Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100226

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
671672673674675676677678679680
7-173
Virtual Private Networks
Configure an L2TP over IPsec VPN
Set Up a RADIUS Server to Work with the TMS zl Module. This sec-
tion provides guidelines for setting up a RADIUS server so that it can provide
L2TP authentication for the TMS zl Module. You should refer to your server’s
documentation for precise instructions.
You must complete the following on your RADIUS server:
Add the TMS zl Module as a client. Set the shared secret to the same string
that you configured on the module when you specified this RADIUS
server.
Create one or more policies on the RADIUS server to authenticate L2TP
clients. Each policy must meet these criteria:
The policy selects requests sent from the TMS zl Module.
Table 7-18 shows the attributes that the module includes for L2TP-
related requests. You can use these attributes to ensure that the
request is matched to the proper policy. For example, you could create
policies that select requests from the L2TP users’ actual IP addresses.
Or a policy could select requests from users in a specific group.
Table 7-18. RADIUS Attributes Sent in L2TP RADIUS Request
The policy grants authenticated users access.
The policy defines the RADIUS attributes shown in Table 7-19 for the
connection.
Attribute Value
Username L2TP user’s username
Password L2TP user’s password
Calling-Station-ID L2TP user’s actual IP address
NAS-Identifier NAS Identifier configured for the module when you
specified the RADIUS server
NAS-IP-Address Module IP address on the TMS VLAN that connects
to the RADIUS server