conn uml1-uml2
	# Left security gateway, subnet behind it, next hop toward right.
	left=192.168.2.18
	leftsubnet=10.1.18.0/24
	# Right security gateway, subnet behind it, next hop toward left.
	right=192.168.2.20
	rightsubnet=10.1.20.0/24
	# To authorize this connection, but not actually start it, at startup,
	# uncomment this.
	compress=yes
	auto=add
	auth=esp
	authby=secret
	pfs=yes
	#
	# will select first available (kernel): 
	esp=aes,twofish,serpent,cast,blowfish,3des
	#esp=aes-sha1,3des-sha1
	#esp=3des-ripemd,3des-sha1
	#esp=blowfish,aes-sha2_256,3des-sha2_256,aes-sha1,3des-sha1
	#esp=aes-sha1
	#esp=aes-sha2_256
	#esp=3des