I managed to capture error logging from the macOS ‘raccoon’ process trying to set up a VPN with the Peplink router.
In this log, A.A.A.A is my remote IP address, and B.B.B.B is the address of my Peplink.
[...]
IPSec Phase 2 established (Initiated by me).
===
IPsec-SA established (add): satype=3 spi=0xc477265c mode=1
IPsec-SA established (add): ESP/Transport A.A.A.A[500]->B.B.B.B[500] spi=3296142940(0xc477265c)
>>>>> phase change status = Phase 2 established
vpn control writing 20 bytes
===
Dropping com.apple.security.LegacyAPICounts as it isn't used in any transform (not in the config or budgeted?)
Dropping com.apple.security.LegacyAPICounts as it isn't used in any transform (not in the config or budgeted?)
Dropping com.apple.security.LegacyAPICounts as it isn't used in any transform (not in the config or budgeted?)
Dropping com.apple.security.LegacyAPICounts as it isn't used in any transform (not in the config or budgeted?)
DatabaseSession::Close
DbClose of handle 140543612981885
0x7fd2dc209370 free /Library/Keychains/System.keychain buffer 0x7fd2e0008000
Thread registered with com.apple.SecurityServer
0x7fd2dc208d00 detach module 0x7fd2dc208990(AppleDL)
Dropping com.apple.security.LegacyAPICounts as it isn't used in any transform (not in the config or budgeted?)
Dropping com.apple.security.LegacyAPICounts as it isn't used in any transform (not in the config or budgeted?)
0x7fd2dc208990 module AppleDL(Apple built-in DL) final unload
0x7fd2dc70f490 detach module 0x7fd2dc7334a0(AppleCSPDL)
0x7fd2dc70be40 detach module 0x7fd2dc7334a0(AppleCSPDL)
0x7fd2dc7334a0 module AppleCSPDL(Apple built-in CSPDL) final unload
caught rtm:2, need update interface address list
configuring default isakmp port.
26 addrs are configured successfully
vpn_control socket closed by peer.
received disconnect all command.
IPSec disconnecting from server B.B.B.B
in ike_session_purgephXbydstaddrwop... purging Phase 2 structures
New Phase 2
state changed to: IKEv1 info
Compute IV for Phase 2
hash(sha2_512)
encryption(aes)
hmac(hmac_sha2_512)
Begin encryption.
encryption(aes)
pad length = 12
About to encrypt 96 bytes
encryption(aes)
Encrypted.
124 bytes from A.A.A.A[500] to B.B.B.B[500]
sockname A.A.A.A[500]
send packet from A.A.A.A[500]
send packet to B.B.B.B[500]
1 times of 124 bytes message will be sent to B.B.B.B[500]
sendto Information delete.
IV freed
Phase 2 sa expired A.A.A.A-B.B.B.B
state changed to: Phase 2 expired
in ike_session_purgephXbydstaddrwop... purging Phase 1 and related Phase 2 structures
IPsec-SA needs to be purged: ESP A.A.A.A[500]->B.B.B.B[500] spi=167772160(0xa000000)
New Phase 2
state changed to: IKEv1 info
Compute IV for Phase 2
hash(sha2_512)
encryption(aes)
hmac(hmac_sha2_512)
Begin encryption.
encryption(aes)
pad length = 16
About to encrypt 112 bytes
encryption(aes)
Encrypted.
140 bytes from A.A.A.A[500] to B.B.B.B[500]
sockname A.A.A.A[500]
send packet from A.A.A.A[500]
send packet to B.B.B.B[500]
1 times of 140 bytes message will be sent to B.B.B.B[500]
sendto Information delete.
IV freed
ISAKMP-SA expired A.A.A.A[500]-B.B.B.B[500] spi:cf535c2e3e206ac1:ca6782ebd853f95d
state changed to: Phase 1 expired
no ph1bind replacement found. NULL ph1.
vpncontrol_close_comm.