strongSwan KVM Tests / ikev2 / net2net-pkcs12

Test ikev2/net2net-pkcs12

Description

A connection between the subnets behind the gateways moon and sun is set up. The authentication is based on an RSA private key, a matching X.509 end entity certificate and the issuing X.509 root CA certificate, all stored in a PKCS12 container.

Upon the successful establishment of the IPsec tunnel, the updown script automatically inserts iptables-based firewall rules that let pass the tunneled traffic. In order to test both tunnel and firewall, client alice behind gateway moon pings client bob located behind gateway sun.

alice moon winnetou sun bob

moon

 

sun

 

tcpdump