Manualshelf

TMS zl Management and Configuration Guide ST.1.2.100916

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
691692693694695696697698699700
7-178
Virtual Private Networks
Configure an L2TP over IPsec VPN
After the remote endpoints have received virtual IP addresses, their traffic is
considered to have originated in the External zone.
You should also determine the zone for local endpoints allowed on the VPN.
This might be the Internal zone or another zone. The instructions below will
refer to this zone as the “local zone.”
Figure 7-149 shows these zones in the example figure for an L2TP over
IPsec VPN.
Figure 7-149. Example L2TP over IPsec VPN (with Zones)
Finally, you must note the user group (or groups) to which L2TP users are
assigned. Users are assigned to these groups by local L2TP user accounts or
by an external RADIUS server. You will configure access policies that permit
traffic between remote users and local services within these groups; this helps
to ensure that only authorized remote users access your private network. In
addition, you can create different policies for different groups.
However, if you have chosen not to assign L2TP users to groups, then you will
configure access policies to permit their traffic in the None user group (the
default one).