HP-UX IPSec version A.02.00 Administrator's Guide
HP-UX IPSec and HP-UX Mobile IPv6
Batch File Template
Chapter 7 233
# multicast group membership control protocols, the IPSec implementation
# MUST support payload protection, but using it is not mandatory.
#
# Configure two gateway IPSec policies for each Mobile Node.
# Configure one tunnel IPSec policy for each Mobile Node.
###############################################################################
#####################################################################
# Gateway policy for payload HA <-> CN data path.
# Configure one for each Mobile Node.
# The priority_number must be greater (lower priority) than
# the policy for the Home Test/Home Test Init HA <-> CN data path.
#####################################################################
add gateway gwy_policy_name \
-source <mn_home_addr> \
-destination <cn_addr> \
-protocol ALL [-priority <priority_number>] \
-action FORWARD -flags MIPV6
#####################################################################
# Gateway policy for payload HA <-> MN data path.
# Configure one for each Mobile Node.
# The priority_number must be greater (lower priority) than
# the policy for the Home Test/Home Test Init HA <-> MN data path.
#####################################################################
add gateway gwy_policy_name \
-source <cn_addr> \
-destination <mn_home_addr> \
-protocol ALL [-priority <priority_number>] -tunnel mipv6_tunnel_name \
-flags MIPV6 \ [-homeclear <interface_name>]
#####################################################################
# Tunnel policy for payload HA <-> MN tunnel.
# Configure one for each Mobile Node.
#####################################################################
add tunnel tunnel_policy_name \
-tsource <home_agent_addr> \
-tdestination <mn_home_addr> \
-source <cn_addr> \
-destination <mn_home_addr> \
-protocol ALL \
-action <transform_name> \
-in <manual_key_sa_specification> \
-out <manual_key_sa_specification>