HP-UX IPSec version A.02.00 Administrator's Guide
Configuring HP-UX IPSec
Step 8: Committing the Batch File Configuration and Verifying Operation
Chapter 3106
ipsec_admin -status
You will see a display similar to the following:
----------------- IPSec Status Report -----------------
Time: Thu Dec 24 15:21:37 1998
secauditd program: Running and responding
secpolicyd program: Running and responding
ikmpd program: Running and responding
IPSec kernel: Up
IPSec Audit level: Error
IPSec Audit file:
/var/adm/ipsec/auditThu-Dec-24-15-21-49-1998.log
Max Audit file size: 100 KBytes
Level 4 tracing: None
-------------- End of IPSec Status Report -------------
During normal operation, the status of the secauditd, secpolicyd
and ikmpd programs will be Running and responding and the
status of the IPSec kernel will be Up.
5. Verify IPSec policies with Pass or Discard transforms.
To verify proper operation of IPSec policies with Pass or Discard
actions in the transform list, generate network traffic that matches
the IPSec policy packet filter or that matches the IPSec policy IP
address, port, and protocol parameters.
Enter the following command to determine the action taken by
HP-UX IPSec.
ipsec_report -cache
Search the command output for the entry with the matching source
and destination IP addresses, source and destination port numbers,
and protocol. Check the value of the Filter field. This is the action
taken by HP-UX IPSec. Match the transform configured for the
IPSec policy pass or discard).
For more information on the ipsec_report command, refer to the
ipsec_report (1M) manpage.
6. Verify host IPSec policies with AH or ESP transforms.
To verify proper operation of host IPSec policies with AH or ESP
transforms, generate network traffic that matches the IPSec policy
packet filter or that matches the IPSec policy IP address, port, and
protocol parameters.