Manualshelf

User Documentation

ManualsBrandsWeidmueller ManualsAutomation & SoftwareIE-SR-4TX-LTE/4G-EU
51525354555657585960
Version 1.2 / August 2020 Page 55 / 102
Log level
None: Will log no messages through the Event Log
Info: Log only some information and critical errors
Debug: Log state information too
Verbose: Log all possible messages
VPN LED/output con-
troller
The selected device controls the state of the VPN LED and of the
digital VPN output.
IKE ciphers (Phase 1)
Select the cipher suites for Internet Key Exchange (IKE) this con-
nection will support
IKE hash functions
(Phase 1)
Select the hash functions for Internet Key Exchange (IKE) this con-
nection will support
DH group (Phase 1)
Select the Diffie-Hellmann Groups for Internet Key Exchange (IKE)
this connection will support
ESP ciphers (Phase 2)
Select the cipher suites for Encapsulating Security Payload (ESP),
this connection will support
ESP hash functions
(Phase 2)
Select the hash functions for Encapsulating Security Payload
(ESP), this connection will support
Operational mode
Operational mode of the local side:
Active: Try to establish the connection immediately and periodically
retry. This is the normal mode.
Active (switched): Connection setup is triggered by VPN initiate.
Passive: Do not try to establish a connection but wait until a peer at-
tempts to do so. This mode is required to allow connections with an
unknown remote IP address (road warrior setup).
Local ID
This is the name the device will use to identify (not authenticate) it-
self for a PSK connection. If a certificate is used the ID is always
the certificate info. If no ID is given the IP address will be used. En-
tering the IP address is not the same as leaving the field empty!
Blanks are not allowed.
Remote IP address
This is the IP address or the hostname of the remote IPsec peer.
Use “*” to indicate that the remote IP is dynamic and not known in
advance. This does only make sense for the operational mode Pas-
sive (to wait for the peer to connect). If the subnet is also set to “*”
this defines a so-called road warrior setup where e.g. a travelling
may connect. While affixed subnet only allows one remote IPsec
peer, any number of road warriors may connect (e.g. several lap-
tops at different locations can connect to the companies network).
CA certificate
The remote peer its certificate must have been signed by this CA to
be accepted