TMS zl Management and Configuration Guide ST.1.1.100430
7-445
Virtual Private Networks
Configure a Windows XP SP2 Client for L2TP over IPsec
IPsec policy
Action Apply Add IPsec Policy—
Step 1 of 4
Position Any position
Protocol UDP Protocol in the IP filter (step 30
on page 7-418)
Local Address TMS zl Module’s public IP address
Matches the IP address set in step 78 on
page 7-436
Destination address in the IP
filter (step 27 on page 7-417)
Local Port 1701 To this port in the IP filter (step
34 on page 7-418)
Remote Address Any
Remote Port 1701
Proposal IPsec proposal that you created for the L2TP
connection
IKEv1 Policy IKE policy that you created for the L2TP
connection
Add IPsec Policy—
Step 2 of 4
Enable PFS
(Perfect Forward
Secrecy) for keys
Check box is cleared
SA Lifetime in
Seconds
300 to 86400 Generate a new key every X
seconds in Custom Security
Method Settings for the filter
action (step 44e on page 7-424)
SA Lifetime in
Kilobytes
2560 and 4194304 Generate a new key every X
kilobytes in Custom Security
Method Settings for the filter
action (step 44d on page 7-424)
Enable IP
Address Pool for
IRAS (Mode
Config)
Check box is cleared Add IPsec Policy—
Step 3 of 4
Advanced
Settings
(Optional)
Default settings Add IPsec Policy—
Step 4 of 4
Parameter Valid Settings Configuration
Window
Matching Setting on the
Windows XP Client (Manual
Method)