# /etc/ipsec.conf - Libreswan IPsec configuration file

version 2.0

config setup
	# put the logs in /var/tmp for the UMLs, so that we can operate
	# without syslogd, which seems to break on UMLs
	plutodebug=all
	logfile=/tmp/pluto.log
	logtime=no
	logappend=no
	protostack=netkey
	dumpdir=/var/tmp

conn main
	authby=rsasig
	left=192.1.2.45
	leftcert=west
	right=192.1.2.23
	rightsendcert=always
	leftid=@west.testing.libreswan.org
	rightid=@east.testing.libreswan.org
	rightca=%same
	leftca=%same
	leftprotoport=icmp
	rightprotoport=icmp

conn other
	authby=rsasig
	left=192.1.2.45
	leftcert=otherwest
	right=192.1.2.23
	rightsendcert=always
	leftid=@otherwest.other.libreswan.org
	rightid=@othereast.other.libreswan.org
	rightca=%same
	leftca=%same
	leftprotoport=tcp
	rightprotoport=tcp