Manualshelf

HP TMS zl Module Security Administrator's Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
12345678910
v
Contents
Configuring an IPsec Site-to-Site VPN Between TMS zl
Modules—Deploy IPsec Site-to-Site VPN Wizard . . . . . . . . . . . . . . . 4-107
Create Named Objects for the VPN (Optional) . . . . . . . . . . . . . 4-108
Run the Deploy IPsec Site-to-Site Wizard . . . . . . . . . . . . . . . . . . 4-111
Create Access Policies for the TMS zl Modules in the IPsec
Site-to-Site VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-194
Verify Routes for TMS zl Modules in the IPsec
Site-to-Site VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-196
Configuring an IPsec Site-to-Site VPN Between a TMS
zl Module and Non-TMS Gateway—Manage IPsec Wizard . . . . . . . 4-197
Create Named Objects for the VPN (Optional) . . . . . . . . . . . . . 4-199
Create an IKE Policy for a Site-to-Site IPsec VPN . . . . . . . . . . . 4-200
Create an IPsec Proposal for an IPsec Site-to-Site VPN . . . . . . 4-211
Create an IPsec Policy for an IPsec Site-to-Site VPN
That Uses IKE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-217
Create Access Policies for an IPsec Site-to-Site VPN
that Uses IKE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-228
Verify Routes for an IPsec Site-to-Site VPN That Uses IKE . . . . . . . 4-229
Configuring an IPsec Site-to-Site VPN with Manual Keying . . . . 4-230
Create Named Objects for the VPN (Optional) . . . . . . . . . . . . . . . . . 4-232
Create an IPsec Proposal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-233
Create an IPsec Policy That Uses Manual Keying . . . . . . . . . . . . . . . 4-238
Create Access Policies for an IPsec Site-to-Site VPN
with Manual Keying . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-249
Verify Routes for an IPsec Site-to-Site VPN . . . . . . . . . . . . . . . . . . . . 4-251
L2TP over IPsec VPNs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-252
Configure an L2TP over IPsec Client-to-Site VPN . . . . . . . . . . . . . . . 4-253
Create Named Objects for the VPN (Optional) . . . . . . . . . . . . . 4-254
Create an IKE Policy for an L2TP over IPsec VPN . . . . . . . . . . 4-256
Create an IPsec Proposal for an L2TP over IPsec VPN . . . . . . . 4-269
Create an IPsec Policy for an L2TP over IPsec VPN . . . . . . . . . 4-276
L2TP User Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-286
Configure Local L2TP Authentication . . . . . . . . . . . . . . . . . . . . . 4-287
Configure L2TP Authentication to an External
RADIUS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-301
Create Access Policies for an L2TP over IPsec VPN . . . . . . . . . . . . 4-319
Verify Routes for the L2TP over IPsec VPN . . . . . . . . . . . . . . . . . . . . 4-322
GRE Tunnels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-323
GRE Tunnel Keepalives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-324
Redundant GRE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-325
Floating Static Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-326
Maximum Segment Size (MSS) for TCP Connections . . . . . . . . . . . 4-326