Manualshelf

HP TMS zl Module Security Administrator's Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
311312313314315316317318319320
4-142
Configuring a VPN on the HP TMS zl Module
Configuring an IPsec Site-to-Site VPN with IKE
Figure 4-89. Deploy IPsec Site-to-Site VPN > Configure Advanced IKE Settings
10. For Key Exchange Mode, select Main Mode or Aggressive Mode.
11. Under Security Parameters Proposal, configure the security settings pro-
posed by the TMS zl Module for the IKE SA (the IKE policy on remote
endpoints must match):
a. For Diffie-Hellman (DH) Group, select the group for the Diffie-Hellman
key exchange:
Group 1 (768)
Group 2 (1024)
Group 5 (1536)
The group determines the length of the prime number used during the
exchange. The larger the number, the more secure the key generated
by the exchange.