extras/strongswan/vpp_sswan/swanctl.conf - fdio/vpp - Gitiles

 connections {
   net-net {
     local_addrs = 192.168.0.2
     remote_addrs = 192.168.0.1
     local {
       auth = psk
       id = sun.strongswan.org
     }
     remote {
       auth = psk
       id = moon.strongswan.org
     }
     children {
       net-net {
         local_ts = 192.168.200.0/24
         remote_ts = 192.168.100.0/24
         esp_proposals = aes128-sha1-modp2048
         rekey_time = 240m
       }
     }
     version = 2
     mobike = yes
     encap = no # NAT-T if needed
     proposals = aes128-sha256-x25519
     }
 }
 secrets {
   ike-net-net {
     id = moon.strongswan.org
     secret = simplepsk
   }
 }

 # Include config snippets
 include conf.d/*.conf
	connections {
	net-net {
	local_addrs = 192.168.0.2
	remote_addrs = 192.168.0.1
	local {
	auth = psk
	id = sun.strongswan.org
	}
	remote {
	auth = psk
	id = moon.strongswan.org
	}
	children {
	net-net {
	local_ts = 192.168.200.0/24
	remote_ts = 192.168.100.0/24
	esp_proposals = aes128-sha1-modp2048
	rekey_time = 240m
	}
	}
	version = 2
	mobike = yes
	encap = no # NAT-T if needed
	proposals = aes128-sha256-x25519
	}
	}
	secrets {
	ike-net-net {
	id = moon.strongswan.org
	secret = simplepsk
	}
	}

	# Include config snippets
	include conf.d/*.conf