Hello I am sorry, but I don't have access to any specific output right at this moment.
However, there appears to be something odd happening with iked. Last week I noticed that ssl connections, when attempted through an iked vpn tunnel, appeared to hang, when those same connections made directly (not via iked VPN) worked as expected. I tried mss clamping in pf, but that did not really seem to do anything. In hoping for a solution, I upgrade with the 12/1 snapshot for amd64 2 days ago. After that upgrade, an openbsd<->openbsd iked VPN was NOT able to be created. I had made no changes to pf.conf or iked.conf from the working (over at least the last 1-2 years) iked VPN to the non-working iked VPN after the snapshot on 12/1/18. So, I tried making changes to pf.conf - essentially liberalizing the rules, even "skipping" filtering on enc0. But, this made no difference. Today, I updated again to last night's amd64 snapshot on both ends of the iked VPN. No change, the OpenBSD<->OpenBSD iked VPN does not get established. But, if I downgrade iked/ikectl (TZ=UTC cvs up -D '2017/03/23 05:29:48' -P sbin/iked usr.sbin/ikectl - etc... I have been doing this to maintain function between openbsd iked and apple ios ikev2 - I know there would be no support for this, I am only mentioning as part of my observations) then apple ios devices CAN establish an ikev2 connection to the openbsd machine. At the same time, even though both ends of the openbsd<->openbsd VPN are running the same exact downgraded versions of iked, they are NOT able to establish a VPN (but they were able to do so before the 12/1 snapshot). To recap, after the snapshot of 12/1 on amd64, with no changes to iked.conf or pf.conf, an ikev2 VPN is no longer created between two openbsd systems. This is also true for last night's snapshot. I don't know if this is in anyway related to the ssl over iked difficulties. I will be happy to provide any information/output that may be helpful, I just don't know exactly what that information would be. Thanks Ted