Mar  3 09:13:42: NSS DB directory: sql:/etc/ipsec/ipsec.d
Mar  3 09:13:42: Initializing NSS
Mar  3 09:13:42: Opening NSS database "sql:/etc/ipsec/ipsec.d" read-only
Mar  3 09:13:42: NSS initialized
Mar  3 09:13:42: NSS crypto library initialized
Mar  3 09:13:42: FIPS HMAC integrity support [disabled]
Mar  3 09:13:42: libcap-ng support [disabled]
Mar  3 09:13:42: Linux audit support [disabled]
Mar  3 09:13:42: Starting Pluto (Libreswan Version 3.20 XFRM(netkey) KLIPS USE_FORK USE_PTHREAD_SETSCHEDPRIO NSS XAUTH_PAM NETWORKMANAGER) pid:21642
Mar  3 09:13:42: core dump dir: /var/run/pluto/
Mar  3 09:13:42: secrets file: /etc/ipsec/ipsec.secrets
Mar  3 09:13:42: leak-detective disabled
Mar  3 09:13:42: NSS crypto [enabled]
Mar  3 09:13:42: XAUTH PAM support [enabled]
Mar  3 09:13:42: NAT-Traversal support  [enabled]
Mar  3 09:13:42: ENCRYPT aes_ccm_16:    IKEv1:     ESP     IKEv2:     ESP     FIPS  {256,192,*128}  (aes_ccm aes_ccm_c)
Mar  3 09:13:42: ENCRYPT aes_ccm_12:    IKEv1:     ESP     IKEv2:     ESP     FIPS  {256,192,*128}  (aes_ccm_b)
Mar  3 09:13:42: ENCRYPT aes_ccm_8:     IKEv1:     ESP     IKEv2:     ESP     FIPS  {256,192,*128}  (aes_ccm_a)
Mar  3 09:13:42: ENCRYPT 3des_cbc:      IKEv1: IKE ESP     IKEv2: IKE ESP     FIPS  [*192]  (3des)
Mar  3 09:13:42: ENCRYPT camellia_ctr:  IKEv1:     ESP     IKEv2:     ESP           {256,192,*128}
Mar  3 09:13:42: ENCRYPT camellia:      IKEv1: IKE ESP     IKEv2: IKE ESP           {256,192,*128}  (camellia_cbc)
Mar  3 09:13:42: ENCRYPT aes_gcm_16:    IKEv1: IKE ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  (aes_gcm aes_gcm_c)
Mar  3 09:13:42: ENCRYPT aes_gcm_12:    IKEv1: IKE ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  (aes_gcm_b)
Mar  3 09:13:42: ENCRYPT aes_gcm_8:     IKEv1: IKE ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  (aes_gcm_a)
Mar  3 09:13:42: ENCRYPT aes_ctr:       IKEv1: IKE ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  (aesctr)
Mar  3 09:13:42: ENCRYPT aes:           IKEv1: IKE ESP     IKEv2: IKE ESP     FIPS  {256,192,*128}  (aes_cbc)
Mar  3 09:13:42: ENCRYPT serpent:       IKEv1: IKE ESP     IKEv2: IKE ESP           {256,192,*128}  (serpent_cbc)
Mar  3 09:13:42: ENCRYPT twofish:       IKEv1: IKE ESP     IKEv2: IKE ESP           {256,192,*128}  (twofish_cbc)
Mar  3 09:13:42: ENCRYPT twofish_ssh:   IKEv1: IKE         IKEv2: IKE ESP           {256,192,*128}  (twofish_cbc_ssh)
Mar  3 09:13:42: ENCRYPT cast:          IKEv1:     ESP     IKEv2:     ESP           {*128}  (cast_cbc)
Mar  3 09:13:42: ENCRYPT null:          IKEv1:     ESP     IKEv2:     ESP           []
Mar  3 09:13:42: HASH md5:              IKEv1: IKE         IKEv2:                 
Mar  3 09:13:42: HASH sha:              IKEv1: IKE         IKEv2:             FIPS  (sha1)
Mar  3 09:13:42: HASH sha2_256:         IKEv1: IKE         IKEv2:             FIPS  (sha2 sha256)
Mar  3 09:13:42: HASH sha2_384:         IKEv1: IKE         IKEv2:             FIPS  (sha384)
Mar  3 09:13:42: HASH sha2_512:         IKEv1: IKE         IKEv2:             FIPS  (sha512)
Mar  3 09:13:42: PRF md5:               IKEv1: IKE         IKEv2: IKE               (hmac_md5)
Mar  3 09:13:42: PRF sha:               IKEv1: IKE         IKEv2: IKE         FIPS  (sha1 hmac_sha1)
Mar  3 09:13:42: PRF sha2_256:          IKEv1: IKE         IKEv2: IKE         FIPS  (sha2 sha256 hmac_sha2_256)
Mar  3 09:13:42: PRF sha2_384:          IKEv1: IKE         IKEv2: IKE         FIPS  (sha384 hmac_sha2_384)
Mar  3 09:13:42: PRF sha2_512:          IKEv1: IKE         IKEv2: IKE         FIPS  (sha512 hmac_sha2_512)
Mar  3 09:13:42: INTEG md5:             IKEv1: IKE ESP AH  IKEv2: IKE ESP AH        (hmac_md5 hmac_md5_96)
Mar  3 09:13:42: INTEG sha:             IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  (sha1 sha1_96 hmac_sha1 hmac_sha1_96)
Mar  3 09:13:42: INTEG sha2_512:        IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  (sha512 hmac_sha2_512 hmac_sha2_512_256)
Mar  3 09:13:42: INTEG sha2_384:        IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  (sha384 hmac_sha2_384 hmac_sha2_384_192)
Mar  3 09:13:42: INTEG sha2_256:        IKEv1: IKE ESP AH  IKEv2: IKE ESP AH  FIPS  (sha2 sha256 hmac_sha2_256 hmac_sha2_256_128)
Mar  3 09:13:42: INTEG aes_xcbc:        IKEv1:     ESP AH  IKEv2:     ESP AH  FIPS  (aes_xcbc_96)
Mar  3 09:13:42: INTEG aes_cmac:        IKEv1:     ESP AH  IKEv2:     ESP AH  FIPS  (aes_cmac_96)
Mar  3 09:13:42: INTEG ripemd:          IKEv1:     ESP AH  IKEv2:                   (hmac_ripemd hmac_ripemd_160_96)
Mar  3 09:13:42: DH MODP1024:           IKEv1: IKE         IKEv2: IKE               (dh2)
Mar  3 09:13:42: DH MODP1536:           IKEv1: IKE         IKEv2: IKE               (dh5)
Mar  3 09:13:42: DH MODP2048:           IKEv1: IKE         IKEv2: IKE         FIPS  (dh14)
Mar  3 09:13:42: DH MODP3072:           IKEv1: IKE         IKEv2: IKE         FIPS  (dh15)
Mar  3 09:13:42: DH MODP4096:           IKEv1: IKE         IKEv2: IKE         FIPS  (dh16)
Mar  3 09:13:42: DH MODP6144:           IKEv1: IKE         IKEv2: IKE         FIPS  (dh17)
Mar  3 09:13:42: DH MODP8192:           IKEv1: IKE         IKEv2: IKE         FIPS  (dh18)
Mar  3 09:13:42: DH DH19:               IKEv1: IKE         IKEv2: IKE         FIPS  (ecp_256)
Mar  3 09:13:42: DH DH20:               IKEv1: IKE         IKEv2: IKE         FIPS  (ecp_384)
Mar  3 09:13:42: DH DH21:               IKEv1: IKE         IKEv2: IKE         FIPS  (ecp_521)
Mar  3 09:13:42: DH DH23:               IKEv1: IKE         IKEv2: IKE         FIPS
Mar  3 09:13:42: DH DH24:               IKEv1: IKE         IKEv2: IKE         FIPS
Mar  3 09:13:42: starting up 1 crypto helpers
Mar  3 09:13:42: started thread for crypto helper 0 (master fd 11)
Mar  3 09:13:42: Using Linux XFRM/NETKEY IPsec interface code on 4.14.135-yocto-standard
Mar  3 09:13:42: seccomp security for crypto helper not supported
Mar  3 09:13:42: seccomp security not supported
Mar  3 09:13:43: added connection description "test2"
Mar  3 09:13:43: added connection description "v6neighbor-hole-in"
Mar  3 09:13:43: added connection description "v6neighbor-hole-out"
Mar  3 09:13:43: listening for IKE messages
Mar  3 09:13:43: adding interface eth0/eth0 192.168.2.35:500
Mar  3 09:13:43: adding interface eth0/eth0 192.168.2.35:4500
Mar  3 09:13:43: adding interface lo/lo 127.0.0.1:500
Mar  3 09:13:43: adding interface lo/lo 127.0.0.1:4500
Mar  3 09:13:43: adding interface eth0/eth0 2601:641:100:c400:290:fbff:fe4e:719d:500
Mar  3 09:13:43: adding interface lo/lo ::1:500
Mar  3 09:13:43: | setup callback for interface lo:500 fd 21
Mar  3 09:13:43: | setup callback for interface eth0:500 fd 20
Mar  3 09:13:43: | setup callback for interface lo:4500 fd 19
Mar  3 09:13:43: | setup callback for interface lo:500 fd 18
Mar  3 09:13:43: | setup callback for interface eth0:4500 fd 17
Mar  3 09:13:43: | setup callback for interface eth0:500 fd 16
Mar  3 09:13:43: loading secrets from "/etc/ipsec/ipsec.secrets"
Mar  3 09:13:43: loading secrets from "/etc/ipsec/ipsec.d/test.secrets"
Mar  3 09:13:53: "test2": deleting non-instance connection
Mar  3 09:13:53: added connection description "test2"
Mar  3 09:13:53: "test2" #1: initiating Main Mode
Mar  3 09:13:53: "test2" #1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2
Mar  3 09:13:53: "test2" #1: STATE_MAIN_I2: sent MI2, expecting MR2
Mar  3 09:13:53: "test2" #1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3
Mar  3 09:13:53: "test2" #1: STATE_MAIN_I3: sent MI3, expecting MR3
Mar  3 09:13:53: "test2" #1: Main mode peer ID is ID_FQDN: '@East'
Mar  3 09:13:53: "test2" #1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4
Mar  3 09:13:53: "test2" #1: STATE_MAIN_I4: ISAKMP SA established {auth=PRESHARED_KEY cipher=aes_256 integ=sha group=MODP2048}
Mar  3 09:13:53: "test2" #2: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP+IKEV1_ALLOW+IKEV2_ALLOW+SAREF_TRACK+IKE_FRAG_ALLOW+ESN_NO {using isakmp#1 msgid:04a126c4 proposal=defaults pfsgroup=MODP2048}
Mar  3 09:13:54: "test2" #2: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2
Mar  3 09:13:54: "test2" #2: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0xc3d07b73 <0xca2b97e6 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=passive}