User guide

ManualsBrandsVelocity ManualsComputer equipmentEdge GX440

341

342

343

344

345

346

347

348

349

350

ALEOS 4.3.4 Software Configuration User Guide

342 4114514

*IPSEC1_NEG_MODE

*IPSEC2_NEG_MODE

*IPSEC3_NEG_MODE

*IPSEC4_NEG_MODE

*IPSEC5_NEG_MODE

Query or set the negotiation mode for # VPN.

AT*IPSEC[VPN number]_NEG_MODE? returns

AT*IPSEC[VPN number]_NEG_MODE=n to set

•n=1 — Main

• n=2 — Aggressive

Note: Aggressive mode offers increased performance at the expense of

security.

*IPSEC1_PFS

*IPSEC2_PFS

*IPSEC3_PFS

*IPSEC4_PFS

*IPSEC5_PFS

Query or set the Perfect Forward Secrecy (PFS) setting for # VPN.

PFS provides additional security through a DH shared secret value.

When this feature is enabled, one key cannot be derived from another.

This ensures previous and subsequent encryption keys are secure even

if one key is compromised.

AT*IPSEC[VPN number]_PFS? to query PFS

AT*IPSEC[VPN number]_PFS=n to set PFS

• n=0 — Yes (default)

•n=1 — No

*IPSEC1_REMOTE_ADDR

*IPSEC2_REMOTE_ADDR

*IPSEC3_REMOTE_ADDR

*IPSEC4_REMOTE_ADDR

*IPSEC5_REMOTE_ADDR

Query or set the IP address of the device behind the gateway for # VPN.

AT*IPSEC[VPN number]_REMOTE_ADDR? to query

AT*IPSEC[VPN number]_REMOTE_ADDR=[IP address] to set

*IPSEC1_REMOTE_ADDR_TYPE

*IPSEC2_REMOTE_ADDR_TYPE

*IPSEC3_REMOTE_ADDR_TYPE

*IPSEC4_REMOTE_ADDR_TYPE

*IPSEC5_REMOTE_ADDR_TYPE

Query or set network information of the IPsec server behind the IPsec

gateway for # VPN.

AT*IPSEC[VPN number]_REMOTE_ADDR_TYPE? to query

AT*IPSEC[VPN number]_REMOTE_ADDR_TYPE=n to set

• n=5 — Single Address

• n=17 — Subnet Address (default)

*IPSEC1_REMOTE_ADDR_NETMASK

*IPSEC2_REMOTE_ADDR_NETMASK

*IPSEC3_REMOTE_ADDR_NETMASK

*IPSEC4_REMOTE_ADDR_NETMASK

*IPSEC5_REMOTE_ADDR_NETMASK

Query or set the remote subnet mask information (24-bit netmask).

AT*IPSEC[VPN number]_REMOTE_ADDR_NETMASK? to query

AT*IPSEC[VPN number]_REMOTE_ADDR=[subnet mask] to set

Default is 255.255.255.0

*IPSEC1_REMOTE_ID

*IPSEC2_REMOTE_ID

*IPSEC3_REMOTE_ID

*IPSEC4_REMOTE_ID

*IPSEC5_REMOTE_ID

Query or set the remote (Peer Identity) ID for the # VPN.

• If IP is selected as the remote (Peer Identity) type,

AT*IPSEC[VPN number]_REMOTE_ID? returns the WAN IP

address assigned by the Mobile Network Operator

• If FQDN or User FQDN is selected as the remote (Peer Identity)

type, AT*IPSEC[VPN number]_REMOTE_ID? returns the FQDN (for

example me@mycompany.com)

To set the remote ID:

AT*IPSEC[VPN number]_REMOTE _ID=[IP address] or [FQDN],

depending on the setting for remote ID (Peer Identity) type.

Table D-6: VPN Commands (Continued)

Command Description