Project

General

Profile

IKEv2 Configuration Examples » History » Version 21

Version 20 (Andreas Steffen, 16.10.2010 15:19) → Version 21/32 (Andreas Steffen, 29.10.2010 10:16)

h1. IKEv2 Configuration Examples

h2. Remote Access

|RSA authentication with X.509 certificates |"IPv4":http://www.strongswan.org/uml/testresults/ikev2/rw-cert |"IPv6":http://www.strongswan.org/uml/testresults/ipv6/rw-ikev2 |"NAT":http://www.strongswan.org/uml/testresults/ikev2/nat-two-rw |
|PSK authentication with pre-shared keys |"IPv4":http://www.strongswan.org/uml/testresults/ikev2/rw-psk-ipv4 |"IPv6":http://www.strongswan.org/uml/testresults/ipv6/rw-psk-ikev2|"NAT":http://www.strongswan.org/uml/testresults/ikev2/nat-two-rw-psk|
|EAP_AKA authentication |"IPv4":http://www.strongswan.org/uml/testresults/ikev2/rw-eap-aka-rsa | | |
|EAP_AKA authentication with EAP identity |"IPv4":http://www.strongswan.org/uml/testresults/ikev2/rw-eap-aka-identity | | |
|EAP_SIM authentication |"IPv4":http://www.strongswan.org/uml/testresults/ikev2/rw-eap-sim-rsa | |"RADIUS":http://www.strongswan.org/uml/testresults/ikev2/rw-eap-sim-radius |
|EAP_SIM authentication with EAP identity | | |"RADIUS":http://www.strongswan.org/uml/testresults/ikev2/rw-eap-sim-id-radius |
|EAP_SIM only authentication | | |"RADIUS":http://www.strongswan.org/uml/testresults/ikev2/rw-eap-sim-only-radius |
|EAP_MSCHAPv2 authentication with EAP identity |"IPv4":http://www.strongswan.org/uml/testresults/ikev2/rw-eap-mschapv2-id-rsa| | |
|EAP_MD5 authentication |"IPv4":http://www.strongswan.org/uml/testresults/ikev2/rw-eap-md5-rsa | |"RADIUS":http://www.strongswan.org/uml/testresults/ikev2/rw-eap-md5-radius |
|EAP_MD5 authentication with EAP identity | | |"RADIUS":http://www.strongswan.org/uml/testresults/ikev2/rw-eap-md5-id-radius |
|EAP_TLS authentication |"IPv4":http://www.strongswan.org/uml/testresults/ikev2/rw-eap-tls-only |"IPv4":http://www.strongswan.org/uml/testresults45rc/ikev2/rw-eap-tls-only | |"RADIUS":http://www.strongswan.org/uml/testresults/ikev2/rw-eap-tls-radius |"RADIUS":http://www.strongswan.org/uml/testresults45rc/ikev2/rw-eap-tls-radius |
|EAP_TTLS with EAP_MD5 client authentication |"IPv4":http://www.strongswan.org/uml/testresults/ikev2/rw-eap-ttls-only |"IPv4":http://www.strongswan.org/uml/testresults45rc/ikev2/rw-eap-ttls-only | |"RADIUS":http://www.strongswan.org/uml/testresults/ikev2/rw-eap-ttls-radius |"RADIUS":http://www.strongswan.org/uml/testresults45rc/ikev2/rw-eap-ttls-radius |
|EAP_TTLS with EAP_MD5 client authentication and EAP_TNC with allow/isolate |"IPv4":http://www.strongswan.org/uml/testresults/ikev2/rw-eap-tnc |"IPv4":http://www.strongswan.org/uml/testresults45rc/ikev2/rw-eap-tnc | |"RADIUS":http://www.strongswan.org/uml/testresults/ikev2/rw-eap-tnc-radius |"RADIUS":http://www.strongswan.org/uml/testresults45rc/ikev2/rw-eap-tnc-radius |
|EAP_TTLS with EAP_MD5 client authentication and EAP_TNC with allow/block |"IPv4":http://www.strongswan.org/uml/testresults/ikev2/rw-eap-tnc-block |"IPv4":http://www.strongswan.org/uml/testresults45rc/ikev2/rw-eap-tnc-block | |"RADIUS":http://www.strongswan.org/uml/testresults/ikev2/rw-eap-tnc-radius-block |"RADIUS":http://www.strongswan.org/uml/testresults45rc/ikev2/rw-eap-tnc-radius-block |
|EAP_TTLS with EAP_TLS client authentication and EAP_TNC with allow/isolate |"IPv4":http://www.strongswan.org/uml/testresults/ikev2/rw-eap-tnc-tls |"IPv4":http://www.strongswan.org/uml/testresults45rc/ikev2/rw-eap-tnc-tls | ||

h2. Remote Access with Virtual IP Adresses

| RAM-based server-side virtual IP pool |"IPv4":http://www.strongswan.org/uml/testresults/ikev2/ip-pool |
| DB-based server-side virtual IP pool |"IPv4":http://www.strongswan.org/uml/testresults/ikev2/ip-pool-db |
| Static server-side virtual IP addresses |"IPv4":http://www.strongswan.org/uml/testresults/ikev2/config-payload |
| Static client-side virtual IP addresses |"IPv4":http://www.strongswan.org/uml/testresults/ikev2/virtual-ip |
| Two RAM-based server-side virtual IP pools |"IPv4":http://www.strongswan.org/uml/testresults/ikev2/ip-two-pools |
| Two DB-based server-side virtual IP pools |"IPv4":http://www.strongswan.org/uml/testresults/ikev2/ip-two-pools-db |

h2. Site-to-Site

|RSA authentication with X.509 certificates |"IPv4":http://www.strongswan.org/uml/testresults/ikev2/net2net-cert |"IPv6":http://www.strongswan.org/uml/testresults/ipv6/net2net-ikev2 |
|PSK authentication with pre-shared keys |"IPv4":http://www.strongswan.org/uml/testresults/ikev2/net2net-psk | |

h2. Host-to-Host

|IPsec tunnel mode with X.509 certificates |"IPv4":http://www.strongswan.org/uml/testresults/ikev2/host2host-cert |"IPv6":http://www.strongswan.org/uml/testresults/ipv6/host2host-ikev2 |
|IPsec transport mode with X.509 certificates |"IPv4":http://www.strongswan.org/uml/testresults/ikev2/host2host-transport |"IPv6":http://www.strongswan.org/uml/testresults/ipv6/transport-ikev2 |

h2. Complete List

"All IKEv2 test scenarios":http://www.strongswan.org/uml/testresults/ikev2