Annotation of embedaddon/strongswan/testing/tests/tnc/tnccs-20-client-retry/description.txt, revision 1.1.1.1
1.1 misho 1: The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each to gateway <b>moon</b>
2: using EAP-TTLS authentication only with the gateway presenting a server certificate and
3: the clients doing EAP-MD5 password-based authentication.
4: In a next step the EAP-TNC protocol is used within the EAP-TTLS tunnel to determine the
5: health of <b>carol</b> and <b>dave</b> via the <b>TNCCS 2.0 </b> client-server interface
6: compliant with <b>RFC 5793 PB-TNC</b>. The IMC and IMV communicate are using the <b>IF-M</b>
7: protocol defined by <b>RFC 5792 PA-TNC</b>.
8: <p>
9: The first time around both <b>carol</b> and <b>dave</b> fail the health test but they
10: request a handshake retry. After remediation <b>carol</b> succeeds but <b>dave</b>
11: still fails. Thus based on this second round of measurements the clients are connected
12: by gateway <b>moon</b> to the "rw-allow" and "rw-isolate" subnets, respectively.
13: </p>
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to description.txt CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / testing / tests / tnc / tnccs-20-client-retry