# /etc/ipsec.conf - Libreswan IPsec configuration file

version 2.0

config setup
	# put the logs in /var/tmp for the UMLs, so that we can operate
	# without syslogd, which seems to break on UMLs
	plutodebug=all
	logfile=/tmp/pluto.log
	logtime=no
	logappend=no
	protostack=netkey
	dumpdir=/var/tmp

conn san
	ikev2=no
	aggressive=yes
	ike=aes-sha1;modp1536
	authby=rsasig
	left=192.1.2.45
	right=192.1.2.23
	rightcert=east
	rightsendcert=always
	# emails from the RDN are not valid - only SAN emails are
	leftid=user-west@testing.libreswan.org
	rightid=user-east@testing.libreswan.org