← Back to branch summary

~ubuntu-branches/ubuntu/oneiric/strongswan/oneiric

« back to all changes in this revision

Viewing changes to testing/tests/ikev2/ip-two-pools-db/description.txt

  • Committer: Bazaar Package Importer
  • Author(s): Rene Mayrhofer
  • Date: 2008-12-05 17:21:42 UTC
  • mfrom: (1.1.7 upstream)
  • Revision ID: james.westby@ubuntu.com-20081205172142-9g77wgyzcj0blq7p
http://bugs.debian.org/507542
http://bugs.debian.org/497756
* New upstream release, fixes a MOBIKE issue.
  Closes: #507542: strongswan: endless loop
* Explicitly enable compilation with libcurl for CRL fetching
  Closes: #497756: strongswan: not compiled with curl support; crl 
                   fetching not available
* Enable compilation with SSH agent support.

Show diffs side-by-side

added added

removed removed

Lines of Context:
testing/tests/ikev2/ip-two-pools-db/description.txt
 
1
The hosts <b>alice</b>, <b>venus</b>, <b>carol</b>, and <b>dave</b> set up tunnel connections
 
2
to gateway <b>moon</b> in a <b>hub-and-spoke</b> fashion. Each host requests a <b>virtual IP</b> 
 
3
with the <b>leftsourceip=%config</b> parameter. Gateway <b>moon</b> assigns virtual
 
4
IP addresses from a pool named <b>extpool</b> [10.3.0.1..10.3.255.254] to hosts connecting
 
5
to the <b>eth0</b> (PH_IP_MOON) interface and virtual IP addresses from a pool named <b>intpool</b>
 
6
[10.4.0.1..10.4.255.254] to hosts connecting to the <b>eth1</b> (PH_IP_MOON1) interface.
 
7
Thus <b>carol</b> and <b>dave</b> are assigned <b>PH_IP_CAROL1</b> and <b>PH_IP_DAVE1</b>,
 
8
respectively, whereas <b>alice</b> and <b>venus</b> get <b>10.4.0.1</b> and <b>10.4.0.2</b>,
 
9
respectively.
 
10
<p> 
 
11
By defining the composite IPsec SA: <b>rightsubnet=10.3.0.0/16,10.4.0.0/16</b>, each of the four
 
12
spokes can securely reach any other spoke via the central hub <b>moon</b>. This is
 
13
demonstrated by <b>alice</b> and <b>dave</b> pinging the assigned virtual IP addresses
 
14
of <b>carol</b> and <b>venus</b>.