/testing/guestbin/swan-prep
west #
 ipsec start
Redirecting to: [initsystem]
west #
 /testing/pluto/bin/wait-until-pluto-started
west #
 echo "initdone"
initdone
west #
 ipsec auto --add first
002 "first": added IKEv2 connection
west #
 ipsec auto --add second
002 "second": added IKEv2 connection
west #
 # conn second should inherit the conn %default values with 3des-md5
west #
 ipsec status |grep "algorithms:"
000 "first":   IKE algorithms: AES_CBC-HMAC_SHA2_256-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31
000 "first":   ESP algorithms: AES_CBC-HMAC_SHA2_256_128
000 "second":   IKE algorithms: 3DES_CBC-HMAC_SHA1-MODP2048+MODP3072+MODP4096+MODP8192+DH19+DH20+DH21+DH31
000 "second":   ESP algorithms: 3DES_CBC-HMAC_SHA1_96
west #
 # connection should fail to load - don't accept %fromcert without cert
west #
 ipsec auto --add cert-complain
036 "cert-complain": ID cannot be specified as %fromcert if PSK or AUTH-NULL is used
036 "cert-complain": failed to add connection: attempt to load incomplete connection
west #
 # this one should work as %fromcert means for the CERT received with IKE
west #
 ipsec auto --add cert-allow
002 "cert-allow": added IKEv2 connection
west #
 echo done
done
west #
 
