Tunnel Configuration - CalAmp Fusion User Manual

High-performance multi-band lte router

Hide thumbs Also See for Fusion:

Quick start manual (2 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

page of 123

/ 123
Contents
Table of Contents
Bookmarks

Table of Contents

IPsec facilitates configuration of secured communication tunnels. The various tunnel configurations will be displayed in

the Tunnel Table at the bottom of the page. All tunnels are created using the ESP (Encapsulating Security Payload)

protocol. Fusion supports IPSEC IKE v1 and IKE v2. For IKE v2 tunnels, MOBIKE can also be enabled.

General Settings

IPsec enable or disable

Selecting Enable will launch the IPsec process and start all enabled tunnels. Selecting Disable will stop all tunnels

and shut down the IPsec process. Note that all enabled tunnels will be launched automatically when the unit

connects to the cellular carrier.

NAT Traversal

This setting applies only to IKE v1 tunnels.

Determines how packets are addressed. Selecting Enable will allow packets coming from Local Subnet addresses

through the NAT firewall unchanged. This may be sufficient when traffic only travels from Local Subnet to Remote

Subnet.

Note: packets generated by Fusion LTE services appear to originate from one of the Fusion's WAN addresses and

cannot be sent via subnet-to-subnet tunnels. Use a WAN-to-subnet tunnel for this (see "Local Subnet" below).

NAT changes the source address to match the IP Address of an outgoing interface used by the tunnel. NAT Traversal

enables the NAT-T protocol which can support traffic beyond just the Local and Remote Subnets.

Tunnel Configuration

Tunnel ID

A number assigned to each tunnel for identification when the tunnel is first configured and saved. Tunnel IDs start

from 1 and increment for each new tunnel added. To add a new tunnel, enter a new Tunnel ID number, complete

the necessary configuration information below, and click the Add button just above the Tunnel Table.

Note that for successful tunnel setup most of the following items must match the configuration of the remote VPN

host. Please refer to the remote host's configuration.

IKE Mode

Internet Key Exchange Mode Configuration, select v1 or v2 for version 1 or version 2.

MOBIKE

Mobility and multi-homing extension to Internet Key Exchange (IKE v2). MOBIKE allows the IP addresses associated

with IKE v2 and tunnel mode IPsec security associations to change.

Label

This is a label to identify a tunnel (use alphanumeric characters only).

Remote IP Address

The IP address of the remote endpoint of the tunnel.

Remote ID

The authentication address of the remote endpoint. Use None if this is the same as the Remote IP Address. Use Any

if not known. If selecting Use IP, enter the IP address in the spaces provided.

Fusion Multi-Network LTE Router PN 001-0000-602 Rev. B

| Page 64

Table of Contents

Tunnel Configuration - CalAmp Fusion User Manual

Tunnel Configuration

Related Manuals for CalAmp Fusion

Related Content for CalAmp Fusion

Table of Contents