Pfsense VPN - 1. Client OK - 2. will nicht

Feb 23 10:32:39 	charon 		12[NET] <con-mobile|22> sending packet: from 192.168.6.100[4500] to 109.41.64.65[4609] (644 bytes)
Feb 23 10:32:39 	charon 		12[NET] <con-mobile|22> sending packet: from 192.168.6.100[4500] to 109.41.64.65[4609] (1236 bytes)
Feb 23 10:32:39 	charon 		12[ENC] <con-mobile|22> generating IKE_AUTH response 1 [ EF(2/2) ]
Feb 23 10:32:39 	charon 		12[ENC] <con-mobile|22> generating IKE_AUTH response 1 [ EF(1/2) ]
Feb 23 10:32:39 	charon 		12[ENC] <con-mobile|22> splitting IKE message (1808 bytes) into 2 fragments
Feb 23 10:32:39 	charon 		12[ENC] <con-mobile|22> generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
Feb 23 10:32:39 	charon 		12[IKE] <con-mobile|22> sending end entity cert "CN=192.168.6.100, C=DE, ST=Schleswig-Holstein, L=Eutin, O=Zobels Computerdienste, OU=IT"  
Feb 23 10:32:39 	charon 		12[IKE] <con-mobile|22> authentication of 'CN=192.168.6.100, C=DE, ST=Schleswig-Holstein, L=Eutin, O=Zobels Computerdienste, OU=IT' (myself) with RSA signature successful  
Feb 23 10:32:39 	charon 		12[IKE] <con-mobile|22> peer supports MOBIKE
Feb 23 10:32:39 	charon 		12[IKE] <con-mobile|22> processing INTERNAL_IP6_SERVER attribute
Feb 23 10:32:39 	charon 		12[IKE] <con-mobile|22> processing INTERNAL_IP6_DNS attribute
Feb 23 10:32:39 	charon 		12[IKE] <con-mobile|22> processing INTERNAL_IP6_ADDRESS attribute
Feb 23 10:32:39 	charon 		12[IKE] <con-mobile|22> processing INTERNAL_IP4_SERVER attribute
Feb 23 10:32:39 	charon 		12[IKE] <con-mobile|22> processing INTERNAL_IP4_NBNS attribute
Feb 23 10:32:39 	charon 		12[IKE] <con-mobile|22> processing INTERNAL_IP4_DNS attribute
Feb 23 10:32:39 	charon 		12[IKE] <con-mobile|22> processing INTERNAL_IP4_ADDRESS attribute
Feb 23 10:32:39 	charon 		12[IKE] <con-mobile|22> initiating EAP_IDENTITY method (id 0x00)
Feb 23 10:32:39 	charon 		12[CFG] <con-mobile|22> selected peer config 'con-mobile'  
Feb 23 10:32:39 	charon 		12[CFG] <22> candidate "con-mobile", match: 1/1/1052 (me/other/ike)  
Feb 23 10:32:39 	charon 		12[CFG] <22> candidate "bypasslan", match: 1/1/24 (me/other/ike)  
Feb 23 10:32:39 	charon 		12[CFG] <22> looking for peer configs matching 192.168.6.100[%any]...109.XX.XX.XX[192.168.43.224]
Feb 23 10:32:39 	charon 		12[IKE] <22> received 36 cert requests for an unknown ca
Feb 23 10:32:39 	charon 		12[IKE] <22> received cert request for unknown ca with keyid 4f:9c:7d:21:79:9c:ad:0e:d8:b9:0c:57:9f:1a:02:99:e7:90:f3:87 

Protokollname: Application
Quelle:        RasClient
Datum:         23.02.2019 10:32:41
Ereignis-ID:   20227
Aufgabenkategorie:Keine
Ebene:         Fehler
Schlüsselwörter:Klassisch
Benutzer:      Nicht zutreffend
Computer:      DESKTOP-5MNEGP1
Beschreibung:
CoID={AF22274B-C43E-47ED-B835-4CDFFEF17D6E}: Der Benutzer "DESKTOP-5MNEGP1\User" hat eine Verbindung mit dem Namen "pfSense" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 13801.  
Ereignis-XML:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">  
  <System>
    <Provider Name="RasClient" />  
    <EventID Qualifiers="0">20227</EventID>  
    <Level>2</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2019-02-23T09:32:41.114318100Z" />  
    <EventRecordID>5258</EventRecordID>
    <Channel>Application</Channel>
    <Computer>DESKTOP-5MNEGP1</Computer>
    <Security />
  </System>
  <EventData>
    <Data>{AF22274B-C43E-47ED-B835-4CDFFEF17D6E}</Data>
    <Data>DESKTOP-5MNEGP1\User</Data>
    <Data>pfSense</Data>
    <Data>13801</Data>
  </EventData>
</Event>

Protokollname: Application
Quelle:        RasClient
Datum:         23.02.2019 10:32:40
Ereignis-ID:   20224
Aufgabenkategorie:Keine
Ebene:         Informationen
Schlüsselwörter:Klassisch
Benutzer:      Nicht zutreffend
Computer:      DESKTOP-5MNEGP1
Beschreibung:
CoID={AF22274B-C43E-47ED-B835-4CDFFEF17D6E}: Die Verbindung mit dem RAS-Server wurde von Benutzer "DESKTOP-5MNEGP1\User" hergestellt.  
Ereignis-XML:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">  
  <System>
    <Provider Name="RasClient" />  
    <EventID Qualifiers="0">20224</EventID>  
    <Level>4</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2019-02-23T09:32:40.473732900Z" />  
    <EventRecordID>5257</EventRecordID>
    <Channel>Application</Channel>
    <Computer>DESKTOP-5MNEGP1</Computer>
    <Security />
  </System>
  <EventData>
    <Data>{AF22274B-C43E-47ED-B835-4CDFFEF17D6E}</Data>
    <Data>DESKTOP-5MNEGP1\User</Data>
  </EventData>
</Event>

Protokollname: Application
Quelle:        RasClient
Datum:         23.02.2019 10:32:40
Ereignis-ID:   20223
Aufgabenkategorie:Keine
Ebene:         Informationen
Schlüsselwörter:Klassisch
Benutzer:      Nicht zutreffend
Computer:      DESKTOP-5MNEGP1
Beschreibung:
CoID={AF22274B-C43E-47ED-B835-4CDFFEF17D6E}: Der Benutzer "DESKTOP-5MNEGP1\User" hat eine Verbindung mit dem RAS-Server hergestellt, verwendet wurde das Gerät: "  
Server address/Phone Number = 1XX.XX.XX.XX
Device = WAN Miniport (IKEv2)
Port = VPN2-1
MediaType = VPN".  
Ereignis-XML:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">  
  <System>
    <Provider Name="RasClient" />  
    <EventID Qualifiers="0">20223</EventID>  
    <Level>4</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2019-02-23T09:32:40.473732900Z" />  
    <EventRecordID>5256</EventRecordID>
    <Channel>Application</Channel>
    <Computer>DESKTOP-5MNEGP1</Computer>
    <Security />
  </System>
  <EventData>
    <Data>{AF22274B-C43E-47ED-B835-4CDFFEF17D6E}</Data>
    <Data>DESKTOP-5MNEGP1\User</Data>
    <Data>
Server address/Phone Number = 1XX.XX.XX.XX
Device = WAN Miniport (IKEv2)
Port = VPN2-1
MediaType = VPN</Data>
  </EventData>
</Event>

Protokollname: Application
Quelle:        RasClient
Datum:         23.02.2019 10:32:40
Ereignis-ID:   20222
Aufgabenkategorie:Keine
Ebene:         Informationen
Schlüsselwörter:Klassisch
Benutzer:      Nicht zutreffend
Computer:      DESKTOP-5MNEGP1
Beschreibung:
CoID={AF22274B-C43E-47ED-B835-4CDFFEF17D6E}: Der Benutzer "DESKTOP-5MNEGP1\User" versucht, eine Verbindung zum RAS-Server für die Verbindung mit dem Namen "pfSense" mit dem folgenden Gerät herzustellen:   
Server address/Phone Number = 18X.XX.XX.XX
Device = WAN Miniport (IKEv2)
Port = VPN2-1
MediaType = VPN.
Ereignis-XML:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">  
  <System>
    <Provider Name="RasClient" />  
    <EventID Qualifiers="0">20222</EventID>  
    <Level>4</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2019-02-23T09:32:40.473732900Z" />  
    <EventRecordID>5255</EventRecordID>
    <Channel>Application</Channel>
    <Computer>DESKTOP-5MNEGP1</Computer>
    <Security />
  </System>
  <EventData>
    <Data>{AF22274B-C43E-47ED-B835-4CDFFEF17D6E}</Data>
    <Data>DESKTOP-5MNEGP1\User</Data>
    <Data>pfSense</Data>
    <Data>
Server address/Phone Number = 18X.XX.XX.XX
Device = WAN Miniport (IKEv2)
Port = VPN2-1
MediaType = VPN</Data>
  </EventData>
</Event>

Protokollname: Application
Quelle:        RasClient
Datum:         23.02.2019 10:32:40
Ereignis-ID:   20221
Aufgabenkategorie:Keine
Ebene:         Informationen
Schlüsselwörter:Klassisch
Benutzer:      Nicht zutreffend
Computer:      DESKTOP-5MNEGP1
Beschreibung:
CoID={AF22274B-C43E-47ED-B835-4CDFFEF17D6E}: Der Benutzer "DESKTOP-5MNEGP1\User" hat eine VPN-Verbindung mit einem all-user-Verbindungsprofil mit dem Namen "pfSense" angewählt. Die Verbindungseinstellungen lauten:   
Dial-in User = rz
VpnStrategy = IKEv2
DataEncryption = Require
PrerequisiteEntry = 
AutoLogon = No
UseRasCredentials = Yes
Authentication Type = EAP <Microsoft: Gesichertes Kennwort (EAP-MSCHAP v2)>
Ipv4DefaultGateway = No
Ipv4AddressAssignment = By Server
Ipv4DNSServerAssignment = By Server
Ipv6DefaultGateway = No
Ipv6AddressAssignment = By Server
Ipv6DNSServerAssignment = By Server
IpDnsFlags = 
IpNBTEnabled = Yes
UseFlags = Private Connection
ConnectOnWinlogon = No
Mobility enabled for IKEv2 = Yes.
Ereignis-XML:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">  
  <System>
    <Provider Name="RasClient" />  
    <EventID Qualifiers="0">20221</EventID>  
    <Level>4</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2019-02-23T09:32:40.458109200Z" />  
    <EventRecordID>5254</EventRecordID>
    <Channel>Application</Channel>
    <Computer>DESKTOP-5MNEGP1</Computer>
    <Security />
  </System>
  <EventData>
    <Data>{AF22274B-C43E-47ED-B835-4CDFFEF17D6E}</Data>
    <Data>DESKTOP-5MNEGP1\User</Data>
    <Data>VPN</Data>
    <Data>all-user</Data>
    <Data>pfSense</Data>
    <Data>
Dial-in User = rz
VpnStrategy = IKEv2
DataEncryption = Require
PrerequisiteEntry = 
AutoLogon = No
UseRasCredentials = Yes
Authentication Type = EAP &lt;Microsoft: Gesichertes Kennwort (EAP-MSCHAP v2)&gt;
Ipv4DefaultGateway = No
Ipv4AddressAssignment = By Server
Ipv4DNSServerAssignment = By Server
Ipv6DefaultGateway = No
Ipv6AddressAssignment = By Server
Ipv6DNSServerAssignment = By Server
IpDnsFlags = 
IpNBTEnabled = Yes
UseFlags = Private Connection
ConnectOnWinlogon = No
Mobility enabled for IKEv2 = Yes</Data>
  </EventData>
</Event>

Mar 5 21:04:05 	charon 		09[CFG] vici client 2911 disconnected
Mar 5 21:04:05 	charon 		09[CFG] vici client 2911 requests: list-sas
Mar 5 21:04:05 	charon 		13[CFG] vici client 2911 registered for: list-sa
Mar 5 21:04:05 	charon 		09[CFG] vici client 2911 connected
Mar 5 21:04:00 	charon 		09[CFG] vici client 2910 disconnected
Mar 5 21:04:00 	charon 		13[CFG] vici client 2910 requests: list-sas
Mar 5 21:04:00 	charon 		12[CFG] vici client 2910 registered for: list-sa
Mar 5 21:04:00 	charon 		09[CFG] vici client 2910 connected
Mar 5 21:03:58 	charon 		09[NET] <con-mobile|18> sending packet: from 192.168.6.100[4500] to 84.158.xxx.46[61596] (644 bytes)
Mar 5 21:03:58 	charon 		09[NET] <con-mobile|18> sending packet: from 192.168.6.100[4500] to 84.158.xxx.46[61596] (1236 bytes)
Mar 5 21:03:58 	charon 		09[ENC] <con-mobile|18> generating IKE_AUTH response 1 [ EF(2/2) ]
Mar 5 21:03:58 	charon 		09[ENC] <con-mobile|18> generating IKE_AUTH response 1 [ EF(1/2) ]
Mar 5 21:03:58 	charon 		09[ENC] <con-mobile|18> splitting IKE message (1808 bytes) into 2 fragments
Mar 5 21:03:58 	charon 		09[ENC] <con-mobile|18> generating IKE_AUTH response 1 [ IDr CERT AUTH EAP/REQ/ID ]
Mar 5 21:03:58 	charon 		09[IKE] <con-mobile|18> sending end entity cert "CN=192.168.6.100, C=DE, ST=Schleswig-Holstein, L=Eutin, O=Zobels Computerdienste, OU=IT"  
Mar 5 21:03:58 	charon 		09[IKE] <con-mobile|18> authentication of 'CN=192.168.6.100, C=DE, ST=Schleswig-Holstein, L=Eutin, O=Zobels Computerdienste, OU=IT' (myself) with RSA signature successful  
Mar 5 21:03:58 	charon 		09[IKE] <con-mobile|18> peer supports MOBIKE
Mar 5 21:03:58 	charon 		09[IKE] <con-mobile|18> processing INTERNAL_IP6_SERVER attribute
Mar 5 21:03:58 	charon 		09[IKE] <con-mobile|18> processing INTERNAL_IP6_DNS attribute
Mar 5 21:03:58 	charon 		09[IKE] <con-mobile|18> processing INTERNAL_IP6_ADDRESS attribute
Mar 5 21:03:58 	charon 		09[IKE] <con-mobile|18> processing INTERNAL_IP4_SERVER attribute
Mar 5 21:03:58 	charon 		09[IKE] <con-mobile|18> processing INTERNAL_IP4_NBNS attribute
Mar 5 21:03:58 	charon 		09[IKE] <con-mobile|18> processing INTERNAL_IP4_DNS attribute
Mar 5 21:03:58 	charon 		09[IKE] <con-mobile|18> processing INTERNAL_IP4_ADDRESS attribute
Mar 5 21:03:58 	charon 		09[IKE] <con-mobile|18> initiating EAP_IDENTITY method (id 0x00)
Mar 5 21:03:58 	charon 		09[CFG] <con-mobile|18> selected peer config 'con-mobile'  
Mar 5 21:03:58 	charon 		09[CFG] <18> candidate "con-mobile", match: 1/1/1052 (me/other/ike)  
Mar 5 21:03:58 	charon 		09[CFG] <18> candidate "bypasslan", match: 1/1/24 (me/other/ike)  
Mar 5 21:03:58 	charon 		09[CFG] <18> looking for peer configs matching 192.168.6.100[%any]...84.158.xxx.46[192.168.2.20]
Mar 5 21:03:58 	charon 		09[IKE] <18> received 37 cert requests for an unknown ca
Mar 5 21:03:58 	charon 		09[IKE] <18> received cert request for unknown ca with keyid 4f:9c:7d:21:79:9c:ad:0e:d8:b9:0c:57:9f:1a:02:99:e7:90:f3:87
Mar 5 21:03:58 	charon 		09[IKE] <18> received cert request for unknown ca with keyid 9c:a9:8d:00:af:74:0d:dd:81:80:d2:13:45:a5:8b:8f:2e:94:38:d6
Mar 5 21:03:58 	charon 		09[IKE] <18> received cert request for unknown ca with keyid 68:33:0e:61:35:85:21:59:29:83:a3:c8:d2:d2:e1:40:6e:7a:b3:c1
Mar 5 21:03:58 	charon 		09[IKE] <18> received cert request for unknown ca with keyid 17:4a:b8:2b:5f:fb:05:67:75:27:ad:49:5a:4a:5d:c4:22:cc:ea:4e
Mar 5 21:03:58 	charon 		09[IKE] <18> received cert request for unknown ca with keyid ee:e5:9f:1e:2a:a5:44:c3:cb:25:43:a6:9a:5b:d4:6a:25:bc:bb:8e
Mar 5 21:03:58 	charon 		09[IKE] <18> received cert request for unknown ca with keyid bb:c2:3e:29:0b:b3:28:77:1d:ad:3e:a2:4d:bd:f4:23:bd:06:b0:3d
Mar 5 21:03:58 	charon 		09[IKE] <18> received cert request for unknown ca with keyid b1:81:08:1a:19:a4:c0:94:1f:fa:e8:95:28:c1:24:c9:9b:34:ac:c7
Mar 5 21:03:58 	charon 		09[IKE] <18> received cert request for unknown ca with keyid 55:e4:81:d1:11:80:be:d8:89:b9:08:a3:31:f9:a1:24:09:16:b9:70
Mar 5 21:03:58 	charon 		09[IKE] <18> received cert request for unknown ca with keyid 3e:22:d4:2c:1f:02:44:b8:04:10:65:61:7c:c7:6b:ae:da:87:29:9c
Mar 5 21:03:58 	charon 		09[IKE] <18> received cert request for unknown ca with keyid 83:31:7e:62:85:42:53:d6:d7:78:31:90:ec:91:90:56:e9:91:b9:e3
Mar 5 21:03:58 	charon 		09[IKE] <18> received cert request for unknown ca with keyid 6d:aa:9b:09:87:c4:d0:d4:22:ed:40:07:37:4d:19:f1:91:ff:de:d3
Mar 5 21:03:58 	charon 		09[IKE] <18> received cert request for unknown ca with keyid e2:7f:7b:d8:77:d5:df:9e:0a:3f:9e:b4:cb:0e:2e:a9:ef:db:69:77
Mar 5 21:03:58 	charon 		09[IKE] <18> received cert request for unknown ca with keyid a5:06:8a:78:cf:84:bd:74:32:dd:58:f9:65:eb:3a:55:e7:c7:80:dc
Mar 5 21:03:58 	charon 		09[IKE] <18> received cert request for unknown ca with keyid ab:30:d3:af:4b:d8:f1:6b:58:69:ee:45:69:29:da:84:b8:73:94:88
Mar 5 21:03:58 	charon 		09[IKE] <18> received cert request for unknown ca with keyid 6c:ca:bd:7d:b4:7e:94:a5:75:99:01:b6:a7:df:d4:5d:1c:09:1c:cc
Mar 5 21:03:58 	charon 		09[IKE] <18> received cert request for unknown ca with keyid d5:2e:13:c1:ab:e3:49:da:e8:b4:95:94:ef:7c:38:43:60:64:66:bd
Mar 5 21:03:58 	charon 		09[IKE] <18> received cert request for unknown ca with keyid 4a:81:0c:de:f0:c0:90:0f:19:06:42:31:35:a2:a2:8d:d3:44:fd:08
Mar 5 21:03:58 	charon 		09[IKE] <18> received cert request for unknown ca with keyid 6e:58:4e:33:75:bd:57:f6:d5:42:1b:16:01:c2:d8:c0:f5:3a:9f:6e
Mar 5 21:03:58 	charon 		09[IKE] <18> received cert request for unknown ca with keyid 87:db:d4:5f:b0:92:8d:4e:1d:f8:15:67:e7:f2:ab:af:d6:2b:67:75
Mar 5 21:03:58 	charon 		09[IKE] <18> received cert request for unknown ca with keyid 30:a4:e6:4f:de:76:8a:fc:ed:5a:90:84:28:30:46:79:2c:29:15:70 

Mar 5 21:03:58 	charon 		09[IKE] <18> received cert request for unknown ca with keyid 30:a4:e6:4f:de:76:8a:fc:ed:5a:90:84:28:30:46:79:2c:29:15:70