HP UX IPSec Software manual 25

Figure 11 Selecting the Filter Action

Step 6: Configuring the IKE Authentication Method and Preshared Key for the Rule

When configuring a rule to be compatible with HP-UX IPSec, the authentication method specifies the IKE authentication method (preshared key or certificates) for IPsec. The authentication method must match the value specified for the -authenticationargument in the ipsec_config add ike command.

Windows also allows you to configure Kerberos (Active Directory) as an authentication method for IKE (this is the default), but HP-UX does not support this authentication method.

Use the following procedure to configure the IKE authentication method:

1.Select the Authentication Methods tab from the Rule Properties dialog box.

2.Click Add to open the Authentication Method dialog box.

3.To use IKE authentication with a preshared key, select Use this string. This is equivalent to specifying -authentication PSK in the ipsec_config add ike command.

Enter the preshared key as ASCII text. Do not enclose the key in double quotes. The preshared key must match the preshared key on the HP-UX system, which is configured using the -presharedargument in the ipsec_config add auth command. For example:

Configuring a Windows Host-to-Host Policy 25