# common pieces for ipsec.conf. No host addresses.## for conns# left  = WEST# right = EAST## for OE stuff,# right = my stuff# left  = other stuff.#conn us-to-anyone	also=us	also=me-to-anyoneconn me-to-anyone	right=%defaultroute	left=%opportunistic	# uncomment to enable incoming; change to auto=route for outgoing	#auto=add# food groups: clear, clear-or-private, private-or-clear, private, block# Tempting to use "postcard" instead of "clear"# these are for a subnet behind us.conn us-clear	also=clear	also=us# except the connection to the DNS serverconn let-my-dns-go	also=clearconn us-let-my-dns-go	also=clear	also=usconn us-clear-or-private	also=clear-or-private	also=usconn us-private-or-clear	also=private-or-clear	also=usconn us-private-or-clear-all	also=private-or-clear	also=usconn us-private	also=private	also=usconn us-block	also=block	also=us# a different named conn, so we can have a different policyconn private-or-clear-all	also=private-or-clear# these are for selfconn clear	type=passthrough	authby=never	right=%defaultroute	left=%group	#auto=routeconn clear-or-private	type=passthrough	right=%defaultroute	left=%opportunisticgroup	# by using "add", we get passive.	# but this does not actually implement "clear" :-(	failureshunt=passthrough	#auto=routeconn private-or-clear	type=tunnel	right=%defaultroute	left=%opportunisticgroup	failureshunt=passthrough	#auto=routeconn private	type=tunnel	right=%defaultroute	left=%opportunisticgroup	# without failureshunt, renegotiation will be tried.	failureshunt=drop	#auto=routeconn block	type=reject	authby=never	right=%defaultroute	left=%group	#auto=route# VPN connectionconn west-east	also=west-east-base	#auto=startconn west-eastnet	also=west-east-base	also=eastnet	#auto=startconn westnet-east	also=west-east-base	also=westnet	#auto=startconn west-east-pass	also=west-east-base	type=passthrough	#auto=startconn westnet-east-pass	also=west-east-base	also=westnet	type=passthrough	#auto=startconn west-eastnet-pass	also=west-east-base	also=eastnet	type=passthrough	#auto=startconn westnet-eastnet-ipcomp	compress=yes	also=westnet-eastnetconn westnet-eastnet	also=west-east-base	also=westnet	also=eastnet	#auto=startconn westnet-eastnet-pass	also=west-east-base	also=westnet	also=eastnet	type=passthrough	#auto=startconn westnet-eastnet-drop	also=west-east-base	also=westnet	also=eastnet	type=drop	#auto=startconn eastnet	rightsubnet=192.0.2.0/24conn westnet	leftsubnet=192.0.1.0/24conn west-east-base	# Left security gateway, subnet behind it, next hop toward right.	left=192.1.2.45	leftid=@west	leftrsasigkey=0sAQNzGEFs18VKT00sA+4p+GUKn9C55PYuPQca6C+9Qhj0jfMdQnTRTDLeI+lp9TnidHH7fVpq+PkfiF2LHlZtDwMurLlwzbNOghlEYKfQ080WlOTTUAmOLhAzH28MF70q3hzq0m5fCaVZWtxcV+LfHWdxceCkjBUSaTFtR2W12urFCBz+SB3+OM33aeIbfHxmck2yzhJ8xyMods5kF3ek/RZlFvgN8VqBdcFVrZwTh0mXDCGN12HNFixL6FzQ1jQKerKBbjb0m/IPqugvpVPWVIUajUpLMEmi1FAXc1mFZE9x1SFuSr0NzYIu2ZaHfvsAZY5oN+I+R2oC67fUCjgxY+t7	leftnexthop=192.1.2.23	# Right security gateway, subnet behind it, next hop toward left.	right=192.1.2.23	rightid=@east	rightrsasigkey=0sAQN3cn11FrBVbZhWGwRnFDAf8O9FHBmBIyIvmvt0kfkI2UGDDq8k+vYgRkwBZDviLd1p3SkL30LzuV0rqG3vBriqaAUUGoCQ0UMgsuX+k01bROLsqGB1QNXYvYiPLsnoDhKd2Gx9MUMHEjwwEZeyskMT5k91jvoAZvdEkg+9h7urbJ+kRQ4e+IHkMUrreDGwGVptV/hYQVCD54RZep6xp5ymaKRCDgMpzWvlzO80fP7JDjSZf9LI/MMu6c+qwXIKnWoNha75IhFyLWniVczxK2RdhmMhLsi0kC0CoOwWDSIEOb+5zbECDjjud+SF5tT8qRCWnSomX8jtbCdZ50WraQlL	rightnexthop=192.1.2.45conn road-east-base	right=192.1.2.23	rightid=@east	rightrsasigkey=0sAQN3cn11FrBVbZhWGwRnFDAf8O9FHBmBIyIvmvt0kfkI2UGDDq8k+vYgRkwBZDviLd1p3SkL30LzuV0rqG3vBriqaAUUGoCQ0UMgsuX+k01bROLsqGB1QNXYvYiPLsnoDhKd2Gx9MUMHEjwwEZeyskMT5k91jvoAZvdEkg+9h7urbJ+kRQ4e+IHkMUrreDGwGVptV/hYQVCD54RZep6xp5ymaKRCDgMpzWvlzO80fP7JDjSZf9LI/MMu6c+qwXIKnWoNha75IhFyLWniVczxK2RdhmMhLsi0kC0CoOwWDSIEOb+5zbECDjjud+SF5tT8qRCWnSomX8jtbCdZ50WraQlL	rightnexthop=192.1.2.45	leftid=@road.uml.freeswan.org        leftrsasigkey=0sAQNxbOBmDqiNrUmn5q4kzBQ6I6pW/g2c8iDh3Y/KDtELBC6G0dASaaa95lV0cZT2kla681hVLzRF4MUCmFkH5ih514Nrwc5aptte49/70WotqcbvAhXeBX0zbg78gUPaT7CcUEAYxHoqHubao4mmfWlSrOnpf4crE/q3J6zH+8Z3bfsTGnpThgfNCItHpH7jkHPUYDilHsk0Zfd5fxjVDbl8JbQoT3P1KrdmpK7M1sXQhug12ocq8HlrXa3smJIq5b4T0rF+MYrThrNytNIEn53phuj6S8qmONin4usCqpUw50i2VqaBNQSY++/B57AqThFZNqt7TjqqT0CQ7tPRELgXwRvWA04GDhqBHHWoOrLdsR0p	leftnexthop=192.1.3.254conn westnet-eastnet-x509	leftsubnet=192.0.1.0/24	rightsubnet=192.0.2.0/24	also=west-east-x509conn west-east-x509        # Left security gateway, subnet behind it, next hop toward right.        left=192.1.2.45        leftrsasigkey=%cert        leftcert=west.uml.freeswan.org.cert          leftnexthop=192.1.2.23        leftid="C=CA, ST=Ontario, O=Openswan, L=Toronto, CN=west.uml.freeswan.org, E=west@openswan.org"        # Right security gateway, subnet behind it, next hop toward left.        right=192.1.2.23        rightid="C=CA, ST=Ontario, O=Openswan, L=Toronto, CN=east.uml.openswan.org, E=east@openswan.org"        rightrsasigkey=%cert        rightcert=east.uml.freeswan.org.cert        rightnexthop=192.1.2.45conn north-east-x509	# Left security gateway, subnet behind it, next hop toward right.	left=192.1.2.49        leftrsasigkey=%cert        leftcert=north.uml.freeswan.org.cert  	leftnexthop=192.1.2.23	leftid="C=CA/ST=Ontario/O=Openswan/CN=west.uml.freeswan.org/Email=west@openswan.org"	# Right security gateway, subnet behind it, next hop toward left.	right=192.1.2.23	rightid="C=CA/ST=Ontario/O=Openswan/CN=east.uml.freeswan.org/Email=east@openswan.org"        rightrsasigkey=%cert	rightcert=east.uml.freeswan.org.cert	rightnexthop=192.1.2.49conn north-east	# Left security gateway, subnet behind it, next hop toward right.	left=%any	leftnexthop=192.2.3.254	leftid=@north        leftrsasigkey=0sAQPwDB+4k65xvxQ3qtPV6rUucJovYeRGnfv6T7HaeK/5TcBXDyhEDrfNLS13p5cJYUu13LJbeLYS9MQZSZq7PRsg8DsG1oVeDmJbQM9CaVKs9REMnTiRbzye3mDnsQQRRr63BnU/IMDJrmO54ZenkQIbtEkFOX6vm2gtmf/s8C0lPvQk/cNXgkHx6fTq3sZs7pUiFvspj/CrZTx4ShhFNkyvv6RrUu728HspGZwseoZqC7ZbIqnsMqjPeG65qLl+IRYk4s8yT6JBYjYxX96LoHf9V8v0Qbjq4LJm7UpaqX4EJscDRGPByVZaiAwntCU3uzc/NAlgyZJN14yzwXfv1kQUJFLDGYNBF+z0dqON+0DfuCTR	# Right security gateway, subnet behind it, next hop toward left.	right=192.1.2.23	rightid=@east	rightrsasigkey=0sAQN3cn11FrBVbZhWGwRnFDAf8O9FHBmBIyIvmvt0kfkI2UGDDq8k+vYgRkwBZDviLd1p3SkL30LzuV0rqG3vBriqaAUUGoCQ0UMgsuX+k01bROLsqGB1QNXYvYiPLsnoDhKd2Gx9MUMHEjwwEZeyskMT5k91jvoAZvdEkg+9h7urbJ+kRQ4e+IHkMUrreDGwGVptV/hYQVCD54RZep6xp5ymaKRCDgMpzWvlzO80fP7JDjSZf9LI/MMu6c+qwXIKnWoNha75IhFyLWniVczxK2RdhmMhLsi0kC0CoOwWDSIEOb+5zbECDjjud+SF5tT8qRCWnSomX8jtbCdZ50WraQlL	rightnexthop=192.1.2.254