Task |
Description |
For Instructions, Go To … |
---|---|---|
Secure traffic between two IPv6 systems |
Involves adding addresses to the /etc/inet/ipnodes file, entering IPsec policy in the /etc/inet/ipsecinit.conf file, manually adding keys with the ipseckey command, and invoking the ipsecinit.conf file. | |
Secure a Web server by using IPsec policy |
Involves enabling only secure traffic by entering different security requirements for different ports in the ipsecinit.conf file, and activating the file. | |
Set up a virtual private network |
Involves turning off IP forwarding, turning on IP strict destination multihoming, disabling most network and Internet services, adding security associations, configuring IPsec policy, and configuring a secure tunnel. VPN also involves turning on IP forwarding, configuring a default route, and running the routing protocol. | |
Generate random numbers |
Involves generating numbers from the Solaris /dev/random device. | |
Create security associations manually |
Involves using the ipseckey command to create security associations when additional interfaces are being protected. | |
Replace current security associations |
Involves flushing current security associations before you enter new keying material. | |
Check that IPsec is protecting the packets |
Involves examining snoop output for specific headers that indicate how the IP datagrams are protected |