# /etc/ipsec.conf - FreeS/WAN IPsec configuration file

# basic configuration
config setup
        interfaces=%defaultroute
        #interfaces="ipsec0=eth0:0"
        klipsdebug=none
        plutodebug=none
        plutoload=%search
        plutostart=%search

# defaults for subsequent connection descriptions
conn %default
        keyingtries=0
        authby=secret
        #keylife=3m
        #ikelifetime=90s
        rekeymargin=30s
        rekeyfuzz=50%
        auto=start

conn tunnel1
        leftid=192.35.XXX.YYY
        left=192.35.XXX.YYY
        leftsubnet=192.35.169.ZZZ/32
        leftnexthop=192.35.164.1
        rightid=192.35.169.252
        right=192.35.169.252
        rightsubnet=0/0
        rightnexthop=