payload of len 8, next type 8 
15:55:54 ipsec,debug add payload of len 32, next type 0 
15:55:54 ipsec,debug begin encryption. 
15:55:54 ipsec,debug encryption(aes) 
15:55:54 ipsec,debug pad length = 16 
15:55:54 ipsec,debug 0800000c 011101f4 0a000032 00000024 61574965 7f19453f 0979db09 4b742cfb 
15:55:54 ipsec,debug 810b7bd6 e6370d5a 2c500212 a73e0f64 e4dda328 f8f0343f 3ddcff20 8bd3160f 
15:55:54 ipsec,debug encryption(aes) 
15:55:54 ipsec,debug with key: 
15:55:54 ipsec,debug 036c67ea cb181c52 c7f44ce2 52acabca 96658a44 2c985660 82c55ec1 fe00e2cb 
15:55:54 ipsec,debug encrypted payload by IV: 
15:55:54 ipsec,debug ecf6bea1 54453b95 4bfd88cc 5f93347e 
15:55:54 ipsec,debug save IV for next: 
15:55:54 ipsec,debug 60cd5946 9a15da00 f2504b64 63ef3ca3 
15:55:54 ipsec,debug encrypted. 
15:55:54 ipsec,debug 92 bytes from 10.0.0.50[4500] to 52.57.130.45[4500] 
15:55:54 ipsec,debug 1 times of 96 bytes message will be sent to 52.57.130.45[4500] 
15:55:54 ipsec,debug,packet 7ece5bb2 9c38803a 12f7db90 afd4ee30 05100201 00000000 0000005c ece06809 
15:55:54 ipsec,debug,packet d7a350ce 14a39626 c3210d1b e9f80cb0 c63a5221 8734ceed ee9aebd8 b9751614 
15:55:54 ipsec,debug,packet 0ed823e5 379aab66 75dfab77 60cd5946 9a15da00 f2504b64 63ef3ca3 
15:55:54 ipsec sent phase1 packet 10.0.0.50[4500]<=>52.57.130.45[4500] 7ece5bb29c38803a:12f7db90afd4ee30 
15:55:54 ipsec,debug ===== received 92 bytes from 52.57.130.45[4500] to 10.0.0.50[4500] 
15:55:54 ipsec,debug,packet 7ece5bb2 9c38803a 12f7db90 afd4ee30 05100201 00000000 0000005c f7d56c02 
15:55:54 ipsec,debug,packet 10f91f0b 1cf88c45 1e80165f 85501245 b77133de 98308c50 641208b6 f59dcff1 
15:55:54 ipsec,debug,packet 47976ff8 e51c2947 94158225 c44985b5 77597c35 0cb095a7 861fbadb 
15:55:54 ipsec,debug encryption(aes) 
15:55:54 ipsec,debug IV was saved for next processing: 
15:55:54 ipsec,debug c44985b5 77597c35 0cb095a7 861fbadb 
15:55:54 ipsec,debug encryption(aes) 
15:55:54 ipsec,debug with key: 
15:55:54 ipsec,debug 036c67ea cb181c52 c7f44ce2 52acabca 96658a44 2c985660 82c55ec1 fe00e2cb 
15:55:54 ipsec,debug decrypted payload by IV: 
15:55:54 ipsec,debug 60cd5946 9a15da00 f2504b64 63ef3ca3 
15:55:54 ipsec,debug decrypted payload, but not trimed. 
15:55:54 ipsec,debug 0800000c 01000000 3439822d 00000024 aa0bcf7c 7ee72dba 6119b3ee 8b63423f 
15:55:54 ipsec,debug 90e2d96d 33407d41 747def32 b81202fb 62de1788 d95e0ec9 af1610f4 aa26fd10 
15:55:54 ipsec,debug padding len=17 
15:55:54 ipsec,debug skip to trim padding. 
15:55:54 ipsec,debug decrypted. 
15:55:54 ipsec,debug 7ece5bb2 9c38803a 12f7db90 afd4ee30 05100201 00000000 0000005c 0800000c 
15:55:54 ipsec,debug 01000000 3439822d 00000024 aa0bcf7c 7ee72dba 6119b3ee 8b63423f 90e2d96d 
15:55:54 ipsec,debug 33407d41 747def32 b81202fb 62de1788 d95e0ec9 af1610f4 aa26fd10 
15:55:54 ipsec,debug begin. 
15:55:54 ipsec,debug seen nptype=5(id) len=12 
15:55:54 ipsec,debug seen nptype=8(hash) len=36 
15:55:54 ipsec,debug succeed. 
15:55:54 ipsec,debug HASH received: 
15:55:54 ipsec,debug aa0bcf7c 7ee72dba 6119b3ee 8b63423f 90e2d96d 33407d41 747def32 b81202fb 
15:55:54 ipsec,debug HASH with: 
15:55:54 ipsec,debug 86726a20 81f4c5a9 dcbab20a 59993b16 d9613210 f1822369 ba607186 ad289879 
15:55:54 ipsec,debug 81fe5c9d 639f802b fbd23c56 a597c2df dfb801ce 3e489197 7ff7b792 432376fe 
15:55:54 ipsec,debug a1bdd0de 6e9bc23f 5edacc52 d9b4398d d3a151dd 7b1e4954 a6820408 19f26bb0 
15:55:54 ipsec,debug 4c542286 24d1b35c fdfbb85d 49259ada e3c321c5 294d3af7 30dba580 6c62c871 
15:55:54 ipsec,debug a8405f10 7d53b9cc 52a9b020 ceadcd3f 27b0df0c e2774aed 4617bd09 11b254ac 
15:55:54 ipsec,debug 63e68ff9 2bbfa3bc c70b3d6e 7a2bed06 3c02f44e eabdec09 ccf45e83 f24e7253 
15:55:54 ipsec,debug 29dac4a8 4dbba82e a1053c4f 847f7caa afae5e37 666f07ab 04034039 e22fad4b 
15:55:54 ipsec,debug 543c5a5e 05b106ce b5fa59b7 079a1d23 dba92214 151b41a2 3bf6c4e3 0a4ebeb3 
15:55:54 ipsec,debug 2294ceea 6315fdd6 613a2e13 bc52bb92 fe12e3d4 35bbdfd0 52ac1e39 cf18423e 
15:55:54 ipsec,debug 950e5167 c482244a 33cc284c d4a81573 96cc7acc ac3386ca c5919195 1a7e9dce 
15:55:54 ipsec,debug a6553ae3 62f8dc30 ae80adec ec913853 4219aec9 60d5b5c0 8b8a2154 a0bc90aa 
15:55:54 ipsec,debug 0c1f5048 21fe2124 2e364994 881b6dbc 0e846019 4ffd9743 9fef2d50 9b4d7cb2 
15:55:54 ipsec,debug 01391b16 d0a94fcf abd3455c 8819035a 2e79aa3a c7802f74 9bf77750 f1b2833f 
15:55:54 ipsec,debug 83ae1503 0bea6fa5 65fa3e81 84e9b39c 01520a06 3ae168b5 48aca15b b9665556 
15:55:54 ipsec,debug be9035b6 4cab5853 42bc4902 f455bcc9 a4cf2cf2 3a216b55 ebff3837 1ccc0213 
15:55:54 ipsec,debug 0bb7f9e2 3e3e21e0 6bc2da49 f0119aaf a716258d 65bb5a85 7eccdd31 ea2477f5 
15:55:54 ipsec,debug 12f7db90 afd4ee30 7ece5bb2 9c38803a 00000001 00000001 0000002c 01010001 
15:55:54 ipsec,debug 00000024 01010000 800b0001 800c05a0 80010007 800e0100 80030001 80020004 
15:55:54 ipsec,debug 8004000e 01000000 3439822d 
15:55:54 ipsec,debug hmac(hmac_sha2_256) 
15:55:54 ipsec,debug HASH computed: 
15:55:54 ipsec,debug aa0bcf7c 7ee72dba 6119b3ee 8b63423f 90e2d96d 33407d41 747def32 b81202fb 
15:55:54 ipsec,debug HASH for PSK validated. 
15:55:54 ipsec,debug 52.57.130.45 peer's ID: 
15:55:54 ipsec,debug 01000000 3439822d 
15:55:54 ipsec,debug === 
15:55:54 ipsec ph2 possible after ph1 creation 
15:55:54 ipsec,debug  (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=Tunnel reqid=0:0) 
15:55:54 ipsec,debug   (trns_id=3DES encklen=0 authtype=hmac-sha1) 
15:55:54 ipsec,debug begin QUICK mode. 
15:55:54 ipsec,debug === 
15:55:54 ipsec,debug begin QUICK mode. 
15:55:54 ipsec initiate new phase 2 negotiation: 10.0.0.50[4500]<=>52.57.130.45[4500] 
15:55:54 ipsec,debug compute IV for phase2 
15:55:54 ipsec,debug phase1 last IV: 
15:55:54 ipsec,debug c44985b5 77597c35 0cb095a7 861fbadb e769071e 
15:55:54 ipsec,debug hash(sha2_256) 
15:55:54 ipsec,debug encryption(aes) 
15:55:54 ipsec,debug phase2 IV computed: 
15:55:54 ipsec,debug 778d9d95 d8b6569c df1d1379 fe52334e 
15:55:54 ipsec,debug call pfkey_send_getspi 3b 
15:55:54 ipsec,debug pfkey GETSPI sent: ESP/Tunnel 52.57.130.45[4500]->10.0.0.50[4500]  
15:55:54 ipsec,debug pfkey getspi sent. 
15:55:54 ipsec,info ISAKMP-SA established 10.0.0.50[4500]-52.57.130.45[4500] spi:7ece5bb29c38803a:12f7db90afd4ee30 
15:55:54 ipsec,debug === 
15:55:54 ipsec NAT detected -> UDP encapsulation (ENC_MODE 1->3). 
15:55:54 ipsec,debug use local ID type IPv4_address 
15:55:54 ipsec,debug use remote ID type IPv4_address 
15:55:54 ipsec,debug IDci: 
15:55:54 ipsec,debug 01000000 0a000032 
15:55:54 ipsec,debug IDcr: 
15:55:54 ipsec,debug 01000000 0a7b711d 
15:55:54 ipsec,debug add payload of len 44, next type 10 
15:55:54 ipsec,debug add payload of len 24, next type 5 
15:55:54 ipsec,debug add payload of len 8, next type 5 
15:55:54 ipsec,debug add payload of len 8, next type 0 
15:55:54 ipsec,debug HASH with: 
15:55:54 ipsec,debug e769071e 0a000030 00000001 00000001 00000024 01030401 0249e1ee 00000018 
15:55:54 ipsec,debug 01030000 80010001 800205a0 80040003 80050002 0500001c aa96ebfe 28e5f0bf 
15:55:54 ipsec,debug 2fe19905 59335bd1 e2421927 9f752532 0500000c 01000000 0a000032 0000000c 
15:55:54 ipsec,debug 01000000 0a7b711d 
15:55:54 ipsec,debug hmac(hmac_sha2_256) 
15:55:54 ipsec,debug HASH computed: 
15:55:54 ipsec,debug fff9f27b 001062f3 005f0afa 841a0827 19490fff ef2712ce 77a79e71 488e5e86 
15:55:54 ipsec,debug add payload of len 32, next type 1 
15:55:54 ipsec,debug begin encryption. 
15:55:54 ipsec,debug encryption(aes) 
15:55:54 ipsec,debug pad length = 8 
15:55:54 ipsec,debug 01000024 fff9f27b 001062f3 005f0afa 841a0827 19490fff ef2712ce 77a79e71 
15:55:54 ipsec,debug 488e5e86 0a000030 00000001 00000001 00000024 01030401 0249e1ee 00000018 
15:55:54 ipsec,debug 01030000 80010001 800205a0 80040003 80050002 0500001c aa96ebfe 28e5f0bf 
15:55:54 ipsec,debug 2fe19905 59335bd1 e2421927 9f752532 0500000c 01000000 0a000032 0000000c 
15:55:54 ipsec,debug 01000000 0a7b711d 6c38849b a87e3f07 
15:55:54 ipsec,debug encryption(aes) 
15:55:54 ipsec,debug with key: 
15:55:54 ipsec,debug 036c67ea cb181c52 c7f44ce2 52acabca 96658a44 2c985660 82c55ec1 fe00e2cb 
15:55:54 ipsec,debug encrypted payload by IV: 
15:55:54 ipsec,debug 778d9d95 d8b6569c df1d1379 fe52334e 
15:55:54 ipsec,debug save IV for next: 
15:55:54 ipsec,debug fbcb27c6 c1a1c947 92f1fbc4 5f4cf5ff 
15:55:54 ipsec,debug encrypted. 
15:55:54 ipsec,debug 172 bytes from 10.0.0.50[4500] to 52.57.130.45[4500] 
15:55:54 ipsec,debug 1 times of 176 bytes message will be sent to 52.57.130.45[4500] 
15:55:54 ipsec,debug,packet 7ece5bb2 9c38803a 12f7db90 afd4ee30 08102001 e769071e 000000ac 3482093b 
15:55:54 ipsec,debug,packet f9100c2a 76d533d8 094ba0a6 20866adf 02b230f5 da1d6d76 1a0ee956 e92e1318 
15:55:54 ipsec,debug,packet a01a65d0 4f7fdb23 a9b2028a cd7b3ec4 2ea182ce 09d7c060 190e0cd7 dc71e0b0 
15:55:54 ipsec,debug,packet a04f61ba c171fed3 bd9e7f92 a81135b4 3da19be5 d58d0249 a2085b33 93d766a6 
15:55:54 ipsec,debug,packet d2cf7005 10f2d059 92fd5673 1fcf55cf 71ff8bf7 24e0be61 a7f2c165 fbcb27c6 
15:55:54 ipsec,debug,packet c1a1c947 92f1fbc4 5f4cf5ff 
15:55:54 ipsec sent phase2 packet 10.0.0.50[4500]<=>52.57.130.45[4500] 7ece5bb29c38803a:12f7db90afd4ee30:e769071e 
15:56:04 ipsec,debug 172 bytes from 10.0.0.50[4500] to 52.57.130.45[4500] 
15:56:04 ipsec,debug 1 times of 176 bytes message will be sent to 52.57.130.45[4500] 
15:56:04 ipsec,debug,packet 7ece5bb2 9c38803a 12f7db90 afd4ee30 08102001 e769071e 000000ac 3482093b 
15:56:04 ipsec,debug,packet f9100c2a 76d533d8 094ba0a6 20866adf 02b230f5 da1d6d76 1a0ee956 e92e1318 
15:56:04 ipsec,debug,packet a01a65d0 4f7fdb23 a9b2028a cd7b3ec4 2ea182ce 09d7c060 190e0cd7 dc71e0b0 
15:56:04 ipsec,debug,packet a04f61ba c171fed3 bd9e7f92 a81135b4 3da19be5 d58d0249 a2085b33 93d766a6 
15:56:04 ipsec,debug,packet d2cf7005 10f2d059 92fd5673 1fcf55cf 71ff8bf7 24e0be61 a7f2c165 fbcb27c6 
15:56:04 ipsec,debug,packet c1a1c947 92f1fbc4 5f4cf5ff 
15:56:04 ipsec resent phase2 packet 10.0.0.50[4500]<=>52.57.130.45[4500] 7ece5bb29c38803a:12f7db90afd4ee30:e769071e 
15:56:05 ipsec,debug KA: 10.0.0.50[4500]->52.57.130.45[4500] 
15:56:05 ipsec,debug 1 times of 1 bytes message will be sent to 52.57.130.45[4500] 
15:56:05 ipsec,debug,packet ff 
15:56:14 ipsec,debug 172 bytes from 10.0.0.50[4500] to 52.57.130.45[4500] 
15:56:14 ipsec,debug 1 times of 176 bytes message will be sent to 52.57.130.45[4500] 
15:56:14 ipsec,debug,packet 7ece5bb2 9c38803a 12f7db90 afd4ee30 08102001 e769071e 000000ac 3482093b 
15:56:14 ipsec,debug,packet f9100c2a 76d533d8 094ba0a6 20866adf 02b230f5 da1d6d76 1a0ee956 e92e1318 
15:56:14 ipsec,debug,packet a01a65d0 4f7fdb23 a9b2028a cd7b3ec4 2ea182ce 09d7c060 190e0cd7 dc71e0b0 
15:56:14 ipsec,debug,packet a04f61ba c171fed3 bd9e7f92 a81135b4 3da19be5 d58d0249 a2085b33 93d766a6 
15:56:14 ipsec,debug,packet d2cf7005 10f2d059 92fd5673 1fcf55cf 71ff8bf7 24e0be61 a7f2c165 fbcb27c6 
15:56:14 ipsec,debug,packet c1a1c947 92f1fbc4 5f4cf5ff 
15:56:14 ipsec resent phase2 packet 10.0.0.50[4500]<=>52.57.130.45[4500] 7ece5bb29c38803a:12f7db90afd4ee30:e769071e 
15:56:24 ipsec 52.57.130.45 give up to get IPsec-SA due to time up to wait. 
15:56:24 ipsec,debug an undead schedule has been deleted. 
15:56:24 ipsec IPsec-SA expired: ESP/Tunnel 52.57.130.45[500]->10.0.0.50[500] spi=0x249e1ee 
15:56:25 ipsec,debug KA: 10.0.0.50[4500]->52.57.130.45[4500] 
15:56:25 ipsec,debug 1 times of 1 bytes message will be sent to 52.57.130.45[4500] 
15:56:25 ipsec,debug,packet ff

Thank you so much for your patience!

The goal was to get rid of it by means of adding encryption options to the proposal so that there would be a topic for negotiation. But still only 3des + hmac-sha1 is proposed as you can see a few lines further in the log, which is at least suspicious. So show me /ip ipsec proposal export, please.

I’m very confused there is no sha1 auth. algorithm appearence.
remote admin sent me this, so i set it up like he did.

So I have changed the parameters as below, please do the same at your end and lets test:
Encryption: 3des
Authentication: sha1
DH Group: no pfs
Lifetime: 1440 sec

/ip ipsec proposal
set [ find default=yes ] disabled=yes
add enc-algorithms=3des lifetime=24m name=TFS_proposal pfs-group=none

…proposal GUI looks like this:

EDIT:
oh i can see now, its default value - https://wiki.mikrotik.com/wiki/Manual:IP/IPsec#Proposals

I know what the other admin has sent you. What I asked you to do was to tick more than one checkbox in at least one of the two sections (auth or enc). Do that and send the log if it still doesn’t work.