An IPsec <b>AH transport-mode</b> connection using AES-XCBC between the hosts
<b>moon</b> and <b>sun</b> is set up.The authentication is based on
<b>X.509 certificates</b>.
<p/>
Upon the successful establishment of the IPsec tunnel, the updown script automatically
inserts iptables-based firewall rules that let pass the tunneled traffic.
In order to test both tunnel and firewall, client <b>alice</b> behind gateway <b>moon</b>
pings client <b>bob</b> located behind gateway <b>sun</b>.
