Annotation of embedaddon/strongswan/testing/tests/ipv6/net2net-rfc3779-ikev2/description.txt, revision 1.1.1.1
1.1 misho 1: An IPv6 ESP tunnel connection between the gateways <b>moon</b> and <b>sun</b> is
2: successfully set up. It connects the two subnets hiding behind their respective
3: gateways. The authentication is based on <b>X.509 certificates</b> containing
4: <b>RFC 3779 IP address block constraints</b>. Both <b>moon</b> and <b>sun</b> set
5: <b>rightsubnet=::/0</b> thus allowing the peers to narrow down the address range
6: to their actual subnets <b>fec1::/16</b> and <b>fec2::/16</b>, respectively.
7: These unilaterally proposed traffic selectors must be validated by corresponding
8: IP address block constraints.
9: <p/>
10: Upon the successful establishment of the IPsec tunnel, automatically inserted
11: ip6tables-based firewall rules let pass the tunneled traffic. In order to test
12: both the net-to-net tunnel and the firewall rules, client <b>alice</b> behind
13: <b>moon</b> sends an IPv6 ICMP request to client <b>bob</b> behind <b>sun</b>
14: using the ping6 command.
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to description.txt CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / testing / tests / ipv6 / net2net-rfc3779-ikev2