HP-UX IPSec version A.02.00 Administrator's Guide
HP-UX IPSec Configuration Examples
Example 1: telnet Between Two Systems
Appendix C296
Apple Configuration
Host IPSec Policies
On Apple, you configure two host IPSec policies. The first host IPSec
policy (telnetAB) is for outbound telnet requests from Apple to Banana
(users on Apple using the telnet service to Banana). Note that since the
telnet clients on Apple may use any non-reserved TCP port number,
you do not specify a port number in the source address.
Figure C-1 Example 1: telnet AB
The second host IPSec policy (telnetBA) is for inbound telnet requests
from Banana to Apple (users on Banana using the telnet service to
Apple). Since the telnet clients on Banana may use any non-reserved
TCP port number, do not specify a port number in the destination
address.
Figure C-2 Example 1: telnet BA
By default, the default host IPSec policy allows all other traffic to pass
in clear text. Apple and Banana are on an isolated LAN, so this “open”
policy is not a security risk. The ipsec_config batch file entries are
listed below:
banana
apple
telnet client
(port varies)
telnetd
(always port 23)
“telnet banana”
bananaapple
telnetd
(port 23)
telnet client
(port varies)
“telnet apple”