Manualshelf

HP-UX IPSec Version A.03.02.02 Administrator's Guide HP-UX 11i version 2 and HP-UX 11i version 3 (762800-001, April 2014)

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software
201202203204205206207208209210
COM System Host IPsec Policies
If HP-UX IPSec is installed on the COM system, configure host IPsec policies for the packets listed
below with an action (PASS or transform lists) that match the policies on the cluster nodes.
Destination PortSource PortProtocolDestination IP AddressSource IP Address
53020TCPcluster node addressCOM system address
(or wildcard)
53020UDPcluster node addressCOM system address
(or wildcard)
You must also configure HP-UX IPSec so it does not discard packets to COM clients, as listed below.
Destination PortSource PortProtocolDestination IP AddressSource IP Address
53030TCPCOM client addressCOM system address
(or wildcard)
Configure corresponding host IPsec policies on the COM clients as appropriate.
Consolidated Log (clog)
If you using the consolidated log (clog) package with the Serviceguard Manager, configure HP-UX
IPSec so it does not discard packets between cluster nodes and the SMH Management Station as
described in the sections that follow.
Cluster Node Host IPsec Policies for Consolidated Log
For each cluster node, configure host IPsec policies so HP-UX IPSec does not discard (the transform
list contains any transform except DISCARD ) the packets listed below. If HP-UX IPSec is not installed
on the SMH Management Station, configure PASS host IPsec policies for these packets.
Destination PortSource PortProtocolDestination IP AddressSource IP Address
0clog_port
(the TCP port
TCPSMH Management Station
address
cluster node address (or
wildcard)
configured for
the clog
package
SMH Management Station Host IPsec Policies
If HP-UX IPSec is installed on the SMH Management Station, configure host IPsec policies for the
packets listed below with actions (PASS or transform lists) that match the policies on the cluster
nodes.
Destination PortSource PortProtocolDestination IP AddressSource IP Address
clog_port ( the TCP
port configured for the
clog package
0TCPcluster node addressSMH Management
Station address (or
wildcard)
Summary: Serviceguard Port Numbers and Protocols
Serviceguard uses the following port numbers and protocols.
204 HP-UX IPSec and Serviceguard