HP-UX IPSec version A.02.01 Administrator's Guide
HP-UX IPSec and HP-UX Mobile IPv6
Step 2: (Recommended) Securing Return Routability Messages Routed Through the Home Agent
Appendix F 295
-destination
cn_addr
The
cn_addr
is the Correspondent Node’s address. In many cases, there
will be a large number of possible Correspondent Nodes and you may
want to use the IPv6 wildcard address instead (0::0).
-protocol MH
The protocol must be MH (Mobile IPv6 Mobility Headers).
-priority
priority_number
The
priority_value
is the priority value HP-UX IPSec uses when
selecting a gateway IPsec policy (a lower priority value has a higher
priority). The priority must be unique for each gateway IPsec policy. The
range is 1 - 2147483647.
-flags MIPV6
The flags must include MIPV6.
Step 2B: Return Routability Messages: Configuring
the Home Agent - Mobile Node Gateway IPsec Policy
The second gateway IPsec policy is for the tunneled data path between
the Home Agent and the Mobile Node (data path 2B in Figure F-5). The
source and destination address specifications are relative to the packets
forwarded by the Home Agent: the source is the Correspondent Node
address (or an IPv6 wildcard address) and the destination is the Mobile
Node’s home address.
Syntax
The syntax is the same as the syntax in the previous section (Step 2A:
Return Routability Messages: Configuring the Home Agent -
Correspondent Node Gateway IPsec Policy), with the following
differences:
• The source and destination addresses are swapped
• You must specify the name of the tunnel policy between the Home
Agent and the Mobile Node for Return Routability packets
(
rr_tunnel_name
). You configure this tunnel in the next section
(Step 2C: Return Routability Messages: Configuring the Home Agent
- Mobile Node Tunnel).