Strongswan Centos 7 Config Issue

Question

I have a problem with configuring Strongswan on Centos 7 ! First please notice that I want to connect with only username and password and I don't want to import any profiles on my phone ! My server ip is 88.99.45.140 or hostname ik.xpdns.xyz and I want to setup Ikev2 vpn server on it ! Here is the tutorial I used : https://www.howtoforge.com/tutorial/how-to-setup-ikev2-vpn-using-strongswan-and-letsencrypt-on-centos-7/

Here is my ipsec.config file :

#global configuration IPsec
#chron logger
config setup
    charondebug="ike 1, knl 1, cfg 0"
    uniqueids=no

#define new ipsec connection
conn hakase-vpn
    auto=add
    compress=no
    type=tunnel
    keyexchange=ikev2
    fragmentation=yes
    forceencaps=yes
    dpdaction=clear
    dpddelay=300s
    rekey=no
    left=%any
    leftid=@ik.xpdns.xyz
    leftcert=fullchain.pem
    leftsendcert=always
    leftsubnet=0.0.0.0/0
    right=%any
    rightid=%any
    rightauth=eap-mschapv2
    rightsourceip=10.15.1.0/24
    rightdns=1.1.1.1,8.8.8.8
    rightsendcert=never
    eap_identity=%identity

and here is my ipsec.secrets file :

# ipsec.secrets - strongSwan IPsec secrets file
@ik.xpdns.xyz : RSA "privkey.pem"
alid : EAP "123321"

here is my strongswan.conf file :

# strongswan.conf - strongSwan configuration file
#
# Refer to the strongswan.conf(5) manpage for details
#
# Configuration changes should be made in the included files

charon {
    load_modular = yes
    plugins {
        include strongswan.d/charon/*.conf
    }
}

include strongswan.d/*.conf

and here are the firewall rules I entered :

firewall-cmd --zone=public --permanent --add-rich-rule='rule protocol value="esp" accept'
firewall-cmd --zone=public --permanent --add-rich-rule='rule protocol value="ah" accept'
firewall-cmd --zone=public --permanent --add-port=500/udp
firewall-cmd --zone=public --permanent --add-port=4500/udp
firewall-cmd --zone=public --permanent --add-service="ipsec"
firewall-cmd --zone=public --permanent --add-masquerade
firewall-cmd --reload

I have absolutely no clue why I'm getting error when my user want to connect to the server , It says remote host is behind NAT !!

Mar 20 11:19:10 ikev charon: 09[NET] received packet: from 89.165.18.30[500] to 88.99.45.140[500] (604 bytes)
Mar 20 11:19:10 ikev charon: 09[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(REDIR_SUP) N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) ]
Mar 20 11:19:10 ikev charon: 09[IKE] 89.165.18.30 is initiating an IKE_SA
Mar 20 11:19:10 ikev charon: 09[IKE] remote host is behind NAT
Mar 20 11:19:10 ikev charon: 09[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(MULT_AUTH) ]
Mar 20 11:19:10 ikev charon: 09[NET] sending packet: from 88.99.45.140[500] to 89.165.18.30[500] (448 bytes)
Mar 20 11:19:40 ikev charon: 08[JOB] deleting half open IKE_SA with 89.165.18.30 after timeout
Mar 20 11:19:53 ikev systemd-logind: New session 8 of user root.
Mar 20 11:19:53 ikev systemd: Started Session 8 of user root.
Mar 20 11:53:22 ikev charon: 08[NET] received packet: from 89.165.18.30[500] to 88.99.45.140[500] (604 bytes)
Mar 20 11:53:22 ikev charon: 08[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(REDIR_SUP) N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) ]
Mar 20 11:53:22 ikev charon: 08[IKE] 89.165.18.30 is initiating an IKE_SA
Mar 20 11:53:22 ikev charon: 08[IKE] remote host is behind NAT
Mar 20 11:53:22 ikev charon: 08[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(MULT_AUTH) ]
Mar 20 11:53:22 ikev charon: 08[NET] sending packet: from 88.99.45.140[500] to 89.165.18.30[500] (448 bytes)

I have been struggling for weeks with this and I give up ! I need help to solve this issue guys !