HP-UX IPSec Version A.03.02.02 Administrator's Guide HP-UX 11i version 2 and HP-UX 11i version 3 (762800-001, April 2014)
configuring
overview, 61
default, 63
definition, 215
selection process, 63
IPsec QM SA, 215
see also IPsec SA
ipsec_admin, 53, 96, 119, 124
-auditlvl option, 121
-status option, 120
to change audit directory, 121
to change audit level, 121
to get HP-UX IPSec status, 120
ipsec_config add auth
examples, 84, 85
syntax, 77
ipsec_config add bypass
example, 96
syntax, 95
ipsec_config add cacert
example, 108
syntax, 108
LDAP, 108
ipsec_config add crl
syntax, 109, 110
ipsec_config add csr
example, 105
syntax, 103
ipsec_config add host
examples, 71
syntax, 63
ipsec_config add ikev1
examples, 90
syntax, 87
ipsec_config add ikev2
syntax, 90
ipsec_config add mycert
example, 106
syntax, 106
LDAP, 106
ipsec_config add startup
syntax, 55, 98, 115
ipsec_config add tunnel
examples, 76
syntax, 73
ipsec_policy, 119, 124
to test which IPsec policy matches packet, 120
ipsec_report, 53, 97, 119, 122, 132, 133
IPv4 address
specifying in authentication record, 80
specifying in CSR, 104
IPv6
ICMPv6 messages, 164
IPv6 address
specifying in authentication record, 80
specifying in CSR, 104
ISAKMP, 215
defined, 215
RFC, 141
ISAKMP MM SA, 215
see also IKE SA
K
kernel
policy engine, 151
key
asymmetric, 100
lengths, 143
management using IKE, 37
private, 100
public, 100
shared, 40
Key Identifier
specifying in authentication record, 80
key length
for certificates, 105
keying, dynamic, 38
L
LDAP
requirements, 102
lifetime kilobytes
configuring in host IPsec policies, 70
configuring in tunnel IPsec policies, 76
lifetime seconds
configuring in host IPsec policies, 70
configuring in IKEv1 policies, 89
configuring in IKEv2 policies, 93
configuring in tunnel IPsec policies, 76
lifetimes, 134, 146
Linux
interoperability with, 167
IPsec configuration, 168
lKEv1 policies
configuring, 87
lKEv2 parameters see IKEv2 policies
lKEv2 policies
configuring, 90
loading software, 46
local method
configuring, 81
lSAKMP parameters see IKEv1 and IKEv2 policies
M
MAC, 215
Main Mode (MM), 38
configuring in authentication records, 79
defined, 216
Main Mode SA, 215
see also IKE SA
manual keys, 40
configuration example, 191
defined, 32
definition, 216
MD5 (Message Digest-5), 37
configuring in host IPsec policies, 68
configuring in IKEv1 policies, 88
configuring in tunnel IPsec policies, 75
220 Index