HP-UX IPSec Version A.03.00 Administrator's Guide
ipsec_config add bypass Syntax
You can use the following ipsec_config add bypass syntax to configure preshared keys
in most installations:
ipsec_config add bypass ip_address
HP recommends that you use an ipsec_config batch file to configure HP-UX IPSec. To specify
an add bypass operation for an ipsec_config batch file, use the above syntax without the
ipsec_config command name:
add bypass ip_address
The complete ipsec_config add bypass syntax also allows you to specify the nocommit
argument (verify the syntax but do not commit the information to the database).
Refer to the ipsec_config_add(1M) manpage for complete syntax information.
ip_address
The ip_address is the IP address to bypass. This can be a virtual IP address (a secondary IP
address configured for an interface, such as an address configured for lan0:1).
An entry in the bypass interface list affects only the logical interface for the IP address, not all
logical interfaces for the physical interface (network card).
Default: None.
Bypass Configuration Example
The system has two physical interfaces, both connected to secure, internal networks. You want
to use HP-UX IPSec to encrypt traffic on one interface, but disable HP-UX IPSec on the second
interface, 12.1.1.1. The following batch file entry configures an entry in the bypass list for address
12.1.1.1.
-add bypass 12.1.1.1
Step 6: Configuring the Bypass List (Local IP Addresses) 105