Steps for configuring local IP security policy using only a stack-specific IP security configuration file

You can configure local IP security policy using only a unique and separate stack-specific IP security configuration file for each stack on the system. In this instance, a common IP security configuration file is not necessary.

Procedure

Perform the following steps to configure local IP security policy using only a stack-specific IP security configuration file.

In the main Policy Agent configuration file, include a line with the TcpImage statement for each stack to be configured, as follows:
```
TcpImage TCPCS  /etc/TCPCS.image
TcpImage TCPCS2 /etc/TCPCS2.image
⋮
```
In each configuration file that was identified on the TcpImage statement shown in step 1, include an IPSecConfig line that identifies the stack-specific IP security configuration file, as follows:
```
In /etc/TCPCS.image:
IpSecConfig     /etc/TCPCS.ipsecpol

In /etc/TCPCS2.image:
IpSecConfig     /etc/TCPCS2.ipsecpol
```

Results

Each stack on the z/OS® system will adhere to the policy that is specified by its unique policy file. Stack TCPCS uses the policy that is configured in /etc/TCPCS.ipsecpol, and stack TCPCS2 uses the policy that is configured in /etc/TCPCS2.ipsecpol.