pfSense

<ipsec>

	<vtimaps></vtimaps>

	<phase1>

		<ikeid>1</ikeid>

		<iketype>ikev2</iketype>

		<interface>wan</interface>

		<remote-gateway>198.51.100.99</remote-gateway>

		<protocol>inet</protocol>

		<myid_type>myaddress</myid_type>

		<myid_data></myid_data>

		<peerid_type>fqdn</peerid_type>

		<peerid_data>host.example.com</peerid_data>

		<encryption>

			<item>

				<encryption-algorithm>

					<name>aes128gcm</name>

					<keylen>128</keylen>

				</encryption-algorithm>

				<hash-algorithm>aesxcbc</hash-algorithm>

				<prf-algorithm>md5</prf-algorithm>

				<dhgroup>32</dhgroup>

			</item>

		</encryption>

		<lifetime>28800</lifetime>

		<rekey_time></rekey_time>

		<reauth_time>25920</reauth_time>

		<rand_time></rand_time>

		<pre-shared-key>e0748f9a0cf080b5118cccb370eea01c72f3c9b85e1e3a2445df10c7</pre-shared-key>

		<private-key></private-key>

		<certref></certref>

		<pkcs11certref></pkcs11certref>

		<pkcs11pin></pkcs11pin>

		<caref></caref>

		<authentication_method>pre_shared_key</authentication_method>

		<descr><![CDATA[Expanded IKE Numbering Test]]></descr>

		<nat_traversal>on</nat_traversal>

		<mobike>off</mobike>

		<closeaction></closeaction>

		<dpd_delay>10</dpd_delay>

		<dpd_maxfail>5</dpd_maxfail>

		<splitconn></splitconn>

	</phase1>

	<phase2>

		<ikeid>1</ikeid>

		<uniqid>587193b80af8e</uniqid>

		<mode>tunnel</mode>

		<reqid>1</reqid>

		<localid>

			<type>lan</type>

		</localid>

		<remoteid>

			<type>network</type>

			<address>10.14.0.0</address>

			<netbits>24</netbits>

		</remoteid>

		<protocol>esp</protocol>

		<encryption-algorithm-option>

			<name>aes128gcm</name>

			<keylen>128</keylen>

		</encryption-algorithm-option>

		<hash-algorithm-option>aesxcbc</hash-algorithm-option>

		<pfsgroup>32</pfsgroup>

		<lifetime>3600</lifetime>

		<pinghost></pinghost>

		<descr><![CDATA[Expanded IKE Numbering Test]]></descr>

	</phase2>

</ipsec>