==> /var/log/auth.log <==
Nov  9 01:45:24 enterprise pluto[20902]: packet from 213.221.117.90:500: received Vendor ID payload [RFC 3947] method set to=109
Nov  9 01:45:24 enterprise pluto[20902]: packet from 213.221.117.90:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike] method set to=110
Nov  9 01:45:24 enterprise pluto[20902]: packet from 213.221.117.90:500: ignoring unknown Vendor ID payload [8f8d83826d246b6fc7a8a6a428c11de8]
Nov  9 01:45:24 enterprise pluto[20902]: packet from 213.221.117.90:500: ignoring unknown Vendor ID payload [439b59f8ba676c4c7737ae22eab8f582]
Nov  9 01:45:24 enterprise pluto[20902]: packet from 213.221.117.90:500: ignoring unknown Vendor ID payload [4d1e0e136deafa34c4f3ea9f02ec7285]
Nov  9 01:45:24 enterprise pluto[20902]: packet from 213.221.117.90:500: ignoring unknown Vendor ID payload [80d0bb3def54565ee84645d4c85ce3ee]
Nov  9 01:45:24 enterprise pluto[20902]: packet from 213.221.117.90:500: ignoring unknown Vendor ID payload [9909b64eed937c6573de52ace952fa6b]
Nov  9 01:45:24 enterprise pluto[20902]: packet from 213.221.117.90:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 110
Nov  9 01:45:24 enterprise pluto[20902]: packet from 213.221.117.90:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 110
Nov  9 01:45:24 enterprise pluto[20902]: packet from 213.221.117.90:500: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 110
Nov  9 01:45:24 enterprise pluto[20902]: packet from 213.221.117.90:500: received Vendor ID payload [Dead Peer Detection]
Nov  9 01:45:24 enterprise pluto[20902]: "XL2TP"[2] 213.221.117.90 #13: responding to Main Mode from unknown peer 213.221.117.90
Nov  9 01:45:24 enterprise pluto[20902]: "XL2TP"[2] 213.221.117.90 #13: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Nov  9 01:45:24 enterprise pluto[20902]: "XL2TP"[2] 213.221.117.90 #13: STATE_MAIN_R1: sent MR1, expecting MI2
Nov  9 01:45:24 enterprise pluto[20902]: "XL2TP"[2] 213.221.117.90 #13: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): both are NATed
Nov  9 01:45:24 enterprise pluto[20902]: "XL2TP"[2] 213.221.117.90 #13: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Nov  9 01:45:24 enterprise pluto[20902]: "XL2TP"[2] 213.221.117.90 #13: STATE_MAIN_R2: sent MR2, expecting MI3
Nov  9 01:45:24 enterprise pluto[20902]: "XL2TP"[2] 213.221.117.90 #13: Main mode peer ID is ID_IPV4_ADDR: '192.168.70.163'
Nov  9 01:45:24 enterprise pluto[20902]: "XL2TP"[2] 213.221.117.90 #13: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Nov  9 01:45:24 enterprise pluto[20902]: "XL2TP"[2] 213.221.117.90 #13: new NAT mapping for #13, was 213.221.117.90:500, now 213.221.117.90:4500
Nov  9 01:45:24 enterprise pluto[20902]: "XL2TP"[2] 213.221.117.90 #13: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp1024}
Nov  9 01:45:24 enterprise pluto[20902]: "XL2TP"[2] 213.221.117.90 #13: Dead Peer Detection (RFC 3706): enabled
Nov  9 01:45:24 enterprise pluto[20902]: "XL2TP"[2] 213.221.117.90 #13: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000
Nov  9 01:45:24 enterprise pluto[20902]: "XL2TP"[2] 213.221.117.90 #13: received and ignored informational message
Nov  9 01:45:24 enterprise pluto[20902]: "XL2TP"[2] 213.221.117.90 #13: the peer proposed: PUBLICIP/32:17/1701 -> 192.168.70.163/32:17/51591
Nov  9 01:45:24 enterprise pluto[20902]: "XL2TP"[3] 213.221.117.90 #14: responding to Quick Mode proposal {msgid:924cf19b}
Nov  9 01:45:24 enterprise pluto[20902]: "XL2TP"[3] 213.221.117.90 #14:     us: PUBLICIP<PUBLICIP>[+S=C]:17/1701
Nov  9 01:45:24 enterprise pluto[20902]: "XL2TP"[3] 213.221.117.90 #14:   them: 213.221.117.90[192.168.70.163,+S=C]:17/51594===192.168.70.163/32
Nov  9 01:45:24 enterprise pluto[20902]: "XL2TP"[3] 213.221.117.90 #14: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Nov  9 01:45:24 enterprise pluto[20902]: "XL2TP"[3] 213.221.117.90 #14: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
Nov  9 01:45:25 enterprise pluto[20902]: "XL2TP"[3] 213.221.117.90 #14: Dead Peer Detection (RFC 3706): enabled
Nov  9 01:45:25 enterprise pluto[20902]: "XL2TP"[3] 213.221.117.90 #14: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Nov  9 01:45:25 enterprise pluto[20902]: "XL2TP"[3] 213.221.117.90 #14: STATE_QUICK_R2: IPsec SA established tunnel mode {ESP/NAT=>0x01ed1cac <0x727dca60 xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=213.221.117.90:4500 DPD=enabled}

==> /var/log/syslog <==
Nov  9 01:45:27 enterprise xl2tpd[7303]: control_finish: Peer requested tunnel 21 twice, ignoring second one.
Nov  9 01:45:27 enterprise xl2tpd[7303]: control_finish: Peer requested tunnel 21 twice, ignoring second one.
Nov  9 01:45:31 enterprise xl2tpd[7303]: control_finish: Peer requested tunnel 21 twice, ignoring second one.
Nov  9 01:45:32 enterprise xl2tpd[7303]: Maximum retries exceeded for tunnel 2021.  Closing.
Nov  9 01:45:39 enterprise xl2tpd[7303]: control_finish: Peer requested tunnel 21 twice, ignoring second one.
Nov  9 01:45:39 enterprise xl2tpd[7303]: Connection 21 closed to 213.221.117.90, port 51594 (Timeout)
Nov  9 01:45:44 enterprise xl2tpd[7303]: Unable to deliver closing message for tunnel 2021. Destroying anyway.