HP-UX IPSec version A.02.00 Administrator's Guide
Troubleshooting HP-UX IPSec
Troubleshooting Scenarios
Chapter 5170
Troubleshooting Scenarios
This section contains information about the following common
troubleshooting scenarios, including their symptoms and resolutions:
• “HP-UX IPSec Incorrectly Passes Packets” on page 170
• “HP-UX IPSec Incorrectly Attempts to Encrypt/Authenticate
Packets” on page 172
• “HP-UX IPSec Attempts to Encrypt/Authenticate and Fails” on
page 172
• “ISAKMP/MM SA Negotiation Fails (Main Mode processing failed,
MM negotiation timeout)” on page 174
• “ISAKMP Primary Authentication with Preshared Key Fails” on
page 176
• “ISAKMP Primary Authentication Fails with Certificates” on
page 176
• “ISAKMP/MM SA Negotiation Succeeded, IPSec/QM SA Negotiation
Fails (Quick Mode processing failed, QM negotiation timeout)” on
page 177
• “Manual Keys Fail” on page 178
• “HP-UX Will Not Start (ipsec_admin -start Fails)” on page 181
• “Corrupt or Missing Configuration Database” on page 183
• “Autoboot is Not Working Properly” on page 185
• “Administrator Cannot Get a Local VeriSign Certificate” on page 185
• “Security Policy Database Limit Exceeded (Kernel Policy Cache
Threshold reached or Kernel Policy Cache Threshold exceeded)” on
page 187
HP-UX IPSec Incorrectly Passes Packets
Problem
IPSec is incorrectly allowing packets to pass in clear text instead of
authenticating, encrypting, or discarding the packets.