Table of Contents
Advertisement
5.2.1 CASE #1: VANGUARD CONFIGURED IPSEC CLIENT
Overview
IPsec is a security protocol that provides secured communication tunnels over IP. As you create IPsec tunnels through
the Vanguard 3000 Web interface in the Security » IPsec tab, they will be displayed in the Tunnel Table at the bottom
of the IPsec tab. All tunnels are created using the ESP (Encapsulating Security Payload) Protocol.
The following figure depicts an IPsec tunnel between a Remote Telemetry Unit (RTU) and Application Server.
Figure 61 Vanguard configured as an IPsec client
Prerequisite Information
In order to implement IPsec with the Vanguard 3000 and to successfully connect to a VPN server and secure data
between two endpoints, you will need to know the following information.
Tunnel Label
Vanguard 3000 local subnet
Vanguard 3000 PPP IP Address
Firewall IP Address (remote IP Address)
VPN Server IP Address (Remote ID optional—not usually required if firewall and VPN server are the same unit)
Remote Subnet
Phase1 Encryption details
Phase 2 Encryption details
Pre-Shared Key (PSK)
Perfect Forward Security (PFS) Enabled or Disabled
Dead Peer Detection (DPD) delay (seconds), timeout (seconds) and action
If you do not have this information, contact your network integrator.
Vanguard 3000 IPsec Client Connection
This example will use the following values to define two IPsec tunnels.
Tunnel Label
Vanguard 3000 local subnet
Firewall IP Address (remote IP Address)
Tunnel1
10.192.10.192/29 (LAN)
68.28.128.192
Vanguard 3000 Multicarrier Cellular Data Modem & IP Router PN 134732-VG3000 Rev. D| Page 90
Tunnel2
10.192.10.192/29 (LAN)
68.28.128.192
Advertisement
Table of Contents
