summaryrefslogtreecommitdiff
path: root/testing/tests/swanctl/rw-eap-aka-sql-rsa/description.txt
blob: a7410c1b62ee7b9a67987ce25776d907a1064814 (plain)
1
2
3
4
5
6
7
8
9
At the outset the gateway authenticates itself to the client by sending an
IKEv2 <b>RSA signature</b> accompanied by a certificate.
The roadwarrior <b>carol</b> sets up a connection to gateway <b>moon</b>.
<b>carol</b> uses the <i>Extensible Authentication Protocol</i>
in association with the <i>Authentication and Key Agreement</i> protocol
(<b>EAP-AKA</b>) to authenticate against the gateway. In this scenario,
quintuplets from the SQL database /etc/ipsec.d/ipsec.db are used instead
of a physical USIM card on the client <b>carol</b>. The USIM provider on
gateway <b>moon</b> also stores the quintuplets in an SQL database.