looks as if starting from the 5th packet of phase1 exchange, NAT-T is recognized:
ike_send_packet: <-------- sending SA = { caca4f81 5cf535f6 - d201dbee ac425781}, len = 92, nego = -1, local ip= 173.161.47.145, dst = 52.87.109.64:4500
Is there a NAT device in the path? I don't know if AWS supports NAT-T/Aggressive mode.
Sam