# /etc/ipsec.conf - Libreswan IPsec configuration file

version 2.0

config setup
	# put the logs in /tmp for the UMLs, so that we can operate
	# without syslogd, which seems to break on UMLs
	plutostderrlog=/tmp/pluto.log
	plutodebug=all
	plutorestartoncrash=false
	dumpdir=/tmp
	protostack=klips

conn westnet-eastnet-ikev1-eccert
	left=192.1.2.45
	leftrsasigkey=%cert
	leftnexthop=192.1.2.23
	leftid=%fromcert
	# Right security gateway, subnet behind it, next hop toward left.
	right=192.1.2.23
	rightid=%fromcert
	rightrsasigkey=%cert
	rightcert=east
	rightsendcert=never
	rightnexthop=192.1.2.45
	also=westnet
	also=eastnet
	ikev2=never
	authby=rsasig
	#auto=add

include	/testing/baseconfigs/all/etc/ipsec.d/ipsec.conf.common