HP-UX IPSec version A.02.01 Administrator's Guide

Troubleshooting HP-UX IPSec

Troubleshooting Scenarios

Chapter 7226

If the policy daemon detects that configuration database is corrupted, the

policy daemon logs an error message similar to the following:

Msg: 413 From: SECPOLICYD Lvl: ERROR Date: Sun May 09

10:21:32 2004

Event: /var/adm/ipsec/config.db file is corrupt.

Solution

Re-create or restore the configuration database file

(/var/adm/ipsec/config.db). There are two methods to do this:

• Restore the skeleton configuration database file and manually

re-enter the configuration data or use an ipsec_config batch file to

re-create the data.

• Use the migration utility, ipsec_migrate. You can use this method

if you still have a configuration file from a previous release (such as

/var/adm/ipsec/policies.txt).

See “Re-Creating the Configuration Database” on page 184 for more

information.

Autoboot is Not Working Properly

Problem

Autoboot fails.

Symptoms

HP-UX IPSec does not start automatically at system boot-up time.

Solution

Use the following procedure:

Step 1. Set the HP-UX IPSec password using the ipsec_admin -newpasswd

command if it is not already set.

Step 2. Use ipsec_config to configure HP-UX to start automatically at system

boot-up time:

ipsec_config add startup -autoboot ON

Step 3. Check that your configuration file is valid.