HTR_E_Out_3descbc_hmacsha2_256 - Host Transport Mode ESP Outbound 3DES-CBC with HMAC-SHA2-256 authentication
Host
HTR_E_Out_3descbc_hmacsha2_256.seq [-tooloption ...] -pkt HTR_E_3descbc_hmacsha2_256.def
-tooloption : v6eval tool option
See also HTR_E_common.def and HTR_common.def
For details of Network Topology, see 00README
Set NUT's SAD and SPD as following:
NET5 NET3
HOST1_NET5 -- Router -- NUT
<----transport------
Security Association Database (SAD)
| source address | NUT_NET3 |
| destination address | HOST1_NET5 |
| SPI | 0x1000 |
| mode | transport |
| protocol | ESP |
| ESP algorithm | 3DES-CBC |
| ESP algorithm key | TAHITEST89ABCDEFGHIJKLMN |
| ESP authentication | HMAC-SHA2-256 |
| ESP authentication key | TAHITEST89ABCDEFTAHITEST89ABCDEF |
Security Policy Database (SPD)
| source address | NUT_NET3 |
| destination address | HOST1_NET5 |
| upper spec | any |
| direction | out |
| protocol | ESP |
| mode | transport |
Tester Target | | |-------------------------->| | ICMP Echo Request | | | |<--------------------------| | ICMP Echo Reply | | (with ESP) | | | v v
ICMP Echo Request
| IP Header | Source Address | HOST1_NET5 |
| Destination Address | NUT_NET3 | |
| ICMP | Type | 128 (Echo Request) |
ICMP Echo Reply with ESP
| IP Header | Source Address | NUT_NET3 |
| Destination Address | HOST1_NET5 | |
| ESP | SPI | 0x1000 |
| Algorithm | 3DES-CBC | |
| Key | TAHITEST89ABCDEFGHIJKLMN | |
| Authentication Algorithm | HMAC-SHA2-256 | |
| Authentication Key | TAHITEST89ABCDEFTAHITEST89ABCDEF | |
| ICMP | Type | 129 (Echo Reply) |
PASS: ICMP Echo Reply with ESP received
perldoc V6evalTool
IPSEC.html IPsec Test Common Utility