Manualshelf

HP-UX IPSec Version A.03.02.02 Administrator's Guide HP-UX 11i version 2 and HP-UX 11i version 3 (762800-001, April 2014)

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software
61626364656667686970
Table 4 ipsec_config Service names (continued)
ProtocolPortService Name
TCP80HTTP-TCP
UDP80HTTP-UDP
UDP123NTP
TCP512REXEC
TCP513RLOGIN
UDP513RWHO
TCP514REMSH
TCP515REMPRINT
TCP25SMTP
TCP23TELNET
UDP69TFTP
-protocol protocol_id
The protocol_id is the value or name of the upper-layer protocol that HP-UX IPSec uses in the
address filter to select an IPsec policy for a packet. You cannot specify protocol and a
service_name in the same policy.
Valid values: Integer value 0 (any protocol) - 255, or one of the following protocol names:
TCP
UDP
ICMP
ICMPV6
IGMP
MH (Mobile IPv6 Mobility Headers)
ALL (any protocol)
The protocols ICMP and IGMP are valid with IPv4 addresses only. The protocols ICMPV6 and MH
are valid with IPv6 addresses only.
The protocols ICMP and IGMP are valid with IPv4 addresses only. The protocol ICMPV6 is valid
with IPv6 addresses only.
The protocol_id must be TCP or UDP if port is non-zero.
Default: ALL.
ICMPv4 messages
If protocol_id is ICMP or ALL, the policy applies to all ICMPv4 message types by default. If
protocol_id is ICMP, you can restrict the policy to specific ICMPv4 message type values with
the -dst_icmp_type and -src_icmp_type arguments.
For more information, see“ICMPv4 Message Processing” (page 163).
CAUTION: Discarding or requiring ICMP messages for IPv4 (protocol value 1) to be encrypted
or authenticated may cause connectivity problems.
66 Configuring HP-UX IPSec