Manualshelf

HP VPN Firewall Appliances VPN Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
211212213214215216217218219220
206
Using a wizard to configure an IPsec VPN
IPsec VPN policy can be configured only in the Web interface.
The IPsec VPN policy configuration wizard provides a way to easily configure IPsec VPNs. For more
information about IPsec and IKE, see "Configuring IPsec" and "Configuring IKE."
IPsec VPN supports two networking modes: center-branch mode and peer-peer mode.
Center-branch mode applies to one-to-many networks as shown in Figure 135. A network in this
mode us
es the aggressive mode for IKE negotiation and uses the security gateway name or IP
address as the ID type at the local end. The center node never initiates IPsec SA negotiation. The
branch nodes must take the responsibility.
Figure 135 Center-branch networking mode
Peer-peer mode applies to one-to-one networks as shown in Figure 136. A network in this mode
uses the main mode for IKE negotiation and can use only the ID type of IP address at the local end.
Either of the two peers can initiate IPsec SA negotiation.
Figure 136 Peer-peer networking mode
Configuring a center node
1. From the navigation tree, select Wizard to enter the Configuration Wizard page.
2. Click the IPSec VPN Deployment hyperlink to enter the first page of the IPsec VPN policy
configuration page.
3. Select Center Node from the first page of the IPsec VPN policy configuration wizard.