Manualshelf

Configuring Microsoft Windows IP Security to Operate with HP-UX IPSec

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software
11121314151617181920
The IP Security configuration utility opens a Filter Properties dialog box.
2. Select the Addressing tab in the Filter Properties dialog box. Use the drop-down menus to
specify the address types for the source and destination addresses. The selections are:
My IP Address
1
Any IP Address
A specific DNS Name
A specific IP Address
A specific IP Subnet
Enter the source and destination IP addresses or DNS names for the filter. If you selected A
specific IP Subnet, enter the subnet mask.
WARNING! Be careful when configuring filters that affect packets required for basic
network operation, such as packets exchanged with DNS servers and ICMP packets
exchanged with routers. If you configure a policy that requires IP Security for these packets
and the remote node does not support IP Security, your system can lose network functionality.
Leave the Mirrored check box selected, which creates a bi-directional filter that applies to
packets to and from the destination system. See “Mirrored Filters” (page 41) for more
information about mirrored filters.
In Figure 5, the administrator specifies an address filter with the Windows system address
(10.1.1.1) as the source address and the HP-UX system address (10.2.2.2) as the destination
address. The Mirrored check box is selected, so the address filter also matches packets from
the HP-UX system.
Figure 5 Address Tab for Filter Properties
3. Select the Protocol tab in the Filter Properties dialog box. By default, the filter applies to all
protocol types. Select the protocol type (for example, TCP) from the drop-down box. If you
select TCP or UDP, you can also specify the From (source) port and To (destination) port.
Click OK to return to the Filter Properties dialog box.
1. HP-UX did not test the My IP Address selection with multihomed Windows systems. However, the Windows
documentation states that in a multi-homed system, My IP Address matches every IP address on the system.
Configuring a Windows Host-to-Host Policy 19