Manualshelf

TMS zl Management and Configuration Guide ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
1021102210231024102510261027102810291030
D-72
Troubleshooting
Troubleshooting the TMS zl Module in Routing Mode
Check the module’s routes and verify that it has a route to the remote clients
(which may not be directly connected to a TMS VLAN as the test client is).
The firewall access policies do not permit NAT-T traffic.
A device between the TMS zl Module and the remote clients may perform
NAT on the clients’ traffic, which can interfere with the VPN. The module
supports NAT-T to deal with this problem, but you must allow NAT-T traffic
through the firewall. Configure access policies that allow traffic with the
ipsec-nat-t-udp
service between the remote clients and the TMS zl Module.
If the test client experiences the same problem as the remote clients, you must
troubleshoot the connection as described in the sections that follow.
View VPN Connections.
The first step in troubleshooting a VPN is determin-
ing where the connection fails. You can view VPN connections in the
VPN
>
IPsec
>
VPN Connections
window of the TMS zl Module’s Web browser interface.
Figure D-14. View VPN Connections