324 MDS Orbit MCR/ECR Technical Manual MDS 05-6632A01, Rev. F
primary interface. If the reachability check determines that the network link is down, then that
primary route is removed and, as a result, the traffic towards the back-office network now uses the
secondary route (over Cell). If the reachability check determines that the network link is back up,
the primary route is added back and, as a result, the traffic towards the back-office network now
uses the primary route (over NX) again.
Ability to tunnel private customer traffic over public cellular network using GRE tunneling (IP-3.
OVER-GRE mode) or GRE with IPsec tunneling, in case, end-to-end security is desired. The GRE
tunnel provides a routed interface that can then be used as the outgoing interface in the secondary
route.
AP Configuration
In this use case, the AP is not involved in the failover and hence should be configured as usual with NX
interface in AP mode.
Router R1 Configuration
The R1 router in this case could be a routing appliance from Cisco or Juniper etc. Following features need
to be configured on this device:
IPsec transport mode connection – To secure GRE traffic from back-office to the Remotes over 1.
Cellular network.
GRE tunnel – To route the traffic from back-office to the Remotes over Cellular network. 2.
A network/link monitoring operation that checks connectivity to each remote over the primary 3.
interface and that enables primary route to be used when connectivity is up and secondary route to
be used when connectivity is down.
Primary and secondary routes towards each Remote LAN network. 4.
The user should refer to user manual of the specific device to configure these features.
REMOTE#1 Configuration
Following features need to be configured on this device:
IPsec transport mode connection– To secure GRE traffic from local LAN segment to back-office 1.
over Cellular network.
GRE tunnel – To route the traffic from local LAN segment to back-office over Cellular network. 2.
A network monitoring operation that checks connectivity to back-office network over the primary 3.
interface (i.e. NX) and that enables primary route to be used when connectivity is up and secondary
route to be used when connectivity is down.
Primary and secondary routes towards the back-office network. 4.
Using the Web UI
Configure IPsec Transport Mode Connection
Configure an IPsec VPN connection with host-to-host connection type. Please refer to section on 1.
VPN for help with configuring IPsec VPN using Web UI.
Configure GRE tunnel
Configure GRE tunnel interface with mode = ip-over-gre, src-address = 10.150.1.10 (the local Cell 2.
interface address) and dst-address = 10.150.1.1 (the WAN address of the R1 router).
- Navigate to Interfaces / Add/Delete Interfaces and click ‘Add’ to create new interface named
‘GRE1’:
To Next Page
Loading...
Need help?
General
