CalAmp Fusion User Manual page 71

High-performance multi-band lte router

Hide thumbs Also See for Fusion:

Quick start manual (2 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

page of 123

/ 123
Contents
Table of Contents
Bookmarks

Table of Contents

Remote Subnets

Choose None if encrypted packets are only destined for the Remote IP Address.

Use an IP address with mask if encrypted packets are also destined for the specified network that is beyond the

Remote IP Address. IKEv2 multiple IP address and masks are supported.

IMPORTANT: The Remote Subnet and Local Subnet addresses must not overlap!

Local Interface

The Local interface that this tunnel applies to. Fusion allows setting up specific tunnels per interface. This specifies

the physical interface (typically a WAN interface) that will be used as the "left" IPsec endpoint. Selecting the value

of Any-WAN will result in selecting the interface currently pointed to by the default route.

Local IP from Peer

Also known as Virtual IP. Enable to request an IP address from the peer. This must be enabled when multiple local

subnets and IKE v1 are selected.

Local Subnet

Choose None if only packets generated by Fusion router services will be sent through the tunnel.

Choose one or more Fusion interfaces (typically a LAN interface) to include the specific local subnet on each.

Use an IP address with mask if a network beyond the local LAN will be sending packets through the tunnel.

IMPORTANT: The Remote subnet and Local subnet addresses must not overlap!

Phase 1 Encryption

Use AES-128, AES-256, or 3DES encryption.

Phase 1 Authentication

Use MDS or SHA1 hashing.

Phase 1 DH Group

Negotiate (Auto) or use 768 (Group 1), 1024 (Group 2), 1536 (Group 5) or 2048 (Group 14) bit keys.

Phase 1 Key Lifetime

How long the keying channel of a connection should last before being renegotiated.

Phase 2 Encryption

Use AES-128, AES-256 or 3DES encryption.

Phase 2 Authentication

Use MD5 or SHA1 hashing.

Phase 2 Lifetime

How long a particular instance of a connection should last, from successful negotiation to expiry.

Authenticate By

Select whether authentication will be by Public-Key Encryption (RSA) or a Pre-shared Key.

Pre-shared Key

Predetermined key known to both the local unit and the remote side prior to establishing the tunnel.

Perfect Forward Secrecy

Enable Perfect Forward Secrecy for the session keys.

| Page 65

Fusion Multi-Network LTE Router PN 001-0000-602 Rev. B

Table of Contents

CalAmp Fusion User Manual page 71

Related Manuals for CalAmp Fusion

Related Products for CalAmp Fusion

Table of Contents