strongSwan KVM Tests / ikev2 / protoport-range
Test ikev2/protoport-range
Description
Using [<protocol>/<port>] selectors in the local_ts and remote_ts child parameters, three IPsec tunnels between the roadwarrior carol and the gateway moon are defined. The first CHILD_SA is restricted to ICMP request packets, the second covers ICMP reply packets and the third TCP-based FTP and SSH connections. The established tunnels are tested by carol by first pinging alice behind moon and then setting up an SSH session to the same client.