Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100430

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
581582583584585586587588589590
7-65
Virtual Private Networks
Configure an IPsec Client-to-Site VPN
c. For Firewall Zone, select the zone for remote clients after they estab-
lish the VPN connection.When you configure firewall access policies
for the IKE mode config addresses, use this zone.
d. For IP Address Ranges, type one or more ranges of IP addresses in the
same subnet as the IRAS. Type each range on its own line, using this
format: <first address>-<last address>. For example, type 172.16.100.50-
172.16.100.74.
Each remote client will be assigned an address from this pool while
visiting your private network.
You can view these addresses in the VPN > Connections > IP Address
Pool window.
Remember: you should have specified this same range for the Remote
Address of this policys traffic selector.
e. For Primary DNS Server, type the IP address of a DNS server that the
remote client is allowed to access.
f. For Secondary DNS Server, type the IP address of a secondary DNS
server that the remote client is allowed to access, if applicable.
g. For Primary WINS Server, type the IP address of a primary WINS server
that the remote client is allowed to access, if applicable.
h. For Secondary WINS Server, type the IP address of a secondary WINS
server that the remote client is allowed to access, if applicable.
Later, you will create firewall access policies to permit traffic from the
IKE mode config addresses to these servers.
18. Click Next.