whackwest --name isakmp-rsa --rsa --host 128.95.7.2 --ikeport 8500 --dnskeyondemand --updown silly --to --updown sally --dnskeyondemand --id=@west.example.com --host 128.95.7.1 --ikeport 8500 --rekeymargin 350 --ikelifetime 900 --ipseclifetime 800 --keyingtries 2
002 added connection description "isakmp-rsa"
whackeast --name isakmp-rsa --rsa --host 128.95.7.2 --ikeport 8500 --dnskeyondemand --updown silly --to --updown sally --dnskeyondemand --id=@WEST.example.com --host 128.95.7.1 --ikeport 8500 --rekeymargin 350 --ikelifetime 900 --ipseclifetime 800 --keyingtries 2
002 added connection description "isakmp-rsa"
whackwest --listen
002 listening for IKE messages
002 adding interface virtual128.95.7.1/lo:w 128.95.7.1:8500
002 loading secrets from "/tmp/ipsec.secrets/west"
whackeast --listen
002 listening for IKE messages
002 adding interface virtual128.95.7.2/lo:e 128.95.7.2:8500
002 loading secrets from "/tmp/ipsec.secrets/east"
whackwest --name isakmp-rsa --initiate
002 "isakmp-rsa" #1: initiating Main Mode
104 "isakmp-rsa" #1: STATE_MAIN_I1: initiate
003 "isakmp-rsa" #1: received Vendor ID payload [Libreswan (this version)  VERSION
003 "isakmp-rsa" #1: received Vendor ID payload [Dead Peer Detection]
106 "isakmp-rsa" #1: STATE_MAIN_I2: sent MI2, expecting MR2
002 "isakmp-rsa" #1: I did not send a certificate because I do not have one.
108 "isakmp-rsa" #1: STATE_MAIN_I3: sent MI3, expecting MR3
004 "isakmp-rsa" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}
whackwest --shutdown
002 shutting down
whackeast --shutdown
002 shutting down
