Use the CommonIpSecConfig statement to specify the path of a local IPSec policy file that contains common IPSec policy statements. These common statements can be referenced from a stack-specific IPSec policy file. To define a common set of policies for multiple stacks, the IpSecConfig statement can specify the same file as the CommonIpSecConfig statement.
Stack-specific IPSec policies are defined in an IPSec stack-specific policy file. A stack-specific IPSec policy file is identified by an IpSecConfig statement. The refresh interval for the CommonIpSecConfig file is inherited from the main configuration file.
Specify the IPSecConfig statement without a path name in each image configuration file to define a common set of policies for multiple stacks.
Restriction: The CommonIpSecConfig statement can appear only in the main configuration file.
If a CommonIpSecConfig statement appears multiple times in the main configuration file, the last occurrence of the statement is used. If the CommonIpSecConfig statement appears in the image configuration file, it is ignored (unless the main and image configuration files are the same file).
- If no IPSecConfig statements are specified, then the CommonIPSecConfig
file is not parsed by Policy Agent.
Requirement: The IPSecConfig statement is required to define IPSec policy for a given stack.
- If multiple stacks are defined, the CommonIPSecConfig file is parsed for each stack; any errors contained in the file are reported multiple times.
Parameters
- path
- The path of the common IPSec policy file to be installed. You can specify an MVS™ data set name or a UNIX file name. MVS data set names must be enclosed in single quotation marks (' ') and preceded by a double slash (//). The following examples show both types of names:
CommonIPSecConfig //'USER1.PAGENT.CONF(COMIPSEC)' CommonIPSecConfig /u/user1/pagent.common.ipsecRestriction: Dynamic monitoring for file updates using the -i startup option is supported only for z/OS® UNIX files; MVS data sets are not monitored for changes.