EW50 Industrial LTE Cellular Gateway
121
For Network-A at HQ
The following tables list the parameter configuration as an example for the "Trusted Certificate"
function used in the user authentication of IPsec VPN tunnel establishing, as shown in the above
diagram. The configuration example must be combined with the ones in "My Certificate" and "Issue
Certificate" sections to complete the setup for the whole user scenario.
[Trusted Certificate]-[Trusted Client Certificate List]
[Trusted Certificate]-[Trusted Client Certificate Import from a File]
For Network-B at Branch Office
The following tables list the parameter configuration as an example for the "Trusted Certificate"
function used in the user authentication of IPSec VPN tunnel establishing, as shown in the above
diagram. The configuration example must be combined with the ones in "My Certificate" and
"Issued Certificate" sections to complete the setup for the whole user scenario.
[Trusted Certificate]-[Trusted CA Certificate List]
[Trusted Certificate]-[Trusted CA Certificate Import from a File]
[Trusted Certificate]-[Trusted Client Certificate List]
[Trusted Certificate]-[Trusted Client Certificate Import from a File]
Scenario Operation Procedure (same as described in "My Certificate" section)
In the above diagram, "Gateway 1" is the gateway of Network-A located at headquarters and the
subnet of its Intranet is 10.0.76.0/24. It has the IP address of 10.0.76.2 for LAN interface and
203.95.80.22 for WAN-1 interface. "Gateway 2" is the gateway of Network-B located at the branch
office and the subnet of its Intranet is 10.0.75.0/24. It has the IP address of 10.0.75.2 for LAN
interface and 118.18.81.33 for WAN-1 interface. They both serve as the NAT security gateways.
Gateway 2 imports the certificates of the root CA and HQCRT that were generated and signed by
Gateway 1 into the "Trusted CA Certificate List" and "Trusted Client Certificate List" of Gateway 2.