HP-UX IPSec version A.02.00 Administrator's Guide
HP-UX IPSec and HP-UX Mobile IPv6
Step 2: (Recommended) Securing Return Routability Messages Routed Through the Home Agent
Chapter 7216
gwy_policy_name
The
gwy_policy_name
is the user-defined name for
the gateway IPSec policy. The
gwy_policy_name
must be unique for
each gateway IPSec policy and is case-sensitive. The name must be 1 - 63
characters. Each character must be an ASCII alphanumeric character,
hyphen (-), or underscore (_).
-source
mn_home_addr
The
mn_home_addr
is the Mobile Node’s home
address.
-destination
cn_addr
The
cn_addr
is the Correspondent Node’s
address. In many cases, there will be a large number of possible
Correspondent Nodes and you may want to use the IPv6 wildcard
address instead (0::0).
-protocol MH The protocol must be MH (Mobile IPv6 Mobility Headers).
-priority
priority_number
The
priority_value
is the priority
value HP-UX IPSec uses when selecting a gateway IPSec policy (a lower
priority value has a higher priority). The priority must be unique for
each gateway IPSec policy. The range is 1 - 2147483647.
-flags MIPV6 The flags must include MIPV6.
Step 2B: Return Routability Messages: Configuring
the Gateway IPSec Policy for Home Agent - Mobile
Node Segments
The second gateway IPSec policy is for the tunneled data path between
the Home Agent and the Mobile Node (data path 2B in Figure 7-5). The
source and destination address specifications are relative to the packets
forwarded by the local node, which is the Home Agent: the source is the
Correspondent Node address (or an IPv6 wildcard address) and the
destination is the Mobile Node’s home address.
Syntax
The syntax is the same as the syntax in the previous section (Step 2A:
Return Routability Messages: Configuring the Gateway IPSec Policy for
Home Agent - Correspondent Node Segments), with the following
differences:
• The source and destination addresses are swapped