HP-UX IPSec Version A.03.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software

Additional Options...................................................................................................................134

Configuring HP-UX IPSec to Start Automatically..............................................................................135

ipsec_config add startup Syntax.......................................................................................135

Stopping HP-UX IPSec........................................................................................................................136

ipsec_admin -stop Syntax......................................................................................................136

Changing HP-UX IPSec Operating Parameters..................................................................................137

Exporting the Configuration Database to a Batch File.......................................................................138

ipsec_config export Syntax..................................................................................................138

Parameters................................................................................................................................138

Re-Creating the Configuration Database............................................................................................139

Deleting SA Entries.............................................................................................................................140

ipsec_admin -deletesa Syntax.............................................................................................140

Parameters................................................................................................................................140

7 Troubleshooting HP-UX IPSec....................................................................................141

Troubleshooting Utilities Overview....................................................................................................142

Getting General Information.........................................................................................................142

Getting SA Information.................................................................................................................142

Getting Policy Information............................................................................................................142

Getting Interface Information........................................................................................................143

Getting Certificate Information.....................................................................................................143

Viewing and Configuring Audit Information...............................................................................143

Enabling and Disabling Tracing....................................................................................................144

Troubleshooting Procedures...............................................................................................................145

Checking Status.............................................................................................................................145

Isolating HP-UX IPSec Problems from Upper-layer Problems.....................................................146

Checking Policy Configuration......................................................................................................146

Using ipsec_policy ............................................................................................................146

Examining the Policy Cache and Policy Entries.......................................................................147

Configuring HP-UX IPSec Auditing..............................................................................................147

Audit Level...............................................................................................................................147

Audit Files and Directory.........................................................................................................148

Audit File Size.....................................................................................................................148

Dynamically Setting Audit Parameters....................................................................................148

Configuring Startup Audit Parameters....................................................................................148

Viewing Audit Files.......................................................................................................................149

Filtering Audit File Output by Entity.......................................................................................149

Troubleshooting Tips..........................................................................................................................149

Reporting Problems............................................................................................................................151

Troubleshooting Scenarios..................................................................................................................152

HP-UX IPSec Incorrectly Passes Packets.......................................................................................152

Problem....................................................................................................................................152

Symptoms.................................................................................................................................152

Solution.....................................................................................................................................152

HP-UX IPSec Incorrectly Attempts to Encrypt/Authenticate Packets...........................................153

Problem....................................................................................................................................153

Symptoms.................................................................................................................................153

Solution.....................................................................................................................................153

HP-UX IPSec Attempts to Encrypt/Authenticate and Fails..........................................................153

Problem....................................................................................................................................153

Symptoms.................................................................................................................................153

Solution.....................................................................................................................................153

Determining the IKE Version Number...............................................................................153

Determining if the IKEv1 SA Negotiation Succeeded........................................................154

Table of Contents 9