# /etc/ipsec.conf - Libreswan IPsec configuration file

version 2.0

config setup
	# put the logs in /tmp for the UMLs, so that we can operate
	# without syslogd, which seems to break on UMLs
	logfile=/tmp/pluto.log
	logtime=no
	logappend=no
	plutodebug=all
	dumpdir=/tmp
	virtual-private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!192.0.1.0/24,%v6:!2001:db8:0:1::/64

conn west-east
	left=192.1.2.45
	leftid="@west"
	right=192.1.2.23
	rightid="@east"
	authby=secret
	auto=ignore

conn pass-222
	left=192.1.2.45
	leftid="@west"
	right=192.1.2.23
	rightid="@east"
	rightprotoport=tcp/222
	leftprotoport=tcp/0
	authby=never
	type=passthrough
	auto=ignore