# /etc/ipsec.conf - Libreswan IPsec configuration file

config setup
	plutodebug="all" 
	logtime=no
	logappend=no
	logfile=/tmp/pluto.log
	dumpdir=/tmp
	protostack=netkey

conn westnet-eastnet-ikev2
	left=192.1.2.45
	leftid=@west
	leftsubnet=192.0.1.0/24
	leftauth=rsasig
	also=west-leftrsasigkey
	right=192.1.2.23
	rightid="%fromcert"
	rightcert=east
	rightsubnet=192.0.2.0/24
	rightauth=rsasig
	type=tunnel
	# this is a hack to prevent:
	# 003 Failed to add connection "westnet-eastnet-ikev2": leftauth=rsasig and rightauth=rsasig must not conflict with authby=none+NEVER_NEGOTIATE
	authby=rsasig

include	/testing/baseconfigs/all/etc/ipsec.d/ipsec.conf.common