Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

Test Case No

Test cases Name

Steps

Expected Result

Priority

Test Case Type

XEN

KVM

VMware

 

Virtual Router Scenario

 

 

 

 

 

 

 

Egress FR - 1          

By-default the communication from guest n/w to public n/w is blocked

1. login to Guest VM 2. Ping public network

2. Public network should be blocked

P1

Functional

Pass

 


Egress FR -2

Allow Communication using Egress rule with CIDR + Port Range + Protocol

1. Create Egress rule with Specific CIDR +Port Range +Protocol 2. Login to Guest VM 3. Try to connect the public network with specified CIDR,  on Specified Port and with Specified protcol

1. Rule is created without any erros 3. Connection should be established successfully

P1

Functional

Pass

 

 

Egress FR -3

Communication blocked with network that is other than specified

1. Create Egress rule with Specific CIDR +Port Range +Protocol 2. Login to Guest VM 3. Try to connect the public network with other than specified CIDR 4. Try to connect to the Port other than specified 5. Try to connect to the Protocol other than specified.

3. Connection Fail 4. Connection Fail 5. Connection Fail

P1

Functional

Pass

 


Egress FR -4

Create Egress rule and check the Firewall_Rules DB table

1. Create a Egress rule with Specific CIDR + Port Range + Protocol 2. Login to cloud DB 3. check the table Firewall_Rules

3. For the Rule, purpose should be shown as "Firewall" and Traffic_type should be set to "Egress"

P1

Functional

Pass

 

 

Egress FR -5

Create Egress rule and check the IP tables

1. Create a Egress rule with Specific CIDR + Port Range + Protocol 2. Login to VR 3. Check the ip tables

3. ip tables should list the rule created as follows -A FW_OUTBOUND -j FW_EGRESS_RULES -A FW_EGRESS_RULES -m state --state RELATED,ESTABLISHED -j ACCEPT -A FW_EGRESS_RULES -d 10.147.28.0/24 -p tcp -m tcp --dport 22 -j ACCEPT -A FW_EGRESS_RULES -j DROP

P1

Functional

Pass

 

 

Egress FR -6

Create Egress rule without CIDR

1. Create a Egress rule with Empty CIDR value + valid Port Range + valid Protocol 2. Check the Communication with different IPs , with Port within the specified Port Range and with specified Protocol

1. If CIDR is not specified the it should be defaulted to 0.0.0.0/0 2. Connection should be established successfully

P1

Functional

Pass

 

 

Egress FR -7

Create Egress rule without End Port

1. Create a Egress rule without end Port 2. With Valid CIDR value + valid Start Port + valid Protocol 3. Try to establish communication with Public network on Specified start port

2. Start port and end port should be the Same in this case 3. Connection should be established successfully

P1

Functional

Pass

 

 

Egress FR -8

Port Forwarding and Egress Conflict

1. Create a PF rule that allows Port 22 on acquired public IP 2. Add Egress rule that allows communication from Guest nw to a Particular CIDR 3. Now try to connect from Ips other than specified in CIDR  to the public IP specified in PF rule

3.  Connection to Public IP specified in PF rule should be successful and Egress should not impact it

P1

Functional

Pass

 

 

Egress FR -9

Delete Egress rule

1. Lets assume there is only One Egress rule. Now, Delete that Egress rule 2. Check that the communication is allowed from Guest network to ANY Public IP

2.   Connection with any Public IP should be established successfully

P1

Functional

Pass


 

Egress FR-10

Invalid CIDR and Invalid Port ranges

1. Create a Egress rule with Invlaid CIDR value + Invalid Port Range

1. Error should be thrown on UI

P1

Functional

Pass

 

 

Egress FR-11

Regression on Firewall + PF + LB + SNAT

1. Create Firewall Rule 2. Create PF rule 3. Create SNAT rule 4. Create LB rule

1,2,3,4  : All functionalities should work fine

P1

Functional

Pass

 

 

Egress FR-12

Reboot Router

1. Create a Egress rule with Specific CIDR + Port Range + Protocol 2. Reboot VR 3. Login to Guest VM 4. Try to connect the public network with specified CIDR,  on Specified Port and with Specified protcol

1. Rule is created without any erros 2. After reboot all rules should be present 3. Connection should be established successfully

P1

Functional

Pass


 

Egress FR-13

Redundant Router : Master failover

1. Create a Egress rule with Specific CIDR + Port Range + Protocol 2. Stop Master router 3. Login to Guest VM 4. Try to connect the public network with specified CIDR,  on Specified Port and with Specified protcol

1. Rule is created without any erros 2. After Stopping master, Slave should become master and all rules should be configured on it 3. Connection should be established successfully

P1

Functional

Pass

 

 

 

 

 

 

 

 

 

 

 

 

JUNIPER SRX Scenario

 

 

 

 

 

 

 

Egress FR-14

By Default, check that the communication from Guest NW (trust) to Public NW (Untrust) is blocked

1. Login to Guest VM 2. Try to connect to public network

2. Public NW is unreachable

P1

Functional

Pass

Pass

Pass

Egress FR-15

Allow Communication using Egress rule with CIDR + Port Range + Protocol

1. Create a Egress rule with Specific CIDR + Port Range + Protocol 2. Login to Guest VM 3. Try to connect the public network with specified CIDR,  on Specified Port and with Specified protcol

1. Rule is created without any erros 3. Connection should be established successfully

P1

Functional

Pass

Pass

Pass

Egress FR-16

Communication blocked with network that is other than specified

1. Create a Egress rule with Specific CIDR + Port Range + Protocol 2. Login to Guest VM 3. Try to connect the public network with other than specified CIDR 4. Try to connect to the Port other than specified 5. Try to connect to the Protocol other than specified.

3. Connection Fail 4. Connection Fail 5. Connection Fail

P1

Functional

Pass

Pass

Pass

Egress FR-17

Create Egress rule and check the rules configured on SRX device

1. Create a Egress rule with Specific CIDR + Port Range + Protocol 2. Login to SRX device 3. Check the Policies

3. Policy should be created as follows on SRX device and it should contain specified CIDR, PORT range and Protocol

P1

Functional

Pass

Pass

Pass

Egress FR-18

Create a Egress rule without specifying CIDR

1. Create a Egress rule with Empty CIDR value + valid Port Range + valid Protocol and check the policy that gets created on SRX 2. Check the Communication with different IPs , with Port within the specified Port Range and with specified Protocol

1. If CIDR is not specified the it should be defaulted to 0.0.0.0/0 and Policy on SRX should list Destination address as ANY 2. Connection should be established successfully

P1

Functional

Pass

Pass

Pass

Egress FR-19

Create Egress rule without End Port

1. Create a Egress rule without end Port 2. With Valid CIDR value + valid Start Port + valid Protocol and check SRX policies 3. Try to establish communication with Public network on Specified start port

2. On SRX device, application should show Start port = End port 3. Connection should be established successfully

P1

Functional

Pass

Pass

Pass

Egress FR-20

Regression on Firewall + PF + LB + SNAT

1. Create Firewall Rule 2. Create PF rule 3. Create SNAT rule 4. Create LB rule

1,2,3,4  : All functionalities should work fine

P1

Functional

Pass

Pass

Pass

Egress FR-21

create egress rule port 22 from guest network to any destination

1. create egress rule for network with port 22 to any destination

1. tcp 22 traffic allowed form guest network to any destination2. other traffic such as ping are blocked

P1

Functional

Pass

Pass

Pass