diff --git a/ipsec/tasks/main.yml b/ipsec/tasks/main.yml
index e69f3b1a..85d1b69a 100644
--- a/ipsec/tasks/main.yml
+++ b/ipsec/tasks/main.yml
@@ -3,7 +3,7 @@
   file:
     path: /etc/ipsec
     state: directory
-    mode: "0750"
+    mode: "0700"
     owner: root
     group: wheel
   tags:
@@ -45,7 +45,7 @@
   template:
     src: ipsec.conf.j2
     dest: "/etc/ipsec/{{ ipsec_name }}.conf"
-    mode: "0640"
+    mode: "0600"
     owner: root
     group: wheel
   register: ipsec_conf