1 charon.plugins.kernel-libipsec.allow_peer_ts = no
2 Allow that the remote traffic selector equals the IKE peer.
4 Allow that the remote traffic selector equals the IKE peer. The route
5 installed for such traffic (via TUN device) usually prevents further IKE
6 traffic. The fwmark options for the _kernel-netlink_ and _socket-default_
7 plugins can be used to circumvent that problem.
9 charon.plugins.kernel-libipsec.fwmark = charon.plugins.socket-default.fwmark
10 Firewall mark to set on outbound raw ESP packets.
12 charon.plugins.kernel-libipsec.raw_esp = no
13 Whether to send and receive ESP packets without UDP encapsulation if
14 supported on this platform and no NAT is detected.