Manualshelf

HP-UX IPSec Version A.03.02.02 Administrator's Guide HP-UX 11i version 2 and HP-UX 11i version 3 (762800-001, April 2014)

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software
919293949596979899100
----------------- IPSec Status Report -----------------
Time: Thu Dec 24 15:21:37 1998
secauditd program: Running and responding
secpolicyd program: Running and responding
ikmpd program: Running and responding
IPSec kernel: Up
IPSec Audit level: Error
IPSec Audit file: /var/adm/ipsec/auditThu-Dec-24-15-21-49-1998.log
Max Audit file size: 100 KBytes
Level 4 tracing: None
-------------- End of IPSec Status Report -------------
During normal operation, the status of the secauditd , secpolicyd and ikmpd programs
will be Running and responding and the status of the IPSec kernel will be Up.
5. Verify host IPsec policies with AH or ESP transforms.
To verify proper operation of host IPsec policies with AH or ESP transforms, generate network
traffic that matches the IPsec policy packet filter or that matches the IPsec policy IP address,
port, and protocol parameters.
After doing so, enter the following command to display the IKE and IPsec SAs:
ipsec_report -sa
Alternatively, you can enter the following command:
ipsec_report -all
You should see two IPsec SAs (one for each direction) and one IKE SA. The output will be
similar to the following:
------------- IPsec SA ----------------
Sequence number: 1
SPI (hex): BE882 State: MATURE
SA Type: ESP with AES128-CBC encryption and HMAC-SHA1 authentication
Src IP Addr: 10.1.1.1 Dst IP Addr: 10.2.2.2
--- Current Lifetimes ---
bytes processed: 6256
addtime (seconds): 3
usetime (seconds): 30
--- Hard Lifetimes ---
bytes processed: 0
addtime (seconds): 28800
usetime (seconds): 0
--- Soft Lifetimes ---
bytes processed: 0
addtime (seconds): 24091
usetime (seconds): 0
------------- IPsec SA ----------------
Sequence number: 2
SPI (hex): 100782 State: MATURE
SA Type: ESP with AES128-CBC encryption and HMAC-SHA1 authentication
Src IP Addr: 10.2.2.2 Dst IP Addr: 10.1.1.1
--- Current Lifetimes ---
bytes processed: 6256
addtime (seconds): 3
usetime (seconds): 30
--- Hard Lifetimes ---
bytes processed: 0
addtime (seconds): 28800
usetime (seconds): 0
--- Soft Lifetimes ---
bytes processed: 0
addtime (seconds): 24091
usetime (seconds): 0
Step 8: Committing the Batch File Configuration and Verifying Operation 97