[root@vm-2-100 ~]# cat /etc/ipsec.conf
# /etc/ipsec.conf - Openswan IPsec configuration file
#
# Manual: ipsec.conf.5
#
# Please place your own config files in /etc/ipsec.d/ ending in .conf
version 2.0 # conforms to second version of ipsec.conf specification
# basic configuration
config setup
# Debug-logging controls: "none" for (almost) none, "all" for lots.
# klipsdebug=none
# plutodebug="control parsing"
# For Red Hat Enterprise Linux and Fedora, leave protostack=netkey
protostack=netkey
nat_traversal=yes
virtual_private=
oe=off
# Enable this if you see "failed to find any available worker"
# nhelpers=0
#You may put your configuration (.conf) file in the "/etc/ipsec.d/" and uncomment this.
#include /etc/ipsec.d/*.conf
conn StateSecrets
type=tunnel
authby=secret
auto=start
pfs=no
ike=aes256-sha1;modp1024
phase2alg=aes256-sha1;modp1024
aggrmode=no
left=192.168.2.100
right=192.168.3.100
leftsubnet=192.168.2.0/24
rightsubnet=192.168.3.0/24
[root@vm-2-100 ~]# cat /etc/ipsec.d/psk.secrets
%any %any : PSK "preshared key"