TMS zl Management and Configuration Guide ST.1.1.100226
7-446
Virtual Private Networks
Configure a Windows XP SP2 Client for L2TP over IPsec
IPsec policy
Action Apply Add IPsec Policy—
Step 1 of 4
Position Any position
Protocol UDP Protocol in the IP filter
(step 30 on page 7-419)
Local Address TMS zl Module’s public IP address
Matches the IP address set in step 78 on page 7-
437
Destination address in
the IP filter (step 27 on
page 7-418)
Local Port 1701 To this port in the IP filter
(step 34 on page 7-419)
Remote Address Any
Remote Port 1701
Proposal IPsec proposal that you created for the L2TP
connection
IKEv1 Policy IKE policy that you created for the L2TP
connection
Add IPsec Policy—
Step 2 of 4
Enable PFS
(Perfect Forward
Secrecy) for keys
Check box is cleared
SA Lifetime in
Seconds
300 to 86400 Generate a new key
every X seconds in
Custom Security Method
Settings for the filter
action (step 44e on
page 7-425)
SA Lifetime in
Kilobytes
2560 and 4194304 Generate a new key
every X kilobytes in
Custom Security Method
Settings for the filter
action (step 44d on
page 7-425)
Enable IP
Address Pool for
IRAS (Mode
Config)
Check box is cleared Add IPsec Policy—
Step 3 of 4
Advanced
Settings
(Optional)
Default settings Add IPsec Policy—
Step 4 of 4
L2TP User account (one user for each client if used)
Parameter Valid Settings Configuration
Window
Matching Setting on the
Windows XP Client
(Manual Method)