Manualshelf

HP-UX Secure Resource Partitions (SRP) A.02.02 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)
41424344454647484950
49
8.1.8.1 Input Data
SRP prompts for the following data. You can also specify a variable name and value in the command
line, as described in 15.1 Creating an SRP Compartment or Adding Data to an SRP.
IPsec peer IP
address
The destination, or remote IP address for the IPSec policies.
Variable Name: ipsec_peer_addr.
Valid Input: An IPv4 address in dotted-decimal notation or an IPv6 address in
colon-hexadecimal notation.
Default: None.
IPSec transform
The transform for the IPSec host policy. This must be compatible with the
transform configured on the peer system.
Variable Name: ipsec_transform.
Valid Input:
ESP_AES128_HMAC_SHA1
ESP_AES128_HMAC_MD5
ESP_3DES_HMAC_SHA1
ESP_3DES_HMAC_MD5
ESP_NULL_HMAC_SHA1
ESP_NULL_HMAC_MD5
Default: ESP_AES128_HMAC_SHA1
IPSec preshared
key
The preshared key used to authenticate the identity of the IPSec peer. This must
match the value configured on the peer system.
Parameter Name: ipsec_psk.
Valid value: A text string, containing 1 - 128 ASCII characters (whitespaces are
not allowed).
Default: None.
8.1.8.2 Configuration Data
SRP adds IPSec configuration data using the ipsec_config utility. IPSec adds the data to the IPSec
database, /var/adm/ipsec/config.db. To view the contents of the IPSec database, use the
ipsec_config or the ipsec_report utility. To modify the contents of the IPSec database, you
must use the ipsec_config utility.
SRP adds the following IPSec configuration data:
A host IPSec policy
The host policy specifies encryption and authentication using the specified transform between
the specified remote IP address and the local (compartment) address. The default HP-UX IPSec
values are used for all other parameters.
An Internet Key Exchange (IKE) policy
The IKE policy specifies parameters used to establish an IKE security association with the
specified remote IP address. The authentication method is PSK (preshared key). The default
HP-UX IPSec values are used for all other parameters.
An authentication record