mirror of
https://github.com/strongswan/strongswan.git
synced 2025-11-04 00:00:51 -05:00
8f56bbc82b
The main difference is that ping now reports icmp_seq instead of icmp_req, so we match for icmp_.eq, which works with both releases. tcpdump now also reports port 4500 as ipsec-nat-t.
13 lines
1010 B
Plaintext
13 lines
1010 B
Plaintext
moon::ipsec stroke status 2> /dev/null::conn1.*ESTABLISHED.*moon.strongswan.org.*sun.strongswan.org::YES
|
|
sun::ipsec status 2> /dev/null::net-net.*ESTABLISHED.*sun.strongswan.org.*moon.strongswan.org::YES
|
|
moon::ipsec stroke status 2> /dev/null::conn1.*INSTALLED, TUNNEL::YES
|
|
sun::ipsec status 2> /dev/null::net-net.*INSTALLED, TUNNEL::YES
|
|
alice::ping -c 1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_.eq=1::YES
|
|
sun::tcpdump::IP moon.strongswan.org > sun.strongswan.org: ESP::YES
|
|
sun::tcpdump::IP sun.strongswan.org > moon.strongswan.org: ESP::YES
|
|
moon::cat /tmp/tkm.log::RSA private key '/etc/tkm/moonKey.der' loaded::YES
|
|
moon::cat /tmp/tkm.log::Adding policy \[ 1, 10.1.0.0/16 > 192.168.0.1 <=> 192.168.0.2 < 10.2.0.0/16 \]::YES
|
|
moon::cat /tmp/tkm.log::Checked CA certificate of CC context 1::YES
|
|
moon::cat /tmp/tkm.log::Authentication of ISA context 1 successful::YES
|
|
moon::cat /tmp/tkm.log::Adding ESA \[ 1, 10.1.0.0/16 > 192.168.0.1 <=> 192.168.0.2 < 10.2.0.0/16, SPI_in.*, SPI_out.*, soft 30, hard 60 \]::YES
|