Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100430

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
551552553554555556557558559560
7-36
Virtual Private Networks
Configure an IPsec Client-to-Site VPN
i. If you have not already done so, configure a group or groups for
the remote users.
Configure the user group in the Network > Authentication > Fire-
wall/XAUTH Users window.
ii. Configure usernames and passwords for the remote users in one
of these locations:
An external RADIUS server—Remember, to add the RADIUS
server in the Network > Authentication > RADIUS window.
On the module itself (in the Network > Authentication > Firewall/
XAUTH Users window)
iii. When you later configure firewall access policies, select the
remote users’ groups from the User Group list before you configure
policies that control their traffic. See “Create Access Policies for
an IPsec Client-to-Site VPN” on page 7-68.
For more information on setting up authentication, see “User Authen-
tication” in Chapter 4: “Firewall.”
Select TMS acts as XAUTH Client:
i. For Authentication Type, select Generic or CHAP.
ii. For Username, type a username accepted by the remote gateway’s
authentication server.
iii. For Password, type the password associated with that username.
14. Click Finish.
The IKE policy is displayed in the VPN > IPsec > IKEv1 Policies window.
Figure 7-14. VPN > IPsec > IKEv1 Policies (Client-to-Site Policy Added)
Go to the next task:
If you selected DSA or RSA signatures for the authentication method, see
“Install Certificates for IKE” on page 7-37.
If you selected pre-shared key for the authentication method, see “Create
an IPsec Proposal” on page 7-53.