Nov 24 20:10:02 e540 kernel: [   16.189538] audit: type=1400 audit(1637806199.132:9): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/lib/ipsec/stroke" pid=720 comm="apparmor_parser"
Nov 24 20:10:11 e540 systemd[1]: Started strongSwan IPsec IKEv1/IKEv2 daemon using ipsec.conf.
Nov 24 20:10:11 e540 systemd[1]: Starting LSB: layer 2 tunelling protocol daemon...
Nov 24 20:10:11 e540 xl2tpd[965]: Not looking for kernel SAref support.
Nov 24 20:10:12 e540 kernel: [   29.154013] l2tp_core: L2TP core driver, V2.0
Nov 24 20:10:12 e540 kernel: [   29.168688] l2tp_netlink: L2TP netlink interface
Nov 24 20:10:12 e540 xl2tpd[965]: Using l2tp kernel support.
Nov 24 20:10:12 e540 xl2tpd[955]: Starting xl2tpd: xl2tpd.
Nov 24 20:10:12 e540 systemd[1]: Started LSB: layer 2 tunelling protocol daemon.
Nov 24 20:10:12 e540 xl2tpd[983]: xl2tpd version xl2tpd-1.3.16 started on e540 PID:983
Nov 24 20:10:12 e540 xl2tpd[983]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
Nov 24 20:10:12 e540 xl2tpd[983]: Forked by Scott Balmos and David Stipp, (C) 2001
Nov 24 20:10:12 e540 xl2tpd[983]: Inherited by Jeff McAdams, (C) 2002
Nov 24 20:10:12 e540 xl2tpd[983]: Forked again by Xelerance (www.xelerance.com) (C) 2006-2016
Nov 24 20:10:12 e540 xl2tpd[983]: Listening on IP address 0.0.0.0, port 1701
Nov 24 20:10:12 e540 kernel: [   29.180823] l2tp_ppp: PPPoL2TP kernel driver, V2.0
Nov 24 20:10:12 e540 ipsec[953]: Starting strongSwan 5.9.4 IPsec [starter]...
Nov 24 20:10:12 e540 charon: 00[DMN] Starting IKE charon daemon (strongSwan 5.9.4, Linux 5.13.0-19-generic, x86_64)
Nov 24 20:10:12 e540 kernel: [   29.419507] Initializing XFRM netlink socket
Nov 24 20:10:12 e540 charon: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Nov 24 20:10:12 e540 charon: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Nov 24 20:10:12 e540 charon: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Nov 24 20:10:12 e540 charon: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Nov 24 20:10:12 e540 charon: 00[CFG] loading crls from '/etc/ipsec.d/crls'
Nov 24 20:10:12 e540 charon: 00[CFG] loading secrets from '/etc/ipsec.secrets'
Nov 24 20:10:12 e540 charon: 00[CFG]   loaded IKE secret for %any
Nov 24 20:10:12 e540 charon: 00[LIB] loaded plugins: charon aesni aes rc2 sha2 sha1 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp agent xcbc hmac gcm drbg attr kernel-netlink resolve socket-default connmark stroke updown eap-mschapv2 xauth-generic counters
Nov 24 20:10:12 e540 charon: 00[LIB] dropped capabilities, running as uid 0, gid 0
Nov 24 20:10:12 e540 charon: 00[JOB] spawning 16 worker threads
Nov 24 20:10:12 e540 ipsec[953]: charon (986) started after 200 ms
Nov 24 20:10:12 e540 charon: 06[CFG] received stroke: add connection 'myvp7'
Nov 24 20:10:12 e540 charon: 06[CFG] added configuration 'myvp7'
Nov 24 20:10:12 e540 charon: 08[CFG] received stroke: add connection 'myvp8'
Nov 24 20:10:12 e540 charon: 08[CFG] added configuration 'myvp8'
Nov 24 20:11:44 e540 charon: 05[CFG] received stroke: initiate 'myvp7'
Nov 24 20:11:44 e540 charon: 06[IKE] initiating Main Mode IKE_SA myvp7[1] to 2.i.p.7
Nov 24 20:11:44 e540 charon: 06[ENC] generating ID_PROT request 0 [ SA V V V V V ]
Nov 24 20:11:44 e540 charon: 09[ENC] parsed ID_PROT response 0 [ SA V V V ]
Nov 24 20:11:44 e540 charon: 09[IKE] received XAuth vendor ID
Nov 24 20:11:44 e540 charon: 09[IKE] received DPD vendor ID
Nov 24 20:11:44 e540 charon: 09[IKE] received NAT-T (RFC 3947) vendor ID
Nov 24 20:11:44 e540 charon: 09[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
Nov 24 20:11:44 e540 charon: 09[ENC] generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
Nov 24 20:11:45 e540 charon: 08[ENC] parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
Nov 24 20:11:45 e540 charon: 08[IKE] local host is behind NAT, sending keep alives
Nov 24 20:11:45 e540 charon: 08[ENC] generating ID_PROT request 0 [ ID HASH N(INITIAL_CONTACT) ]
Nov 24 20:11:45 e540 charon: 07[ENC] parsed ID_PROT response 0 [ ID HASH ]
Nov 24 20:11:45 e540 charon: 07[IKE] IKE_SA myvp7[1] established between 1.i.p.2[1.i.p.2]...2.i.p.7[2.i.p.7]
Nov 24 20:11:45 e540 charon: 07[IKE] scheduling reauthentication in 3377s
Nov 24 20:11:45 e540 charon: 07[IKE] maximum IKE_SA lifetime 3557s
Nov 24 20:11:45 e540 charon: 07[ENC] generating QUICK_MODE request 3503002686 [ HASH SA No ID ID NAT-OA NAT-OA ]
Nov 24 20:11:45 e540 charon: 10[ENC] parsed QUICK_MODE response 3503002686 [ HASH SA No ID ID NAT-OA NAT-OA ]
Nov 24 20:11:45 e540 charon: 10[CFG] selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
Nov 24 20:11:45 e540 charon: 10[IKE] CHILD_SA myvp7{1} established with SPIs cc4868be_i c6b0c6b8_o and TS 1.i.p.2/32[udp/l2f] === 2.i.p.7/32[udp/l2f]
Nov 24 20:11:45 e540 charon: 10[ENC] generating QUICK_MODE request 3503002686 [ HASH ]
Nov 24 20:11:45 e540 xl2tpd[983]: Connecting to host 2.i.p.7, port 1701
Nov 24 20:11:45 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:45 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet.  call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet.  call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:46 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:46 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet.  call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet.  call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:48 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:48 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet.  call = 39202, tunnel = 105 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet.  call = 39202, tunnel = 12 Dumping.
Nov 24 20:11:52 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:11:52 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet.  call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 12 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet.  call = 39202, tunnel = 12 Dumping.
Nov 24 20:12:00 e540 xl2tpd[983]: Can not find tunnel 105 (refhim=0)
Nov 24 20:12:00 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet.  call = 39202, tunnel = 105 Dumping.
Nov 24 20:12:16 e540 xl2tpd[983]: Maximum retries exceeded for tunnel 39202.  Closing.
Nov 24 20:12:16 e540 xl2tpd[983]: Connection 0 closed to 2.i.p.7, port 1701 (Timeout)
Nov 24 20:12:16 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:16 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet.  call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:17 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:17 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet.  call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:19 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:19 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet.  call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:23 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:23 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet.  call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:31 e540 xl2tpd[983]: Can not find tunnel 45 (refhim=0)
Nov 24 20:12:31 e540 xl2tpd[983]: network_thread: unable to find call or tunnel to handle packet.  call = 39202, tunnel = 45 Dumping.
Nov 24 20:12:47 e540 xl2tpd[983]: Unable to deliver closing message for tunnel 39202. Destroying anyway.
Nov 24 20:13:16 e540 ipsec[986]: 00[DMN] Starting IKE charon daemon (strongSwan 5.9.4, Linux 5.13.0-19-generic, x86_64)
Nov 24 20:13:16 e540 ipsec[986]: 00[CFG] loading ca certificates from '/etc/ipsec.d/cacerts'
Nov 24 20:13:16 e540 ipsec[986]: 00[CFG] loading aa certificates from '/etc/ipsec.d/aacerts'
Nov 24 20:13:16 e540 ipsec[986]: 00[CFG] loading ocsp signer certificates from '/etc/ipsec.d/ocspcerts'
Nov 24 20:13:16 e540 ipsec[986]: 00[CFG] loading attribute certificates from '/etc/ipsec.d/acerts'
Nov 24 20:13:16 e540 ipsec[986]: 00[CFG] loading crls from '/etc/ipsec.d/crls'
Nov 24 20:13:16 e540 ipsec[986]: 00[CFG] loading secrets from '/etc/ipsec.secrets'
Nov 24 20:13:16 e540 ipsec[986]: 00[CFG]   loaded IKE secret for %any
Nov 24 20:13:16 e540 ipsec[986]: 00[LIB] loaded plugins: charon aesni aes rc2 sha2 sha1 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp agent xcbc hmac gcm drbg attr kernel-netlink resolve socket-default connmark stroke updown eap-mschapv2 xauth-generic counters
Nov 24 20:13:16 e540 ipsec[986]: 00[LIB] dropped capabilities, running as uid 0, gid 0
Nov 24 20:13:16 e540 ipsec[986]: 00[JOB] spawning 16 worker threads
Nov 24 20:13:16 e540 ipsec[986]: 06[CFG] received stroke: add connection 'myvp7'
Nov 24 20:13:16 e540 ipsec[986]: 06[CFG] added configuration 'myvp7'
Nov 24 20:13:16 e540 ipsec[986]: 08[CFG] received stroke: add connection 'myvp8'
Nov 24 20:13:16 e540 ipsec[986]: 08[CFG] added configuration 'myvp8'
Nov 24 20:13:16 e540 ipsec[986]: 05[CFG] received stroke: initiate 'myvp7'
Nov 24 20:13:16 e540 ipsec[986]: 06[IKE] initiating Main Mode IKE_SA myvp7[1] to 2.i.p.7
Nov 24 20:13:16 e540 ipsec[986]: 06[ENC] generating ID_PROT request 0 [ SA V V V V V ]
Nov 24 20:13:16 e540 ipsec[986]: 09[ENC] parsed ID_PROT response 0 [ SA V V V ]
Nov 24 20:13:16 e540 ipsec[986]: 09[IKE] received XAuth vendor ID
Nov 24 20:13:16 e540 ipsec[986]: 09[IKE] received DPD vendor ID
Nov 24 20:13:16 e540 ipsec[986]: 09[IKE] received NAT-T (RFC 3947) vendor ID
Nov 24 20:13:16 e540 ipsec[986]: 09[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048
Nov 24 20:13:16 e540 ipsec[986]: 09[ENC] generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
Nov 24 20:13:16 e540 ipsec[986]: 08[ENC] parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
Nov 24 20:13:16 e540 ipsec[986]: 08[IKE] local host is behind NAT, sending keep alives
Nov 24 20:13:16 e540 ipsec[986]: 08[ENC] generating ID_PROT request 0 [ ID HASH N(INITIAL_CONTACT) ]
Nov 24 20:13:16 e540 ipsec[986]: 07[ENC] parsed ID_PROT response 0 [ ID HASH ]
Nov 24 20:13:16 e540 ipsec[986]: 07[IKE] IKE_SA myvp7[1] established between 1.i.p.2[1.i.p.2]...2.i.p.7[2.i.p.7]
Nov 24 20:13:16 e540 ipsec[986]: 07[IKE] scheduling reauthentication in 3377s
Nov 24 20:13:16 e540 ipsec[986]: 07[IKE] maximum IKE_SA lifetime 3557s
Nov 24 20:13:16 e540 ipsec[986]: 07[ENC] generating QUICK_MODE request 3503002686 [ HASH SA No ID ID NAT-OA NAT-OA ]
Nov 24 20:13:16 e540 ipsec[986]: 10[ENC] parsed QUICK_MODE response 3503002686 [ HASH SA No ID ID NAT-OA NAT-OA ]
Nov 24 20:13:16 e540 ipsec[986]: 10[CFG] selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
Nov 24 20:13:16 e540 ipsec[986]: 10[IKE] CHILD_SA myvp7{1} established with SPIs cc4868be_i c6b0c6b8_o and TS 1.i.p.2/32[udp/l2f] === 2.i.p.7/32[udp/l2f]
Nov 24 20:13:16 e540 ipsec[986]: 10[ENC] generating QUICK_MODE request 3503002686 [ HASH ]
Nov 24 20:28:14 e540 charon: 07[KNL] creating rekey job for CHILD_SA ESP/0xc6b0c6b8/2.i.p.7
Nov 24 20:28:14 e540 charon: 05[ENC] generating QUICK_MODE request 3243461876 [ HASH SA No ID ID NAT-OA NAT-OA ]
Nov 24 20:28:14 e540 charon: 10[ENC] parsed QUICK_MODE response 3243461876 [ HASH SA No ID ID NAT-OA NAT-OA ]
Nov 24 20:28:14 e540 charon: 10[CFG] selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
Nov 24 20:28:14 e540 charon: 10[IKE] CHILD_SA myvp7{2} established with SPIs cc135e59_i c425137c_o and TS 1.i.p.2/32[udp/l2f] === 2.i.p.7/32[udp/l2f]
Nov 24 20:28:14 e540 charon: 10[ENC] generating QUICK_MODE request 3243461876 [ HASH ]
Nov 24 20:28:34 e540 charon: 15[KNL] creating rekey job for CHILD_SA ESP/0xcc4868be/1.i.p.2
Nov 24 20:29:59 e540 ipsec[986]: 07[KNL] creating rekey job for CHILD_SA ESP/0xc6b0c6b8/2.i.p.7
Nov 24 20:29:59 e540 ipsec[986]: 05[ENC] generating QUICK_MODE request 3243461876 [ HASH SA No ID ID NAT-OA NAT-OA ]
Nov 24 20:29:59 e540 ipsec[986]: 10[ENC] parsed QUICK_MODE response 3243461876 [ HASH SA No ID ID NAT-OA NAT-OA ]
Nov 24 20:29:59 e540 ipsec[986]: 10[CFG] selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
Nov 24 20:29:59 e540 ipsec[986]: 10[IKE] CHILD_SA myvp7{2} established with SPIs cc135e59_i c425137c_o and TS 1.i.p.2/32[udp/l2f] === 2.i.p.7/32[udp/l2f]
Nov 24 20:29:59 e540 ipsec[986]: 10[ENC] generating QUICK_MODE request 3243461876 [ HASH ]
Nov 24 20:29:59 e540 ipsec[986]: 15[KNL] creating rekey job for CHILD_SA ESP/0xcc4868be/1.i.p.2
Nov 24 20:31:45 e540 charon: 07[KNL] creating delete job for CHILD_SA ESP/0xcc4868be/1.i.p.2
Nov 24 20:31:45 e540 charon: 10[KNL] creating delete job for CHILD_SA ESP/0xc6b0c6b8/2.i.p.7
Nov 24 20:31:45 e540 charon: 05[IKE] closing expired CHILD_SA myvp7{1} with SPIs cc4868be_i c6b0c6b8_o and TS 1.i.p.2/32[udp/l2f] === 2.i.p.7/32[udp/l2f]
Nov 24 20:31:45 e540 charon: 05[IKE] sending DELETE for ESP CHILD_SA with SPI cc4868be
Nov 24 20:31:45 e540 charon: 11[JOB] CHILD_SA ESP/0xc6b0c6b8/2.i.p.7 not found for delete
Nov 24 20:33:00 e540 ipsec[986]: 07[KNL] creating delete job for CHILD_SA ESP/0xcc4868be/1.i.p.2
Nov 24 20:33:00 e540 ipsec[986]: 10[KNL] creating delete job for CHILD_SA ESP/0xc6b0c6b8/2.i.p.7
Nov 24 20:33:00 e540 ipsec[986]: 05[IKE] closing expired CHILD_SA myvp7{1} with SPIs cc4868be_i c6b0c6b8_o and TS 1.i.p.2/32[udp/l2f] === 2.i.p.7/32[udp/l2f]
Nov 24 20:33:00 e540 ipsec[986]: 05[IKE] sending DELETE for ESP CHILD_SA with SPI cc4868be
Nov 24 20:33:00 e540 ipsec[986]: 11[JOB] CHILD_SA ESP/0xc6b0c6b8/2.i.p.7 not found for delete