Now let us make an example ipsec.conf
configuration for a VPN tunnel from East to West. This ipsec.conf
configuration file needs to be created on both ends.
version 2 config setup interfaces=%defaultroute # klipsdebug=all # plutodebug=control conn %default authby=rsasig conn west-east left=193.110.157.131 right=205.150.200.209 type=tunnel leftrsasigkey=0sAQOkF1Ggd4iFfI2nQxJYbN9HGD... rightrsasigkey=0sAQPEAl+N52EIRrIAA5cxl8U... auto=start
And that is all you need to define an IPsec tunnel with Openswan. It can't be easier! Though most options should be self explanatory, let's review all of them so we will fully understand their usage.
Most network administrators are used to the concepts of source and destination addresses, and they expect an IPsec configuration to have a source and a destination. But this doesn't really apply to IPsec, bearing in mind that an IPsec connection actually contains two halves, one for incoming and one for outgoing packets...