Manualshelf

HP TMS zl Module Security Administrator's Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
261262263264265266267268269270
4-88
Configuring a VPN on the HP TMS zl Module
Configure an IPsec Client-to-Site VPN
10. Review the configuration settings you have selected. If you want to save
the changes as well as apply them, select the Save Configuration check box.
If the TMS zl Module is a master in a cluster and you want to immediately
synchronize the changes, select the Synchronize changes to Participant
check box.Note that this will cause the participant to reboot.
If you need to change any settings, click Back until you reach the appro-
priate window and can select a different setting.
When you are ready to apply the configuration, click Next in the Configu-
ration Preview window.
11. Click Close.
The IPsec proposal is displayed in the TMS-VPN > IPsec > IPsec Proposal
window.
Create an IPsec Policy for a Client-to-Site VPN
This section explains how to configure an IPsec policy for a basic client-to-
site IPsec VPN. The IPsec policy selects traffic between local IP addresses
that are accessible to the remote users and the remote users. It includes
settings that will be negotiated during IKE phase 2.
For client-to-site IPsec VPNs, it is generally recommended that you use IKE
mode config. However, some IPsec clients (such as IPSecuritas VPN clients)
do not support the TMS zl Module implementation of IKE mode config. Decide
now whether you will use IKE mode config. Various settings depend on
whether you will use this feature.
You must configure the IPsec policy on each TMS zl Module individually.
Repeat these steps for each module:
1. In the navigation tree, click the module’s name within the TMS zl folder
2. In the main configuration window, move to the TMS - VPN > IPsec tab.
3. You can add the IPsec policy in several ways:
Click the IPsec Policies tab. Right-click the TMS zl Module’s name and
select Add. Move to step 4 on page 4-363.