Home » Lantronix Manuals » Electronics Accessories » Lantronix X300 Series » Manual Viewer

Lantronix X300 Series X300 Series User Guide Rev B - Page 76

: VPN, IPsec (Internet Protocol Security), VPN

View all Lantronix X300 Series manuals

Add to My Manuals
Save this manual to your list of manuals

Page 76 highlights

9: VPN A Virtual Private Network (VPN) tunnel carries traffic of a private network from one endpoint system to another over a public network such as the Internet. The traffic of a private network so carried over a public network does not know about the existence of the intermediate hops between the two endpoints. Similarly, the intermediate hops are also not aware that they are carrying the network packets that are traversing the tunnel. The tunnel may optionally compress and/or encrypt the data, providing enhanced performance and some measure of security. Note: The X300 series gateways support additional tunneling protocols. For L2TP, PPtP, or GRE protocol configuration, see Interface Protocols. IPsec (Internet Protocol Security) VPN > IPsec The IP Security (IPsec) suite of protocols are designed for cryptographically secure communication at the IP layer. The gateway uses standard IPsec protocol to protect traffic. The identity of communicating users is checked with the user authentication based on pre-shared keys (PSK) or X.509 certificates. The IPsec VPN instance can be started or stopped from the Web UI or by sending an SMS AT+VPN command. See Table 10-16 SMS AT Command Syntax. You can configure a router-to-router VPN connection. To configure an IPsec instance: 1. Go to VPN > IPsec, and click Add. 2. Under Gateway to Gateway, click Add. 3. Enter the VPN configuration details on the General Settings (Table 9-1) and Advanced Settings (Table 9-2) tabs. Parameters Profile Name ProtoType Enable Remote IPsec router Remote Address Remote ID Table 9-1 IPsec General Settings Description Enter the Profile Name to identify the router-to-router IPsec VPN connection. Gateway to Gateway is selected. Check to enable the connection. Enter the remote WAN IP Address or domain name of the remote IPsec router server. Enter the remote LAN IP Address and subnet of the remote IPSEC router server for use on the VPN connection. Enter the ID of the remote network as configured on the remote IPsec router server. X300 Series IoT Cellular Gateway User Guide 76

Section	Page
X300 Series IoT Cellular Gateway User Guide	1
Contents	4
List of Figures	10
List of Tables	11
1: About this Guide	15
Purpose	15
Summary of Chapters	15
Additional Documentation	17
2: Introduction	18
Key Features	18
InfiniShield™ Security	18
Software Features	18
Lantronix Software Services	19
Applications	19
SKU Information	19
Hardware Components	21
General Specification	21
Front Panel	22
Back Panel	24
LEDs	25
Cellular	26
SIM Slot	27
Antenna Connections	27
Certified Antennas	27
Antenna Selection	27
Ethernet Port (LAN)	28
Serial Port	29
Power Input	30
Power Consumption	30
Reset Button	30
Product Label	31
3: Installation	32
Package Contents	32
User Supplied Items	32
Accessories	33
Preparing to Install	34
Enabling DHCP Client on Your Computer	34
SIM Card Management	34
SIM Card Activation	34
SIM Management Portal	35
Second SIM Card	35
Lantronix Connectivity Services Links	35
Physical Installation	35
Insert SIM Card	35
Connect the Antennas	37
Connect the AC Power	37
Connect the Gateway to a Computer	38
Connect using Wi-Fi	38
Connect using Ethernet	38
Default Configuration	40
Web Admin Page	40
Wireless Access Point SSID	40
Default Interface Configuration	40
4: Web Administration Interface	41
Logging In	42
Change Passwords After Initial Login	43
Logging Out	44
5: Using Lantronix Provisioning Manager	45
Installing Lantronix Provisioning Manager	45
Accessing the Gateway Using Lantronix Provisioning Manager	45
6: Quick Setup	46
Quick Setup	46
7: Status	48
Overview (Page)	48
System Status	48
ConsoleFlow Status	49
Memory Status	50
MWAN Interfaces Status	50
Firewall Status	50
Network Status	51
Cellular Status	52
Network Status	53
Active DHCP and DHCPv6 Leases Status	53
Wireless Status	54
Dynamic DNS Status	54
Routes	55
System Log	56
Kernel Log	56
Processes	56
Realtime Graphs	57
Load	57
Traffic	58
Wireless	58
Connection	59
Load Balancing	61
Interface	61
Detail	61
Diagnostics	61
Troubleshooting	61
8: System	62
System	62
General Settings	62
Logging	63
Time Synchronization	64
Language and Style	65
Administration	65
Router Password	65
SSH Access	65
SSH-Keys	66
Software	66
Configure OPKG	67
Startup	68
Initscripts	68
Local Startup	69
Scheduled Tasks	69
LED Configuration	70
Backup / Flash Firmware	72
Actions	72
Configuration	73
Custom Commands	73
Write Custom Shell Command	73
Run Custom Shell Command	74
Reboot	74
Schedule a Reboot	74
9: VPN	76
IPsec (Internet Protocol Security)	76
OpenVPN	80
OpenVPN Instances	80
Template-based Configuration	82
Predefined templates	82
Edit the template-based configuration	82
OpenVPN Configuration File	82
Edit the OVPN Configuration File	82
10: Services	83
Agents	83
DOTA	84
Lantronix Server	84
Custom Server	84
Dynamic DNS	86
External Filesystems	89
GPS	90
Description of NMEA Messages	91
GPGGA Format	92
GPRMC Format	93
GPGSV Format	94
GPGSA Format	95
GPVTG Format	96
Keepalived	98
Keepalived Configuration	98
Logs Information	101
Page Selector	101
Reporting Agent	102
Sending Data	103
Data Format	104
Service Actions	104
SMS	105
SMS Configuration	105
SMS AT Commands	105
Ethernet SMS	108
Live Message	109
SNMPD	110
SNMP Architecture	110
SNMP Versions	110
SNMP Configuration	111
Agent Behavior	111
View-based Access Control Model (VACM)	111
SNMPv3 with User-based Security Model (USM)	112
System Information and Monitoring	112
Active Monitoring	112
Configure SNMPv1 or SNMPv2	113
Configure SNMPv3 with USM	113
SNMPTRAPD	120
SNMP-TRAP Configuration	120
uHTTPd	123
Web Server Configuration	123
Self-Signed SSL Certificate Parameters	125
11: Network	126
Interfaces	126
Interfaces Overview	126
Interface Status	128
Interface Protocols	129
Protocol Descriptions	130
Static Address	130
DHCP Client	132
DHCPv6 Client	134
PPPoE	135
QMI Cellular	138
CELLULAR Interface	140
LAN Interface	141
DHCP Server	141
WWAN and WWAN6 Interface	143
Add Virtual Interface	144
Relay Bridge	147
Wireless	148
Wireless Network Configuration	149
DHCP and DNS	152
General Settings	152
Resolv and Host Files	153
TFTP Settings	153
Advanced Settings	154
Static Leases	155
Hostnames	156
Static Routes	156
Static IPv4 Routes	156
Static IPv6 Routes	157
Diagnostics	159
Firewall	160
General Settings	160
Firewall Global Settings	160
Firewall Zones	161
Port Forwards	163
Add Port Forwarding Rule	163
Traffic Rules	164
Add Traffic Rule	165
Custom Rules	166
QoS	167
Load Balancing	169
How it works	169
Globals	169
Interfaces	170
Members	172
Policies	173
Rules	175
Notification	176
12: Bluetooth	177
Bluetooth Settings	177
Configure Bluetooth settings	177
Scan for and Pair a Device	177
Bluetooth SPP	178
Configure Bluetooth SPP Connection	179
Configure Tunnel SPP Slave	179
Configure Tunnel SPP Master	179
13: ConsoleFlow	181
Client	181
ConsoleFlow Line	182
14: Discovery	184
Query Port	184
15: Serial	185
Serial Line Statistics	185
Serial Line Configuration	185
16: SSL	187
Credentials	187
Trusted Authorities	188
17: Tunnel	190
Tunnel Statistics	190
Tunnel Modbus RTU to Modbus TCP	190
Tunnel Accept	191
Tunnel Connect	194
Hosts	195
Connecting Multiple Hosts	196
Tunnel Disconnect	197
A: Compliance Information	198
FCC Statement	199
Federal Communication Commission Interference Statement	199
ISED Statement	200
EU Declaration of Conformity	201
EU Statements	204
RF Output Power of X303F202S	210
RF Output Power of X304G002S	211
B: Power Cable Schematic	212
Power Cable Schematic	212
C: List of Acronyms and Protocols	213

Match case Limit results 1 per page

X300 Series IoT Cellular Gateway User Guide

VPN

A Virtual Private Network (VPN) tunnel carries traffic of a private network from one endpoint

system to another over a public network such as the Internet. The traffic of a private network so

carried over a public network does not know about the existence of the intermediate hops between

the two endpoints. Similarly, the intermediate hops are also not aware that they are carrying the

network packets that are traversing the tunnel. The tunnel may optionally compress and/or encrypt

the data, providing enhanced performance and some measure of security.

Note:

The X300 series gateways support additional tunneling protocols. For L2TP,

PPtP, or GRE protocol configuration, see

Interface Protocols

IPsec (Internet Protocol Security)

VPN > IPsec

The IP Security (IPsec) suite of protocols are designed for cryptographically secure

communication at the IP layer. The gateway uses standard IPsec protocol to protect traffic. The

identity of communicating users is checked with the user authentication based on pre-shared keys

(PSK) or X.509 certificates.

The IPsec VPN instance can be started or stopped from the Web UI or by sending an SMS

AT+VPN command. See

Table 10-16 SMS AT Command Syntax

You can configure a router-to-router VPN connection.

To configure an IPsec instance:

Go to VPN > IPsec, and click

Add

Under Gateway to Gateway, click

Add

Enter the VPN configuration details on the General Settings (

Table 9-1

) and Advanced

Settings (

Table 9-2

) tabs.

Table 9-1

IPsec General Settings

Parameters

Description

Profile Name

Enter the Profile Name to identify the router–to-router IPsec VPN

connection.

ProtoType

Gateway to Gateway is selected.

Enable

Check to enable the connection.

Remote IPsec router

Enter the remote WAN IP Address or domain name of the remote IPsec

router server.

Remote Address

Enter the remote LAN IP Address and subnet of the remote IPSEC

router server for use on the VPN connection.

Remote ID

Enter the ID of the remote network as configured on the remote IPsec

router server.