HP-UX IPSec Version A.03.00 Administrator's Guide
Destination PortSource PortProtocolDestination IP AddressSource IP Address
02381TCP
SMH Management Station
address
cluster node address
(or wildcard)
02381UDP
SMH Management Station
address
cluster node address
(or wildcard)
SMH Management Station Host IPsec Policies
If HP-UX IPSec is installed on the SMH Management Station, configure host IPsec policies for
the packets listed below with actions (PASS or transform lists) that match the policies on the
cluster nodes.
Destination PortSource PortProtocolDestination IP AddressSource IP Address
23010TCP
cluster node addressSMH Management
Station address (or
wildcard)
23010UDP
cluster node addressSMH Management
Station address (or
wildcard)
23810TCP
cluster node addressSMH Management
Station address (or
wildcard)
23810UDP
cluster node addressSMH Management
Station address (or
wildcard)
Serviceguard Manager Standalone Version
If you using the standalone version of Serviceguard Manager (supported with Serviceguard
versions A.11.11 - A.11.17), configure HP-UX IPSec so it does not discard SNMP traffic between
cluster nodes and the Serviceguard Manager system as described in the sections that follow. The
SNMP agent runs on the cluster nodes and uses UDP port 161. The SNMP manager runs on the
Serviceguard Manager and uses UDP port 162.
Cluster Node Host IPsec Policies for Serviceguard Manager Standalone Version
For each cluster node, configure host IPsec policies so HP-UX IPSec does not discard (the transform
list contains any transform except DISCARD ) the packets listed below. If HP-UX IPSec is not
installed on the standalone Serviceguard Manager system, configure PASS host IPsec policies
for these packets.
Destination PortSource PortProtocolDestination IP AddressSource IP Address
0161UDP
Serviceguard Manager
address
cluster node address
(or wildcard)
1620UDP
Serviceguard Manager
address
cluster node address
(or wildcard)
230 HP-UX IPSec and Serviceguard