HP TMS zl Module Security Administrator's Guide
4-355
Configuring a VPN on the HP TMS zl Module
GRE Tunnels
i. For Authentication Type, select Generic or CHAP.
ii. For Username, type a username accepted by the remote gateway’s
authentication server.
iii. For Password, type the password associated with that username.
17. Click Next.
18. Review the configuration settings you have selected. If you want to save
the changes as well as apply them, select the Save Configuration check box.
If any of the TMS zl Modules is a master in a cluster and you want to
immediately synchronize the changes, select the Synchronize changes to
participant check box.Note that this will cause the participant to reboot.
If you need to change any settings, click Back until you reach the appro-
priate window and can select a different setting.
When you are ready to apply the configuration, click Next.
19. A window is displayed, showing the settings being applied. When you see
that they have been applied successfully, click Close.
The IKE policy is displayed in the TMS-VPN > IPsec > IKEv1 Policies
window.
Create an IPsec Proposal for a GRE over IPsec VPN
Each IPsec proposal specifies the following:
■ IPsec mode (tunnel or transport)
■ IPsec security protocol:
• AH and a single authentication algorithm
• ESP, a single authentication algorithm, and a single encryption algo-
rithm
You can configure multiple IPsec proposals. In a later task, you will specify a
proposal in an IPsec policy. The algorithm or algorithms in that proposal will
secure traffic that is part of IPsec tunnels (VPN connections) that are estab-
lished with that policy.
Follow these steps to configure an IPsec proposal:
1. Verify that you are at the correct level in the navigation tree:
• To configure a single TMS zl Module, the device’s name within the
TMS zl folder.
• To configure multiple modules, the TMS zl folder itself.
2. In the main configuration window, you should be at the TMS - VPN > IPsec
tab.