HP-UX IPSec version A.02.00 manpages
ipsec_config(1M) ipsec_config(1M)
NAME
ipsec_config - add, delete, and show HP-UX IPSec configuration objects in the HP-UX IPSec configuration
database
SYNOPSIS
ipsec_config add
object_type argument_list
ipsec_config batch
argument_list
ipsec_config delete
object_type argument_list
ipsec_config help
[operation [object_type ]]
ipsec_config show
object_type argument_list
DESCRIPTION
The
ipsec_config
command adds, deletes and shows HP-UX IPSec configuration objects in the HP-
UX IPSec configuration database,
/var/adm/ipsec/config.db
. If HP-UX IPSec is active and run-
ning,
ipsec_config
also updates the HP-UX runtime IPSec policy database and runtime IKE informa-
tion (IKE policies and authentication records).
You must be superuser to run ipsec_config
.
Use the
ipsec_mgr utility to import and configure security certificates for HP-UX IPSec.
The
ipsec_config utility can operate in command-line mode or batch mode. In command-line mode,
ipsec_config reads all input from the command line. In batch mode,
ipsec_config reads add and
delete operations from a file. Batch mode allows administrators to add and delete multiple configuration
objects in one operation. HP-UX IPSec processes the operations in a batch file as a group. Batch mode is
useful if you are adding or deleting configuration records that may affect other records.
HP recommends that you use a batch file to add configuration information. A batch file provides a per-
manent record of the configuration data and can be used to re-create the configuration database.
Separate
ipsec_config command arguments using white spaces (blanks, tabs or newlines). Use a
backslash ( line continuation character to continue command input on subsequent lines.
Operations and Object Types
The
ipsec_config command supports the following operations:
add
object_t ype
batch
delete
object_t ype
help
show object_t ype
object_type can be one of the following:
auth Authentication records, which specify Internet Key Exchange (IKE) identity infor-
mation and preshared keys.
bypass Bypass addresses.
gateway Gateway IPSec policies, which specify HP-UX IPSec behavior for processing IP
packets when the local system is a gateway. Use this option only when the local
system is an HP-UX Mobile IPv6 Home Agent.
host Host IPSec policies, which specify HP-UX IPSec behavior for processing IP packets
when the local system is an end host.
ike IKE policies
startup Start-up options.
tunnel Tunnel IPSec policies, which specify IPSec tunnel transform parameters.
IPSEC_CONFIG COMMAND
Name
add auth - configure authentication records, which specify IKE identity and preshared keys
HP-UX IPSec A.02.00 − 1 − Hewlett-Packard Company 5