# /etc/ipsec.conf - strongSwan IPsec configuration file

# RCSID $Id: ipsec.conf.in,v 1.7 2006/01/31 13:09:10 as Exp $

# Manual:    ipsec.conf.5
# Help:      http://www.strongswan.org/docs/readme.htm

version	2.0	# conforms to second version of ipsec.conf specification

# basic configuration

config setup
	# Debug-logging controls: "none" for (almost) none, "all" for lots.
	# plutodebug=all
	# crlcheckinterval=600
	# strictcrlpolicy=yes
	# cachecrls=yes
	# nat_traversal=yes

# Uncomment to activate Opportunistic Encryption (OE)
# include /etc/ipsec.d/examples/oe.conf

# Add connections here.

# Sample VPN connections

#conn sample-self-signed
#      left=%defaultroute
#      leftsubnet=10.1.0.0/16
#      leftcert=selfCert.der
#      leftsendcert=never
#      right=192.168.0.2
#      rightsubnet=10.2.0.0/16
#      rightcert=peerCert.der
#      auto=start

#conn sample-with-ca-cert
#      left=%defaultroute
#      leftsubnet=10.1.0.0/16
#      leftcert=myCert.pem
#      right=192.168.0.2
#      rightsubnet=10.2.0.0/16
#      rightid="C=CH, O=Linux strongSwan CN=peer name"
#      auto=start