FransUrbo/Strongswan+RADIUS - logs

## Strongswan+RADIUS - logs
May 22 11:55:21 jumpbox charon: 05[NET] received packet: from REMOTE_NAT_IP[60440] to LOCAL_VPN_IP[500] (792 bytes)
May 22 11:55:21 jumpbox charon: 05[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
May 22 11:55:21 jumpbox charon: 05[IKE] REMOTE_NAT_IP is initiating an IKE_SA
May 22 11:55:21 jumpbox charon: 05[IKE] local host is behind NAT, sending keep alives
May 22 11:55:21 jumpbox charon: 05[IKE] remote host is behind NAT
May 22 11:55:21 jumpbox charon: 05[IKE] DH group ECP_256 inacceptable, requesting MODP_2048
May 22 11:55:21 jumpbox charon: 05[ENC] generating IKE_SA_INIT response 0 [ N(INVAL_KE) ]
May 22 11:55:21 jumpbox charon: 05[NET] sending packet: from LOCAL_VPN_IP[500] to REMOTE_NAT_IP[60440] (38 bytes)
May 22 11:55:21 jumpbox charon: 07[NET] received packet: from REMOTE_NAT_IP[60440] to LOCAL_VPN_IP[500] (984 bytes)
May 22 11:55:21 jumpbox charon: 07[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
May 22 11:55:21 jumpbox charon: 07[IKE] REMOTE_NAT_IP is initiating an IKE_SA
May 22 11:55:21 jumpbox charon: 07[IKE] local host is behind NAT, sending keep alives
May 22 11:55:21 jumpbox charon: 07[IKE] remote host is behind NAT
May 22 11:55:21 jumpbox charon: 07[IKE] sending cert request for "CA_CERT_DN"
May 22 11:55:21 jumpbox charon: 07[IKE] sending cert request for "CA_CERT_DN_OTHER"
May 22 11:55:21 jumpbox charon: 07[IKE] sending cert request for "CA_CERT_DN"
May 22 11:55:21 jumpbox charon: 07[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(MULT_AUTH) ]
May 22 11:55:21 jumpbox charon: 07[NET] sending packet: from LOCAL_VPN_IP[500] to REMOTE_NAT_IP[60440] (529 bytes)
May 22 11:55:21 jumpbox charon: 09[NET] received packet: from REMOTE_NAT_IP[64916] to LOCAL_VPN_IP[4500] (348 bytes)
May 22 11:55:21 jumpbox charon: 09[ENC] parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) CERTREQ CPRQ(ADDR DNS NBNS) SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
May 22 11:55:21 jumpbox charon: 09[IKE] received cert request for "CA_CERT_DN"
May 22 11:55:21 jumpbox charon: 09[CFG] looking for peer configs matching LOCAL_VPN_IP[%any]...REMOTE_NAT_IP[griffio]
May 22 11:55:21 jumpbox charon: 09[CFG] selected peer config 'client_radius'
May 22 11:55:21 jumpbox charon: 09[IKE] initiating EAP_IDENTITY method (id 0x00)
May 22 11:55:21 jumpbox charon: 09[IKE] peer supports MOBIKE
May 22 11:55:21 jumpbox charon: 09[IKE] authentication of 'vpn.domain.tld' (myself) with RSA_EMSA_PKCS1_SHA256 successful
May 22 11:55:21 jumpbox charon: 09[IKE] sending end entity cert "HOST_CERT_VPN_BOX"
May 22 11:55:21 jumpbox charon: 09[ENC] generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
May 22 11:55:21 jumpbox charon: 09[ENC] splitting IKE message with length of 1692 bytes into 4 fragments
May 22 11:55:21 jumpbox charon: 09[ENC] generating IKE_AUTH response 1 [ EF(1/4) ]
May 22 11:55:21 jumpbox charon: 09[ENC] generating IKE_AUTH response 1 [ EF(2/4) ]
May 22 11:55:21 jumpbox charon: 09[ENC] generating IKE_AUTH response 1 [ EF(3/4) ]
May 22 11:55:21 jumpbox charon: 09[ENC] generating IKE_AUTH response 1 [ EF(4/4) ]
May 22 11:55:21 jumpbox charon: 09[NET] sending packet: from LOCAL_VPN_IP[4500] to REMOTE_NAT_IP[64916] (544 bytes)
May 22 11:55:21 jumpbox charon: message repeated 2 times: [ 09[NET] sending packet: from LOCAL_VPN_IP[4500] to REMOTE_NAT_IP[64916] (544 bytes)]
May 22 11:55:21 jumpbox charon: 09[NET] sending packet: from LOCAL_VPN_IP[4500] to REMOTE_NAT_IP[64916] (256 bytes)
May 22 11:55:21 jumpbox charon: 11[NET] received packet: from REMOTE_NAT_IP[64916] to LOCAL_VPN_IP[4500] (92 bytes)
May 22 11:55:21 jumpbox charon: 11[ENC] parsed IKE_AUTH request 2 [ EAP/RES/ID ]
May 22 11:55:21 jumpbox charon: 11[IKE] received EAP identity 'griffio'
May 22 11:55:21 jumpbox charon: 11[CFG] sending RADIUS Access-Request to server 'primary'
May 22 11:55:21 jumpbox charon: 11[CFG] received RADIUS Access-Challenge from server 'primary'
May 22 11:55:21 jumpbox charon: 11[IKE] initiating EAP_MD5 method (id 0x01)
May 22 11:55:21 jumpbox charon: 11[ENC] generating IKE_AUTH response 2 [ EAP/REQ/MD5 ]
May 22 11:55:21 jumpbox charon: 11[NET] sending packet: from LOCAL_VPN_IP[4500] to REMOTE_NAT_IP[64916] (92 bytes)
May 22 11:55:21 jumpbox charon: 12[NET] received packet: from REMOTE_NAT_IP[64916] to LOCAL_VPN_IP[4500] (92 bytes)
May 22 11:55:21 jumpbox charon: 12[ENC] parsed IKE_AUTH request 3 [ EAP/RES/MD5 ]
May 22 11:55:21 jumpbox charon: 12[CFG] sending RADIUS Access-Request to server 'primary'
May 22 11:55:22 jumpbox charon: 12[CFG] received RADIUS Access-Reject from server 'primary'
May 22 11:55:22 jumpbox charon: 12[IKE] RADIUS authentication of 'griffio' failed
May 22 11:55:22 jumpbox charon: 12[IKE] EAP method EAP_MD5 failed for peer griffio
May 22 11:55:22 jumpbox charon: 12[ENC] generating IKE_AUTH response 3 [ EAP/FAIL ]
May 22 11:55:22 jumpbox charon: 12[NET] sending packet: from LOCAL_VPN_IP[4500] to REMOTE_NAT_IP[64916] (76 bytes)
	May 22 11:55:21 jumpbox charon: 05[NET] received packet: from REMOTE_NAT_IP[60440] to LOCAL_VPN_IP[500] (792 bytes)
	May 22 11:55:21 jumpbox charon: 05[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
	May 22 11:55:21 jumpbox charon: 05[IKE] REMOTE_NAT_IP is initiating an IKE_SA
	May 22 11:55:21 jumpbox charon: 05[IKE] local host is behind NAT, sending keep alives
	May 22 11:55:21 jumpbox charon: 05[IKE] remote host is behind NAT
	May 22 11:55:21 jumpbox charon: 05[IKE] DH group ECP_256 inacceptable, requesting MODP_2048
	May 22 11:55:21 jumpbox charon: 05[ENC] generating IKE_SA_INIT response 0 [ N(INVAL_KE) ]
	May 22 11:55:21 jumpbox charon: 05[NET] sending packet: from LOCAL_VPN_IP[500] to REMOTE_NAT_IP[60440] (38 bytes)
	May 22 11:55:21 jumpbox charon: 07[NET] received packet: from REMOTE_NAT_IP[60440] to LOCAL_VPN_IP[500] (984 bytes)
	May 22 11:55:21 jumpbox charon: 07[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
	May 22 11:55:21 jumpbox charon: 07[IKE] REMOTE_NAT_IP is initiating an IKE_SA
	May 22 11:55:21 jumpbox charon: 07[IKE] local host is behind NAT, sending keep alives
	May 22 11:55:21 jumpbox charon: 07[IKE] remote host is behind NAT
	May 22 11:55:21 jumpbox charon: 07[IKE] sending cert request for "CA_CERT_DN"
	May 22 11:55:21 jumpbox charon: 07[IKE] sending cert request for "CA_CERT_DN_OTHER"
	May 22 11:55:21 jumpbox charon: 07[IKE] sending cert request for "CA_CERT_DN"
	May 22 11:55:21 jumpbox charon: 07[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(MULT_AUTH) ]
	May 22 11:55:21 jumpbox charon: 07[NET] sending packet: from LOCAL_VPN_IP[500] to REMOTE_NAT_IP[60440] (529 bytes)
	May 22 11:55:21 jumpbox charon: 09[NET] received packet: from REMOTE_NAT_IP[64916] to LOCAL_VPN_IP[4500] (348 bytes)
	May 22 11:55:21 jumpbox charon: 09[ENC] parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) CERTREQ CPRQ(ADDR DNS NBNS) SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(MULT_AUTH) N(EAP_ONLY) ]
	May 22 11:55:21 jumpbox charon: 09[IKE] received cert request for "CA_CERT_DN"
	May 22 11:55:21 jumpbox charon: 09[CFG] looking for peer configs matching LOCAL_VPN_IP[%any]...REMOTE_NAT_IP[griffio]
	May 22 11:55:21 jumpbox charon: 09[CFG] selected peer config 'client_radius'
	May 22 11:55:21 jumpbox charon: 09[IKE] initiating EAP_IDENTITY method (id 0x00)
	May 22 11:55:21 jumpbox charon: 09[IKE] peer supports MOBIKE
	May 22 11:55:21 jumpbox charon: 09[IKE] authentication of 'vpn.domain.tld' (myself) with RSA_EMSA_PKCS1_SHA256 successful
	May 22 11:55:21 jumpbox charon: 09[IKE] sending end entity cert "HOST_CERT_VPN_BOX"
	May 22 11:55:21 jumpbox charon: 09[ENC] generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
	May 22 11:55:21 jumpbox charon: 09[ENC] splitting IKE message with length of 1692 bytes into 4 fragments
	May 22 11:55:21 jumpbox charon: 09[ENC] generating IKE_AUTH response 1 [ EF(1/4) ]
	May 22 11:55:21 jumpbox charon: 09[ENC] generating IKE_AUTH response 1 [ EF(2/4) ]
	May 22 11:55:21 jumpbox charon: 09[ENC] generating IKE_AUTH response 1 [ EF(3/4) ]
	May 22 11:55:21 jumpbox charon: 09[ENC] generating IKE_AUTH response 1 [ EF(4/4) ]
	May 22 11:55:21 jumpbox charon: 09[NET] sending packet: from LOCAL_VPN_IP[4500] to REMOTE_NAT_IP[64916] (544 bytes)
	May 22 11:55:21 jumpbox charon: message repeated 2 times: [ 09[NET] sending packet: from LOCAL_VPN_IP[4500] to REMOTE_NAT_IP[64916] (544 bytes)]
	May 22 11:55:21 jumpbox charon: 09[NET] sending packet: from LOCAL_VPN_IP[4500] to REMOTE_NAT_IP[64916] (256 bytes)
	May 22 11:55:21 jumpbox charon: 11[NET] received packet: from REMOTE_NAT_IP[64916] to LOCAL_VPN_IP[4500] (92 bytes)
	May 22 11:55:21 jumpbox charon: 11[ENC] parsed IKE_AUTH request 2 [ EAP/RES/ID ]
	May 22 11:55:21 jumpbox charon: 11[IKE] received EAP identity 'griffio'
	May 22 11:55:21 jumpbox charon: 11[CFG] sending RADIUS Access-Request to server 'primary'
	May 22 11:55:21 jumpbox charon: 11[CFG] received RADIUS Access-Challenge from server 'primary'
	May 22 11:55:21 jumpbox charon: 11[IKE] initiating EAP_MD5 method (id 0x01)
	May 22 11:55:21 jumpbox charon: 11[ENC] generating IKE_AUTH response 2 [ EAP/REQ/MD5 ]
	May 22 11:55:21 jumpbox charon: 11[NET] sending packet: from LOCAL_VPN_IP[4500] to REMOTE_NAT_IP[64916] (92 bytes)
	May 22 11:55:21 jumpbox charon: 12[NET] received packet: from REMOTE_NAT_IP[64916] to LOCAL_VPN_IP[4500] (92 bytes)
	May 22 11:55:21 jumpbox charon: 12[ENC] parsed IKE_AUTH request 3 [ EAP/RES/MD5 ]
	May 22 11:55:21 jumpbox charon: 12[CFG] sending RADIUS Access-Request to server 'primary'
	May 22 11:55:22 jumpbox charon: 12[CFG] received RADIUS Access-Reject from server 'primary'
	May 22 11:55:22 jumpbox charon: 12[IKE] RADIUS authentication of 'griffio' failed
	May 22 11:55:22 jumpbox charon: 12[IKE] EAP method EAP_MD5 failed for peer griffio
	May 22 11:55:22 jumpbox charon: 12[ENC] generating IKE_AUTH response 3 [ EAP/FAIL ]
	May 22 11:55:22 jumpbox charon: 12[NET] sending packet: from LOCAL_VPN_IP[4500] to REMOTE_NAT_IP[64916] (76 bytes)