# /etc/ipsec.conf - FreeS/WAN IPsec configuration file
# $Id: ipsec.conf,v 1.4 2006-06-30 06:43:51 doros Exp $
version 2

# basic configuration
config setup
	# THIS SETTING MUST BE CORRECT or almost nothing will work;
	# %defaultroute is okay for most simple cases.
	interfaces="ipsec0=eth0"
	# Debug-logging controls:  "none" for (almost) none, "all" for lots.
	klipsdebug=none
	plutodebug=none
	# Use auto= parameters in conn descriptions to control startup actions.
	###plutoload=%search
	###plutostart=%search
	# Close down old connection when new one using same ID shows up.
	uniqueids=yes



# defaults for subsequent connection descriptions
conn %default
	# How persistent to be in (re)keying negotiations (0 means very).
	keyingtries=0
	# RSA authentication with keys from DNS.
	authby=rsasig
	leftrsasigkey=0sAQNkQS5m70yuLQyR+EObQHDnG2NtOhIwir57Nr/Z4smUaNJHBHYDd/eHFD3izNOWm0L4OD432nd0zmE+A6L68j8j96P7V4C7yllAox/+epPWdiED1zzwmxsAyTke8AxHuTcwhsDmWF3K5Fi6s/60+9tMLCYDGsJReZccCHGazoxlGlYE+YyklYHkqrvn1kfvSqLS8wZILMUSeJMCekQW/ZZ6X2RAftKmC5ZfANp6NPO3nrDn8qyX8MwzeGy0h8t6XkiNCtezfOO5Lp3GKJrd+JUosUzD9luZ3QzQOX2OoInN6tEoTLf87yqM8Ax3W9aJ6SLTBnd6qHpvQ9ZfLhmHZHSFfzwraoqDIVlxTQ0mZa+LOHSpEpMbhrxuAs7yK8mH9N5UIShOV9b9fSnZiwWQbkzt1vfwmAYw6D1vGRJwUdWG5lK+ajv/ambygZQe2oSeVcOsheoMJuYlytPU3xmiEGuqzdGoYo5tHDARJvf6L7/94cOkgvThDI9ochVGcWyi1ySG58dHAHq4jPpxbSTW7fzVW6J+M8puXPseXG6uM9oLbs0cjgZ9ec4wRPw/rJizVjzIyBYPO2vm4DWoSZWON77cB1qH9Uzb6upbSpRvI1nbJnk/QZOCIewOjiZyjbqHcak8jo74XQSl5qgzaMbfoQbvDORsJn+zqiaXhVcy8f2Hww==
	rightrsasigkey=0sAQOXqpFO3dHcMpFndfXLRO+7GTkaOyeKUZsIh8ATcIgsrGrVIjVziL0t854fVQ/MweOAMleu/zHWMPgTdh9OwlvD3I1rZo0UoXmfzp3aExy9jnGSMsEaZpnoII6xIHXrWUAp4egPBE3OkgHQy03YRTZlRo23k/B+wgqquBd5I41B1KV2PpnM5bsx7ewbK6jH3Rc0UwLMTBRlqNHZ2p5d3bAkMF1PJFes6bZ2ZGMmlgRhq+IAHsTrbY5DvGzYuSj++r6Apfyt4q/Liti2OGEpCcsPZHkOVfe4wXA+wGpyVBsUxrnWYijGbwqF8EhnxqRxt5iXhMFB4xs1d/cf48wuy/0CeI1jr4SrT8Mg74aiSoHsBtvSnmDZ1vPkW7BO1Y5lFaku/KNn2jzMQJD3wiopYDoLFk6hgPMtYarNRdGybPazWuZN7smezlW4JgGuwyUtJT1MPfu0ZUKSKKu0rHWsvS7GCvxNWt/ZbQ/XEVzQANHjEXE92HJ+kUpVdT/50T6JAPE0SciwjIEq30sH9qQzU1KEqXna15LF5bb66gHuWPTqhXpHTwZ8GoSAGqvMOiFG0xE40ooZcfPVrdCou8OqPLxVXlv95pea2d8Gp18+gWdA4j+BX7GDavS0EwKRR9enBzKSAHdq5XSGYveIpH0oOpy48cdAtUffNAzc+7eoUSG+0Q==



# netkit VPN connection
conn netkit
	# Left security gateway, subnet behind it, next hop toward right.
	left=212.1.1.1
	leftsubnet=10.10.10.0/24
	leftnexthop=212.1.1.2
	# Right security gateway, subnet behind it, next hop toward left.
	right=212.1.2.1
	rightsubnet=10.10.20.0/24
	rightnexthop=212.1.2.2
	# To authorize this connection, but not actually start it, at startup,
	# uncomment this.
	auto=start