IPSec Utility
The IPSec utility is used to create Security Policy (SP) entries and Security Association (SA) entries in the kernel. Two IPSec utility programs exist: ipsecgui.exe and ipsec.exe. "ipsecgui.exe" is a graphical user interface that simplifies the configuration of an IPSec enabled machine. The command line program, "ipsec.exe", is used by the GUI program and allows more complicated configuration. However, the GUI program should suffice for most testing.
To use the IPSec utility GUI, type: ipsecgui at the command prompt. If you want to delete policies and associations, you still need to use the command line interface.
To use the IPSec utility command line interface, type: ipsec at the command prompt. Six options are available:
- sp [interface] - Print the SP entries to the screen.
- sa - Print the SA entries to the screen.
- c [filename <no ext>] - Create files used to enter the SP and SA entries.
- a [filename] - Add the SP and SA entries.
- i [policy] [filename <no ext>] - Insert the SP and SA entries after [policy] entry.
- d [type = sp sa] [index] - Delete the SP or SA entry (index = SP or SA index or all).
IPSec examples: