This describes a configuration that extrudes a single public IP from a gateway to a laptop.
On the laptop (named marajade -- Hand of the Emperor). Note, in this diagram the gateway is "left" and the laptop is "right"
conn marajade--extrude
left=205.150.200.134
leftsubnet=0.0.0.0/0
leftnexthop=205.150.200.129
right=%defaultroute
rightid=@marajade.sandelman.ca
rightsubnet=205.150.200.163/32
rightsourceip=205.150.200.163
auto=add
On the gateway (mrcharlie):
conn marajade--extrude
left=205.150.200.134
leftsubnet=0.0.0.0/0
leftnexthop=205.150.200.129
right=%any
rightid=@marajade.sandelman.ca
rightsubnet=205.150.200.163/32
rightsourceip=205.150.200.163
auto=add
Note that the ONLY difference is right=%any (on gateway) and right=%defaultroute (on laptop).
In this case, all keys come from DNS. Note that if you use PSK, main mode probably fails for you. Use RAW rsa keys.
