# /etc/ipsec.conf - Libreswan IPsec configuration file

version 2.0

config setup
	# put the logs in /tmp for the UMLs, so that we can operate
	# without syslogd, which seems to break on UMLs
	logfile=/tmp/pluto.log
	logtime=no
	logappend=no
	plutodebug=all
	dumpdir=/tmp
	protostack=netkey

conn %default
	ikev2=no

conn xauth-road-eastnet-psk
	also=road-eastnet
	auto=ignore
	rightxauthserver=yes
	leftxauthclient=yes

conn road-eastnet-psk
	also=eastnet
	also=road-east-psk
	left=%defaultroute
	ike=3des-sha1
	aggressive=yes
	authby=secret

conn road-east-psk
	right=192.1.2.23
	rightid=@east
	rightnexthop=192.1.2.45
	leftid=@roadrandom

include	/testing/baseconfigs/all/etc/ipsec.d/ipsec.conf.common