strongSwan KVM Tests / ikev2 / double-nat

Test ikev2/double-nat

Description

The roadwarrior alice sitting behind the NAT router moon sets up a tunnel to the peer bob hiding behind the NAT router sun. UDP encapsulation is used to traverse the NAT routers.

Upon the successful establishment of the IPsec tunnel, the updown script automatically inserts iptables-based firewall rules that let pass the tunneled traffic. In order to test the double NAT-ed IPsec tunnel alice pings bob.

alice moon winnetou sun bob

alice

 

bob

 

tcpdump