HP-UX IPSec version A.02.01 manpages

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software

ipsec_report(1M) ipsec_report(1M)

(IPSec Software Required)

Network Protocol

The upper-layer protocol in the IP header.

Action

The type of IPsec SAs for this tunnel. Possible values follow:

Dynamic key SA

Use dynamic keys to create IPsec SAs for the transform - an Authentication Header, AH,

and/or Encapsulating Security Payload, ESP.

Manual key SA

Use manual keys to create IPsec SAs for the transform.

State

(This ﬁeld is only present for dynamic key SAs.) The state of the SAs. Possible values for

State

are as follows:

Ready

(SAs are ready for use)

SPI(s) Not Established

(the IKE daemon has not started negotiating the IPSec/MM SAs)

SPI(s) Being Established

(the IKE daemon is negotiating the IPSec/MM SAs)

Unknown

(error state).

SA Number 1

and

SA Number 2

Information about the inbound and outbound SAs.

SPI (hex)

The Security Parameters Index (SPI). The SPI is included in the IPsec AH or ESP protocol

header transmitted to the remote system. The SPI is also used to index IPsec SA entries in the

kernel Security Association database.

SA Type

Indicates the IPsec transform for this SA. Possible values are

AH (Authentication Header) and

ESP

(Encapsulating Security Payload).

Authentication Algorithm

(This ﬁeld is only present if the Security Association Type is AH or ESP.) The authentication

algorithm used for the SA, as negotiated with the remote system.

Encryption Algorithm

(This ﬁeld is only present if the Security Association Type is ESP.) The encryption algorithm

used for the SA, as negotiated with the remote system.

Src IP Addr

The source IP address for this SA.

Dst IP Addr

The destination IP address for this SA.

SA direction

The direction for this SA. Possible values are

INBOUND

and OUTBOUND.

The

ipsec_report -tunnel

command displays the following report:

-------------------------------------------------------------------------

ipsec_report -tunnel

-------------------- Tunnel Policy Rule ----------------------

Tunnel Name: mipv6_tunnel_name ID: 10 Cookie: 3

Tunnel Src IP Addr: fe80::260:1111:2222:3333 Tunnel Dst IP Addr: fe80::230:6666

:7777:8888

Src IP Addr: 0::0 Prefix: 0

Dst IP Addr: fe80::230:6666:7777:8888 Prefix: 128

Network Protocol: MH Action: Manual Key SA

Transform: ESP-DES-HMAC-SHA1

-- SA Number 1 --

62 Hewlett-Packard Company − 12 − HP-UX IPSec A.02.01