TMS zl Management and Configuration Guide ST.1.1.100430
7-393
Virtual Private Networks
Configure IPSecuritas (Macintosh VPN Client)
Table 7-35. TMS zl Module Settings for an IPsec VPN with a Macintosh
IPSecuritas Client
Parameter Valid Settings Configuration Window
IKE policy
Policy Type Client-to-Site (Responder) Add IKE Policy—Step 1 of 3
Local Gateway TMS zl Module’s IP address or VLAN in the External zone
Local ID Type Same ID type as configured for Remote Identifier in step 17b on
page 7-388; Address = IP Address; User FQDN = Email Address;
FQDN = Domain Name
Local ID Value Same value as configured for Remote Identifier in step 17b on
page 7-388
Remote ID Type Same ID type as configured for Local Identifier in step 17a on
page 7-388; Address = IP Address; User FQDN = Email Address;
FQDN = Domain Name
Remote ID Value Remote ID Type = Address, type 0.0.0.0 (for multiple clients) or
the client’s public IP address
Remote ID Type = Email Address, type *@domain.tld or an email
address that is configured on the client
Remote ID Type = Domain Name, type domain.tld or
<clientname>.domain.tld
Key Exchange Mode Main or Aggressive, as configured in step 14e on page 7-386 Add IKE Policy—Step 2 of 3
Authentication
Method
Preshared Key
Preshared Key Same key as configured in step 17 on page 7-388
Diffie-Hellman (DH)
Group
Matches the setting configured in step 14b on page 7-386
Encryption Algorithm Matches the setting configured in step 14c on page 7-386
Authentication
Algorithm
Matches the setting configured in step 14d on page 7-386
SA Lifetime in
seconds
Matches the setting configured in step 14a on page 7-386
XAUTH Configuration Disable XAUTH Add IKE Policy—Step 3 of 3
IPsec proposal
Encapsulation Mode Tunnel Add IPsec Proposal
Protocol ESP
Encryption Algorithm
(if you selected ESP)
Matches the setting configured in step c on page 7-387
Authentication
Algorithm
Matches the setting configured in step d on page 7-387