VPN configuration

Depending on agency configurations, a VPN may force all IP-based traffic to travel through its tunnel to a remote network. To let software on the MDC communicate locally to the cameras installed in the car, the traffic must be exempt from the tunnel.

A VPN administrator be available during the Axon Fleet 2 installation.

Method 1: Local network exemption (split tunnel)

Refer to your VPN provider documentation for instructions on configuring this exemption.

Example – If the local in-car network is 192.168.0.0/24, implement a rule to exempt traffic bound for this network; this View XL communicate with the cameras.

Method 2: Application exemption

Video files may be quite large. To prevent offload traffic from being steered through a remote network, add an exemption for the Fleet 2 application, Axon View XL. This will prevent View XL traffic from traversing the tunnel, mitigating potential bandwidth congestion.

Add the following exemptions:

%installdir%\axon-agent.exe – Responsible for communication with cameras, Axon Evidence, and evidence offload.
%installdir%\Axon Fleet.exe – Handles user authentication against Axon Evidence, including optional single sign on (SSO). The space in “Axon Fleet” is intentional.

Wireless offload server with VPN

When implementing a wireless offload server, design a network architecture to prevent access from outside the local network. Traffic destined for the wireless offload server should not traverse a VPN tunnel. Add a rule to exempt traffic to the wireless offload server. Failure exempt traffic from the tunnel may result in upload to the wireless offload server over the LTE connection.

VPN configuration

Method 1: Local network exemption (split tunnel)

Method 2: Application exemption

Wireless offload server with VPN

Get in touch