TMS zl Management and Configuration Guide ST.1.1.100226
7-349
Virtual Private Networks
Configure Global IPsec Settings
3. Create a route to VLAN65 through the primary GRE tunnel:
a. Click Add static route.
b. For Destination Type, select Network.
c. For Destination Address, type 10.1.10.0/24.
d. For Gateway Address, type 10.8.8.1.
e. For Metric, leave 0.
f. For Distance, type 1.
g. Click OK.
4. Create a floating static route to VLAN65 through the secondary GRE
tunnel:
a. Click Add static route.
b. For Destination Type, select Network.
c. For Destination Address, type 10.1.10.0/24.
d. For Gateway Address, type 10.9.9.1.
e. For Metric, leave 2.
f. For Distance, type 1.
g. Click OK.
h. Click Save.
Configure Global IPsec Settings
You can configure several more settings which affect all IPsec connections.
These settings control:
■ Whether IPsec is enabled
■ How ICMP error messages are handled
ICMP error messages may not be allowed by the IPsec traffic selectors.
However, these error messages are often necessary for a session. You can
configure how the TMS zl Module handles ICMP error messages.
■ The number of SAs allowed per policy
■ Whether SAs are automatically revalidated when policies change
■ The minimum packet size for IP compression