HP-UX IPSec version A.02.00 Administrator's Guide
Migrating from Previous Versions of HP-UX IPSec
Post-Installation Migration Instructions
Appendix B
291
Post-Installation Migration Instructions
Configuration File
HP-UX IPSec version A.02.00 stores configuration data in a configuration database
instead of a policy file. To migrate a policy configuration file from an earlier version of
HP-UX IPSec to an A.02.00 configuration database, use the following procedure.
Step 1. Run the ipsec_migrate utility after you have installed HP-UX IPSec A.02.00. For
example:
/usr/sbin/ipsec_migrate -s
config_file
-d
new_config_file
Where:
config_file
is the name of the input policy file to migrate, such as
/var/adm/policies.txt.
new_config_file
is the name of the name of the output configuration database file.
The ipsec_migrate utility converts policy configuration files (such as
/var/adm/ipsec/policies.txt) created using versions prior to A.02.00 to
configuration database entries. For more information, refer to the ipsec_migrate (1M)
man page.
Step 2. After you have migrated the policy configuration file, copy it to the following location:
/var/adm/ipsec/config.db
Step 3. Examine the contents of the configuration database using the following command:
ipsec_config show all
Step 4. Modify the configuration database, if necessary, using the ipsec_config delete and
ipsec_config add commands. Refer to the ipsec_config (1M) man page for more
information.
Step 5. The ipsec_migrate utility does not configure the autoboot option. If you want HP-UX
IPSec to automatically start at system start-up time, use the following command to
enable the autoboot option:
ipsec_config add startup -autoboot on
Step 6. Start HP-UX IPSec:
ipsec_admin -start