connections {
home {
local_addrs = 192.168.0.200
remote_addrs = 192.168.0.1
local {
auth = pubkey
certs = daveCert.pem
id = dave@strongswan.org
}
remote {
auth = pubkey
id = moon.strongswan.org
}
children {
home {
remote_ts = 10.1.0.0/16
updown = /usr/local/libexec/ipsec/_updown iptables
esp_proposals = aes256gcm16-ecp384
}
}
version = 2
proposals = aes256-sha384-ecp384
}
}
secrets {
pkcs8-dave {
file = daveKey.pem
secret = "OJlNZBx+80dLh4wC6fw5LmBd"
}
}
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>