Manualshelf

TMS zl Management and Configuration Guide ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
1041104210431044104510461047104810491050
D-93
Troubleshooting
Troubleshooting the TMS zl Module in Routing Mode
5. Check the local gateway address in the IKE policy. Verify that this address
is the module IP address that the remote gateway contacts.
6. Check the IKE policies on the TMS zl Module and the remote gateway (if
possible). Ensure that both specify the same key exchange mode (main
or aggressive).
7. Check IKE settings on the TMS zl Module against settings on the remote
gateway.
To establish an IKE SA, the TMS zl Module and the remote gateway must
agree on a number of settings. Table D-16 displays those settings and how
they should match up between the module and the remote device.
Table D-16. Match IKE Settings on the Module and Remote VPN Gateway
Common errors include:
The local or remote ID has been miskeyed, or the remote device uses
a different ID type.
The preshared key (if used) is miskeyed.
Setting TMS zl Module Setting Remote VPN Gateway
Local gateway address Reachable module address Reachable address on the
device
Remote gateway address Same reachable address on
the remote device
Same reachable module
address
Local ID type and value Module ID type and value Remote gateway ID type and
value
Remote ID type and value Remote gateway ID type and
value
Module ID type and value
Key exchange mode Same mode Same mode
Authentication mode Same method Same method
Preshared key Same key Same key
Encryption algorithm Same encryption algorithm Same encryption algorithm
Authentication algorithm Same authentication algorithm Same authentication algorithm
Diffie-Hellman Group Same group Same group
SA lifetime Same SA lifetime Same SA lifetime