Manualshelf

HP TMS zl Module Security Administrator's Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
601602603604605606607608609610
4-429
Configuring a VPN on the HP TMS zl Module
Configure Global IPsec Settings
A challenge password is typically used to revoke a certificate, but your
CA may also require you to enter a challenge password to request a
certificate. If your CA does not require a password, leave this box empty.
9. For Identifier to store Private Key, type a string between 1 and 31 alphanu-
meric characters. The string must be unique to this private key.
10. For Key Size, select 512, 1024, or 2048, which determines the length of the
key in bits.
11. Click Next.
12. Review the settings. If they are correct, click Next. (Remember to select
the Save Configuration check box to save the settings to the module’s
startup-config.)
If you need to change any settings, click Cancel and modify the SCEP
settings.
13. After the process completes successfully, close the window.
You have finished installing your certificates.
Configure Global IPsec Settings
You can configure some IPsec settings that affect all IPsec connections. These
settings control:
Whether IPsec is enabled
How ICMP error messages are handled
ICMP error messages may not be allowed by the IPsec traffic selectors.
However, these error messages are often necessary for a session. You can
configure how the TMS zl Module handles ICMP error messages.
The number of SAs allowed per policy
Whether SAs are automatically revalidated when policies change
The minimum packet size for IP compression
You can access the window for editing the settings in several ways:
You can select the precise module to be edited from the main configura-
tion window. See step 1.