Manualshelf

R3166-R3206-HP High-End Firewalls VPN Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
12345678910
ii
Protocols and standards ······································································································································· 40
Configuring IPsec in the web interface ························································································································ 41
Configuration task list ··········································································································································· 41
Configuring an IPsec proposal ···························································································································· 42
Configuring an IPsec policy template ·················································································································· 44
Configuring an IPsec policy ································································································································· 46
Applying an IPsec policy group ··························································································································· 48
Viewing IPsec SAs ················································································································································· 49
Viewing packet statistics ······································································································································· 50
IPsec configuration example ································································································································ 50
IPsec VPN configuration wizard in the web interface································································································ 54
Launching the IPsec VPN policy configuration wizard ······················································································ 54
Configuring a center node ··································································································································· 55
Configuring a branch node·································································································································· 58
Configuring a peer node ······································································································································ 61
Configuring IPsec in the CLI ·········································································································································· 64
Configuring IPsec ·················································································································································· 64
Implementing ACL-based IPsec ···························································································································· 65
Implementing tunnel interface-based IPsec ········································································································· 76
Displaying and maintaining IPsec ······················································································································· 80
IPsec configuration examples in the CLI ······················································································································ 81
Example for establishing an IPsec tunnel in manual mode ··············································································· 81
Example for establishing an IPsec tunnel through IKE Negotiation ································································· 83
Example for configuring IPsec with IPsec tunnel interfaces ··············································································· 85
IPsec configuration guidelines ······································································································································ 89
L2TP configuration ······················································································································································ 90
L2TP overview ································································································································································· 90
Typical networking application of L2TP ·············································································································· 90
Basic concepts of L2TP ·········································································································································· 91
L2TP tunnel modes and tunnel establishment process ······················································································· 92
L2TP features ·························································································································································· 95
Protocols and standards ······································································································································· 95
Configuring L2TP in the web interface ························································································································· 95
L2TP configuration task list ··································································································································· 96
Enabling L2TP ························································································································································ 96
Adding an L2TP group ·········································································································································· 96
Displaying L2TP tunnel information ··················································································································· 101
Client-initiated VPN configuration example ····································································································· 101
Configuring L2TP in the CLI ········································································································································· 103
L2TP configuration task list ································································································································· 103
Configuring basic L2TP capability ····················································································································· 104
Configuring an LAC ············································································································································ 104
Configuring an LNS ············································································································································ 106
Configuring L2TP connection parameters ········································································································· 110
Displaying and maintaining L2TP ······················································································································ 111
NAS-initiated VPN configuration example ······································································································· 111
Client-initiated VPN configuration example ····································································································· 113
L2TP multi-domain application configuration example ···················································································· 115
Complicated network application ····················································································································· 118
Troubleshooting L2TP ··················································································································································· 118
Public key configuration ········································································································································· 120
Asymmetric key algorithm overview ·························································································································· 120
Basic concepts ····················································································································································· 120