HP TMS zl Module Security Administrator's Guide
4-68
Configuring a VPN on the HP TMS zl Module
Configure an IPsec Client-to-Site VPN
When you are ready to apply the configuration, click Next in the Configu-
ration Preview window.
38. A window is displayed, showing the setting being applied to the TMS zl
Module. When you see that they have been applied successfully, click
Close.
Move to “Create Access Policies for IPsec Client-to-Site VPNs” on page 4-102.
Configure IKE and IPsec Setting Using the Manage
IPsec Wizard
The Manage IPsec wizard allows you to configure the IKE policy, IPsec
proposal, and IPsec policy separately—but, if you desire, on more than one
module at once. (However, the IPsec policy must be configured on individual
modules.) When the wizard configures multiple modules, it assigns many of
the same settings to all modules. However, the wizard allows you to configure
some settings separately for each module. For example, the VPN gateway
must be an actual IP address on the module, so the same setting cannot apply
to multiple modules.
Table 4-9. IKE and IPsec Parameters in the Manage IPsec Wizard
Policy or Proposal Parameter Module-Specific or Same
for Every Selected Module
IKEv1 policy IKEv1 Policy Name Same
Policy Type Same
Local Gateway Module specific
Local ID Type and Value Module specific
Remote ID Type and Value Module specific
Key Exchange Mode Same
Authentication Method Same
Diffie-Hellman (DH) Group Same
Encryption Algorithm Same
Authentication Algorithm Same
SA Lifetime in Seconds Same
XAUTH Configuration Same
IPsec Proposal Proposal Name Same
Encapsulation Mode Same
Security Protocol Same
Encryption Algorithm Same