Tunnels - Cradlepoint AER3100 User Manual

User Manual / AER3100/AER3150
IPSEC VPN
VPN (virtual private network) tunnels
are used to establish a secure
connection to a remote network over
a public network. For example, VPN
tunnels can be used across the Internet
by an individual to connect to an office
network while traveling, or by two office
networks to function as one network.
The two networks set up a secure connection across the (normally) unsecure Internet by assigning VPN
encryption protocols.
Cradlepoint VPN tunnels use
across the tunnels. To set up a VPN tunnel with a Cradlepoint router on one end, there must be another device
(usually a router) that also supports IPsec on the other end.
IKE (Internet Key Exchange) is the security protocol in IPsec. IKE has two phases, phase 1 and phase 2. The
router has several different security protocol options for each phase, but the default selections will be
sufficient for most users.
The VPN tunnel status page allows you to view the state of the VPN tunnels. If a tunnel fails to connect to the
remote site, check the System Logs for more information. You may double click on a cell to directly edit that
information.
Click Add to configure a new VPN tunnel; click Edit to make changes to an existing tunnel.
Add/Edit Tunnel – General
Tunnel Name: Give the tunnel a name that uniquely identifies it.
Anonymous Mode: Select to allow remote connections from any IP address.
Responder Mode: When enabled, the router will not initiate negotiation with peers.
Local Identity: Specifies the identifier sent to the remote host during phase 1 negotiation. If left blank it will
default to the IP address of the WAN connection. Currently we only support identifiers in the form of an IP
address, a user-fully qualified domain name (user@mydomain.com) or just a fully qualified domain name (www.
mydomain.com). If the remote side of the tunnel is configured to expect an identifier, then both must match in
order for the negotiation to succeed. If NAT-T is being used, a single word (instead of an address) can be used if
a DynDNS connection is not being used.

TUNNELS

CP SECURE VPN
Configured, deployed, and managed from the cloud, CP Secure VPN delivers a virtual
private data network that minimizes both cost and complexity. Unlike traditional
bulky head-end concentrator hardware solutions, CP Secure VPN allows IT managers
to secure their expanding Edge Networks using architectures that scale quickly and
are easy to maintain. For more information, visit cradlepoint.com.
NOTE: CP Secure VPN requires an ECM Prime subscription. For more information,
visit cradlepoint.com.
IPsec (Internet Protocol security) to authenticate and encrypt packets exchanged
©2015 Cradlepoint. All Rights Reserved. | +1.855.813.3385 | cradlepoint.com
43