| No. | Title |
Result | Log | Script | Packet | Dump (bin) |
| Host Transport Mode |
|
|
|
|
|
| Initialize for Host |
|
|
|
|
|
| 1 | Set Global Address and Check (Host) | PASS | X | X | X | Link0 |
| Host Transport AH Outbound |
|
|
|
|
|
| Host Transport AH Outbound with authentication |
|
|
|
|
|
| 2 | Outbound AH packet (HMAC-MD5) | PASS | X | X | X | Link0 |
| 3 | Outbound AH packet (HMAC-SHA1) | PASS | X | X | X | Link0 |
| Host Transport AH Outbound Header Order |
|
|
|
|
|
| 4 | Outbound Header Order (Fragment Header vs AH) | PASS | X | X | X | Link0 |
| Host Transport AH Outbound Connect SA bundles |
|
|
|
|
|
| 5 | Connect two SA bundles with different spi, different IPdst | PASS | X | X | X | Link0 |
| 6 | Connect two SA bundles with same spi, different IPdst | PASS | X | X | X | Link0 |
| Host Transport AH Inbound |
|
|
|
|
|
| Host Transport AH Inbound with authentication |
|
|
|
|
|
| 7 | Inbound AH packet (HMAC-MD5) | PASS | X | X | X | Link0 |
| 8 | Inbound AH packet (HMAC-SHA1) | PASS | X | X | X | Link0 |
| Host Transport AH Inbound Header Order |
|
|
|
|
|
| 9 | Inbound Header Order (Fragment Header vs AH) | PASS | X | X | X | Link0 |
| Host Transport AH Inbound Connect SA bundles |
|
|
|
|
|
| 10 | Connect two SA bundles with different spi, different IPsrc | PASS | X | X | X | Link0 |
| 11 | Connect two SA bundles with different spi, same IPsrc | PASS | X | X | X | Link0 |
| Host Transport AH Inbound, Detect modification of packet with AH |
|
|
|
|
|
| 12 | Detect modification of IPv6 header IP dst address with AH | PASS | X | X | X | Link0 |
| 13 | Detect modification of IPv6 header IP src address with AH | PASS | X | X | X | Link0 |
| 14 | Undetect modification of IPv6 header hoplimit with AH | PASS | X | X | X | Link0 |
| 15 | Detect modification of IPv6 header IP dst address with Routing header and AH | PASS | X | X | X | Link0 |
| 16 | Detect modification of Routing header "last router address" with AH | PASS | X | X | X | Link0 |
| 17 | Detect modification of DstOpt header option type before AH | PASS | X | X | X | Link0 |
| 18 | Detect modification of DstOpt header option len before AH | PASS | X | X | X | Link0 |
| 19 | Detect modification of DstOpt header option data before AH | PASS | X | X | X | Link0 |
| 20 | Detect modification of DstOpt header option data after AH | PASS | X | X | X | Link0 |
| 21 | Detect modification of HBHOpt header option type with AH | PASS | X | X | X | Link0 |
| 22 | Detect modification of HBHOpt header option len with AH | PASS | X | X | X | Link0 |
| 23 | Detect modification of HBHOpt header option data with AH | PASS | X | X | X | Link0 |
| 24 | Detect modification of payload with AH | PASS | X | X | X | Link0 |
| Host Transport ESP Outbound |
|
|
|
|
|
| ESP Outbound without authentication |
|
|
|
|
|
| 25 | Outbound ESP packet (DES-CBC) | PASS | X | X | X | Link0 |
| 26 | Outbound ESP packet (3DES-CBC) | PASS | X | X | X | Link0 |
| 27 | Outbound ESP packet (RIJNDAEL-CBC) | PASS | X | X | X | Link0 |
| ESP Outbound with authentication |
|
|
|
|
|
| 28 | Outbound ESP packet (NULL, HMAC-MD5) | PASS | X | X | X | Link0 |
| 29 | Outbound ESP packet (NULL, HMAC-SHA1) | PASS | X | X | X | Link0 |
| 30 | Outbound ESP packet (NULL, HMAC-SHA2-256) | PASS | X | X | X | Link0 |
| 31 | Outbound ESP packet (DES-CBC, HMAC-MD5) | PASS | X | X | X | Link0 |
| 32 | Outbound ESP packet (DES-CBC, HMAC-SHA1) | PASS | X | X | X | Link0 |
| 33 | Outbound ESP packet (DES-CBC, HMAC-SHA2-256) | PASS | X | X | X | Link0 |
| 34 | Outbound ESP packet (3DES-CBC, HMAC-MD5) | PASS | X | X | X | Link0 |
| 35 | Outbound ESP packet (3DES-CBC, HMAC-SHA1) | PASS | X | X | X | Link0 |
| 36 | Outbound ESP packet (3DES-CBC, HMAC-SHA2-256) | PASS | X | X | X | Link0 |
| 37 | Outbound ESP packet (RIJNDAEL-CBC, HMAC-MD5) | PASS | X | X | X | Link0 |
| 38 | Outbound ESP packet (RIJNDAEL-CBC, HMAC-SHA1) | PASS | X | X | X | Link0 |
| 39 | Outbound ESP packet (RIJNDAEL-CBC, HMAC-SHA2-256) | PASS | X | X | X | Link0 |
| ESP Outbound Padding |
|
|
|
|
|
| 40 | Outbound Padding (NULL, HMAC-MD5) | PASS | X | X | X | Link0 |
| 41 | Outbound Padding (NULL, HMAC-SHA1) | PASS | X | X | X | Link0 |
| 42 | Outbound Padding (NULL, HMAC-SHA2-256) | PASS | X | X | X | Link0 |
| 43 | Outbound Padding (DES-CBC, HMAC-MD5) | PASS | X | X | X | Link0 |
| 44 | Outbound Padding (DES-CBC, HMAC-SHA1) | PASS | X | X | X | Link0 |
| 45 | Outbound Padding (DES-CBC, HMAC-SHA2-256) | PASS | X | X | X | Link0 |
| 46 | Outbound Padding (3DES-CBC, HMAC-MD5) | PASS | X | X | X | Link0 |
| 47 | Outbound Padding (3DES-CBC, HMAC-SHA1) | PASS | X | X | X | Link0 |
| 48 | Outbound Padding (3DES-CBC, HMAC-SHA2-256) | PASS | X | X | X | Link0 |
| 49 | Outbound Padding (RIJNDAEL-CBC, HMAC-MD5) | PASS | X | X | X | Link0 |
| 50 | Outbound Padding (RIJNDAEL-CBC, HMAC-SHA1) | PASS | X | X | X | Link0 |
| 51 | Outbound Padding (RIJNDAEL-CBC, HMAC-SHA2-256) | PASS | X | X | X | Link0 |
| ESP Outboud Sequence Counter Overflow |
|
|
|
|
|
| 52 | Sequence Counter Overflow check | FAIL (73) | - | X | X | - |
| ESP Outbound Lifetime of SA |
|
|
|
|
|
| 53 | Lifetime of SA using time, ESP (NULL),ESP Authentication HMAC-MD5 | PASS | X | X | X | Link0 |
| 54 | Lifetime of SA using byte, ESP (NULL),ESP Authentication HMAC-MD5 | PASS | X | X | X | Link0 |
| ESP Outbound Header Order |
|
|
|
|
|
| 55 | Header Order (Fragment Header vs ESP (NULL, HMAC-MD5) ) | PASS | X | X | X | Link0 |
| 56 | Header Order (Fragment Header vs ESP (NULL, HMAC-SHA1) ) | PASS | X | X | X | Link0 |
| 57 | Header Order (Fragment Header vs ESP (NULL, HMAC-SHA2-256) ) | PASS | X | X | X | Link0 |
| ESP Outbound Connect SA bundles |
|
|
|
|
|
| 58 | Connect two SA bundles with different spi, different IPdst, ESP (DES-CBC) | PASS | X | X | X | Link0 |
| 59 | Connect two SA bundles with different spi, different IPdst, ESP (3DES-CBC) | PASS | X | X | X | Link0 |
| 60 | Connect two SA bundles with different spi, different IPdst, ESP (RIJNDAEL-CBC) | PASS | X | X | X | Link0 |
| 61 | Connect two SA bundles with same spi, different IPdst, ESP (DES-CBC) | PASS | X | X | X | Link0 |
| 62 | Connect two SA bundles with same spi, different IPdst, ESP (3DES-CBC) | PASS | X | X | X | Link0 |
| 63 | Connect two SA bundles with same spi, different IPdst, ESP (RIJNDAEL-CBC) | PASS | X | X | X | Link0 |
| Host Transport ESP Inbound |
|
|
|
|
|
| ESP Inbound without authentication |
|
|
|
|
|
| 64 | Inbound ESP (DES-CBC) packet | PASS | X | X | X | Link0 |
| 65 | Inbound ESP (3DES-CBC) packet | PASS | X | X | X | Link0 |
| 66 | Inbound ESP (RIJNDAEL-CBC) packet | PASS | X | X | X | Link0 |
| 67 | Inbound ESP (DES-CBC) packet (Invalid Encryption Key) | PASS | X | X | X | Link0 |
| 68 | Inbound ESP (3DES-CBC) packet (Invalid Encryption Key) | PASS | X | X | X | Link0 |
| 69 | Inbound ESP (RIJNDAEL-CBC) packet (Invalid Encryption Key) | PASS | X | X | X | Link0 |
| ESP Inbound with authentication |
|
|
|
|
|
| 70 | Inbound ESP packet (NULL, HMAC-MD5) | PASS | X | X | X | Link0 |
| 71 | Inbound ESP packet (NULL, HMAC-SHA1) | PASS | X | X | X | Link0 |
| 72 | Inbound ESP packet (NULL, HMAC-SHA2-256) | PASS | X | X | X | Link0 |
| 73 | Inbound ESP packet (DES-CBC, HMAC-MD5) | PASS | X | X | X | Link0 |
| 74 | Inbound ESP packet (DES-CBC, HMAC-SHA1) | PASS | X | X | X | Link0 |
| 75 | Inbound ESP packet (DES-CBC, HMAC-SHA2-256) | PASS | X | X | X | Link0 |
| 76 | Inbound ESP packet (3DES-CBC, HMAC-MD5) | PASS | X | X | X | Link0 |
| 77 | Inbound ESP packet (3DES-CBC, HMAC-SHA1) | PASS | X | X | X | Link0 |
| 78 | Inbound ESP packet (3DES-CBC, HMAC-SHA2-256) | PASS | X | X | X | Link0 |
| 79 | Inbound ESP packet (RIJNDAEL-CBC, HMAC-MD5) | PASS | X | X | X | Link0 |
| 80 | Inbound ESP packet (RIJNDAEL-CBC, HMAC-SHA1) | PASS | X | X | X | Link0 |
| 81 | Inbound ESP packet (RIJNDAEL-CBC, HMAC-SHA2-256) | PASS | X | X | X | Link0 |
| 82 | Inbound ESP (DES-CBC, HMAC-MD5) packet (Invalid Authentication Key) | PASS | X | X | X | Link0 |
| 83 | Inbound ESP (DES-CBC, HMAC-SHA1) packet (Invalid Authentication Key) | PASS | X | X | X | Link0 |
| 84 | Inbound ESP (DES-CBC, HMAC-SHA2-256) packet (Invalid Authentication Key) | PASS | X | X | X | Link0 |
| ESP Inbound Padding |
|
|
|
|
|
| 85 | Inbound Padding (NULL, HMAC-MD5) | PASS | X | X | X | Link0 |
| 86 | Inbound Padding (NULL, HMAC-SHA1) | PASS | X | X | X | Link0 |
| 87 | Inbound Padding (NULL, HMAC-SHA2-256) | PASS | X | X | X | Link0 |
| 88 | Inbound Padding (DES-CBC, HMAC-MD5) | PASS | X | X | X | Link0 |
| 89 | Inbound Padding (DES-CBC, HMAC-SHA1) | PASS | X | X | X | Link0 |
| 90 | Inbound Padding (DES-CBC, HMAC-SHA2-256) | PASS | X | X | X | Link0 |
| 91 | Inbound Padding (3DES-CBC, HMAC-MD5) | PASS | X | X | X | Link0 |
| 92 | Inbound Padding (3DES-CBC, HMAC-SHA1) | PASS | X | X | X | Link0 |
| 93 | Inbound Padding (3DES-CBC, HMAC-SHA2-256) | PASS | X | X | X | Link0 |
| 94 | Inbound Padding (RIJNDAEL-CBC, HMAC-MD5) | PASS | X | X | X | Link0 |
| 95 | Inbound Padding (RIJNDAEL-CBC, HMAC-SHA1) | PASS | X | X | X | Link0 |
| 96 | Inbound Padding (RIJNDAEL-CBC, HMAC-SHA2-256) | PASS | X | X | X | Link0 |
| 97 | Padding Length is 255 (max), ESP (DES-CBC) | PASS | X | X | X | Link0 |
| 98 | Padding Length is 255 (max), ESP (3DES-CBC) | PASS | X | X | X | Link0 |
| 99 | Padding Length is 255 (max), ESP (RIJNDAEL-CBC) | PASS | X | X | X | Link0 |
| 100 | Invalid Padding, ESP(DES-CBC) | PASS | X | X | X | Link0 |
| 101 | Invalid Padding, ESP(3DES-CBC) | PASS | X | X | X | Link0 |
| 102 | Invalid Padding, ESP(RIJNDAEL-CBC) | PASS | X | X | X | Link0 |
| ESP Inbound Anti-Replay Window |
|
|
|
|
|
| 103 | Duplicate Sequence Number check | PASS | X | X | X | Link0 |
| 104 | Sliding receive window check | PASS | X | X | X | Link0 |
| 105 | Expand or shift Receive Window | PASS | X | X | X | Link0 |
| ESP Inbound Lifetime of SA |
|
|
|
|
|
| 106 | Lifetime of SA using time, ESP (NULL),ESP Authentication HMAC-MD5 | PASS | X | X | X | Link0 |
| 107 | Lifetime of SA using byte, ESP (NULL),ESP Authentication HMAC-MD5 | PASS | X | X | X | Link0 |
| ESP Inbound Header Order |
|
|
|
|
|
| 108 | Header Order (Fragment Header vs ESP (NULL, HMAC-MD5)) | PASS | X | X | X | Link0 |
| 109 | Header Order (Fragment Header vs ESP (NULL, HMAC-SHA1)) | PASS | X | X | X | Link0 |
| 110 | Header Order (Fragment Header vs ESP (NULL, HMAC-SHA2-256)) | PASS | X | X | X | Link0 |
| ESP Inbound Connect SA bundles |
|
|
|
|
|
| 111 | Connect two SA bundles with different spi, different IPsrc, ESP (DES-CBC) | PASS | X | X | X | Link0 |
| 112 | Connect two SA bundles with different spi, different IPsrc, ESP (3DES-CBC) | PASS | X | X | X | Link0 |
| 113 | Connect two SA bundles with different spi, different IPsrc, ESP (RIJNDAEL-CBC) | PASS | X | X | X | Link0 |
| 114 | Connect two SA bundles with different spi, same IPsrc, ESP (DES-CBC) | PASS | X | X | X | Link0 |
| 115 | Connect two SA bundles with different spi, same IPsrc, ESP (3DES-CBC) | PASS | X | X | X | Link0 |
| 116 | Connect two SA bundles with different spi, same IPsrc, ESP (RIJNDAEL-CBC) | PASS | X | X | X | Link0 |
| Host Transport AH-ESP Outbound |
|
|
|
|
|
| 117 | Outbound AH-ESP combination | PASS | X | X | X | Link0 |
| Host Transport AH-ESP Inbound |
|
|
|
|
|
| 118 | Inbound AH-ESP combination | PASS | X | X | X | Link0 |
| Host Transport Common Outbound |
|
|
|
|
|
| 119 | Select SPD entry (policy=discard,none) | PASS | X | X | X | Link0 |
| 120 | Select SPD entry (policy=discard,none), ESP (DES-CBC) | PASS | X | X | X | Link0 |
| 121 | Select SPD entry (policy=discard,none), ESP (3DES-CBC) | PASS | X | X | X | Link0 |
| 122 | Select SPD entry (policy=discard,none), ESP(RIJNDAEL-CBC) | PASS | X | X | X | Link0 |
| Host Transport Common Inbound |
|
|
|
|
|
| Inbound Connect SA bundles |
|
|
|
|
|
| 123 | Connect two SA bundles with same spi, same IPsrc, different protocol | PASS | X | X | X | Link0 |
| 124 | Select SPD entry (policy=discard,none), AH (HMAC-MD5) | PASS | X | X | X | Link0 |
| 125 | Select SPD entry (policy=discard,none), ESP (DES-CBC) | PASS | X | X | X | Link0 |
| 126 | Select SPD entry (policy=discard,none), ESP (3DES-CBC) | PASS | X | X | X | Link0 |
| 127 | Select SPD entry (policy=discard,none), ESP (RIJNDAEL-CBC) | PASS | X | X | X | Link0 |
| Router Tunnel Mode |
|
|
|
|
|
| Initialize for Router |
|
|
|
|
|
| 128 | Set Global Address and Check (Router) | PASS | X | X | X | Link0 Link1 |
| Router Tunnel AH Outbound |
|
|
|
|
|
| Router Tunnel AH Outbound with authentication |
|
|
|
|
|
| 129 | Outbound AH packet (HMAC-MD5) | PASS | X | X | X | Link0 Link1 |
| 130 | Outbound AH packet (HMAC-SHA1) | PASS | X | X | X | Link0 Link1 |
| Router Tunnel AH Outbound Connect SA bundles |
|
|
|
|
|
| 131 | Connect two SA bundles with different spi, different IPdst | PASS | X | X | X | Link0 Link1 |
| 132 | Connect two SA bundles with same spi, different IPdst | PASS | X | X | X | Link0 Link1 |
| Router Tunnel AH Inbound |
|
|
|
|
|
| Router Tunnel AH Inbound with authentication |
|
|
|
|
|
| 133 | Inbound AH Tunnel packet (with SPD entry) | PASS | X | X | X | Link0 Link1 |
| 134 | Inbound AH packet (HMAC-MD5) | PASS | X | X | X | Link0 Link1 |
| 135 | Inbound AH packet (HMAC-SHA1) | PASS | X | X | X | Link0 Link1 |
| Router Tunnel AH Inbound Header Order |
|
|
|
|
|
| 136 | Header Order (Destination Options Header vs AH) | PASS | X | X | X | Link0 Link1 |
| Router Tunnel AH Inbound Connect SA bundles |
|
|
|
|
|
| 137 | Connect two SA bundles with different spi, different IPsrc | PASS | X | X | X | Link0 Link1 |
| 138 | Connect two SA bundles with different spi, same IPsrc | PASS | X | X | X | Link0 Link1 |
| Router Tunnel AH Inbound, Detect modification of packet with AH |
|
|
|
|
|
| 139 | Detect modification of IPv6 header IP dst address with AH | PASS | X | X | X | Link0 Link1 |
| 140 | Detect modification of IPv6 header IP src address with AH | PASS | X | X | X | Link0 Link1 |
| 141 | Undetect modification of IPv6 header hoplimit with AH | PASS | X | X | X | Link0 Link1 |
| 142 | Detect modification of IPv6 header IP dst address with Routing header and AH | PASS | X | X | X | Link0 Link1 |
| 143 | Detect modification of Routing header "last router address" with AH | PASS | X | X | X | Link0 Link1 |
| 144 | Detect modification of DstOpt header option type before AH | PASS | X | X | X | Link0 Link1 |
| 145 | Detect modification of DstOpt header option len before AH | PASS | X | X | X | Link0 Link1 |
| 146 | Detect modification of DstOpt header option data before AH | PASS | X | X | X | Link0 Link1 |
| 147 | Detect modification of HBHOpt header option type with AH | PASS | X | X | X | Link0 Link1 |
| 148 | Detect modification of HBHOpt header option len with AH | PASS | X | X | X | Link0 Link1 |
| 149 | Detect modification of HBHOpt header option data with AH | PASS | X | X | X | Link0 Link1 |
| 150 | Detect modification of inner IPv6 header hoplimit of AH tunnel | PASS | X | X | X | Link0 Link1 |
| 151 | Detect modification of inner payload of AH tunnel | PASS | X | X | X | Link0 Link1 |
| Router Tunnel ESP Outbound |
|
|
|
|
|
| ESP Outbound without authentication |
|
|
|
|
|
| 152 | Outbound ESP packet (DES-CBC) | PASS | X | X | X | Link0 Link1 |
| 153 | Outbound ESP packet (3DES-CBC) | PASS | X | X | X | Link0 Link1 |
| ESP Outbound with authentication |
|
|
|
|
|
| 154 | Outbound ESP packet (NULL, HMAC-MD5) | PASS | X | X | X | Link0 Link1 |
| 155 | Outbound ESP packet (NULL, HMAC-SHA1) | PASS | X | X | X | Link0 Link1 |
| 156 | Outbound ESP packet (DES-CBC, HMAC-MD5) | PASS | X | X | X | Link0 Link1 |
| 157 | Outbound ESP packet (DES-CBC, HMAC-SHA1) | PASS | X | X | X | Link0 Link1 |
| 158 | Outbound ESP packet (3DES-CBC, HMAC-MD5) | PASS | X | X | X | Link0 Link1 |
| 159 | Outbound ESP packet (3DES-CBC, HMAC-SHA1) | PASS | X | X | X | Link0 Link1 |
| ESP Outbound Padding |
|
|
|
|
|
| 160 | Outbound Padding (NULL, HMAC-MD5) | PASS | X | X | X | Link0 Link1 |
| 161 | Outbound Padding (DES-CBC, HMAC-MD5) | PASS | X | X | X | Link0 Link1 |
| 162 | Outbound Padding (3DES-CBC, HMAC-MD5) | PASS | X | X | X | Link0 Link1 |
| ESP Outbound Connect SA bundles |
|
|
|
|
|
| 163 | Connect two SA bundles with different spi, different IPdst | PASS | X | X | X | Link0 Link1 |
| 164 | Connect two SA bundles with same spi, different IPdst | PASS | X | X | X | Link0 Link1 |
| Router Tunnel ESP Inbound |
|
|
|
|
|
| 165 | Inbound ESP Tunnel packet (with SPD entry) | PASS | X | X | X | Link0 Link1 |
| ESP Inbound without authentication |
|
|
|
|
|
| 166 | Inbound ESP packet (DES-CBC) | PASS | X | X | X | Link0 Link1 |
| 167 | Inbound ESP packet (3DES-CBC) | PASS | X | X | X | Link0 Link1 |
| 168 | Inbound ESP packet (Invalid Encryption Key) | PASS | X | X | X | Link0 Link1 |
| ESP Inbound with authentication |
|
|
|
|
|
| 169 | Inbound ESP packet (NULL, HMAC-MD5) | PASS | X | X | X | Link0 Link1 |
| 170 | Inbound ESP packet (NULL, HMAC-SHA1) | PASS | X | X | X | Link0 Link1 |
| 171 | Inbound ESP packet (DES-CBC, HMAC-MD5) | PASS | X | X | X | Link0 Link1 |
| 172 | Inbound ESP packet (DES-CBC, HMAC-SHA1) | PASS | X | X | X | Link0 Link1 |
| 173 | Inbound ESP packet (3DES-CBC, HMAC-MD5) | PASS | X | X | X | Link0 Link1 |
| 174 | Inbound ESP packet (3DES-CBC, HMAC-SHA1) | PASS | X | X | X | Link0 Link1 |
| 175 | Inbound ESP packet (Invalid Authentication Key) | PASS | X | X | X | Link0 Link1 |
| Router Tunnel ESP Inbound Header Order |
|
|
|
|
|
| 176 | Header Order (Destination Options Header vs ESP) | PASS | X | X | X | Link0 Link1 |
| ESP Inbound Padding |
|
|
|
|
|
| 177 | Inbound Padding (NULL, HMAC-MD5) | PASS | X | X | X | Link0 Link1 |
| 178 | Inbound Padding (DES-CBC, HMAC-MD5) | PASS | X | X | X | Link0 Link1 |
| 179 | Inbound Padding (3DES-CBC, HMAC-MD5) | PASS | X | X | X | Link0 Link1 |
| 180 | Padding Length is 255 (max) | PASS | X | X | X | Link0 Link1 |
| 181 | Invalid Padding | PASS | X | X | X | Link0 Link1 |
| ESP Inbound Connect SA bundles |
|
|
|
|
|
| 182 | Connect two SA bundles with different spi, different IPsrc | PASS | X | X | X | Link0 Link1 |
| 183 | Connect two SA bundles with different spi, same IPsrc | PASS | X | X | X | Link0 Link1 |
| Router Tunnel Common Inbound |
|
|
|
|
|
| Inbound Connect SA bundles |
|
|
|
|
|
| 184 | Connect two SA bundles with same spi, same IPsrc, different protocol | PASS | X | X | X | Link0 Link1 |