| 12345678 | Using the <b>left|rightprotoport</b> selectors, two IPsec tunnels between the roadwarrior <b>carol</b> and the gateway <b>moon</b> aredefined. The first IPsec SA is restricted to ICMP packets and the secondcovers TCP-based SSH connections. Using <b>add=route</b> %traperoutes for these IPsec SAs are prepared on <b>carol</b>. By sendinga ping to the client <b>alice</b> behind <b>moon</b>, the ICMP erouteis triggered and the corresponding IPsec tunnel is set up. In the sameway an ssh session to <b>alice</b> over the second IPsec SA is established.
 |