HP-UX IPSec version A.02.01 Administrator's Guide
Quick Configuration Procedure and Tips
Step 2: Modifying the Configuration Batch File Template
Chapter 3 77
# SECTION 2: IKE Policy
#
############################################################################
#
# Uncomment and modify the following IKE policy.
# This configuration uses the following IKE operating parameters:
# -Preshared keys for IKE authentication
# -SHA1 IKE authentication
# -3DES IKE encryption # -Diffie-Hellman Group: 2
# #add ike <ike_policy_name> -remote <peer_ip_address> \
# -authentication PSK -group 2 -hash SHA1 -encryption 3DES
#
############################################################################
#
# SECTION 3: Authentication Record with Preshared Key
# ############################################################################
#
# Uncomment and modify the following authentication record.
# The preshared key is used for IKE authentication.
# You must configure one authentication record for each peer system.
#
# This configuration uses Main Mode exchange, and
# the local IP address and peer_ip_address as the authentication
# IDs for the IKE Phase 1 negotiations.
#
#add auth <auth_policy_name> -remote <peer_ip_address> \
# -psk <my_ASCII_preshared_key>
#
############################################################################
Example
You have two systems: red, with address 15.1.1.1, and blue, with
address 15.2.2.2. You want to secure all telnet sessions between the two
systems.
Red Configuration
On red, you uncomment and edit the following four entries from the
template file:
ipsec_config add telnet_to_blue \
-source 15.1.1.1 \
-destination 15.2.2.2/32/TELNET \
-action ESP_AES128_HMAC_SHA1