Manualshelf

HP ProCurve Threat Management Solution Implementation Guide 2009-05

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
421422423424425426427428429430
C-79
Configure VPNs Using the HP ProCurve Threat Management Services zl Module
Configure a Client-to-Site IPsec VPN for HP ProCurve VPN Clients
Figure C-97. IPSecuritas—Startup Window
22. To connect, select the profile that you just created. Then select the connection that you
just configured.
23. Click Start.
Configure a Client-to-Site IPsec VPN for HP
ProCurve VPN Clients
This section provides instructions for configuring the TMS zl Module as the gateway for a client-
to-site VPN for HP ProCurve VPN clients. The VPN will use IPsec with IKE version 1 and IKE
mode config. The TMS zl Module will also enforce XAUTH, requiring remote users to log
individually. Remote users will log in to one of two groups, and the group will determine the
remote user’s rights on the local network.
This section also provides instructions for configuring the HP ProCurve VPN client on a remote
endpoint.
Configure an Client-to-Site IPsec VPN on the TMS zl Module
You must complete these tasks to configure a TMS zl Module as the gateway for an IPsec client-
to-site VPN:
1. Create named objects.
See “Create Named Objects for the IPsec Client-to-Site VPN” on page C-80. Using named
objects is best practice; however, you can specify IP addresses manually.
2. Create an IKE policy.
See “Create an IKE Policy for Connecting to HP ProCurve VPN Clients” on page C-81.
3. Create an IPsec proposal.
See “Create an IPsec Proposal for Connecting to HP ProCurve VPN Clients” on page C-85.
4. Create an IPsec policy.
See “Create an IPsec Policy for a Client-to-Site IPsec VPN with HP ProCurve VPN Clients”
on page C-87.