Matching results

How to configure my infrastructure when devices are communicating with AirVantage through a VPN?

Set up a VPN with AirVantage Platform

AirVantage provides, as a chargeable option, a VPN between AirVantage and the infrastructure in which the devices are, be it your own infrastructure or a private APN.

If you want to set up a VPN with AirVantage, please contact your Sierra Wireless Partner or Regional Sales Manager (RSM).

In order to finalise the set up process, you are required to fill out a VPN Option application form and provide the following information:

  • Tunnel Endpoint IP address: The public IP address of the tunnel endpoint on your side
  • AirVantage Server IP Address: The desired IP address for AirVantage inside the VPN tunnel
  • Remote Accessible Host/Network: The network of the devices that will use the VPN
  • Phase 1 Parameters (IKE Proposal):
    • Pre-shared Key transmittal method (Phone, Fax, SMS, e-mail)
    • Hash Algorithm
    • Encryption Algorithm
    • Key Exchange (Diffie-Hellman Group)
    • Data Lifetime [seconds]
    • Negotiation Mode
  • Phase 2 Parameters (IPSec Proposal):
    • Transport Protocol & Hash Algorithm
    • Encryption Algorithm
    • Perfect Forward Secrecy (Diffie-Hellman Group)
    • Data Lifetime [seconds]

Once this form has been reviewed by AirVantage operation team, you will be provided with the public end point IP address of the tunnel on AirVantage side and the PSK (Pre-Shared Key) and you can set up the VPN endpoint.

Restrictions:

  • The VPN tunnel is only meant to be used for device traffic. All access to the AirVantage web UI and APIs must be performed through a public Internet endpoint.
  • Server initiated communications are not supported inside the VPN.

Configure your infrastructure

In order for devices to communicate with AirVantage, you will have to:

  1. Set up a DNS
  2. Route AirVantage protocols through the tunnel

Set up a DNS

You have to set up DNS that will resolve several Host Names to the AirVantage IP addresse inside the VPN:

  • eu.m2mop.net
  • m2mop.net
  • www.wavecomservices.com
  • eu.airvantage.net
  • bs.airvantage.net
  • lw.eu.airvantage.net

You will also need to configure your network or devices in order to make the devices use this DNS.

The DNS is mandatory in order to allow a number of key features of AirVantage such as firmware upgrades, to work properly.

Set up routing

You have to route the following protocols through the VPN:

  • HTTP (TCP/80)
  • HTTPS (TCP/443)
  • M3DA (TCP/44900)
  • MQTT (TCP/1883)
  • MQTT over SSL (TCP/8883)
  • LWM2M (UDP/5684 and UDP/5686)
TOP