[2.5.0-RELEASE][admin@firewall.sv]/var/etc/ipsec: cat swanctl.conf 
# This file is automatically generated. Do not edit
connections {
	bypass {
		remote_addrs = 127.0.0.1
		children {
			bypasslan {
				local_ts = 10.3.0.0/24
				remote_ts = 10.3.0.0/24
				mode = pass
				start_action = trap
			}
		}
	}
	con7000 {
		fragmentation = yes
		unique = replace
		version = 2
		proposals = aes256-sha512-ecp521
		dpd_delay = 10s
		dpd_timeout = 60s
		rekey_time = 25920s
		reauth_time = 0s
		over_time = 2880s
		rand_time = 2880s
		encap = no
		mobike = no
		local_addrs = pfsense_ip_address
		remote_addrs = xyz4.xyz.com
		pools = 
		local {
			id = fqdn:xyz0.xyz.com
			auth = psk
		}
		remote {
			id = fqdn:xyz4.xyz.com
			auth = psk
		}
		children {
			con7000 {
				dpd_action = trap
				mode = tunnel
				policies = yes
				life_time = 3600s
				rekey_time = 3240s
				rand_time = 360s
				start_action = trap
				remote_ts = 10.4.0.0/24
				local_ts = 10.3.0.0/24
				esp_proposals = aes256-sha512-modp2048
			}
		}
	}
	con8000 {
		fragmentation = yes
		unique = replace
		version = 2
		proposals = aes256-sha512-ecp521
		dpd_delay = 10s
		dpd_timeout = 60s
		rekey_time = 25920s
		reauth_time = 0s
		over_time = 2880s
		rand_time = 2880s
		encap = no
		mobike = no
		local_addrs = pfsense_ip_address
		remote_addrs = xyz1.xyz.com
		pools = 
		local {
			id = fqdn:xyz0.xyz.com
			auth = psk
		}
		remote {
			id = fqdn:xyz1.xyz.com
			auth = psk
		}
		children {
			con8000 {
				dpd_action = trap
				mode = tunnel
				policies = yes
				life_time = 3600s
				rekey_time = 3240s
				rand_time = 360s
				start_action = trap
				remote_ts = 10.5.0.0/24
				local_ts = 10.3.0.0/24
				esp_proposals = aes256-sha512-ecp521
			}
		}
	}
	con9000 {
		fragmentation = yes
		unique = replace
		version = 2
		proposals = aes256-sha512-ecp521
		dpd_delay = 10s
		dpd_timeout = 60s
		rekey_time = 25920s
		reauth_time = 0s
		over_time = 2880s
		rand_time = 2880s
		encap = no
		mobike = no
		local_addrs = pfsense_ip_address
		remote_addrs = xyz2.xyz.com
		pools = 
		local {
			id = fqdn:xyz0.xyz.com
			auth = psk
		}
		remote {
			id = fqdn:xyz2.xyz.com
			auth = psk
		}
		children {
			con9000 {
				dpd_action = trap
				mode = tunnel
				policies = yes
				life_time = 3600s
				rekey_time = 3240s
				rand_time = 360s
				start_action = trap
				remote_ts = 10.1.0.0/24
				local_ts = 10.3.0.0/24
				esp_proposals = aes256-sha512-ecp521
			}
		}
	}
	con10000 {
		fragmentation = yes
		unique = replace
		version = 2
		proposals = aes256-sha512-ecp521
		dpd_delay = 10s
		dpd_timeout = 60s
		rekey_time = 25920s
		reauth_time = 0s
		over_time = 2880s
		rand_time = 2880s
		encap = no
		mobike = no
		local_addrs = pfsense_ip_address
		remote_addrs = xyz3.xyz.com
		pools = 
		local {
			id = fqdn:xyz0.xyz.com
			auth = psk
		}
		remote {
			id = fqdn:xyz3.xyz.com
			auth = psk
		}
		children {
			con10000 {
				dpd_action = trap
				mode = tunnel
				policies = yes
				life_time = 3600s
				rekey_time = 3240s
				rand_time = 360s
				start_action = trap
				remote_ts = 10.2.0.0/24
				local_ts = 10.3.0.0/24
				esp_proposals = aes256-sha512-ecp521
			}
		}
	}
}
secrets {
	ike-0 {
		secret = 
		id-0 = %any
		id-1 = @fqdn:xyz1.xyz.com
	}
	ike-1 {
		secret = 
		id-0 = %any
		id-1 = @fqdn:xyz1.xyz.com
	}
	ike-2 {
		secret = 
		id-0 = %any
		id-1 = @fqdn:xyz2.xyz.com
	}
	ike-3 {
		secret = 
		id-0 = %any
		id-1 = @fqdn:xyz3.xyz.com
	}
}