version 2.0

config setup
	# put the logs in /tmp for the UMLs, so that we can operate
	# without syslogd, which seems to break on UMLs
	plutostderrlog=/tmp/pluto.log
	plutorestartoncrash=false
	dumpdir=/var/tmp

conn westnet-eastnet-key-key
	leftid=@eastkey.testing.libreswan.org
	rightid=@westkey.testing.libreswan.org
	also=westnet-eastnet-dns

conn westnet-eastnet-key-txt
	leftid=@eastkey.testing.libreswan.org
	rightid=@westtxt.testing.libreswan.org
	also=westnet-eastnet-dns

conn westnet-eastnet-txt-txt
	leftid=@easttxt.testing.libreswan.org
	rightid=@westtxt.testing.libreswan.org
	also=westnet-eastnet-dns

conn westnet-eastnet-txt-key
	leftid=@easttxt.testing.libreswan.org
	rightid=@westkey.testing.libreswan.org
	also=westnet-eastnet-dns

conn westnet-eastnet-bad-key
	leftid=@eastbad.testing.libreswan.org
	rightid=@westkey.testing.libreswan.org
	also=westnet-eastnet-dns

conn westnet-eastnet-txt-bad
	leftid=@easttxt.testing.libreswan.org
	rightid=@westbad.testing.libreswan.org
	also=westnet-eastnet-dns

conn westnet-eastnet-dns
	left=192.1.2.23
	leftsubnet=192.0.2.0/24
	leftrsasigkey=%dns
	right=192.1.2.45
	rightrsasigkey=%dns
	rightsubnet=192.0.1.0/24
	keyingtries=1	
	auto=ignore

include	/testing/baseconfigs/all/etc/ipsec.d/ipsec.conf.common

conn us
	rightsubnet=192.0.2.0/24

conn them
	leftsubnet=192.0.1.0/24

conn packetdefault
	auto=ignore