Is there anyway I can force IKE_SA_INIT to negotiate null encryption so I can see the IKE_AUTH messages in wireshark in cleartext. I know you can do this for ESP by omitting the encryption algorithm statement. I tried doing it for IKE_SA_INIT in the ike proposal stanza but it didn't work.
There is no way to do that in SRX. If it is for learning purpose, I would suggest setup StrongSwan VPN on other end as Alex suggested. I attached ikev2 decrypted packets (IKE_SA_INIT and IKE_AUTH) in text format for your reference.
Thanks, Nellikka JNCIE x3 (SEC #321; SP #2839; ENT #790) Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too!!!