Manualshelf

TMS zl Management and Configuration Guide ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
481482483484485486487488489490
7-36
Virtual Private Networks
IPsec VPNs
d. For SA Lifetime in Seconds, type the number of seconds that the IKE
SA is kept open.
Valid values are between 300 seconds and 86400 seconds (1 day).
Remember that this setting applies to IKE SA, which is a temporary
tunnel used only to establish the IPsec SA.
12. Click Next.
13. Configure XAUTH, which is an optional additional layer of security. You
can configure the TMS zl Module to act either as a client (authenticate
itself) or as a server (authenticate the remote clients). However, config-
uring the module as an XAUTH server is typical:
•Select Enable XAUTH Client:
i. For Authentication Type, select Generic or CHAP.
ii. For Username, type a username accepted by the remote gateway’s
authentication server.
iii. For Password, type the password associated with that username.
Click Enable XAUTH Server.
Figure 7-19. Add IKE Policy Window—Step 3 of 3
i. For Authentication Type, select Generic or CHAP.