Manualshelf

HP-UX IPSec Version A.03.02.02 Administrator's Guide HP-UX 11i version 2 and HP-UX 11i version 3 (762800-001, April 2014)

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software
41424344454647484950
3 Quick configuration procedure and tips
This chapter contains a procedure for quickly configuring HP-UX IPSec for a simple host-to-host
topology using IKE with preshared keys. In this procedure, you modify the batch file template
/var/adm/ipsec/templates/host-to-host. This chapter also includes configuration tips.
This chapter contains the following sections:
“Overview” (page 48)
“Step 1: Establishing the HP-UX IPSec password” (page 48)
“Step 2: Modifying the configuration batch file template” (page 48)
“Step 3: Verifying the batch file syntax” (page 52)
“Step 4: Committing the batch file configuration and verifying operation” (page 53)
“Step 5: Configuring HP-UX IPSec to start automatically” (page 54)
“Step 6: Creating backup copies of configuration files” (page 55)
“Configuration tips and reminders” (page 55)
For information on configuring HP-UX IPSec for other topologies, see Chapter 4: “Configuring
HP-UX IPSec” (page 57).
Overview
The steps for configuring a simple host-to-host topology using the batch file template /var/adm/
ipsec/templates/host-to-host are as follows:
1. Use the ipsec_admin -newpasswd command to establish the HP-UX IPSec password, if
you have not already done this as part of the installation.
2. Edit the configuration batch file template for host-to-host topologies.
3. Verify the batch file syntax.
4. Commit the batch file operations to the database and start HP-UX IPSec to verify operation.
5. Configure HP-UX IPSec to start automatically at system boot-up time (optional).
6. Back up the ipsec_config batch file and the configuration database.
Step 1: Establishing the HP-UX IPSec password
If you have not already established the HP-UX IPSec password, use the following command to
establish it:
ipsec_admin -newpasswd
The ipsec_admin utility prompts you to establish the HP-UX IPSec password:
IPSEC_ADMIN: Establishing IPsec password, enter IPsec password:
Enter a password. The password must be at least 15 characters long and cannot contain spaces.
The ipsec_admin utility will prompt you to enter the new password a second time (IPSEC_ADMIN:
Re-enter password to verify ). Enter the new password again.
Step 2: Modifying the configuration batch file template
HP-UX IPSec provides the following configuration batch file templates in the directory /var/adm/
ipsec/templates :
end-to-gateway
end-to-end-tunnel
host-to-host
48 Quick configuration procedure and tips