VPN Basic Steps

    Enable protocols in /etc/sysctl.conf

        net.inet.esp.enable=1

        net.inet.ah.enable=1

    Choose a key exchange method

        static, photuris, or isakmp/ike

    Create a security association for each node

    Create the IPSec traffic flows

    Configure firewall