Annotation of embedaddon/strongswan/testing/tests/swanctl/rw-eap-sim-radius/description.txt, revision 1.1.1.1

1.1       misho       1: The roadwarriors <b>carol</b> and <b>dave</b> set up a connection to gateway <b>moon</b>.
                      2: At the outset the gateway authenticates itself to the clients by sending
                      3: an IKEv2 <b>digital signature</b> accompanied by an X.509 certificate.
                      4: <p/>
                      5: Next the clients use the GSM <i>Subscriber Identity Module</i> (<b>EAP-SIM</b>)
                      6: method of the <i>Extensible Authentication Protocol</i> to authenticate themselves.
                      7: In this scenario triplets from the file <b>/etc/ipsec.d/triplets.dat</b> are used
                      8: instead of a physical SIM card.
                      9: <p/>
                     10: The gateway forwards all EAP messages to the RADIUS server <b>alice</b>
                     11: which also uses static triplets.
                     12: <p/>
                     13: The roadwarrior <b>dave</b> sends wrong EAP-SIM triplets. As a consequence
                     14: the RADIUS server <b>alice</b> returns an <b>Access-Reject</b> message
                     15: and the gateway <b>moon</b> sends back <b>EAP_FAILURE</b>.

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>