HP-UX IPSec version A.02.01 Administrator's Guide
Configuring HP-UX IPSec
Step 1: Configuring Host IPsec Policies
Chapter 4 107
Specifying ICMPV6 affects only the following ICMPv6 messages: Echo
Request, Echo Reply, Mobile Prefix Solicitation, Mobile Prefix
Advertisement.
To ensure proper operation of IPv6 networks, HP-UX IPSec always
allows all ICMPv6 messages not listed above to pass in clear text
Acceptable Values: Integer value 0 (any protocol) - 255, or one of the
following protocol names:
TCP
UDP
ICMP
ICMPV6
IGMP
MH (Mobile IPv6 Mobility Headers)
ALL (any protocol)
The protocols ICMP and IGMP are valid with IPv4 addresses only. The
protocols ICMPV6 and MH are valid with IPv6 addresses only.
The
protocol_id
must be TCP or UDP if
port
is non-zero.
Default: ALL.
CAUTION Discarding or requiring ICMP messages for IPv4 (protocol value 1) to be
encrypted or authenticated may cause connectivity problems. See
Appendix A, “IPv4 ICMP Messages” on page 234 for more information.
-priority
priority_number
The
priority_number
is the priority value HP-UX IPSec uses when
selecting a host IPsec policy (a lower priority value has a higher priority).
The priority must be unique for each host IPsec policy.
Range: 1 - 2147483647.
Default: If you do not specify a priority, ipsec_config assigns a priority
value that is set to the current highest priority value (lowest priority) for
host IPsec policies in the configuration data base, incremented by the
automatic priority increment value (priority parameter) for host IPsec
policies specified in the HostPolicy-Defaults section of the profile file
(this policy will be the last policy evaluated before the default policy).
The default automatic priority increment value (priority) is 10.