{% macro conn(ike, ike_ciphers, esp, esp_ciphers) -%}
{%  if ike %}
{%      if "key_exchange" in ike %}
    keyexchange = {{ ike.key_exchange }}
{%      endif %}
    ike = {{ ike_ciphers }}
{%      if "lifetime" in ike %}
    ikelifetime = {{ ike.lifetime }}s
{%      endif %}
    reauth = {{ ike.ikev2_reauth if "ikev2_reauth" in ike else "no" }}
    closeaction = {{ ike.close_action if "close_action" in ike else "none" }}
{%      if "dead_peer_detection" in ike %}
    dpdaction = {{ ike.dead_peer_detection.action }}
    dpdtimeout = {{ ike.dead_peer_detection.timeout }}
    dpddelay = {{ ike.dead_peer_detection.interval }}
{%      endif %}
{%      if "key_exchange" in ike and ike.key_exchange == "ikev1" and "mode" in ike and ike.mode == "aggressive" %}
    aggressive = yes
{%      endif %}
{%      if "key_exchange" in ike and ike.key_exchange == "ikev2" %}
    mobike = {{ "yes" if "mobike" not in ike or ike.mobike == "enable" else "no" }}
{%      endif %}
{%  endif %}
{%  if esp %}
    esp = {{ esp_ciphers }}
{%      if "lifetime" in esp %}
    keylife = {{ esp.lifetime }}s
{%      endif %}
    compress = {{ 'yes' if "compression" in esp and esp.compression == 'enable' else 'no' }}
    type = {{ esp.mode if "mode" in esp else "tunnel" }}
{%  endif %}
{%- endmacro %}