Manualshelf

HP VPN Firewall Appliances VPN Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
151152153154155156157158159160
147
Figure 106 Non-mirror image ACLs
Protection modes
Data flows can be protected in two modes:
Standard mode, in which one tunnel is used to protect one data flow. The data flow permitted by
each ACL rule is protected by one tunnel that is established separately for it.
Aggregation mode, in which one tunnel is used to protect all data flows permitted by all the rules
of an ACL. This mode applies to only scenarios that use IKE for negotiation.
Configuring an IPsec proposal
The Web interface provides two modes for configuring an IPsec proposal: suite mode and custom mode.
The suite mode allows you to select a pre-defined encryption suite, and the custom mode allows you to
configure IPsec proposal parameters discretionarily.
Configuring an IPsec proposal in suite mode
1. From the navigation tree, select VPN > IPSec > Proposal to enter the IPsec proposal management
page.
Figure 107 IPsec proposal list
2. Click Add to enter the IPsec proposal configuration wizard page.
Figure 108 IPsec proposal configuration wizard page