Implementing IPsec Task Map
Table 2–1 Implementing IPsec Task Map|
Task |
Description |
For Instructions, Go To … |
|---|---|---|
|
Secure traffic between two IPv6 systems |
Involves adding addresses to the /etc/inet/ipnodes file, entering IPsec policy in the /etc/inet/ipsecinit.conf file, manually adding keys with the ipseckey command, and invoking the ipsecinit.conf file. | |
|
Secure a Web server by using IPsec policy |
Involves enabling only secure traffic by entering different security requirements for different ports in the ipsecinit.conf file, and activating the file. | |
|
Set up a virtual private network |
Involves turning off IP forwarding, turning on IP strict destination multihoming, disabling most network and Internet services, adding security associations, configuring IPsec policy, and configuring a secure tunnel. VPN also involves turning on IP forwarding, configuring a default route, and running the routing protocol. | |
|
Generate random numbers |
Involves generating numbers from the Solaris /dev/random device. | |
|
Create security associations manually |
Involves using the ipseckey command to create security associations when additional interfaces are being protected. | |
|
Replace current security associations |
Involves flushing current security associations before you enter new keying material. | |
|
Check that IPsec is protecting the packets |
Involves examining snoop output for specific headers that indicate how the IP datagrams are protected |
- © 2010, Oracle Corporation and/or its affiliates