vpn-server/etc/ipsec.conf

# /etc/ipsec.conf - strongSwan IPsec configuration file
#
# Based on http://www.strongswan.org/uml/testresults/ikev2/rw-psk-ipv4/

config setup

conn %default
    left=%defaultroute
    ikelifetime=60m
    keylife=20m
    rekeymargin=3m
    keyingtries=1
    keyexchange=ikev2
    authby=secret

conn rw
    # http://wiki.loopop.net/doku.php?id=server:vpn:strongswanonopenvz
    # https://wiki.strongswan.org/projects/strongswan/wiki/ForwardingAndSplitTunneling
    leftsubnet=0.0.0.0/0
    # end ref
    leftfirewall=yes
    right=%any
    rightsourceip=10.8.0.0/16
    auto=add