Comtech EF Data CDM-625A User Manual
Page 278
CDM-625A Advanced Satellite Modem
MN-CDM625A
Ethernet-based Remote Product Management
Revision 3
7–48
‘Configuration | Managed Switch’ page (see Sect. 7.5.4.3.4) when the modem is in
Managed Switch Mode.
• When the AES Encryption FAST feature has not been purchased and is therefore disabled,
the Encryption section of this page appears as follows:
While the AES Encryption FAST feature itself is disabled, the this page may still be used to
program the Encryption and Decryption keys in anticipation of future use.
For situations where, for example, export restrictions prohibit the availability of the AES
Encryption option, the CDM-625A runs an FPGA chipset that does not allow encryption
operations. The ‘Configuration | WAN | Encryption’ page is therefore disabled: The page, when
accessed, notes the operational restriction by hiding the Encryption Key and Decryption Key
programming sections and displaying the following message in the Encryption section:
Encryption – Unencrypted Rx Traffic
Use the drop-down list to select Allow (default) or Drop. Note the following:
• Under the default Allow setting, the local modem allows receipt of unencrypted (plain text)
packets from the remote modem over the WAN, even when encryption is enabled.
• Under the Drop setting, the modem drops all unencrypted traffic received over the WAN
interface when encryption is enabled. The remote modem may therefore transmit only
encrypted data.
Encryption / Decryption Keys
A typical encryption or decryption key consists of a string of 32 characters, using any
combination of the numbers ‘0’ through ‘9’ and the letters ‘a’ through ‘f’ / ‘A’ through ‘F’.
To program a key, enter the desired 32-character string in the appropriate key row, and then
click [Set]. Any previously programmed key may be overwritten in this manner. Alternately, click
[Clear] to reset a previously programmed entry to all zeroes, and then re-enter the new key
string as instructed here.
Up to eight keys may be programmed for each function; once set, you may then select a
specified Encryption Key for active use via the ‘Configuration | Routing | Routes’ page (Sect.
The user must program all eight encryption and decryption keys before selecting
Random Key operation on the ‘Configuration | Routing | Routes’ page. Otherwise,