User's Manual
Table Of Contents
- 1 VIPER OVERVIEW
- 2 SYSTEM ARCHITECTURE AND NETWORK PLANNING
- 3 DATARADIO VIPER QUICK START
- 4 VIPER WEB MANAGEMENT
- 5 UNIT STATUS
- 6 SETUP (BASIC)
- 7 SETUP (ADVANCED)
- 7.1 RF OPTIMIZATIONS
- 7.2 IP SERVICES
- 7.3 IP ADDRESSING
- 7.4 IP OPTIMIZATION
- 7.5 IP ROUTING (TABLE/ENTRIES)
- 7.6 TIME SOURCE
- 7.7 ALARM REPORTING
- 7.8 USER SETTINGS
- 8 SECURITY
- 9 STATISTICS
- 10 MAINTENANCE
- 11 NEIGHBOR MANAGEMENT
- 12 NETWORK OPTIMIZATION
- 13 UPGRADING YOUR FIRMWARE
- VIPER SPECIFICATIONS
- PRODUCT WARRANTY
- DEFINITIONS
001-5008-000(Rev8) Page 91
VPN Configuration
Item Description
VPN Password
This is VPN configuration login password. A password must be at least
8 characters long and contain a combination of three out of the
following character types : uppercase letters, lowercase letters,
numbers, and special characters
For more information on password strength please refer to “Dataradio
Viper Narrowband IP Router Non-Proprietary Security Policy”
document.
Key Strength and Master Key
The master key used by the VPN client and the VPN server can be set to
be one of the following strengths:
128 bits - The Master Key is 16 bytes wide (16 characters).
192 bits - The Master Key is 24 bytes wide (24 characters).
256 bits - The Master Key is 32 bytes wide (32 characters).
Notes:
-If spaces are used, the master key must be entered inside the
quotation marks. Examples:
a_16-byte_string
“a 16-byte string”
- Since hexadecimal (numeric) characters contain 8 bits (compared to
binary-numeric characters, which contain 7 bits) and permit the user to
enter the equivalent of non-printable characters, they provide stronger
security. A hexadecimal value can be entered if started with “0x”.
Example for a 128 bit Master Key (2+32 characters):
0x00112233445566778899aabbccddeeff
-The Master Key Strength and the Master Key have to be the same for a
VPN server and all its clients.
-The Key strength is the same for all VPN keys (not just the Master Key)
General
Automatic Start
Enabled by default. When enabled, the VPN service will automatically
start at power-up.
Operating Mode Select between Server and Client (default)
Block non-VPN Traffic
For VPN Server Only.
Enabled by default.
When enabled, the VPN service blocks all packets from the RF link
which were not sent via a VPN tunnel. This setting is especially useful
on VPN servers to block devices not configured for VPN operation from
sending packets into the corporate network.
Note: This setting is set automatically on each VPN client by its VPN
server.
Idle Timeout
For VPN Server Only.
If there is no traffic on a tunnel for that many minutes, the unit will
attempt to re-key.
Default 15 minutes
Caution: This value affects the time it takes for VPN clients to re-
establish their tunnels after a VPN server (access point) is restarted.
Note: This setting is set automatically on each VPN client by its VPN
server. It is useful for a device to detect when a VPN tunnel endpoint is
down; a smaller value permits a VPN client to switch to another VPN
server sooner.
Key Timeout
For VPN Server Only.
For security reasons, the VPN protocol requires all endpoints on the
Note: This setting is set automatically on each VPN client by its VPN
server.
VPN network to re-key periodically.
Default 6 hours.