Annotation of embedaddon/strongswan/testing/tests/ikev2/acert-inline/description.txt, revision 1.1.1.1
1.1 misho 1: <p>The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each
2: to gateway <b>moon</b>. The authentication is based on <b>X.509 certificates</b>.
3: To authorize clients, <b>moon</b> expects attribute certificates sent inline in
4: IKEv2 CERT payloads. <b>Carol</b> provides a valid attribute certificate for
5: the group <i>sales</i>, but <b>dave</b> offers two invalid attribute
6: certificates: One is not for the <i>sales</i> group, and the other is issued by
7: an AA that has been expired.</p>
8: <p>Upon the successful establishment of the IPsec tunnels, <b>leftfirewall=yes</b>
9: automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
10: In order to test both tunnel and firewall, both <b>carol</b> and <b>dave</b> try
11: to ping the client <b>alice</b> behind the gateway <b>moon</b>, but dave fails
12: to do so.</p>
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to description.txt CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / testing / tests / ikev2 / acert-inline