When I configure a test of IKEv2 that matches the configurations detailed at https://wiki.fd.io/view/VPP/IPSec_and_IKEv2#Example_configuration_2 with strongswan acting as an initiator and VPP acting as a responder, authentication of the IKEv2 SA fails. The output of VPP when run in the foreground is in ikev2-responder.txt

After adding some debugging output to ikev2_sa_auth via the patch at ikev2-debug.diff I found that the ID of the peer in the IKEv2 profile was not matching the initiator ID that was stored when the payloads were parsed. The output of these debug statements looked like:

vpp[5587]: ikev2_sa_auth:1387: profile type 2, received type 2
vpp[5587]: ikev2_sa_auth:1387: profile id roadwarrior.vpn.example.com, received id vpp.home

It's supposed to be finding the ID of the remote peer in the parsed SA data, but it's finding it's own ID instead.