Manualshelf

HP TMS zl Module Security Administrator's Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
381382383384385386387388389390
4-209
Configuring a VPN on the HP TMS zl Module
Configuring an IPsec Site-to-Site VPN with IKE
Figure 4-138. Manage IPsec Wizard > Add IKEv1 Policy (step 3) Window
16. If you want, configure XAUTH, which is an optional additional layer of
security. Otherwise, leave Disable XAUTH selected and move to step 17.
You can configure the TMS zl Module to act either as a client (authenticate
itself) or as a server (authenticate the remote gateway):
•Select Enable XAUTH Server.
For Authentication Type, select Generic or CHAP.
At some point, you must configure the username and password for
the remote gateway in one of these locations:
An external RADIUS server—Remember, to add the RADIUS
server in the TMS-Network > Authentication > RADIUS Servers Con-
figuration window.
On the module itself—In the TMS-Network > Authentication >
Firewall/XAUTH Users window, add the remote gateway account
to any user group that you want.
For instructions, see Chapter 6: “Configuring the TMS zl Module
Firewall.”
•Select Enable XAUTH Client: