HP-UX IPSec version A.02.00 Administrator's Guide
Troubleshooting HP-UX IPSec
Troubleshooting Scenarios
Chapter 5 183
Corrupt or Missing Configuration Database
Problem
The configuration database file (/var/adm/ipsec/config.db) is corrupt
or missing.
Symptoms
The symptom vary according to when the problem is detected. HP-UX
IPSec modules will log error messages to the audit log file and user
utilities will also display the error messages to stdout.
If ipsec_admin detects the problem (for example, when the user is
executing the ipsec_admin -start command), ipsec_admin logs and
displays one of the following messages:
IPSEC_ADMIN: ERROR-reads a DB config which is invalid
IPSEC_ADMIN: ERROR-Configuration database open failed:
reason
If ipsec_config detects the problem, ipsec_config logs and displays a
message similar to one of the following messages:
“Internal Database error. Please contact HP!”
“DB Exception: /var/adm/ipsec/config.db, line
n
, Func
name”
“DB Exception: /var/adm/ipsec/config.db, line
n
, Info 0x
hhh”
If the policy daemon detects that configuration database is corrupted, the
policy daemon logs an error message similar to the following:
Msg: 413 From: SECPOLICYD Lvl: ERROR Date: Sun May 09
10:21:32 2004
Event: /var/adm/ipsec/config.db file is corrupt.
Solution
Re-create or restore the configuration database file
(/var/adm/ipsec/config.db). There are two methods to do this:
• Use the migration utility, ipsec_migrate. You can use this method
if you still have a configuration file from a previous release (such as
/var/adm/ipsec/policies.txt).