HP-UX IPSec Version A.03.02.02 Administrator's Guide HP-UX 11i version 2 and HP-UX 11i version 3 (762800-001, April 2014)
Cluster Node Host IPsec Policies for Secure WBEM Access
For each cluster node, configure host IPsec policies so HP-UX IPSec does not discard (the transform
list contains any transform except DISCARD ) the packets listed below. If HP-UX IPSec is not installed
on the WBEM client, configure PASS host IPsec policies for these packets.
Destination PortSource PortProtocolDestination IP AddressSource IP Address
05989TCPWBEM client addresscluster node address (or
wildcard)
Cluster Node Host IPsec Policies for Non-Secure WBEM Access
For each cluster node, configure host IPsec policies so HP-UX IPSec does not discard (the transform
list contains any transform except DISCARD ) the packets listed below. If HP-UX IPSec is not installed
on the WBEM client, configure PASS host IPsec policies for these packets.
Destination PortSource PortProtocolDestination IP AddressSource IP Address
05988TCPWBEM client addresscluster node address (or
wildcard)
Secure WBEM Client Host IPsec Policies
If HP-UX IPSec is installed on the WBEM client, configure host IPsec policies for the packets listed
below with an action (PASS or transform lists) that match the policies on the cluster nodes.
Destination PortSource PortProtocolDestination IP AddressSource IP Address
59890TCPcluster node addressWBEM client address
(or wildcard)
Non-Secure WBEM Client Host IPsec Policies
If HP-UX IPSec is installed on the WBEM client, configure host IPsec policies for the packets listed
below with an action (PASS or transform lists) that match the policies on the cluster nodes.
Destination PortSource PortProtocolDestination IP AddressSource IP Address
59880TCPcluster node addressWBEM client address
(or wildcard)
Cluster Object Manager (COM)
If you are using a Cluster Object Manager (COM) on a system outside the cluster to provide
connections to COM clients, such as Serviceguard Manager clients, configure HP-UX IPSec so it
does not discard the packets listed in the sections that follow.
Cluster Node Host IPsec Policies for COM
For each cluster node, configure host IPsec policies so HP-UX IPSec does not discard (the action is
not DISCARD ) the packets listed below. If IPsec is not installed on the COM system, you must
configure PASS host IPsec policies for these packets.
Destination PortSource PortProtocolDestination IP AddressSource IP Address
05302TCPCOM system addresscluster node address (or
wildcard)
05302UDPCOM system addresscluster node address (or
wildcard)
Step 1: Configuring HP-UX Host IPsec Policies for Serviceguard 203