Below are the most common type of IPsec configurations people use. While written for libreswan, the instructions will work for openswan as well unless specifically noted.

VPN server to VPN server configurations

host to host VPN

subnet to subnet VPN

host to host VPN with PSK

subnet to subnet VPN with PSK

route-based VPN using VTI

EoIP shared ethernet LAN using IPsec

subnet to subnet using NAT

SElinux and Labeled IPsec VPN

VPN server for VPN client configurations

VPN server for remote clients using IKEv2

VPN server for remote clients using IKEv2 split VPN

VPN server for remote clients using IKEv1 XAUTH with Certificates

VPN server for remote clients using IKEv1 XAUTH with PSK

VPN server for remote clients using IKEv1 with L2TP

libreswan as client to a Cisco (ASA or VPN3000) server

IKEv1 XAUTH with Google-Authenticator One Time Passwords (OTP)

IKEv1 XAUTH with FreeOTP and FreeIPA

subnet extrusion

VPN configurations to connect to cloud providers

Opportunistic IPsec mesh for Amazon EC2 instances on AWS

Creating a Secure Connection Between Oracle Cloud Infrastructure and Other Cloud Providers with Libreswan

Using libreswan in OpenStack as VPNaaS

High Availability / Failover VPN in AWS using libreswan

Microsoft Azure configuration

OpenShift Cloud Encryption with libreswan

Libreswan's Test Cases

Libreswan's testsuite is also a good source of examples. Especially when looking for something demonstrating a more esoteric feature or option.

In addition, the test results are published nightly (see also Test Suite ).

Misc items

Using Apache to serve PKCS#12 format .p12 files

RFC 8229 - TCP support for IKEv2 and ESP