strongSwan KVM Tests / ikev1 / xauth-id-rsa-hybrid
Test ikev1/xauth-id-rsa-hybrid
Description
The roadwarriors carol and dave set up a connection to gateway moon using IKEv1 Hybrid Mode. The authentication of moon is based on an RSA signature combined with a X.509 certificate, followed by an extended authentication (XAUTH) of carol and dave based on user names defined by the xauth_identity parameter (carol and dave, respectively) and corresponding user passwords defined and stored in ipsec.secrets.Upon the successful establishment of the IPsec tunnel, the updown-script automatically inserts iptables-based firewall rules that let pass the tunneled traffic. In order to test both tunnel and firewall, carol and dave ping the client alice behind the gateway moon.
