Manualshelf

HP TMS zl Module Security Administrator's Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
421422423424425426427428429430
4-248
Configuring a VPN on the HP TMS zl Module
Configuring an IPsec Site-to-Site VPN with Manual Keying
Figure 4-169. Manage IPsec Wizard > Add IPsec Policy (step 4) Window
11. If desired, configure settings in the Advanced Settings (Optional) section.
a. Select the check boxes for the advanced features that you want to
enable:
Enable IP compression
Enable fragment before IPsec
This setting is enabled by default.
For information and guidelines on these settings, see “Advanced
IPsec Features” on page 4-21.
b. For Anti-Replay Window Size, type a value between 32 and 1024.
This setting determines how far out of order a packet can arrive and
still be accepted. See “Anti-Replay Window” on page 4-22 for more
information.
c. For DF Bit Handling, select one of these options:
Copy DF bit from clear packet
The TMS zl Module copies the DF bit setting for the IPsec packet
from the inner IP packet.
Set DF bit