HP-UX IPSec version A.02.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software

251

252

253

254

255

256

257

258

259

260

HP-UX IPSec and MC/ServiceGuard

Step 2: Configuring HP-UX Host IPSec Policies for MC/ServiceGuard

Chapter 8 251

packets listed below, however, HP recommends that you do not allow the

packets to pass in clear text. For more information, see “Maximizing

Security” on page 59.

For remote execution of the cmscancl command, HP-UX IPSec must not

discard the following packets:

Configuring Host IPSec Policies for ServiceGuard

Manager

If you using ServiceGuard Manager, you must configure HP-UX IPSec so

it does not discard SNMP traffic between cluster nodes and the

ServiceGuard Manager system. Configure HP-UX IPSec so it does not

discard packets listed in the sections below.

Source IP

Address

Destination

IP Address

Protocol

Source

Port

Destination

Port

remote

command

client address

(or wildcard)

cluster node

address

TCP 0 0

Source IP

Address

Destination

IP Address

Protocol

Source

Port

Destination

Port

remote

command

client address

(or wildcard)

cluster node

address

TCP 0 514