Go to main content

Securing the Network in Oracle® Solaris 11.3

Exit Print View

Updated: April 2019

IPsec and Oracle Solaris Zones

IPsec is supported in Oracle Solaris Zones called exclusive-IP zones. Every zone can have its own IPsec policy and IKE configuration and is treated like a separate host.

Shared-IP zones in Trusted Extensions do not support IPsec per zone because these zones do not have their own IP stack. For shared-IP zones, the IPsec policy and IKE configuration are performed in the global zone. The IPsec policy rules for the shared-IP zone are the rules for the zone's shared IP address.

For more information, see Chapter 1, Oracle Solaris Zones Introduction in Introduction to Oracle Solaris Zones and Access to Labeled Zones in Trusted Extensions Configuration and Administration.