# /etc/ipsec.conf - Libreswan IPsec configuration file version 2.0 config setup # put the logs in /tmp for the UMLs, so that we can operate # without syslogd, which seems to break on UMLs logfile=/tmp/pluto.log logtime=no logappend=no plutodebug=all dumpdir=/tmp protostack=netkey conn %default ikev2=no conn modecfg-road-eastnet-psk also=road-eastnet-psk rightmodecfgclient=yes rightxauthclient=yes rightsubnet=192.0.2.209/32 leftxauthserver=yes leftmodecfgserver=yes modecfgdns="1.2.3.4, 5.6.7.8" xauthby=alwaysok modecfgpull=yes # only activated on client #remote_peer_type=cisco conn road-eastnet-psk also=road-east-psk right=%any ike=3des-sha1 aggressive=no authby=secret leftsubnet=192.0.2.0/24 conn road-east-psk left=192.1.2.23 leftid=@east rightid=@roadrandom include /testing/baseconfigs/all/etc/ipsec.d/ipsec.conf.common