From 7c52c3f35cdbdff58443b994f2f33d13b4d81f57 Mon Sep 17 00:00:00 2001
From: Rene Mayrhofer <rene@mayrhofer.eu.org>
Date: Tue, 23 Jun 2009 11:35:38 +0000
Subject: Updated to new upstream version.

---
 .../tests/openssl-ikev2/alg-ecp-high/description.txt    | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 testing/tests/openssl-ikev2/alg-ecp-high/description.txt

(limited to 'testing/tests/openssl-ikev2/alg-ecp-high/description.txt')

diff --git a/testing/tests/openssl-ikev2/alg-ecp-high/description.txt b/testing/tests/openssl-ikev2/alg-ecp-high/description.txt
new file mode 100644
index 000000000..b8efbe87e
--- /dev/null
+++ b/testing/tests/openssl-ikev2/alg-ecp-high/description.txt
@@ -0,0 +1,17 @@
+The roadwarrior <b>carol</b> and the gateway <b>moon</b> use the <b>openssl</b>
+plugin based on the <b>OpenSSL</b> library for all cryptographical functions
+whereas roadwarrior <b>dave</b> uses the default <b>strongSwan</b> cryptographical
+plugins <b>aes des sha1 sha2 md5 gmp</b> plus the <b>openssl</b> plugin for 
+the Elliptic Curve Diffie-Hellman groups only.
+<p>
+The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each 
+to gateway <b>moon</b>. The authentication is based on <b>X.509 certificates</b>.
+<b>carol</b> proposes the DH groups ECP_256 and ECP_384 whereas <b>dave</b> proposes
+ECP_256 and ECP_521. Since <b>moon</b> does not support ECP_256 the roadwarriors
+fall back to ECP_384 and ECP_521, respectively.
+<p>
+Upon the successful establishment of the IPsec tunnels, <b>leftfirewall=yes</b>
+automatically inserts iptables-based firewall rules that let pass the tunneled traffic.
+In order to test both tunnel and firewall, both <b>carol</b> and <b>dave</b> ping
+the client <b>alice</b> behind the gateway <b>moon</b>.
+
-- 
cgit v1.2.3