The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each
to gateway <b>moon</b> using the <b>MODP Diffie-Hellman Groups 22, 23, and 24</b>
with <b>Prime Order Subgroups</b>.
<p/>
<b>carol</b> proposes the DH groups MODP_2048_224 and MODP_1024_160 whereas
<b>dave</b> proposes MODP_2048_224 and MODP_2048_256.
Since <b>moon</b> does not support MODP_2048_224 the roadwarriors fall back to
MODP_1024_160 and MODP_2048_256, respectively.
<p/>
Upon the successful establishment of the IPsec tunnels, <b>leftfirewall=yes</b>
automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
In order to test both tunnel and firewall, both <b>carol</b> and <b>dave</b> ping
the client <b>alice</b> behind the gateway <b>moon</b>.
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to description.txt CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / testing / tests / ikev1 / alg-modp-subgroup