HP-UX IPSec version A.02.00 Administrator's Guide
HP-UX IPSec and MC/ServiceGuard
Step 2: Configuring HP-UX Host IPSec Policies for MC/ServiceGuard
Chapter 8 247
subnet. For example, you could replace the policies for the first three
address pairs in the above table with one host IPSec policy that has the
following filter:
Configuring Host IPSec Policies for MC/ServiceGuard
Quorum Server
If you are using a Quorum Server for the MC/ServiceGuard cluster,
configure HP-UX IPSec so it does not discard packets listed in the
sections below.
Cluster Node IPSec Policies for Quorum Server
For each cluster node, configure host IPSec policies so HP-UX IPSec does
not discard (the transform list contains any transform except DISCARD)
the packets listed below. If HP-UX IPSec is not installed on the Quorum
Server, configure PASS host IPSec policies for these packets.
Source IP
Address/
Prefix
Destination
IP Address/
Prefix
Protocol
Source
Port
Destination
Port
10.0.0.0/8 10.0.0.0/8 ALL 0 0
Source IP
Address
Destination
IP Address
Protocol
Source
Port
Destination
Port
cluster node
address (or
wildcard)
Quorum
Server
address
TCP 0 1238