I was able to recreate the environment. With isakmpd(8) started on both sides and no policies loaded (# isakmpd -K), the first side to receive IKE packets from the other logs refusal messages. I don't think this is a problem, as it has no policies loaded yet, it has not been instructed by ipsecctl and refuses packets which do not match isakmpd.policy(5) defaults.
Code:
133035.145727 Default attribute_unacceptable: ENCRYPTION_ALGORITHM: got AES_CBC, expected 3DES_CBC
133035.150594 Default message_negotiate_sa: no compatible proposal found
133035.155179 Default dropped message from 10.9.1.2 port 500 due to notification type NO_PROPOSAL_CHOSEN
Once ipsecctl is run on both gateways, policies match and IKE completes between the gateways..
Otherwise, everything seems to work for me. I ensured I had routing between the LANs before initiating IPSec.