HP-UX IPSec version A.02.01 Administrator's Guide
Troubleshooting HP-UX IPSec
Troubleshooting Scenarios
Chapter 7 213
Troubleshooting Scenarios
This section contains information about the following common
troubleshooting scenarios, including their symptoms and resolutions:
• “HP-UX IPSec Incorrectly Passes Packets” on page 213
• “HP-UX IPSec Incorrectly Attempts to Encrypt/Authenticate
Packets” on page 215
• “HP-UX IPSec Attempts to Encrypt/Authenticate and Fails” on
page 215
• “IKE SA Negotiation Fails (Phase 1 MM processing failed, Phase 1
AM processing failed)” on page 217
• “IKE SA Negotiation Times Out (Phase 1 Negotiation timed out)” on
page 218
• “IKE Primary Authentication Fails with Certificates” on page 219
• “IPsec SA Negotiation Fails (Quick Mode processing failed, QM
negotiation timeout)” on page 220
• “Manual Keys Fail” on page 221
• “HP-UX Will Not Start (ipsec_admin -start Fails)” on page 224
• “Corrupt or Missing Configuration Database” on page 225
• “Autoboot is Not Working Properly” on page 226
• “Security Policy Database Limit Exceeded (Kernel Policy Cache
Threshold reached or Kernel Policy Cache Threshold exceeded)” on
page 227
HP-UX IPSec Incorrectly Passes Packets
Problem
IPsec is incorrectly allowing packets to pass in clear text instead of
authenticating, encrypting, or discarding the packets.