HP-UX IPSec Version A.03.02.02 Administrator's Guide HP-UX 11i version 2 and HP-UX 11i version 3 (762800-001, April 2014)

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software

Index

Symbols

3DES (Triple Data Encryption Standard), 37, 214

configuring in host IPsec policies, 68

configuring in IKEv1 policies, 89

configuring in IKEv2 policies, 92

configuring in tunnel IPsec policies, 75

key length, 143

A

AES (Advanced Encryption Standard), 37, 214

configuring in host IPsec policies, 68

configuring in IKEv2 policies, 92

configuring in tunnel IPsec policies, 75

key length, 143

Aggressive Mode (AM), 38

configuring in authentication records, 79

SA, 215

see also IKE SA

AH (Authentication Header), 30

algorithms, 144

configuring in host IPsec policies, 67

configuring in tunnel IPsec policies, 76

definition, 214

description, 37

negotiation, 146

processing, 152

RFC, 141

asymmetric key, 100

audit file, 134

determining the name of current, 121

audit level

changing, 119

default, 124

auditing, 119, 124

authentication, 214

algorithm

configuring in IKEv1 policies, 88

configuring in IKEv2 policies, 92

algorithms, 37, 144

IKE primary, 40

methods, 40

Authentication Header see AH

authentication record

order and selection, 77

authentication records

configuring, 77

AUTOCONF

specifying in authentication record, 82

autoconfiguration clients

configuration example, 186

B

bootup options

configuring, 55, 98, 115

bypass interfaces

configuring, 95

C

CA (Certificate Authority)

creating a Certificate Signing Request for, 103

defined, 214

requirements, 101

can't find matching selector error message, 134

certificate

key length for, 105

Certificate Revocation List see CRL

Certificate Revocation List (CRL)

requirements, 102

Certificate Signing Request (CSR)

creating, 103

file name, 105

PKI requirements, 101

certificates, 100

definition, 100, 214

how they work, 100

ID types not accepted, 143

requirements for, 101

troubleshooting, 135

clear text

configuring in host IPsec policies, 67

processing, 152

configuration

examples

autoconfiguration clients, 186

host-to-gateway, 185

manual keys, 191

preshared keys, 182

telnet, 182

configuring

auditing, 124

bypass list, 94

certificates, 106, 108

host IPsec policies, 63

IKE policies, 86

IKE version, 77

prerequisites, 45

preshared keys, 77

startup options, 55, 98, 115

tunnel IPsec policies, 72

connection timed out error message, 130

CRL (Certificate Revocation List), 101, 214

retrieving, 109, 111

CSR see Certificate Signing Request

D

daemons

HP-UX IPSec, 122

demilitarized zone see DMZ

Diffie-Hellman, 38, 40, 214

group, 214

configuring in IKEv1 policies, 88

218 Index