whackwest --name ipsec-rsa-rw --delete --rsa --host 128.95.7.1 --ikeport 8500 --client 128.95.7.8/30 --dnskeyondemand --updown silly --to --updown sally --dnskeyondemand --host 128.95.7.2 --ikeport 8500 --client 128.95.7.20/30 --encrypt --rekeymargin 350 --ikelifetime 900 --ipseclifetime 800 --keyingtries 2
002 added connection description "ipsec-rsa-rw"
whackeast --name ipsec-rsa-rw --delete --rsa --host %any --ikeport 8500 --client 128.95.7.8/30 --dnskeyondemand --updown silly --to --updown sally --dnskeyondemand --host 128.95.7.2 --ikeport 8500 --client 128.95.7.20/30 --nexthop %direct --encrypt --rekeymargin 350 --ikelifetime 900 --ipseclifetime 800 --keyingtries 2
002 added connection description "ipsec-rsa-rw"
whackwest --listen
002 listening for IKE messages
002 adding interface virtual128.95.7.1/lo:w 128.95.7.1:8500
002 loading secrets from "/tmp/ipsec.secrets/west"
whackeast --listen
002 listening for IKE messages
002 adding interface virtual128.95.7.2/lo:e 128.95.7.2:8500
002 loading secrets from "/tmp/ipsec.secrets/east"
whackwest --name ipsec-rsa-rw --initiate
002 "ipsec-rsa-rw" #1: initiating Main Mode
104 "ipsec-rsa-rw" #1: STATE_MAIN_I1: initiate
003 "ipsec-rsa-rw" #1: received Vendor ID payload [Openswan (this version)  VERSION
003 "ipsec-rsa-rw" #1: received Vendor ID payload [Dead Peer Detection]
106 "ipsec-rsa-rw" #1: STATE_MAIN_I2: sent MI2, expecting MR2
002 "ipsec-rsa-rw" #1: I did not send a certificate because I do not have one.
108 "ipsec-rsa-rw" #1: STATE_MAIN_I3: sent MI3, expecting MR3
004 "ipsec-rsa-rw" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
002 "ipsec-rsa-rw" #2: initiating Quick Mode RSASIG+ENCRYPT+TUNNEL+UP
117 "ipsec-rsa-rw" #2: STATE_QUICK_I1: initiate
004 "ipsec-rsa-rw" #2: STATE_QUICK_I2: sent QI2, IPsec SA established
whackwest --shutdown
002 shutting down
whackeast --shutdown
002 shutting down
