The roadwarrior <b>alice</b> sitting behind the router <b>moon</b> sets up a tunnel to
gateway <b>sun</b>. Since the firewall on <b>sun</b> blocks the ESP protocol, enforced UDP
encapsulation (<b>encap=yes</b>) is used by <b>alice</b> to punch through this hurdle.
Upon the successful establishment of the IPsec tunnels, the updown script automatically
inserts iptables-based firewall rules that let pass the tunneled traffic.
In order to test the tunnel, host <b>alice</b> pings the
client <b>bob</b> behind the gateway <b>sun</b>.
