Search in sources :

Example 11 with IpsecVpn

use of org.batfish.datamodel.IpsecVpn in project batfish by batfish.

the class IpsecVpnStatusAnswererTest method analyzeVpnTestNone.

@Test
public void analyzeVpnTestNone() {
    IpsecVpn ipsecVpn = createIpsecVpn("local", IkeProposal.PSK_3DES_DH2_MD5, IpsecProposal.NOPFS_ESP_DES_MD5, "key");
    IpsecVpn remote1 = createIpsecVpn("remote1", IkeProposal.PSK_3DES_DH2_MD5, IpsecProposal.NOPFS_ESP_DES_MD5, "key");
    ipsecVpn.initCandidateRemoteVpns();
    ipsecVpn.setRemoteIpsecVpn(remote1);
    ipsecVpn.getCandidateRemoteIpsecVpns().add(remote1);
    IpsecVpnInfo vpnInfo = IpsecVpnStatusAnswerer.analyzeIpsecVpn(ipsecVpn);
    assertThat(vpnInfo.getProblems(), equalTo(Collections.singleton(Problem.NONE)));
    assertThat(vpnInfo.getRemoteEndpoint(), equalTo(new IpsecVpnEndpoint(remote1)));
}
Also used : IpsecVpn(org.batfish.datamodel.IpsecVpn) Test(org.junit.Test)

Example 12 with IpsecVpn

use of org.batfish.datamodel.IpsecVpn in project batfish by batfish.

the class IpsecVpnStatusAnswererTest method analyzeVpnTestIncompatibleIkeProposal.

@Test
public void analyzeVpnTestIncompatibleIkeProposal() {
    IpsecVpn ipsecVpn = createIpsecVpn("local", IkeProposal.PSK_3DES_DH2_MD5, IpsecProposal.NOPFS_ESP_DES_MD5, "key");
    IpsecVpn remote1 = createIpsecVpn("remote1", IkeProposal.PSK_3DES_DH2_SHA1, IpsecProposal.NOPFS_ESP_DES_MD5, "key");
    ipsecVpn.initCandidateRemoteVpns();
    ipsecVpn.setRemoteIpsecVpn(remote1);
    ipsecVpn.getCandidateRemoteIpsecVpns().add(remote1);
    IpsecVpnInfo vpnInfo = IpsecVpnStatusAnswerer.analyzeIpsecVpn(ipsecVpn);
    assertThat(vpnInfo.getProblems(), equalTo(Collections.singleton(Problem.INCOMPATIBLE_IKE_PROPOSALS)));
    assertThat(vpnInfo.getRemoteEndpoint(), equalTo(new IpsecVpnEndpoint(remote1)));
}
Also used : IpsecVpn(org.batfish.datamodel.IpsecVpn) Test(org.junit.Test)

Example 13 with IpsecVpn

use of org.batfish.datamodel.IpsecVpn in project batfish by batfish.

the class IpsecVpnStatusAnswererTest method analyzeVpnTestMultipleProblems.

@Test
public void analyzeVpnTestMultipleProblems() {
    IpsecVpn ipsecVpn = createIpsecVpn("local", IkeProposal.PSK_3DES_DH2_SHA1, IpsecProposal.NOPFS_ESP_DES_SHA, "key");
    IpsecVpn remote1 = createIpsecVpn("remote1", IkeProposal.PSK_3DES_DH2_MD5, IpsecProposal.NOPFS_ESP_DES_MD5, "key-bad");
    ipsecVpn.initCandidateRemoteVpns();
    ipsecVpn.setRemoteIpsecVpn(remote1);
    ipsecVpn.getCandidateRemoteIpsecVpns().add(remote1);
    IpsecVpnInfo vpnInfo = IpsecVpnStatusAnswerer.analyzeIpsecVpn(ipsecVpn);
    assertThat(vpnInfo.getProblems(), equalTo(Sets.newTreeSet(Arrays.asList(Problem.INCOMPATIBLE_IKE_PROPOSALS, Problem.INCOMPATIBLE_IPSEC_PROPOSALS, Problem.INCOMPATIBLE_PRE_SHARED_KEY))));
    assertThat(vpnInfo.getRemoteEndpoint(), equalTo(new IpsecVpnEndpoint(remote1)));
}
Also used : IpsecVpn(org.batfish.datamodel.IpsecVpn) Test(org.junit.Test)

Example 14 with IpsecVpn

use of org.batfish.datamodel.IpsecVpn in project batfish by batfish.

the class IpsecVpnStatusAnswererTest method analyzeVpnTestMultipleRemoteEndpoints.

@Test
public void analyzeVpnTestMultipleRemoteEndpoints() {
    IpsecVpn ipsecVpn = createIpsecVpn("local", IkeProposal.PSK_3DES_DH2_MD5, IpsecProposal.NOPFS_ESP_DES_MD5, "key");
    IpsecVpn remote1 = createIpsecVpn("remote1", IkeProposal.PSK_3DES_DH2_MD5, IpsecProposal.NOPFS_ESP_DES_MD5, "key");
    IpsecVpn remote2 = createIpsecVpn("remote2", IkeProposal.PSK_3DES_DH2_MD5, IpsecProposal.NOPFS_ESP_DES_MD5, "key");
    ipsecVpn.initCandidateRemoteVpns();
    ipsecVpn.setRemoteIpsecVpn(remote1);
    ipsecVpn.getCandidateRemoteIpsecVpns().add(remote1);
    ipsecVpn.getCandidateRemoteIpsecVpns().add(remote2);
    IpsecVpnInfo vpnInfo = IpsecVpnStatusAnswerer.analyzeIpsecVpn(ipsecVpn);
    assertThat(vpnInfo.getProblems(), equalTo(Collections.singleton(Problem.MULTIPLE_REMOTE_ENDPOINTS)));
}
Also used : IpsecVpn(org.batfish.datamodel.IpsecVpn) Test(org.junit.Test)

Example 15 with IpsecVpn

use of org.batfish.datamodel.IpsecVpn in project batfish by batfish.

the class IpsecVpnStatusAnswererTest method analyzeVpnTestMissingRemote.

@Test
public void analyzeVpnTestMissingRemote() {
    IpsecVpn ipsecVpn = createIpsecVpn("local", IkeProposal.PSK_3DES_DH2_MD5, IpsecProposal.NOPFS_ESP_DES_MD5, "key");
    IpsecVpnInfo vpnInfo = IpsecVpnStatusAnswerer.analyzeIpsecVpn(ipsecVpn);
    assertThat(vpnInfo.getProblems(), equalTo(Collections.singleton(Problem.MISSING_REMOTE_ENDPOINT)));
}
Also used : IpsecVpn(org.batfish.datamodel.IpsecVpn) Test(org.junit.Test)

Aggregations

IpsecVpn (org.batfish.datamodel.IpsecVpn)15 Test (org.junit.Test)7 Configuration (org.batfish.datamodel.Configuration)6 BatfishException (org.batfish.common.BatfishException)4 IkeGateway (org.batfish.datamodel.IkeGateway)4 Ip (org.batfish.datamodel.Ip)4 IpsecPolicy (org.batfish.datamodel.IpsecPolicy)4 VisibleForTesting (com.google.common.annotations.VisibleForTesting)3 TreeSet (java.util.TreeSet)3 IkePolicy (org.batfish.datamodel.IkePolicy)3 Interface (org.batfish.datamodel.Interface)3 IpsecProposal (org.batfish.datamodel.IpsecProposal)3 Map (java.util.Map)2 Set (java.util.Set)2 SortedSet (java.util.SortedSet)2 TreeMap (java.util.TreeMap)2 BgpNeighbor (org.batfish.datamodel.BgpNeighbor)2 BgpProcess (org.batfish.datamodel.BgpProcess)2 IkeProposal (org.batfish.datamodel.IkeProposal)2 InterfaceAddress (org.batfish.datamodel.InterfaceAddress)2