Manualshelf

TMS zl Management and Configuration Guide ST.1.2.100916

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
911912913914915916917918919920
7-398
Virtual Private Networks
Configure a Windows XP SP2 Client for L2TP over IPsec
Configure a Windows XP SP2 Client for
L2TP over IPsec
This section includes step-by-step instructions for configuring a Windows XP
SP2 client to establish a L2TP over IPsec connection to the TMS zl Module.
You have two options for configuring the client:
Use the New Connection Wizard and its default IPsec policies.
Using the default policies is the easiest way to set up the connection.
However, on the TMS zl Module, you must take care to configure proto-
cols, algorithms, and SA lifetime security settings that match the XP
client’s default proposals. Fortunately, the default TMS zl Module security
settings work with one exception—you must change the DH group in the
IKE policy to Group 2 instead of Group 1 when you use the other default
settings.
For this method, see “Configuration with the New Connection Wizard” on
page 7-399.
On the TMS zl Module, you must configure L2TP over IPsec settings as
described in “Configure an L2TP over IPsec VPN” on page 7-144. See “TMS
zl Module Settings with a Windows XP Client (Wizard Configuration)” on
page 7-409 for a table that shows all necessary settings.
Set up IPsec policies manually.
Manually configuring the policies allows you to control the exact security
settings for your environment. This method is recommended only for
expert users.
For this method, see “Manual Windows XP Client Configuration” on
page 7-413.
On the TMS zl Module, you must configure L2TP over IPsec settings as
described in “Configure an L2TP over IPsec VPN” on page 7-144. See “TMS
zl Module Settings with a Windows XP Client (Manual Configuration)” on
page 7-446 for a table that shows all necessary settings.