9 lines
546 B
Plaintext
9 lines
546 B
Plaintext
This scenario tests <b>repeated authentication</b> according to RFC 4478.
|
|
The iniator <b>carol</b> sets a short <b>ikelifetime=20m</b> but the responder
|
|
<b>moon</b> defining a much larger <b>ikelifetime=30s</b> proposes this
|
|
value via an AUTH_LIFETIME notification to the initiator. The initatior
|
|
ignores this notification and schedules the IKE reauthentication within
|
|
the shorter interval of 30s. A ping from <b>carol</b> to client <b>alice</b>
|
|
hiding in the subnet behind <b>moon</b> tests if the CHILD_SA has been
|
|
inherited by the new IKE_SA.
|