Manualshelf

HP TMS zl Module Security Administrator's Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
541542543544545546547548549550
4-365
Configuring a VPN on the HP TMS zl Module
GRE Tunnels
Note If your traffic selector will include traffic that is also selected for NAT, you
must create a NAT exclusion policy. See Chapter 6: “Configuring the TMS zl
Module Firewall.”
Refer to Figure 4-272 for help configuring the traffic selector.
Figure 4-272. Example GRE over IPsec VPN
3. For Traffic Selector, configure these settings:
a. For Protocol, specify 47 (GRE).
b. For Local Address, specify the local gateway address for the GRE
tunnel (indicated by 1 in the figure and not the IP address on the tunnel
subnet).
c. For Remote Address, specify the remote gateway address for the GRE
tunnel (indicated by 3 in the figure and not the IP address on the tunnel
subnet).
4. For Proposal, select a previously configured IPsec proposal.
The IPsec proposal specifies the IPsec mode, IPsec protocol, and the
authentication and encryption algorithms that secure the VPN connec-
tion. See “Create an IPsec Proposal for a GRE over IPsec VPN” on page
4-355.
5. Click Next.