strongSwan KVM Tests / ikev1 / xauth-id-rsa-config
Test ikev1/xauth-id-rsa-config
Description
The roadwarriors carol and dave set up a connection to gateway moon. The authentication is based on RSA signatures using X.509 certificates followed by extended authentication (XAUTH) of carol and dave based on user names defined by the xauth_id parameter carol and dave, respectively and corresponding user passwords defined and stored in the secrets section of swanctl.conf. Next both carol and dave request a virtual IP via the IKEv1 Mode Config protocol by using the vips = 0.0.0.0 parameter.Upon the successful establishment of the IPsec tunnel, the updown-script automatically inserts iptables-based firewall rules that let pass the tunneled traffic. In order to test both tunnel and firewall, carol and dave ping the client alice behind the gateway moon.
