- Overview
- Welcome
- Get Started
- How to order
- Set up the IoT Dashboard
- Release notes
- Edge Device release notes 2023
- Edge Device release notes 2022
- Edge Device release notes 2021
- Edge Device release notes 2020
- Application Manager
- Cisco Cyber Vision release notes
- Secure Equipment Access release notes 23
- Secure Equipment Access release notes 22
- Secure Equipment Access release notes 21
- Edge Intelligence
- Industrial Asset Vision
- Industrial Wireless release notes
- Log in
- Upgrading Cisco IoT OD
- Update network device firmware
- Access control
- Cisco Cross Platform Navigator
- Audit user actions
- Required accounts
- Switch organizations or Services
- View cloud service status
- Feedback form
- Edge Device Manager (EDM)
- Requirements and release notes
- EDM Sandbox
- Onboard network devices
- Configure network devices
- Manage network devices
- Monitor network devices
- EDM API
- Application management
- Application management troubleshooting tips
- Application Manager
- Cisco Cyber Vision
- Secure Equipment Access
- Edge Intelligence
- Industrial Asset Vision
- Overview
- Prerequisites
- Quick start guide
- View status and troubleshoot
- Create alerts and generate reports
- RF Performance Tool
- Add Templates
- Stream sensor data
- Add Geofences
- Group sensors and assets
- Northbound APIs
- Using APIs
- APIs
- Overview
- API
- Model
- AdditionalAttributesMap
- Asset
- AssetListResponse
- AssetRequest
- AssetType
- AssetTypeListResponse
- AssetTypeRequest
- AssignSensorsRequest
- AssignSensorsResponse
- CreateSensorRequest
- CustomAttributeData
- CustomAttributeMetadata
- Error
- LiveDataItem
- Location
- LocationData
- LocationDataResponse
- OnboardSensorRequest
- OnboardSensorResponse
- PageInfo
- Sensor
- SensorListResponse
- TabularTelemetryDataResponse
- TelemetryData
- TelemetryDataResponse
- TelemetryValue
- UnassignSensorsRequest
- UnassignSensorsResponse
- UpdateSensorRequest
- Industrial Wireless
- Solution Design
- Developer Resources
- Community and Support
VPN
Note: The IR800, IR1101, and IR1800 series devices provide the same VPN functionality.
Virtual Private Networks (VPN) enable you to establish a protected network connection when using public networks. VPNs encrypt your internet traffic and disguise your online identity by hiding your IP Address. The VPN provides a private tunnel (default value is 2 for legacy and 949 for standard configurations) for data and communications while using public networks and makes it more difficult for third parties to track and steal data.
Primary Headend
In a VPN, the headend is the termination point for the VPN tunnels. The IR1800 allows you to set up a primary and backup VPN for the device that allows you to establish a secure, encrypted connection between the device and the remote network. For more information on using headends on Cisco devices, see Enterprise Network Integration.
Secondary Headend
The Secondary Headend provides a backup if the Primary Headend does not function. For more information on using Headends on Cisco devices, see Enterprise Network Integration.
Interfaces
You need to configure a WAN uplink before configuring the VPN. When the WAN uplink is configured, then the VPN tunnel can be established using any of the supported WAN uplink interfaces as the VPN tunnel source interfaces (Ethernet, Cellular, or WGB WAN).
To configure VPN settings:
Note: The default Tunnel value for a legacy configuration group is 2 and the default value for a standard configuration group is 949. These default values cannot be edited or updated.
(Optional) Enable the Primary Headend. (Note: The default setting for the Primary Headend is Disabled.)
If you enable the Primary Headend:
a. (Required) Enter a Headend IP Address (the IP address for the VPN tunnel).
b. (Required) Enter the Headend Pre-shared key (PSK). This key is used when you create a site-to-site VPN tunnel.
(Optional) Enable the Backup Headend. (Note: The default setting for the Secondary Headend is Disabled.)
If you enable the Secondary Headend:
a. (Required) Enter a Backup Headend IP Address (the IP address for the VPN tunnel).
b. (Required) Enter the Backup Headend Pre-shared key (PSK). This key is used when you create a site-to-site VPN tunnel.
Select either True or False for the Interface tunnel your Headend is using. (Note: Depending on the model of IR1800 and the modem's setup, you have four options: Cellular 1, Cellular 2, Ethernet, or WGB).
Click Save. A success notice opens in the bottom right.
VPN settings screen: Primary Headend enabled Backup (Secondary) Headend disabled
