version 2.0
config setup
        interfaces=%defaultroute
        plutodebug=none
        forwardcontrol=yes
        nat_traversal=yes
        
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!192.168.10.0/24
conn roadwarrior-l2tp
        leftprotoport=17/1701
        rightprotoport=17/1701
        also=roadwarrior

conn roadwarrior
        auth=esp
        authby=secret
        compress=yes
        keyexchange=ike
        keyingtries=3
        pfs=no
        rekey=yes
        left=%defaultroute
        right=%any
        rightsubnet=vhost:%no,%priv
        auto=add

#Disable Opportunistic Encryption
include /etc/ipsec.d/examples/no_oe.conf
