IPSec Configuration for the SAE
The SAE uses the IPSec implementation available on a system running the Solaris operating system version 5.9 or higher. These versions of the operating system support IKE.
SRC software configures basic IPSec parameters and provides a management interface in SDX Configuration Editor to simplify configuration tasks for properties specific to your environment. For example, the SAE configuration lets you configure the IP address to be used on the local host and the IP address to be used on the remote host for IPSec-protected traffic.
The basic IPSec configuration created by the SAE includes the following:
- IPv4 addressing—Supports IP addressing in the IPv4 format for local and remote identity types.
- Preshared keys—Lets you share key values between systems.
- Automatic key management through IKE—Manages security keys during negotiation of SAs.
- ESP—Provides confidentiality and authentication for each packet.
- IPSec transport mode—Specifies that ESP follow the IP header for a packet; ESP encapsulates the remainder of the packet.