HP-UX IPSec version A.02.00 Administrator's Guide
HP-UX IPSec and HP-UX Mobile IPv6
Step 2: (Recommended) Securing Return Routability Messages Routed Through the Home Agent
Chapter 7 217
• You must specify the name of the tunnel policy between the Home
Agent and the Mobile Node for Return Routability packets
(
rr_tunnel_name
). You configure this tunnel in the next section
(Step 2C: Return Routability Messages: Configuring the Home Agent
- Mobile Node Tunnel).
ipsec_config add gateway
gwy_policy_name
-source
cn_addr
-destination
mn_home_addr
-protocol MH [-priority
priority_number
]
-tunnel
rr_tunnel_name
-action FORWARD -flags MIPV6
gwy_policy_name
The
gwy_policy_name
is the user-defined name for
the gateway IPSec policy. The
gwy_policy_name
must be unique for
each gateway IPSec policy and is case-sensitive. The name must be 1 - 63
characters. Each character must be an ASCII alphanumeric character,
hyphen (-), or underscore (_).
-source
cn_addr
The
cn_addr
is the Correspondent Node’s address. In
many cases, there will be a large number of possible Correspondent
Nodes and you may want to use the IPv6 wildcard address instead
(0::0).
-destination
mn_home_addr
The
mn_home_addr
is the Mobile Node’s
home address.
-protocol MH The protocol must be MH (Mobile IPv6 Mobility Headers).
-priority
priority_number
The
priority_number
is the priority
value HP-UX IPSec uses when selecting a gateway IPSec policy (a lower
priority value has a higher priority). The priority must be unique for
each gateway IPSec policy. The range is 1 - 2147483647.
-tunnel
rr_tunnel_name
The
rr_tunnel_name
is the name of the tunnel policy that defines the
tunnel between the Mobile Node and the Home Agent, as configured in
the following section, Step 2C: Return Routability Messages: Configuring
the Home Agent - Mobile Node Tunnel.
-action FORWARD The action must be FORWARD.
-flags MIPV6 The flags must include MIPV6.