diff options
Diffstat (limited to 'testing/tests/ikev1/esp-ah-transport')
| -rw-r--r-- | testing/tests/ikev1/esp-ah-transport/description.txt | 2 | ||||
| -rw-r--r-- | testing/tests/ikev1/esp-ah-transport/evaltest.dat | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/testing/tests/ikev1/esp-ah-transport/description.txt b/testing/tests/ikev1/esp-ah-transport/description.txt index c7918fa38..f8ffce6e6 100644 --- a/testing/tests/ikev1/esp-ah-transport/description.txt +++ b/testing/tests/ikev1/esp-ah-transport/description.txt @@ -1,5 +1,5 @@ In IKE phase 2 the roadwarrior <b>carol</b> proposes to gateway <b>moon</b> -the ESP AES 128 bit encryption algorithm combined with AH SHA-1 authentication. +the ESP AES 128 bit encryption algorithm combined with AH HMAC_SHA1 authentication. In order to accept the AH and ESP encapsulated plaintext packets, the iptables firewall marks all incoming AH packets with the ESP mark. The transport mode connection is tested by <b>carol</b> sending a ping to gateway <b>moon</b>. diff --git a/testing/tests/ikev1/esp-ah-transport/evaltest.dat b/testing/tests/ikev1/esp-ah-transport/evaltest.dat index 7c498ad83..526e0d96e 100644 --- a/testing/tests/ikev1/esp-ah-transport/evaltest.dat +++ b/testing/tests/ikev1/esp-ah-transport/evaltest.dat @@ -1,7 +1,7 @@ carol::ipsec status::home.*STATE_QUICK_I2.*IPsec SA established::YES moon::ipsec status::rw.*STATE_QUICK_R2.*IPsec SA established::YES -carol::ipsec statusall::ESP algorithm newest: AES_128-;::YES -moon::ipsec statusall::ESP algorithm newest: AES_128-;::YES +carol::ipsec statusall::ESP/AH proposal: AES_CBC_128/HMAC_SHA1::YES +moon::ipsec statusall::ESP/AH proposal: AES_CBC_128/HMAC_SHA1::YES carol::ping -c 1 -s 120 -p deadbeef PH_IP_MOON::128 bytes from PH_IP_MOON: icmp_seq=1::YES carol::ipsec status::ah\..*ah\..*esp\..*ago.*esp\..*ago.*transport::YES moon::ipsec status::ah\..*ah\..*esp\..*ago.*esp\..*ago.*transport::YES |