Manualshelf

TMS zl Management and Configuration Guide ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
111112113114115116117118119120
2-8
Initial Setup in Routing Mode
Deploying the TMS zl Module in Routing Mode
In Figure 2-3, VLAN_7 handles all of the wireless traffic, and it has been
assigned to its own zone (Zone3). VLAN_3 and VLAN_5 are in the Internal zone
(which is a management-access zone), the server in VLAN_9 is in the DMZ,
and the interface that handles all VPN traffic is in the External zone.
The zones are defined as follows:
Self—The Self zone is a special zone inside the TMS zl Module that
contains the module’s TMS VLAN IP addresses and NAT addresses. All
traffic that originates from the TMS zl Module comes from the Self zone.
You cannot associate VLANs with the Self zone.
You can associate any number of VLANs with the following zones:
Internal—Zone on the internal network
Zone1 through Zone6—Optional, user-defined zones
DMZ—Demilitarized zone, located logically between Internal and Exter-
nal
External—Outside of the internal network, such as the Internet or
another untrusted network
Management-Access Zones
You can enable management access on one zone, all zones, or no zones. Once
you specify a zone as a management-access zone, the TMS zl Module automat-
ically creates unicast access policies to permit the management services
between the selected zone andSelf.
In Figure 2-3, management access has been enabled for the Internal zone,
which means that the firewall has been automatically configured to permit
management traffic from Internal to Self.