/testing/guestbin/swan-prep
west #
 ipsec start
Redirecting to: systemctl start ipsec.service
west #
 /testing/pluto/bin/wait-until-pluto-started
west #
 ipsec auto --add one
002 added connection description "one"
west #
 ipsec auto --add two
002 added connection description "two"
west #
 echo "initdone"
initdone
west #
 ipsec auto --up one
002 "one" #1: initiating v2 parent SA
1v2 "one" #1: initiate
1v2 "one" #1: STATE_PARENT_I1: sent v2I1, expected v2R1
1v2 "one" #2: STATE_PARENT_I2: sent v2I2, expected v2R2 {auth=IKEv2 cipher=AES_CBC_128 integ=HMAC_SHA1_96 prf=HMAC_SHA1 group=MODP2048}
002 "one" #2: IKEv2 mode peer ID is ID_FQDN: '@east'
003 "one" #2: Authenticated using authby=secret
002 "one" #2: negotiated connection [192.0.1.0-192.0.1.255:80-80 6] -> [192.0.2.0-192.0.2.255:0-65535 6]
004 "one" #2: STATE_V2_IPSEC_I: IPsec SA established tunnel mode {ESP=>0xESPESP <0xESPESP xfrm=AES_CBC_128-HMAC_SHA1_96 NATOA=none NATD=none DPD=passive}
west #
 sleep 10
west #
 echo done
done
west #
 ipsec auto --up two
1v2 "two" #4: STATE_V2_CREATE_I: sent IPsec Child req wait response
002 "two" #4: negotiated connection [192.0.11.0-192.0.11.255:0-65535 6] -> [192.0.22.0-192.0.22.255:88-88 6]
004 "two" #4: STATE_V2_IPSEC_I: IPsec SA established tunnel mode {ESP=>0xESPESP <0xESPESP xfrm=AES_CBC_128-HMAC_SHA1_96-MODP2048 NATOA=none NATD=none DPD=passive}
west #
 sleep 10
west #
 echo done
done
west #
 # State's received msgid should be incremented after each new
west #
 # exchange.  Since west, the IKE SA initiator, is responding to
west #
 # CHILD_SA the values start at 0.
west #
 grep hdr.isa_msgid /tmp/pluto.log
| #1 st.st_msgid_lastrecv -1 md.hdr.isa_msgid 00000000
| #1 st.st_msgid_lastrecv 0 md.hdr.isa_msgid 00000001
| #1 st.st_msgid_lastrecv 1 md.hdr.isa_msgid 00000002
west #
 
