HP-UX IPSec Version A.03.02.02 Administrator's Guide HP-UX 11i version 2 and HP-UX 11i version 3 (762800-001, April 2014)
key length, 143
RFC, 141
MM SA, 215
see also IKE SA
N
ndd, 128
netstat, 127
no proposal chosen error message, 133, 134
no suitable policy found error message, 134
O
Oakley, 215
group
configuring in IKEv1 policies, 88
configuring in IKEv2 policies, 91
protocol, 216
RFC, 141
P
PASS
configuring in host IPsec policies, 67
patch dependencies, 45
Perfect Forward Secrecy (PFS)
configuring in IKEv1 policies, 89
configuring in IKEv2 policies, 93
defined, 40, 216
PFS see Perfect Forward Secrecy
Phase 2 SA, 215
see also IPsec SA
phase1 negotiation failed message, 131
PKI (Public Key Infrastructure)
vendor requirements, 101
policy
definition, 216
manager daemon, 152
port number
configuring in host IPsec policies, 64
preshared keys, 40
configuring, 77
configuring as an authentication method in
authentication records, 81
definition, 216
using with IPsec, 31
primary authentication
configuring in authentication records, 81
priority
configuring in authentication records, 82
configuring in host IPsec policies, 67
configuring in IKEv1 policies, 89, 93
product limitations, 143
IKE, 143
product requirements, 45
disk, 45
protocol
configuring in host IPsec policies, 66
proxy identifiers
configuring in tunnel IPsec policies, 74
pseudo-random function
configuring in IKEv2 policies, 92
public key, 40, 100
using with IPsec, 31
Q
QM SA, 215
see also IPsec SA
Quick Mode (QM)
definition, 216
Quick Mode SA, 215
see also IPsec SA
R
random number generator
for generating encryption keys, 191
remote method
configuring, 81
reporting problems, 127
retransmission count exceeded error message, 132
retransmission count exceeded the limit, 132
RFCs, 141
RSA
cryptography, 216
for IKE authentication, 101
signatures
configuring as an authentication method in
authentication records, 81
S
SA, 38, 215 see Security Association
see also IKE SA and IPsec SA
Security Association, 38, 53, 97, 120, 153, 157, 216
negotiation, 146
security certificates
configuring as an authentication method in
authentication records, 81
service name
configuring in host IPsec policies, 64
Serviceguard
port numbers and protocols, 204
using with HP-UX IPSec, 194
session-based keying
configuring in host IPsec policies, 70
SHA1 (Secure Hash Algorithm-1)
configuring in host IPsec policies, 68
configuring in IKEv1 policies, 88
configuring in IKEv2 policies, 92
configuring in tunnel IPsec policies, 75
key length, 143
RFC, 141
shared keys, 40
single-user mode, 46
SKEME, 215
software
loading, 46
SPI (Security Parameters Index)
configuring for manual keys, 190
processing, 158, 160
startup options
221