HP-UX IPSec version A.02.01 Administrator's Guide
HP-UX IPSec and Serviceguard
Step 2: Configuring HP-UX Host IPsec Policies for Serviceguard
Appendix G342
Configuring Host IPsec Policies for Cluster Object
Manager (COM)
If you are using a Cluster Object Manager (COM) on a system outside of
the cluster to provide connections to COM clients, such as ServiceGuard
Manager, configure HP-UX IPSec so it does not discard the packets
listed in the sections below.
Cluster Node Host IPsec Policies for COM
For each cluster node, configure host IPsec policies so HP-UX IPSec does
not discard (the action is not DISCARD) the packets listed below. If IPsec
is not installed on the COM system, you must configure PASS host IPsec
policies for these packets.
COM System Host IPsec Policies
If HP-UX IPSec is installed on the COM system, configure host IPsec
policies for the packets listed below with a transform list that
corresponds to the policies on the cluster nodes.
Source IP
Address
Destination
IP Address
Protocol
Source
Port
Destination
Port
cluster node
address (or
wildcard)
COM system
address
TCP 5302 0
cluster node
address (or
wildcard)
COM system
address
UDP 5302 0
Source IP
Address
Destination
IP Address
Protocol
Source
Port
Destination
Port
COM system
address (or
wildcard)
cluster node
address
TCP 0 5302
COM system
address (or
wildcard)
cluster node
address
UDP 0 5302