-.\" $OpenBSD: sec.4,v 1.3 2024/08/30 13:09:10 dlg Exp $
+.\" $OpenBSD: sec.4,v 1.4 2024/08/31 00:51:29 dlg Exp $
.\"
.\" Copyright (c) 2023 David Gwynne <dlg@openbsd.org>
.\"
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.Dd $Mdocdate: August 30 2024 $
+.Dd $Mdocdate: August 31 2024 $
.Dt SEC 4
.Os
.Sh NAME
iface sec0
.Ed
.Pp
-Once
-.Xr iked 8
-is running with this configuration, communication between the
-customer and provider gateways is enabled.
+Alternatively, IKEv1 negotiation of the IPsec tunnel SAs is supported by
+.Xr isakmpd 8
+and
+.Xr ipsecctl 8 .
+The equivalient
+.Xr ipsec.conf 5
+configuration for the given parameters follows:
+.Bd -literal -offset indent
+ike interface sec0 \\
+ local 192.0.2.8 peer 198.51.100.14 \\
+ psk "7kA7evdkd50Q5YdCCF9t8eftgEgL4vk2"
+.Ed
+.Pp
+Once the Security Associations are established, communication between
+the customer and provider gateways is enabled.
.Pp
Routes to networks hosted by the provider can be added using the
providers