# /etc/ipsec.conf - Libreswan IPsec configuration file

version 2.0

config setup
	# put the logs in /tmp for the UMLs, so that we can operate
	# without syslogd, which seems to break on UMLs
	protostack=netkey
	logfile=/tmp/pluto.log
	logtime=no
	logappend=no
	plutodebug=all
	dumpdir=/tmp

include	/testing/baseconfigs/all/etc/ipsec.d/ipsec.conf.common

conn northnet-eastnet-nat
	ikev2=no
	left=%defaultroute
	# Causes failure to orient if it comes in through an include?
	# also=northnet
	leftsubnet=192.0.3.0/24
	leftnexthop=192.1.3.254
	leftid="C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=north.testing.libreswan.org, E=user-north@testing.libreswan.org"
	leftcert=north
	leftsendcert=always
	# this causes breakage
	leftca=%same
	#
	right=192.1.2.23
	# Causes failure to orient if it comes in through an include?
	# also=eastnet
	rightsubnet=192.0.2.0/24
	rightnexthop=192.1.2.254
	rightid="C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east@testing.libreswan.org"
	#rightcert=east
	rightsendcert=always
	rightca=%same