TMS zl Management and Configuration Guide ST.1.1.100226

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

991

992

993

994

995

996

997

998

999

1000

7-493

Virtual Private Networks

Configure a Windows Vista Client for L2TP over IPsec

L2TP RADIUS Authentication settings (if used)

L2TP Server IP

Address

Any IP address in a private subnet not in

use in your network

Network > Authentication

> L2TP Users

Domain name The domain to which your users belong

(or global = no name)

Domain Name setting in

Add RADIUS server

window

User name configured in

step 75 on page 7-482

IP Pool Range of IP addresses that are in the

same subnet as the L2TP Server IP

address

Edit RADIUS Domain

window

•Primary DNS

Server

• Secondary DNS

Server

•Primary WINS

server

• Secondary WINS

server

IP addresses of your network’s servers

(to which TMS firewall access policies

permit the remote client access)

Edit RADIUS Domain

window

Firewall access policies

User Group None • Permit Self <remote endpoints’ zone>

UDP 1701 Any Any

• Permit <remote endpoints’ zone> Self

UDP 1701 Any Any

• Permit Self <remote endpoints’ zone>

isakmp Any Any

• Permit <remote endpoints’ zone> Self

isakmp Any Any

Add Policy

User Group <group

configured for the

dial-in user>

• Permit External <local zone> Any

<virtual dial-in addresses> <local

addresses>

• Permit <local zone> External Any

<virtual dial-in addresses> <local

addresses>

Add Policy

Parameter Valid Settings Configuration Window Matching Setting on the

Windows Vista Client