HP VPN Firewall Appliances VPN Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

411

412

413

414

415

416

417

418

419

420

406

Encryption of VAM protocol packets

VAM protocol packets can be encrypted by using AES-128, AES-256, DES, or 3DES.

IPsec protection of data packets

Data packets in a DVPN tunnel can be protected by an IPsec profile, using security protocols ESP, AH, or

AH-ESP (ESP first, and then AH) and negotiating security policies through IKE.

Centralized management of policies

A VAM server manages all policies in a VPN domain centrally.

Support for multiple VPN domains

A VAM server supports up to 10 VPN domains.

Configuring DVPN in the Web interface

Recommended configuration procedure

When you configure DVPN, configure the DVPN server before configuring the DVPN clients. When you

configure the DVPN clients, configure the Hubs before configuring the Spokes.

Table 56 Recommended configuration procedure

Ste

Remarks

Configuring the DVPN server

1. Configuring local users or RADIUS

authentication

Optional.

The DVPN server authenticates the identities of clients that try to

access the VPN domain. Only clients that pass the identity

authentication can connect to the VPN domain. The DVPN server

supports local authentication and RADIUS authentication.

For information about local user configuration, see Getting

Started Guide. For information about RADIUS configuration, see

Access Control Configuration Guide.

2. Configuring a VPN domain

Required.

Configure a VPN domain and configure the relevant policies,

such as the VAM protocol packets protection and client

authentication modes.

Configuring the DVPN client

1. Configuring DVPN tunnels

Required.

Configure a tunnel interface, and configure DVPN related

parameters, such as the VAM client, the IPsec parameters, and

the tunnel parameters.