[Swan] Host-To-Host VPN with multiply interfaces

Paul Wouters paul at nohats.ca
Mon May 16 19:59:38 UTC 2016

On Mon, 16 May 2016, Michael Furman wrote:

> My question how to configure leftrsasigkey and rightrsasigkey.

You can see an example in the wiki at:


> But how can I configure what file to take (site1.secrets or site2.secrets) in the following command?

libreswan loads all /etc/ipsec.d/*.secrets files automatically (via an
include statement in /etc/ipsec.secrets. See the above wiki page on
how to configure these public keys into a *.conf file.

Please note that libreswan-3.17 has a bug when generating raw keys,
please use 3.16 for now if generating new rsa keys.


More information about the Swan mailing list