Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100226

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
551552553554555556557558559560
7-55
Virtual Private Networks
Configure an IPsec Client-to-Site VPN
8. If you selected either ESP or AH, for Authentication Algorithm, select one of
the following:
None
You must not select None if you selected AH for the Security Protocol
or if you selected NULL for the ESP Encryption Algorithm.
•MD5
SHA-1
•AES-XCBC
9. Click OK.
The IPsec proposal is displayed in the VPN > IPsec > IPsec Proposals window.
Figure 7-43. VPN > IPsec > IPsec Proposals Window (Proposal Added)
10. Click Save.
Create an IPsec Policy for a Client-to-Site VPN
This section explains how to configure an IPsec policy for a basic client-to-
site IPsec VPN. The IPsec policy selects traffic between local IP addresses
that are accessible to the remote users and the remote users. It includes
settings that will be negotiated during IKE phase 2.
For client-to-site IPsec VPNs, it is generally recommended that you use IKE
mode config. However, some IPsec clients (such as IPSecuritas VPN clients)
do not support the TMS zl Module implementation of IKE mode config. Decide
now whether you will use IKE mode config. Various settings depend on
whether you will use this feature.
Follow these steps to create the IPsec policy:
1. In the left navigation bar of the Web browser interface, click VPN > IPsec.
2. Click the IPsec Policies tab.