HP-UX IPSec Version A.03.02.02 Administrator's Guide HP-UX 11i version 2 and HP-UX 11i version 3 (762800-001, April 2014)

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software

configuring in IKEv2 policies, 91

digital signature, 40

using with IPsec, 31

disk requirements, 45

Distinguished Name

specifying in authentication record, 80

specifying in CSR, 103

DMZ

securing with IPsec, 44

E

EEXIST error message, 192

Encapsulating Security Payload see ESP

encryption

algorithms, 144

configuring in IKEv1 policies, 89

configuring in IKEv2 policies, 92

definition, 214

keys, 146

generating, 191

error messages

can't find matching selector, 134

connection timed out, 130

EEXIST, 192

Internal Database error, 136

Invalid SADB_ADD, 192

no proposal chosen, 133, 134

no suitable policy found, 134

phase 1 negotiation failed, 131

retransmission count exceeded, 132

ts unacceptable, 134

unable to connect, 130

ESP (Encapsulating Security Payload), 30

algorithms, 144

configuring in host IPsec policies, 67

configuring in tunnel IPsec policies, 76

definition, 215

negotiation, 146

processing, 152

RFC, 141

tunnel mode, 35

exchange mode

configuring, 77

F

filter

definition, 215

Fully Qualified Domain Name

specifying in authentication record, 80

specifying in CSR, 104

H

hash algorithm

configuring in IKE policies, 88

configuring in IKEv2 policies, 92

host IPsec policies

configuring, 63

default, 63

examples, 71

host-to-gateway topology

configuration example, 185

I

ICMP messages

common messages used, 163

discarding with IPv4, 163

ICMPv6 messages, 164

ID types

not supported, 143

supported, 80

IKE

version

configuring, 77

IKE (Internet Key Exchange), 30

defined, 32

description, 37

ID types

not supported, 143

supported, 80

limitations, 143

policies

examples, 90

policy selection, 86

protocol, 215

RFC, 141

SA, 146

definition, 61

establishing, 159

negotiation failure, 132, 133

reporting, 122

SA definition, 215

version

configuring, 79

selection by IKE daemon, 154

version compatibility, 38

installing

loading software, 46

prerequisites, 45

verifying, 53, 96

Internal Database error message, 136

Internet Control Message Protocol messages. see ICMP

messages

Internet Key Exchange see IKE

Invalid SADB_ADD error message, 192

IP address

configuring in host IPsec policies, 64

configuring in IKEv1 policies, 87

configuring in IKEv2 policies, 91

IPsec

daemons, 122

operation, 146

overview, 30, 32

RFCs, 141

SA, 146, 215

Security Association see IPsec SA

services, 30

topologies, 42

IPsec policy

219