Manualshelf

TMS zl Management and Configuration Guide ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
571572573574575576577578579580
7-125
Virtual Private Networks
Configure Firewall Access Policies for Your VPN
g. Click Apply.
7. You must consider the user group in which you want to configure the
remaining access policies.
The TMS zl Module applies the access policies for the None user group to
all users. Therefore, you can configure access policies to control the
remote users’ traffic from the None user group. However, you might want
to create access policies that apply to specific groups. For example, the
dial-in accounts might divide remote users into groups that require differ-
ent levels of access. In that case, follow these steps, to select the correct
user group before configuring the remaining policies:
a. Click Close.
b. In the Firewall > Access Policies > Unicast window, for User Group,
select the group to which you assigned L2TP dial-in users.
c. Click Add a Policy.
8. Permit traffic from the remote endpoints to local endpoints:
a. For Action, leave the default, Permit Traffic.
b. For From, select External.
c. For To, select the local zone.
d. For Service, leave Any Address.
This is the most basic configuration. You could also permit only
certain types of traffic.
e. For Source, specify the virtual addresses that the TMS zl Module
assigns to L2TP endpoints.
f. For Destination, specify the local addresses that remote endpoints are
allowed to access.
g. Click Apply.
9. If you have specified multiple user groups in the L2TP dial-in user
accounts, repeat step 7 and step 8 for each group.
10. If necessary for your services, create access policies that permit local
endpoints to send traffic to remote endpoints (at their virtual addresses
addresses and the External zone). The policies should generally be con-
figured in None user group.