Currently, only A and B scenarios are supported. There will be more scenarios in the future.
Scenario A (typical)
Terminals connect to the server via the CAS application's built-in OpenVPN client's secure channel.
This is the
...
default implementation for Operators.
No dedicated VPN routers required/deployed for network attached BATMs.
...
Scenario B (dedicated hardware)
Terminals connect to the server via a VPN provided by additional hardware, such as a router.
The VPN configuration is not distributed by CAS.
This scenario is considered more secure than Scenario A
...
.
...
Notes
Gate service
Listens for terminal’s pairing requests. In the event of successful pairing, the gate service sends the terminal the VPN configuration, including information on how to connect to the master service. Prior to pairing, the terminal's VPN configuration must already exist.
...