Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 Installing and Administering IPSec/9000 > Chapter 5 IPSec/9000 Configuration Examples

Example 1: Apple IPSec/9000 Policy Worksheets
» 

Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

 » Glossary

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

The three IPSec Policy configuration worksheets needed for Scenario One are shown below.

telnetAB Policy

Listed below are the parameters for IPSec Policy configuration. For additional information about individual parameters, refer to the online Help system in the IPSec Manager GUI.

IPSec Policy Worksheet

Date:

Installed by:

System name:

HP-UX version:

Apple

Description of Configuration ItemsConfiguration Value
Fill In or Circle Value Below

Name:

Default: NA- User choice

telnetAB

Policy Type:

Default: Ordered

Ordered or

Hashed

Ordered Policy Number (Index):

1

Local IP Address:

Default: * (any)

15.1.1.1

Local Prefix Length:

Range (IPv4): 0to 32
Range (IPv6): 0 to 128

32

Remote IP Address:

Default:* (any)

15.2.2.2

Remote Prefix Length:

Range (IPv4): 0 to 32
Range (IPv6): 0 to 128

32

Configure Policy Based on Service (Y/N). If Y is selected, complete section A below. If N is selected, complete section B below.

ADescription of Configuration ItemsConfiguration Value
Fill In or Circle Value Below

ServiceDNS-TCP, DNS-UDP, FTO data, FTP control, http-TCP, http-UDP, NTP, rexec, rlogin, rwho, remsh, remote print, SMTP, telnet, TFTP

Direction:

Default: Inbound

Inbound or Outbound

B

Description of Configuration Items

Configuration Value

Fill In or Circle Value Below

Protocol

Default: all

all, TCP, UDP, ICMP, IGMP or other

Local Port

Range: 1-65535 for TCP and UDP

 

Remote Port:

Default: 1-65535 for TCP and UDP

 

Apply to IP Packets

Default: Both

From Local to Remote

From Remote to Local

OrderIPSec Policy TransformLifetime (secs)Lifetime (kbs)
 

pass,

discard,

AH-MD5,

AH-SHA1,

ESP-DES,

ESP-DES-HMAC-MD5,

ESP-DES-HMAC-SHA1,

ESP-3DES,

ESP-3DES-HMAC-MD5,

ESP-3DES-HMAC-SHA1,

ESP-NULL-HMAC-MD5

ESP-NULL-HMAC-SHA1

NA

NA

Description of Configuration ItemsConfiguration Value
Fill In or Circle Value Below

IPSec Policy Tunnel ISAKMP Policy

 
IPSec Policy Tunnel Endpoint 

OrderIPSec Policy Tunnel Transform

Lifetime (secs)

Lifetime (kbs)

 

pass,

discard,

AH-MD5,

AH-SHA1,

ESP-DES,

ESP-DES-HMAC-MD5,

ESP-DES-HMAC-SHA1,

ESP-3DES,

ESP-3DES-HMAC-MD5,

ESP-3DES-HMAC-SHA1,

ESP-NULL-HMAC-MD5

ESP-NULL-HMAC-SHA1

NA

NA

telnetBA Policy

Listed below are the parameters for IPSec Policy configuration. For additional information about individual parameters, refer to the online Help system in the IPSec Manager GUI.

IPSec Policy Worksheet

Date:

Installed by:

System name:

HP-UX version:

Apple

Description of Configuration ItemsConfiguration Value
Fill In or Circle Value Below

Name:

Default: NA- User choice

telnet BA

Policy Type:

Default: Ordered

Ordered or
Hashed

Ordered Policy Number:

2

Local IP Address:

Default: * (any)

15.1.1.1

Local Prefix Length

Range (IPv4): 0 to 32
Range (IPv6): 0 to 128

32

Remote IP Address:

Default:* (any)

15.2.2.2

Remote Prefix Length:

Range (IPv4): 0 to 32
Range (IPv6): 0 to 128

32

Configure Policy Based on Service (Y/N). If Y is selected, complete section A below. If N is selected, complete section B below.

ADescription of Configuration ItemsConfiguration Value
Fill In or Circle Value Below

ServiceDNS-TCP, DNS-UDP, FTO data, FTP control, http-TCP, http-UDP, NTP, rexec, rlogin, rwho, remsh, remote print, SMTP, telnet, TFTP

Direction:

Default: Inbound

Inbound or Outbound

B

Description of Configuration Items

Configuration Value

Fill In or Circle Value Below

Protocol

Default: all

all, TCP, UDP, ICMP, IGMP or other

Local Port

Range: 1-65535 for TCP and UDP

 

Remote Port:

Default: 1-65535 for TCP and UDP

 

Apply to IP Packets

Default: Both

From Local to Remote

From Remote to Local

OrderIPSec Policy Transform

Lifetime (secs)

Lifetime (kbs)

 

pass,

discard,

AH-MD5,

AH-SHA1,

ESP-DES

ESP-DES-HMAC-MD5,

ESP-DES-HMAC-SHA1,

ESP-3DES,

ESP-3DES-HMAC-MD5,

ESP-3DES-HMAC-SHA1

ESP-NULL-HMAC-MD5

ESP-NULL-HMAC-SHA1

Description of Configuration ItemsConfiguration Value
Fill In or Circle Value Below
IPSec Policy Tunnel ISAKMP Policy 
IPSec Policy Tunnel Endpoint 

OrderIPSec Policy Tunnel Transform

Lifetime (secs)

Lifetime (kbs)

 

pass,

discard,

AH-MD5,

AH-SHA1,

ESP-DES,

ESP-DES-HMAC-MD5,

ESP-DES-HMAC-SHA1

ESP-3DES

ESP-3DES-HMAC-MD5

ESP-3DES-HMAC-SHA1

ESP-NULL-HMAC-MD5

ESP-NULL-HMAC-SHA1

Default Policy

Listed below are the parameters for default IPSec Policy configuration. For additional information about individual parameters, refer to the online Help system in the IPSec Manager GUI.

IPSec Policy Worksheet

Date:

Installed by:

System name:

HP-UX version:

Apple

Description of Configuration ItemsConfiguration Value
Fill In or Circle Value Below

Name:

Default: NA- User choice

default

Policy Type:

Default: Ordered

Ordered or
Hashed

Ordered Policy Number:

 

Local IP Address:

Default: * (any)

*

Local Prefix Length:

Range (IPv4): 0 to 32
Range (IPv6): 0 to 128

None

Remote IP Address:

Default:* (any)

*

Remote Prefix Length:

Range (IPv4): 0 to 32
Range (IPv6): 0 to 128

None

Configure Policy Based on Service (Y/N). If Y is selected, complete section A below. If N is selected, complete section B below.

ADescription of Configuration ItemsConfiguration Value
Fill In or Circle Value Below

ServiceDNS-TCP, DNS-UDP, FTO data, FTP control, http-TCP, http-UDP, NTP, rexec, rlogin, rwho, remsh, remote print, SMTP, telnet, TFTP

Direction:

Default: Inbound

Inbound or Outbound

B

Description of Configuration Items

Configuration Value

Fill In or Circle Value Below

Protocol

Default: all

all, TCP, UDP, ICMP, IGMP or other

Local Port

Range: 1-65535 for TCP and UDP

*

Remote Port:

Default: 1-65535 for TCP and UDP

*

Apply to IP Packets

Default: Both

From Local to Remote

From Remote to Local

OrderIPSec Policy TransformLifetime (secs)Lifetime (kbs)
 

pass,

discard,

AH-MD5,

AH-SHA1,

ESP-DES,

ESP-DES-HMAC-MD5,

ESP-DES-HMAC-SHA1,

ESP-3DES,

ESP-3DES-HMAC-MD5,

ESP-3DES-HMAC-SHA1,

ESP-NULL-HMAC-MD5

ESP-NULL-HMAC-SHA1

Description of Configuration ItemsConfiguration Value
Fill In or Circle Value Below
IPSec Policy Tunnel ISAKMP Policy 
IPSec Policy Tunnel Endpoint 

OrderIPSec Policy Tunnel Transform

Lifetime (secs)

Lifetime (kbs)

 

pass,

discard,

AH-MD5,

AH-SHA1,

ESP-DES,

ESP-DES-HMAC-MD5,

ESP-DES-HMAC-SHA1,

ESP-3DES,

ESP-3DES-HMAC-MD5,

ESP-3DES-HMAC-SHA1,

ESP-NULL-HMAC-MD5

ESP-NULL-HMAC-SHA1



Example 1: Description
  		 


Example 1: Apple ISAKMP Policy Worksheet  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 2001 Hewlett-Packard Development Company, L.P.