sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-05 00:00:45 -04:00
Code Issues Projects Releases Wiki Activity
strongswan/testing/tests/ikev1-stroke/ip-pool-db/description.txt
Andreas Steffen 7c5a2974b9 testing: Reorganizing IKEv1 and IKEv2 examples 
For documentation purposes the new folders ikev1-algs, ikev2-algs,
ikev1-multi-ca and ikev2-multi-ca have been created. Most of the
test cases have now been converted to the vici interface. The
remaining legacy stroke scenarios yet to be converted have been put
into the ikev2-stroke-bye folder.

For documentation purposes some legacy stroke scenarios will be kept
in the ikev1-stroke, ikev2-stroke and ipv6-stroke folders.
2021-05-21 09:42:50 +02:00

12 lines
861 B
Plaintext
Raw Blame History

The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each to gateway <b>moon</b>.
Both <b>carol</b> and <b>dave</b> request a <b>virtual IP</b> via the IKEv1 Mode Config
payload by using the <b>leftsourceip=%config</b> parameter. <b>moon</b> assigns virtual IP
addresses from a pool named <b>bigpool</b> that was created in an SQL database by the command
<b>ipsec pool --name bigpool --start 10.3.0.1 --end 10.3.3.232 --timeout 0</b>.
<p/>
Upon the successful establishment of the IPsec tunnel, <b>leftfirewall=yes</b> automatically
inserts iptables-based firewall rules that let pass the tunneled traffic. In order to test the
tunnels, <b>carol</b> and <b>dave</b> then ping the client <b>alice</b> behind the gateway
<b>moon</b>. The source IP addresses of the two pings will be the virtual IPs <b>10.3.0.1</b>
and <b>10.3.0.2</b>, respectively.
Reference in New Issue View Git Blame Copy Permalink