Code:
[L2L][UP][IPsec][@3:Nord IPSec]
Delete exist flowstate of static route 0A060003/FFFFFFFF ...
VPN[3] add IKEv2 EAP static route 10.6.0.3/32
## IKEv2 DBG : Process Packet : #200 CHILD SA Established, REPLACE after 899 seconds
## IKEv2 DBG : IKESA inR2 : Profile[2] Nord IPSec use NAT mode traffic selector type IKEv2_TS_IPV4_ADDR_RANGE tsi[10.6.0.3:10.6.0.3] tsr[0.0.0.0:255.255.255.255]
## IKEv2 DBG : Proc CP reply : Get new IP address 10.6.0.3 subnet mask 32
## IKEv2 DBG : Recv IKEv2_AUTH[35] Reply from 194.36.110.181, Peer is IKEv2 Responder
## IKEv2 DBG : Process Packet : #200 IKEv2_EAP_STATE_COMPLETE status STATE_EAP_CONTINUE --> STATE_PARENT_I2
## IKEv2 DBG : EAP SUCCESS
## IKEv2 DBG : EAP continue : eap_msg.code = IKEv2_EAP_SUCCESS[3] eap_msg.type = 0??[0]
## IKEv2 DBG : Recv IKEv2_AUTH[35] Reply from 194.36.110.181, Peer is IKEv2 Responder
## IKEv2 DBG : EAP continue : eap_msg.code = IKEv2_EAP_REQUEST[1] eap_msg.type = IKEv2_EAP_MSCHAPV2[26]
## IKEv2 DBG : Recv IKEv2_AUTH[35] Reply from 194.36.110.181, Peer is IKEv2 Responder
## IKEv2 DBG : EAP continue : eap_msg.code = IKEv2_EAP_REQUEST[1] eap_msg.type = IKEv2_EAP_MSCHAPV2[26]
## IKEv2 DBG : Recv IKEv2_AUTH[35] Reply from 194.36.110.181, Peer is IKEv2 Responder
## IKEv2 DBG : EAP continue : Receive unsupported EAP Type IKEv2_EAP_PEAP[25], send EAP NAK IKEv2_EAP_MSCHAPV2[26]
## IKEv2 DBG : EAP continue : eap_msg.code = IKEv2_EAP_REQUEST[1] eap_msg.type = IKEv2_EAP_PEAP[25]
## IKEv2 DBG : Recv IKEv2_AUTH[35] Reply from 194.36.110.181, Peer is IKEv2 Responder
## IKEv2 DBG : EAP_START I : Receive IKEv2_EAP_REQUEST[1] ID = 0 Type = IKEv2_EAP_IDENTITY[1]
## IKEv2 DBG : intermediate certificate validated
Verify X509 CERT : Certificate not trusted
## IKEv2 DBG : IKESA inI2_outR2 : Peer accept EAP ...
## IKEv2 DBG : Unexpected payload : 0x8000
## IKEv2 DBG : Recv IKEv2_AUTH[35] Reply from 194.36.110.181, Peer is IKEv2 Responder
## IKEv2 DBG : Out CP : request new virtual ip
## IKEv2 DBG : IKESA inR1_outI2 : #199 IKE SA Established, REPLACE after 2686 seconds
## IKEv2 DBG : IKESA inR1_outI2 : Create Child SA #200, IKE SA is #199
## IKEv2 DBG : IKESA inR1_outI2 : L2L Nord IPSec IKEv2 EAP : use NAT mode
## IKEv2 DBG : NAT_T Lookup : Peer is behind NAT
## IKEv2 DBG : IKESA inR1_outI2 : Receive Notify (null)[16404], ignore it
## IKEv2 DBG : IKESA inR1_outI2 : Receive Notify IKEv2_NAT_DETECTION_DESTINATION_IP[16389]
## IKEv2 DBG : IKESA inR1_outI2 : Receive Notify IKEv2_NAT_DETECTION_SOURCE_IP[16388]
## IKEv2 DBG : Received IKEv2 Notify (null)[16404]
## IKEv2 DBG : Received IKEv2 Notify IKEv2_NAT_DETECTION_DESTINATION_IP[16389]
## IKEv2 DBG : Received IKEv2 Notify IKEv2_NAT_DETECTION_SOURCE_IP[16388]
## IKEv2 DBG : Recv IKEv2_SA_INIT[34] Reply from 194.36.110.181, Peer is IKEv2 Responder
## IKEv2 DBG : IKESA outI1 : Create IKE SA #199 Profile Index 3
SET L2L profile[2] : Nord IPSec policy with POLICY_EAP_OUT
Dialing Node3 (Nord IPSec) :
