HP-UX IPSec version A.02.01 Administrator's Guide

Troubleshooting HP-UX IPSec

Chapter 7190

This chapter describes procedures for troubleshooting HP-UX IPSec

software.

It contains the following sections:

• “IPsec Operation” on page 191

• “Troubleshooting Utilities Overview” on page 198

• “Troubleshooting Procedures” on page 203

• “Reporting Problems” on page 211

• “Troubleshooting Scenarios” on page 213. This section describes the

following problems and how to resolve them:

— “HP-UX IPSec Incorrectly Passes Packets” on page 213

— “HP-UX IPSec Incorrectly Attempts to Encrypt/Authenticate

Packets” on page 215

— “HP-UX IPSec Attempts to Encrypt/Authenticate and Fails” on

page 215

— “IKE SA Negotiation Fails (Phase 1 MM processing failed, Phase

1 AM processing failed)” on page 217

— “IKE SA Negotiation Times Out (Phase 1 Negotiation timed out)”

on page 218

— “IKE Primary Authentication Fails with Certificates” on

page 219

— “IPsec SA Negotiation Fails (Quick Mode processing failed, QM

negotiation timeout)” on page 220

— “Manual Keys Fail” on page 221

— “HP-UX Will Not Start (ipsec_admin -start Fails)” on page 224

— “Corrupt or Missing Configuration Database” on page 225

— “Autoboot is Not Working Properly” on page 226

— “Security Policy Database Limit Exceeded (Kernel Policy Cache

Threshold reached or Kernel Policy Cache Threshold exceeded)”

on page 227