manualshive.com logo in svg

Sierra Wireless IPSec, User Manual

"Access the user manual for Sierra Wireless IPSec free of charge by downloading it from our website. Learn how to configure and manage your IPSec connection efficiently with step-by-step instructions provided in the manual. Enhance your network security with ease using our comprehensive user manual."

Share
Download
background image

IPsec User Guide

12

 2120028

To

 

confirm

 

a

 

successful

 

connection,

 

the

 

following

 

tests

 

can

 

be

 

run:

Connect

 

a

 

PC

 

to

 

the

 

modem

 

and

 

attempt

 

to

 

ping

 

the

 

IP

 

address

 

10.11.12.13

.

  

The

 

tunnel

 

might

 

take

 

some

 

time

 

to

 

be

 

established.

 

However

 

once

 

the

 

tunnel

 

is

 

established

 

you

 

will

 

receive

 

responses

 

to

 

your

 

ping.

Once

 

the

 

ability

 

to

 

ping

 

the

 

private

 

address

 

has

 

been

 

estab

lished,

 

please

 

try

 

opening

 

a

 

browser

 

and

 

pointing

 

it

 

to

 

http://10.11.12.13.

Once

 

these

 

two

 

tests

 

pass,

 

a

 

baseline

 

for

 

the

 

IPSec

 

configu

ration

 

in

 

the

 

modem

 

has

 

been

 

established.

 

You

 

can

 

now

 

begin

 

to

 

make

 

the

 

IPSec

 

configuration

 

changes

 

to

 

get

 

the

 

modem

 

connecting

 

to

 

your

 

own

 

IPSec

 

gateway.

Different

 

scenario

 

use

 

cases

 

and

 

their

 

configuration

 

steps

 

in

 

Ace

 

Manager,

 

to

 

establish

 

the

 

IPSec

 

tunnel,

 

are

 

addressed

 

in

 

the

 

following

 

sections.

HTTP Server

A

 

PC

 

connected

 

to

 

a

 

Sierra

 

Wireless

 

AirLink

 

Modem

 

uses

 

web

 

browser

 

to

 

view

 

an

 

HTTP

 

server

 

behind

 

the

 

IPsec

 

Gateway.

The

 

Configuration

 

steps

 

are:

1.

In

 

AceManager,

 

click

 

on

 

the

 

IPSec

 

tab.

 

Please

 

refer

 

to

 

Figure

 

2

3

.

2.

Configure

 

the

 

IPSec Interface 

parameter

 

as

 

1

”,

 

to

 

enable

 

IPSec.

 

Once

 

IPSec

 

is

 

enabled,

 

the

 

factory

 

default

 

settings

 

should

 

be

 

restored.

  

Table

 

2

1

 

lists

 

all

 

the

 

IPSec

 

parameter

 

default

 

values.

 

The

 

required

 

fields

 

for

 

IPSec

 

to

 

be

 

estab

lished

 

are:

a.

IPSec Gateway

b.

Pre-shared Key 1

c.

IKE Encryption Algorithm

d.

IKE Authorization Algorithm

e.

IKE Key Group

f.

IKE SA Life Time

g.

Remote Address

h.

IPSec Encryption Algorithm

i.

IPSec Authentication Algorithm

j.

IPSec Key Group

k.

IPSec SA Life Time

l.

Incoming Out of Band

:

 

If

 

you

 

want

 

mobile

 

termination

Summary of Contents for IPSec

Page 1: ...IPSec User Guide 2120028 Rev 2 2...

Page 2: ......

Page 3: ...any equipment which may be susceptible to any form of radio interference In such areas the Sierra Wireless AirLink Product Name MUST BE POWERED OFF The Sierra Wireless AirLink Product Name can transm...

Page 4: ...Portions of this product may be covered by some or all of the following US patents 5 515 013 5 629 960 5 845 216 5 847 553 5 878 234 5 890 057 5 929 815 6 169 884 6 191 741 6 199 168 6 339 405 6 359...

Page 5: ...pt US Holidays E mail support sierrawireless com Sales Desk Phone 1 510 624 4200 1 604 232 1488 Hours 8 00 AM to 5 00 PM Pacific Time E mail MobileandM2Msales sierrawireless com Post Sierra Wireless A...

Page 6: ...6 Set Up 7 Modem Configuration Requirements 7 Installation 8 AT RESETCFG 8 Configuration Settings 8 HTTP Server 12 Application Server 13 Network behind the modem 15 Sample Configuration File 18 VPN C...

Page 7: ...layer security control and is used to create a virtual private network VPN The advantages of the IPSec feature includes Data Protection Data Content Confidentiality allows users to protect their data...

Page 8: ...al installation required Simple wizard based setup Remote management control and configuration via AceWare tools and utilities Secure two way communication channel with data encryption Can be download...

Page 9: ...Access Scenarios 1 This scenario shows three remote access activities a AVL Application Server one way transmission of secure data AirLink modem has GPS capability PinPoint model The modem has set up...

Page 10: ...insecure data The laptop user wants to access Google The Google access can be performed while the corporate VPN tunnel is active Figure 1 4 Web Server scenario d Pass through two way transmission of s...

Page 11: ...rough mode The next chapter walks you through the installation and configuration steps of establishing an IPSec set up on your modem to connect to the test servers at Sierra Wireless You can follow th...

Page 12: ...uipment The illustration below shows the user being connected to the Sierra Wireless test environment set up The user laptop connected to an AirLink modem communicates with the web server over the int...

Page 13: ...meters that correspond to your Cisco configuration and press the Write button on the top Close AceManager 4 Open a browser or other application and attempt to communicate with your enterprise network...

Page 14: ...eless_Ace aspx Once this new version of AceManager and the new firmware is installed on your PC please perform a factory default reset of the modem using a AT command AT RESETCFG This command will res...

Page 15: ...g on IPSec will display list of parameters with default values and user config urable input fields New Value Table 2 1 Configuration Parameters in AceManager Name Default Value Description IPSec Inter...

Page 16: ...ption IKE Key Group 2 Different Key Groups are 1 DH1 2 DH2 and 3 DH3 IKE SA Life Time 7200 seconds Enter the lifetime of VPN of how long it is valid 0 reflects no expiry Local Address Type 1 Choose fr...

Page 17: ...ec aunthentication algorithm IPSec Key Group 2 Different Key Groups are 1 DH1 2 DH2 and 5 DH5 DH5 denotes highest security IPSec SA Life Time 7200 seconds This indicates how often the modem renegotiat...

Page 18: ...their configuration steps in Ace Manager to establish the IPSec tunnel are addressed in the following sections HTTP Server A PC connected to a Sierra Wireless AirLink Modem uses web browser to view a...

Page 19: ...ar 4 Click on Reset to reset the modem 5 IPSec status displays as Connected Once the tunnel comes up ping the web browser The web browser should be able to reach the server An example of a web browser...

Page 20: ...Sec parameter default values The required fields for IPSec to be estab lished are a IPSec Gateway b Pre shared Key 1 c IKE Encryption Algorithm d IKE Authorization Algorithm e IKE Key Group f IKE SA L...

Page 21: ...VL Application server for the update An example of a log of the modem sending data through the tunnel is provided Figure 2 7 Log sending data Network behind the modem You can have multiple machines Fo...

Page 22: ...Installation and Configuration Rev 2 2 Aug 08 16 Figure 2 8 Host Private Subnet 3 Click on PPP ethernet Set the modem to private mode Figure 2 9 PPP Ethernet configuration...

Page 23: ...on Algorithm j IPSec Key Group k IPSec SA Life Time l Incoming Out of Band If you want mobile termination m Outgoing Host Out of Band To access internet outside the tunnel from the modem 5 Make sure t...

Page 24: ...for Cisco 1841 Router 1841_ppx2 show run Building configuration Current configuration 2202 bytes version 12 4 service timestamps debug datetime msec service timestamps log datetime msec no service pas...

Page 25: ...psec transform set 3DES SHA esp 3des esp sha hmac crypto map IPSEC 30 ipsec isakmp set peer 166 213 198 10 set security association lifetime seconds 28000 set transform set 3DES SHA set pfs group2 mat...

Page 26: ...255 255 255 252 ip nat inside source list 110 pool nat overload access list 101 permit ip 192 168 2 0 0 0 0 255 host 166 213 198 10 access list 101 permit ip 192 168 2 0 0 0 0 255 host 192 168 13 100...

Page 27: ...mestamps debug datetime msec service timestamps log datetime msec no service password encryption hostname 1841b_dynamic boot start marker boot end marker no logging console no aaa new model resource p...

Page 28: ...c crypto dynamic map MODEM DYN MAP 1000 set security association lifetime seconds 28000 set transform set 3DES SHA set pfs group2 match address 101 crypto map IPSEC 65535 ipsec isakmp dynamic MODEM DY...

Page 29: ...e server ip nat pool nat 64 163 70 104 64 163 70 104 netmask 255 255 255 252 ip nat inside source list 110 pool nat overload access list 101 permit ip 192 168 4 0 0 0 0 255 any access list 101 permit...

Page 30: ...CBC Mode Cipher Algorithms RFC 3602 The AES CBC Cipher Algorithm and Its Use with IPSec future enhancement Security Algorithms 1 Internet Key Exchange IKE a Authentication for IKE Messages Hashing Alg...

Page 31: ...Modem can support unencrypted traffic and one option below for encryption No authentication or encryption Authentication only Encryption only Authentication and Encryption Reference Material National...

Page 32: ......

Reviews:

No comments

Related manuals for IPSec

D-Link DSL-500 Command Reference Manual preview
DSL-500
Brand: D-Link Pages: 15
D-Link DWL-G550 Product Data Sheet preview
DWL-G550
Brand: D-Link Pages: 2
Rain Bird E-3 Installation, Programming & Operation Manual preview
E-3
Brand: Rain Bird Pages: 17
H3C SR6600 SPE-FWM Vxlan Command Reference preview
SR6600 SPE-FWM
Brand: H3C Pages: 45
H3C SR6600 SPE-FWM Manual preview
SR6600 SPE-FWM
Brand: H3C Pages: 80
H3C MSR 5600 Configuration Manual preview
MSR 5600
Brand: H3C Pages: 46
H3C MSR 5600 Comware 7 Vxlan Command Reference preview
MSR 5600
Brand: H3C Pages: 45
H3C MSR 3600 Quick Start preview
MSR 3600
Brand: H3C Pages: 4
H3C SR6600 SPE-FWM Fundamentals Configuration Manual preview
SR6600 SPE-FWM
Brand: H3C Pages: 184
Conceptronic C150BRS4 Quick Installation Manual preview
C150BRS4
Brand: Conceptronic Pages: 230
Freescale Semiconductor MCF54455 Reference Manual preview
MCF54455
Brand: Freescale Semiconductor Pages: 921
Enginko MCF-LW06424 Operating Manual preview
MCF-LW06424
Brand: Enginko Pages: 19
Dialogic EDP-10 Quick Install Manual preview
EDP-10
Brand: Dialogic Pages: 2
B&B Electronics Parallel Printer Card PIOC User Manual preview
Parallel Printer Card PIOC
Brand: B&B Electronics Pages: 16
hilscher CIFX 104 User Manual preview
CIFX 104
Brand: hilscher Pages: 154
Ubiquiti PBE-5AC-300-ISO Quick Start Manual preview
PBE-5AC-300-ISO
Brand: Ubiquiti Pages: 28
National Instruments NI-9206 Getting Started preview
NI-9206
Brand: National Instruments Pages: 8
RANA Systems Elite Controller User Manual preview
Elite Controller
Brand: RANA Systems Pages: 328

Brands by name

Popular brands

Load more brands