Local Services -> DynDNS Client -> DynDNS Update -> New
Configuration of elmeg hybird 120 |
In order for remote devices to be able to connect to the elmeg hybird 120™ via the Internet, these must also be remotely accessible on the DSL connection. Provided the elmeg hybird 120™ is connected to a DSL connection with a static IP address (e.g. Telekom Business connections), then this availability shall apply given the static IP address.
If the elmeg hybird 120™ is used on a connection with a dynamically assigned IP address, then the external IP address can be determined via an external service provider, e.g. www.dyndns.org. The service provider used must be set in the elmeg hybird 120™. To do this, go to the following menu:
Go to Local Services -> DynDNS Client -> DynDNS Update -> New.
Local Services -> DynDNS Client -> DynDNS Update -> New
Proceed as follows to perform DynDNS registrations:
For Host Name enter the full name as registered with the DynDNS provider. In our example, this is bintec elmeg.dyndns.biz . The elmeg hybird 120™ notifies the separate external IP address to the service provider, and the latter responds to queries using the host name bintec elmeg.dyndns.biz with the associated IP address.
Select the interface of the Internet Service Provider under Interface; here it is Telekom , for example.
Enter the user name as registered with the DynDNS provider under User Name; here it is bintec elmeg , for example.
Enter the Password as registered with the DynDNS provider, (Personal Password) .
Select the Provider with which the above data is registered; here it is dyndns .
Activate the Enable Update function.
Confirm with OK.
An IP address pool is specified in the IP Pools menu, from which an address is assigned to the VPN client at tunnel setup. In our example, the IP address range from the local network is defined for the iPhone, e.g. 192.168.1.10 to 192.168.1.10 (i.e. an actual IP address).
Go to VPN -> IPSec -> IP Pools -> Add.
VPN -> IPSec -> IP Pools -> Add
Proceed as follows to set up an IP pool:
Enter the name of the IP pool under IP Pool Name, e.g. iPhone .
For IP Pool Range enter the first IP address from the local network in the first field; here it is 192.168.1.10 , for example.
Enter the last IP address from the local network in the second field; here it is 192.168.1.10 , for example.
Confirm with OK.
A local server must be used for advanced IPSec authentication (XAuth). Perform all necessary settings in the XAuth Profile menu.
Go to VPN -> IPSec -> XAUTH Profiles -> New
VPN -> IPSec -> XAUTH Profiles -> New
To create an XAUTH profile, proceed as follows:
Enter a Description for the IPSec authentication, e.g. iPhone .
Select Server as the Role.
Under Mode, select Local . Authentication is carried out via a local list.
Enter the authentication name of the client (Name) and the authentication password (Password) under User, here it is My-iPhone and (Personal Password) , for example. A separate name along with a password must be added for each user/iPhone.
Confirm with OK.
In the Phase 1 Profiles menu, you can define the Phase 1 (IKEv1) settings.
|
Note |
|---|---|
|
Please note that not all cipher and hash methods are supported by the iPhone. Successfully tested examples include, for example: AES/MD5, AES/SHA1, DES/MD5, DES3/MD5. |
|
Go to VPN -> IPSec -> Phase 1 Profiles (IKEv1) -> New
VPN->IPSec->Phase 1 Profiles (IKEv1)->New
Proceed as follows:
Enter a Description of the profile, e.g. iPhone .
Enter 28800 seconds for the Lifetime.
Leave all the other settings as they are.
Click Advanced Settings.
Select Dead Peer Detection (Idle) for Alive Check. This option is used to carry out a check at certain intervals depending on forthcoming data transfers.
Enable NAT Travesal. NAT Traversal also enables IPSec tunnels to be opened via one or more devices on which network address translation (NAT) is activated.
Confirm with OK.
In the next step, the profile for Phase 2 is amended.
Go to VPN -> IPSec -> Phase 2 Profiles -> New
VPN->IPSec->Phase-2 Profiles->New
Proceed as follows:
Enter a Description of the profile, e.g. iPhone .
Enter 14400 seconds for the Lifetime.
Leave all the other settings as they are.
Click Advanced Settings.
Enable IP Compression. If data is compressed effectively, this can result in higher performance and a lower volume of data to be transferred.
Leave Alive Check set to Automatic Detection .
Confirm with OK.
In the last step, a new connection partner for IPSec is added in the IPSec Peers menu.
Go to VPN -> IPSec -> IPSec Peers-> New.
VPN -> IPSec ->IPSec Peers-> New
Proceed as follows to make the settings in the IPSec peer:
Enter a description of the connection under Description, e.g. iPhone .
For Peer ID, select Key ID and enter an ID for the partner, e.g. iPhone Peer ID .
In Preshared Key, enter an individual password for the connection, (My Personal Preshared Key) .
For IP Address Assignment, select Server in IKE Configuration Mode .
Under IP Assignment Pool, select iPhone .
Under Local IP Address, enter the IP address of the elmeg hybird 120™. The IP address is 192.168.0.250 in its ex works state.
Click Advanced Settings.
Select iPhone for Phase 1 Profile.
Select iPhone for Phase 2 Profile.
Select iPhone for XAUTH Profile.
Leave the remaining settings unchanged and confirm them with OK.
The settings for the IPSec peer
iPhone
are hereby completed. The status is displayed on the overview page of the IPSec
peer
iPhone
. The
symbol shows that the tunnel has not yet been built.
Go to VPN -> IPSec -> IPSec Peers.
VPN -> IPSec ->IPSec Peers
In the next step, the VPN tunnel must be configured on the iPhone. Once configuration is completed on the
iPhone, a VPN tunnel to the
elmeg hybird 120™ can then be built. A successfully built VPN tunnel is indicated
with a
arrow,
indicating that data can now be transmitted via the tunnel. In addition, the Media5-fone iPhone app can now be logged
in to the
elmeg hybird 120™ as an internal VoIP telephone via this tunnel.
Once the VPN tunnel is successfully configured on the iPhone, the overview page will then look as follows:
VPN -> IPSec ->IPSec Peers
| Copyright© Version 01/2020 bintec elmeg GmbH |