HP-UX IPSec version A.02.01 Administrator's Guide
Troubleshooting HP-UX IPSec
Troubleshooting Scenarios
Chapter 7224
Msg: 67 From: SECPOLICYD Lvl: WARNING Date: Thu Jun 10
13:43:07 2004
Event: No SPI for received packet - SPI: hhhh IP addr:
10.1.1.1-10.2.2.2 proto: 50
The above entry indicates mis-matched SPI numbers. Verify the SPI
numbers configured on the remote system. The inbound SPI on the
local system must match the outbound SPI on the remote system,
and the outbound SPI on the local system must match the inbound
SPI on the remote system.
HP-UX Will Not Start (ipsec_admin -start Fails)
Problem
HP-UX IPSec will not start.
Symptoms
The ipsec_admin -start command fails. The ipsec_admin utility
returns one of the following messages:
IPSEC_ADMIN: Failed to read IPsec admin file, error: %
nn
.
Did you set the password with -np?
IPSEC_ADMIN: Failed to open IPsec admin file, error: %
nn
.
Did you set the password with -np?
IPSEC_ADMIN: ERROR-read_admin_info(): Failed to verify ipsec
password.
IPSEC_ADMIN: ERROR-reads a DB config which is invalid
IPSEC_ADMIN: ERROR-Configuration database open failed:
reason
Solution
If ipsec_admin returns the message Failed to read IPsec admin
file, error: %
nn
. Did you set the password with -np? or the
message Failed to open IPsec admin file, error: %
nn
. Did you
set the password with -np? and you have not yet set the HP-UX
IPSec password, set the password using the command ipsec_admin
-newpasswd or ipsec_admin -np. Verify that the file