Manualshelf

HP-UX IPSec Version A.03.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software
71727374757677787980
2. Configure tunnel IPsec policies.
See “Step 2: Configuring Tunnel IPsec Policies” (page 80) for a description of this step. Skip
this step if the local system is not a tunnel endpoint.
3. Configure authentication records. If you are using preshared key authentication, the
authentication records also specify the preshared key values.
See “Step 3: Configuring Authentication Records and Preshared Keys” (page 85) for a
description of this step. Skip this step if the local system uses only manual keys for IPsec.
4. Modify the default IKEv2 or IKEv1 policy, if needed.
See “Step 4: Configuring IKEv1 and IKEv2 Policies” (page 95) for a description of this step.
Skip this step if the local system uses only manual keys for IPsec. You can also skip this step
if the default IKEv2 or IKEv1 parameters meet your requirements.
5. Configure security certificates, if you are using RSA signatures for IKE authentication.
See Chapter 5: “Using Certificates with HP-UX IPSec ” (page 113) for a description of this
step.
6. Configure the bypass list of local IP addresses (optional).
See “Step 6: Configuring the Bypass List (Local IP Addresses)” (page 104) for a description
of this step.
7. Verify the batch file.
HP recommends that you use an ipsec_config batch file to add configuration information,
and that you use the ipsec_config batch command with the nocommit option to verify
the contents of the batch file before committing the batch file operations to the database file.
See “Step 7: Verifying the Batch File Syntax” (page 106) for a description of this step.
8. Commit the batch file operations to the database and start HP-UX IPSec to verify operation.
After you have verified the contents of the batch file, commit the batch file operations to the
configuration database file. Start HP-UX IPSec and verify operation. See “Step 8: Committing
the Batch File Configuration and Verifying Operation” (page 107) for a description of this
step.
9. Configure HP-UX IPSec to start automatically at system boot-up time (optional).
See “Step 9: Configuring HP-UX IPSec to Start Automatically” (page 110) for a description
of this step.
10. Back up the ipsec_config batch file and the configuration database.
See “Step 10: Creating Backup Copies of the Configuration Files” (page 111) for a description
of this step.
Configuration Overview 71