The IP Security feature in AIX is separately installable and loadable. The core filesets that need to be installed are:
Also, the following filesets need to be installed for IKE tunnel support:
Once installed, IP Security can be separately loaded for IP Version 4 and IP Version 6. This is accomplished by issuing mkdev commands or through the IP Security SMIT menus.
Attention: Loading IP Security will enable the filtering function. Therefore, before loading, it is important to ensure the correct filter rules are created, or all outside communication may be blocked.
If using SMIT or Web-based System Manager, (wsm network fast path) the IP security modules will be automatically loaded when IP Security is started. This is the prefrerred method to ensure that the kernel extensions and IKE daemons are loaded in the proper order.
If the loading completed successfully, the lsdev command will show the IP Security devices as Available.
lsdev -C -c ipsec ipsec_v4 Available IP Version 4 Security Extension ipsec_v6 Available IP Version 6 Security Extension
Once the IP Security kernel extension has been loaded, tunnels and filters are ready to be configured.