HP ProCurve Threat Management Solution Implementation Guide 2009-05

C-57

Configure VPNs Using the HP ProCurve Threat Management Services zl Module

Configure a Client-to-Site IPsec VPN for Macintosh IPSecuritas Clients

3. Create an object for the local VPN gateway address:

a. For Name, type a name that is meaningful to you. For this example, type LocalGateway.

You can use only letters, numbers, and the underscore character (_) in this field.

b. For Type , select IP.

Figure C-70. Add Address Window

c. Click Single-entry.

d. In the box below, type the IP address of the TMS VLAN on which the remote clients

reach the module. For this example, type 10.1.1.1.

e. Click Apply.

4. Create an object for the local endpoints:

a. For Name, type a name that is meaningful to you. For this example, type LocalEndpoints.

b. For Type , select Network (IP/Mask) or IP Range. For this example, select Network (IP/

Mask).

c. Click Single-entry.

d. In the box below, specify the subnet or range of IP addresses for local endpoints that

the remote clients are allowed to access. For this example, type 192.168.4.0/24.

e. Click Apply.

5. Create one or more objects for remote clients’ IP addresses. If remote clients are on the

same subnet, you can create a single object that specifies that subnet; see step a. Otherwise,

you must create a separate address object for each client’s remote address; see step b.

a. Create one address object for all remote clients:

i. For Name, type a name that is meaningful to you. For this example, type MacClients.

ii. For Type , select Network (IP/Mask).

iii. Click Single-entry.

iv. In the box below, specify the subnet for remote clients.

v. Click Apply.

vi. Click Close.