Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100226

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
801802803804805806807808809810
7-297
Virtual Private Networks
GRE Examples
The IP address of the VLAN that connects each site to the Internet will serve
as the gateway address for each module (172.23.99.99 and 192.168.33.22).
Each TMS zl Module treats GRE traffic as traffic between the Self zone and
the zone used to connect to the remote module (the External zone), so you
must configure firewall access policies to allow GRE traffic between these
zones. You must also configure firewall access policies that permit the traffic
that is encapsulated by the tunnel. On Module A, this is traffic between Zone6
and the tunnel’s zone (Zone4); on module B, this traffic is traffic between
Zone2 and the tunnel’s zone (Zone4). Additionally, each TMS zl Module
exchanges OSPF messages between the Self zone and the tunnel’s zone
(Zone4). Default policies permit all OSPF traffic, but in this example, these
policies have been disabled. You will add policies to permit OSPF traffic
specifically between the two modules. (In this case, you would also need to
add policies to permit OSPF traffic to other routers and routing switches.)
Figure 7-256 shows all of the IP addresses and zones that will be used for this
configuration. Figure 7-257 shows all of OSPF settings that will be used for
this configuration.
Table 7-28 lists the configuration parameters that will be used for this config-
uration. Notice that for many of the parameters the local setting on one module
is the same as the remote setting on the other module.