Note: The IR800, IR1101, and IR1800 series devices provide the same VPN functionality.
Virtual Private Networks (VPN) enable you to establish a protected network connection when using public networks. VPNs encrypt your internet traffic and disguise your online identity by hiding your IP Address. The VPN provides a private tunnel (default value is 2 for legacy and 949 for standard configurations) for data and communications while using public networks and makes it more difficult for third parties to track and steal data.
In a VPN, the headend is the termination point for the VPN tunnels. The IR1800 allows you to set up a primary and backup VPN for the device that allows you to establish a secure, encrypted connection between the device and the remote network. For more information on using headends on Cisco devices, see Enterprise Network Integration.
The Secondary Headend provides a backup if the Primary Headend does not function. For more information on using Headends on Cisco devices, see Enterprise Network Integration.
You need to configure a WAN uplink before configuring the VPN. When the WAN uplink is configured, then the VPN tunnel can be established using any of the supported WAN uplink interfaces as the VPN tunnel source interfaces (Ethernet, Cellular, or WGB WAN).
To configure VPN settings:
Note: The default Tunnel value for a legacy configuration group is 2 and the default value for a standard configuration group is 949. These default values cannot be edited or updated.
(Optional) Enable the Primary Headend. (Note: The default setting for the Primary Headend is Disabled.)
If you enable the Primary Headend:
a. (Required) Enter a Headend IP Address (the IP address for the VPN tunnel).
b. (Required) Enter the Headend Pre-shared key (PSK). This key is used when you create a site-to-site VPN tunnel.
(Optional) Enable the Backup Headend. (Note: The default setting for the Secondary Headend is Disabled.)
If you enable the Secondary Headend:
a. (Required) Enter a Backup Headend IP Address (the IP address for the VPN tunnel).
b. (Required) Enter the Backup Headend Pre-shared key (PSK). This key is used when you create a site-to-site VPN tunnel.
Select either True or False for the Interface tunnel your Headend is using. (Note: Depending on the model of IR1800 and the modem's setup, you have four options: Cellular 1, Cellular 2, Ethernet, or WGB).
Click Save. A success notice opens in the bottom right.