# /etc/ipsec.conf - Libreswan IPsec configuration file

config setup
	# put the logs in /tmp for the UMLs, so that we can operate
	# without syslogd, which seems to break on UMLs
	logfile=/tmp/pluto.log
	logtime=no
	logappend=no
	plutodebug=all
	dumpdir=/tmp
	protostack=netkey

conn westnet-eastnet-ikev2
	left=192.1.2.45
	leftsubnet=192.0.1.0/24
	leftid="C=CH, O=strongSwan, CN=strongWest"
	leftcert=strongWest
	leftsendcert=always
	right=192.1.2.23
	rightsubnet=192.0.2.0/24
	rightid="C=CH, O=strongSwan, CN=strongEast"
	authby=ecdsa-sha2_384