Virtual Private Network (VPN) through the Internet

Allows you to configure the use of a VPN over an existing Internet connection to connect from the local HMC to your service provider. Because the VPN connection that is used from the HMC uses Encapsulating Security Payload (ESP) protocol and encrypted User Datagram Protocol (UDP) for secure communication, you cannot use a proxy outbound connection.

• Because some companies restrict this type of high-speed connection for security reasons, work with the network administrator to ensure that your company's security policy permits this type of connection before you select this option.
• If you plan to use VPN for service support, the HMC must be able to connect to the Internet to these IP addresses:
  • 207.25.252.196
  • 129.42.160.16
• Work with the network administrator to ensure that the following protocols and ports are open in both directions:
  • Protocol 50 ESP
  • Protocol 51 AH (Optional)
  • Protocol UDP Port 500 IKE
  • Protocol UDP Port 4500 - when using Network Address Translation (NAT)-Traversal to tunnel through NAT or other firewalls.
  
  If you are using NAT for traffic on one or both sides, ensure you have NAT-Traversal support on both gateways.