Manualshelf

HP TMS zl Module Security Administrator's Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
461462463464465466467468469470
4-283
Configuring a VPN on the HP TMS zl Module
L2TP over IPsec VPNs
Figure 4-198. Manage IPsec Wizard > Add IPsec Policy (step 2) Window
6. For Key Exchange Method, keep the default, Auto (with IKEv1).
7. For IKEv1 Policy, select the previously configured IKEv1 policy.
You must select a policy of the client-to-site type.
8. Leave the Enable PFS (Perfect Forward Secrecy) for keys check box clear.
9. For SA Lifetime in Seconds, leave the default 28800 (8 hours).
10. For SA Lifetime in Kilobytes, leave the default, 0.
Note You could configure other settings for PFS and the SA lifetimes. However, in
that case, you could not use the New Connection Wizard to set up the VPN
connection on the Windows client; instead, you would have to configure the
IPsec settings for the connection manually and make sure to match the
settings configured here.
11. Click Next.
12. Clear the Enable IP Address Pool for IRAS (Mode Config) check box.