File setkey.conf.sample of Package ipsec-tools

# This is a sample setkey.conf
# !!! don't forget to enable racoon-setkey.service !!!
#  or you will get ERROR on phase2:
# no policy found: x.x.x.x/24[0] y.y.y.y/24[0] proto=any dir=in

# First of all flush the SPD database
spdflush;

# Add some SPD rules
# Very likely you'll want to replace these rules with your own ones
spdadd 127.0.0.0/8 127.0.0.0/8 any -P out none;
spdadd 127.0.0.0/8 127.0.0.0/8 any -P in none;