strongSwan KVM Tests / ikev2 / protoport-dual

Test ikev2/protoport-dual

Description

Using [<protocol>/<port>] selectors in the local_ts and remote_ts child parameters, two IPsec tunnels between the roadwarrior carol and the gateway moon are defined. The first CHILD_SA is restricted to ICMP packets and the second covers TCP-based SSH connections.

The established tunnels are tested by carol by first pinging alice behind moon and then setting up an SSH session to the same client.

alice moon carol winnetou

moon

 

carol

 

tcpdump