<< Create an IPsec Policy (1 of 4)

Create an IPsec Policy (3 of 4) >>

 

Example 2: IPsec VPN, Client-to-Site

Create an IPsec Policy (Step 2 of 4)

 

TMS zl Module

HP ProCurve VPN Client

  1. For Key Exchange Method, select Auto (with IKEv1).

  2. From the IKEv1 Policy list, select remoteVPN.

  3. Select the Enable PFS (Perfect Forward Secrecy) for keys check box, which forces the tunnel endpoints to periodically generate new keys for the IPsec SA.

  4. From the Diffie-Hellman (DH) Group list, select Group 2 (1024).

  5. For SA Lifetime in seconds, type 28800.

  6. For SA lifetime in kilobytes, type 0.

  7. Click Next.

  1. Click Security Policy again.

  2. Select the Enable Perfect Forward Secrecy (PFS) check box.

  3. For PFS Key Group, select Diffie-Hellman Group 2.

  4. Under Key Exchange (Phase 2), click Proposal 1.

  5. For SA Life, select Seconds.

  6. Type 28800 in the Seconds box.

 

<< Create an IPsec Policy (1 of 4)

Create an IPsec Policy (3 of 4) >>