HP-UX IPSec version A.02.00 Administrator's Guide
Configuring HP-UX IPSec
Step 4: Configuring Preshared Keys Using Authentication Records
Chapter 3 97
• nocommit (verify the syntax but do not commit the information to the
database)
• profile (alternate profile file)
• ltype and lid (local ID type and value)
• rtype and rid (remote ID type and value)
Refer to the ipsec_config (1M) manpage for full syntax information.
auth_name
The
auth_name
user-defined name for the authentication record. This
name must be unique for each record and is case-sensitive.
Acceptable Values: 1 - 63 characters. Each character must be an ASCII
alphanumeric character, hyphen (-), or underscore (_).
ip_addr
[/
prefix
]
The
ip_addr
and
prefix
are the IP address and network prefix length
that specifies the remote system or subnet for this record. Each
ip_addr
and
prefix
combination (the significant bits of
ip_addr
, as specified by
prefix
) must be unique.
If the remote system's IP address matches multiple IP address and prefix
combinations, HP-UX IPSec uses the authentication record with the
most specific address (longest prefix length).
Where:
ip_addr
The
ip_addr
is the remote IP address.
Acceptable Values: An IPv4 address in dotted-decimal notation or an
IPv6 address in colon-hexadecimal notation. The IP address type (IPv4
or IPv6) must be the same for the source and destination address.
HP-UX IPSec does not support unspecified IPv6 addresses. However, you
can use the double-colon (::) notation within a specified IPv6 address to
denote a number of zeros (0) within an address. The address cannot be a
broadcast, subnet broadcast, multicast, or anycast address.
Default: None.
prefix
The
prefix
is the prefix length, or the number of leading bits
that must match when comparing the remote IP address with
ip_addr
.