Table of Contents
Advertisement
5
IPSEC AND VPN PASS-THROUGH DEPLOYMENT GUIDE
This chapter will help anyone who wants to build a secure IP network using IPsec and the CalAmp Vanguard 3000
Cellular Modem. Case #1: Vanguard Configured IPsec Client will demonstrate the Vanguard 3000 when used as an
IPsec client. Case #2 Vanguard Configured to use a DMZ for VPN Pass-Through will show the Vanguard 3000 passing an
IPsec connection from WAN to LAN. (VPN Pass-through).
5.1
BENEFITS OF IPSEC
IPsec (Internet Protocol Security Standard) is an industry driven standard that ensures confidentiality, integrity, and
authenticity of an IP network. IPsec is a key component of this standard-based, flexible solution for deploying a
network-wide policy.
There are two significant benefits to IPsec compliance for our customers: enhanced security features and
interoperability.
― Enhanced security features provide the most secure and comprehensive standard available today for
encryption and authentication.
The Vanguard IPsec encryption support: AES-128, AES-256 and 3DES.
The Vanguard IPsec authentication support: MD5 and SHA1.
All tunnels are created using the ESP (Encapsulating Security Payload) protocol.
― Protocol interoperability means that an IPsec compliant device, such as the Vanguard 3000, will be
able to exchange keys and encrypted communications with another IPsec compliant product such as
a CISCO router. IPSEC compliance ensures that these two different products can negotiate and
maintain a secure communication with each other.
5.2
CONFIGURATION SUMMARY
The first case demonstrates configuring IPsec tunnels on the Vanguard 3000. The second example demonstrates
configuring the Vanguard to use a DMZ for VPN pass-through between IPsec clients and a remote host over a router
acting as a VPN server.
Detailed configuration examples are provided for each scenario.
Vanguard 3000 Multicarrier Cellular Data Modem & IP Router PN 134732-VG3000 Rev. D| Page 89
Advertisement
Table of Contents
