Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100226

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
701702703704705706707708709710
7-201
Virtual Private Networks
Configure a GRE Tunnel
Figure 7-167. Example GRE Tunnel (with Zones)
Table 7-22 lists the necessary access policies; the numbers in the Source and
Destination columns refer to the example figure above. (Note that all of these
policies are typically configured for the None User group. However, if local
users log in through the module, then the access policies with the local zone
as the source zone would use that user group.)
For access policies that permit the traffic sent over the tunnel, you should
consider setting the TCP MSS to a value lower than the typical MSS used in
your system. Otherwise, the addition of the GRE and IP delivery headers might
make the packets too large to be transmitted. Table 7-22 suggests a value for
the TCP MSS when the MTU is 1500. For more information on the TCP MSS,
see the introduction to “Firewall Access Policies” on page 4-22 of Chapter 4:
“Firewall.”
Note The value for TCP MSS in the table is only a suggestion. You should determine
the best MSS for your environment.