Manualshelf

HP-UX IPSec A.02.01.01 Release Notes for HP-UX 11i v1 | HP-UX 11i v2, Update 2

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software
9101112131415161718
Migrating from Versions A.01.03 - A.01.05
To migrate from HP-UX IPSec version A.01.03, A.01.04, or A.01.05 and reuse configuration data,
you must migrate in a step-wise manner, as follows:
1. Migrate from A.01.03, A.01.04, or A.01.05 to A.01.07.
2. Migrate from A.01.07 to A.02.01.01.
Use the following migration procedure:
1. If you are migrating from HP-UX IPSec version A.01.03 (or lower), check if you are using
any transforms with the MD5 algorithm. If you are, you must migrate all HP-UX IPSec
systems using releases A.01.03 or lower to a version that is A.01.04 or higher (such as
A.02.01.01 or A.01.07) at the same time. See “Migrating A.01.01 - A.01.03 MD5 Transforms”
(page 17) for more information.
2. Stop HP-UX IPSec by entering the ipsec_admin -stop command.
3. Install HP-UX IPSec A.01.07 and run the A.01.07 version of the ipsec_migrate utility.
Refer to the HP-UX IPSec A.01.07 Release Note (J4256–90006).
Note that on HP-UX 11i v1 systems, HP-UX IPSec A.01.07 is not compatible with TOUR or
software releases that incorporate TOUR functionality.
If you do not want to install HP-UX IPSec A.01.07, you can skip this step. However, the IKE
policy rules in your configuration database will not be included in the migrated configuration
data and you must re-configure your IKE rules.
4. Install HP-UX IPSec A.02.01.01.
5. Complete the following tasks after installing A.02.01.01:
Run the A.02.01.01 version of the ipsec_migrate utility. See “Using ipsec_migrate”
(page 15).
If you want to use the autoboot feature to automatically start HP-UX IPSec at system
boot-up time, enter the following command:
ipsec_config add startup -autoboot ON
If you are using security certificates, modify the CRL retrieval method. See “Modifying
the Baltimore CRL Retrieval Method” (page 16) or “Modifying the VeriSign CRL
Retrieval Method” (page 16).
Migrating from Versions A.01.01 - A.01.02
To migrate from version A.01.01 or A.01.02 to A.02.01.01 and reuse configuration data, you must
migrate in a step-wise manner, as follows:
1. Migrate from A.01.01 or A.01.02 to A.01.05.
2. Migrate from A.01.05 to A.01.07.
3. Migrate from A.01.07 to A.02.01.01.
Use the following migration procedures:
1. Migrate to HP-UX IPSec version A.01.05, as described in “Migrating from Versions A.01.01
and A.01.02 to Version A.01.05 (page 17) .
2. Migrate from HP-UX IPSec A.01.05 to A.02.01.01, as described in “Migrating from Versions
A.01.03 - A.01.05 (page 14). In this procedure, you must migrate to HP-UX IPSec A.01.07
before migrating to HP-UX IPSec A.02.01.01 if you want to reuse your configuration data,
including IKE (ISAKMP) configuration rules. If you do not want to reuse your IKE
configuration rules, you do not have to migrate to HP-UX IPSec A.01.07 before installing
HP-UX IPSec A.02.01.01.
14