Manualshelf

HP-UX IPSec version A.02.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software
141142143144145146147148149150
Configuring HP-UX IPSec
Step 6: Configuring the Bypass List (Local IP Addresses)
Chapter 4142
The complete ipsec_config add bypass syntax also allows you to
specify the nocommit argument (verify the syntax but do not commit the
information to the database).
Refer to the ipsec_config_add (1M) manpage for complete syntax
information.
ip_address
The
ip_address
is the IP address to bypass. This can be a virtual IP
address (a secondary IP address configured for an interface, such as an
address configured for lan0:1).
An entry in the bypass interface list affects only the logical interface for
the IP address, not all logical interfaces for the physical interface
(network card).
Default: None.
Bypass Configuration Example
The system has two physical interfaces, both connected to secure,
internal networks. You want to use HP-UX IPSec to encrypt traffic on
one interface, but disable HP-UX IPSec on the second interface, 12.1.1.1.
The following batch file entry configures an entry in the bypass list for
address 12.1.1.1.
-add bypass 12.1.1.1