JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Solaris Administration: IP Services     Oracle Solaris 11 Information Library
Oracle Technology Network
Library
PDF
Print View
Feedback
search filter icon
search icon

Document Information

Preface

Part I TCP/IP Administration

1.  Planning the Network Deployment

2.  Considerations When Using IPv6 Addresses

3.  Configuring an IPv4 Network

4.  Enabling IPv6 on the Network

5.  Administering a TCP/IP Network

6.  Configuring IP Tunnels

7.  Troubleshooting Network Problems

8.  IPv4 Reference

9.  IPv6 Reference

Part II DHCP

10.  About DHCP (Overview)

11.  Administering the ISC DHCP Service

12.  Configuring and Administering the DHCP Client

13.  DHCP Commands and Files (Reference)

Part III IP Security

14.  IP Security Architecture (Overview)

15.  Configuring IPsec (Tasks)

16.  IP Security Architecture (Reference)

17.  Internet Key Exchange (Overview)

Key Management With IKE

IKE Key Negotiation

IKE Key Terminology

IKE Phase 1 Exchange

IKE Phase 2 Exchange

IKE Configuration Choices

IKE With Preshared Key Authentication

IKE With Public Key Certificates

IKE Utilities and Files

18.  Configuring IKE (Tasks)

19.  Internet Key Exchange (Reference)

20.  IP Filter in Oracle Solaris (Overview)

21.  IP Filter (Tasks)

Part IV Networking Performance

22.  Integrated Load Balancer Overview

23.  Configuration of Integrated Load Balancer (Tasks)

24.  Virtual Router Redundancy Protocol (Overview)

25.  VRRP Configuration (Tasks)

26.  Implementing Congestion Control

Part V IP Quality of Service (IPQoS)

27.  Introducing IPQoS (Overview)

28.  Planning for an IPQoS-Enabled Network (Tasks)

29.  Creating the IPQoS Configuration File (Tasks)

30.  Starting and Maintaining IPQoS (Tasks)

31.  Using Flow Accounting and Statistics Gathering (Tasks)

32.  IPQoS in Detail (Reference)

Glossary

Index

IKE Utilities and Files

The following table summarizes the configuration files for IKE policy, the storage locations for IKE keys, and the various commands and services that implement IKE. For more about services, see Chapter 6, Managing Services (Overview), in Oracle Solaris Administration: Common Tasks.

Table 17-2 IKE Configuration Files, Key Storage Locations, Commands, and Services

File, Location, Command, or Service
Description
Man Page
svc:/network/ipsec/ike
The SMF service that manages IKE.
smf(5)
/usr/lib/inet/in.iked
Internet Key Exchange (IKE) daemon. Activates automated key management when the ike service is enabled.
in.iked(1M)
/usr/sbin/ikeadm
IKE administration command for viewing and temporarily modifying the IKE policy. Enables you to view IKE administrative objects, such as Phase 1 algorithms and available Diffie-Hellman groups.
ikeadm(1M)
/usr/sbin/ikecert
Certificate database management command for manipulating local databases that hold public key certificates. The databases can also be stored on attached hardware.
ikecert(1M)
/etc/inet/ike/config
Default configuration file for the IKE policy. Contains the site's rules for matching inbound IKE requests and preparing outbound IKE requests.

If this file exists, the in.iked daemon starts when the ike service is enabled. The location of this file can be changed by the svccfg command.
ike.config(4)
ike.preshared
Preshared keys file in the /etc/inet/secret directory. Contains secret keying material for authentication in the Phase 1 exchange. Used when configuring IKE with preshared keys.
ike.preshared(4)
ike.privatekeys
Private keys directory in the /etc/inet/secret directory. Contains the private keys that are part of a public-private key pair.
ikecert(1M)
publickeys directory
Directory in the /etc/inet/ike directory that holds public keys and certificate files. Contains the public key part of a public-private key pair.
ikecert(1M)
crls directory
Directory in the /etc/inet/ike directory that holds revocation lists for public keys and certificate files.
ikecert(1M)
Sun Crypto Accelerator 6000 board
Hardware that accelerates public key operations by offloading the operations from the operating system. The board also stores public keys, private keys, and public key certificates. The Sun Crypto Accelerator 6000 board is a FIPS 140-2 certified device at Level 3.
ikecert(1M)
Copyright © 1999, 2012, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous Next