Ansible-roles/system.vpn.client/templates/ipsec.conf.j2

# ipsec.conf - strongSwan IPsec configuration file

# basic configuration

config setup
  # strictcrlpolicy=yes
  # uniqueids = no

# Add connections here.

# Sample VPN connections

conn %default
  ikelifetime=60m
  keylife=20m
  rekeymargin=3m
  keyingtries=1
  keyexchange=ikev1
  authby=secret
  ike=aes256-sha1-modp1024
  esp=aes256-sha1

conn {{ vpn__connection_id }}
  keyexchange=ikev1
  left=%defaultroute
  auto=route
  authby=secret
  type=transport
  leftprotoport=17/1701
  rightprotoport=17/1701
  right={{ vpn__public_host }}
  keyingtries=%forever