HP-UX IPSec version A.02.01 Administrator's Guide
Using Certificates with HP-UX IPSec
Step 4: Configuring Authentication Records with IKE IDs
Chapter 5 165
ipsec_config add auth
auth_name
-remote
ip_addr
[/
prefix
] [-exchange|x AM|MM]
[-ltype local_id_type] [-lid local_id]
[-rtype remote_id_type] [-rid remote_id]
HP recommends that you use an ipsec_config batch file to configure
HP-UX IPSec. To specify an add auth operation for an ipsec_config
batch file, use the above syntax without the ipsec_config command
name:
add auth
auth_name
-remote
ip_addr
[/
prefix
] [-exchange|x AM|MM]
[-ltype local_id_type] [-lid local_id]
[-rtype remote_id_type] [-rid remote_id]
The complete ipsec_config add auth syntax specification also allows
you to specify the following arguments:
• nocommit (verify the syntax but do not commit the information to the
database)
• profile (alternate profile file)
• preshared (preshared key)
Refer to the ipsec_config_add (1M) manpage for complete syntax
information.
auth_name
The user-defined name for the authentication record. This name must be
unique for each record and is case-sensitive.
Acceptable Values: 1 - 63 characters. Each character must be an ASCII
alphanumeric character, hyphen (-), or underscore (_).
-remote
ip_addr
[/
prefix
]
The IP address and network prefix length that specifies the remote
system or subnet for this record. Each
ip_addr
and
prefix
combination
(the significant bits of
ip_addr
, as specified by
prefix
) must be unique.
If the remote system's IP address matches multiple IP address and prefix
combinations, HP-UX IPSec uses the authentication record with the
most specific address (longest prefix length).
Where: