AIX Simple Firewall

Prerequisities

Packages to be installed

bos.msg.en_US.net.ipsec
bos.net.ipsec.keymgt
bos.net.ipsec.rte
clic.rte.kernext
clic.rte.lib

CLI

lslpp -l bos.msg.en_US.net.ipsec

  Fileset                      Level  State      Description
  ----------------------------------------------------------------------------
Path: /usr/lib/objrepos
  bos.msg.en_US.net.ipsec    7.2.5.0  COMMITTED  IP Security Messages - U.S.
                                                 English

Start/Stop IP Security

CLI

# Start command
/usr/sbin/mkdev -c ipsec -t 4
/usr/sbin/mkfilt -v 4 -u -z P

# Stop command
/usr/sbin/rmdev -l ipsec_v4

Smitty

smitty ipsec4 > Start/Stop IP Security > Start IP Security

Start IP Security: [Now and After Reboot]
Deny All Non_Secure IP Packets: [no]

Verify command

lsdev -l ipsec_v4

ipsec_v4 Available  IP Version 4 Security Extension

AIX Simple Firewall

Prerequisities

Start/Stop IP Security

Filter Rules