Manualshelf

HP TMS zl Module Security Administrator's Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
401402403404405406407408409410
4-232
Configuring a VPN on the HP TMS zl Module
Configuring an IPsec Site-to-Site VPN with Manual Keying
See “Create an IPsec Proposal” on page 4-233.
3. Create an IPsec policy.
See “Create an IPsec Policy That Uses Manual Keying” on page 4-238.
4. Create necessary firewall access policies.
See “Create Access Policies for an IPsec Site-to-Site VPN with Manual
Keying” on page 4-249.
5. Create a static route, if necessary.
See “Verify Routes for an IPsec Site-to-Site VPN” on page 4-251.
6. Configure global IPsec settings (optional).
See “Configure Global IPsec Settings” on page 4-429.
7. Configure the remote VPN gateway with compatible settings.
Refer to the documentation for the remote gateway. (The HP Threat
Management Services zl Module Management and Configuration Guide
also gives some guidelines and example configurations.)
Create Named Objects for the VPN (Optional)
You might want to configure the named objects indicated in Table 4-26. (You
can, of course, configure other objects that are appropriate for your environ-
ment.) For your reference, this table includes the location where you would
specify these named objects. However, later configuration instructions will
indicate when you actually need to specify each object. The table also includes
a reference to numbers in Figure 4-155. The number indicates the IP address
for that named object in an example network.
If you are configuring multiple modules, remember to create the appropriate
objects on each.
See Chapter 6: “Configuring the TMS zl Module Firewall” for step-by-step
instructions for configuring objects.