TMS zl Management and Configuration Guide ST.1.0.090213
7-151
Virtual Private Networks
Configure the VPN Client
sary routes should be in place on the TMS zl Module. In this configuration, the
TMS zl Module reaches remote clients on a VLAN in the External zone (which
is a typical configuration).
Table 7-11. VPN Settings on the TMS zl Module
Parameter Valid Settings Configuration Window
IKE policy
Policy Type Client-to-Site (Responder) Add IKE Policy—Step 1 of 3
Local Gateway TMS zl Module’s IP address or VLAN in the External zone
Matches the IP address set in step 8 or step 9 on page 7-143
Local ID Type Matches the type set in step 8 on page 7-143
Local ID Value Matches the value set in step 8 on page 7-143
Remote ID Type Any type that you want
Matches the type set in step 12 on page 7-145
Remote ID Value 0.0.0.0 if you select IP Address for the ID type
If you select another ID type, matches the value set in step 13 on
page 7-145
Key Exchange Mode Matches the mode set in step 20 on page 7-149 Add IKE Policy—Step 2 of 3
Authentication
Method
Matches the method selected in step 10 on page 7-143
Preshared Key (if
Preshared key was
selected)
Matches the string configured in step 10 on page 7-143
Security Parameters
Proposal
Matches the settings configured in step 16 on page 7-147
XAUTH Configuration • Disable XAUTH
• Enable XAUTH Server
Matches the setting configured in step 17 on page 7-148
Add IKE Policy—Step 3 of 3
IPsec proposal
Encapsulation Mode Tunnel Add IPsec Proposal
Protocol Matches the settings configured in step 19 on page 7-148
Encryption Algorithm
(if you selected ESP)
Matches the settings configured in step 19 on page 7-148
Authentication
Algorithm
Matches the settings configured in step 19 on page 7-148