# This file is automatically generated. Do not edit
connections {
	bypass {
		remote_addrs = 127.0.0.1
		children {
			bypasslan {
				local_ts = 192.168.254.0/24
				remote_ts = 192.168.254.0/24
				mode = pass
				start_action = trap
			}
		}
	}
	con1 {
		# P1 (ikeid 1)
		fragmentation = yes
		unique = replace
		version = 2
		proposals = aes128-sha256-modp2048
		dpd_delay = 10s
		rekey_time = 25920s
		reauth_time = 0s
		over_time = 2880s
		rand_time = 2880s
		encap = no
		mobike = no
		local_addrs = 192.168.254.10
		remote_addrs = 192.168.254.2
		local {
			id = 192.168.254.10
			auth = psk
		}
		remote {
			id = 192.168.254.2
			auth = psk
		}
		children {
			con1 {
				# P2 (reqid 1)
				policies = no
				life_time = 3600s
				rekey_time = 3240s
				rand_time = 360s
				start_action = start
				remote_ts = 10.0.7.2,0.0.0.0/0,::/0
				local_ts = 10.0.7.1,0.0.0.0/0,::/0
				reqid = 5001
				esp_proposals = aes128gcm128-modp2048,aes128-sha256-modp2048
				dpd_action = restart
			}
		}
	}
	con2 {
		# P1 (ikeid 2)
		fragmentation = yes
		unique = replace
		version = 2
		proposals = aes128-sha256-modp2048
		dpd_delay = 10s
		rekey_time = 25920s
		reauth_time = 0s
		over_time = 2880s
		rand_time = 2880s
		encap = no
		mobike = no
		local_addrs = 172.21.56.155
		remote_addrs = 1.1.1.1
		local {
			id = 172.21.56.155
			auth = psk
		}
		remote {
			id = 1.1.1.1
			auth = psk
		}
		children {
			con2 {
				# P2 (reqid 2)
				policies = no
				life_time = 3600s
				rekey_time = 3240s
				rand_time = 360s
				start_action = start
				remote_ts = 192.168.100.2,0.0.0.0/0,::/0
				local_ts = 192.168.100.1,0.0.0.0/0,::/0
				reqid = 5002
				esp_proposals = aes128gcm128-modp2048,aes128-sha256-modp2048
				dpd_action = restart
			}
		}
	}
}
secrets {
	ike-0 {
		secret = <redacted>
		id-0 = %any
		id-1 = 192.168.254.2
	}
	ike-1 {
		secret = <redacted>
		id-0 = %any
		id-1 = 1.1.1.1
	}
}
