Linux – OpenSwan IPSec phase #2 complications

Phase #1 (IKE) succeeds without any problems (verified at the target host).
Phase #2 (IPSec), however, is erroneous at some point (apparently due to misconfiguration on localhost).

This should be an IPSec-only connection. I am using OpenSwan on Debian. The error log reads the following (the actual IP-addr. of the remote endpoint has been modified):

pluto[30868]: "x" #2: initiating Quick Mode PSK+ENCRYPT+PFS+UP+IKEv2ALLOW+SAREFTRACK {using isakmp#1 msgid:5ece82ee proposal=AES(12)_256-SHA1(2)_160 pfsgroup=OAKLEY_GROUP_DH22}
pluto[30868]: "x" #1: ignoring informational payload, type NO_PROPOSAL_CHOSEN msgid=00000000
pluto[30868]: "x" #1: received and ignored informational message
pluto[30868]: "x" #1: the peer proposed: 0.0.0.0/0:0/0 -> 0.0.0.0/0:0/0
pluto[30868]: "x" #3: responding to Quick Mode proposal {msgid:a4f5a81c}
pluto[30868]: "x" #3: us: 192.168.1.76<192.168.1.76>[+S=C]
pluto[30868]: "x" #3: them: 222.222.222.222<222.222.222.222>[+S=C]===10.196.0.0/17
pluto[30868]: "x" #3: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
pluto[30868]: "x" #3: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
pluto[30868]: "x" #1: ignoring informational payload, type NO_PROPOSAL_CHOSEN msgid=00000000
pluto[30868]: "x" #1: received and ignored informational message
pluto[30868]: "x" #3: next payload type of ISAKMP Hash Payload has an unknown value: 97 X
pluto[30868]: "x" #3: malformed payload in packet
pluto[30868]: | payload malformed after IV

I am behind NAT and this is all coming from wlan2. Here are the details:

default via 192.168.1.254 dev wlan2 proto static
169.254.0.0/16 dev wlan2 scope link metric 1000
192.168.1.0/24 dev wlan2 proto kernel scope link src 192.168.1.76 metric 2

Output of ipsec verify:

Checking your system to see if IPsec got installed and started correctly:
Version check and ipsec on-path [OK]
Linux Openswan U2.6.37/K3.2.0-24-generic (netkey)
Checking for IPsec support in kernel [OK]
SAref kernel support [N/A]
NETKEY: Testing XFRM related proc values [OK]
[OK]
[OK]
Checking that pluto is running [OK]
Pluto listening for IKE on udp 500 [OK]
Pluto listening for NAT-T on udp 4500 [OK]
Two or more interfaces found, checking IP forwarding [OK]
Checking NAT and MASQUERADEing [OK]
Checking for 'ip' command [OK]
Checking /bin/sh is not /bin/dash [WARNING]
Checking for 'iptables' command [OK]
Opportunistic Encryption Support [DISABLED]

This is what happens when I run ipsec auto –up x:

104 "x" #1: STATE_MAIN_I1: initiate
003 "x" #1: received Vendor ID payload [RFC 3947] method set to=109
106 "x" #1: STATE_MAIN_I2: sent MI2, expecting MR2
003 "x" #1: received Vendor ID payload [Cisco-Unity]
003 "x" #1: received Vendor ID payload [Dead Peer Detection]
003 "x" #1: ignoring unknown Vendor ID payload [502099ff84bd4373039074cf56649aad]
003 "x" #1: received Vendor ID payload [XAUTH]
003 "x" #1: NAT-Traversal: Result using RFC 3947 (NAT-Traversal): i am NATed
108 "x" #1: STATE_MAIN_I3: sent MI3, expecting MR3
004 "x" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp1024}
117 "x" #2: STATE_QUICK_I1: initiate
010 "x" #2: STATE_QUICK_I1: retransmission; will wait 20s for response
010 "x" #2: STATE_QUICK_I1: retransmission; will wait 40s for response
031 "x" #2: max number of retransmissions (2) reached STATE_QUICK_I1. No acceptable response to our first Quick Mode message: perhaps peer likes no proposal
000 "x" #2: starting keying attempt 2 of at most 3, but releasing whack

More debug info from ipsec auto –status:

000 using kernel interface: netkey
000 interface lo/lo ::1
000 interface wlan2/wlan2 192.168.1.76
000 interface wlan2/wlan2 192.168.1.76
000 %myid = (none)
000 debug raw+crypt+parsing+emitting+control+lifecycle+klips+dns+oppo+controlmore+pfkey+nattraversal+x509+dpd+oppoinfo
000
000 virtual_private (%priv):
000 – allowed 2 subnets: 10.196.0.0/17, 192.168.1.0/24
000 – disallowed 0 subnets:
000 WARNING: Disallowed subnets in virtual_private= is empty. If you have
000 private address space in internal use, it should be excluded!
000
000 stats db_ops: {curr_cnt, total_cnt, maxsz} :context={0,4,36} trans={0,4,1536} attrs={0,4,2048}
000
000 "x": 192.168.1.0/24===192.168.1.76[+S=C]…222.222.222.222<222.222.222.222>[+S=C]===10.196.0.0/17; unrouted; eroute owner: #0
000 "x": myip=unset; hisip=unset;
000 "x": ike_life: 28800s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3
000 "x": policy: PSK+ENCRYPT+PFS+UP+IKEv2ALLOW+SAREFTRACK+lKOD+rKOD; prio: 24,17; interface: wlan2;
000 "x": dpd: action:clear; delay:0; timeout:0;
000 "x": newest ISAKMP SA: #0; newest IPsec SA: #0;
000 "x": ESP algorithms wanted: AES(12)_256-SHA1(2)_000; pfsgroup=DH22(22); flags=-strict
000 "x": ESP algorithms loaded: AES(12)_256-SHA1(2)_160

Even more debug info (plutodebug="all") coming from /var/log/auth.log:

pluto[26439]: | peer client is subnet 0.0.0.0/0
pluto[26439]: | peer client protocol/port is 0/0
pluto[26439]: | our client is subnet 0.0.0.0/0
pluto[26439]: | our client protocol/port is 0/0
pluto[26439]: "x" #1: the peer proposed: 0.0.0.0/0:0/0 -> 0.0.0.0/0:0/0
pluto[26439]: | find_client_connection starting with x
pluto[26439]: | looking for 0.0.0.0/0:0/0 -> 0.0.0.0/0:0/0
pluto[26439]: | concrete checking against sr#0 192.168.1.0/24 -> 10.196.0.0/17
pluto[26439]: | match_id a=222.222.222.222
pluto[26439]: | b=222.222.222.222
pluto[26439]: | results matched
pluto[26439]: | trusted_ca called with a=(empty) b=(empty)
pluto[26439]: | fc_try trying x:0.0.0.0/0:0/0 -> 0.0.0.0/0:0/0 vs x:192.168.1.0/24:0/0 -> 10.196.0.0/17:0/0
pluto[26439]: | our client(192.168.1.0/24) not in our_net (0.0.0.0/0)
pluto[26439]: | fc_try concluding with none [0]
pluto[26439]: | fc_try x gives none
pluto[26439]: | find_host_pair: comparing to 192.168.1.76:500 222.222.222.222:500
pluto[26439]: | checking hostpair 192.168.1.0/24 -> 10.196.0.0/17 is not found
pluto[26439]: | concluding with d = none
pluto[26439]: | using (something – hopefully the IP we or they are NAT'ed to) for transport mode connection "x"

I have enabled NAT traversal in ipsec.conf accordingly. Here are the settings relative to the connection in question:

version 2.0

config setup

plutoopts="–perpeerlog"
plutoopts="–interface=wlan2"
dumpdir=/var/run/pluto/
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
oe=off
protostack=netkey

conn x

authby=secret  
pfs=yes  
auto=add  
phase2alg=aes256-sha1;dh22  
keyingtries=3  
ikelifetime=8h  
type=transport  
left=192.168.1.76  
leftsubnet=192.168.1.0/24  
leftprotoport=0/0  
right=222.222.222.222  
rightsubnet=10.196.0.0/17  
rightprotoport=0/0

Here are the specs provided by the other end that must be met for Phase #2:

encryption algorithm: AES (128 or 256 bit)
hash algorithm: SHA
local ident1 (addr/mask/prot/port): (10.196.0.0/255.255.128.0/0/0)
local ident2 (addr/mask/prot/port): (10.241.0.0/255.255.0.0/0/0)
remote ident (addr/mask/prot/port): (x.x.x.x/x.x.x.x/0/0) (internal network or localhost)
Security association lifetime: 4608000 kilobytes/3600 seconds
PFS: DH group2

So, finally, what might be the cause of the issue that I am experiencing? Thank you.