TMS zl Management and Configuration Guide ST.1.0.090213
7-152
Virtual Private Networks
Configure the VPN Client
IPsec policy Add IPsec Policy—Step 1 of 4
Action Apply
Position Any position
Protocol Matches the setting configured in step 6c on page 7-143
Local Address Matches the settings configured in step 6 on page 7-142
Local Port Matches the settings configured in step 6d on page 7-143
Remote Address Any
Remote Port Empty
Proposal IPsec proposal that you created for the IPsec connection
IKEv1 Policy IKE policy that you created for the IPsec connection Add IPsec Policy—Step 2 of 4
Enable PFS (Perfect
Forward Secrecy) for
keys
Matches the setting configured in step 22 on page 7-150
SA Lifetime in
Seconds
Matches the settings configured in step 19 on page 7-148
SA Lifetime in
Kilobytes
Matches the settings configured in step 19 on page 7-148
Enable IP Address
Pool for IRAS (Mode
Config)
Check box is selected
Other settings
Add IPsec Policy—Step 3 of 4
IRAS IP Address/
Mask
IP address in a private subnet with addresses reserved for
remote clients
Firewall Zone • The source zone for traffic that arrives from the remote
clients
• The destination zone for traffic sent to remote client
IP Address Ranges IP addresses in the same subnet as the IRAS IP address
• Primary DNS
Server
• Secondary DNS
Server
• Primary WINS
server
• Secondary WINS
server
IP addresses of your network’s servers (which the remote clients
can access)
Advanced Settings
(Optional)
Default settings Add IPsec Policy—Step 4 of 4
Parameter Valid Settings Configuration Window