TMS zl Management and Configuration Guide ST.1.1.100430

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

781

782

783

784

785

786

787

788

789

790

7-266

Virtual Private Networks

Configure a GRE over IPsec VPN with Manual Keying

8. Configure global IPsec settings (optional).

See “Configure Global IPsec Settings” on page 7-348.

9. Configure the remote GRE over IPsec gateway with compatible settings.

See you gateway device’s configuration guide for instructions.

Create Named Objects (Optional)

You might want to configure the named objects indicated in Table 7-26.

For your reference, this table includes the location where you would specify

these named objects. However, configuration instructions will indicate when

you actually need to specify each object. The table also includes a reference

to numbers in Figure 7-230, which illustrates an example implementation of

GRE tunneling. The number indicates the IP address for that named object in

the example network.

See “Named Objects” in Chapter 4: “Firewall” for step-by-step instructions for

configuring objects.

Table 7-26. Possible Named Objects for a GRE over IPsec VPN

Example

Figure

Reference

Named Object Description Named Object Type Location Where the Named

Object is Specified

1 The TMS zl Module IP address

that acts as the local gateway for

the tunnel

Single-entry IP address object • Local Address in the IPsec

policy traffic selector

• Source or Destination for

firewall access policies that

permit GRE and IKE traffic

2 The IP addresses of local

endpoints that use the tunnel

Single-entry or multiple-entry IP,

range, or network address

objects

Source or Destination for firewall

access policies that permit traffic

sent across the VPN

3 The remote tunnel gateway’s

external IP address

Single-entry IP, range, or network

address object

• Remote Address in the IPsec