13 lines
785 B
Plaintext
13 lines
785 B
Plaintext
The roadwarrior <b>carol</b> and the gateway <b>moon</b> use the <b>openssl</b>
|
|
plugin based on the <b>OpenSSL</b> library for all cryptographical and X.509 certificate
|
|
functions whereas roadwarrior <b>dave</b> uses the default <b>strongSwan</b> cryptographical
|
|
plugins <b>aes des sha1 sha2 md5 gmp</b> and <b>x509</b>.
|
|
<p>
|
|
The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each
|
|
to gateway <b>moon</b>. The authentication is based on <b>X.509 certificates</b>.
|
|
Upon the successful establishment of the IPsec tunnels, <b>leftfirewall=yes</b>
|
|
automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
|
|
In order to test both tunnel and firewall, both <b>carol</b> and <b>dave</b> ping
|
|
the client <b>alice</b> behind the gateway <b>moon</b>.
|
|
|