HP-UX IPSec version A.02.01 Administrator's Guide
Configuring HP-UX IPSec
Step 4: Configuring Preshared Keys Using Authentication Records
Chapter 4138
-rtype
remote_id_type
and -rid
remote_id
The
remote_id_type
and
local_id
are used to verify the ID type and
ID value sent by the remote system when negotiating a IKE SA. This
must match what is configured on the remote system.
You do not have to the remote ID type and value if the remote system is
an HP-UX system or a non-HP system that uses IPv4 or IPv6 addresses
as the ID type, and is not multihomed.
Acceptable Values: Table 4-4 on page 136 lists the valid ID types and
corresponding ID values.
Defaults: The
remote_id_type
and
remote_id
arguments are required
if the IKE exchange mode is Aggressive Mode (-exchange AM).
Otherwise, if
remote_id_type
and
remote_id
are not specified, HP-UX
uses the IP address of the remote system, from the source address of the
inbound IP packets and the corresponding ID type (IPV4 or IPV6).
preshared_key
The
preshared_key
is the preshared key used for IKE authentication.
This must match the preshared key configured on the remote system.
Acceptable Values: A text string, containing 1 - 128 ASCII characters.
White spaces are not allowed. You must quote shell special characters if
you are using the command-line interface; do not quote them if you are
using a batch file.
Default: None.
Authentication Record Configuration Examples
The following batch file entry configures an authentication record for
preshared key authentication for a remote system that has the address
10.2.2.2:
add auth -remote 10.2.2.2 -preshared my_hostA_hostB_key
The following batch file entries configure authentication records with
preshared key authentication for a remote multihomed HP-UX IPSec
system, with addresses 10.8.8.8 and 11.8.8.8.
add auth -remote 10.8.8.8 -preshared my_hostA_hostX_key
add auth -remote 11.8.8.8 -preshared my_hostA_hostX_key