HP-UX IPSec version A.02.01 Administrator's Guide
HP-UX IPSec and HP-UX Mobile IPv6
Step 2: (Recommended) Securing Return Routability Messages Routed Through the Home Agent
Appendix F296
ipsec_config add gateway
gwy_policy_name
-source
cn_addr
-destination
mn_home_addr
[/
prefix
]
-protocol MH [-priority
priority_number
]
-tunnel
rr_tunnel_name
-action FORWARD -flags MIPV6
gwy_policy_name
The
gwy_policy_name
is the user-defined name for the gateway IPsec
policy. The
gwy_policy_name
must be unique for each gateway IPsec
policy and is case-sensitive. The name must be 1 - 63 characters. Each
character must be an ASCII alphanumeric character, hyphen (-), or
underscore (_).
-source
cn_addr
The
cn_addr
is the Correspondent Node’s address. In many cases, there
will be a large number of possible Correspondent Nodes and you may
want to use the IPv6 wildcard address instead (0::0).
-destination
mn_home_addr
[/
prefix
]
The
mn_home_addr
is the Mobile Node’s home address. If you are using
manual keys, this cannot be a wildcard or subnet address. If you are
using IKE, you can specify a subnet address and prefix.
-protocol MH
The protocol must be MH (Mobile IPv6 Mobility Headers).
-priority
priority_number
The
priority_number
is the priority value HP-UX IPSec uses when
selecting a gateway IPsec policy (a lower priority value has a higher
priority). The priority must be unique for each gateway IPsec policy. The
range is 1 - 2147483647.
-tunnel
rr_tunnel_name
The
rr_tunnel_name
is the name of the tunnel policy that defines the
tunnel between the Mobile Node and the Home Agent, as configured in
the following section, Step 2C: Return Routability Messages: Configuring
the Home Agent - Mobile Node Tunnel.