Annotation of embedaddon/strongswan/testing/tests/ipv6/rw-rfc3779-ikev2/description.txt, revision 1.1.1.1
1.1 misho 1: The roadwarriors <b>carol</b> and <b>dave</b> set up an IPv6 connection each
2: to gateway <b>moon</b>. The authentication is based on <b>X.509 certificates</b>
3: containing <b>RFC 3779 IP address block constraints</b>. All three hosts set
4: <b>rightsubnet=::/0</b> thus allowing the peers to narrow down the address range to
5: their actual subnets or IP addresses. These unilaterally proposed traffic selectors
6: must be validated by corresponding IP address block constraints.
7: <p/>
8: Upon the successful establishment of the IPv6 ESP tunnels, <b>leftfirewall=yes</b>
9: automatically inserts ip6tables-based firewall rules that let pass the tunneled traffic.
10: In order to test both tunnel and firewall, both <b>carol</b> and <b>dave</b> send
11: an IPv6 ICMP request to the client <b>alice</b> behind the gateway <b>moon</b>
12: using the ping6 command.
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to description.txt CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / testing / tests / ipv6 / rw-rfc3779-ikev2