VPN Setup For Multiple OnCell G3150-HSDPA to One EDR-G903
Mar 26, 2015
VPN Setup For Multiple OnCell G3150-HSDPA to One EDR-G903
Confidential
Setup Diagram
192.168.126.15192.168.126.254
192.168.126.0/24MASK: 255.255.255.0Default Gateway: 192.168.126.254
Static Public IP
192.168.127.0/24MASK: 255.255.255.0Default Gateway: 192.168.127.254
192.168.127.15 192.168.127.254
Floating Public/Private IP
OnCell G31X0 Series/OnCell 5000 Series
EDR-G903
192.168.128.0/24MASK: 255.255.255.0Default Gateway: 192.168.128.254
192.168.128.15 192.168.128.254
Floating Public/Private IP
OnCell G31X0 Series/OnCell 5000 Series
2What Can You Do With More Than 128 OnCells or Need Load Balance?
Get More Than ONE Public IP and EDR-G903!
Confidential3
System Requirments
OnCell G3150_V2 FW: ocg3100_V2_2.3_10122215.rom
SIM card with Public/Private Floating IP
OnCell G3150-HSDPA FW: ocg3100-hsdpa_1.4_Build_11051315.rom
SIM card with Public/Private Floating IP
EDR-G903 FW: EDR_G903_V2.1.rom
WAN is connected to a Static Public IP
3Confidential
Confidential4
OnCell G3150_V2/G3150-HSDPA
Reset to factory default
IP1: 192.168.127.254 Submask: 255.255.255.0
IP2: 192.168.128.254 Submask: 255.255.255.0
Insert SIM and configure the PIN and APN
Enable the system log
Set system time correctly
Setup VPN (See the following page)
4Confidential
OnCell G3150-HSDPA
OnCell G3150-HSDPA (Firmware Ver.)
OnCell G3150-HSDPA (IP)
OnCell G3150-HSDPA (CellularSettings)
OnCell G3150-HSDPA (VPN Settings-1)
OnCell G3150-HSDPA (VPN Settings-2)
OnCell G3150-HSDPA (System Log Settings)
Repeat Slide 9-14 To Configure Other OnCell G3150
Confidential13
EDR-G903 Up to FWR_DEVICE_EDR_G903_V2.2.4_Build_12061815.rom
Reset to factory default
IP: 192.168.126.254 Submask: 255.255.255.0
Set WAN with a Static IP
Make sure firewall is not blocking anything
Untick the “Enable the accessible IP list” option to allow all IP connections
Under VPN > IPSec > Global Setting, Enable “All IPSec Connection”
Setup VPN (See the following page)
Please make sure “NAT” enable or disable depend on your requirement.
13Confidential
EDR-G903 (Firmware Ver.)
FWR_DEVICE_EDR_G903_V2.2.4_Build_12061815.rom
EDR-G903 (LAN IP)
EDR-G903 (WAN IP)
EDR-G903 (VPN-IPSEC-Global Setting)
EDR-G903 (VPN-IPSEC Setting-1)
EDR-G903 (VPN-IPSEC Setting-2)
Confidential20
To be able to communicate between two laptops, make sure both laptops’ network interfaces have their “Default Gateway” configured correctly (OnCell or EDR-G903).
Make sure there is only one Default Gateway on each laptop (this might happen if there are multiple network cards).
Once everything is ready, both laptops should be able to ping each other.
Once both sides are configured
20Confidential
OnCell G3150-HSDPA-1 (System Log)
VPN Connection works
OnCell G3150-HSDPA-2 (System Log)
VPN Connection works
EDR-G903 (IPSEC Status)
Ping Device on EDR-G903 From Both Laptops Connected to OnCell G3150-HSDPA
First G3150
Second G3150
Troubleshooting In the current design, EDR-G903 is acting as the responder (server)
and OnCell is acting as the initiator (client).• EDR-G903
• It has a public IP and you can ping it from the OnCell Device• If it is behind a firewall, make sure port UDP:500 and UDP:4500 (if NAT-T is
enabled) are not blocked• OnCell
• If OnCell is behind a firewall, make sure port UDP:500 and UDP:4500 (if NAT-T is enabled) are not blocked
• Make sure the above two ports are not blocked by the SIM card Operator
If VPN tunnel is not established after your configuration• Enable OnCell System Log and check which phase it failed on• Double check the failed phase• Capture Wireshark packets from the EDR-G903• Export configuration files from both EDR-G903 and OnCell• Send Moxa TS the capture Wireshark log, configuration files, system log
2727Confidential