HPE Community
Operating System - HP-UX
1833780 Members
2688 Online
110063 Solutions
New Discussion

Ipsec for 11iv2

 
SOLVED
Go to solution
Aykut Guven
Regular Advisor

‎03-08-2006 03:49 AM

‎03-08-2006 03:49 AM

Ipsec for 11iv2

Hello,

I downloaded and installed IPSec for my PARISC servers with OS 11.23. I cannot see any executable like ipsec_mgr in order to configure ipsec.

Did I do something wronge?

Thanks
UPS
0 Kudos
8 REPLIES 8
Arunvijai_4
Honored Contributor

‎03-08-2006 03:53 AM

‎03-08-2006 03:53 AM

Re: Ipsec for 11iv2

Hello,

Do a "swverify" of IPSec depot,

# swverify J4256AA

and check to see for any errorss. You can always download latest version from here,

http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=J4256AA

-arun
"A ship in the harbor is safe, but that is not what ships are built for"
0 Kudos
Aykut Guven
Regular Advisor

‎03-08-2006 06:08 PM

‎03-08-2006 06:08 PM

Re: Ipsec for 11iv2

root@hpedu2 /usr/sbin # swverify IPSec

======= 03/09/06 00:04:19 MST BEGIN swverify SESSION
(non-interactive) (jobid=hpedu2-0032)

* Session started for user "root@hpedu2".

* Beginning Selection
* Target connection succeeded for "hpedu2:/".
* Software selections:
IPSec.IPSEC-MAN,l=/,r=A.02.01,a=HP-UX_B.11.23_IA/PA,v=HP,fr=A.02.01,fa=HP-UX_B.11.23_IA/PA
IPSec.IPSEC2-GUI,l=/,r=A.02.01,a=HP-UX_B.11.23_IA/PA,v=HP,fr=A.02.01,fa=HP-UX_B.11.23_PA
IPSec.IPSEC2-KRN,l=/,r=A.02.01,a=HP-UX_B.11.23_IA/PA,v=HP,fr=A.02.01,fa=HP-UX_B.11.23_PA
IPSec.IPSEC2-RUN,l=/,r=A.02.01,a=HP-UX_B.11.23_IA/PA,v=HP,fr=A.02.01,fa=HP-UX_B.11.23_PA
+ PHKL_31500.NET2-KRN,l=/,r=1.0,a=HP-UX_B.11.23_IA/PA,v=HP,fr=1.0,fa=HP-UX_B.11.23_PA
* A "+" indicates an automatic selection due to dependency or
the automatic selection of a patch or reference bundle.
* Selection succeeded.


* Beginning Analysis
* Session selections have been saved in the file
"/.sw/sessions/swverify.last".
* The analysis phase succeeded for "hpedu2:/".
* Verification succeeded.


NOTE: More information may be found in the agent logfile using the
command "swjob -a log hpedu2-0032 @ hpedu2:/".

======= 03/09/06 00:04:25 MST END swverify SESSION (non-interactive)
(jobid=hpedu2-0032)

When I gave the command "swverify IPSec" It gives the output above. I had installed the last version.

I can see the executables as you can see below. I may be wronge but I was expecting to see "ipsec_mgr" executable in order to configure the security. Is it still exist or not?

Thanks

root@hpedu2 /usr/sbin # ls ip*
ipsec_admin ipsec_migrate ipsec_report
ipsec_config ipsec_policy ipv6agt
root@hpedu2 /usr/sbin #
UPS
0 Kudos
Arunvijai_4
Honored Contributor

‎03-08-2006 06:44 PM

‎03-08-2006 06:44 PM

Re: Ipsec for 11iv2

Hello,

Could you do a # swlist -l file IPSec ?

It will list all the files in the depot, you can check ipsec_mgr is available or not.

-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
0 Kudos
Aykut Guven
Regular Advisor

‎03-08-2006 06:48 PM

‎03-08-2006 06:48 PM

Re: Ipsec for 11iv2

root@hpedu2 / # swlist -l file IPSec
# Initializing...
# Contacting target "hpedu2"...
#
# Target: hpedu2:/
#

# IPSec A.02.01 HP-UX IPSec
# IPSec.IPSEC-MAN A.02.01 IPSec MAN
IPSec.IPSEC-MAN: /usr/share/man/man1m.Z/ipsec_admin.1m
IPSec.IPSEC-MAN: /usr/share/man/man1m.Z/ipsec_config.1m
IPSec.IPSEC-MAN: /usr/share/man/man1m.Z/ipsec_config_add.1m
IPSec.IPSEC-MAN: /usr/share/man/man1m.Z/ipsec_config_batch.1m
IPSec.IPSEC-MAN: /usr/share/man/man1m.Z/ipsec_config_delete.1m
IPSec.IPSEC-MAN: /usr/share/man/man1m.Z/ipsec_config_export.1m
IPSec.IPSEC-MAN: /usr/share/man/man1m.Z/ipsec_config_show.1m
IPSec.IPSEC-MAN: /usr/share/man/man1m.Z/ipsec_migrate.1m
IPSec.IPSEC-MAN: /usr/share/man/man1m.Z/ipsec_policy.1m
IPSec.IPSEC-MAN: /usr/share/man/man1m.Z/ipsec_report.1m
# IPSec.IPSEC2-GUI A.02.01 IPSec GUI
IPSec.IPSEC2-GUI: /usr/sbin/ipsec_migrate
IPSec.IPSEC2-GUI: /var/adm/ipsec/migration/IPSecMigrate.jar
IPSec.IPSEC2-GUI: /var/adm/ipsec/migration/migration.properties
IPSec.IPSEC2-GUI: /var/adm/ipsec_gui
IPSec.IPSEC2-GUI: /var/adm/ipsec_gui/cron
IPSec.IPSEC2-GUI: /var/adm/ipsec_gui/cron/baltimoreCRL.cron
IPSec.IPSEC2-GUI: /var/adm/ipsec_gui/cron/crl.cron
IPSec.IPSEC2-GUI: /var/adm/ipsec_gui/lib
IPSec.IPSEC2-GUI: /var/adm/ipsec_gui/lib/.openssl.cnf
IPSec.IPSEC2-GUI: /var/adm/ipsec_gui/lib/.rnd
IPSec.IPSEC2-GUI: /var/adm/ipsec_gui/lib/CRL.jar
IPSec.IPSEC2-GUI: /var/adm/ipsec_gui/lib/OpenSSL_LICENSE
IPSec.IPSEC2-GUI: /var/adm/ipsec_gui/lib/convert_crl
IPSec.IPSEC2-GUI: /var/adm/ipsec_gui/lib/libentrust.sl
IPSec.IPSEC2-GUI: /var/adm/ipsec_gui/lib/libipaddrcheck.sl
IPSec.IPSEC2-GUI: /var/adm/ipsec_gui/lib/libipsecauthchk.sl
IPSec.IPSEC2-GUI: /var/adm/ipsec_gui/lib/libpassword.sl
IPSec.IPSEC2-GUI: /var/adm/ipsec_gui/lib/libpfkeymon.sl
IPSec.IPSEC2-GUI: /var/adm/ipsec_gui/lib/libsstore.sl
IPSec.IPSEC2-GUI: /var/adm/ipsec_gui/lib/libverisign.sl
IPSec.IPSEC2-GUI: /var/adm/ipsec_gui/lib/pkcs12
IPSec.IPSEC2-GUI: /var/adm/ipsec_gui/lib/req
IPSec.IPSEC2-GUI: /var/adm/ipsec_gui/lib/x509
# IPSec.IPSEC2-KRN A.02.01 IPSec kernel distribution (PA)
IPSec.IPSEC2-KRN: /usr/conf/lib/libauth.a
IPSec.IPSEC2-KRN: /usr/conf/lib/libencdom-pdk.a
IPSec.IPSEC2-KRN: /usr/conf/lib/libencdom.a
# IPSec.IPSEC2-RUN A.02.01 IPSec runtime distribution
IPSec.IPSEC2-RUN: /sbin/init.d/ipsec
IPSec.IPSEC2-RUN: /sbin/rc1.d/K640ipsec
IPSec.IPSEC2-RUN: /sbin/rc2.d/S011ipsec
IPSec.IPSEC2-RUN: /usr/local/lib/libkmp.sl
IPSec.IPSEC2-RUN: /usr/sbin/ikmpd
IPSec.IPSEC2-RUN: /usr/sbin/ipsec_admin
IPSec.IPSEC2-RUN: /usr/sbin/ipsec_config
IPSec.IPSEC2-RUN: /usr/sbin/ipsec_policy
IPSec.IPSEC2-RUN: /usr/sbin/ipsec_report
IPSec.IPSEC2-RUN: /usr/sbin/secauditd
IPSec.IPSEC2-RUN: /usr/sbin/secpolicyd
IPSec.IPSEC2-RUN: /var/adm/ipsec
IPSec.IPSEC2-RUN: /var/adm/ipsec/.ipsec_info
IPSec.IPSEC2-RUN: /var/adm/ipsec/.ipsec_profile
IPSec.IPSEC2-RUN: /var/adm/ipsec/cainfo.txt
IPSec.IPSEC2-RUN: /var/adm/ipsec/config.db
IPSec.IPSEC2-RUN: /var/adm/ipsec/ipsec_convert.sh
IPSec.IPSEC2-RUN: /var/adm/ipsec/ipsec_status.sh
IPSec.IPSEC2-RUN: /var/adm/ipsec/migration/infoprev
IPSec.IPSEC2-RUN: /var/adm/ipsec/migration/skeleton.db.020000
IPSec.IPSEC2-RUN: /var/adm/ipsec/migration/sqlite
IPSec.IPSEC2-RUN: /var/adm/ipsec/template
IPSec.IPSEC2-RUN: /var/adm/ipsec/template/end-to-end-tunnel
IPSec.IPSEC2-RUN: /var/adm/ipsec/template/end-to-gateway
IPSec.IPSEC2-RUN: /var/adm/ipsec/template/host-to-host
IPSec.IPSEC2-RUN: /var/adm/ipsec/template/manual-keys
IPSec.IPSEC2-RUN: /var/adm/ipsec/template/mipv6
IPSec.IPSEC2-RUN: /var/adm/ipsec/util
IPSec.IPSEC2-RUN: /var/adm/ipsec/util/ipsec_config2
root@hpedu2 / #
UPS
0 Kudos
Arunvijai_4
Honored Contributor

‎03-08-2006 06:51 PM

‎03-08-2006 06:51 PM

Solution

Re: Ipsec for 11iv2

Hello,

As seen from the above output, there is no ipsec_mgr listed. Possibly, it could have obsoleted by some other utility like, /usr/sbin/ipsec_admin or /usr/sbin/ipsec_migrate

-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
0 Kudos
Yogeeraj_1
Honored Contributor

‎03-08-2006 06:58 PM

‎03-08-2006 06:58 PM

Re: Ipsec for 11iv2

hi aykut,

this has been replaced by ipsec_config. The ipsec_config utility provides a command-line interface with batch mode and dynamic configuration capabilities.

see: http://h20293.www2.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=J4256AA


hope this helps!

kind regards

yogeeraj
No person was ever honoured for what he received. Honour has been the reward for what he gave (clavin coolidge)
0 Kudos
Aykut Guven
Regular Advisor

‎03-08-2006 07:00 PM

‎03-08-2006 07:00 PM

Re: Ipsec for 11iv2

It is ok.
UPS
0 Kudos
Yogeeraj_1
Honored Contributor

‎03-08-2006 07:01 PM

‎03-08-2006 07:01 PM

Re: Ipsec for 11iv2

hi again,

from your above post, it should be found in:

/usr/sbin/



root@hpedu2 /usr/sbin # ls ip*
ipsec_admin ipsec_migrate ipsec_report
ipsec_config ipsec_policy ipv6agt
root@hpedu2 /usr/sbin #




kind regards
yogeeraj
No person was ever honoured for what he received. Honour has been the reward for what he gave (clavin coolidge)
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.