diff --git a/src/etc/inc/plugins.inc.d/ipsec.inc b/src/etc/inc/plugins.inc.d/ipsec.inc
index d07e1d9a2..111752272 100644
--- a/src/etc/inc/plugins.inc.d/ipsec.inc
+++ b/src/etc/inc/plugins.inc.d/ipsec.inc
@@ -1003,6 +1003,7 @@ function ipsec_configure_do($verbose = false, $interface = '')
         }
 
         $strongswan = generate_strongswan_conf($strongswanTree);
+        $strongswan .= "\ninclude ipsec.opnsense.d/*.conf\n";
         @file_put_contents("/usr/local/etc/strongswan.conf", $strongswan);
         unset($strongswan);
 
@@ -1096,6 +1097,7 @@ function ipsec_configure_do($verbose = false, $interface = '')
             unset($key);
         }
 
+        $pskconf .= "\ninclude ipsec.secrets.opnsense.d/*.secrets\n";
         @file_put_contents("/usr/local/etc/ipsec.secrets", $pskconf);
         chmod("/usr/local/etc/ipsec.secrets", 0600);
         unset($pskconf);
@@ -1550,6 +1552,7 @@ EOD;
             }
         }
     }
+    $ipsecconf .= "\ninclude strongswan.opnsense.d/*.conf\n";
     // dump file, replace tabs for 2 spaces
     @file_put_contents("/usr/local/etc/ipsec.conf", str_replace("\t", '  ', $ipsecconf));
     unset($ipsecconf);
diff --git a/src/etc/ipsec.opnsense.d/README b/src/etc/ipsec.opnsense.d/README
new file mode 100644
index 000000000..39b174cfc
--- /dev/null
+++ b/src/etc/ipsec.opnsense.d/README
@@ -0,0 +1 @@
+OPNsense: automatically included ipsec.conf configuration files
diff --git a/src/etc/ipsec.secrets.opnsense.d/README b/src/etc/ipsec.secrets.opnsense.d/README
new file mode 100644
index 000000000..9686417e8
--- /dev/null
+++ b/src/etc/ipsec.secrets.opnsense.d/README
@@ -0,0 +1 @@
+OPNsense: automatically included ipsec.secrets configuration files
diff --git a/src/etc/strongswan.opnsense.d/README b/src/etc/strongswan.opnsense.d/README
new file mode 100644
index 000000000..0ba734fe4
--- /dev/null
+++ b/src/etc/strongswan.opnsense.d/README
@@ -0,0 +1 @@
+OPNsense: automatically included strongswan.conf configuration files