strongswan/testing/tests/ikev2/protoport-dual/hosts/moon/etc/ipsec.conf

# /etc/ipsec.conf - strongSwan IPsec configuration file

config setup
	strictcrlpolicy=no
	plutostart=no

conn %default
	ikelifetime=60m
	keylife=20m
	rekeymargin=3m
	keyingtries=1
	keyexchange=ikev2
	left=PH_IP_MOON
	leftnexthop=%direct
	leftcert=moonCert.pem
	leftid=@moon.strongswan.org
	leftfirewall=yes
	leftsubnet=10.1.0.0/16
	right=%any
	auto=add

conn rw-icmp
	lefthostaccess=yes
	leftprotoport=icmp
	rightprotoport=icmp

conn rw-ssh
	leftprotoport=tcp/ssh
	rightprotoport=tcp