diff options
| author | Yves-Alexis Perez <corsac@debian.org> | 2013-01-02 14:18:20 +0100 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@debian.org> | 2013-01-02 14:18:20 +0100 |
| commit | c1343b3278cdf99533b7902744d15969f9d6fdc1 (patch) | |
| tree | d5ed3dc5677a59260ec41cd39bb284d3e94c91b3 /testing/tests/tnc/tnccs-20-block | |
| parent | b34738ed08c2227300d554b139e2495ca5da97d6 (diff) | |
| download | vyos-strongswan-c1343b3278cdf99533b7902744d15969f9d6fdc1.tar.gz vyos-strongswan-c1343b3278cdf99533b7902744d15969f9d6fdc1.zip | |
Imported Upstream version 5.0.1
Diffstat (limited to 'testing/tests/tnc/tnccs-20-block')
| -rw-r--r-- | testing/tests/tnc/tnccs-20-block/evaltest.dat | 14 | ||||
| -rw-r--r--[-rwxr-xr-x] | testing/tests/tnc/tnccs-20-block/hosts/carol/etc/ipsec.conf | 2 | ||||
| -rw-r--r-- | testing/tests/tnc/tnccs-20-block/hosts/carol/etc/strongswan.conf | 2 | ||||
| -rw-r--r--[-rwxr-xr-x] | testing/tests/tnc/tnccs-20-block/hosts/dave/etc/ipsec.conf | 2 | ||||
| -rw-r--r-- | testing/tests/tnc/tnccs-20-block/hosts/dave/etc/strongswan.conf | 2 | ||||
| -rw-r--r--[-rwxr-xr-x] | testing/tests/tnc/tnccs-20-block/hosts/moon/etc/ipsec.conf | 2 | ||||
| -rw-r--r-- | testing/tests/tnc/tnccs-20-block/hosts/moon/etc/strongswan.conf | 2 |
7 files changed, 12 insertions, 14 deletions
diff --git a/testing/tests/tnc/tnccs-20-block/evaltest.dat b/testing/tests/tnc/tnccs-20-block/evaltest.dat index f1753c208..881f442b7 100644 --- a/testing/tests/tnc/tnccs-20-block/evaltest.dat +++ b/testing/tests/tnc/tnccs-20-block/evaltest.dat @@ -2,11 +2,11 @@ carol::cat /var/log/daemon.log::PB-TNC access recommendation is 'Access Allowed' carol::cat /var/log/daemon.log::EAP method EAP_TTLS succeeded, MSK established::YES carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with EAP successful::YES carol::cat /var/log/daemon.log::CHILD_SA home{1} established.*TS 192.168.0.100/32 === 10.1.0.0/16::YES -dave::cat /var/log/daemon.log::PB-TNC access recommendation is 'Access Denied'::YES -dave::cat /var/log/daemon.log::received EAP_FAILURE, EAP authentication failed::YES -dave::cat /var/log/daemon.log::CHILD_SA home{1} established.*TS 192.168.0.200/32 === 10.1.0.0/16::NO -moon::cat /var/log/daemon.log::added group membership 'allow'::YES -moon::cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with EAP successful::YES -moon::cat /var/log/daemon.log::EAP method EAP_TTLS failed for peer dave@strongswan.org::YES +dave:: cat /var/log/daemon.log::PB-TNC access recommendation is 'Access Denied'::YES +dave:: cat /var/log/daemon.log::received EAP_FAILURE, EAP authentication failed::YES +dave:: cat /var/log/daemon.log::CHILD_SA home{1} established.*TS 192.168.0.200/32 === 10.1.0.0/16::NO +moon:: cat /var/log/daemon.log::added group membership 'allow'::YES +moon:: cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with EAP successful::YES +moon:: cat /var/log/daemon.log::EAP method EAP_TTLS failed for peer dave@strongswan.org::YES carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES -dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_VENUS: icmp_seq=1::NO +dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_VENUS: icmp_seq=1::NO diff --git a/testing/tests/tnc/tnccs-20-block/hosts/carol/etc/ipsec.conf b/testing/tests/tnc/tnccs-20-block/hosts/carol/etc/ipsec.conf index 105fcbec6..e2bf349d9 100755..100644 --- a/testing/tests/tnc/tnccs-20-block/hosts/carol/etc/ipsec.conf +++ b/testing/tests/tnc/tnccs-20-block/hosts/carol/etc/ipsec.conf @@ -1,7 +1,6 @@ # /etc/ipsec.conf - strongSwan IPsec configuration file config setup - plutostart=no charondebug="tnc 3, imc 3" conn %default @@ -18,6 +17,7 @@ conn home leftfirewall=yes right=PH_IP_MOON rightid=@moon.strongswan.org + rightauth=any rightsendcert=never rightsubnet=10.1.0.0/16 auto=add diff --git a/testing/tests/tnc/tnccs-20-block/hosts/carol/etc/strongswan.conf b/testing/tests/tnc/tnccs-20-block/hosts/carol/etc/strongswan.conf index 264e8d121..ced332cc4 100644 --- a/testing/tests/tnc/tnccs-20-block/hosts/carol/etc/strongswan.conf +++ b/testing/tests/tnc/tnccs-20-block/hosts/carol/etc/strongswan.conf @@ -1,7 +1,7 @@ # /etc/strongswan.conf - strongSwan configuration file charon { - load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 updown + load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 updown multiple_authentication=no plugins { eap-tnc { diff --git a/testing/tests/tnc/tnccs-20-block/hosts/dave/etc/ipsec.conf b/testing/tests/tnc/tnccs-20-block/hosts/dave/etc/ipsec.conf index 97f322c28..77446cbae 100755..100644 --- a/testing/tests/tnc/tnccs-20-block/hosts/dave/etc/ipsec.conf +++ b/testing/tests/tnc/tnccs-20-block/hosts/dave/etc/ipsec.conf @@ -1,7 +1,6 @@ # /etc/ipsec.conf - strongSwan IPsec configuration file config setup - plutostart=no charondebug="tnc 3, imc 3" conn %default @@ -18,6 +17,7 @@ conn home leftfirewall=yes right=PH_IP_MOON rightid=@moon.strongswan.org + rightauth=any rightsendcert=never rightsubnet=10.1.0.0/16 auto=add diff --git a/testing/tests/tnc/tnccs-20-block/hosts/dave/etc/strongswan.conf b/testing/tests/tnc/tnccs-20-block/hosts/dave/etc/strongswan.conf index 9167adb47..9522fd2b9 100644 --- a/testing/tests/tnc/tnccs-20-block/hosts/dave/etc/strongswan.conf +++ b/testing/tests/tnc/tnccs-20-block/hosts/dave/etc/strongswan.conf @@ -1,7 +1,7 @@ # /etc/strongswan.conf - strongSwan configuration file charon { - load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 updown + load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 updown multiple_authentication=no plugins { eap-tnc { diff --git a/testing/tests/tnc/tnccs-20-block/hosts/moon/etc/ipsec.conf b/testing/tests/tnc/tnccs-20-block/hosts/moon/etc/ipsec.conf index 106cde446..9aeb02ac2 100755..100644 --- a/testing/tests/tnc/tnccs-20-block/hosts/moon/etc/ipsec.conf +++ b/testing/tests/tnc/tnccs-20-block/hosts/moon/etc/ipsec.conf @@ -1,8 +1,6 @@ # /etc/ipsec.conf - strongSwan IPsec configuration file config setup - strictcrlpolicy=no - plutostart=no charondebug="tnc 3, imv 3" conn %default diff --git a/testing/tests/tnc/tnccs-20-block/hosts/moon/etc/strongswan.conf b/testing/tests/tnc/tnccs-20-block/hosts/moon/etc/strongswan.conf index d64c89ab8..59dce1874 100644 --- a/testing/tests/tnc/tnccs-20-block/hosts/moon/etc/strongswan.conf +++ b/testing/tests/tnc/tnccs-20-block/hosts/moon/etc/strongswan.conf @@ -1,7 +1,7 @@ # /etc/strongswan.conf - strongSwan configuration file charon { - load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default eap-identity eap-ttls eap-md5 eap-tnc tnc-tnccs tnccs-20 tnc-imv updown + load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default eap-identity eap-ttls eap-md5 eap-tnc tnc-tnccs tnccs-20 tnc-imv updown multiple_authentication=no plugins { eap-ttls { |