IOS stellt keine Verbindung zu IKEv2 VPN auf pfSense her

Jan 18 12:18:11	charon		08[JOB] <con1|197> deleting half open IKE_SA after timeout
Jan 18 12:17:42	charon		13[NET] <con1|197> sending packet: from 201.08.15.23[4500] to 13.37.13.37[61621] (280 bytes)
Jan 18 12:17:42	charon		13[NET] <con1|197> sending packet: from 201.08.15.23[4500] to 13.37.13.37[61621] (544 bytes)
Jan 18 12:17:42	charon		13[NET] <con1|197> sending packet: from 201.08.15.23[4500] to 13.37.13.37[61621] (544 bytes)
Jan 18 12:17:42	charon		13[NET] <con1|197> sending packet: from 201.08.15.23[4500] to 13.37.13.37[61621] (544 bytes)
Jan 18 12:17:42	charon		13[ENC] <con1|197> generating IKE_AUTH response 1 [ EF(4/4) ]
Jan 18 12:17:42	charon		13[ENC] <con1|197> generating IKE_AUTH response 1 [ EF(3/4) ]
Jan 18 12:17:42	charon		13[ENC] <con1|197> generating IKE_AUTH response 1 [ EF(2/4) ]
Jan 18 12:17:42	charon		13[ENC] <con1|197> generating IKE_AUTH response 1 [ EF(1/4) ]
Jan 18 12:17:42	charon		13[ENC] <con1|197> splitting IKE message with length of 1740 bytes into 4 fragments
Jan 18 12:17:42	charon		13[ENC] <con1|197> generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
Jan 18 12:17:42	charon		13[IKE] <con1|197> sending end entity cert "C=DE, ST=Hamburg, L=Hamburg, O=Die Firma GmbH, E=admin@die-firma.de, CN=vpn.die-firma.de"  
Jan 18 12:17:42	charon		13[IKE] <con1|197> authentication of 'vpn.die-firma.de' (myself) with RSA signature successful  
Jan 18 12:17:42	charon		13[IKE] <con1|197> peer supports MOBIKE, but disabled in config
Jan 18 12:17:42	charon		13[IKE] <con1|197> received ESP_TFC_PADDING_NOT_SUPPORTED, not using ESPv3 TFC padding
Jan 18 12:17:42	charon		13[IKE] <con1|197> initiating EAP_IDENTITY method (id 0x00)
Jan 18 12:17:42	charon		13[CFG] <con1|197> selected peer config 'con1'  
Jan 18 12:17:42	charon		13[CFG] <197> looking for peer configs matching 201.08.15.23[vpn.die-firma.de]...13.37.13.37[192.168.112.50]
Jan 18 12:17:42	charon		13[ENC] <197> parsed IKE_AUTH request 1 [ IDi N(INIT_CONTACT) N(MOBIKE_SUP) IDr CPRQ(ADDR DHCP DNS MASK ADDR6 DHCP6 DNS6) N(ESP_TFC_PAD_N) N(NON_FIRST_FRAG) SA TSi TSr ]
Jan 18 12:17:42	charon		13[NET] <197> received packet: from 13.37.13.37[61621] to 201.08.15.23[4500] (492 bytes)
Jan 18 12:17:41	charon		13[NET] <197> sending packet: from 201.08.15.23[500] to 13.37.13.37[61620] (341 bytes)
Jan 18 12:17:41	charon		13[ENC] <197> generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(MULT_AUTH) ]
Jan 18 12:17:41	charon		13[IKE] <197> sending cert request for "C=DE, ST=Hamburg, L=Hamburg, O=Die Firma GmbH, E=admin@die-firma.de, CN=internal-ca"  
Jan 18 12:17:41	charon		13[IKE] <197> remote host is behind NAT
Jan 18 12:17:41	charon		13[IKE] <197> 13.37.13.37 is initiating an IKE_SA
Jan 18 12:17:41	charon		13[ENC] <197> parsed IKE_SA_INIT request 0 [ SA KE No N(REDIR_SUP) N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) ]
Jan 18 12:17:41	charon		13[NET] <197> received packet: from 13.37.13.37[61620] to 201.08.15.23[500] (476 bytes)
Jan 18 12:17:41	charon		11[NET] <196> sending packet: from 201.08.15.23[500] to 13.37.13.37[61620] (38 bytes)
Jan 18 12:17:41	charon		11[ENC] <196> generating IKE_SA_INIT response 0 [ N(INVAL_KE) ]
Jan 18 12:17:41	charon		11[IKE] <196> DH group MODP_2048 inacceptable, requesting MODP_1024
Jan 18 12:17:41	charon		11[IKE] <196> remote host is behind NAT
Jan 18 12:17:41	charon		11[IKE] <196> 13.37.13.37 is initiating an IKE_SA
Jan 18 12:17:41	charon		11[ENC] <196> parsed IKE_SA_INIT request 0 [ SA KE No N(REDIR_SUP) N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) ]
Jan 18 12:17:41	charon		11[NET] <196> received packet: from 13.37.13.37[61620] to 201.08.15.23[500] (604 bytes)