HP-UX IPSec version A.02.01 Administrator's Guide
HP-UX IPSec and HP-UX Mobile IPv6
Mobile IPv6 Dynamic Key Configuration Example
Appendix F 321
add gateway mipv6_rr_to_cn \
-source 2001:db8:11:11::/64 \(Mobile Node subnet addr.)
-destination 0::0 \(wildcard for any Correspondent Node)
-protocol MH -pri 200 -action FORWARD -flags MIPV6
Gateway IPsec Policy for Home Agent - Mobile Node Segments
(Step 2B)
add gateway mipv6_rr_to_mobile_node \
-source 0::0 \(wildcard for any Correspondent Node)
-destination 2001:db8:11:11::/64 \(Mobile Node subnet addr.)
-protocol MH -pri 210 -tunnel mipv6_rr_tunnel \
-action FORWARD -flags MIPV6
Return Routability Tunnel IPsec Policy (Step 2C)
The following tunnel policy configures the tunnel between the local
system (Home Agent) and the Mobile Node for Mobile. The Home Agent
uses this tunnel when forwarding MH protocol packets between the
Mobile Node and the Correspondent Node. The tunnel endpoints are the
Mobile Node and the local system (Home Agent).
add tunnel mipv6_rr_tunnel \
-tsource 2001:db8:11:11::fefe:1111 \(Home Agent))
-source 0::0 \(wildcard for any Correspondent Node)
-destination 2001:db8:11:11::/64 \(Mobile Node subnet)
-protocol MH \
-action ESP_AES128_HMAC_SHA1 \
Prefix Discovery Messages (Step 3)
This step is optional. You can skip this step if the Mobile Nodes do not
support prefix discovery.
add host mipv6_prefix \
-source 2001:db8:11:11::fefe:1111 \(Home Agent)
-destination 2001:db8:11:11::/64 \(Mobile Node subnet addr.)
-proto ICMPV6 -pri 210 -action ESP_AES128_HMAC_SHA1 \
-flags MIPV6