Sierra Wireless IPSec Скачать руководство пользователя страница 10 | Manualshive

Страница: 10 / 32

background image

IPsec User Guide

4

2120028

Figure 1-3: Corporate Email Server scenario

c.

Google

(two

way

transmission

of

insecure

data):

The

laptop

user

wants

to

access

Google.

The

Google

access

can

be

performed

while

the

corporate

VPN

tunnel

is

active.

Figure 1-4: Web Server scenario

d.

Pass

‐

through

(two

way

transmission

of

secure

data):

The

AirLink

modem

has

regular

data

connection

with

the

laptop

(VPN

Client)

and

the

VPN

gateway.

«
...
8
9
10
11
12
...
»

Содержание IPSec

Страница 1: ...IPSec User Guide 2120028 Rev 2 2...

Страница 2: ......

Страница 3: ...any equipment which may be susceptible to any form of radio interference In such areas the Sierra Wireless AirLink Product Name MUST BE POWERED OFF The Sierra Wireless AirLink Product Name can transm...

Страница 4: ...Portions of this product may be covered by some or all of the following US patents 5 515 013 5 629 960 5 845 216 5 847 553 5 878 234 5 890 057 5 929 815 6 169 884 6 191 741 6 199 168 6 339 405 6 359...

Страница 5: ...pt US Holidays E mail support sierrawireless com Sales Desk Phone 1 510 624 4200 1 604 232 1488 Hours 8 00 AM to 5 00 PM Pacific Time E mail MobileandM2Msales sierrawireless com Post Sierra Wireless A...

Страница 6: ...6 Set Up 7 Modem Configuration Requirements 7 Installation 8 AT RESETCFG 8 Configuration Settings 8 HTTP Server 12 Application Server 13 Network behind the modem 15 Sample Configuration File 18 VPN C...

Страница 7: ...layer security control and is used to create a virtual private network VPN The advantages of the IPSec feature includes Data Protection Data Content Confidentiality allows users to protect their data...

Страница 8: ...al installation required Simple wizard based setup Remote management control and configuration via AceWare tools and utilities Secure two way communication channel with data encryption Can be download...

Страница 9: ...Access Scenarios 1 This scenario shows three remote access activities a AVL Application Server one way transmission of secure data AirLink modem has GPS capability PinPoint model The modem has set up...

Страница 10: ...insecure data The laptop user wants to access Google The Google access can be performed while the corporate VPN tunnel is active Figure 1 4 Web Server scenario d Pass through two way transmission of s...

Страница 11: ...rough mode The next chapter walks you through the installation and configuration steps of establishing an IPSec set up on your modem to connect to the test servers at Sierra Wireless You can follow th...

Страница 12: ...uipment The illustration below shows the user being connected to the Sierra Wireless test environment set up The user laptop connected to an AirLink modem communicates with the web server over the int...

Страница 13: ...meters that correspond to your Cisco configuration and press the Write button on the top Close AceManager 4 Open a browser or other application and attempt to communicate with your enterprise network...

Страница 14: ...eless_Ace aspx Once this new version of AceManager and the new firmware is installed on your PC please perform a factory default reset of the modem using a AT command AT RESETCFG This command will res...

Страница 15: ...g on IPSec will display list of parameters with default values and user config urable input fields New Value Table 2 1 Configuration Parameters in AceManager Name Default Value Description IPSec Inter...

Страница 16: ...ption IKE Key Group 2 Different Key Groups are 1 DH1 2 DH2 and 3 DH3 IKE SA Life Time 7200 seconds Enter the lifetime of VPN of how long it is valid 0 reflects no expiry Local Address Type 1 Choose fr...

Страница 17: ...ec aunthentication algorithm IPSec Key Group 2 Different Key Groups are 1 DH1 2 DH2 and 5 DH5 DH5 denotes highest security IPSec SA Life Time 7200 seconds This indicates how often the modem renegotiat...

Страница 18: ...their configuration steps in Ace Manager to establish the IPSec tunnel are addressed in the following sections HTTP Server A PC connected to a Sierra Wireless AirLink Modem uses web browser to view a...

Страница 19: ...ar 4 Click on Reset to reset the modem 5 IPSec status displays as Connected Once the tunnel comes up ping the web browser The web browser should be able to reach the server An example of a web browser...

Страница 20: ...Sec parameter default values The required fields for IPSec to be estab lished are a IPSec Gateway b Pre shared Key 1 c IKE Encryption Algorithm d IKE Authorization Algorithm e IKE Key Group f IKE SA L...

Страница 21: ...VL Application server for the update An example of a log of the modem sending data through the tunnel is provided Figure 2 7 Log sending data Network behind the modem You can have multiple machines Fo...

Страница 22: ...Installation and Configuration Rev 2 2 Aug 08 16 Figure 2 8 Host Private Subnet 3 Click on PPP ethernet Set the modem to private mode Figure 2 9 PPP Ethernet configuration...

Страница 23: ...on Algorithm j IPSec Key Group k IPSec SA Life Time l Incoming Out of Band If you want mobile termination m Outgoing Host Out of Band To access internet outside the tunnel from the modem 5 Make sure t...

Страница 24: ...for Cisco 1841 Router 1841_ppx2 show run Building configuration Current configuration 2202 bytes version 12 4 service timestamps debug datetime msec service timestamps log datetime msec no service pas...

Страница 25: ...psec transform set 3DES SHA esp 3des esp sha hmac crypto map IPSEC 30 ipsec isakmp set peer 166 213 198 10 set security association lifetime seconds 28000 set transform set 3DES SHA set pfs group2 mat...

Страница 26: ...255 255 255 252 ip nat inside source list 110 pool nat overload access list 101 permit ip 192 168 2 0 0 0 0 255 host 166 213 198 10 access list 101 permit ip 192 168 2 0 0 0 0 255 host 192 168 13 100...

Страница 27: ...mestamps debug datetime msec service timestamps log datetime msec no service password encryption hostname 1841b_dynamic boot start marker boot end marker no logging console no aaa new model resource p...

Страница 28: ...c crypto dynamic map MODEM DYN MAP 1000 set security association lifetime seconds 28000 set transform set 3DES SHA set pfs group2 match address 101 crypto map IPSEC 65535 ipsec isakmp dynamic MODEM DY...

Страница 29: ...e server ip nat pool nat 64 163 70 104 64 163 70 104 netmask 255 255 255 252 ip nat inside source list 110 pool nat overload access list 101 permit ip 192 168 4 0 0 0 0 255 any access list 101 permit...

Страница 30: ...CBC Mode Cipher Algorithms RFC 3602 The AES CBC Cipher Algorithm and Its Use with IPSec future enhancement Security Algorithms 1 Internet Key Exchange IKE a Authentication for IKE Messages Hashing Alg...

Страница 31: ...Modem can support unencrypted traffic and one option below for encryption No authentication or encryption Authentication only Encryption only Authentication and Encryption Reference Material National...

Страница 32: ......

Отзывы:

Нет отзывов

Похожие инструкции для IPSec

Бренд: D-Link Страницы: 4

Бренд: D-Link Страницы: 2

Бренд: D-Link Страницы: 9

Бренд: D-Link Страницы: 8

Бренд: D-Link Страницы: 3

Бренд: D-Link Страницы: 28

Бренд: D-Link Страницы: 2

DSL-2540B - ADSL2/2+ Modem With EN Router

Бренд: D-Link Страницы: 12

Бренд: D-Link Страницы: 62

UR5i v2 Libratum

Бренд: B+B SmartWorx Страницы: 8

Бренд: B+B SmartWorx Страницы: 8

Бренд: Qlogic Страницы: 2

Бренд: Teac Страницы: 20

cMT-FHDX Series

Бренд: Maple Systems Страницы: 2

Бренд: NETGEAR Страницы: 2

Бренд: Eicon Networks Страницы: 32

Бренд: UfiSpace Страницы: 35

Бренд: Point of View Страницы: 13

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды