Manualshelf

User manual

ManualsBrandsVanguard ManualsComputer equipment7300 Series
71727374757677787980
74
IPsec Support
IPsec
Selecting Enable will launch the IPsec process and start all enabled tunnels. Selecting Disable will stop all tunnels
and shutdown the IPsec process. Note that all enabled tunnels will be launched automatically when the unit
connects to the cellular carrier.
NAT Mode
Determines how packets are addressed. Selecting Bypass will allow packets coming from Local Subnet addresses
through the NAT firewall unchanged. This may be sufficient when traffic only travels from Local Subnet to Remote
Subnet. (LAN Settings > Bind to Eth IP may need to be enabled to make sure that packets generated by Vanguard
SC services appear to originate from a Local Subnet address.) NAT changes the source address to match the Status
> PPP IP Address. NAT-Traversal enables the NAT-T protocol which can support traffic beyond just the Local &
Remote Subnets.
Tunnel Monitor
To supplement/complement Dead Peer Detection, tunnels can be monitored by sending periodic pings, with the tunnels
being restarted if the pings repeatedly fail. Tunnel monitoring is controlled by the following five parameters …
IP Address 1 & IP Address 2:
Up to two addresses may be entered. Only those tunnels where the IP address matches the Remote IP Address or
belongs to the Local Subnet or Remote Subnet are monitored. A value of 0.0.0.0 disables monitoring.
Delay:
How often, in seconds, to send pings over the tunnel.
Fail count threshold:
The number of successive pings that need to fail to cause the tunnel to be restarted.
Success count threshold:
The number of successive pings that need to succeed for the tunnel to be considered “up” and for the process of
counting failed pings to begin.
Tunnel Configuration
Tunnel Item
Tunnel number, starts from 1 and increments for each new tunnel. To update an existing tunnel, use its
corresponding number from the tunnel table. To add a new tunnel, use the last tunnel shown in the Tunnel Table
+ 1.
Label
This is a label to identify a tunnel and must correspond to the name specified for the remote endpoint.
Remote IP Address
The IP address of the remote endpoint of the tunnel.
Remote Subnet