Filter
Top Products
set vpn
228 Chapter 2 Command Descriptions
set vpn
Devices
supported
This command is supported in Digi Cellular Family products only, except
Digi Connect WAN.
Purpose Configures Virtual Private Network (VPN) settings. Virtual Private Networks
(VPN) are used to securely connect two private networks together so that
devices may connect from one network to the other network using secure
channels. VPN uses IP Security (IPSec) technology to protect the
transferring of data over the Internet Protocol (IP).
The Digi Cellular Family device is responsible for handling the routing
between networks. Devices within the private network of the Digi Cellular
Family device can connect directly to devices on the other private network
to which the VPN tunnel is established to. The VPN tunnels are configured
using various security settings and methods to ensure the networks are
secured.
Connect WAN products support up to two VPN tunnels. ConnectPort WAN
products support up to five VPN tunnels.
It is generally easier to configure VPN tunnel settings through the Web user
interface. VPN settings are configured on the
Network > Virtual Private Network (VPN) configuration pages named
VPN Settings and VPN Tunnel Settings.
There are several uses of the “set vpn” command:
• Configure global VPN options, including:
• The connection mode method used to negotiate Internet Key
Exchange (IKE) Phase One using Internet Security Association and
Key Management Protocol (ISAKMP).
• How the VPN client is identified to the remote VPN endpoint.
• The Diffie-Hellman group used within IKE to establish the session
keys used to create a secure channel. The method and security fac-
tor used to control the key exchange is specified by the Diffie-Hell-
man group.
• Use of Perfect Forward Secrecy (PFS).
• Use of antireplay.
• Configure and modify VPN tunnel options: VPN Tunnels define the
actual tunnels that exist between two private networks. The tunnels
specify the information required to establish the secure channel, the
routing between the networks, and the security policies used to encrypt
and authorize the data. A maximum of two tunnels may be created.
Configuring a VPN tunnel requires the remote VPN endpoint and the
method by which to establish the VPN tunnel. These settings are
typically specified by the remote VPN server and should correspond
accordingly. Both manually keyed and ISAKMP tunnels can be
configured.