# /etc/ipsec.conf - Libreswan IPsec configuration file

config setup
	logfile=/tmp/pluto.log
	logtime=no
	logappend=no
	plutodebug=all
	protostack=netkey

#conn westnet-eastnet-x509-nosend
#	also=westnet-eastnet-x509
#	leftsendcert=never
#	rightsendcert=never

conn base
	ikev2=no
        left=192.1.2.45
	leftsubnet=192.0.1.254/32
	leftid=%fromcert
	leftcert=west
   	ikelifetime=1m
	rekey=no

conn TUNNEL-A
	also=base
        right=192.1.2.23
	rightid="C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org"
        rightsubnet=192.0.2.254/32

conn TUNNEL-B
	also=base
        right=192.1.2.23
	rightid="C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org"
        rightsubnet=192.0.2.244/32

conn TUNNEL-C
	also=base
        right=192.1.2.23
	rightid="C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org"
        rightsubnet=192.0.2.234/32