HP-UX IPSec version A.02.01 Administrator's Guide
HP-UX IPSec and HP-UX Mobile IPv6
Step 6: Configuring Authentication Records
Appendix F312
-exchange AM
The exchange mode must be Aggressive Mode (AM).
-ltype
local_id_type
and -lid
local_id
The
local_id_type
and
local_id
are the ID type and value the local
system sends to the remote system when negotiating an IKE SA. This
must match what is configured on the remote system. If you are using
RSA signatures and the remote system is an HP-UX system, this must
also match information in the certificate for the local system.
Acceptable Values: The ID type must not be IPV6. Table F-1 lists the
valid ID types and corresponding ID values.
The DN consists of at least one of the following attributes:
Table F-1 ID Types and Values
ID Type ID Value
FQDN Fully Qualified Domain Name (FQDN), also
known as Domain Name Server or DNS name,
such as myhost.hp.com. If you are using RSA
signatures, this is the FQDN configured in the
subjectAlternativeName field of the
certificate.
USER-FQDN User-Fully Qualified Domain Name
(User-FQDN) in SMTP format, such as
user@myhost.hp.com. If you are using RSA
signatures, this is the user FQDN configured
in the subjectAlternativeName field of the
certificate.
X500-DN X.500 Distinguished Name (DN). If you are
using RSA signatures, this is the DN
configured in the subjectName or
subjectAlternativeName field of the
certificate. The format of the DN is described
in the paragraphs that follow.