Manualshelf

HP ProCurve Threat Management Solution Implementation Guide 2009-05

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
341342343344345346347348349350
C-6
Configure VPNs Using the HP ProCurve Threat Management Services zl Module
Configure a Site-to-Site IPsec VPN
c. Click Single-entry.
d. In the box below, type the IP address of the remote TMS zl Module that the local module
can reach. For this example, type 10.2.12.
e. Click Apply.
5. Create an object for the local endpoints:
a. For Name, type a name that is meaningful to you. For this example, type LocalEndpoints.
b. For Type , select Network (IP/Mask) or IP Range. For this example, select Network (IP/
Mask).
c. Click Single-entry.
d. In the box below, specify the subnet or range of IP addresses for local endpoints that
are allowed to send or receive traffic over the site-to-site VPN. For this example, type
192.168.4.0/22.
e. Click Apply.
6. Create an object for the remote endpoints:
a. For Name, type a name that is meaningful to you. For this example, type RemoteEnd-
points.
b. For Type , select Network (IP/Mask) or IP Range. For this example, select Network (IP/
Mask).
c. Click Single-entry.
d. In the box below, specify the subnet or range of IP addresses for remote endpoints
that are allowed to send or receive traffic over the site-to-site VPN. For this example,
type 192.168.32.0/22.
e. Click Apply.
7. Click Close.
8. Click Save.
Create an IKE Policy
Complete these steps to create an IKE policy for the site-to-site VPN:
1. In the left navigation bar of the Web browser interface, click VPN > IPsec.
2. Click the IKEv1 Policies tab.
Figure C-3. VPN > IPsec > IKEv1 Policies Window
3. Click Add IKE Policy. The Add IKE Policy window is displayed.