#
# Mqnaged by CFEngine
#
{{#cfg.tunnel}}
{{#.nets}}
conn "{{.name}} {{.local}} {{.remote}}"
	ikelifetime={{.p1_lifetime}}
	lifetime={{.p2_lifetime}}
	leftsubnet={{.local}}
	rightsubnet={{.remote}}
	left={{.local_ip}}
	right={{.remote_ip}}
	esp={{#.p2_encryption}}{{.}}-{{/.p2_encryption}}{{#.p2_hash}}{{.}}-{{/.p2_hash}}modp2048
	ike={{.p1_encryption}}-{{.p1_hash}}-modp2048
	auto=route
	authby=secret
	keyexchange=ikev1
{{/.nets}}
{{/cfg.tunnel}}