Test ikev2-algs/alg-modp-subgroup

strongSwan KVM Tests / ikev2-algs / alg-modp-subgroup

Test ikev2-algs/alg-modp-subgroup

Description

The roadwarriors carol and dave set up a connection each to gateway moon using the MODP Diffie-Hellman Groups 22, 23, and 24 with Prime Order Subgroups.

carol proposes the DH groups MODP_2048_224 and MODP_1024_160 whereas dave proposes MODP_2048_224 and MODP_2048_256. Since moon does not support MODP_2048_224 the roadwarriors fall back to MODP_1024_160 and MODP_2048_256, respectively.

In order to test both tunnel and firewall, both carol and dave ping the client alice behind the gateway moon.

console.log

Test ikev2-algs/alg-modp-subgroup

Description

moon

carol

dave

tcpdump