4 local_addrs = 192.168.0.100
5 remote_addrs = 192.168.0.1
10 id = carol@strongswan.org
14 id = moon.strongswan.org
18 local_ts = dynamic[icmp]
19 remote_ts = 10.1.0.0/16[icmp]
21 updown = /usr/local/libexec/ipsec/_updown iptables
22 esp_proposals = aes128gcm128-x25519
26 local_ts = dynamic[tcp]
27 remote_ts = 10.1.0.0/16[tcp/ssh]
29 updown = /usr/local/libexec/ipsec/_updown iptables
30 esp_proposals = aes128gcm128-x25519
35 proposals = aes128-sha256-x25519