Manualshelf

HP-UX IPSec version A.02.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software
161162163164165166167168169170
Troubleshooting HP-UX IPSec
Troubleshooting Procedures
Chapter 5160
Troubleshooting Procedures
This section describes the following troubleshooting procedures:
“Checking Status” on page 160
“Isolating HP-UX IPSec Problems from Upper-layer Problems” on
page 162
Checking Policy Configuration” on page 163
“Isolating HP-UX IPSec Problems from Upper-layer Problems” on
page 162
Checking Policy Configuration” on page 163
“Configuring HP-UX IPSec Auditingon page 164
Checking Status
HP-UX IPSec has five main modules:
IKE (ISAKMP/Oakley) daemon (ikmpd)
Policy daemon (secpolicyd)
Audit daemon (secauditd)
Kernel Policy engine
Kernel Security Association engine
The following command verifies the status of these modules:
ipsec_admin -status
This command sends status check messages to the IPSec daemons and
checks kernel parameters to see if the kernel IPSec components are
enabled.
You can also use the following command to get status information:
ipsec_report -all [-file
filename
]
This command will show some HP-UX IPSec activity even if there is no
peer system running HP-UX IPSec. The -file option saves the output to
the specified filename. This command performs the following tasks: