Cradlepoint COR IBR350 Manual page 107

Hide thumbs Also See for COR IBR350:

Quick start manual (9 pages)

Quick start manual (4 pages)

Manual (94 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

page of 148

/ 148
Contents
Table of Contents
Bookmarks

Table of Contents

Responder Mode: When enabled, the router will not initiate negotiation with peers, otherwise start negotiations as soon as possible.

Local Identity: Speciﬁes the identiﬁer sent to the remote host during phase 1 negotiation. If left blank it will default to the IP address of the WAN

connection. Currently we only support identiﬁers in the form of an IP address, a user-fully qualiﬁed domain name (user@mydomain.com) or just a

fully qualiﬁed domain name (www.mydomain.com). If the remote side of the tunnel is conﬁgured to expect an identiﬁer, then both must match in

order for the negotiation to succeed. If NAT-T is being used, a single word (instead of an address) can be used if a DynDNS connection is not being

used.

Remote Identity: Speciﬁes the identiﬁer we expect to receive from the remote host during phase 1 negotiation. If no identiﬁer is deﬁned then no

veriﬁcation of the remote peer's identiﬁcation will be done. Currently we only support identiﬁers in the form of an IP address, a user-fully qualiﬁed

domain name (user@mydomain.com) or just a fully qualiﬁed domain name (www.mydomain.com). If left blank we will default to the IP address of

the WAN connection. If NAT-T is being used, a single word (instead of an address) can be used if a DynDNS connection is not being used.

Authentication Mode: Select from Pre-Shared Key and Certiﬁcate. Pre-Shared Key is used when there is a single key common to both ends

of the VPN. Certiﬁcate requires the creation of a set of certiﬁcates and a private key that can be uploaded to the router. Select Enable Certiﬁcate

Support in the Global VPN Settings section to upload a single set of certiﬁcates for the router to use.

Pre-Shared Key: Create a password or key. The routers on both sides of the tunnel must use this same key.

Mode: Tunnel or Transport. Tunnel Mode is used for protecting traﬃc between diﬀerent networks, when traﬃc must pass through an intermediate,

untrusted network. Transport Mode is used for end-to-end communications (for example, for communications between a client and a server).

Initiation Mode: Always On or On Demand. Always On is used if you want the tunnel to initiate the tunnel connection whenever the WAN

becomes available. Select On Demand if you want the tunnel to initiate a connection if and only if there is data traﬃc bound for the remote side

of the tunnel.

Tunnel Enabled: Enabled or Disabled.

MBR1200 Quick Connect: VPN tunnels in more advanced Cradlepoint devices have more choices than they did in the MBR1200, so they are more

complex to conﬁgure now. Check this box to simplify setup by streamlining your options to match the old settings from the Cradlepoint MBR1200.

Add/Edit Tunnel – Local Gateway IP Version: Select IPv4 or IPv6.

WAN Binding: WAN Binding is an optional parameter used to conﬁgure the VPN tunnel to ONLY operate when the speciﬁed WAN device(s) are

available and connected. An example use case is when there is a router with both a primary and failover WAN device and the tunnel should only

be used when the system has failed over to the backup connection.

Make a selection for "When," "Condition," and "Value" to create a WAN Binding. The condition will be in the form of these examples:

Figure 136: Add/Edit VPN Tunnel Local Gateway

When

Condition

Port

Type

is not

107

Value

USB Port 1

WiMAX

Table of Contents

Cradlepoint COR IBR350 Manual page 107

Related Manuals for Cradlepoint COR IBR350

Related Products for Cradlepoint COR IBR350

Table of Contents