HP mt20 Administrator Guide - Page 58

IPSec rules, Configuring VPN settings, Configuring HP Velocity, IKE DH Group

Get HP mt20 PDF manuals and user guides View all HP mt20 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 58 highlights

IPSec rules Use this tab to add, edit, and delete IPSec rules. An IPSec rule should be the same for each system that uses IPSec to communicate. When configuring an IPSec rule, use the General tab to set the rule's information, addresses, and authentication method. The Source Address is the IP address of the thin client, and the Destination Address is the IP address of the system that the thin client is going to communicate with. NOTE: Only the PSK and Certificate authentication types are supported. Kerberos authentication is not supported. Use the Tunnel tab to configure settings for tunnel mode. Use the Phase I and Phase II tabs to configure advanced security settings. The settings should be the same for all peer systems that communicate with each other. NOTE: An IPSec rule can also be used to communicate with a computer running Windows. Configuring VPN settings HP ThinPro supports two types of VPN: ● Cisco ● PPTP Enable the Auto Start option to start the VPN automatically. Note the following about creating a VPN using Cisco: ● The Gateway is the gateway's IP address or hostname. ● The Group name and Group password are the IPSec ID and IPSec password. ● The Domain setting is optional. ● The User name and User password are the user credentials that have rights to create a VPN connection on the server side. ● The Security Type should be set the same as it is on the server side. ● The NAT Traversal option should be set according to your VPN environment. ● The IKE DH Group option sets the Diffie-Hellman group to use for VPN. ● The PFS Type option sets the Diffie-Hellman group to use for Perfect Forward Secrecy. Note the following about creating a VPN using PPTP: ● The Gateway is the gateway's IP address or hostname. ● The NT Domain setting is optional. ● The User name and User password are the user credentials that have rights to create a VPN connection on the server side. Configuring HP Velocity Use the HP Velocity tab to configure HP Velocity settings. Go to http://www.hp.com/go/velocity for more information about the HP Velocity modes. 46 Chapter 5 Control Panel

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
IPSec rules
Use this tab to add, edit, and delete IPSec rules. An IPSec rule should be the same for each system that uses
IPSec to communicate.
When
configuring
an IPSec rule, use the
General
tab to set the rule’s information, addresses, and
authentication method. The
Source Address
is the IP address of the thin client, and the Destination Address is
the IP address of the system that the thin client is going to communicate with.
NOTE:
Only the
PSK
and
Certificate
authentication types are supported. Kerberos authentication is not
supported.
Use the
Tunnel
tab to
configure
settings for tunnel mode.
Use the
Phase I
and
Phase II
tabs to
configure
advanced security settings. The settings should be the same
for all peer systems that communicate with each other.
NOTE:
An IPSec rule can also be used to communicate with a computer running Windows.
Configuring
VPN settings
HP ThinPro supports two types of VPN:
Cisco
PPTP
Enable the
Auto Start
option to start the VPN automatically.
Note the following about creating a VPN using Cisco:
The
Gateway
is the gateway’s IP address or hostname.
The
Group name
and
Group password
are the IPSec ID and IPSec password.
The
Domain
setting is optional.
The
User name
and
User password
are the user credentials that have rights to create a VPN connection
on the server side.
The
Security Type
should be set the same as it is on the server side.
The
NAT Traversal
option should be set according to your VPN environment.
The
IKE DH Group
option sets the
Diffie-Hellman
group to use for VPN.
The
PFS Type
option sets the
Diffie-Hellman
group to use for Perfect Forward Secrecy.
Note the following about creating a VPN using PPTP:
The
Gateway
is the gateway’s IP address or hostname.
The
NT Domain
setting is optional.
The
User name
and
User password
are the user credentials that have rights to create a VPN connection
on the server side.
Configuring
HP Velocity
Use the
HP Velocity
tab to
configure
HP Velocity settings. Go to
go/velocity
for more
information about the HP Velocity modes.
46
Chapter 5
Control Panel