strongSwan KVM Tests / ikev2 / strong-keys-certs
Test ikev2/strong-keys-certs
Description
The gateway moon uses a 3072 bit RSA private key protected by AES-128 encryption whereas the roadwarriors carol and dave have an AES-192 and AES-256 envelope, respectively. The X.509 certificate of the gateway moon uses a SHA-224 hash in its signature whereas the certificates of the roadwarriors carol and dave use SHA-384 and SHA-512, respectively. Upon the successful establishment of the IPsec tunnels, the updown script automatically inserts iptables-based firewall rules that let pass the tunneled traffic. In order to test both tunnel and firewall, both carol and dave ping the client alice behind the gateway moon.