1 # /etc/ipsec.conf - FreeS/WAN IPsec configuration file
3 # More elaborate and more varied sample configurations can be found
4 # in FreeS/WAN's doc/examples file, and in the HTML documentation.
10 # THIS SETTING MUST BE CORRECT or almost nothing will work;
11 # %defaultroute is okay for most simple cases.
12 interfaces=%defaultroute
13 # Debug-logging controls: "none" for (almost) none, "all" for lots.
16 # Use auto= parameters in conn descriptions to control startup actions.
19 # Close down old connection when new one using same ID shows up.
24 # defaults for subsequent connection descriptions
26 # How persistent to be in (re)keying negotiations (0 means very).
28 # RSA authentication with keys from DNS.
35 # connection description for (experimental!) opportunistic encryption
36 # (requires KEY record in your DNS reverse map; see doc/opportunism.howto)
40 # uncomment to enable incoming; change to auto=route for outgoing
45 # sample VPN connection
47 # Left security gateway, subnet behind it, next hop toward right.
50 leftrsasigkey=0sAQNzGEFs18VKT00sA+4p+GUKn9C55PYuPQca6C+9Qhj0jfMdQnTRTDLeI+lp9TnidHH7fVpq+PkfiF2LHlZtDwMurLlwzbNOghlEYKfQ080WlOTTUAmOLhAzH28MF70q3hzq0m5fCaVZWtxcV+LfHWdxceCkjBUSaTFtR2W12urFCBz+SB3+OM33aeIbfHxmck2yzhJ8xyMods5kF3ek/RZlFvgN8VqBdcFVrZwTh0mXDCGN12HNFixL6FzQ1jQKerKBbjb0m/IPqugvpVPWVIUajUpLMEmi1FAXc1mFZE9x1SFuSr0NzYIu2ZaHfvsAZY5oN+I+R2oC67fUCjgxY+t7
51 leftsubnet=192.0.1.254/24
52 leftnexthop=192.1.2.23
53 # Right security gateway, subnet behind it, next hop toward left.
56 rightrsasigkey=0sAQN3cn11FrBVbZhWGwRnFDAf8O9FHBmBIyIvmvt0kfkI2UGDDq8k+vYgRkwBZDviLd1p3SkL30LzuV0rqG3vBriqaAUUGoCQ0UMgsuX+k01bROLsqGB1QNXYvYiPLsnoDhKd2Gx9MUMHEjwwEZeyskMT5k91jvoAZvdEkg+9h7urbJ+kRQ4e+IHkMUrreDGwGVptV/hYQVCD54RZep6xp5ymaKRCDgMpzWvlzO80fP7JDjSZf9LI/MMu6c+qwXIKnWoNha75IhFyLWniVczxK2RdhmMhLsi0kC0CoOwWDSIEOb+5zbECDjjud+SF5tT8qRCWnSomX8jtbCdZ50WraQlL
57 rightsubnet=192.0.2.254/24
58 rightnexthop=192.1.2.45
59 # To authorize this connection, but not actually start it, at startup,