HeartLab
Connectivity

IPSec Tunnel

Prepare and configure site-to-site IPSec tunnel details for secure network connectivity to HeartLab.

Use this guide when your onboarding plan requires a site-to-site IPSec tunnel.

Applies to

  • Customer network and firewall administrators

Share Organisation Network Details

Information to be shared with HeartLab:

  • Public router IP address
  • Local IPv4 CIDR block
  • Gateway/firewall device model

HeartLab tunnel parameters

HeartLab will return your site-specific values for:

  • Tunnel 1 IP
  • Tunnel 2 IP
  • Tunnel 1 pre-shared key
  • Tunnel 2 pre-shared key
  • Subnet details

Base requirements:

  • IKE version: 2
  • VPN type: route-based
  • DPD timeout: 30s

Phase 1 options:

  • Encryption: AES128, AES128-GCM-16, AES256, AES256-GCM-16
  • Integrity: SHA1, SHA2-256, SHA2-384, SHA2-512
  • DH groups: 2, 14-24
  • Lifetime: 28800s

Phase 2 options:

  • Encryption: AES128, AES128-GCM-16, AES256, AES256-GCM-16
  • Integrity: SHA1, SHA2-256, SHA2-384, SHA2-512
  • DH groups: 2, 5, 14-24
  • Lifetime: 3600s

Optional firewall restriction

If restricting firewall rules, allow only the HeartLab-provided IP:port pairs for required DICOM traffic.

HL7 Endpoints

Configure HL7 integrations and recipients so finalized reports can be delivered to EMR or external systems.

Kosmos

Connect a Kosmos device to HeartLab via IPSec VPN and DICOM profile configuration.

MFR
Manufacturer
HeartLab Limited 305 / 150 Karangahape Road Auckland 1010 New Zealand
UK REP
UK Responsible Person
Casus UKRP Ltd 107-111 Fleet Street London EC4A 2AB United Kingdom
AUS
Australian Sponsor
Emergo Australia Level 20 Tower II Darling Park 201 Sussex Street Sydney NSW 2000 Australia
MD Applies to HeartLab v7.2 and above Effective 0000-00-00 eIFU version 0.0.0 UDI-DI 09421907090023