conf/plugins/kernel-libipsec.opt

   1 charon.plugins.kernel-libipsec.allow_peer_ts = no
   2         Allow that the remote traffic selector equals the IKE peer.
   3
   4         Allow that the remote traffic selector equals the IKE peer. The route
   5         installed for such traffic (via TUN device) usually prevents further IKE
   6         traffic. The fwmark options for the _kernel-netlink_ and _socket-default_
   7         plugins can be used to circumvent that problem.
   8
   9 charon.plugins.kernel-libipsec.fwmark = charon.plugins.socket-default.fwmark
  10         Firewall mark to set on outbound raw ESP packets.
  11
  12 charon.plugins.kernel-libipsec.raw_esp = no
  13         Whether to send and receive ESP packets without UDP encapsulation if
  14         supported on this platform and no NAT is detected.