HP TMS zl Module Security Administrator's Guide
4-9
Configuring a VPN on the HP TMS zl Module
IPsec VPNs
Find Your Configuration Instructions
If you know which type of VPN you want to configure, see Table 4-1 for the
page at which the configuration instructions begin. (The table also indicates
where you can find general background information on the technologies
involved.)
This chapter also provides instructions for managing VPN settings. Refer to
the table of contents.
Table 4-1. VPN Configuration Instructions
IPsec VPNs
An in-depth understanding of how IPsec works to set up and secure the VPN
tunnel will help you configure VPNs correctly. Composed of a variety of
industry-standard authentication and encryption protocols, IPsec provides a
flexible, highly secure method of establishing a VPN.
For IPsec VPNs, the TMS zl Module can act as the gateway device—that is,
the tunnel endpoint. The other end of the tunnel can be another VPN gateway
(in a site-to-site VPN) or a remote endpoint (in a client-to-site VPN).
An IPsec VPN is created with one or more elements of the IPsec protocol suite:
■ Authentication Header (AH)
VPN Type Configuration Instructions Concepts
Client-to-site—IPsec with
IKE v1
“Configure an IPsec Client-to-Site VPN” on
page 4-27
“IPsec VPNs” on page 4-9
Site-to-site—IPsec with
IKEv1
“Configuring an IPsec Site-to-Site VPN with
IKE” on page 4-106
Site-to-site—IPsec with
manual keying
“Configuring an IPsec Site-to-Site VPN with
Manual Keying” on page 4-230
Client-to-site—L2TP over
IPsec
“Configure an L2TP over IPsec Client-to-Site
VPN” on page 4-253
• “IPsec VPNs” on page 4-9
• “L2TP over IPsec VPNs” on page 4-252
Site-to-site—GRE tunnel “Configure a GRE Tunnel” on page 4-326 “GRE Tunnels” on page 4-323
Site-to-site—GRE over
IPsec with IKE v1
“Configure a GRE over IPsec VPN with IKE”
on page 4-340
• “IPsec VPNs” on page 4-9
• “GRE Tunnels” on page 4-323
Site-to-site—GRE over
IPsec with manual keying
“Configure a GRE over IPsec VPN with
Manual Keying” on page 4-373