Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100226

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
1331133213331334133513361337133813391340
A-145
Command-Line Reference
IPsec Policy Context
You enter the IPsec IRAS context from the IPsec policy apply context. How-
ever, before you can enter the IPsec IRAS context, you must complete these
tasks:
Configure the IPsec policy’s traffic selector
Set the key exchange method to auto and specify the IKEv1 policy (which
must be the client-to-site type)
To enter the IPsec IRAS context, enter the following command from the IPsec
policy apply context:
Syntax: iras enable
To verify your location in the CLI, check the prompt. In the IPsec IRAS context,
the prompt is ProCurve(tms-module-<slot
ID>:ipsec:apply:iras)#.
To exit the IRAS context, enter the following:
Syntax: exit
From the IRAS context, you can:
Set IRAS IP address/mask (page A-146)
Set firewall zone for IKE mode config addresses (page A-146)
Set ranges for the IKE mode config addresses (page A-147)
Set primary and secondary DNS servers (page A-147)
Set primary and secondary WINS servers (page A-147)
apply. Once you have configured all parts of the IPsec policy, you must apply
the policy. The apply command verifies that all required settings are config-
ured and then adds or edits the IPsec policy. (If the requirements are not met,
the command does not take effect, and an error message indicates which
settings are missing.) Enter the following command:
Syntax: apply
This command is also available from the IPsec policy, IPsec policy apply, IPsec
policy bypass, IPsec policy deny, and IPsec manual keys contexts.
preview. Before you apply the IPsec policy, you should preview it to make
sure that everything is correct. To preview your policy, enter the following
command from any IPsec policy context:
Syntax: preview