testing/tests/esp-ah-transport/description.txt


1
2
3
4
5

In IKE phase 2 the roadwarrior <b>carol</b> proposes to gateway <b>moon</b>
the ESP AES 128 bit encryption algorithm combined with AH SHA-1 authentication.
In order to accept the AH and ESP encapsulated plaintext packets, the iptables firewall
marks all incoming AH packets with the ESP mark. The transport mode connection is
tested by <b>carol</b> sending a ping to gateway <b>moon</b>.