HP-UX IPSec Version A.03.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software

topologies, 43

IPsec policy

configuring

overview, 70

default, 72

definition, 250

selection process, 72

IPsec QM SA, 250

(see also IPsec SA)

ipsec_admin, 60, 107, 142, 147

-auditlvl option, 144

-status option, 142

to change audit directory, 144

to change audit level, 144

to get HP-UX IPSec status, 142

ipsec_config add auth

examples, 92, 93

syntax, 85

ipsec_config add bypass

example, 105

syntax, 105

ipsec_config add cacert

example, 124

syntax, 124

LDAP, 124

ipsec_config add crl

syntax, 126

ipsec_config add csr

example, 120

syntax, 118

ipsec_config add host

examples, 78

syntax, 72

ipsec_config add ikev1

examples, 98

syntax, 96

ipsec_config add ikev2

syntax, 99

ipsec_config add mycert

example, 122

syntax, 122

LDAP, 122

ipsec_config add startup

syntax, 62, 110, 135

ipsec_config add tunnel

examples, 83

syntax, 80

ipsec_policy, 142, 146

to test which IPsec policy matches packet, 142

ipsec_report, 60, 107, 142, 145, 155, 157

IPv4 address

specifying in authentication record, 88

specifying in CSR, 119

IPv6

ICMPv6 messages, 185

IPv6 address

specifying in authentication record, 88

specifying in CSR, 119

ISAKMP, 250

defined, 250

RFC, 165

ISAKMP MM SA, 250

(see also IKE SA)

K

kernel

policy engine, 174

key

asymmetric, 114

lengths, 167

management using IKE, 38

private, 114

public, 114

shared, 40, 41

Key Identifier

specifying in authentication record, 88

key length

for certificates, 119

keying, dynamic, 38

L

LDAP

requirements, 115

lifetime kilobytes

configuring in host IPsec policies, 77

configuring in tunnel IPsec policies, 83

lifetime seconds

configuring in host IPsec policies, 77

configuring in IKEv1 policies, 98

configuring in IKEv2 policies, 101

configuring in tunnel IPsec policies, 83

lifetimes, 157, 168

Linux

interoperability with, 190

IPsec configuration, 190

lKEv1 policies

configuring, 96

lKEv2 parameters (see IKEv2 policies)

lKEv2 policies

configuring, 99

loading software, 50

local method

configuring, 89

lSAKMP parameters (see IKEv1 and IKEv2 policies)

M

MAC, 250

Main Mode (MM), 39

configuring in authentication records, 87

defined, 251

Main Mode SA, 250

(see also IKE SA)

manual keys, 41

configuration example, 218

defined, 32

definition, 251

MD5 (Message Digest-5), 36

configuring in host IPsec policies, 77

255