Manualshelf

TMS zl Management and Configuration Guide ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
531532533534535536537538539540
7-89
Virtual Private Networks
IPsec VPNs
Figure 7-69. VPN > IPsec > Settings Window
4. Configure how the TMS zl Module handles ICMP error messages:
Select the Send ICMP error messages check box to have the TMS zl
Module return an ICMP error message when it receives bad data.
By default, this check box is selected.
Select the Handle ICMP error messages check box to have the TMS zl
Module accept incoming ICMP error messages.
By default, this check box is selected.
5. For Maximum SA per Policy, type the maximum number of SAs that can be
established using each IPsec policy.
The valid range is 2 to 10000. The default is 10000. Each connection to a
remote client requires 2 SAs (one inbound and one outbound).
Note that although you can define up 10000 SAs per policy, only 4800
sessions can be open concurrently.
6. Select the Auto SA Revalidation check box to allow the TMS zl Module to
automatically revalidate SAs when the associated policy is changed or
when the time or bandwidth limit expires.
If you clear the check box, the TMS zl Module does not revalidate the SA
until a packet arrives for that SA (which might slow processing for that
packet). By default, the check box is selected.