As netkey-pluto-02 using NETKEY on east and west.

This adds a passthrough connection to verify its priority is higher
(lower number) which can be seen in ip xfrm policy

The passthrough is for ICMP, so with the higher priority, ICMP is not
encrypted and should hit the firewall and our last ping command should fail.