Here's the log. Trimmed some packet data and replaced a few variables with <info>
17:53:30 ipsec,debug ===== received 1104 bytes from <windows client ip>[30176] to <VPN server IP>[500]
17:53:30 ipsec -> ike2 request, exchange: SA_INIT:0 <windows client ip>[30176] 9957669d0684d48e:0000000000000000
17:53:30 ipsec ike2 respond
17:53:30 ipsec payload seen: SA (736 bytes)
17:53:30 ipsec payload seen: KE (136 bytes)
17:53:30 ipsec payload seen: NONCE (52 bytes)
17:53:30 ipsec payload seen: NOTIFY (8 bytes)
17:53:30 ipsec payload seen: NOTIFY (28 bytes)
17:53:30 ipsec payload seen: NOTIFY (28 bytes)
17:53:30 ipsec payload seen: VID (24 bytes)
17:53:30 ipsec,debug 1e2b516905991c7d7c96fcbfb587e46100000009
17:53:30 ipsec payload seen: VID (20 bytes)
17:53:30 ipsec,debug fb1de3cdf341b7ea16b7e5be0855f120
17:53:30 ipsec payload seen: VID (20 bytes)
17:53:30 ipsec,debug 26244d38eddb61b3172a36e3d0cfb819
17:53:30 ipsec payload seen: VID (24 bytes)
17:53:30 ipsec,debug 01528bbbc00696121849ab9a1c5b2a5100000002
17:53:30 ipsec processing payload: NONCE
17:53:30 ipsec processing payload: SA
17:53:30 ipsec IKE Protocol: IKE
17:53:30 ipsec proposal #1
17:53:30 ipsec enc: 3des-cbc
17:53:30 ipsec prf: hmac-sha1
17:53:30 ipsec auth: sha1
17:53:30 ipsec dh: modp1024
17:53:30 ipsec proposal #2
17:53:30 ipsec enc: 3des-cbc
17:53:30 ipsec prf: hmac-sha256
17:53:30 ipsec auth: sha256
17:53:30 ipsec dh: modp1024
17:53:30 ipsec proposal #3
17:53:30 ipsec enc: 3des-cbc
17:53:30 ipsec prf: hmac-sha384
17:53:30 ipsec auth: sha384
17:53:30 ipsec dh: modp1024
17:53:30 ipsec proposal #4
17:53:30 ipsec enc: aes128-cbc
17:53:30 ipsec prf: hmac-sha1
17:53:30 ipsec auth: sha1
17:53:30 ipsec dh: modp1024
17:53:30 ipsec proposal #5
17:53:30 ipsec enc: aes128-cbc
17:53:30 ipsec prf: hmac-sha256
17:53:30 ipsec auth: sha256
17:53:30 ipsec dh: modp1024
17:53:30 ipsec proposal #6
17:53:30 ipsec enc: aes128-cbc
17:53:30 ipsec prf: hmac-sha384
17:53:30 ipsec auth: sha384
17:53:30 ipsec dh: modp1024
17:53:30 ipsec proposal #7
17:53:30 ipsec enc: aes192-cbc
17:53:30 ipsec prf: hmac-sha1
17:53:30 ipsec auth: sha1
17:53:30 ipsec dh: modp1024
17:53:30 ipsec proposal #8
17:53:30 ipsec enc: aes192-cbc
17:53:30 ipsec prf: hmac-sha256
17:53:30 ipsec auth: sha256
17:53:30 ipsec dh: modp1024
17:53:30 ipsec proposal #9
17:53:30 ipsec enc: aes192-cbc
17:53:30 ipsec prf: hmac-sha384
17:53:30 ipsec auth: sha384
17:53:30 ipsec dh: modp1024
17:53:30 ipsec proposal #10
17:53:30 ipsec enc: aes256-cbc
17:53:30 ipsec prf: hmac-sha1
17:53:30 ipsec auth: sha1
17:53:30 ipsec dh: modp1024
17:53:30 ipsec proposal #11
17:53:30 ipsec enc: aes256-cbc
17:53:30 ipsec prf: hmac-sha256
17:53:30 ipsec auth: sha256
17:53:30 ipsec dh: modp1024
17:53:30 ipsec proposal #12
17:53:30 ipsec enc: aes256-cbc
17:53:30 ipsec prf: hmac-sha384
17:53:30 ipsec auth: sha384
17:53:30 ipsec dh: modp1024
17:53:30 ipsec proposal #13
17:53:30 ipsec enc: aes128-gcm
17:53:30 ipsec prf: hmac-sha1
17:53:30 ipsec dh: modp1024
17:53:30 ipsec proposal #14
17:53:30 ipsec enc: aes128-gcm
17:53:30 ipsec prf: hmac-sha256
17:53:30 ipsec dh: modp1024
17:53:30 ipsec proposal #15
17:53:30 ipsec enc: aes128-gcm
17:53:30 ipsec prf: hmac-sha384
17:53:30 ipsec dh: modp1024
17:53:30 ipsec proposal #16
17:53:30 ipsec enc: aes256-gcm
17:53:30 ipsec prf: hmac-sha1
17:53:30 ipsec dh: modp1024
17:53:30 ipsec proposal #17
17:53:30 ipsec enc: aes256-gcm
17:53:30 ipsec prf: hmac-sha256
17:53:30 ipsec dh: modp1024
17:53:30 ipsec proposal #18
17:53:30 ipsec enc: aes256-gcm
17:53:30 ipsec prf: hmac-sha384
17:53:30 ipsec dh: modp1024
17:53:30 ipsec matched proposal:
17:53:30 ipsec proposal #1
17:53:30 ipsec enc: 3des-cbc
17:53:30 ipsec prf: hmac-sha1
17:53:30 ipsec auth: sha1
17:53:30 ipsec dh: modp1024
17:53:30 ipsec processing payload: KE
17:53:30 ipsec,debug => shared secret (size 0x80)
17:53:30 ipsec adding payload: SA
17:53:30 ipsec,debug => (size 0x2c)
17:53:30 ipsec adding payload: KE
17:53:30 ipsec,debug => (size 0x88)
17:53:30 ipsec adding payload: NONCE
17:53:30 ipsec,debug => (size 0x1c)
17:53:30 ipsec,debug 0000001c 763228b7 859c5f6a bdef748e c567531f 56ab8ac6 f99a4de4
17:53:30 ipsec adding notify: NAT_DETECTION_SOURCE_IP
17:53:30 ipsec,debug => (size 0x1c)
17:53:30 ipsec,debug 0000001c 00004004 f0d1bbb0 9482d884 8a9493f3 2e66c79d 8318039a
17:53:30 ipsec adding notify: NAT_DETECTION_DESTINATION_IP
17:53:30 ipsec,debug => (size 0x1c)
17:53:30 ipsec,debug 0000001c 00004005 203502d3 6053e3d4 b6bb2f4b 719a5d19 1869c1bc
17:53:30 ipsec adding notify: IKEV2_FRAGMENTATION_SUPPORTED
17:53:30 ipsec,debug => (size 0x8)
17:53:30 ipsec,debug 00000008 0000402e
17:53:30 ipsec adding payload: CERTREQ
17:53:30 ipsec,debug => (size 0x5)
17:53:30 ipsec,debug 00000005 04
17:53:30 ipsec <- ike2 reply, exchange: SA_INIT:0 <windows client ip>[30176] 9957669d0684d48e:4de4511a30bd32f7
17:53:30 ipsec,debug ===== sending 305 bytes from <VPN server IP>[500] to <windows client ip>[30176]
17:53:30 ipsec,debug 1 times of 305 bytes message will be sent to <windows client ip>[30176]
17:53:30 ipsec,debug => skeyseed (size 0x14)
17:53:30 ipsec,debug 4e8ec4ec 0542388e 990f0b24 15a7d0ed 0f1cd503
17:53:30 ipsec,debug => keymat (size 0x14)
17:53:30 ipsec,debug 4db389e8 bfc04383 cad199e0 324d5544 45f3c8ce
17:53:30 ipsec,debug => SK_ai (size 0x14)
17:53:30 ipsec,debug d9c3770c 05b4ef13 070ab441 bbdce288 5f45a5a2
17:53:30 ipsec,debug => SK_ar (size 0x14)
17:53:30 ipsec,debug 76049c5f e93a245b ddc91d31 5727f022 52c63d8e
17:53:30 ipsec,debug => SK_ei (size 0x18)
17:53:30 ipsec,debug d5285658 74020701 84f0e64d 698fd137 812b2718 6837e23d
17:53:30 ipsec,debug => SK_er (size 0x18)
17:53:30 ipsec,debug 2214b556 37925335 b8671f19 c9d71c6a d5891553 0366e201
17:53:30 ipsec,debug => SK_pi (size 0x14)
17:53:30 ipsec,debug 84597a9a 0f5a9fa9 4898aabd 0f21b4c6 b9453694
17:53:30 ipsec,debug => SK_pr (size 0x14)
17:53:30 ipsec,debug 47539c5e 0eb9db3e 8a8ad97d 38912c2c 6a2ccfd4
17:53:30 ipsec,info new ike2 SA (R): ipsec-IKEv2 <VPN server IP>[500]-<windows client ip>[30176] spi:4de4511a30bd32f7:9957669d0684d48e
17:53:30 ipsec processing payloads: VID
17:53:30 ipsec peer is MS Windows (ISAKMPOAKLEY 9)
17:53:30 ipsec processing payloads: NOTIFY
17:53:30 ipsec notify: IKEV2_FRAGMENTATION_SUPPORTED
17:53:30 ipsec notify: NAT_DETECTION_SOURCE_IP
17:53:30 ipsec notify: NAT_DETECTION_DESTINATION_IP
17:53:30 ipsec (NAT-T) REMOTE
17:53:30 ipsec KA list add: <VPN server IP>[4500]-><windows client ip>[30176]
17:53:30 ipsec fragmentation negotiated
17:53:31 ipsec,debug ===== received 568 bytes from <windows client ip>[30174] to <VPN server IP>[4500]
17:53:31 ipsec -> ike2 request, exchange: AUTH:1 <windows client ip>[30174] 9957669d0684d48e:4de4511a30bd32f7
17:53:31 ipsec peer ports changed: 30176 -> 30174
17:53:31 ipsec KA remove: <VPN server IP>[4500]-><windows client ip>[30176]
17:53:31 ipsec,debug KA tree dump: <VPN server IP>[4500]-><windows client ip>[30176] (in_use=2)
17:53:31 ipsec,debug KA tree dump: <VPN server IP>[4500]-><windows client ip>[30176] (in_use=1)
17:53:31 ipsec,debug KA tree dump: <VPN server IP>[4500]-><windows client ip>[30176] (in_use=1)
17:53:31 ipsec,debug KA tree dump: <VPN server IP>[4500]-><windows client ip>[30176] (in_use=1)
17:53:31 ipsec,debug KA removing this one...
17:53:31 ipsec KA list add: <VPN server IP>[4500]-><windows client ip>[30174]
17:53:31 ipsec payload seen: SKF (540 bytes)
17:53:31 ipsec processing payload: ENC (not found)
17:53:31 ipsec processing payload: SKF
17:53:31 ipsec,debug => iv (size 0x8)
17:53:31 ipsec,debug f9733486 d631bf46
17:53:31 ipsec,debug decrypted fragment 1 out of 6
17:53:31 ipsec,debug,packet => plain fragment (size 0x1f8)
17:53:31 ipsec,debug need more fragments
17:53:31 ipsec,debug ===== received 568 bytes from <windows client ip>[30174] to <VPN server IP>[4500]
17:53:31 ipsec -> ike2 request, exchange: AUTH:1 <windows client ip>[30174] 9957669d0684d48e:4de4511a30bd32f7
17:53:31 ipsec payload seen: SKF (540 bytes)
17:53:31 ipsec processing payload: ENC (not found)
17:53:31 ipsec processing payload: SKF
17:53:31 ipsec,debug => iv (size 0x8)
17:53:31 ipsec,debug e42cc098 573a318a
17:53:31 ipsec,debug decrypted fragment 2 out of 6
17:53:31 ipsec,debug,packet => plain fragment (size 0x1f8)
17:53:31 ipsec,debug need more fragments
17:53:31 ipsec,debug ===== received 568 bytes from <windows client ip>[30174] to <VPN server IP>[4500]
17:53:31 ipsec -> ike2 request, exchange: AUTH:1 <windows client ip>[30174] 9957669d0684d48e:4de4511a30bd32f7
17:53:31 ipsec payload seen: SKF (540 bytes)
17:53:31 ipsec processing payload: ENC (not found)
17:53:31 ipsec processing payload: SKF
17:53:31 ipsec,debug => iv (size 0x8)
17:53:31 ipsec,debug a3f02ae5 47a268fa
17:53:31 ipsec,debug decrypted fragment 3 out of 6
17:53:31 ipsec,debug,packet => plain fragment (size 0x1f8)
17:53:31 ipsec,debug need more fragments
17:53:31 ipsec,debug ===== received 568 bytes from <windows client ip>[30174] to <VPN server IP>[4500]
17:53:31 ipsec -> ike2 request, exchange: AUTH:1 <windows client ip>[30174] 9957669d0684d48e:4de4511a30bd32f7
17:53:31 ipsec payload seen: SKF (540 bytes)
17:53:31 ipsec processing payload: ENC (not found)
17:53:31 ipsec processing payload: SKF
17:53:31 ipsec,debug => iv (size 0x8)
17:53:31 ipsec,debug 3bd7df66 6ff0437b
17:53:31 ipsec,debug decrypted fragment 4 out of 6
17:53:31 ipsec,debug,packet => plain fragment (size 0x1f8)
17:53:31 ipsec,debug need more fragments
17:53:31 ipsec,debug ===== received 568 bytes from <windows client ip>[30174] to <VPN server IP>[4500]
17:53:31 ipsec -> ike2 request, exchange: AUTH:1 <windows client ip>[30174] 9957669d0684d48e:4de4511a30bd32f7
17:53:31 ipsec payload seen: SKF (540 bytes)
17:53:31 ipsec processing payload: ENC (not found)
17:53:31 ipsec processing payload: SKF
17:53:31 ipsec,debug => iv (size 0x8)
17:53:31 ipsec,debug 0d565343 8e79c9c8
17:53:31 ipsec,debug decrypted fragment 5 out of 6
17:53:31 ipsec,debug,packet => plain fragment (size 0x1f8)
17:53:31 ipsec,debug need more fragments
17:53:31 ipsec,debug ===== received 304 bytes from <windows client ip>[30174] to <VPN server IP>[4500]
17:53:31 ipsec -> ike2 request, exchange: AUTH:1 <windows client ip>[30174] 9957669d0684d48e:4de4511a30bd32f7
17:53:31 ipsec payload seen: SKF (276 bytes)
17:53:31 ipsec processing payload: ENC (not found)
17:53:31 ipsec processing payload: SKF
17:53:31 ipsec,debug => iv (size 0x8)
17:53:31 ipsec,debug 6cac02ea 2fb308d8
17:53:31 ipsec,debug decrypted fragment 6 out of 6
17:53:31 ipsec,debug,packet => plain fragment (size 0xf4)
17:53:31 ipsec,debug reassembling fragments
17:53:31 ipsec,debug,packet => decrypted packet (size 0xae8)
17:53:31 ipsec payload seen: ID_I (46 bytes)
17:53:31 ipsec payload seen: CERT (1405 bytes)
17:53:31 ipsec payload seen: CERTREQ (685 bytes)
17:53:31 ipsec payload seen: AUTH (264 bytes)
17:53:31 ipsec payload seen: NOTIFY (8 bytes)
17:53:31 ipsec payload seen: CONFIG (36 bytes)
17:53:31 ipsec payload seen: SA (192 bytes)
17:53:31 ipsec payload seen: TS_I (64 bytes)
17:53:31 ipsec payload seen: TS_R (64 bytes)
17:53:31 ipsec processing payloads: NOTIFY
17:53:31 ipsec notify: MOBIKE_SUPPORTED
17:53:31 ipsec ike auth: respond
17:53:31 ipsec processing payload: ID_I
17:53:31 ipsec ID_I (DER DN): <Windows client machine fqdn>
17:53:31 ipsec processing payload: ID_R (not found)
17:53:31 ipsec processing payload: AUTH
17:53:31 ipsec processing payload: CERT
17:53:31 ipsec got CERT: <Windows client machine fqdn>
17:53:31 ipsec,debug => certificate (size 0x578)
17:53:31 ipsec,error identity not found for peer: DER DN: <Windows client machine fqdn>
17:53:31 ipsec reply notify: AUTHENTICATION_FAILED
17:53:31 ipsec adding notify: AUTHENTICATION_FAILED
17:53:31 ipsec,debug => (size 0x8)
17:53:31 ipsec,debug 00000008 00000018
17:53:31 ipsec <- ike2 reply, exchange: AUTH:1 <windows client ip>[30174] 9957669d0684d48e:4de4511a30bd32f7
17:53:31 ipsec,debug,packet => outgoing plain packet (size 0x24)
17:53:31 ipsec,debug,packet 9957669d 0684d48e 4de4511a 30bd32f7 29202320 00000001 00000024 00000008
17:53:31 ipsec,debug,packet 00000018
17:53:31 ipsec adding payload: ENC
17:53:31 ipsec,debug => (size 0x38)
17:53:31 ipsec,debug 29000038 68830be0 609ed7d7 f32bdb0e b07c8b2f bfe182fc ec0b82b8 9e8b29ec
17:53:31 ipsec,debug 6c4abe90 f53a9d1b 6c3b1968 5cb869fe 8defc1ed 6627eeb2
17:53:31 ipsec,debug ===== sending 84 bytes from <VPN server IP>[4500] to <windows client ip>[30174]
17:53:31 ipsec,debug 1 times of 88 bytes message will be sent to <windows client ip>[30174]
17:53:31 ipsec,debug,packet 9957669d 0684d48e 4de4511a 30bd32f7 2e202320 00000001 00000054 29000038
17:53:31 ipsec,debug,packet 68830be0 609ed7d7 f32bdb0e b07c8b2f bfe182fc ec0b82b8 9e8b29ec 6c4abe90
17:53:31 ipsec,debug,packet f53a9d1b 6c3b1968 1615eb34 6ff63153 ff394c4c
17:53:31 ipsec,info killing ike2 SA: ipsec-IKEv2 <VPN server IP>[4500]-<windows client ip>[30174] spi:4de4511a30bd32f7:9957669d0684d48e
17:53:31 ipsec KA remove: <VPN server IP>[4500]-><windows client ip>[30174]
17:53:31 ipsec,debug KA tree dump: <VPN server IP>[4500]-><windows client ip>[30174] (in_use=2)
17:53:31 ipsec,debug KA tree dump: <VPN server IP>[4500]-><windows client ip>[30174] (in_use=1)
17:53:31 ipsec,debug KA tree dump: <VPN server IP>[4500]-><windows client ip>[30174] (in_use=1)
17:53:31 ipsec,debug KA tree dump: <VPN server IP>[4500]-><windows client ip>[30174] (in_use=1)