Configuring Microsoft Windows IP Security to Operate with HP-UX IPSec
4. From the IP Filter List dialog box, you can add another filter to the filter list by clicking the
Add button.
Click OK in the IP Filter List dialog box to return to the IP Filter List tab in the Rule Properties
dialog box.
5. Add the filter list to the rule by selecting the option button for the filter list you just created.
In Figure 7, the administrator added the filter list foo for the rule.
Figure 7 Selecting the Filter List for a Rule
Step 5: Configuring Filter Actions for the Rule
The filter action specifies the action to take for the rule, such as allow (pass), block (discard), or
negotiate security (negotiate IPsec AH or ESP Security Associations). If you select negotiate
security, the filter action also specifies parameters for IPsec Security Association (SA) proposals:
ESP or AH transforms and IPSec SA key lifetimes. A rule can have only one filter action, but the
filter action can specify multiple IPsec SA proposals. You can specify the order for the IPsec SA
proposals.
The filter actions you configure in the Windows IP Security rule must be compatible with the
value or values specified for the -action argument in the HP-UX ipsec_config add host
or add tunnel command.
Use the following procedure to configure filter actions:
1. Select the Filter Action tab from the Rule Properties dialog box.
The Filter Action tab shows a list of filter actions already defined for IP Security. In this
procedure, we will create a new filter action.
Clear the Use Add Wizard check box if it is selected and click Add.
2. The IP Security configuration utility opens the Filter Action Properties dialog box with the
following tabs:
Configuring a Windows Host-to-Host Policy 21