HP-UX IPSec A.02.01 Release Notes
HP-UX IPSec Release Notes
Post-Installation Migration Instructions
Chapter 1 13
Post-Installation Migration Instructions
Configuration File
Beginning with version A.02.00, HP-UX IPSec stores configuration data in a configuration
database instead of a policy file. To migrate a policy configuration file from an earlier version
of HP-UX IPSec to a configuration database, use the following procedure.
Step 1. Run the ipsec_migrate utility after you have installed HP-UX IPSec A.02.01. For
example:
/usr/sbin/ipsec_migrate [-p
policy_file
]
Where:
policy_file
is the optional name of the input policy file to migrate, such as
/var/adm/policies.txt. Use this option when migrating a policy file from an
HP-UX IPSec version prior to A.02.00. The ipsec_migrate utility will convert the
policy file to a configuration database file and save it in
/var/adm/ipsec/config.db.
If you are migrating from HP-UX IPSec version A.02.00 or A.02.00.01, the
ipsec_migrate utility checks the /var/adm/ipsec/config.db and
/var/adm/ipsec/cainfo.txt files and updates them if needed. Before updating a
file, ipsec_migrate creates a backup copy and saves it in the file
/var/adm/ipsec/backup/config.db.
timestamp
or
/var/adm/ipsec/backup/cainfo.txt.
timestamp
, as applicable. The
ipsec_migrate utility saves updated files in the appropriate locations
(/var/adm/ipsec/config.db and /var/adm/ipsec/cainfo.txt). For more
information, refer to the ipsec_migrate (1M) man page.
Step 2. Examine the contents of the configuration database using the following command:
ipsec_config show all
Step 3. Modify the configuration database, if necessary, using the ipsec_config delete
and ipsec_config add commands. Refer to the ipsec_config (1M) man page for
more information.
Step 4. The ipsec_migrate utility does not configure the autoboot option. If you want
HP-UX IPSec to automatically start at system start-up time, use the following
command to enable the autoboot option: