Manualshelf

F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices VPN Configuration Guide-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
12345678910
iv
IKE-based IPsec tunnel for IPv4 packets configuration example ····································································· 190
IPsec with IPsec tunnel interfaces configuration example················································································ 192
IPsec for RIPng configuration example ·············································································································· 196
IPsec RRI configuration example ························································································································ 200
IPsec stateful failover configuration example ··································································································· 203
Using a wizard to configure an IPsec VPN ··········································································································· 212
Configuring a center node ·········································································································································· 212
Configuring a branch node ········································································································································ 216
Configuring a peer node ············································································································································ 220
Configuring L2TP ····················································································································································· 225
Overview ······································································································································································· 225
Typical L2TP networking application ················································································································· 225
L2TP message types and encapsulation structure ···························································································· 226
L2TP tunnel and session ······································································································································ 227
L2TP tunneling modes and tunnel establishment process ················································································ 227
L2TP features ························································································································································ 230
Protocols and standards ····································································································································· 230
Configuring L2TP in the Web interface ····················································································································· 230
Recommended L2TP configuration procedure ·································································································· 230
Enabling L2TP ······················································································································································ 231
Adding an L2TP group ········································································································································ 231
Configuring an ISP domain ································································································································ 235
Specifying an IP address pool ··························································································································· 237
Displaying L2TP tunnel information ··················································································································· 238
Client-initiated VPN configuration example ····································································································· 239
Configuring L2TP at the CLI ········································································································································· 242
L2TP configuration task list ································································································································· 242
Configuring basic L2TP capability ····················································································································· 244
Configuring an LAC ············································································································································ 244
Configuring an LNS ············································································································································ 247
Configuring L2TP connection parameters ········································································································· 251
Displaying and maintaining L2TP ······················································································································ 252
Configuration example for NAS-initiated VPN ································································································ 253
Configuration example for client-initiated VPN ································································································ 255
Configuration example for LAC-auto-initiated VPN ························································································· 256
Configuration example for L2TP multi-domain application ············································································· 259
Complicated network application ····················································································································· 262
Troubleshooting L2TP ··················································································································································· 262
Managing certificates ············································································································································· 264
Overview ······································································································································································· 264
PKI terms ······························································································································································· 264
PKI architecture ···················································································································································· 265
PKI operation ······················································································································································· 266
PKI applications ··················································································································································· 266
PKI configuration guidelines ······································································································································· 266
Configuring PKI in the Web interface ························································································································ 267
Recommended configuration procedure ··········································································································· 267
Creating a PKI entity ··········································································································································· 269
Creating a PKI domain ······································································································································· 271
Generating an RSA key pair ······························································································································ 274
Requesting a local certificate ····························································································································· 274
Destroying the RSA key pair ······························································································································ 275
Retrieving and displaying a certificate ············································································································· 276