Manualshelf

Specifications

ManualsBrandsViola Systems ManualsComputer equipment2270
12345678910
10 / 80
6. Choosing the type of the VPN
The communication between Arctic and M2M GW is implemented with establishing a VPN tunnel
(see page 71 Appendix B: Connection establishment for more details).
The Arctics are supporting two commonly used VPN solutions, L2TP-VPN and SSH-VPN. Only
one VPN should be active at any time.
A scenario where some Arctics connect via L2TP-VPN, some with SSH-VPN and M2M GW
administrator with OpenVPN is supported (i.e. the M2M GW supports several types of VPN
peers/clients simultaneously).
6.1. L2TP-VPN
The L2TP (layer 2 tunneling protocol) commonly tunnels PPP (point-to-point protocol) and other
upper layer protocols over IP (Internet protocol). L2TP packets are sent within UDP datagrams.
See RFC-2661 for more details.
By default, the L2TP-VPN is communicating via UDP port 1701.
6.2. SSH-VPN
The SSH-VPN within Viola Systems solution is implemented with OpenSSH. SSH uses
cryptographic keys for authentication and encrypted transport layer. SSH packets are encapsulated
inside TCP packets, which increase the protocol overhead. See http://www.openssh.com for more
details.
By default, the SSH-VPN is communicating via TCP port 22.
6.3. Which VPN to use?
The decision between the two VPN technologies would be made on basis of the following
arguments:
L2TP-VPN provides faster round-trip times and less overhead but no data encryption
SSH-VPN is safer with data encryption, but is also slower with more protocol overhead
In general, L2TP-VPN is recommended e.g. for reading values from meters, whereas the SSH-
VPN is used with applications, where the data security is essential, e.g. in banking applications.
6.4. GRE
Most Arctics are also supporting GRE tunnel. Configuring GRE tunnel is out of scope of this
document. Refer to Arctic’s user manual for more information on GRE tunneling.
7. IP planning
As in any TCP/IP-connected computer network, the IP networking plan plays very important role
when setting up the Viola Systems M2M solution. It is a good practice to have a ready-made IP
plan before continuing to the setup of the devices.
The answer for how many private and public IP addresses are needed depends on the network
setup; the number of M2M GWs and Arctics and the number of TCP/IP connected devices behind
the Arctics, if any.