# /etc/ipsec.conf - Libreswan IPsec configuration file version 2.0 config setup plutostderrlog=/tmp/pluto.log plutodebug=all dumpdir=/tmp protostack=netkey conn test # Fuzzer cannot fuzz IKEv2 ikev2=no # Fuzzing aggressive is hard because libreswan requires a single # IKE proposal for aggressive, so it trivially rejects everything #aggressive=yes type=tunnel left=192.1.2.23 leftsubnet=192.1.2.23/32 right=192.1.2.45 rightsubnet=10.1.1.0/29 authby=secret esp=aes256-sha1,aes-sha1 # We specify multiple modp, but ike-scan always seems to use # a KE value for modp1024. We just try to let the parser continue # as much as possible #ike=aes256-sha1;modp1536,aes256-sha1;modp1024,aes-sha1;modp1536,aes-sha1;modp1024