HP TMS zl Module Security Administrator's Guide
4-479
Configuring a VPN on the HP TMS zl Module
Managing VPNs
The Manage VPN Connections functionality is one way you can trouble-
shoot problems with VPN connections that are not being established
correctly. For example, if a VPN client establishes an IKE SA but cannot
establish the IPsec tunnel, you may want to flush the IKE SA. You can then
check your VPN settings and determine if you need to adjust them before
the VPN client tries to connect again.
For detailed information about troubleshooting VPN connections, see the
Troubleshooting chapter in HP Threat Management Services zl Module
Management and Configuration Guide.
Viewing L2TP Users
You can see the IP addresses that are currently assigned to L2TP users who
authenticated to an external RADIUS server.
1. In the PCM+ navigation tree, locate and select the TMS zl Module.
2. In the main configuration window, click the TMS-VPN tab and then the
Connections tab.
3. Click the L2TP Connections tab.
The window lists L2TP users who have authenticated to an external RADIUS
server. For each user, the following settings are displayed:
■ User—The user’s username
■ Domain—The domain of the RADIUS server to which the user authenti-
cated
■ Assigned Address—The virtual IP address assigned to the user’s device for
the L2TP connection. The address could have been assigned by the
RADIUS server itself or selected from a range of addresses configured for
the domain on the TMS zl Module.
Viewing Active IP Pool Sessions
In addition to viewing information about the pools that you have created for
IKE Mode Config (see “Viewing IP Address Pools” on page 4-465), you can
view addresses currently assigned to remote endpoints.
1. In the PCM+ navigation tree, locate and select the TMS zl Module.
2. In the main configuration window, click the TMS-VPN tab and then the
Connections tab.
3. Click the Active IP Address Pool Sessions tab.