HP-UX IPSec version A.02.01 Administrator's Guide
HP-UX IPSec and HP-UX Mobile IPv6
Mobile IPv6 Manual Key Configuration Example
Appendix F318
add gateway mn2222_payload_to_cn \
-source 2001:db8:11:11::fefe:2222 \(Mobile Node’s Home Address)
-destination 0::0 \(wildcard for any Correspondent Node)
-protocol ALL -pri 300 -action FORWARD -flags MIPV6
Gateway IPsec Policy for Home Agent - Mobile Node Segments
(Step 4B)
add gateway mn2222_payload_to_mobile_node \
-source 0::0 \(wildcard for any Correspondent Node)
-destination 2001:db8:11:11::fefe:2222 \(Mobile Node’s Home
Address)
-protocol ALL -pri 310 -tunnel mn2222_payload_tunnel \
-action FORWARD -flags MIPV6
Payload Tunnel IPsec Policy (Step 4C)
The tunnel between the local system (Home Agent) and the Mobile Node
is similar to the tunnel configured for Return Routability messages,
except protocol is ALL and the manual key SPI numbers (inbound SPI
numbers must be unique) and the keys are different.
add tunnel mn2222_payload_tunnel \
-tsource 2001:db8:11:11::fefe:1111 \(Home Agent)
-tdestination 2001:db8:11:11::fefe:1111 \(Mobile Node’s Home
Addr.)
-source 0::0 \(wildcard for any Correspondent Node)
-destination 2001:db8:11:11::fefe:2222 \(Mobile Node’s Home
Address)
-protocol ALL \
-action ESP_AES128_HMAC_SHA1 \
-in ESP/2500013/0x123456789012345678901234567890123456789A\
/0x1234567890123456789012345678901A/0x123456789012345A \
-out ESP/2500014/0x012345678901234567890123456789012345678B\
/0x0123456789012345678901234567890B/0x012345678901234B