VPN Basic Steps
Enable protocols in /etc/sysctl.conf
net.inet.esp.enable=1
net.inet.ah.enable=1
Choose a key exchange method
static, photuris, or isakmp/ike
Create a security association for each node
Create the IPSec traffic flows
Configure firewall