strongSwan KVM Tests / ikev1 / xauth-rsa-eap-md5-radius
Test ikev1/xauth-rsa-eap-md5-radius
Description
The roadwarrior carol sets up a connection to gateway moon. The authentication is based on RSA signatures using X.509 certificates followed by extended authentication (XAUTH) of carol based on a user name equal to the IKEv1 identity carol@strongswan.org and a user password defined and stored by carol in the secrets section of swanctl.conf.Gateway moon delegates the EAP-MD5 based verification of carol's XAUTH user credentials to the RADIUS server alice.
Upon the successful establishment of the IPsec tunnel, the updown-script automatically inserts iptables-based firewall rules that let pass the tunneled traffic. In order to test both tunnel and firewall, carol pings the client alice behind the gateway moon.
