Table of Contents
Advertisement
Virtual Private Networks (VPN)
Command line
1. Log into the Connect IT Mini command line as a user with full Admin access rights.
Depending on your device configuration, you may be presented with an Access selection
menu. Type admin to access the Admin CLI.
2. At the command line, type config to enter configuration mode:
> config
(config)>
3. Add an IPsec tunnel. For example, to add an IPsec tunnel named ipsec_example:
(config)> add vpn ipsec tunnel ipsec_example
(config vpn ipsec tunnel ipsec_example)>
The IPsec tunnel is enabled by default. To disable:
(config vpn ipsec tunnel ipsec_example)> enable false
(config vpn ipsec tunnel ipsec_example)>
4. (Optional) Configure the device to serve as a backup IPsec tunnel.
When configuring a backup IPsec tunnel the ipsec_failover parameter instructs the backup
tunnel to only start when the primary tunnel is determined to have failed. It will continue to
operate until the preferred tunnel returns to full operational status.
When configuring the primary tunnel, and when configuring tunnels that will not fail over to a
backup tunnel, do not set this parameter.
a. Use the ? to view a list of available tunnels:
(config vpn ipsec tunnel ipsec_example)> ipsec_failover ?
Preferred tunnel: This tunnel will not start until the preferred tunnel has failed. It will continue
to operate until the preferred tunnel returns to full operation status.
Format:
primary_ipsec_tunnel
Optional: yes
Current value:
(config vpn ipsec tunnel ipsec_example)> ipsec_failover
b. Set the primary IPsec tunnel:
(config vpn ipsec tunnel ipsec_example)> ipsec_failover primary_ipsec_tunnel
(config vpn ipsec tunnel ipsec_example)>
5. (Optional) Set the tunnel to use UDP encapsulation even when it does not detect that NAT is
being used:
(config vpn ipsec tunnel ipsec_example)> force_udp_encap true
(config vpn ipsec tunnel ipsec_example)>
Digi Connect IT® Mini User Guide
IPsec
195
Advertisement
Table of Contents
