HP-UX IPSec version A.02.01 Administrator's Guide
Configuring HP-UX IPSec
Step 4: Configuring Preshared Keys Using Authentication Records
Chapter 4130
ipsec_config add auth Syntax for Preshared Keys
without ID Information
You can use the following ipsec_config add auth syntax to configure
preshared keys without ID information in most installations:
ipsec_config add auth
auth_name
-remote
ip_addr
[/
prefix
] -preshared
preshared_key
HP recommends that you use an ipsec_config batch file to configure
HP-UX IPSec. To specify an add auth operation for an ipsec_config
batch file, use the above syntax without the ipsec_config command
name:
add auth
auth_name
-remote
ip_addr
[/
prefix
]
-preshared
preshared_key
The complete ipsec_config add auth syntax specification also allows
you to specify the following arguments:
• nocommit (verify the syntax but do not commit the information to the
database)
• profile (alternate profile file)
• exchange (exchange mode; if you do not configure ID information,
you must use Main Mode, which is the default)
• ltype and lid (local ID type and value)
• rtype and rid (remote ID type and value)
Refer to the ipsec_config_add (1M) manpage for complete syntax
information.
auth_name
The
auth_name
user-defined name for the authentication record. This
name must be unique for each record and is case-sensitive.
Acceptable Values: 1 - 63 characters. Each character must be an ASCII
alphanumeric character, hyphen (-), or underscore (_).