HP UX IPSec Software manual 37

HP-UX Configuration

On the HP-UX system, the host and tunnel policies are bi-directional (mirrored), so you configure only one host policy and only one tunnel policy. Since this is an end-to-end tunnel, the tunnel policy does not have to specify the tunnel endpoints. HP-UX IPSec will use the end source and end destination addresses as the tunnel addresses (the tsource and tdestination values default to the source and destination values).

ipsec_config add host foo1 -source 10.2.2.2 \

-destination 10.1.1.1 -action PASS -tunnel foo1_tunnel

ipsec_config add tunnel foo1_tunnel -source 10.2.2.2 \ -destination 10.1.1.1 -action ESP_3DES_HMAC_SHA1

You must also configure an IKE policy and an authentication record to complete the configuration:

ipsec_config add ike foo1 -remote 10.1.1.1 -auth PSK

ipsec_config add auth foo1 -remote 10.1.1.1 \ -psk my_preshared_key

Configuring a Windows End-to-End Tunnel Policy 37