AIX

AIX

Connect with fellow AIX users and experts to gain knowledge, share insights, and solve problems.


#Power
 View Only
  • 1.  aix 6.1 + ipsec filtering

    Posted Mon January 17, 2011 05:20 AM

    Originally posted by: rmokkink


    I am currently busy with aix 6.1 secure by default. And i want to implement ipsec filtering, so that we can harden the hosts in the DMZ.
    What is don't understand is that, it looks like ipsec filtering is already in place.

    I followed the section in publib about installing ipsec filtering, the needed bundles etc are installed, but using smit ipsec4 to enable or doing it on the commandline using mkdev, it won't create the ipsec device.

    What am i doing wrong, or did i misunderstood?

    Please advice.

    Thanks in advance.
    #AIX-Forum


  • 2.  Re: aix 6.1 + ipsec filtering

    Posted Thu January 20, 2011 05:40 AM

    Originally posted by: flodstrom


    Not entirely sure what you are trying to do here?

    Do you want to set-up a local firewall on your host?

    IPSec filtering?!? That just doesn't make any sence to me, do you by any chance mean IPFilter? As far as I remember that term "IPSec filter" was only used as an obscure workaround to provide firewall like capabilities to pre WindowsXP SP2 hosts.

    In case you do mean to set-up a firewall on your host then you want to use IPFilter. However note that IPFilter is not installed by default, just grab it from the AIX 6.1 DVD.
    #AIX-Forum


  • 3.  Re: aix 6.1 + ipsec filtering

    Posted Mon January 31, 2011 08:33 AM

    Originally posted by: usrb


    What version of AIX do you have?
    I think that prerequisite is installed package clic.rte.

    You should have ipsec_v4 Available before you can add and activate rules:
    root@host #lsdev | grep ipsec_v4
    ipsec_v4 Available IP Version 4 Security Extension
    #AIX-Forum