JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Solaris Administration: IP Services     Oracle Solaris 11 Information Library
Oracle Technology Network
Library
PDF
Print View
Feedback
search filter icon
search icon

Document Information

Preface

Part I TCP/IP Administration

1.  Planning the Network Deployment

2.  Considerations When Using IPv6 Addresses

3.  Configuring an IPv4 Network

4.  Enabling IPv6 on the Network

5.  Administering a TCP/IP Network

6.  Configuring IP Tunnels

7.  Troubleshooting Network Problems

8.  IPv4 Reference

9.  IPv6 Reference

Part II DHCP

10.  About DHCP (Overview)

11.  Administering the ISC DHCP Service

12.  Configuring and Administering the DHCP Client

13.  DHCP Commands and Files (Reference)

Part III IP Security

14.  IP Security Architecture (Overview)

15.  Configuring IPsec (Tasks)

16.  IP Security Architecture (Reference)

17.  Internet Key Exchange (Overview)

18.  Configuring IKE (Tasks)

19.  Internet Key Exchange (Reference)

IKE Service

IKE Daemon

IKE Configuration File

ikeadm Command

IKE Preshared Keys Files

IKE Public Key Databases and Commands

ikecert tokens Command

ikecert certlocal Command

ikecert certdb Command

ikecert certrldb Command

/etc/inet/ike/publickeys Directory

/etc/inet/secret/ike.privatekeys Directory

/etc/inet/ike/crls Directory

20.  IP Filter in Oracle Solaris (Overview)

21.  IP Filter (Tasks)

Part IV Networking Performance

22.  Integrated Load Balancer Overview

23.  Configuration of Integrated Load Balancer (Tasks)

24.  Virtual Router Redundancy Protocol (Overview)

25.  VRRP Configuration (Tasks)

26.  Implementing Congestion Control

Part V IP Quality of Service (IPQoS)

27.  Introducing IPQoS (Overview)

28.  Planning for an IPQoS-Enabled Network (Tasks)

29.  Creating the IPQoS Configuration File (Tasks)

30.  Starting and Maintaining IPQoS (Tasks)

31.  Using Flow Accounting and Statistics Gathering (Tasks)

32.  IPQoS in Detail (Reference)

Glossary

Index

IKE Configuration File

The IKE configuration file, /etc/inet/ike/config, manages the keys for the interfaces that are being protected in the IPsec policy file, /etc/inet/ipsecinit.conf.

Key management with IKE includes rules and global parameters. An IKE rule identifies the systems or networks that the keying material secures. The rule also specifies the authentication method. Global parameters include such items as the path to an attached hardware accelerator. For examples of IKE policy files, see Configuring IKE With Preshared Keys (Task Map). For examples and descriptions of IKE policy entries, see the ike.config(4) man page.

The IPsec SAs that IKE supports protect the IP datagrams according to the policies in the IPsec configuration file, /etc/inet/ipsecinit.conf. The IKE policy file determines if perfect forward security (PFS) is used when creating the IPsec SAs.

The /etc/inet/ike/config file can include the path to a library that is implemented according to the following standard: RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki). IKE uses this PKCS #11 library to access hardware for key acceleration and key storage.

The security considerations for the ike/config file are similar to the considerations for the ipsecinit.conf file. For details, see Security Considerations for ipsecinit.conf and ipsecconf.

Copyright © 1999, 2012, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous Next