diff -ruN smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.conf/10Setup smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.conf/10Setup
--- smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.conf/10Setup	2018-06-21 14:38:06.078134549 +0200
+++ smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.conf/10Setup	2018-06-21 14:39:00.708831748 +0200
@@ -34,7 +34,6 @@
         $OUT .= "    #klipsdebug=none\n";
         $OUT .= "    plutostderrlog=/var/log/pluto/pluto.log\n";
         $OUT .= "    dumpdir=/var/run/pluto/\n";
-        $OUT .= "    nat_traversal=yes\n";
 
         if ( $keepalive ne '' ) {
             $OUT .= "    keep-alive=$keepalive\n";
@@ -52,18 +51,27 @@
         foreach my $ipsecprop (@connections) {
 
             # Note that L2TPD needs the localsubnet in here
+            # Second thoughts I don't think it does
+            # Only when you have subnet <-> subnet
 
             my $ipsecstatus = $ipsecDB->get_prop( "$ipsecprop", 'status' ) || "disabled";
 
-            if ( $ipsecstatus eq 'enabled' ) {
+            my $ipsecrecord = $ipsecDB->get($ipsecprop);
+            my $type = $ipsecrecord->prop('type');
+
+            if ( $ipsecstatus eq 'enabled' && $type eq 'ipsec' ) {
+
                 my $rightsubnet = $ipsecDB->get_prop( "$ipsecprop", 'rightsubnet' );
 
+                unless ( $rightsubnet ) {
+                warn ("Warning $ipsecprop has no right subnet");
+                }
+
                 # Check if the network is a unique value
-                if ( !( $rightsubnet ~~ @subnetArr ) ) {
-                    print "$rightsubnet\n";
-                    
+                if ( $rightsubnet && !( $rightsubnet ~~ @subnetArr ) ) {
                     push( @subnetArr, $rightsubnet );
                 }
+
             }
 
         }    # End foreach
diff -ruN smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection
--- smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection	2018-06-21 14:38:06.079134599 +0200
+++ smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection	2018-06-21 14:39:00.707831698 +0200
@@ -148,7 +148,8 @@
                            $ipsecDB->get_prop( $ipsecprop, 'forceencaps' )
                         || $configDB->get_prop( $dbKey, 'forceencaps' )
                         || 'no';
-                    $OUT .= "    forceencaps=$forceencaps\n";
+                    
+                    $OUT .= "    encapsulation=$forceencaps\n";
 
                     my $keyingtries =
                            $ipsecDB->get_prop( $ipsecprop, 'keyingtries' )