Manualshelf

TMS zl Management and Configuration Guide ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
571572573574575576577578579580
7-122
Virtual Private Networks
Configure Firewall Access Policies for Your VPN
You should also determine the zone for local endpoints allowed on the VPN.
This might be the Internal zone or another zone. The instructions below will
refer to this zone as the “local zone.”
Finally, you must remember the name of the user group (or groups) that you
configured for L2TP dial-in users. Some of the access policies will be config-
ured for those groups.
1. In the left navigation bar of the Web browser interface, select Firewall >
Access Policies. The Unicast tab should be selected.
2. Click Add a Policy. The Add Policy window is displayed.
3. Allow IKE messages from the remote endpoints.
a. For Action, leave the default Permit Traffic.
b. For From, select the remote zone.
c. For To, select Self.
d. For Service, select isakmp.
e. For Source, accept the default, Any Address.
If you know the public addresses of all of your remote endpoints, you
could create a named object with those addresses and specify that
object here. However, allowing any IP address is the easiest way to
set up the VPN.
f. For Destination, leave Any Address or specify the IP address configured
for the local gateway in the IKE policy.