TMS zl Management and Configuration Guide ST.1.1.100226
7-376
Virtual Private Networks
Configure an HP ProCurve VPN Client
sary routes should be in place on the TMS zl Module. In this configuration, the
TMS zl Module reaches remote clients on a VLAN in the External zone (which
is a typical configuration).
Table 7-34. VPN Settings on the TMS zl Module
Parameter Valid Settings Configuration Window
IKE policy
Policy Type Client-to-Site (Responder) Add IKE Policy—Step 1 of 3
Local Gateway TMS zl Module’s IP address or VLAN in the External zone
Matches the IP address set in step 8 or step 9 on page 7-368
Local ID Type Matches the type set in step 8 on page 7-368
Local ID Value Matches the value set in step 8 on page 7-368
Remote ID Type Any type that you want
Matches the type set in step 12 on page 7-370
Remote ID Value 0.0.0.0 if you select IP Address for the ID type
If you select another ID type, matches the value set in step 13 on
page 7-370
Key Exchange Mode Matches the mode set in step 20 on page 7-374 Add IKE Policy—Step 2 of 3
Authentication
Method
Matches the method selected in step 10 on page 7-369
Preshared Key (if
Preshared key was
selected)
Matches the string configured in step 10 on page 7-369
Security Parameters
Proposal
Matches the settings configured in step 16 on page 7-372
XAUTH Configuration Matches the setting configured in step 17 on page 7-373:
• Disable XAUTH if the client does not use XAUTH
• TMS acts as XAUTH Server if the client uses XAUTH
Add IKE Policy—Step 3 of 3
IPsec proposal
Encapsulation Mode Tunnel Add IPsec Proposal
Protocol Matches the settings configured in step 19 on page 7-373
Encryption Algorithm
(if you selected ESP)
Matches the settings configured in step 19 on page 7-373
Authentication
Algorithm
Matches the settings configured in step 19 on page 7-373