Manualshelf

HP TMS zl Module Security Administrator's Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
511512513514515516517518519520
4-337
Configuring a VPN on the HP TMS zl Module
GRE Tunnels
Repeat these steps to create a redundant tunnel. (See “Configure a GRE
Tunnel” on page 4-326.)
Create access policies for the GRE tunnel you just created. (Move to the
next section.)
Secure the GRE tunnel with IPsec. (See “Configure a GRE over IPsec VPN
with IKE” on page 4-340 or “Configure a GRE over IPsec VPN with Manual
Keying” on page 4-373.)
Create Access Policies for a GRE Tunnel
Before you begin configuring firewall access policies, determine the zone on
which traffic from the remote tunnel gateway arrives. This is the zone associ-
ated with the TMS VLAN on which the tunnel’s local IP address is configured.
Also, determine the zone that you configured for the tunnel’s Firewall Zone
Association setting.
Finally, determine the zone for local endpoints that are allowed to send traffic
over the tunnel.
Figure 4-250 shows these zones for an example GRE tunnel.
Figure 4-250. Example GRE Tunnel (with Zones)