Manualshelf

TMS zl Management and Configuration Guide ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
581582583584585586587588589590
7-131
Virtual Private Networks
Configure Firewall Access Policies for Your VPN
Access Policies for a GRE Tunnel over IPsec
Before you begin configuring firewall access policies, determine the zone on
which traffic from the remote tunnel gateway arrives. This is the zone associ-
ated with the TMS VLAN on which the tunnel’s local IP address is configured.
The instructions below will refer to this zone as the “remote zone.”
Also, determine the zone that you configured for the tunnel’s Firewall Zone
Association setting. The instructions below will refer to this zone as the “tunnel
zone.”
Finally, determine the zone for local endpoints that are allowed to send traffic
over the tunnel. The instructions below will refer to this zone as the “local
zone.”
Then follow these steps:
1. In the left navigation bar of the Web browser interface, select Firewall >
Access Policies.
2. If you have not already done so, create a service object for GRE:
Note You could alternatively specify the service manually when you create
policies.
a. Click the Services tab.
b. Click Add Service.
c. For Name, type GRE.
d. For Protocol, select (47) GRE under All Protocols.
Figure 7-98. Add Service Window
e. Click Apply.
f. Click Close.