F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices VPN Configuration Guide-6PW100
413
607BEncryption of VAM protocol packets
VAM protocol packets can be encrypted by using AES-128, AES-256, DES, or 3DES.
608BIPsec protection of data packets
Data packets in a DVPN tunnel can be protected by an IPsec profile, using security protocols ESP, AH, or
AH-ESP (ESP first, and then AH) and negotiating security policies through IKE.
609BCentralized management of policies
A VAM server manages all policies in a VPN domain centrally.
610BSupport for multiple VPN domains
A VAM server supports up to 10 VPN domains.
87B
Configuring DVPN in the Web interface
301BRecommended configuration procedure
When you configure DVPN, configure the DVPN server before configuring the DVPN clients. When you
configure the DVPN clients, configure the Hubs before configuring the Spokes.
Table 57 Recommended configuration procedure
Ste
p
Remarks
Configuring the DVPN server
4. Configuring local users or RADIUS
authentication
Optional.
The DVPN server authenticates the identities of clients that
try to access the VPN domain. Only clients that pass the
identity authentication can connect to the VPN domain.
The DVPN server supports local authentication and
RADIUS authentication.
For information about local user configuration, see Getting
Started Guide. For information about RADIUS
configuration, see Access Control Configuration Guide.
5. 1036HConfiguring a VPN domain
Required.
Configure a VPN domain and configure the relevant
policies, such as the VAM protocol packets protection and
client authentication modes.
Configuring the DVPN client
6. 1037HConfiguring DVPN tunnels
Required.
Configure a tunnel interface, and configure DVPN related
parameters, such as the VAM client, the IPsec parameters,
and the tunnel parameters.