Manualshelf

TMS zl Management and Configuration Guide ST.1.2.100916

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
661662663664665666667668669670
7-144
Virtual Private Networks
Configure an L2TP over IPsec VPN
Configure an L2TP over IPsec VPN
You must complete these tasks to establish a client-to-site VPN that uses L2TP
over IPsec:
1. Create named objects (optional).
1. Create a client-to-site IKE policy.
Only one IKE policy can specify the client-to-site type, main mode, and
preshared keys. Therefore, if you are using pre-shared key authentication,
you must configure a single policy that is valid for all of your remote L2TP
users.
See “Create an IKE Policy for an L2TP over IPsec VPN” on page 7-146.
2. Create an IPsec proposal.
See “Create an IPsec Proposal for an L2TP over IPsec VPN” on page 7-153.
3. Create an IPsec policy for the L2TP traffic.
See “Create an IPsec Policy for an L2TP over IPsec VPN” on page 7-156.
4. Configure L2TP user authentication.
You must configure the TMS zl Module to authenticate L2TP users locally
or to an external RADIUS server. See “Configure L2TP User Authentica-
tion” on page 7-165.
5. Configure firewall access policies.
See “Create Access Policies for an L2TP over IPsec VPN” on page 7-177.
6. Check routes and, if necessary, add necessary routes.
“Verify Routes for the L2TP over IPsec VPN” on page 7-184.
7. Configure global IPsec settings (optional).
See “Configure Global IPsec Settings” on page 7-351.