#!/usr/sbin/setkey -f

# NOTE: Do not use this file if you use racoon with racoon-tool
# utility. racoon-tool will setup SAs and SPDs automatically using
# /etc/racoon/racoon-tool.conf configuration.
# 

## Flush the SAD and SPD
flush;
spdflush;

# paquet sortant (out, src-dst)
spdadd 192.168.0.0/24[any] 10.0.0.0/24[any] any -P out ipsec
	esp/tunnel/192.168.1.2-172.16.0.2/require;

# paquet entrant (in, src-dst)
spdadd 10.0.0.0/24[any] 192.168.0.0/24[any] any -P in ipsec
	esp/tunnel/172.16.0.2-192.168.1.2/require;