Digi X2, X8, X4 manual IP address requirements for VPN tunnels, GSM GPRS/EDGE APN type needed

Page 101

C o n f i g u r e D i g i d e v i c e s

IP address requirements for VPN tunnels

To establish an IPSec VPN tunnel, the IP address of the mobile interface must be publicly accessible. The IP address can be either static or dynamic depending upon the requirements of your VPN end point. The IP address, however, cannot be within a private range of addresses (for example, 10.0.0.0, 172.16.0.0 or 192.168.0.0). If the mobile IP address is within one of the private IP address ranges, the mobile carrier is using a NAT (Network Address Translation) server between your mobile IP address and the internet. The Digi Connect WAN VPN does not currently support NAT-Traversal.

GSM GPRS/EDGE APN type needed

If the VPN end points require static (persistent) IP addresses, you may need a custom access point name (APN). An Internet APN can work in these cases:

The main site (HQ) VPN appliance can support Dynamic DNS names.

Another form of authentication is used (for example, FQDN).

Be aware that these APNs are based on Cingular Blue; other carrier APNs may have similar requirements.

CDMA carrier requirements

The CDMA (Code-Division Multiple Access) carrier requirements are similar to GSM in that static IP addresses may be required depending on the host site concentrator VPN implementation. In both cases, the Digi device’s mobile IP address will likely need to support mobile terminated data; that is, the ability to accept incoming data connections.

HQ router / VPN appliance configuration

For supported protocols, see the IPsec specifications your Digi device. Security policies on the HQ VPN device must match those on the Digi device. The HQ VPN appliance’s peer address is the Digi device’s mobile IP address.

1 0 1

Image 101
Contents ConnectPort X Family User’s Guide E r ’ s G u i d e Contents N t e n t s Configure Digi devices N t e n t s N t e n t s N t e n t s N t e n t s Monitor and manage Digi devices 175 Administration tasks Specifications and certifications Index GlossaryN t e n t s Scope PurposeAudience General release documentation Where to find more informationTo Contact Digi International Use Digi contact informationG i c o n t a c t i n f o r m a t i o n Introduction ConnectPort X Family products User interfaces FeaturesFeature/task Path to feature in the web interface See Quick reference for configuring featuresConfiguration Serial Ports port Profile Settings Configuration Network Advanced Network Settings Set mesh SSH Configuration Security Configuration System Device Identity Settings Configurable network services Hardware featuresNetwork interface features IP protocol support Serial data communication over TCP and UDP Auto-IP Dynamic Host Configuration Protocol DhcpSimple Network Management Protocol Snmp Supported RFCs and MIBsSupported Snmp traps Remote Login rloginSecure Sockets Layer SSL/Transport Layer Security TLS TelnetPoint-to-Point Protocol PPP Internet Control Message Protocol IcmpNetwork Address Translation NAT/Port Forwarding Advanced Digi Discovery Protocol AddpDigi SureLink Mobile/Cellular features and protocol supportProvisioning wizard Global System for Mobile communication GSM Code-Division Multiple Access CdmaMobile/Cellular protocols Enhanced Data Rates for GSM Evolution Edge General Packet Radio Service GprsUniversal Mobile Telecommunications Service Umts Evolution-Data Optimized EV-DO, EVDO, or 1xEV-DO IP address assignment alternatives Encrypted RealPort RealPort softwareModem emulation AlarmsSecurity features Customization capabilities Configuration managementSupported connections and data paths in Digi devices Network servicesNetwork services associated with specific serial ports Network services associated with the command-line interface Network services associated with serial ports in generalNetwork/serial clients Command-line interface CLI-based client connectionsAutoconnect behavior client connections Modem emulation pseudo-modem client connectionsConfiguration capabilities Configuration capabilities and interfacesConfiguration interfaces Digi Device Setup wizard Page Digi Device Discovery utility Advantages of the Digi Device Discovery utility are Web interface Page Command-line interface Connectware Manager interface Connectware Manager Getting Started Guide Simple Network Management Protocol Snmp Additional Snmp resources Standard MIBs supportedDigi enterprise MIBs supported Monitoring interfaces Monitoring capabilities and interfacesSnmp Connectware ManagerAdministration tasks Configure Digi devices Configure an IP address using the Digi Device Setup Wizard Default IP addressMy Computer CD ROM Drive setup.exe Alternate methods for assigning an IP addressConfigure an IP address using Auto-IP Configure an IP address using DhcpIP addresses and Connectware Manager Configure an IP address from the command-line interfaceTest the IP address configuration Configuration through the web interface Install Digi Device Discovery utility By using the Digi Device Discovery utilitySelect Device Discovery Utility and click Install Open the web interfaceDiscover devices Organization of the web interface Home Configuration pagesRestore the Digi device to factory defaults Cancel changesApplication pages Apply and save changesChange the IP address from the web interface, as needed Configure network communications IP settings Alternatives for configuring network communicationsDhcp terminology Dhcp server settingsScope Exclusion rangeGrace period LeaseReservation OptionsDhcp server configuration settings Addresses in the Dhcp server settingsPage Manage the Dhcp server Network services settings # ssh -l fred digi16 -p 2501 # telnet digi16 Addp Service Services provided Default Network Port NumberSnmp Network services and IP pass-through Settings Dynamic DNS update settingsPage Status and history information IP filtering settings IP forwarding settings Example Socket tunnel settings How IP pass-through works IP pass-through settingsN f i g u r e D i g i d e v i c e s Using pinholes to manage the Digi device How IP pass-through affects network access to Digi devicesIP Pass-through Steps to configure IP pass-throughRemote device management and IP pass-through Screen shot shows IP Pass-through configuration settings Uses for VPN-enabled Digi devices Virtual Private Network VPN settingsHow VPN tunnels work Example VPN configurationIP address requirements for VPN tunnels HQ router / VPN appliance configurationGSM GPRS/EDGE APN type needed Cdma carrier requirementsSetting Remote Site Digi Connect VPN VPN Concentrator Using a console portConfigure VPN settings N f i g u r e D i g i d e v i c e s Click VPN Internet Key Exchange IKE Settings Use the following as the identity Page Default Security Policies Page N f i g u r e D i g i d e v i c e s Page N f i g u r e D i g i d e v i c e s Tunnel Network Traffic to the following Remote Network Manual-keyed IPSEc/ESP VPN tunnel security settingsAlgorithm Size Enable Encryption Encryption algorithmAlgorithm Size Key Length Enable Authentication Authentication algorithmIsakmp VPN tunnel security settings Size Key Length VPN tunnel proposal configuration for Isakmp tunnels Advanced network settings Information required from mobile service provider Configure mobile cellular settingsCDMA-based mobile service providers GSM-based mobile service providersMobile service provider settings Set mobile configuration settings to factory defaultsLaunch the Mobile Device Provisioning Wizard Provision a mobile deviceExample provision ConnectPort WAN VPN for Sprint PCS Select a mobile service provider from the listAutomatic versus manual provisioning Select automatic or manual provisioning Device provisioning in progress Provisioning complete Digi SureLink settings Mobile connection settingsLink integrity monitoring settings Hardware reset thresholdsN f i g u r e D i g i d e v i c e s Page Status and statistical information for mobile connections Coordinator Configure Mesh/ZigBee network settingsMesh network terms ZigBee protocol Node ZigBee node types End device RouterZigBee protocol terms ZigBee stackNetwork maximum depth JoiningMaximum child routers Maximum child end devicesMesh Network configuration settings Page Basic radio settings Power Level Conducted Power DBm Advanced radio settingsSelect and configure a port profile Configure serial portsAbout port profiles Click Change ProfileConsole Management profile RealPort profileRFC 2217 support TCP Sockets profileAutomatic TCP connections autoconnection For this connection type Use this Port TCP and UDP network port numbering conventionsUDP Sockets profile Modem Emulation profile Local Configuration profileSerial Bridge profile Custom Profile Basic serial settingsSerial Settings Advanced serial settingsCharacter Key Sequence TCP settingsHexadecimal \xhh Values Tab Line feed Backslash UDP settings Camera settings Configure camera settingsCamera operation Alarm notification settings Configure alarmsAlarm list Alarm conditionsAlarm conditions Enable and Disable Alarms Alarm destinationsDevice description information Configure system settingsSnmp configuration settings Steps for setting up remote management Configure remote management Connectware Manager settingsAbout client-initiated and server-initiated connections Connection settingsLast Known Address LKA Retry if the LKA update fails Client initiated management connection settingsMobile Settings Advanced remote management settingsUsername For more information on Connectware Manager Configure Security settingsAlarms and the Connectware Manager server Enable password authentication Password authenticationFrom the command line About user models and user permissionsChange the password for administrative user Disable password authenticationUse IP filtering Disable unused and non-secure network servicesUpload an SSH public key Python configuration pages Configure applicationsPython program management Recommended distribution of Python interpreterManually execute uploaded Python programs Auto-start settingsPython files Verify device support of commands Configuration through the command lineAccess the command line To configure Use this command Set snmp N f i g u r e D i g i d e v i c e s Configuration through Connectware Manager ZigBee Networks View Node View N f i g u r e D i g i d e v i c e s What’s next? Batch capabilities for configuring multiple devicesMonitor and manage Digi devices Display system information Monitoring capabilities in the web interfaceGeneral system information Up Time Serial port diagnosticsTotal/Used/Free Memory Serial port informationSignals ConfigurationOverflow Errors Overrun ErrorsFraming Errors Parity ErrorsNetwork statistics IP Statistics Datagrams Received Datagrams Forwarded Default Time-To-LiveForwarding No RoutesIcmp statistics UDP statisticsMobile information and statistics Signal Strength RssiMobile Connection Statistics Registration Status Cell IDInactivity Timer Idle ResetsMobile Statistics IP AddressPhone Number Mobile InformationModem Manufacturer Modem Serial NumberSession successes SureLink statisticsSession failures Session consecutive failuresTotal failures DiagnosticsTotal link down requests Total bypassesManage serial ports Manage connections and servicesManage connections Manage VPN connectionsEvent logging Manage network servicesManage Dhcp server operation Start, stop, and restart the Dhcp serverView and manage current Dhcp leases Assigned active Lease status typesAssigned expired Reserved activeManage Mesh networks ReleasedUnavailable Address Manage Mesh networks from the web interface Network view of the Mesh devices Gateway device detailsPython Application ZigBee Socket Counters Frames SentTransmit I/O Errors Python Application ZigBee Socket Error CountsNot Joined Errors Self Addressed ErrorsMesh device state pages Display Monitoring capabilities from the command lineCommands for displaying device information and statistics Info Set buffer and display buffers Set alarmSet snmp ShowCommands for managing connections and sessions Set mesh Commands for managing Mesh networks and nodesConfigure Mesh network settings command syntax Display Mesh network configuration settings command syntax PAN ID Display meshInfo zigbeesockets Monitoring capabilities from Connectware Manager Monitor/manage Mesh networks from Connectware Manager Monitoring Capabilities from Snmp Administration tasks Administration from the web interface File management Custom files are not deleted by device resetUploading Files Delete filesCertificate/Key Management Backup/restore device configurations Update firmware from a file on a PC Update firmware and Boot/POST CodeUpdate Firmware from a Tftp Server PrerequisitesUsing the web interface Restore a device configuration to factory defaultsSettings cleared and retained during factory reset WAN Using the Reset buttonEnable/disable access to network services Reboot the Digi deviceAdministrative task Command Administration from the command-line interfaceSpecifications and certifications Specification Value Hardware specificationsConnectPort X8 specifications Regulatory information and certifications Safety standardsFCC Part 15 Class B Radio Frequency Interface RFI FCCDeclaration of Conformity Modifications FCCIndustry Canada Standards ConnectPort International EMC StandardsImportant Safety Information Address Resolution Protocol ARP Access control listAlarms 802.11COM port redirection Configuration managementDevice server Digi Device Setup WizardDynamic Host Configuration Protocol Dhcp Encryption Encapsulating Security Payload ESPEnhanced Data Rates for Global Evolution Edge ESP PassthroughGeneral Packet Radio Service Gprs Factory defaultsHigh Speed Downlink Packet Access Hsdpa File Transfer Protocol FTPInternet Control Message Protocol Icmp HyperText Transfer Protocol HttpHyperText Transfer Protocol over Secure Socket Layer Https IPsec Internet Protocol Security Internet Group Management Protocol IgmpIP filtering Mobile Device Provisioning Wizard Management Information Base MIBPort forwarding Power-On Self Test PostModem emulation Rlogin Remote login rloginProvisioning RealPortSecure Sockets Layer SSL Setup WizardSerial bridge Serial tunnelingTelnet Static IP address assignmentTransport Layer Security TLS Transmission Control Protocol TCPTrivial File Transfer Protocol Tftp TTY port redirectionUser Datagram Protocol UDP Universal Mobile Telecommunications Service UmtsZigBee To 255 devices in a single Wpan Index DCD 145 Dhcp Gprs NAT Local Configuration Modem Emulation PPP D e 151 TCP D e D e
Related manuals
Manual 254 pages 23.55 Kb Manual 1 pages 201 b

X4, X8, X2 specifications

Digi X2 and X1 are advanced cellular IoT (Internet of Things) gateways that provide an innovative solution for industrial applications, smart cities, and remote asset management. Both devices equip users with the means to connect, monitor, and control a wide variety of assets without the limitations traditionally imposed by wired connections.

Digi X2, designed for complex IoT demands, features dual SIM slots which ensures uninterrupted connectivity through automatic failover. This makes it particularly valuable for critical applications where connectivity is non-negotiable. Additionally, the X2 is equipped with LTE-M and NB-IoT support, enabling extensive coverage in areas where other networks may struggle.

On the software side, the Digi X2 supports Digi Remote Manager, a powerful tool that allows users to monitor, manage, and deploy devices remotely. This cloud-based management system simplifies the overall management of IoT devices by providing real-time insights, easy configuration changes, and over-the-air updates, saving both time and resources.

In contrast, the Digi X1 serves as an entry-level model that balances performance with cost-effectiveness. It supports LTE connectivity, providing a reliable connection suitable for a variety of applications. The X1 also offers seamless integration with existing networks, allowing users to leverage their current infrastructure while expanding their IoT capabilities.

Both Digi X2 and X1 are designed with ruggedness in mind, making them suitable for deployment in harsh environments. They are engineered to withstand extreme temperatures and vibrations, ensuring reliability even in demanding industrial settings.

Another notable characteristic of these devices is their extensive input/output (I/O) capabilities, which enable them to interact with sensors, machines, and other types of devices. This versatility allows for a broad spectrum of applications, from monitoring temperatures in remote locations to tracking assets across geographic boundaries.

In summary, the Digi X1 and X2 provide robust, reliable, and scalable solutions for modern IoT implementations. With their advanced cellular connectivity, cloud management capabilities, and durable design, they are poised to enhance connectivity across industries, driving efficiencies and enabling smarter operations. Whether for critical industrial applications or efficient asset management, Digi's offerings are tailored to meet the diverse needs of today's IoT landscape.