Manualshelf

HP ProCurve Threat Management Solution Implementation Guide 2009-05

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
361362363364365366367368369370
C-24
Configure VPNs Using the HP ProCurve Threat Management Services zl Module
Configure a Site-to-Site IPsec VPN
3. Make sure that None is selected for User Group.
4. Click Add a Policy.
5. Allow IKE messages from the remote gateway.
a. For Action, accept the default: Permit Traffic.
b. For From, select the remote zone. For this example, select External.
c. For To, select Self.
d. For Service, select isakmp.
e. For Source, specify the IP address of the remote gateway.
For this example, select the RemoteGateway address object. (You can also click Options,
select Enter custom IP, IP/mask or IP-Range, and type the IP address of the remote
module.)
f. For Destination, leave Any Address or specify the IP address that you configured for the
local gateway in the IKE policy.
For this example, select the LocalGateway address object.
Figure C-30. Add Policy Window
g. Click Apply.
6. Permit IKE messages from this TMS zl Module to the remote module:
a. For Action, leave the default Permit Traffic.
b. For From, select Self.
c. For To, select the remote zone. For this example, select External.
d. For Service, select isakmp.
e. For Source, leave Any Address or specify the local gateway IP address.
For this example, select the LocalGateway address object.
f. For Destination, specify the remote gateway IP address.