HP-UX IPSec version A.02.00 Administrator's Guide
Configuring HP-UX IPSec
Chapter 358
This chapter describes how to configure HP-UX IPSec, including
preshared key configuration. If you are using RSA signature
authentication for IKE, you must also see Chapter 4, “Using Certificates
with HP-UX IPSec,” on page 113 for instructions on configuring
certificates. This chapter also describes how to maximize HP-UX IPSec
security and how to use the HP-UX IPSec configuration utility,
ipsec_config.
This chapter contains the following sections:
• “Maximizing Security” on page 59
• “Using ipsec_config” on page 61
• “Configuration Overview” on page 66
• “Step 1: Configuring Host IPSec Policies” on page 69
• “Step 2: Configuring Tunnel IPSec Policies” on page 81
• “Step 3: Configuring IKE Policies” on page 89
• “Step 4: Configuring Preshared Keys Using Authentication Records”
on page 95
• “Step 5: Configuring Certificates” on page 100
• “Step 6: Configuring the Bypass List (Local IPv4 Addresses)” on
page 101
• “Step 7: Verify Batch File Syntax” on page 104
• “Step 8: Committing the Batch File Configuration and Verifying
Operation” on page 105
• “Step 9: Configuring HP-UX IPSec to Start Automatically” on
page 109
• “Step 10: Creating Backup Copies of the Batch File and
Configuration Database” on page 111