Manualshelf

HP TMS zl Module Security Administrator's Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
271272273274275276277278279280
4-98
Configuring a VPN on the HP TMS zl Module
Configure an IPsec Client-to-Site VPN
Figure 4-61. Manage IPsec Wizard > Add IPsec Policy (step 3) Window
11. Configure the IP addresses and other settings assigned to remote end-
points through IKE mode config.
Note It is generally recommended that you use IKE mode config. However, if your
clients do not support this feature, clear the Enable IP Address Pool for IRAS
(Mode Config) check box and move to step 12.
a. The Enable IP Address Pool for IRAS (Mode Config) check box should be
selected.
b. For IRAS IP Address/Mask, type the IP address that the TMS zl Module
will use to route traffic from the remote clients. Include a subnet
mask. For example type, 192.168.8.1/24.
Select a subnet that you can reserve for the remote clients; this subnet
cannot be configured on a TMS VLAN. This address will be the clients’
remote gateway while visiting the local network.
c. For Firewall Zone, select the zone for remote clients after they estab-
lish the VPN connection.When you configure firewall access policies
for the IKE mode config addresses, use this zone.