HP ProCurve Threat Management Solution Implementation Guide 2009-05
C-83
Configure VPNs Using the HP ProCurve Threat Management Services zl Module
Configure a Client-to-Site IPsec VPN for HP ProCurve VPN Clients
b. For Value, type the correct value.
If you select IP Address for Typ e, the address that you specify in the Value box must
match the IP address that you specified for the local gateway.
Table C-8 shows the format for each ID type.
For this example, type 10.1.1.1.
Table C-8. Local ID Values
8. For Remote ID, specify an ID that matches the ID that remote clients send to authenticate
themselves:
a. For Type , select the ID type:
– IP Address
– Domain Name
– Email Address
– Distinguished Name
For this example, select Domain Name.
b. For Value, type the correct value.
Use wildcards to accommodate multiple user IDs. In this way, you can create a single
IKE policy to accommodate all remote users, which simplifies configuration. (In fact,
when you use main mode and preshared keys, only one client-to-site IKE policy is
supported.) Table C-9 displays valid values and wildcards.
For this example, type procurvelabs.com.
Table C-9. Remote ID Values and Wildcards
9. Click Next.
Local ID Type Remote ID Value Examples
IP Address A.B.C.D 10.1.1.1
Domain Name <domainname> TMS.procurve.com
Email Address <name>@<domainname> tms@procurve.com
Distinguished Name /CN=<commonname> /CN=TMS.procurve.com
Remote ID Type Remote ID Value Wildcard Example Example Wildcard
IP Address A.B.C.D 0.0.0.0 172.16.40.103 0.0.0.0
Domain Name <name.domainname> <domainname> user1.procurve.com procurve.com
Email Address <name>@<domainname>*@<domainname> user1@procurve.com *@procurve.com
Distinguished
Name
/CN=<commonname>•/CN=*
•/*
/CN=TMS.procurve.com • /CN=*.procurve.com
•*