Manualshelf

HP ProCurve Threat Management Solution Implementation Guide 2009-05

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
361362363364365366367368369370
C-25
Configure VPNs Using the HP ProCurve Threat Management Services zl Module
Configure a Site-to-Site IPsec VPN
For this example, select the RemoteGateway address object. (You can also click Options,
select Enter custom IP, IP/mask or IP-Range, and type the IP address of the remote
module.)
Figure C-31. Add Policy Window
g. Click Apply.
7. Permit traffic from the local endpoints to the remote endpoints:
a. For Action, leave the default, Permit Traffic.
b. For From, select the local zone. For this example, select Internal.
c. For To, select the remote zone. For this example, select External.
d. For Service, leave Any Service.
This is the most basic configuration. You could also create access policies that permit
only certain services.
e. For Source, specify the local IP addresses allowed to send traffic on the VPN.
For this example, select the LocalEndpoints address object. (You can also click Options,
select Enter custom IP, IP/mask or IP-Range, and type the subnet or IP addresses of the
local endpoints.)
f. For Destination, specify the remote IP addresses which the local users are allowed to
access.
For this example, select the RemoteEndpoints address object. (You can also click
Options, select Enter custom IP, IP/mask or IP-Range, and type the subnet or IP addresses
of the remote endpoints.)