DESCRIPTION
 The 
ipsec.conf file is read at system startup time if 
ipsec is set to “yes” in 
rc.conf(5). 
setkey(8) is run with the 
-f option to load in IPsec manual keys and policies from 
/etc/ipsec.conf at boot time, before any interfaces are configured.
Please see the setkey(8) manpage for all the commands available.