Manualshelf

HP ProCurve Threat Management Solution Implementation Guide 2009-05

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
421422423424425426427428429430
C-80
Configure VPNs Using the HP ProCurve Threat Management Services zl Module
Configure a Client-to-Site IPsec VPN for HP ProCurve VPN Clients
5. Configure authentication settings for XAUTH.
See “Configure Authentication for XAUTH” on page C-91.
6. Create the necessary firewall access policies.
See “Access Policies for an Client-to-Site IPsec VPN for HP ProCurve VPN Clients” on
page C-93.
7. Create a static route, if necessary.
See “Verify Routes” on page C-96.
Create Named Objects for the IPsec Client-to-Site VPN
You can specify named objects in the IPsec policy traffic selector and in corresponding firewall
access policies. Note that an IPsec policy requires single-entry address objects, so you should
create objects of this type.
For this VPN configuration, create several address objects:
1. Click Firewall > Access Policies and then click the Addresses tab.
2. Click Add an Address.
3. Create an object for the local VPN gateway address:
a. For Name, type a name that is meaningful to you. For this example, type LocalGateway.
You can use only letters, numbers, and the underscore character (_) in this field.
b. For Type , select IP.
Figure C-98. Add Address Window
c. Click Single-entry.
d. In the box below, type the IP address of the TMS VLAN on which the remote clients
reach the module. For this example, type 10.1.1.1.
e. Click Apply.