Manualshelf

HP ProCurve Threat Management Solution Implementation Guide 2009-05

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
421422423424425426427428429430
C-84
Configure VPNs Using the HP ProCurve Threat Management Services zl Module
Configure a Client-to-Site IPsec VPN for HP ProCurve VPN Clients
Figure C-101. Add IKE Policy Window—Step 2 of 3
10. Under IKE Authentication, configure these settings:
a. For Key Exchange Mode, select Main Mode or Aggressive Mode. For this example, select
Main Mode.
b. For Authentication Method, select Preshared Key.
c. Type a string of 12 to 49 alphanumeric or special characters in the Preshared Key box.
Type the same string in the Confirm Preshared Key box. For this example, type procur-
vekey!.
The string (which is case-sensitive) must match the string that is configured on the
remote clients.
11. Under Security Parameters Proposal, configure the security settings proposed by the TMS
zl Module (the IKE security settings on remote clients must match):
a. For Diffie-Hellman (DH) Group, select the group for the Diffie-Hellman key exchange:
Group 1 (768)
Group 2 (1024)
Group 5 (1536)
For this example, leave the default Group 1 (768).
b. For Encryption Algorithm, select one of these protocols, listed from least secure (and
least processor-intensive) to most:
DES
AES-128 (16)
3DES
AES-192 (24)
AES-256 (32)
For this example, leave the default 3DES.