Solaris 9 IPSec support

I am currently attempting to activate IPSecurity on Solaris and I am having a host of issues. I am hoping someone on the forums have done this before.
Here are the steps that I have figured out:
1) Create Certificates and add them into the database: I am fairly certain that this has been done correctly since when the in.iked daemon comes up it reads in my CA certificate and my server certificate that I have created.
2) Edit the /etc/inet/ike/config file. I have edited this file but there is an odd thing here. Looking at the man page it says that I should be able to do use AES for the phase 1 SA. However when I use the key word for the aes it tells me it is an error. <Question> Is the AES support only on 10? Is there away I can tell the version of the in.iked daemon I am working with?
3) Activate the in.iked server with the config file. I have done this and used the -p2 -d options so I can see the log file that goes with it.
4)Update the /etc/inet/ipsec.init file: I have done this but here is another instance that things do not make sense. I create a phase 2 proposal devoid of all encryption algorithms and the default one came up. It only had AES and Blowfish. There was no Triple DES option available even though in the man page is there. <question> how do I get the version number of the ipsecconf command.
5)I then use the ipsecconf command to suck in the ipsec.init profile. I have done this successfully with AES and can do a list display.
Usage<<<< I attempt to run a traffic from my solaris to my partner machine that matches the phase 2 traffic descriptors however when the traffic arrives it is not encrypted and the solaris did not attempt to negotiate a tunnel.
When I attempt to initiate a VPN from the other side all I get is parameter mismatch on the Solaris side however the parameters that I have configured all seem to match.
<Questions>
1) Is there some better messages available above -p2 -d
2) Is there a way to initiate a phase 1 negotiation on the SA. ikeadm command does not seem to have that.
3) Is there a service that I have to activate to start the IPSecurity pieces?

http://www.sun.com/servers/coolthreads/t2000/specs.xml
no.
Darren

Similar Messages

  • Solaris 8 support for CMD-649

    Does Solaris 8 support the CMD-649 PCI to IDE device?
    dp

    Currently Solaris 10 is not supported in CSA 5 or the upcoming CSA 6. I am told that they will be adding Solaris 10 for CSA 6 but it is unknown as to when this will be released.

  • Solaris 10 Support for CSA

    Is solaris 10 supported for CSA software, I can only see solaris 8 and 9 on the tech specs

    Currently Solaris 10 is not supported in CSA 5 or the upcoming CSA 6. I am told that they will be adding Solaris 10 for CSA 6 but it is unknown as to when this will be released.

  • Does Solaris 10 support cisco Virtual Port Channels over IP?

    Does anyone know if Solaris 10 support cisco Virtual Port Channels open IP?

    Hi user11114413,
    The issue you are seeing actually has little to do with VIP, and more to do with there being multiple IP addresses for us to choose from on your box. For such multi-IP boxes, you'll want to tell us the IP to use, and in your case you want to tell as a VIP. This can be done either by editing your operational configuration file, and including an <address> element within the <unicast-listener> element, or via the tangosol.coherence.localhost system property. For example:
    <unicast-listener>
        <well-known-addresses>
            <socket-address id="1">
                <address>1.2.3.260</address> <!--virtual ip -->
                <port>8088</port>
            </socket-address>
        </well-known-addresses>
        <address>1.2.3.260</address> <!--virtual ip -->
        <port>8088</port>
    </unicast-listener>or
    java ... -Dtangosol.coherence.localhost=1.2.3.260If you are using the same operational configuration on all nodes in your cluster then the system property approach is likely preferable, and would only be necessary on the two machines sharing the VIP.
    As for using VIP or an extended WKA list, the choice is yours, either will work. If you do go the VIP route, it would obviously be a very bad idea to simultaneously use the same VIP and port at the same time from the two machines.
    thanks,
    Mark
    Oracle Coherence

  • Maximum Disk-Volume Capacity Solaris 8 supports (SPARC) ?

    Any one knows what is the maximum capacity that Solaris 8 on SPARC supports for storage-set ( Raid set, Stripe Set ...)
    Can Solaris 8 supports file system up to 2 Terabyes ?
    Thanks

    Yup.
    EOL in November 2002
    Which means EOSL November 2007
    http://sunsolve.sun.com/handbook_pub/validateUser.do?target=Systems/U10/U10
    Unless you've somehow maintained a service contract on that system,
    by specific system serial number,
    your best bet is to haunt an online auction site (such as Ebay),
    and get a replacement cpu or cpus for shelf stock.
    Your current OBP patch level is only down two patch levels,
    but your kernel patch level is essentially "never patched".
    If it were patched better it may have noticed the issue a lot sooner.
    Expect to replace that cpu.

  • Is the Fujitsu-Solaris platform supported (ALL PRODUCTS)?

    Is the Fujitsu-Solaris platform supported for Netscape/iPlanet products?
    <P>
    Quality assurance (QA) tests Netscape and iPlanet products (Solaris versions)
    on Sun SPARC systems with the Solaris operating system from Sun Microsystems.
    This setup is the reference platform.
    <P>
    If you run Netscape or iPlanet products on a SPARC/Solaris compatible system
    (assuming the system is 100% compatible), the product should perform as
    described. However, if you discover a compatibility problem on such a system,
    Netscape/iPlanet Technical Support typically attempts to reproduce the defect
    on the reference SPARC/Solaris platform. Then, if they find that the problem
    exists on the reference platform, they will forward the defect on to
    engineering for resolution.

    Yes
    We have plan to buy and use Aardvark OEM I2C Host Adapter and use it with LabView2013.
    I am searching if this device already has LabView VI's for I2C communication.
    I am not sure If we can use the VI's for Aardvark I2C/SPI Host Adapter to Aardvark OEM I2C Host Adapter.
    Before we decide  to buy Aardvark OEM I2C Host Adapter we just want to make sure that we can use it.
    Best Thanks.
    Jessie

  • Does Solaris 10 supports Lexmark PCL printers

    Hi.
    I need to know if Solaris 10 supports for sure PCL laser printers, I'm talking about Lexmark E120n (TCP/IP) and Lexmark E232 (Paralel). As I know these printers support PostScript with Mac OS only.
    In technical specification of these printers is not mentioned that they support Solaris. However laser printers that support languages like PCL are able to work with other drivers. For example I used HP LaserJet 1200 with HP LJ4 driver and it worked fine (not on Unix !).
    I checked drivers that are supplyed with Solaris, it has drivers for Lexmark Optra E and Lexmark E210.
    Thank you.

    In Lexmark. there are no Solaris drivers for E232 and E120.
    These printers support only PCL.
    All laser printers can work with other generic drivers that support its supported languages (PCL in my case).
    In Printer Administrator, Solaris 10 has spooler for PCL printers.
    I tryed and it works. However, Solaris 8 really can print only on PostScript printers.
    Linux Fedora Core 5, has built in CUPS spooler and good print server.
    I'll use it to share printer between other computers (based on Solaris 10 and other Operating Systems).

  • Can Solaris 11 support Solaris 8/9 container?

    Dear all,
    I am new to Solaris 11. I know that Solaris 10 SPARC can support Solaris 8/9 container.
    So, Can Solaris 11 SPARC support Solaris 8/9 container?
    Wait for your feedback.
    Mike

    Hi Mike
    For future reference, this may not be the best forum to use for Solaris Zones related questions... but, in this case, legacy branded zones (Solaris 8, Solaris 9, and Linux) are only supported on Solaris 10. This is documented here: http://docs.oracle.com/cd/E23824_01/html/E24456/glhcg.html
    John

  • Solaris 10 support on Sun Storedge 6120/6020

    Hi ,
    I have bought a SE6120 arrays attach to two Sun Fire 4800 as cluster
    shared storage with Solaris 9 OS. I intend to upgrade the OS to Solaris 10. But after find the information at sunsolve.sun.com, it not mention about wether Solaris 10. Hope somebody will provide me solution..
    Thanks in advance !!
    Message was edited by:
    Mohd.Suhaimi

    The array is supported with Solaris 10. The noticeable change from prior OS is that the SAN drivers and packages are included with the base OS. You do not need to add anything as you did for Solaris 9 and 10.

  • Solaris 10 Support for Gigabyte GA-MA78G-DS3H Motherboard

    Dear sirs,
    I have been trying to get Solaris 10 to run properly on a Gigabyte GA-MA78G-DS3H Motherboard.
    The Solaris 10 operating system installed ok, but I have no network support. This is due to the standard and update drivers not working for this motherboard. I also cannot get video or audio subsystems to work.
    I know this is due to Solaris 10 not recognising this motherboard, but my question is: Will Solaris 10 be supproting this motherboard in the future and doea anybody know if there are any Linux drivers which may work?
    This is a link to the motherboard specs:
    http://www.gigabyte.com.tw/Products/Motherboard/Products_Spec.aspx?ClassValue=Motherboard&ProductID=2800&
    ProductName=GA-MA78G-DS3H
    Any help you may be able to give me would be most appreciated.

    You can try this detection tool to see if Solaris 10 is/is not supporting your motherboard:
    [http://www.sun.com/bigadmin/hcl/hcts/device_detect.jsp|http://www.sun.com/bigadmin/hcl/hcts/device_detect.jsp]
    I doubt that Solaris 10 will be supporting more hardware/motherboard.
    Have you tried Opensolaris? Opensolaris supportes more hardware than Solaris 10.
    HCL for Opensolaris is [http://www.sun.com/bigadmin/hcl/data/os/|http://www.sun.com/bigadmin/hcl/data/os/]

  • IPSEC Support in 6500 Code?

    Guys does anyone know if the most recent 12.2 IOS code for the 6500 (sup 720) is capable of doing IPSEC VPN's without the VPN module? I can't seem to find a definitive answer to this on the website.
    Thanks!

    Hi,
    As you can see on the release notes for for example 12.2(18)SXD:
    http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/122sx/ol_4164.ht
    m
    "The k9 images support SSH 3DES access and the IPSec Network Security feature (configured
    with the crypto ipsec command) in software"
    This is not a good idea to use 6500 to use for software 3DES for encryption and decryption
    and we DON'T recommend to use 6500 for VPN without having VPNSM.
    This probably is not regarded as a valid/advised configuration...
    Please rate helpful posts.
    Regards,
    ~JG

  • 11gR2 Solaris 11 support

    Is 11gR2 (11.2.0.2) of the Oracle DB supported on Solaris 11 64bit? Trying to install it and having problems with the runInstaller utility.

    Hi;
    Is 11gR2 (11.2.0.2) of the Oracle DB supported on Solaris 11 64bit? Trying to install it and having problems with the runInstaller utility.If you use certification matrix you will see its only certified wiht solaris 10(sparc 64 - x86-64) , you can not use solaris 11 yet
    Regard
    Helios

  • Solaris Container Support for Oracle Products

    Hi,
    Is there a special list about which Oracle products support Solaris Containers? Or can I assume that all products support the container technology?
    I cant find any related information on this...

    We run Oracle databases and application servers without any problems.
    In the licencing documentations zones are explictly mentioned as capped zones are supported to partition a system.
    So if you have an eight-core maschine but give the zone only one, you have only to licence this core.
    Have a look at this document
    http://www.oracle.com/us/corporate/pricing/partitioning-070609.pdf
    As said before if your software does not need low level access to the hardware or the kernel (as eg. a backup server or a nfs server) it should run fine into a zone.

  • Solaris 8 support

    Hi!
    Sorry if this is a wrong forum.
    We would like to move to Solaris 10 and are currently using Solaris 8.
    But would like to know when will Sun stop supporting
    Solaris8? or if they have already stopped.
    Thanks,
    -srip

    Well, if you have a Spectrum contract you should check out infodoc 10012. Basicly Suns Support division supports a Solaris release up til five years after its "last ship" date. During the first two years patches are created etc, during the remaining three years Sun offers telephone support and access to existing patches.
    The Last-Shipment date for Solaris 8 isn't decided yet, at least not as far as i can see, so it should be supported for another few years.
    //M.

  • Does Solaris 10 support OmniORB v.4.1?

    Hi Guys,
    Just want to confirm if OmniORB v. 4.1 is still compatible in Solaris 10.
    If not any suggestion what can I use to replace OmniORB v.4.1?

    Hello Bruce,
    each new release adds some features and new kernels.
    It's not possible use patches to get these features.
    To support new systems between the release cycle (Solaris 10 3/05 GA, Solaris 10 1/06), there are <b>temporary</b> HW releases (Solaris 10 HW1, HW2).
    Btw. the <b>temporary</b> is a quote from the "Release Notes Supplement for Solaris 10 3/05 HW2".
    In Solaris 8 there have been PSR releases after the last "normal" release Solaris 8 2/02.
    The features from the HW releases are included in the next following release. That means the two HW releases are replaced by the Solaris 10 1/06.
    <table border="0" align="center" width="90%" cellpadding="3" cellspacing="1"><tr><td class="SmallText"><b>Quote:</b></td></tr><tr><td class="quote">
    The minimum OS version for 1.5 GHz UltraSPARC IV+ processors is Solaris 9 9/05 and Solaris 10 3/05 HW1
    The minimum OS version for 1.35 GHz UltraSPARC IV processors is Solaris 8 2/04, Solaris 9 4/04, and Solaris 10 3/05
    </td></tr></table>
    Unfortunately systems that can be upgraded to UltraSPARC IV+ are beyond the scope of these user-to-user forums.
    Michael

Maybe you are looking for

  • Isc update. is there a cure? my phone is now totally wacked out!

    sorry... ICS update. my phone acts like it has some kind of virus. very sluggish. random previous text and mms come up in enter field of random text contacts. if I access camera from front screen icon and snap a picture, it automatically posts it to

  • Fan is not working.. switching off automatically every 10 mins

    fan is not working.. wat to do...my lapi is switing off after every 10 mins

  • Concurrent Employment

    We have concurrent employment maintained in our project. I need to develop reports based on PNPCE LDB. I wanted to know major differences between PNP and PNPCE and various pitfalls while using PNPCE LDB.

  • Time Structure for multiple controls changes?

    I have some controls like shown in the picture. Lets say I want to check for changes done by the user in the String controls, since every string is inside a separated cluster, I would have to create a single case (inside a Event Structure) for each s

  • Save a single clip out of a file of multiple clips

    Hello:  I have a VHS video tape that was used to archive multiple scenes shot by a DV camera.  I can load the entire VHS tape as a single file into Adobe Premiere Elements 12 and have cut the source into multiple clips.  What I would like to do now i