HP-UX IPSec version A.02.00 manpages

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software

ipsec_conﬁg(1M) ipsec_conﬁg(1M)

IPSEC_CONFIG COMMAND

Name

show - displays gateway IPSec, host IPSec, and IKE policies in descending priority order

Synopsis

ipsec_config show all

ipsec_config show auth

[auth_name ]

ipsec_config show bypass

|bp

[ip_address ]

ipsec_config show gateway

|gwy

[gw_policy_name]

ipsec_config show host

[host _p ol i cy_na me]

ipsec_config show ike

[ike_policy_name]

ipsec_config show start

[up

]

ipsec_config show tun

[nel

][tunne l_policy_name

]

Description

The ipsec_config show

command displays gateway IPSec, host IPSec, and IKE policies in descend-

ing priority order (highest priority to lowest, or lowest priority number to highest priority number).

The

ipsec_config show all command displays all conﬁguration objects in the database.

Options and Operands

The

ipsec_config show

command recognizes the following options and operands:

auth_name

Speciﬁes the name of the authentication record to display. If you do not specify

auth_name ,

ipsec_config displays all authentication records.

ip_address

Speciﬁes the IPv4 address of the bypass list entry to display. If you do not specify

ip_address ,

ipsec_config displays all entries in the bypass list.

gw_policy_name

Speciﬁes the name of the gateway IPSec policy to display. If you do not specify

gw_policy_name,

ipsec_config displays all gateway IPSec policies.

host_pol i cy_na me

Speciﬁes the name of the host IPSec policy to display. If you do not specify

host_pol i cy_na me,

ipsec_config

displays all host IPSec policies.

ike_policy_name

Speciﬁes the name of the IKE policy to display. If you do not specify ike_policy_name,

ipsec_config

displays all IKE host policies.

tunnel_pol icy_name

Speciﬁes the name of the tunnel IPSec policy to display. If you do not specify

tunnel_pol icy_name,

ipsec_config displays all tunnel IPSec policies.

Examples

The following command displays the IPSec host policy named

telnet_in

ipsec_config show host telnet_in

The following command displays all conﬁguration objects in the database.

ipsec_config show all

EXAMPLES

You have two systems, Apple (10.1.1.1) and Banana (10.2.2.2). Apple and Banana are not mul-

tihomed. You want to secure all telnet packets between the two systems using ESP with AES, authenti-

cated with SHA-1. This is a private network, and you will allow all other packets to pass in clear text.

On Apple, you conﬁgure:

• two host IPSec policies

• one IKE policy

HP-UX IPSec A.02.00 − 29 − Hewlett-Packard Company 33