TMS zl Management and Configuration Guide ST.1.1.100430
7-373
Virtual Private Networks
Configure an HP ProCurve VPN Client
19. In the right pane, configure security settings to match those in the TMS zl
Module’s IPsec proposal and IPsec policy:
a. For SA Life, match the SA lifetime settings in the module’s IPsec policy:
– If the setting for seconds on the module is 0, select KBytes. In the
KBytes box, type the number of kilobytes configured on the
module.
– If the setting for kilobytes on the module is 0, select Seconds. In
the Seconds box, type the number of seconds configured on the
module.
– If the module has a non-zero setting for both seconds and kilo-
bytes, select Both. Match the seconds and kilobytes settings on
the module in the Seconds and KBytes boxes.
b. If the module’s IPsec proposal specifies ESP for the protocol, select
the Encapsulation Protocol (ESP) check box. Then match other settings
in the module’s IPsec proposal:
–For Encrypt Alg, select the encryption algorithm specified on the
module.
–For Hash Alg, select the authentication algorithm specified on the
module.
–For Encapsulation, leave Tunnel.
c. If the module’s IPsec proposal specifies AH for the protocol, select
the Authentication Header (AH) check box. Then match other settings
in the module’s IPsec proposal:
–For Hash Alg, select the authentication algorithm specified on the
module.
–For Encapsulation, leave Tunnel.
The TMS zl Module’s default IPsec proposal and IPsec policy settings are
displayed in Table 7-33.
Table 7-33. Default TMS zl Module IPsec Proposal Settings
20. In the left navigation pane, click Security Policy.
Parameter Default Setting
Protocol ESP
Encryption Algorithm 3DES
Authentication Algorithm MD5
SA Lifetime in Seconds 28800
SA Lifetime in Kilobytes 0 (None)