Manualshelf

HP TMS zl Module Security Administrator's Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
401402403404405406407408409410
4-223
Configuring a VPN on the HP TMS zl Module
Configuring an IPsec Site-to-Site VPN with IKE
The IPsec proposal specifies the IPsec mode, IPsec protocol, and the
authentication and encryption algorithms that secure the VPN connec-
tion. See “Create an IPsec Proposal for an IPsec Site-to-Site VPN” on page
4-211.
4. Click Next.
Figure 4-150. Manage IPsec Wizard > Add IPsec Policy (step 2) Window
5. For Key Exchange Method, select Auto (with IKEv1).
6. For IKEv1 Policy, select a previously configured IKEv1 policy.
Select the IKEv1 policy that specifies the remote gateway for the remote
addresses configured in this policy’s traffic selector.
7. Optionally, select the Enable PFS (Perfect Forward Secrecy) for keys check
box, which forces the tunnel endpoints to generate new keys for the IPsec
SA. In the list that is displayed, select one of the following:
Group 1 (768)
Group 2 (1024)
Group 5 (1536)