# /etc/ipsec.conf - Libreswan IPsec configuration file

version 2.0

config setup
	# put the logs in /tmp for the UMLs, so that we can operate
	# without syslogd, which seems to break on UMLs
	plutostderrlog=/tmp/pluto.log
	plutorestartoncrash=false
	plutodebug="control crypt controlmore"
	dumpdir=/tmp

conn westnet-eastnet-aggr
	aggrmode=yes
	ike=3des-md5-modp1536
	also=westnet-eastnet

conn westnet-bogus01
	also=westnet-bogus-tmpl
	right=192.1.2.41
	rightid=@bogus01

conn westnet-bogus02
	also=westnet-bogus-tmpl
	right=192.1.2.42
	rightid=@bogus02

conn westnet-bogus03
	also=westnet-bogus-tmpl
	right=192.1.2.43
	rightid=@bogus03

conn westnet-bogus04
	also=westnet-bogus-tmpl
	right=192.1.2.44
	rightid=@bogus04

conn westnet-bogus05
	also=westnet-bogus-tmpl
	right=192.1.2.55
	rightid=@bogus05

conn westnet-bogus06
	also=westnet-bogus-tmpl
	right=192.1.2.46
	rightid=@bogus06

conn westnet-bogus07
	also=westnet-bogus-tmpl
	right=192.1.2.47
	rightid=@bogus07

conn westnet-bogus08
	also=westnet-bogus-tmpl
	right=192.1.2.48
	rightid=@bogus08

conn westnet-bogus09
	also=westnet-bogus-tmpl
	right=192.1.2.49
	rightid=@bogus09

conn westnet-bogus10
	also=westnet-bogus-tmpl
	right=192.1.2.50
	rightid=@bogus10

conn westnet-bogus-tmpl
	aggrmode=yes
	ike=3des-md5-modp1536
	# Left security gateway, subnet behind it, next hop toward right.
	left=192.1.2.45
	leftid=@west
	leftrsasigkey=0sAQNzGEFs18VKT00sA+4p+GUKn9C55PYuPQca6C+9Qhj0jfMdQnTRTDLeI+lp9TnidHH7fVpq+PkfiF2LHlZtDwMurLlwzbNOghlEYKfQ080WlOTTUAmOLhAzH28MF70q3hzq0m5fCaVZWtxcV+LfHWdxceCkjBUSaTFtR2W12urFCBz+SB3+OM33aeIbfHxmck2yzhJ8xyMods5kF3ek/RZlFvgN8VqBdcFVrZwTh0mXDCGN12HNFixL6FzQ1jQKerKBbjb0m/IPqugvpVPWVIUajUpLMEmi1FAXc1mFZE9x1SFuSr0NzYIu2ZaHfvsAZY5oN+I+R2oC67fUCjgxY+t7
	leftnexthop=192.1.2.23
	rightrsasigkey=0sAQN3cn11FrBVbZhWGwRnFDAf8O9FHBmBIyIvmvt0kfkI2UGDDq8k+vYgRkwBZDviLd1p3SkL30LzuV0rqG3vBriqaAUUGoCQ0UMgsuX+k01bROLsqGB1QNXYvYiPLsnoDhKd2Gx9MUMHEjwwEZeyskMT5k91jvoAZvdEkg+9h7urbJ+kRQ4e+IHkMUrreDGwGVptV/hYQVCD54RZep6xp5ymaKRCDgMpzWvlzO80fP7JDjSZf9LI/MMu6c+qwXIKnWoNha75IhFyLWniVczxK2RdhmMhLsi0kC0CoOwWDSIEOb+5zbECDjjud+SF5tT8qRCWnSomX8jtbCdZ50WraQlL
	rightnexthop=192.1.2.45
	
conn packetdefault
	auto=ignore

include	/testing/baseconfigs/all/etc/ipsec.d/ipsec.conf.common

conn us
	rightsubnet=192.0.2.0/24

conn them
	leftsubnet=192.0.1.0/24