Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100430

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
671672673674675676677678679680
7-162
Virtual Private Networks
Configure an L2TP over IPsec VPN
c. For Anti-Replay Window Size, type a value between 32 and 1024.
This setting determines how far out of order a packet can arrive and
still be accepted. See “Anti-Replay Window” on page 7-22 for more
information.
d. For DF Bit Handling, select one of these options:
Copy DF bit from clear packet
The TMS zl Module copies the don’t fragment (DF) bit setting for
the IPsec packet from the inner IP packet.
–Set DF bit
The module sets the DF bit for all IPsec packets.
Clear DF bit
The module clears the DF bit for all IPsec packets.
See “The Copying of Values from the Original IP Header” on page 7-24
for more information.
e. Under DSCP Options, choose how the TMS zl Module assigns DSCP
values to IPsec packets. Either:
Select Copy DSCP value from clear packet.
The TMS zl Module assigns each IPsec packet the DSCP value
assigned to the original IP packet.
Select Set DSCP value and type a value between 0 and 63 in the box.
The TMS zl Module assigns every IPsec packet in this SA the
DSCP that you configure. 0 is the default value and requests
normal handling for the packet.
See “The Copying of Values from the Original IP Header” on page 7-24
for more information.
20. Click Finish.
The IPsec policy is displayed in the VPN > IPsec > IPsec Policies window.
Figure 7-136. VPN > IPsec > IPsec Policies Window (Policy Added)