FreeBSD

IPSEC and gif0 why don't pings run?

Hello!
Colleagues, help defeat the fry and finally surrender the lab! The brain boils, reread the mountains of manuals and instructions, nothing helps ((((
We have the following initial data:
Server1
uname -a
FreeBSD lab10 10.3-RELEASE FreeBSD 10.3-RELEASE
interface to the network: 192.168.10.10
interface to the Internet: 88.88.88.88
The kernel is assembled with : ( Server1 )
options IPSEC
device crypto
/etc/rc.conf ( Server1 )
cloned_interfaces="gif0"
ifconfig_gif0="inet 192.168.10.10 192.168.20.20 netmask 255.255.255.252 tunnel 88.88.88.88 99.99.99.99"
gif0
: flags=8051 metric 0 mtu 1280
options=80000
tunnel inet 88.88.88.88 --> 99.99.99.99
inet 192.168.10.10 --> 192.168.20.20 netmask 0xfffffffc
nd6 options=29
server2
uname -a
FreeBSD lab14 10.3-RELEASE FreeBSD 10.3-RELEASE
interface to network:
192.1208.20 : 99.99.99.99
Kernel built with: ( Server1 )
options IPSEC
device crypto
/etc/rc.conf ( Server2 )
cloned_interfaces="gif0"
ifconfig_gif0="inet 192.168.20.20 192.168.10.10 netmask 255.255.255.252 tunnel 99.99.88.89.89 "
ifconfig ( Server2 )
gif0: flags=8051 metric 0 mtu 1280
options=80000
tunnel inet 99.99.99.99 --> 88.88.88.88
inet 192.168.20.20 --> 192.168.10.10 netmask 0xfffffffc
nd6 options=29
I have the following questions:
1) If I understood correctly from the ifconfig output, I can already safely ping the second server and it should ping or am I wrong?
2) I can transfer data between computers from different grids without raising racoon
3) I read what you need for the tunnel, you need your own IP is this true?
Kick me where I am stupid and lack knowledge? Because when doing even using https://www.freebsd.org/doc/ru/books/ha ... ipsec.html there already at this stage the servers are pinged (that is, I can ping the second server 192.168.20.20 from 192.168.10.10 and vice versa)