# /etc/ipsec.conf - Libreswan IPsec configuration file

config setup
	logfile=/tmp/pluto.log
	logtime=no
	logappend=no
	plutodebug="all"
	dumpdir=/tmp

conn %default
	ike=3des-sha1
	esp=3des-sha1

conn first
	left=1.2.3.4
	right=4.5.6.7
	ike=aes-sha2
	esp=aes-sha2

conn second
	left=2.3.4.5
	right=5.6.7.8
	# expect default conns ike and esp settings so 3des-sha1


conn cert-complain
	left=%defaultroute
	right=5.6.7.8
	authby=secret
	# there is no cert
	leftid=%fromcert

conn cert-allow
	left=%defaultroute
	right=5.6.7.8
	leftauth=secret
	rightauth=rsasig
	rightid=%fromcert