HP-UX IPSec Version A.03.00 Administrator's Guide
add auth paul_s \
-remote 2001:db8:11:11::/64 \
(autoconf client subnet addr.
)
-ltype FQDN -lid server1.corp.com
-rtype USER-FQDN -rid paul_s@corp.com
-exchange AM
-preshared secret3333 \
-flags AUTOCONF
IKE Policy
The default IKEv1 policy is used with no modifications.
Client Configuration
The configuration is the same on each client, except for the local ID in the authentication record.
This section lists the configuration for the system with local ID joe_s@corp.com .
Host Policy
The host policy on the client is as follows:
add host server1 \
-destination 2001:db8:11:11::fefe:1111 \ (Server1 addr.)
-action ESP_AES128_HMAC_SHA1 \
Authentication Record
Each autoconfiguration client configures an authentication record with its unique local ID. The
IKE exchange type must be Aggressive Mode (-exchange AM ).
The authentication record on the client does not specify the AUTOCONF flag, because you specify
the AUTOCONF flag when the remote system is an autoconfiguration client, not when the local
system is an autoconfiguration client.
The record for system with local ID joe_s@corp.com is as follows:
add auth server1 \
-remote 2001:db8:11:11::fefe:1111 \(Server1 addr.)
-ltype USER-FQDN -lid joe_s@corp.com
-rtype FQDN -rid server1.corp.com
-exchange AM
-preshared secret1111
IKE Policy
The default IKEv1 policy is used with no modifications.
212 HP-UX IPSec Configuration Examples