# /etc/ipsec.conf - Libreswan IPsec configuration file config setup logfile=/tmp/pluto.log logtime=no logappend=no plutodebug=all protostack=netkey conn nss-cert-chain # Left security gateway, subnet behind it, next hop toward right. left=192.1.2.45 leftcert=west_chain_endcert leftca="C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org" leftsubnet=192.0.1.254/32 leftid=%fromcert leftnexthop=192.1.2.23 leftsourceip=192.0.1.254 # Right security gateway, subnet behind it, next hop toward left. right=192.1.2.23 rightid=%fromcert rightca="C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing@libreswan.org" #rightcert=east rightnexthop=192.1.2.45 rightsubnet=192.0.2.254/32 rightsourceip=192.0.2.254 # test specific options leftsendcert=always rightsendcert=always sendca=all