HP ProCurve Threat Management Solution Implementation Guide 2009-05
C-32
Configure VPNs Using the HP ProCurve Threat Management Services zl Module
Configure a Client-to-Site L2TP over IPsec VPN for Windows XP Clients
6. For Local Gateway, specify an IP address on this module. You have two options:
• Click IP Address and type the IP address in the box.
Type the same IP address that you configured for the LocalGateway address object (the
IP address on the TMS VLAN that remote clients contact).
• Click Use VLAN IP Address and select a VLAN from the list. Select the TMS VLAN on
which remote clients contact the module.
7. For Local ID, configure the ID that the TMS zl Module sends to authenticate itself. (You can
configure any ID as long as it is in the proper format.)
a. For Type , select the ID type:
– IP Address
– Domain Name
– Email Address
– Distinguished Name
For this example, select IP Address.
b. For Value, type the correct value.
If you select IP Address for Typ e, the address that you specify in the Value box must
match the IP address that you specified for the local gateway.
Table C-3 shows the format for each ID type.
For this example, type 10.1.1.1.
Table C-3. Local ID Values
8. For Remote ID, specify these settings:
a. For Type , select IP Address.
You can also select Domain Name, but this setting requires every remote Windows client to
be in the same domain on their remote connection. (You cannot configure multiple IKE policies
for clients in different domains because only one policy can be set to main mode and preshared
key authentication.)
b. For Value, type 0.0.0.0 if you selected IP Address in the previous step.
If you selected Domain Name, type the domain name that applies to every remote
Windows client. For example, type procurvelabs.com.
9. Click Next.
Local ID Type Remote ID Value Examples
IP Address A.B.C.D 10.1.1.1
Domain Name <domainname> TMS.procurve.com
Email Address <name>@<domainname> tms@procurve.com
Distinguished Name /CN=<commonname> /CN=TMS.procurve.com