<<Create a Client-to-Site IKE Policy (1 of 3)

Create a Client-to-Site IKE Policy (3 of 3) >>

 

Example 2: IPsec VPN, Client-to-Site

Create a Client-to-Site IKE Policy (Step 2 of 3)

 

TMS zl Module

HP ProCurve VPN Client

  1. Under IKE Authentication, configure these settings:

  1. For Key Exchange Mode, select Aggressive Mode.

  2. For Authentication Method, select Preshared Key.

  3. In the Preshared Key and the Confirm Preshared Key boxes, type VPNtoCampus88.

  1. Under Security Parameters Proposal, configure the security settings that will be proposed by the Threat Management Services (TMS) zl Module for the IKE SA:

  1. For Diffie-Hellman (DH) Group, select Group 1 (768).

  1. For Encryption Algorithm, select DES.

  1. For Authentication Algorithm, select MD5.

  1. For SA Lifetime in seconds, type 28800 seconds.

  1. Click Next.

  1. Click Security Policy.

  2. Under Select Phase 1 Negotiation Mode, select Aggressive Mode.

  3. Click My Identity again.

  4. Click the Pre-Shared Key button.

  5. Click Enter Key.

  6. In the space provided, type VPNtoCampus88 and click OK.

  7. Expand Security Policy and Authentication (Phase 1).

  8. Click Proposal 1.

  9. For Authentication Method, select Pre-Shared Key.

  10. For Encryption Alg, select DES.

  11. For Hash Alg, select MD5.

  12. For SA Life, select Seconds and type 28800 in the space provided.

  13. For Key Group, select Diffie-Hellman Group 1.

<<Create a Client-to-Site IKE Policy (1 of 3)

Create a Client-to-Site IKE Policy (3 of 3) >>