M2M Cellular Gateway
Site to Site Tunnel Scenario
Scenario Application Timing
The security gateway can be located at branch office or mobile office. When the client
hosts behind the security gateway want to make a secure communication with the ones
behind another security gateway in headquarters or another branch office, both
security gateways need to establish a VPN tunnel first. Both Intranets of security
gateways have their own subnet and the "Site to Site" tunnel scenario is used. "Site"
means a subnet of client hosts.
Scenario Description
Both Initiator and Responder of IPSec tunnel must have a "Static IP" or a "FQDN" for
"Site to Site" scenario.
Any peer gateway can be worked as an Initiator or a Responder of the IPSec VPN tunnel.
Two phases (IKE and IPSec) to negotiate for establishing an IPSec VPN tunnel with pre‐
shared key and optional X‐Auth account / password.
Parameter Setup Example
For Network‐A at HQ
Following 5 tables list the parameter configuration for above example diagram of IPSec
VPN tunnel in Network‐A.
Use default value for those parameters that are not mentioned in these 5 tables.
Index skipping is used to reserve slots for new function insertion, when required.
183