Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100430

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
101102103104105106107108109110
1-64
Overview
Virtual Private Network (VPN)
Virtual Private Network (VPN)
The TMS zl Module can act as a VPN gateway. You should use the VPN
functionality when you want to protect traffic from eavesdropping and from
tampering. Typically, such protection is necessary when the traffic passes
through an untrusted network such as the Internet or a wireless network that
does not offer encryption.
You can also create VPNs inside your private network to protect sensitive
information from all but authorized users.
VPN Protocols
The TMS zl Module supports these protocols:
IP security (IPsec):
With Internet Key Exchange (IKE) version 1
With manual keying
Layer 2 Tunneling Protocol (L2TP) over IPsec
Generic Routing Encapsulation (GRE) with or without IPsec
IPsec
IPsec secures and encapsulates IP packets with one or both of these two
protocols:
Authentication Header (AH)—provides data integrity and optional
encryption
Encapsulation Security Payload (ESP)—provides encryption and
optional data integrity
IKE helps the two endpoints of an IPsec VPN tunnel (also called an IPsec
security association [SA]) to negotiate the keys for data integrity and encryp-
tion. IKE is the preferred option, but the TMS zl Module also supports manual
keying.