ipsec.conf revision 1.6
1# $OpenBSD: ipsec.conf,v 1.6 2017/05/04 22:10:39 bluhm Exp $ 2### regress ipsec ipsec.conf 3 4# Install symmetric config by exchanging local and peer keywords. 5FROM="from" 6TO="to" 7LOCAL="local" 8PEER="peer" 9 10## ESP 11 12# ESP TRANSP 13 14flow esp \ 15 $FROM $SRC_ESP_TRANSP_IPV4 $TO $IPS_ESP_TRANSP_IPV4 \ 16 $LOCAL $SRC_ESP_TRANSP_IPV4 $PEER $IPS_ESP_TRANSP_IPV4 \ 17 type dontacq 18flow esp \ 19 $FROM $SRC_ESP_TRANSP_IPV6 $TO $IPS_ESP_TRANSP_IPV6 \ 20 $LOCAL $SRC_ESP_TRANSP_IPV6 $PEER $IPS_ESP_TRANSP_IPV6 \ 21 type dontacq 22 23# ESP TRANSP SA 24 25esp transport \ 26 from $SRC_ESP_TRANSP_IPV4 to $IPS_ESP_TRANSP_IPV4 \ 27 spi 0x10000441:0x10000442 \ 28 authkey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 29 enckey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef 30 31esp transport \ 32 from $SRC_ESP_TRANSP_IPV6 to $IPS_ESP_TRANSP_IPV6 \ 33 spi 0x10000461:0x10000462 \ 34 authkey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 35 enckey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef 36 37# ESP TUNNEL IPS 38 39flow esp \ 40 $FROM $SRC_ESP_TUNNEL_IPV4/24 $TO $IPS_ESP_TUNNEL4_IPV4/24 \ 41 $LOCAL $SRC_OUT_IPV4 $PEER $IPS_IN_IPV4 \ 42 type dontacq 43flow esp \ 44 $FROM $SRC_ESP_TUNNEL_IPV6/64 $TO $IPS_ESP_TUNNEL4_IPV6/64 \ 45 $LOCAL $SRC_OUT_IPV4 $PEER $IPS_IN_IPV4 \ 46 type dontacq 47 48flow esp \ 49 $FROM $SRC_ESP_TUNNEL_IPV4/24 $TO $IPS_ESP_TUNNEL6_IPV4/24 \ 50 $LOCAL $SRC_OUT_IPV6 $PEER $IPS_IN_IPV6 \ 51 type dontacq 52flow esp \ 53 $FROM $SRC_ESP_TUNNEL_IPV6/64 $TO $IPS_ESP_TUNNEL6_IPV6/64 \ 54 $LOCAL $SRC_OUT_IPV6 $PEER $IPS_IN_IPV6 \ 55 type dontacq 56 57# ESP TUNNEL ECO 58 59flow esp \ 60 $FROM $SRC_ESP_TUNNEL_IPV4/24 $TO $ECO_ESP_TUNNEL4_IPV4/24 \ 61 $LOCAL $SRC_OUT_IPV4 $PEER $IPS_IN_IPV4 \ 62 type dontacq 63flow esp \ 64 $FROM $SRC_ESP_TUNNEL_IPV6/64 $TO $ECO_ESP_TUNNEL4_IPV6/64 \ 65 $LOCAL $SRC_OUT_IPV4 $PEER $IPS_IN_IPV4 \ 66 type dontacq 67 68flow esp \ 69 $FROM $SRC_ESP_TUNNEL_IPV4/24 $TO $ECO_ESP_TUNNEL6_IPV4/24 \ 70 $LOCAL $SRC_OUT_IPV6 $PEER $IPS_IN_IPV6 \ 71 type dontacq 72flow esp \ 73 $FROM $SRC_ESP_TUNNEL_IPV6/64 $TO $ECO_ESP_TUNNEL6_IPV6/64 \ 74 $LOCAL $SRC_OUT_IPV6 $PEER $IPS_IN_IPV6 \ 75 type dontacq 76 77# ESP TUNNEL SA 78 79esp tunnel \ 80 from $SRC_OUT_IPV4 to $IPS_IN_IPV4 \ 81 spi 0x10000841:0x10000842 \ 82 authkey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 83 enckey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef 84 85esp tunnel \ 86 from $SRC_OUT_IPV6 to $IPS_IN_IPV6 \ 87 spi 0x10000861:0x10000862 \ 88 authkey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 89 enckey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef 90 91## AH 92 93# AH TRANSP 94 95flow ah \ 96 $FROM $SRC_AH_TRANSP_IPV4 $TO $IPS_AH_TRANSP_IPV4 \ 97 $LOCAL $SRC_AH_TRANSP_IPV4 $PEER $IPS_AH_TRANSP_IPV4 \ 98 type dontacq 99flow ah \ 100 $FROM $SRC_AH_TRANSP_IPV6 $TO $IPS_AH_TRANSP_IPV6 \ 101 $LOCAL $SRC_AH_TRANSP_IPV6 $PEER $IPS_AH_TRANSP_IPV6 \ 102 type dontacq 103 104# AH TRANSP SA 105 106ah transport \ 107 from $SRC_AH_TRANSP_IPV4 to $IPS_AH_TRANSP_IPV4 \ 108 spi 0x10002441:0x10002442 \ 109 authkey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 110 enckey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef 111 112ah transport \ 113 from $SRC_AH_TRANSP_IPV6 to $IPS_AH_TRANSP_IPV6 \ 114 spi 0x10002461:0x10002462 \ 115 authkey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 116 enckey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef 117 118# AH TUNNEL IPS 119 120flow ah \ 121 $FROM $SRC_AH_TUNNEL_IPV4/24 $TO $IPS_AH_TUNNEL4_IPV4/24 \ 122 $LOCAL $SRC_OUT_IPV4 $PEER $IPS_IN_IPV4 \ 123 type dontacq 124flow ah \ 125 $FROM $SRC_AH_TUNNEL_IPV6/64 $TO $IPS_AH_TUNNEL4_IPV6/64 \ 126 $LOCAL $SRC_OUT_IPV4 $PEER $IPS_IN_IPV4 \ 127 type dontacq 128 129flow ah \ 130 $FROM $SRC_AH_TUNNEL_IPV4/24 $TO $IPS_AH_TUNNEL6_IPV4/24 \ 131 $LOCAL $SRC_OUT_IPV6 $PEER $IPS_IN_IPV6 \ 132 type dontacq 133flow ah \ 134 $FROM $SRC_AH_TUNNEL_IPV6/64 $TO $IPS_AH_TUNNEL6_IPV6/64 \ 135 $LOCAL $SRC_OUT_IPV6 $PEER $IPS_IN_IPV6 \ 136 type dontacq 137 138# AH TUNNEL ECO 139 140flow ah \ 141 $FROM $SRC_AH_TUNNEL_IPV4/24 $TO $ECO_AH_TUNNEL4_IPV4/24 \ 142 $LOCAL $SRC_OUT_IPV4 $PEER $IPS_IN_IPV4 \ 143 type dontacq 144flow ah \ 145 $FROM $SRC_AH_TUNNEL_IPV6/64 $TO $ECO_AH_TUNNEL4_IPV6/64 \ 146 $LOCAL $SRC_OUT_IPV4 $PEER $IPS_IN_IPV4 \ 147 type dontacq 148 149flow ah \ 150 $FROM $SRC_AH_TUNNEL_IPV4/24 $TO $ECO_AH_TUNNEL6_IPV4/24 \ 151 $LOCAL $SRC_OUT_IPV6 $PEER $IPS_IN_IPV6 \ 152 type dontacq 153flow ah \ 154 $FROM $SRC_AH_TUNNEL_IPV6/64 $TO $ECO_AH_TUNNEL6_IPV6/64 \ 155 $LOCAL $SRC_OUT_IPV6 $PEER $IPS_IN_IPV6 \ 156 type dontacq 157 158# AH TUNNEL SA 159 160ah tunnel \ 161 from $SRC_OUT_IPV4 to $IPS_IN_IPV4 \ 162 spi 0x10002841:0x10002842 \ 163 authkey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 164 enckey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef 165 166ah tunnel \ 167 from $SRC_OUT_IPV6 to $IPS_IN_IPV6 \ 168 spi 0x10002861:0x10002862 \ 169 authkey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 170 enckey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef 171 172## IPIP 173 174# IPIP TRANSP 175 176flow ipip \ 177 $FROM $SRC_IPIP_TRANSP_IPV4 $TO $IPS_IPIP_TRANSP_IPV4 \ 178 $LOCAL $SRC_IPIP_TRANSP_IPV4 $PEER $IPS_IPIP_TRANSP_IPV4 \ 179 type use 180flow ipip \ 181 $FROM $SRC_IPIP_TRANSP_IPV6 $TO $IPS_IPIP_TRANSP_IPV6 \ 182 $LOCAL $SRC_IPIP_TRANSP_IPV6 $PEER $IPS_IPIP_TRANSP_IPV6 \ 183 type use 184 185# IPIP TRANSP SA 186 187ipip transport \ 188 from $SRC_IPIP_TRANSP_IPV4 to $IPS_IPIP_TRANSP_IPV4 \ 189 spi 0x10004441:0x10004442 190 191ipip transport \ 192 from $SRC_IPIP_TRANSP_IPV6 to $IPS_IPIP_TRANSP_IPV6 \ 193 spi 0x10004461:0x10004462 194 195# IPIP TUNNEL IPS 196 197flow ipip \ 198 $FROM $SRC_IPIP_TUNNEL_IPV4/24 $TO $IPS_IPIP_TUNNEL4_IPV4/24 \ 199 $LOCAL $SRC_OUT_IPV4 $PEER $IPS_IN_IPV4 \ 200 type use 201flow ipip \ 202 $FROM $SRC_IPIP_TUNNEL_IPV6/64 $TO $IPS_IPIP_TUNNEL4_IPV6/64 \ 203 $LOCAL $SRC_OUT_IPV4 $PEER $IPS_IN_IPV4 \ 204 type use 205 206flow ipip \ 207 $FROM $SRC_IPIP_TUNNEL_IPV4/24 $TO $IPS_IPIP_TUNNEL6_IPV4/24 \ 208 $LOCAL $SRC_OUT_IPV6 $PEER $IPS_IN_IPV6 \ 209 type use 210flow ipip \ 211 $FROM $SRC_IPIP_TUNNEL_IPV6/64 $TO $IPS_IPIP_TUNNEL6_IPV6/64 \ 212 $LOCAL $SRC_OUT_IPV6 $PEER $IPS_IN_IPV6 \ 213 type use 214 215# IPIP TUNNEL ECO 216 217flow ipip \ 218 $FROM $SRC_IPIP_TUNNEL_IPV4/24 $TO $ECO_IPIP_TUNNEL4_IPV4/24 \ 219 $LOCAL $SRC_OUT_IPV4 $PEER $IPS_IN_IPV4 \ 220 type use 221flow ipip \ 222 $FROM $SRC_IPIP_TUNNEL_IPV6/64 $TO $ECO_IPIP_TUNNEL4_IPV6/64 \ 223 $LOCAL $SRC_OUT_IPV4 $PEER $IPS_IN_IPV4 \ 224 type use 225 226flow ipip \ 227 $FROM $SRC_IPIP_TUNNEL_IPV4/24 $TO $ECO_IPIP_TUNNEL6_IPV4/24 \ 228 $LOCAL $SRC_OUT_IPV6 $PEER $IPS_IN_IPV6 \ 229 type use 230flow ipip \ 231 $FROM $SRC_IPIP_TUNNEL_IPV6/64 $TO $ECO_IPIP_TUNNEL6_IPV6/64 \ 232 $LOCAL $SRC_OUT_IPV6 $PEER $IPS_IN_IPV6 \ 233 type use 234 235# IPIP TUNNEL SA 236 237ipip tunnel \ 238 from $SRC_OUT_IPV4 to $IPS_IN_IPV4 \ 239 spi 0x10004841:0x10004842 240 241ipip tunnel \ 242 from $SRC_OUT_IPV6 to $IPS_IN_IPV6 \ 243 spi 0x10004861:0x10004862 244 245## IPCOMP 246 247# IPCOMP TRANSP 248 249flow ipcomp \ 250 $FROM $SRC_IPCOMP_TRANSP_IPV4 $TO $IPS_IPCOMP_TRANSP_IPV4 \ 251 $LOCAL $SRC_IPCOMP_TRANSP_IPV4 $PEER $IPS_IPCOMP_TRANSP_IPV4 \ 252 type use 253flow ipcomp \ 254 $FROM $SRC_IPCOMP_TRANSP_IPV6 $TO $IPS_IPCOMP_TRANSP_IPV6 \ 255 $LOCAL $SRC_IPCOMP_TRANSP_IPV6 $PEER $IPS_IPCOMP_TRANSP_IPV6 \ 256 type use 257 258# IPCOMP TRANSP SA 259 260ipcomp transport \ 261 from $SRC_IPCOMP_TRANSP_IPV4 to $IPS_IPCOMP_TRANSP_IPV4 \ 262 spi 0x6441:0x6442 263 264ipcomp transport \ 265 from $SRC_IPCOMP_TRANSP_IPV6 to $IPS_IPCOMP_TRANSP_IPV6 \ 266 spi 0x6461:0x6462 267 268# IPCOMP TUNNEL IPS 269 270flow ipcomp \ 271 $FROM $SRC_IPCOMP_TUNNEL_IPV4/24 $TO $IPS_IPCOMP_TUNNEL4_IPV4/24 \ 272 $LOCAL $SRC_OUT_IPV4 $PEER $IPS_IN_IPV4 \ 273 type use 274flow ipcomp \ 275 $FROM $SRC_IPCOMP_TUNNEL_IPV6/64 $TO $IPS_IPCOMP_TUNNEL4_IPV6/64 \ 276 $LOCAL $SRC_OUT_IPV4 $PEER $IPS_IN_IPV4 \ 277 type use 278 279flow ipcomp \ 280 $FROM $SRC_IPCOMP_TUNNEL_IPV4/24 $TO $IPS_IPCOMP_TUNNEL6_IPV4/24 \ 281 $LOCAL $SRC_OUT_IPV6 $PEER $IPS_IN_IPV6 \ 282 type use 283flow ipcomp \ 284 $FROM $SRC_IPCOMP_TUNNEL_IPV6/64 $TO $IPS_IPCOMP_TUNNEL6_IPV6/64 \ 285 $LOCAL $SRC_OUT_IPV6 $PEER $IPS_IN_IPV6 \ 286 type use 287 288# IPCOMP TUNNEL ECO 289 290flow ipcomp \ 291 $FROM $SRC_IPCOMP_TUNNEL_IPV4/24 $TO $ECO_IPCOMP_TUNNEL4_IPV4/24 \ 292 $LOCAL $SRC_OUT_IPV4 $PEER $IPS_IN_IPV4 \ 293 type use 294flow ipcomp \ 295 $FROM $SRC_IPCOMP_TUNNEL_IPV6/64 $TO $ECO_IPCOMP_TUNNEL4_IPV6/64 \ 296 $LOCAL $SRC_OUT_IPV4 $PEER $IPS_IN_IPV4 \ 297 type use 298 299flow ipcomp \ 300 $FROM $SRC_IPCOMP_TUNNEL_IPV4/24 $TO $ECO_IPCOMP_TUNNEL6_IPV4/24 \ 301 $LOCAL $SRC_OUT_IPV6 $PEER $IPS_IN_IPV6 \ 302 type use 303flow ipcomp \ 304 $FROM $SRC_IPCOMP_TUNNEL_IPV6/64 $TO $ECO_IPCOMP_TUNNEL6_IPV6/64 \ 305 $LOCAL $SRC_OUT_IPV6 $PEER $IPS_IN_IPV6 \ 306 type use 307 308# IPCOMP TUNNEL SA 309 310ipcomp tunnel \ 311 from $SRC_OUT_IPV4 to $IPS_IN_IPV4 \ 312 spi 0x6841:0x6842 313 314ipcomp tunnel \ 315 from $SRC_OUT_IPV6 to $IPS_IN_IPV6 \ 316 spi 0x6861:0x6862 317 318## BUNDLE 319 320# BUNDLE TRANSP 321 322flow ipcomp \ 323 $FROM $SRC_BUNDLE_TRANSP_IPV4 $TO $IPS_BUNDLE_TRANSP_IPV4 \ 324 $LOCAL $SRC_BUNDLE_TRANSP_IPV4 $PEER $IPS_BUNDLE_TRANSP_IPV4 \ 325 type use 326flow ipcomp \ 327 $FROM $SRC_BUNDLE_TRANSP_IPV6 $TO $IPS_BUNDLE_TRANSP_IPV6 \ 328 $LOCAL $SRC_BUNDLE_TRANSP_IPV6 $PEER $IPS_BUNDLE_TRANSP_IPV6 \ 329 type use 330 331# BUNDLE TRANSP SA 332 333ipcomp transport \ 334 from $SRC_BUNDLE_TRANSP_IPV4 to $IPS_BUNDLE_TRANSP_IPV4 \ 335 spi 0x8441:0x8442 \ 336 bundle identifier 337esp transport \ 338 from $SRC_BUNDLE_TRANSP_IPV4 to $IPS_BUNDLE_TRANSP_IPV4 \ 339 spi 0x10018441:0x10018442 \ 340 authkey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 341 enckey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 342 bundle identifier 343ah transport \ 344 from $SRC_BUNDLE_TRANSP_IPV4 to $IPS_BUNDLE_TRANSP_IPV4 \ 345 spi 0x10028441:0x10028442 \ 346 authkey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 347 enckey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 348 bundle identifier 349 350ipcomp transport \ 351 from $SRC_BUNDLE_TRANSP_IPV6 to $IPS_BUNDLE_TRANSP_IPV6 \ 352 spi 0x8461:0x8462 \ 353 bundle identifier 354esp transport \ 355 from $SRC_BUNDLE_TRANSP_IPV6 to $IPS_BUNDLE_TRANSP_IPV6 \ 356 spi 0x10018461:0x10018462 \ 357 authkey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 358 enckey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 359 bundle identifier 360ah transport \ 361 from $SRC_BUNDLE_TRANSP_IPV6 to $IPS_BUNDLE_TRANSP_IPV6 \ 362 spi 0x10028461:0x10028462 \ 363 authkey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 364 enckey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 365 bundle identifier 366 367# BUNDLE TUNNEL IPS 368 369flow ipcomp \ 370 $FROM $SRC_BUNDLE_TUNNEL_IPV4/24 $TO $IPS_BUNDLE_TUNNEL4_IPV4/24 \ 371 $LOCAL $SRC_BUNDLE_IPV4 $PEER $IPS_BUNDLE_IPV4 \ 372 type use 373flow ipcomp \ 374 $FROM $SRC_BUNDLE_TUNNEL_IPV6/64 $TO $IPS_BUNDLE_TUNNEL4_IPV6/64 \ 375 $LOCAL $SRC_BUNDLE_IPV4 $PEER $IPS_BUNDLE_IPV4 \ 376 type use 377 378flow ipcomp \ 379 $FROM $SRC_BUNDLE_TUNNEL_IPV4/24 $TO $IPS_BUNDLE_TUNNEL6_IPV4/24 \ 380 $LOCAL $SRC_BUNDLE_IPV6 $PEER $IPS_BUNDLE_IPV6 \ 381 type use 382flow ipcomp \ 383 $FROM $SRC_BUNDLE_TUNNEL_IPV6/64 $TO $IPS_BUNDLE_TUNNEL6_IPV6/64 \ 384 $LOCAL $SRC_BUNDLE_IPV6 $PEER $IPS_BUNDLE_IPV6 \ 385 type use 386 387# BUNDLE TUNNEL ECO 388 389flow ipcomp \ 390 $FROM $SRC_BUNDLE_TUNNEL_IPV4/24 $TO $ECO_BUNDLE_TUNNEL4_IPV4/24 \ 391 $LOCAL $SRC_BUNDLE_IPV4 $PEER $IPS_BUNDLE_IPV4 \ 392 type use 393flow ipcomp \ 394 $FROM $SRC_BUNDLE_TUNNEL_IPV6/64 $TO $ECO_BUNDLE_TUNNEL4_IPV6/64 \ 395 $LOCAL $SRC_BUNDLE_IPV4 $PEER $IPS_BUNDLE_IPV4 \ 396 type use 397 398flow ipcomp \ 399 $FROM $SRC_BUNDLE_TUNNEL_IPV4/24 $TO $ECO_BUNDLE_TUNNEL6_IPV4/24 \ 400 $LOCAL $SRC_BUNDLE_IPV6 $PEER $IPS_BUNDLE_IPV6 \ 401 type use 402flow ipcomp \ 403 $FROM $SRC_BUNDLE_TUNNEL_IPV6/64 $TO $ECO_BUNDLE_TUNNEL6_IPV6/64 \ 404 $LOCAL $SRC_BUNDLE_IPV6 $PEER $IPS_BUNDLE_IPV6 \ 405 type use 406 407# BUNDLE TUNNEL SA 408 409ipcomp tunnel \ 410 from $SRC_BUNDLE_IPV4 to $IPS_BUNDLE_IPV4 \ 411 spi 0x8841:0x8842 \ 412 bundle identifier 413esp tunnel \ 414 from $SRC_BUNDLE_IPV4 to $IPS_BUNDLE_IPV4 \ 415 spi 0x10018841:0x10018842 \ 416 authkey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 417 enckey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 418 bundle identifier 419ah tunnel \ 420 from $SRC_BUNDLE_IPV4 to $IPS_BUNDLE_IPV4 \ 421 spi 0x10028841:0x10028842 \ 422 authkey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 423 enckey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 424 bundle identifier 425 426ipcomp tunnel \ 427 from $SRC_BUNDLE_IPV6 to $IPS_BUNDLE_IPV6 \ 428 spi 0x8861:0x8862 \ 429 bundle identifier 430esp tunnel \ 431 from $SRC_BUNDLE_IPV6 to $IPS_BUNDLE_IPV6 \ 432 spi 0x10018861:0x10018862 \ 433 authkey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 434 enckey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 435 bundle identifier 436ah tunnel \ 437 from $SRC_BUNDLE_IPV6 to $IPS_BUNDLE_IPV6 \ 438 spi 0x10028861:0x10028862 \ 439 authkey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 440 enckey 0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef:0x0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef \ 441 bundle identifier 442