Manualshelf

TMS zl Management and Configuration Guide ST.1.2.100916

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
1381138213831384138513861387138813891390
A-127
Command-Line Reference
IKEv1 Context
md5
sha-1
Replace <seconds> with the number of seconds that the IKE SA is kept open.
Valid values are between 300 seconds (5 minutes) and 86400 seconds (1 day).
For example:
hostswitch(tms-module-<slot ID>:ikev1)# security-
proposal dh-group group2-1024 encryption des auth sha-1
sa-lifetime 28800
type
With this command, you specify the type of VPN that the IKEv1 policy will
negotiate. On the TMS zl Module, you can create two types of IKE policies:
site-to-site and client-to-site.
type site-to-site
To configure a site-to-site IKE policy, enter the following command:
Syntax: type site-to-site local-gateway <IP address | vlan <VLAN ID>> remote-
gateway <IP address | name <domain name> >
Replace <IP address> with the IP address of the local or remote gateway.
Replace <VLAN ID> with the ID of the VLAN on which the remote endpoint
reaches the TMS zl Module.
Replace <domain name> with the remote gateway’s fully qualified domain
name (FQDN). The TMS zl Module must be able to resolve the IP address for
the remote gateway’s FQDN.
For example:
hostswitch(tms-module-<slot ID>:ikev1)# type site-to-
site local-gateway vlan 1 remote-gateway name
gateway.company123.com
type client-to-site
To configure a client-to-site IKE policy, enter the following command:
Syntax: type client-to-site local-gateway <IP address | vlan <VLAN ID>>