Sierra Wireless IPSec User Manual Download Page 1 | Manualshive

Page: 1 / 32

background image

IPSec

User Guide

2120028

Rev 2.2

1
2
3
...
»

Summary of Contents for IPSec

Page 1: ...IPSec User Guide 2120028 Rev 2 2...

Page 2: ......

Page 3: ...any equipment which may be susceptible to any form of radio interference In such areas the Sierra Wireless AirLink Product Name MUST BE POWERED OFF The Sierra Wireless AirLink Product Name can transm...

Page 4: ...Portions of this product may be covered by some or all of the following US patents 5 515 013 5 629 960 5 845 216 5 847 553 5 878 234 5 890 057 5 929 815 6 169 884 6 191 741 6 199 168 6 339 405 6 359...

Page 5: ...pt US Holidays E mail support sierrawireless com Sales Desk Phone 1 510 624 4200 1 604 232 1488 Hours 8 00 AM to 5 00 PM Pacific Time E mail MobileandM2Msales sierrawireless com Post Sierra Wireless A...

Page 6: ...6 Set Up 7 Modem Configuration Requirements 7 Installation 8 AT RESETCFG 8 Configuration Settings 8 HTTP Server 12 Application Server 13 Network behind the modem 15 Sample Configuration File 18 VPN C...

Page 7: ...layer security control and is used to create a virtual private network VPN The advantages of the IPSec feature includes Data Protection Data Content Confidentiality allows users to protect their data...

Page 8: ...al installation required Simple wizard based setup Remote management control and configuration via AceWare tools and utilities Secure two way communication channel with data encryption Can be download...

Page 9: ...Access Scenarios 1 This scenario shows three remote access activities a AVL Application Server one way transmission of secure data AirLink modem has GPS capability PinPoint model The modem has set up...

Page 10: ...insecure data The laptop user wants to access Google The Google access can be performed while the corporate VPN tunnel is active Figure 1 4 Web Server scenario d Pass through two way transmission of s...

Page 11: ...rough mode The next chapter walks you through the installation and configuration steps of establishing an IPSec set up on your modem to connect to the test servers at Sierra Wireless You can follow th...

Page 12: ...uipment The illustration below shows the user being connected to the Sierra Wireless test environment set up The user laptop connected to an AirLink modem communicates with the web server over the int...

Page 13: ...meters that correspond to your Cisco configuration and press the Write button on the top Close AceManager 4 Open a browser or other application and attempt to communicate with your enterprise network...

Page 14: ...eless_Ace aspx Once this new version of AceManager and the new firmware is installed on your PC please perform a factory default reset of the modem using a AT command AT RESETCFG This command will res...

Page 15: ...g on IPSec will display list of parameters with default values and user config urable input fields New Value Table 2 1 Configuration Parameters in AceManager Name Default Value Description IPSec Inter...

Page 16: ...ption IKE Key Group 2 Different Key Groups are 1 DH1 2 DH2 and 3 DH3 IKE SA Life Time 7200 seconds Enter the lifetime of VPN of how long it is valid 0 reflects no expiry Local Address Type 1 Choose fr...

Page 17: ...ec aunthentication algorithm IPSec Key Group 2 Different Key Groups are 1 DH1 2 DH2 and 5 DH5 DH5 denotes highest security IPSec SA Life Time 7200 seconds This indicates how often the modem renegotiat...

Page 18: ...their configuration steps in Ace Manager to establish the IPSec tunnel are addressed in the following sections HTTP Server A PC connected to a Sierra Wireless AirLink Modem uses web browser to view a...

Page 19: ...ar 4 Click on Reset to reset the modem 5 IPSec status displays as Connected Once the tunnel comes up ping the web browser The web browser should be able to reach the server An example of a web browser...

Page 20: ...Sec parameter default values The required fields for IPSec to be estab lished are a IPSec Gateway b Pre shared Key 1 c IKE Encryption Algorithm d IKE Authorization Algorithm e IKE Key Group f IKE SA L...

Page 21: ...VL Application server for the update An example of a log of the modem sending data through the tunnel is provided Figure 2 7 Log sending data Network behind the modem You can have multiple machines Fo...

Page 22: ...Installation and Configuration Rev 2 2 Aug 08 16 Figure 2 8 Host Private Subnet 3 Click on PPP ethernet Set the modem to private mode Figure 2 9 PPP Ethernet configuration...

Page 23: ...on Algorithm j IPSec Key Group k IPSec SA Life Time l Incoming Out of Band If you want mobile termination m Outgoing Host Out of Band To access internet outside the tunnel from the modem 5 Make sure t...

Page 24: ...for Cisco 1841 Router 1841_ppx2 show run Building configuration Current configuration 2202 bytes version 12 4 service timestamps debug datetime msec service timestamps log datetime msec no service pas...

Page 25: ...psec transform set 3DES SHA esp 3des esp sha hmac crypto map IPSEC 30 ipsec isakmp set peer 166 213 198 10 set security association lifetime seconds 28000 set transform set 3DES SHA set pfs group2 mat...

Page 26: ...255 255 255 252 ip nat inside source list 110 pool nat overload access list 101 permit ip 192 168 2 0 0 0 0 255 host 166 213 198 10 access list 101 permit ip 192 168 2 0 0 0 0 255 host 192 168 13 100...

Page 27: ...mestamps debug datetime msec service timestamps log datetime msec no service password encryption hostname 1841b_dynamic boot start marker boot end marker no logging console no aaa new model resource p...

Page 28: ...c crypto dynamic map MODEM DYN MAP 1000 set security association lifetime seconds 28000 set transform set 3DES SHA set pfs group2 match address 101 crypto map IPSEC 65535 ipsec isakmp dynamic MODEM DY...

Page 29: ...e server ip nat pool nat 64 163 70 104 64 163 70 104 netmask 255 255 255 252 ip nat inside source list 110 pool nat overload access list 101 permit ip 192 168 4 0 0 0 0 255 any access list 101 permit...

Page 30: ...CBC Mode Cipher Algorithms RFC 3602 The AES CBC Cipher Algorithm and Its Use with IPSec future enhancement Security Algorithms 1 Internet Key Exchange IKE a Authentication for IKE Messages Hashing Alg...

Page 31: ...Modem can support unencrypted traffic and one option below for encryption No authentication or encryption Authentication only Encryption only Authentication and Encryption Reference Material National...

Page 32: ......

Reviews:

No comments

Related manuals for IPSec

Brand: Wave wifi Pages: 2

Brand: EAW Pages: 6

Brand: EAW Pages: 6

SCSI PC Card REX-9530V

Brand: Ratoc Systems Pages: 30

Brand: XESS Pages: 23

Brand: NETGEAR Pages: 2

Ethernet Communication Module DVPEN01-SL

Brand: Delta Electronics Pages: 54

Brand: Parker Pages: 50

PBE-5AC-300-ISO

Brand: Ubiquiti Pages: 28

Storage Networking (Unified Fabric Pilot)

Brand: Qlogic Pages: 76

Brand: Glacier Pages: 2

Brand: ZALMAN Pages: 7

Brand: Rajant Corporation Pages: 40

Accelero TWIN TURBO II

Brand: Arctic Pages: 2

Brand: Icy Box Pages: 2

Brand: LevelOne Pages: 11

Brand: Multi-Link Pages: 31

Brand: MicroNova Pages: 113

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands