Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100430

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
601602603604605606607608609610
7-83
Virtual Private Networks
Configure an IPsec Site-to-Site VPN with IKE
Figure 7-59. Add IKE Policy Window—Step 2 of 3
11. Under IKE Authentication, configure these settings:
a. For Key Exchange Mode, select Main Mode or Aggressive Mode.
The mode must match that configured on the remote endpoint. See
“IKE modes” on page 7-17 for guidelines.
b. For Authentication Method, select one of the following:
Preshared Key
DSA Signature
RSA Signature
If you select DSA Signature or RSA Signature, you can go directly to
step 12. (After you finish the IKEv1 policy, you must install certificates
as described in “Install Certificates for IKE” on page 7-88.)
If you want to use SCEP to install certificates, select RSA Signature
rather than DSA Signature.
c. If you selected Preshared Key, type a string of 12 to 49 alphanumeric
or special characters in the Preshared Key box. Type the same string
in the Confirm Preshared Key box.
The string (which is case-sensitive) must match that configured on
the remote gateway.