Test ikev1/ip-pool-db
Description
The roadwarriors carol and dave set up a connection each to gateway moon.
Both carol and dave request a virtual IP via the IKEv1 Mode Config payload
by using the leftsourceip=%config parameter. The gateway moon assigns virtual IP
addresses from a pool named bigpool that was created in an SQL database by the command
ipsec pool --name bigpool --start 10.3.0.1 --end 10.3.3.232 --timeout 0.
moon also provides the roadwarriors with up to two DNS and NBNS server addresses
that can be registered in the SQL database by commands of the form ipsec --add dns
--server 192.168.0.150.
leftfirewall=yes automatically inserts iptables-based firewall rules that let pass the
tunneled traffic. In order to test the tunnels, carol and dave then ping the client
alice behind the gateway moon. The source IP addresses of the two pings will be the
virtual IPs carol1 and dave1, respectively.
moon
carol
dave
|