Cradlepoint MBR1200 User manual
TECHNOLOGY
SAMPLE USE CASE USING TWO MBR1200’s
Alice and Bob both have an MBR1200. For Alice and Bob to configure a secure tunnel between them, they need
exchange the following information about their network configuration: a public IP address, private network
address range, and a secret password they both know.
Alice’s Network Settings
Public IP: 1.1.1.1
Private Network: 10.0.1.0 - 255.255.255.0
Secret Password: wolfman8
First, Alice enters in the following information into her router on the Tools -> IPSec/VPN Administration page:
1) Name: She enters in “Tunnel-to-Bob”
2) Remote Gateway: She enters in Bob’s IP Address of “2.2.2.2”
3) Remote Network: She enters in Bob’s Network Address of “10.0.2.0”
4) Pre Shared Key: She enters in the secret password “wolfman8”
Next, Bob enters in the following information into her router on the Tools -> IPSec/VPN Administration page:
1) Name: She enters in “Tunnel-to-Alice”
2) Remote Gateway: She enters in Bob’s IP Address of “1.1.1.1”
3) Remote Network: She enters in Bob’s Network Address of “10.0.1.0”
4) Pre Shared Key: She enters in the secret password “wolfman8”
After Alice & Bob save each of their policies, the tunnel will automatically be established when they want to
connect to each other over the Internet.
Finally, apply the full set of defaults on the IPSEC VPN Administration page (on reverse side).
For more information on VPN Configuration, please visit www.cradlepoint.com/knowledge-base
Latest compatibility information available at cradlepoint.com
Connects with any WiFi–enabled or Ethernet Device
VPN Quick Start Guide
Bob’s Network Settings
Private IP: 2.2.2.2
Private Network: 10.0.2.0 - 255.255.255.0
TECHNOLOGY
SAMPLE USE CASE USING AN MBR1200 and CISCO ASA 5505
Below is the basic settings for the MBR1200 and the Cisco ASA 5505.
Match up the numbers to the specific information required.
MBR1200 Configuration
1) Name: Test Connection
2) Remote Gateway: 192.168.1.150 (Static config DHCP will break this)
3) Remote Network: 192.168.10.0
4) Remote Submask: 255.255.255.0
5) Local Network: 192.168.0.0
6) Local Submask: 255.255.255.0
7) Hash Algorithm: MD5
8) Cipher Algorithm: AES
9) DH Group: Group 1
10) Phase 1 Key Lifetime: 28800 Seconds
11) Phase 2 Key Lifetime: 3600 Seconds
12) Pre-Shared Key: wolfman8
Cisco ASA 5505 Configuration
Outside IP: 192.168.1.150 (DHCP Leased form 192.168.1.1)
Inside IP: 192.168.10.1 (DHCP Leased form 192.168.1.1)
interface Vlan1
nameif inside
security level 0
ip address 192.168.10.1 255.255.255.0 (5,6)
interface Vlan2
nameif outside
security level 0
ip address dhcp setroute
interface Ethernet 0/0
switchport access vlan 2
access list outside_access_in extended permit icmp any any
access list outside_1_cryptomap extended permit ip 192.168.10.0
255.255.255.0 192.168.0.0 255.255.255.0 (3,4)
access list outside_nat0_outbound extended permit ip 192.168.10.0
255.255.255.0 192.168.0.0 255.255.255.0 (3,4)
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1 192.168.10.0 255.255.255.0 (3,4)
access group outside_acess_in in interface outside
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac (7,8)
crypto map outside_map 1 match address outside_1_cryptomap (2,3)
crypto map outside_map 1 set pfs group1 (9)
crypto map outside_map 1 set peer 192.168.1.130 (2)
crypto map outside_map 1 set transform-set ESP-AES-128-MD5 (7,8)
crypto map outside_map 1 set security-association lifetime seconds 3600 (11)
crypto map outside_map 1 set phase1-mode aggressive group1 (9)
crypto map outside_map interface outside
crypto isakmp enable outside
crypto isakmp policy 1
authentication pre-share (12)
encryption aes (8)
hash md5 (7)
group 1 (9)
lifetime 28800 (10)
tunnel group 192.168.1.130 type ipsec-121 (2)
tunnel group 192.168.1.130 ipsec-attributes (2)
pre-share key wolfman8 (12)
Sample MBR1200 Default Screen
1
2
3
4
5
6
7
8
9
10
11
12
Latest compatibility information available at cradlepoint.com
192.168.1.130 192.168.1.150
192.168.0.0/24 192.168.10.0/24
MBR1200 Cisco ASA 5505
IIP Configuration Diagram
Connects with any WiFi–enabled or Ethernet Device
Other manuals for MBR1200
5
Other Cradlepoint Wireless Router manuals
Cradlepoint
Cradlepoint IBR350 User manual
Cradlepoint
Cradlepoint AER1650 Series User manual
Cradlepoint
Cradlepoint MBRB User manual
Cradlepoint
Cradlepoint PHS300 User manual
Cradlepoint
Cradlepoint COR IBR600 User manual
Cradlepoint
Cradlepoint MBR1200 User manual
Cradlepoint
Cradlepoint CBA250 User manual
Cradlepoint
Cradlepoint COR IBR600 User manual
Cradlepoint
Cradlepoint CR4250 User manual
Cradlepoint
Cradlepoint COR IBR1100 series User manual
Cradlepoint
Cradlepoint E3000-C18B User manual
Cradlepoint
Cradlepoint MBR95 User manual
Cradlepoint
Cradlepoint PHS300 Troubleshooting guide
Cradlepoint
Cradlepoint WIPIPE MBR1000 User manual
Cradlepoint
Cradlepoint MBR1400 Series User manual
Cradlepoint
Cradlepoint W2005 User manual
Cradlepoint
Cradlepoint CTR500 User manual
Cradlepoint
Cradlepoint CTR35 User manual
Cradlepoint
Cradlepoint COR IBR600 User manual
Cradlepoint
Cradlepoint MBR1200B User manual
