Hi Tobias, > As strongSwan is the initiator of the exchange and the peer is a > Windows 10 host I'd guess that this is a rekeying. So it could also > be because it doesn't like being responder of a rekeying (Windows > has/had the same problem with IKEv2 CHILD_SA rekeyings, see [1]).
You are right. My fault. The problem was the lifetime/ikelifetime: I have decreased it on the strongSwan side and I forgot to update the windows clients. So strongSwan become the initiator and the problem has been popped up. Sorry for the spam.