NAME

  HTR_E_Out_rijndaelcbc_hmacsha2_256 - Host Transport Mode ESP Outbound RIJNDAEL-CBC with HMAC-SHA2-256 authentication
  


TARGET

  Host


SYNOPSIS

  HTR_E_Out_rijndaelcb_hmacsha2_256.seq [-tooloption ...] -pkt HTR_E_rijndaelcbc_hmacsha2_256.def
    -tooloption : v6eval tool option
  See also HTR_E_common.def and HTR_common.def


INITIALIZATION

For details of Network Topology, see 00README

Set NUT's SAD and SPD as following:

              NET5      NET3
    HOST1_NET5 -- Router -- NUT
         <----transport------

Security Association Database (SAD)

source address NUT_NET3
destination address HOST1_NET5
SPI 0x1000
mode transport
protocol ESP
ESP algorithm RIJNDAEL-CBC
ESP algorithm key TAHITEST89ABCDEF
ESP authentication HMAC-SHA2-256
ESP authentication key TAHITEST89ABCDEFTAHITEST89ABCDEF

Security Policy Database (SPD)

source address NUT_NET3
destination address HOST1_NET5
upper spec any
direction out
protocol ESP
mode transport


TEST PROCEDURE

 Tester                      Target
   |                           |
   |-------------------------->|
   |      ICMP Echo Request    |
   |                           |
   |<--------------------------|
   |      ICMP Echo Reply      |
   |        (with ESP)         |
   |                           |
   v                           v
  1. Send ICMP Echo Request
  2. Receive ICMP Echo Reply with ESP

ICMP Echo Request

IP Header Source Address HOST1_NET5
Destination Address NUT_NET3
ICMP Type 128 (Echo Request)

ICMP Echo Reply with ESP

IP Header Source Address NUT_NET3
Destination Address HOST1_NET5
ESP SPI 0x1000
Algorithm RIJNDAEL-CBC
Key TAHITEST89ABCDEF
Authentication Algorithm HMAC-SHA2-256
Authentication Key TAHITEST89ABCDEFTAHITEST89ABCDEF
ICMP Type 129 (Echo Reply)


JUDGMENT

  PASS: ICMP Echo Reply with ESP received


SEE ALSO

  perldoc V6evalTool
  IPSEC.html IPsec Test Common Utility