User guide

VPN Configuration

Rev 2.0 C Aug.10 59

Figure 6-2: ACEmanager: VPN 1 - VPN

Command Description

VPN # Type Tunnel Disabled or IPsec tunnel. Use this option to enable or disable the VPN tunnel. If

custom settings are used, they will be saved and the tunnel can be disabled and reenabled

without needing to reenter any of the settings. The IPsec VPN employs the IKE (Internet

Key Exchange) protocol to set up a Security Association (SA) between the AirLink Device

and a Cisco (or Cisco compatible) enterprise VPN server. IPSec consists of two phases to

setup an SA between peer VPNs. Phase 1 creates a secure channel between the AirLink

Device VPN and the enterprise VPN, thereby enabling IKE exchanges. Phase 2 sets up the

IPSec SA that is used to securely transmit enterprise data. For a successful configuration,

all settings for the VPN tunnel must be identical between the AirLink Device VPN and the

enterprise VPN server.

VPN1 Status Disabled, Not Connected, or Connected. This indicates the current status of the VPN

connection. Use this as part of troubleshooting a VPN connection.

SNTP Server Address The Simple Network Time Protocol Server (SNTP) ensures the clock on the AirLink Device

VPN is synched to standard time. The default NTP server is pool.ntp.org. You can specify

any preferred NTP server. Both the VPN server and client must use the same SNTP

address.

VPN Gateway

Address

The IP address of the server that this client connects to. This IP address must be open to

connections from the AirLink Device Box.

Remote Subnet (IP

Addr Mask)

The default configuration is 0.0.0.0/0 which will direct all traffic over the GRE tunnel.

Pre-shared Key 1 Pre-shared Key (PSK) used to initiate the VPN tunnel.