HP-UX IPSec version A.02.01 Administrator's Guide
HP-UX IPSec Configuration Examples
Autoconfiguration Clients
Appendix D 269
Host Policy
add host autoconf_clients \
-destination 2001:db8:11:11::/64 \ (autoconf client subnet addr.)
-action ESP_AES128_HMAC_SHA1 \
-flags AUTOCONF
IKE Policy
add ike autoconf_clients \
-remote 2001:db8:11:11::/64 \ (autoconf client subnet addr.)
-authentication pkey
Authentication Records
There is one authentication record for each autoconfiguration client.
Each authentication record contains a unique remote ID for each client,
which matches the local ID configured on the client.
The IKE exchange type must be Aggressive Mode (-exchange AM).
add auth joe_s \
-remote 2001:db8:11:11::/64 \(autoconf client subnet addr.)
-ltype FQDN -lid server1.corp.com
-rtype USER-FQDN -rid joe_s@corp.com
-exchange AM
-preshared secret1111
add auth mick_j \
-remote 2001:db8:11:11::/64 \(autoconf client subnet addr.)
-ltype FQDN -lid server1.corp.com
-rtype USER-FQDN -rid mick_j@corp.com
-exchange AM
-preshared secret2222
add auth paul_s \
-remote 2001:db8:11:11::/64 \(autoconf client subnet addr.)
-ltype FQDN -lid server1.corp.com
-rtype USER-FQDN -rid paul_s@corp.com
-exchange AM
-preshared secret3333