Sierra Wireless AirLink RV50 Series User Manual page 431

Table D-6: VPN Commands
Command
*IPSEC1_ENCRYPT
*IPSEC2_ENCRYPT
*IPSEC3_ENCRYPT
*IPSEC4_ENCRYPT
*IPSEC5_ENCRYPT
*IPSEC1_GATEWAY
*IPSEC2_GATEWAY
*IPSEC3_GATEWAY
*IPSEC4_GATEWAY
*IPSEC5_GATEWAY
*IPSEC1_IKE_AUTH
*IPSEC2_IKE_AUTH
*IPSEC3_IKE_AUTH
*IPSEC4_IKE_AUTH
*IPSEC5_IKE_AUTH
*IPSEC1_IKE_DH
*IPSEC2_IKE_DH
*IPSEC3_IKE_DH
*IPSEC4_IKE_DH
*IPSEC5_IKE_DH
Rev 1 Dec. 17
Description
Query or set the type/length of encryption key used to encrypt/decrypt
ESP (Encapsulating Security Payload) packets for # VPN.
AT*IPSEC[VPN number]_ENCRYPT? to query
AT*IPSEC[VPN number]_ENCRYPT=n to set
n=0—None
•
n=1—DES
•
n=2—3DES
•
n=3—AES-128 (default)
•
n=7—AES-256
•
Note: 3DES supports 168-bit encryption. AES (Advanced Encryption
Standard) supports both 128-bit and 256-bit encryption.
Query or set the IP address of the server that # VPN client connects to.
AT*IPSEC[VPN number]_GATEWAY? to query
AT*IPSEC[VPN number]_GATEWAY=[IP address] to set
Query or set the IKE authentication type for # VPN.
AT*IPSEC[VPN number]_IKE_AUTH? to query
AT*IPSEC[VPN number]_IKE_AUTH=n to set
n=1—MD5
•
n=2—SHA1
•
Note: MD5 is an algorithm that produces a 128-bit digest for authenti-
cation. SHA is a more secure algorithm that produces a 160-bit digest.
Query or set how the AirLink gateway VPN creates an SA with the VPN
server. The DH (Diffie-Hellman) key exchange protocol establishes pre-
shared keys during the phase 1 authentication. The AirLink gateway
supports three prime key lengths, including Group 1 (768 bits), Group 2
(1,024 bits), and Group 5 (1,536 bits).
AT*IPSEC[VPN number]_IKE_DH? to query
AT*IPSEC[VPN number]_IKE_DH=n to set
n=1—DH1
•
n=2—DH2 (default)
•
n=5—DH5
•
431
AT Commands
41111088