# /etc/ipsec.conf - strongSwan IPsec configuration file

conn %default
	ikelifetime=60m
	keylife=20m
	rekeymargin=3m
	keyingtries=1

# to access the host via SSH in the test environment
conn pass-ssh
	authby=never
	leftsubnet=0.0.0.0/0[tcp/22]
	rightsubnet=0.0.0.0/0[tcp]
	type=pass
	auto=route

conn trap-any
	right=%any
	type=transport
	authby=psk
	auto=route