Manualshelf

TMS zl Management and Configuration Guide ST.1.1.100430

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
681682683684685686687688689690
7-169
Virtual Private Networks
Configure an L2TP over IPsec VPN
Create a User Group. When the RADIUS server authenticates an L2TP
user, it can send the name of a group to the TMS zl Module (in the Filter-ID
attribute). If you have configured that same group on the module, the module
will then apply the firewall access policies associated with that group to that
user. Assigning L2TP users to groups is best practice because L2TP users are
placed in the External zone; generally you do not want to create policies that
allow unauthenticated devices in the External zone to access your private
services.
This section includes the basic steps for setting up a user group. You will create
access policies for those groups a bit later.
1. In the left navigation bar of the Web browser interface, click Network >
Authentication.
2. Click the User Groups tab.
Figure 7-143. Network > Authentication > User Groups Window
3. Click Add user group.
Figure 7-144. Add user group Window
4. For Group Name, type a string that exactly matches the Filter-ID that you
will configure on the RADIUS server.
5. Click OK.