TMS zl Management and Configuration Guide ST.1.0.090213
7-2
Virtual Private Networks
Contents
Configuring L2TP over IPsec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-96
Create an L2TP Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-99
Add L2TP Dial-in Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-102
Manage L2TP over IPsec Connections . . . . . . . . . . . . . . . . . . . . . . . . 7-106
Generic Routing Encapsulation (GRE) . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-107
Create a GRE Tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-107
Configure GRE over IPsec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-110
Configure Firewall Access Policies for Your VPN . . . . . . . . . . . . . . . . . . 7-112
Access Policies for an IPsec Site-to-Site VPN with IKE . . . . . . . . . . 7-112
Access Policies for an IPsec Site-to-Site VPN with Manual
Keying . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-116
Access Policies for an IPsec Client-to-Site VPN with IKE . . . . . . . . 7-118
Access Policies for an L2TP over IPsec VPN . . . . . . . . . . . . . . . . . . . 7-121
Access Policies for a GRE Tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-126
Access Policies for a GRE Tunnel over IPsec . . . . . . . . . . . . . . . . . . 7-131
Verify Routes for the VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-137
Configure the VPN Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-140
Configure a ProCurve VPN Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-140
TMS zl Module Settings for the HP ProCurve VPN Client . . . . 7-150
Configure IPSecuritas for Macintosh VPN Client . . . . . . . . . . . . . . . 7-153
TMS zl Module Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-169
Configure a Windows XP SP2 Client for L2TP over IPsec . . . . . . . . 7-172
Configuration with the New Connection Wizard . . . . . . . . . . . . 7-172
Manual Windows XP Client Configuration . . . . . . . . . . . . . . . . . 7-187
Configure a Windows Vista Client for L2TP over IPsec . . . . . . . . . . 7-222
TMS zl Module Settings for an L2TP over IPsec
Connection to a Windows Vista Endpoint . . . . . . . . . . . . . . . . . 7-263
Configuring the L2TP Shared Secret on the Windows
Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-267