The roadwarrior <b>carol</b> sets up a connection to gateway <b>moon</b>.
The authentication is based on <b>X.509 certificates</b> that are valid until
the year 2039 and are issued by a certification authority with a root ca
certificate valid until the year 2059. On 32-bit platforms, dates after
Jan 19 03:14:07 UTC 2038 cannot by represented by the time_t data type.
Thus if a time wrap-around occurs during ASN.1 to time_t conversions,
dates contained in the certificates are set to the maximum value,
i.e. to Jan 19 03:14:07 UTC 2038.
Upon the successful establishment of the IPsec tunnels, <b>leftfirewall=yes</b>
automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
In order to test both tunnel and firewall, <b>carol</b> ping the client <b>alice</b>
behind the gateway <b>moon</b>.
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to description.txt CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / testing / tests / ikev2 / after-2038-certs