The Solaris software includes an IPsec policy file as a sample. This sample file is named ipsecinit.sample. You can use the file as a template to create your own ipsecinit.conf file. The ipsecinit.sample file contains the following examples:
# # For example, # # {rport 23} ipsec {encr_algs des encr_auth_algs md5} # # will protect the telnet traffic originating from the host with ESP using # DES and MD5. Also: # # {raddr 10.5.5.0/24} ipsec {auth_algs any} # # will protect traffic to or from the 10.5.5.0 subnet with AH # using any available algorithm. # # # To do basic filtering, a drop rule may be used. For example: # # {lport 23 dir in} drop {} # {lport 23 dir out} drop {} # # will disallow any remote system from telnetting in. |