tainy hmod-v3-io, tainy hmod-l3-io - Dr. Neuhaus ...
tainy hmod-v3-io, tainy hmod-l3-io - Dr. Neuhaus ...
tainy hmod-v3-io, tainy hmod-l3-io - Dr. Neuhaus ...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
7.4 Loading VPN certificates<br />
IPsec VPN ><br />
Connect<strong>io</strong>ns<br />
ONLY TAINY HMOD-V3-IO<br />
ONLY TAINY EMOD-V3-IO<br />
Remote certificate -<br />
Wait for remote connect<strong>io</strong>n No<br />
Remote net address 192.168.2.1<br />
Remote subnet mask 255.255.255.0<br />
Local net address 192.168.1.1<br />
Local subnet subnet mask 255.255.255.0<br />
ISAKMP-SA encrypt<strong>io</strong>n AES-128<br />
IPsec-SA encrypt<strong>io</strong>n AES-128<br />
ISAKMP-SA hash MD5<br />
IPsec-SA hash MD5<br />
DH/PFS group DH-2 1024<br />
ISAKMP-SA mode Main<br />
ISAKMP-SA lifetime (seconds) 86400<br />
IPsec-SA lifetime (seconds) 86400<br />
NAT-T On<br />
Enable dead peer detect<strong>io</strong>n Yes<br />
DPD - delay (seconds) 150<br />
DPD – timeout (seconds) 60<br />
DPD – maximum failures 5<br />
Funct<strong>io</strong>n Loading and administering certificates and keys.<br />
Upload remote<br />
certificate<br />
Upload PKCS12 file<br />
(.p12)<br />
VPN connect<strong>io</strong>ns<br />
Here load key files (*.pem, *.crt) with remote certificates and public key from<br />
remote stat<strong>io</strong>ns into the TAINY xMOD-V3-IO. To do this, the files must be<br />
saved on the Admin PC. A remote certificate is only required for the<br />
authenticat<strong>io</strong>n method with X.509 certificate.<br />
Here load the certificate file (PKCS12 file) with the file extens<strong>io</strong>n .p12 into<br />
the TAINY xMOD-V3-IO. To do this, the certificate file must be saved on the<br />
Admin PC.<br />
Caut<strong>io</strong>n<br />
If there is already a certificate file in the device, then it must be deleted<br />
before loading a new file.<br />
TAINY xMOD Page 71 of 111