All good day, please help in an unusual situation)
Mikrotik ccr1009 6.44.5 configured for clients to connect via IKEv2, mostly Windows clients, as well tested IOS 12.4, 12.4.1 - all connections good, except for one configuration. If you use a Windows (laptop or computer) connected via a USB cord to an IPhone, the Latter distributes mobile Internet, VPN is not installed.
Windows throws an error: network communication between the computer and the VPN server Could not be established because the remote server is not responding. Possible cause: one of the network devices between the computer and the remote server is not configured to allow VPN connections. To determine which device is causing this problem, contact your administrator or service provider.
On Mikrotik in the logs:
12:05:27 ipsec processing payloads: VID
12:05:27 ipsec peer is MS Windows (ISAKMPOAKLEY 9)
12:05:27 ipsec processing payloads: NOTIFY
12:05:27 ipsec notify: IKEV2_FRAGMENTATION_SUPPORTED
12:05:27 ipsec notify: NAT_DETECTION_SOURCE_IP
12:05:27 ipsec notify: NAT_DETECTION_DESTINATION_IP
12:05:27 ipsec (NAT-T) REMOTE
12:05:27 ipsec KA list add: x.x.x.x->188.8.131.52
12:05:39 ipsec,debug KA: x.x.x.x->184.108.40.206
12:05:39 ipsec,debug 1 times of 1 bytes message will be sent to 220.127.116.11
12:05:39 ipsec,debug,packet ff
12:05:57 ipsec child negitiation timeout in state 0
12:05:57 ipsec,info killing ike2 SA: x.x.x.x-18.104.22.168 spi:50fcceade1f8f668:d1df4a40234f2f9b
12:05:57 ipsec KA remove: x.x.x.x->22.214.171.124
12:05:57 ipsec,debug KA tree dump: x.x.x.x->126.96.36.199 (in_use=1)
12:05:57 ipsec,debug KA removing this one...
Now the most interesting thing in the diagram: Windows-USB-IPhone, USB change on WI-FI, Windows wi-fi-IPhone-IKEv2-Mikrotik -> VPN works.
May be somebody tell me what's wrong with USB?
tried other combinations: Windows-USB-IPhone-strongswan, Windows-USB-IPhone-Mikrotik-strongswan, IPhone-Mikrotik - a VPN.