strongSwan KVM Tests / ikev2 / rw-psk-rsa-split

Test ikev2/rw-psk-rsa-split

Description

The roadwarriors carol and dave set up a connection each to gateway moon. The roadwarriors' authentication is based on Pre-Shared Keys (PSK) whereas the gateway uses an Public key signature (Pubkey) certified by an X.509 certificate.

Upon the successful establishment of the IPsec tunnels, the updown-script automatically inserts iptables-based firewall rules that let pass the tunneled traffic. In order to test both tunnel and firewall, both carol and dave ping the client alice behind the gateway moon.

alice moon carol winnetou dave

moon

 

carol

 

dave

 

tcpdump