Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

ipsec_config_show(1m) [hpux man page]

ipsec_config_show(1M)													     ipsec_config_show(1M)

NAME

       ipsec_config_show  -  display authentication records, bypass list, certificate information, host IPsec policies, IKE policies, tunnel poli-
       cies, and startup options

SYNOPSIS


       [auth_name]

       [ip_addr]

       [host_policy_name]

       [ike_policy_name]

       [ike_policy_name]

       [tunnel_policy_name]

DESCRIPTION

       The command displays authentication records, bypass list, certificate information, host IPsec policies, IKE policies,  tunnel  IPsec  poli-
       cies,  and startup options.  The command displays IPsec policies in descending priority order (highest priority to lowest, or lowest prior-
       ity number to highest priority number.

       The command displays the contents of the local certificate file

       The command displays the name of the CA certificate and CRL files in the directory.  It also displays the subject name for each CA certifi-
       cate file and the issuer name and valid dates for each CRL file.

       The  command  displays all configuration objects in the database.  It also displays information about the certificate for the local system,
       if one is configured.

EXAMPLES

       The following command displays the IPsec host policy named

       The following command displays all configuration objects in the database.

AUTHOR

       was developed by HP.

FILES

       configuration database.

       default			profile file.

SEE ALSO

       ipsec_admin(1M),  ipsec_config(1M),   ipsec_config_add(1M),   ipsec_config_batch(1M),   ipsec_config_delete(1M),   ipsec_config_export(1M),
       ipsec_mgr(1M), ipsec_migrate(1M), ipsec_policy(1M), ipsec_report(1M).

							   HP-UX IPSec Software Required				     ipsec_config_show(1M)

Check Out this Related Man Page

ipsec_policy(1M)														  ipsec_policy(1M)

NAME

       ipsec_policy -  HP-UX IPSec policy tester

SYNOPSIS

       src_ip_addr] dst_ip_addr] src_port] dst_port]

DESCRIPTION

       is  a  utility  program	that allows the HP-UX IPSec Administrator to query the active policy database to determine which host IPsec Policy
       will be used for an IP packet based on a packet descriptor, or 5-tuple, and the direction.  The packet descriptor consists of a	source	IP
       address,  source  port  number, destination IP address, destination port number, and network protocol.  If the host policy uses dynamic key
       Security Associations, also displays the authentication record and IKE policy selected.	If the authentication record contains  two  values
       for  the IKE (KMP) version, uses the first value and selects the IKE policy according to this value.  If the host policy uses a tunnel pol-
       icy, also displays the tunnel policy used.

       requires the optional HP-UX IPSec software.

       You must have superuser capabilities to run the utility.

   Command-Line Arguments
       recognizes the following command-line options and arguments:

	      Specifies the source IP address
		   (src_ip_addr) of the packet.  If the direction is out, this is the local IP address.  If the  direction  is	in,  this  is  the
		   remote IP address.

		   Acceptable values: An IPv4 address in dotted-decimal notation or an IPv6 address in colon-hexadecimal notation.

		   Default:  If  you omit the source address and destination address uses the wildcard IPv4 address If you omit the source address
		   but specify the destination address, uses the wildcard IPv4 address or wildcard IPv6  address  according  to  the  type  of	IP
		   address you specify for the destination address.

	      Specifies the source port number
		   (src_port)  of the packet.  If the direction is out, this is the local port number.	If the direction is in, this is the remote
		   port number.

		   Range: An unsigned integer in the range 1 - 65535.

		   Default: Any port number(0).

		   If you are making a query for an outbound client-server application where the source port number can be  any  user-space  port,
		   specify a "dummy" user-space port number for the source port, such as 65535.

	      Specifies the destination IP address
		   (dst_ip_addr)  of  the  packet.   If  the direction is out, this is the remote IP address.  If the direction is in, this is the
		   local IP address.

		   Acceptable values: An IPv4 address in dotted-decimal notation or an IPv6 address in colon-hexadecimal notation.

		   Default: If you omit the source address and destination address uses the wildcard IPv4 address  If  you  omit  the  destination
		   address  but  specify  the  source address, uses the wildcard IPv4 address or wildcard IPv6 address according to the type of IP
		   address you specify for the source address.

	      Specifies the destination port number
		   (dst_port) of the packet.  If the direction is out, this is the remote port number.	If the direction is in, this is the  local
		   port number.

		   Range: An unsigned integer in the range 1 - 65535.

		   Default: If omitted, any port number is assumed.

		   If  you  are  making  a query for an inbound client-server application where the client port number can be any user-space port,
		   specify a "dummy" user-space port number for the destination (server) port such as 65535.

	      Specifies the
		   network_protocol of the packet.

		   Acceptable values: (Mobile IPv6 Mobility Header), or

		   Default: Any network protocol(0).

	      Specifies the
		   direction for the packet specification.

		   Acceptable values: or

		   Default:

RETURN VALUE

       Upon successful completion, returns 0; otherwise it returns 1.

ERRORS

       fails if any of the following conditions is encountered:

	      o  Command used incorrectly - Usage message is returned.

	      o  HP-UX IPSec subsystem is not running - returns the following message:

EXAMPLES

   IPv4 Example
       On system A you want to determine which host IPsec policy will be used for outbound telnet traffic to system B or when local  users  telnet
       to  system B.  Since the telnet clients on system A will use any unused user-space TCP port and the telnet daemons on system B will use TCP
       port 23, you could use the following command:

       On system A you want to determine which host IPsec policy will be used for inbound telnet traffic from system B or when users on  system  B
       telnet to the local system.  Since the local telnet daemons will use TCP port 23 and clients on system B will use any unused user-space TCP
       port, you could use the following command:

   IPv6 example
       On system A you want to determine which host IPsec policy will be used for outbound telnet traffic to system B or when local  users  telnet
       to  system B.  Since the telnet clients on system A will use any unused user-space TCP port and the telnet daemons on system B will use TCP
       port 23, you could use the following command:

       On system A you want to determine which host IPsec policy will be used for inbound telnet traffic from system B or when users on  system  B
       telnet to the local system.  Since the local telnet daemons will use TCP port 23 and clients on system B will use any unused user-space TCP
       port, you could use the following command:

WARNINGS

       requires the optional HP-UX IPSec software.

AUTHOR

       was developed by HP.

SEE ALSO

       ipsec_admin(1M),  ipsec_config(1M),   ipsec_config_add(1M),   ipsec_config_batch(1M),   ipsec_config_delete(1M),   ipsec_config_export(1M),
       ipsec_config_show(1M), ipsec_migrate(1M), ipsec_report(1M).

							   HP-UX IPSec Software Required					  ipsec_policy(1M)
Man Page