<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">

<style>

<!--

@font-face

        {font-family:"Cambria Math"}

@font-face

        {font-family:Calibri}

p.MsoNormal, li.MsoNormal, div.MsoNormal

        {margin:0cm;

        margin-bottom:.0001pt;

        font-size:11.0pt;

        font-family:"Calibri","sans-serif"}

a:link, span.MsoHyperlink

        {color:blue;

        text-decoration:underline}

a:visited, span.MsoHyperlinkFollowed

        {color:purple;

        text-decoration:underline}

span.EmailStyle17

        {font-family:"Arial","sans-serif";

        color:windowtext}

.MsoChpDefault

        {}

@page WordSection1

        {margin:70.85pt 2.0cm 2.0cm 2.0cm}

div.WordSection1

        {}

-->

</style>

</head>

<body lang="IT" link="blue" vlink="purple">

<div class="WordSection1">

<p class="MsoNormal"><span style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">Hello All!</span></p>

<p class="MsoNormal"><span style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">It can happen that after a rekey I do get an &#8220;incomplete&#8221; xfrm policy (see below for an example).</span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">I call it &#8220;incomplete&#8221; because it&#8217;s missing the the &#8220;tmpl [&#8230;] proto [&#8230;]&#8221; part.</span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">Unfortunately I&#8217;m unable to replicate this problem at will.</span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">I&#8217;m running OpenSWAN 2.6.37 on a CentOS 5.3</span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;"># ipsec --version</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">Linux Openswan U2.6.37/K2.6.18-128.2.1.el5 (netkey)</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;"># [root@saas-vpn1 e1000 ipsec.d]# uname -a</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">Linux openswan1 2.6.18-128.2.1.el5 #1 SMP Tue Jul 14 06:36:37 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux<br>

<br>

</span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">This is the VPN configuration:</span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;"># cat /etc/ipsec.conf</span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">#</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;"># Manual:&nbsp;&nbsp;&nbsp;&nbsp; ipsec.conf.5</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">#</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;"># Please place your own config files in /etc/ipsec.d/ ending in .conf</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">version 2.0&nbsp;&nbsp;&nbsp;&nbsp; # conforms to second version of ipsec.conf specification</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;"># basic configuration</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">config setup</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; # Debug-logging controls:&nbsp; &quot;none&quot; for (almost) none, &quot;all&quot; for lots.</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; # klipsdebug=none</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; # plutodebug=&quot;control parsing&quot;</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; # For Red Hat Enterprise Linux and Fedora, leave protostack=netkey</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; protostack=netkey</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; nat_traversal=yes</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; virtual_private=</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; oe=off</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; # Enable this if you see &quot;failed to find any available worker&quot;</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; nhelpers=0</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">#You may put your configuration (.conf) file in the &quot;/etc/ipsec.d/&quot; and uncomment this.</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">include /etc/ipsec.d/*.conf</span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;"># cat /etc/ipsec.d/remote1.conf</span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">conn REMOTE1</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; leftsubnets={10.112.8.128/27 10.112.4.0/26}</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; rightsubnets={192.168.255.0/24}</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; left=&lt;left-public-ip&gt;</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; right=&lt;right-public-ip&gt;</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; auto=add</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; authby=secret</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; type=tunnel</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ike=3des-sha1-modp1024</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ikelifetime=28800s</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; pfs=yes</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; aggrmode=no</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; phase2=esp</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; phase2alg=aes-sha1-1024,aes128-sha1-1024,aes256-sha1-1024</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; keyingtries=0</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; salifetime=1800s</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; rekey=yes</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dpddelay=30</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dpdtimeout=120</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dpdaction=restart_by_peer</span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">Policies dump</span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;"># ip xfrm policy show</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">[&#8230;]</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&gt;&gt;&gt;&gt;---Incomplete policy----&lt;&lt;&lt;&lt;</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">src 10.112.8.129/32 dst 192.168.255.125/32 proto udp

</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dir out priority 2080

</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&gt;&gt;&gt;&gt;---Incomplete policy----&lt;&lt;&lt;&lt;</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">[&#8230;]</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">---Working policies----</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">src 192.168.255.0/24 dst 10.112.8.128/27

</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dir in priority 2248

</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; tmpl src &lt;right-remote-ip&gt; dst &lt;left-remote-ip&gt;</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; proto esp reqid 17565 mode tunnel</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">src 192.168.255.0/24 dst 10.112.4.0/26

</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dir in priority 2280

</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; tmpl src &lt;right-remote-ip&gt; dst &lt;left-remote-ip&gt;</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; proto esp reqid 17569 mode tunnel</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">src 10.112.8.128/27 dst 192.168.255.0/24

</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dir out priority 2248

</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; tmpl src &lt;left-remote-ip&gt; dst &lt;right-remote-ip&gt;</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; proto esp reqid 17565 mode tunnel</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">src 10.112.4.0/26 dst 192.168.255.0/24

</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dir out priority 2280

</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; tmpl src &lt;left-remote-ip&gt; dst &lt;right-remote-ip&gt;</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; proto esp reqid 17569 mode tunnel</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">src 192.168.255.0/24 dst 10.112.8.128/27

</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dir fwd priority 2248

</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; tmpl src &lt;right-remote-ip&gt; dst &lt;left-remote-ip&gt;</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; proto esp reqid 17565 mode tunnel</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">src 192.168.255.0/24 dst 10.112.4.0/26

</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dir fwd priority 2280

</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; tmpl src &lt;right-remote-ip&gt; dst &lt;left-remote-ip&gt;</span></p>

<p class="MsoNormal" style="margin-left:70.8pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; proto esp reqid 17569 mode tunnel</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">---Working policies----</span></p>

<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">[&#8230;]</span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">Best regards,</span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">&nbsp;</span></p>

<p class="MsoNormal"><span lang="EN-US" style="font-size:10.0pt; font-family:&quot;Arial&quot;,&quot;sans-serif&quot;">Giovanni.</span></p>

</div>

<p style="margin-bottom:8.0pt; margin-top:0.0pt"><span lang="EN-GB" style="font-size:8.0pt; font-family:'Arial',sans-serif; color:#535353; font-style:italic"><br>

<br>

<br>

Any use, distribution, copying or disclosure by any other person than the intended recipient of this electronic mail transmission is prohibited as a criminal offence.<br>

Pursuant to Legislative Decree n. 196/2003, you are hereby informed that this message and its attachments contain confidential information intended only for the use of the addressee.<br>

If you receive this transmission in error, please inform the sender immediately and delete the material. Thank You.

</span></p>

<p style="margin-top:0.0pt"><span lang="EN-GB" style="font-size:8.0pt; font-family:'Arial',sans-serif; color:#535353; font-style:italic">The information contained in the e-mail can&#8217;t be considered authorized by Reitek SpA in front of the addressee or third

 parties. Reitek SpA has no responsibility in case of dissemination, duplication or damage of this communication.

</span></p>

</body>

</html>