©2015 Cradlepoint. All Rights Reserved.
|
+1.855.813.3385
|
cradlepoint.com
50
User Manual
/
AER3100/AER3150
GRE
Generic Routing Encapsulation (GRE) tunnels can be used to create a connection between two private
networks. Most Cradlepoint routers are enabled for both GRE and VPN tunnels. GRE tunnels are simpler to
configure and more flexible for different kinds of packet exchanges, but VPN tunnels are much more secure.
In order to set up a tunnel you must configure the following:
•
Local Network
and
Remote Network
addresses for the “
Glue Network
,” the network that is created by
the administrator that serves as the “glue” between the networks of the tunnel. Each address must be a
different IP address from the same private network, and these addresses together form the endpoints of
the tunnel.
•
Remote Gateway
, the public facing WAN IP address that the local gateway is going to connect to.
•
Routes
that allow you to configure what network traffic from local host(s) will be allowed through the
tunnel.
Optionally, you might also want to enable the tunnel
Keep Alive
feature to monitor the status of a tunnel and
more accurately determine if the tunnel is alive or not.
Click
Add
to configure a new GRE tunnel; click
Edit
to make changes to an existing tunnel.
Add/Edit Tunnel – General
Tunnel Name
: Give the tunnel a name that uniquely identifies it.
Tunnel Key
: Enables an ID key for a GRE tunnel, which can be used as an identifier for mGRE (Multipoint GRE).
Local Network
: This is the local side of the “Glue Network,” a network created by the administrator to form
the tunnel. The user creates the IP address inputted here. It must be different from the IP addresses of the
networks it is gluing together. Choose any private IP address from the following three ranges that doesn’t
match either network:
•
10.0.0.0 - 10.255.255.255
•
172.16.0.0 - 172.31.255.255
•
192.168.0.0 - 192.168.255.255
Add/Edit Tunnel – Remote Servers
Create a list of remote server connections to connect to. OpenVPN will try to connect to each host in the list. If
a disconnect occurs from a given server, the next server will be tried in a round-robin fashion.
•
Host
– IP address of the remote server
•
Port
– Specify the port if desired
•
Protocol
– Select UDP or TCP
Add/Edit Tunnel – Routes
Add or remove the routes that will be used to direct packets through the tunnel.
•
Network Address
•
Netmask
Generate Client Configuration
The Generate Client Configuration button can be used to generate client configurations for OpenVPN tunnels
configured in Server mode. An .ovpn file will be created that can be imported to a variety of OpenVPN client
devices (Android, iOS, Windows). If the private key for the server’s certificate authority is known, a client
certificate can be generated; otherwise one can be selected.