HP TMS zl Module Security Administrator's Guide
4-126
Configuring a VPN on the HP TMS zl Module
Configuring an IPsec Site-to-Site VPN with IKE
Table 4-16 shows the format for each ID type.
Table 4-16. Local ID Values
6. Next specify the ID that the Site 2 TMS zl Module (or other device) sends
to authenticate itself.
a. For Remote ID Type, select the ID type for the Site 2 module:
– IP Address
– Domain Name
– Email Address
– Distinguished Name
b. For Remote ID Value, type the correct value for the Site 2 module’s ID.
Again, if you select IP Address, the value must match the IP address
specified for the Site 2 gateway.
Note If you specified a second site, the wizard will automatically generate settings
for the Site 2 identifiers by reversing the local and remote IDs.
7. For Authentication Method, select one of the following:
• Preshared Key
• DSA Signature
• RSA Signature
If you select DSA Signature or RSA Signature, you can go directly to step 8.
(After you finish the wizard, you must install certificates as described in
“Install Certificates Manually” on page 4-394 or “Install Certificates Using
SCEP” on page 4-418.)
If you want to use SCEP to install certificates, select RSA Signature rather
than DSA Signature.
8. If you selected Preshared Key, type a string of 12 to 49 alphanumeric or
special characters in the Preshared Key box. Type the same string in the
Confirm Preshared Key box.
9. Click Next.
Local ID Type Remote ID Value Examples
IP Address A.B.C.D 172.16.40.103
Domain Name <domainname> TMS.hp.com
Email Address <name>@<domainname> tms@hp.com
Distinguished
Name
/CN=<commonname> /CN=TMS.hp.com