diff options
3 files changed, 5 insertions, 4 deletions
diff --git a/testing/tests/ikev2/rw-eap-aka-id-rsa/description.txt b/testing/tests/ikev2/rw-eap-aka-id-rsa/description.txt index e7d2c784a..6d886024b 100644 --- a/testing/tests/ikev2/rw-eap-aka-id-rsa/description.txt +++ b/testing/tests/ikev2/rw-eap-aka-id-rsa/description.txt @@ -1,8 +1,9 @@ +at the outset the gateway authenticates itself to the client by sending an +IKEv2 <b>RSA signature</b> accompanied by a certificate. The roadwarrior <b>carol</b> sets up a connection to gateway <b>moon</b>. <b>carol</b> uses the <i>Extensible Authentication Protocol</i> in association with the <i>Authentication and Key Agreement</i> protocol (<b>EAP-AKA</b>) to authenticate against the gateway. This protocol is used in UMTS, but here a secret from <b>ipsec.secrets</b> is used instead of a USIM/(R)UIM. In addition to her IKEv2 identity <b>carol@strongswan.org</b>, roadwarrior <b>carol</b> -uses the EAP identy <b>carol</b>. Gateway <b>moon</b> additionaly uses an <b>RSA signature</b> -to authenticate itself against <b>carol</b>. +uses the EAP identity <b>carol</b>. diff --git a/testing/tests/ikev2/rw-eap-aka-id-rsa/evaltest.dat b/testing/tests/ikev2/rw-eap-aka-id-rsa/evaltest.dat index 5d0b469bf..d5cbbdbf7 100644 --- a/testing/tests/ikev2/rw-eap-aka-id-rsa/evaltest.dat +++ b/testing/tests/ikev2/rw-eap-aka-id-rsa/evaltest.dat @@ -2,7 +2,7 @@ carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with RSA carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with EAP successful::YES moon::cat /var/log/daemon.log::using EAP identity.*carol::YES moon::cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with EAP successful::YES -moon::ipsec statusall::rw-eapaka.*ESTABLISHED::YES +moon::ipsec statusall::rw-eap.*ESTABLISHED::YES carol::ipsec statusall::home.*ESTABLISHED::YES carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES diff --git a/testing/tests/ikev2/rw-eap-aka-id-rsa/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2/rw-eap-aka-id-rsa/hosts/moon/etc/ipsec.conf index 350fc48b6..b239e7718 100755 --- a/testing/tests/ikev2/rw-eap-aka-id-rsa/hosts/moon/etc/ipsec.conf +++ b/testing/tests/ikev2/rw-eap-aka-id-rsa/hosts/moon/etc/ipsec.conf @@ -11,7 +11,7 @@ conn %default keyingtries=1 keyexchange=ikev2 -conn rw-eapaka +conn rw-eap authby=rsasig eap=aka eap_identity=%identity |