testing/tests/swanctl/rw-cert/hosts/dave/etc/swanctl/swanctl.conf

   1 connections {
   2
   3    home {
   4       local_addrs  = 192.168.0.200
   5       remote_addrs = 192.168.0.1
   6
   7       local {
   8          auth = pubkey
   9          certs = daveCert.pem
  10          id = dave@strongswan.org
  11       }
  12       remote {
  13          auth = pubkey
  14          id = moon.strongswan.org
  15       }
  16       children {
  17          home {
  18             remote_ts = 10.1.0.0/16
  19
  20             start_action = none
  21             updown = /usr/local/libexec/ipsec/_updown iptables
  22             rekey_time = 10m
  23             esp_proposals = aes128gcm128-modp2048
  24          }
  25       }
  26
  27       version = 2
  28       reauth_time = 60m
  29       rekey_time =  20m
  30       proposals = aes128-sha256-modp2048
  31    }
  32 }