Manualshelf

HP TMS zl Module Security Administrator's Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
451452453454455456457458459460
4-281
Configuring a VPN on the HP TMS zl Module
L2TP over IPsec VPNs
Figure 4-196. Example L2TP over IPsec VPN
3. For Traffic Selector, configure these settings:
a. For Protocol, select UDP.
Note Do not select (115) L2TP for Protocol. You must select UDP and then specify the
L2TP port (1701) for the local and remote ports. L2TP needs to operate at
Layer 4/5 in this case instead of at Layer 3.
b. For Local Address, type the IP address configured as the local gateway
in the IKE policy (indicated by 1 in the figure).
c. For Local Port, type 1701.
d. For Remote Address, select Any.
Alternatively, you could specify a specific IP address, range of IP
addresses, or subnet (indicated by 3 in the figure). However, this
complicates the configuration in one of two ways:
By default, Windows L2TP clients send their IP address as their
local address. Because this setting must match the remote setting
exactly, you would need to configure a separate IPsec policy for
each L2TP client. You would also have to know the IP address of
each client.