Digi 90000566_H - page 234

set vpn

234 Chapter 2 Command Descriptions

remote_vpn_endpoint=(fqdn|ip address}

The IP address or hostname of the peer with which the VPN

connection is established.

remote_tunnel_addr=ip address

remote_tunnel_mask=subnet mask

remote_tunnel_range=ip address-ip address

These options specify the routes required to access clients on the

remote network. They also specify the remote peers that local clients

are allowed to connect to. The remote network specifies the private

network to which the remote VPN endpoint is connected.

local_tunnel_addr=ip address

local_tunnel_mask=subnet mask

local_tunnel_range=ip address-ip address

These options specify the routes required to access clients on the local

network. They also specify the clients that are allowed to access the

remote clients through the VPN tunnel. Typically, the local network

specifies the same network and subnet connected to the Digi Cellular

device's Ethernet port. Thus, any client on the same network will be

able to communicate over the VPN tunnel.

[manually-keyed options]

These options are for VPN manually-keyed VPN tunnels. To properly

configure a manual-keyed tunnel, the following settings are required to

be set as specified by the remote VPN server. This includes the local and

remote network settings that handle the routing between the local and

remote peers. It also includes the security settings for both incoming and

outgoing traffic, which may be different from each other, depending on

the implementation of the remote VPN server. Incoming or inbound traffic

is defined as any traffic sent from a remote peer on the remote network

of the remote VPN endpoint to a local peer on the local network. Outgoing

or outbound traffic is defined as any traffic sent from a local peer to a

remote peer.

mode=manually-keyed

Indicates that the settings are for a manually-keyed VPN tunnel.

Manually-keyed tunnels specify the tunnel and security settings

manually. These settings must match the settings of the remote VPN

endpoint.

inbound_spi=256 - 2^32

The Security Parameter Index (SPI) for inbound traffic.The SPI defines

the unique index for a tunnel used to identify the security settings for

IPSec. The SPI is a 32-bit unsigned value that must not be less than

256.

Contents

Main Digi Connect Family Command Reference www.digi.com Page Contents Page Page Page Digi Connect Products and Families to Which This Book Applies Quick Reference for Configuring Features Page Page Access the Command Line Configure an IP Address Basic Command Information Page User Models and User Permissions in Digi Connect Products Page Page Verifying Device Support for Commands backup boot Page close connect dhcpserver dhcpserver 24 Chapter 2 Command Descriptions Example Page Page display Page Page Page display Chapter 2 Command Descriptions 31 Example Display Virtual Private Network (VPN) status information Page Page Page Page Page display buffers Page exit help and ? info Page Ethernet statistics ICMP statistics Page Serial statistics Page Wireless (WLAN) statistics Page kill mode newpass ping provision Page Page Page Page python quit reconnect revert Page Page Page Page rlogin send set accesscontrol Page set alarm set alarm Page Page Page Page Page Page Page Page Page set autoconnect Page Page Page set bsc Page Page Page Page set buffer Page set ddns Page Page Page set dhcpserver Page Page Page Page Page set dhcpserver 102 Chapter 2 Command Descriptions Display current DHCP Server settings Page set ekahau Page Page set ethernet Page set forwarding Page Page Page set gpio Page set group Page Page set host set ia Page Page Page Page Page Page Page Page Page Page Page set login set menu Page Page Page Page set mgmtconnection Page Page set mgmtglobal Page Page set mgmtnetwork Page Page set nat Page Page set network Page Page Page set passthrough Page Page Page set permissions set permissions Syntax Page Page Page Page Page set pmodem Page set pppoutbound Page Page Page Page Page set profile Page Page set putty Page Page Page set putty The complete list of allowed character sets is: Character Set name Description Page Page Page set python set rciserial set realport Page set rtstoggle Page set serial Page set service Page Page set service Service Services Provided Default Network Port Number set service Service Services Provided Default Network Port Number Page Page set snmp Page set socket_tunnel Page set surelink Page Page Page Page Page set switches Page Page set system set tcpserial Page Page set term set udpserial Page Page Page set user Page Page Page Page set video set vncclient Page set vpn Page set vpn To specify proposals: see syntax and options for Set IKE/ISAKMP SA Phase 2 Options. Set IKE/ISAKMP SA Phase 1 Options Set IKE/ISAKMP SA Phase 2 Options Display current VPN settings Page Page Page Page Page Page Page Page Page Page set wlan Page Page Page Page Page Page Page show show Option Displays settings configured by Works w/ port option Works w/ range option show Option Displays settings configured by Works w/ port option Works w/ range option Page Page status telnet vpn Page who What Is Modem Emulation? Modem Emulation Cable Signals Modes of Operation Common User Scenarios for Modem Emulation User Scenario - Diagram A User Scenario - Diagram B Connection Scenarios for Modem Emulation Page Modem Emulation AT Command Set Modem Emulation AT Command Set Code Modem Emulation AT Command Set AT Command Function Result Code Page S-Register Definitions S-Register Definitions Following is a description of the S-registers that can be set. Register Function Range Units Default S-Register Definitions Register Function Range Units Default Result Codes Result Codes emulation commands. Short Long Form Short Long Form Short Long Form Page Index A B C D E F G H I K L M O P Q R S Page T U V W X