Home

RUT950 Users manual

Contents

1. Link Text Configuration you can customize various parameters of landing page components 119 8 11 4 2 Template In this page you can review landing page template HTML code and modify it General Template Landing Page Template Editor odify login page template by your needs lt head gt lt meta charset utf 8 gt margin top 1 Spx text align center text align center 120 8 11 5 Radius server configuration An authentication and accounting system used by many Internet Service Providers ISPs When you dial in to the ISP you must enter your username and password This information is passed to a RADIUS server which checks that the information is correct and then authorizes access to the ISP system General Restricted Internet Access Logging Landing Page Radius Server Statistics Radius Server Configuration General Settings Enable Remote access Accounting port Authentication port Users Configuration Settings Enable User name Reply message Idle timeout Session timeout Download bandwidth Upload bandwidth There are no users created yet Password Clients Configuration Settings Client name IP address Netmask Radius shared secret There are no clients created yet Field name Explanation 1 Enable Activates an authentication and accounting system 2 Remote access Activates remote access to radius server 3 Accounting port Port on which to listen for acounting 4 Authentication p
2. he 8900101 101010 uppoo 000004 0 0 00001 1010 101U www e o SU O gt y gt 0 a 00000001 0C 000001 0 prop 1000 000 000000 000000 01 0111 C 0 0000001 000000 00001 00000 0 0900004 90000001 10 0 00000001 0 0000001 0 F y ry A 100001 407 001 O 40 SEN Legal notice Copyright 2014 TELTONIKA Ltd All rights reserved Reproduction transfer distribution or storage of part or all of the contents in this document in any form without the prior written permission of TELTONIKA Ltd is prohibited The manufacturer reserves the right to modify the product and manual for the purpose of technical improvement without prior notice Other product and company names mentioned herein may be trademarks or trade names of their respective owners Attention Before using the device we strongly recommend reading this user manual first Do not rip open the device Do not touch the device if the device block is broken All wireless devices for data transferring may be susceptible to interference which could Q affect performance 46 The device is not water resistant Keep it dry Device is powered by low voltage 9V DC power adaptor Table of Contents YES ejeje O St saan A E A 2 e e Eze o 2 SAFE INFORMA TON aspirina lca d 8 BA PP E neceegadaresecaraent tenant gsaeaeeneaneneeennssiaecantareneeensntgeanees 9 1 A 10 2 PEC OI NG ratico 10 A a a PPP nn O E E 10 le a o e o PO E E E EEE E EE E E
3. 1 min 10 5 mins 18 15 mins 17 94556 kB 126452 kB 74 10828 kB 126452 kB 8 4308 kB 126452 kB 3 Field Name Sample value Explanation Router Name 2 Hostname 3 Router Model Firmware Version 5 Kernel Version 6 Local Time 7 Uptime 8 Load Average 9 Temperature Teltonika Teltonika Teltonika RUT9xx RUT9XX T 00 00 372 3 10 36 2014 11 03 14 33 14 Oh 40m 46s since 2014 11 03 13 53 13 1 min 11 5 mins 18 15 mins 17 Name of the router hostname of the routers system Can be changed in System gt Administration Indicates how router will be seen by other devices on the network Can be changed in System gt Administration Routers model Shows the version of the firmware that is currently loaded in the router Newer versions might become available as new features are added Use this field to decide whether you need a firmware upgrade or not The version of the Linux kernel that is currently running on the router Shows the current system time Might differ from your computer because the router synchronizes it s time with an NTP server Format year month day hours minutes seconds Indicates how long it has been since the router booted up Reboots will reset this timer to 0 Format day s hours minutes seconds since year month day hours minutes seconds Indicates how busy the router is Let s examine some sample output 1 min 11 5 mins 18 15 mins 1
4. Status Diagnose Create Shortcut Delete Rename Properties 13 5 Select Internet Protocol Version 4 TCP IPv4 and then click 6 By default the router is going to have DHCP enabled which Properties means that if you select Obtain an IP address automatically and Obtain DNS server address automatically the router A should lease you an IP and you should be ready to login Networking Sharing Connect using Intel R PRO Wireless 39454BG Network Connection Internet Protocol Version 4 TCR AIP Properties General Alternate Configuration This connection uses the following items Y 0 Client for Microsoft Networks ou can get 1P settings assigned automatically iF your network supports Y El QoS Packet Scheduler this capability Otherwise you need to ask your network administrator E File and Printer Sharing for Microsoft Networks For the appropriate IP settings W GCT WiMax Protocol Driver Internet Protocol Version 6 TCP IP v6 O OR Internet Protocol Version 4 TCP IP y4 a Obtain an IP address automatically V a Link i i Link Layer Topology Discovery Mapper 1 0 Driver Use the following IF address M de Link Layer Topology Discovery Responder Install Uninstall Properties Description Transmission Control Protocol Intemet Protocol The default wide area network protocol that provid
5. up Sg shipping Tool a sticky Motes aay if F Faint qi XPS Viewer Calculator Control Panel 19 a Find and fix networking and connection problems SE Set up a connection or network Se Set up a virtual private network VPN connection SE View network connections E Manage network passwords SE Add a wireless device to the network T Connect to a network ai Windows Fax and Scan Identify and repair network problerns les 9 J ncllint A Rernote Desktop Connection G COMODO Antivirus All Prograrns Search programs and files Cy wire shark dictionary usr Cisco dictionary Usertdanual DPH401 en Wt UserhManualDPH411 en na 44 See more results 3 Click View network connections 4 Then right click on your wireless device that you use to connect to other access points It is the one with the name Control Panel 10 Wireless Network Connection and has signal bars on its Se View network status and tasks Icon kk S a se View network connections r kk g mesm View network computers j Network and sharing Center g UE Control Panel Network and Internet Network Connections d n i a View devices and printers View network connections Organize v Disable this network device Diagnose this connection kk a de Manage wireless netuvo rks Ae Wireless Network Connection Disabled ffl Intel R PRO Wireless 39 Enable
6. 8 9 1 3 Parameters of HTTP POST GET string MESA Explanation IP_ADDRESS IP address of your router 2 MESSAGE_INDEX SMS index in memory 3 PHONE NUMBER Phone number of the message receiver Note Phone number must contain country code Phone number format is OO COUNTRY_CODE RECEIVER_ NUMBER E g 0037062312345 370 is country code and 62312345 is receiver phone number 4 MESSAGE_TEXT Text of SMS Note Maximum number of characters per SMS is 160 You cannot send longer messages It is suggested to use alohanumeric characters only After every executed command router will respond with return status 8 9 1 4 Possible responses after command execution ee Explanation len OK Command executed successfully 106 2 ERROR An error occurred while executing command 3 TIMEOUT No response from the module received 4 WRONG NUMBER SMS receiver number format is incorrect or SMS index number is incorrect 5 NO MESSAGE There is no message in memory by given index 6 NO MESSAGES There are no stored messages in memory 8 9 1 5 HTTP POST GET string examples http 192 168 1 1 cgi bin sms_read number 3 http 192 168 1 1 cgi bin sms_send number 00370612123458 text test http 192 168 1 1 cgi bin sms_delete number 4 http 192 168 1 1 cgi bin sms_list http 192 168 1 1 cgi bin sms_total 8 9 2 Email to SMS Post Get Email To SMS Scheduled SMS Auto Reply SMS Forwarding SMPP POP3 Email To SMS Configuration Email To SMS Settings Enable
7. Lan IP address IF netmask IP broadcast yr 36 F Use pppd mode internet mncO12 moose 37 060000001 CHAP Y 3G preferred yr 192 168 1 1 255 255 255 0 192 168 1 255 Send Configuration Message Generate Generate Phone number 3 7060000001 Serial number 12345680 Send Send MET A Generate SMS New Generate new SMS settings or use current device From current configuration configuration 2 Mobile Enable Disable Include configuration for mobile network 3 WAN Enable Disable Include configuration forWAN Wide Area Network 4 LAN Enable Disable Include configuration forLAN Local Area Network 5 Interface Wired Interface type used for WAN Wide Area Network Mobile connection 6 Protocol Static DHCP Network protocol used for network configuration parameters management 7 IP address 217 147 40 44 IP address that router will use to connect to the internet 8 IP netmask 255 255 255 0 That will be used to define how large the WAN Wide Area Network network is 11 IP gateway 217 147 40 44 The address where traffic destined for the internet is 103 routed to 12 IP broadcast 217 147 40 255 A logical address at which all devices connected to a multiple access communications network are enabled to receive datagrams 13 Primary SIM card SIM1 SIM2 A SIM card that will be used 14 Mobile connection Use pppd mode An underlying agent that will be used for mobile data Use ndis
8. Name Displays Wan interface name and changes interface priority the interface at the table top has the highest priority Displays protocol used by Wan interface 52 5 IP Address Displays IP address acquired by specific interface 6 Sort Sorts table rows and changes interface priority the highest interface has highest priority 7 2 2 Common configuration Common configuration allows you to configure your TCP IP settings for the wan network Common Configuration General Setup Advanced Settings Protocol DHCP Really switch protocol Switch protocol You can switch between the Static DHCP or PPPoE protocol by selecting the protocol that you want to use and then pressing Switch Protocol 7 2 2 1 General Setup 7 2 2 1 1 Static Common Configuration General Setup Advanced Settings Protocol Static IPv4 address 192 168 99 162 IPv4 netmask 255 255 255 0 IPv4 gateway 192 168 99 254 IPv4 broadcast 192 168 99 255 Use custom DNS servers 8 8 8 8 8 8 6 6 This is the configuration setup for when you select the static protocol MIE ET EEE 1 IPv4 address 192 168 99 162 Your routers address on the WAN network 2 IPv4 netmask 255 255 255 0 A mask used to define how large the WAN network is 3 IPv4 gateway 192 168 99 254 Address where the router will send all the outgoing traffic 4 Pv4 broadcast 192 168 99 255 Broadcast address autogenerated if not set It is best to leave this blank unless you kno
9. POPS server pop gmail com Server port 995 User name admin Password admini Secure connection SSL Check email every 1 Minutes Field name Values Notes Enable Enable Disable Allows to convert received Email to SMS 2 POP3 server pop gmail com POP3 server address 3 Server port 995 Server authentication port 4 Username admin User name using for server authentication 5 Password admin01 Password using for server authentication 6 Secure connection Enable Disable SSL is a protocol for transmitting private documents SLL via the Internet SSL uses a cryptographic system that uses two keys to encrypt data a public key known to everyone and a private or secret key known only to the recipient of the message 7 Check mail every Minutes Mail checking period Hours Days 107 8 9 3 Scheduled Messages Scheduled messages allows to periodically send mobile messages to specified number Post Get Configuration Email To SMS Scheduled Messages Auto Reply Scheduled Messages Configure time and text for scheduled messages Messages To Send Recipients number Sending Interval Enable There are no scheduled messages created yet Scheduled messages Configuration Phone number Message sending interval Day 108 8 9 3 1 Scheduled Messages Configuration Post Get Email To SMS Scheduled SMS Auto Reply SMS Forwarding SMPP Scheduled Messages Configuration Modify scheduled message Enable Re
10. an IP address 192 168 Properties Subnet mask 255 255 Default gateway 192 168 Obtain DAS server address automatically Use the Following ONS server addresses Preferred DNS server 192 168 Alternate DNS server 5 6 Validate settings upon exit oe o cancel Right click on the Wireless network icon and select Connect Disconnect A list should pop up with all available wireless networks Select Teltonika and click connect Then we launch our favorite browser and enter the routers IP into the address field e 10216811 Press enter If there are no problems you should be greeted with a login screen such as this Authorization Required Please enter your username and password Username admin Password Enter the default password which is admin01 into the Password field and then either click Login with your mouse or press the Enter key You have now successfully logged into the RUT950 From here on out you can configure almost any aspect of your router 15 4 Operation Modes The RUT9xx series router supports various operation modes It can be connected to the internet WAN via mobile standard Ethernet cable or via a wireless network When connecting to the internet you may also backup your main WAN connection with one or two backup connections Any interface can act like backup if configured so At first router uses its main WAN connect
11. considered a flood if it exceeds the allowed rate 4 TCP SYN cookies Enable Disable Enable the use of SYN cookies particular choices of initial TCP sequence numbers by TCP servers 75 7 6 6 2 Remote ICMP requests Attackers are using ICMP echo request packets directed to IP broadcast addresses from remote locations to generate denial of service attacks Remote ICMP requests Enable ICMP requests Enable ICMP limit Limit period Second Y Limit 10 Limit burst a Field Name Sample value Explanation 1 Enable ICMP requests Enable Disable Blocks remote ICMP echo request type 2 Enable ICMP limit Enable Disable Enable ICMP echo request limit in selected period 3 Limit period Second Minute Hour Day Select in what period limit ICMP echo request 4 Limit 10 Maximum ICMP echo requestduring the period 5 Limit burst 5 Indicating the maximum burst before the above limit kicks in 7 6 6 3 SSH Attack Prevention Prevent SSH Allows a user to run commands on a machine s command prompt without them being physically present near the machine attacks by limiting connections in defined period SSH Attack Prevention Enable SSH limit Limit period Limit Limit burst a Field Name Sample value Explanation 1 Enable SSH limit Enable Disable Enable ssh connections limit in selected period 2 Limit period Second Minute Hour Day Select in what period limit ssh connections 3 Limit 10 Maximum ssh connections d
12. 0 0 0 0 0 0 0 0 0 Indicates where a TCP IP packet with a specific IP address should be directed 3 IPv6 Gateway 0 0 0 0 0 0 0 0 0 Indicates through which gateway a TCP IP packet should be directed 4 Metric FFFFFFFF Metric number indicating interface priority of usage 33 6 7 Realtime Graphs Real time graphs show how various statistical data changes over time 6 7 1 Mobile Signal Strenght Displays mobile signal strength variation in time measured in dBm Mobile Signal Load Traffic Wireless Connections Mobile Signal Strength 3 minutes window 1 second interval Connection type 3G WCDMA Signal 72 dBm Average 72 0 dBm Peak 72 dBm 2G GSM 2G GPRS 2G EDGE 3G WCDMA 3G HSDPA 3G HSUPA 3G HSPA 3G HSPA 3G DC HSPA 4G LTE Field Name Sample Value Explanation 1 Connection type 3G WCDMA Type of mobile connection used 2 Signal 72 dBm Current signal strength value 3 Average 72 0 dBm Average signal strength value 4 Peak 72 dBm Peak signal strength value 34 6 7 2 Realtime Load This tri graph illustrates average CPU load values in real time The graph consists out of three color coded graphs each one corresponding to the average CPU load over 1 red 5 orange and 15 yellow most recent minutes Mobile Signal Load Traffic Wireless Connections Realtime Load 3 minutes window 3 seconds interval 1 Minute Load 0 83 Average 0 86 Peak 1 50 5 Minutes Load 0 66 Aver
13. 122 8 12 2 IPERIOGIC REDON code coc lolo 123 Sda A a 124 O O 125 Ot CONTE UAT OM WI oa 125 A O 127 O AAA AMO ae 128 ToL GENET ILa O 128 TZ TAQUD IES NOOO 129 SS A e io e edo 130 DiS DIdenostES tad 132 935 MAC CIOMG dodo la dio ad 132 LG O Y AY FO PEO O E A A O 133 do MONO INE 134 A USES CAD ii A A AA AA A AE en 134 A corsair T T enc ea salads fits ease E ET EA ae ead aaaun mae 135 3 6 FEMI Piensos tt EE 135 Ord EIN Oi is 135 902 e o An 136 A O AA Poo O o NE T A A accede eee decuueh aanencneas 137 97 1 Restore DONE ChEALS id ina O 137 97 2 RESE DOME IO ai ces 137 do RED io 137 DEVICE RECOVE ai r N A E 137 10 1 A M ono E E E E N ewsemances 138 102 os Sis Saw sil acct A A aw asderennceaiiaaee 138 10 3 Bootloader S Web T E N 138 LE A sess a cess w rate onsets tetas o ae nctaste ne ts O age Sa ewe anand AA 139 SAFETY INFORMATION In this document you will be introduced on how to use a RUT950 router safely We suggest you to adhere to the following recommendations in order to avoid personal injuries and or property damage You have to be familiar with the safety requirements before using the device To avoid burning and voltage caused traumas of the personnel working with the device please follow these safety requirements The device is intended for supply from a Limited Power Source LPS that power consumption should not exceed 15VA and current rating of overcurrent protective device should not exceed 2A
14. 34 47 41 4B 45 2015 05 11 15 36 55 WIFI WIFI client disconnected 00 16 42 10 80 22 2015 05 11 15 30 32 WIFI WIFI client connected 00 1E 42 10 80 22 2015 05 11 15 30 26 WIFI WIFI client disconnected 00 1E 42 10 80 22 2015 05 11 15 19 58 WIFI WIFI client connected 00 16 42 10 80 22 2015 05 11 15 19 52 WiFi WiFi client disconnected FC C2 DE 91 36 A6 android 9aed2b2077a54c74 showing 1 to 10 of 312 entries Next gt gt 42 6 10 4 Events Reporting Allows to view enable disable or modify created rules for events reporting All Events System Events Network Events Events Reporting Reporting Configuration Events Reporting Create rules for events reporting Events Reporting Rules Event type Event subtype Action Enable FW upgrade From file send SMS Delete New DHCP client Connected from LAN Send SMS Delete Config change send SMS Delete All rules are executed in current fist order Events Reporting Configuration Event type Event subtype Action Contig change Y All 6 10 4 1 Events Reporting Configuration Allows to review created rules details and modify them so after event occurrence messages or emails are sent to specified address or phone numbers with information about the event All Events System Events Network Events Events Reporting Reporting Configuration Event Reporting Configuration Modify event reporting rule Enable v Event type Reboot Event subtype After unexpected shut down Action S
15. 6 3 1 2 WAN Mobile WAN Interface Type IP address WAN MAC Netmask Gateway DNS 1 Connected Ports WAN information 1 Interface 2 Type 3 IP address 4 WAN MAC Wired Static 192 168 99 69 00 1E 42 00 00 01 Specifies through what medium the router is connecting to the internet This can either be Wired Mobile or Wi Fi Specifies the type of connection This can either be static or DHCP The IP address that the routers uses to connect the internet MAC Media Access Control address used for communication in a Ethernet WAN Wide Area Network 21 Specifies a mask used to define how large the WAN network is Indicates the default gateway an address where traffic destined for the Domain name server s How long the connection has been successfully maintained OpenVPN VRRP Topology Access Netmask Ethernet MAC address Connected for 259 209 295 0 00 1E 42 00 00 00 1h 53m 56s LAN name MAC address Lease time remaining Lan D4 85 64 65 2B D4 10h 11m 13s NN Field Name Sample Value Explanation Address that the router uses on the LAN network A mask used to define how large the LAN network is MAC Media Access Control address used for communication in a Ethernet LAN Local Area Network How long LAN has been successfully maintained 5 Netmask 255 255 255 0 6 Gateway 192 168 99 254 internet is routed to T DNS 8 8 8 8 8 Connected 1h 45m 27s These fields show up on other connection mode
16. 93 5 Username your_username Name of the user account 6 Password your_password Password of the user account 7 IP Source Public This option allows you to select specific RUT interface and then send Private the IP address of that interface to DDNS server So if for example Custom your RUT has Private IP i e 10 140 56 57 on its WAN 3G LTE interface then you can send this exact IP to DDNS server by selecting Private or by selecting Custom and WAN interface The DDNS server will then resolve hostname queries to this specific IP 8 IP renew interval 10 minutes Time interval in minutes to check if the IP address of the device min have changed 9 Force IP renew 472 minutes Time interval in minutes to force IP address renew 8 7 SNMP SNMP settings window allows you to remotely monitor and send GSM event information to the server 8 7 1 SNMP Settings SNMP Configuration SNMP Service Settings SNMP Settings TRAP Settings Enable SNMP service Enable remote access Port Community Public Location Location Contact email example com Name Name METI E Explanation Enable SNMP service Enable Disable 2 Enable remote access Enable Disable 3 Port 161 Community Public Private Custom 5 Community name custom 6 Location Location 7 Contact email example com 8 Name Name Run SNMP Simple Network Management Protocol service on system s start up Open port in firewall so that SNMP Simple
17. Configuration General Setup Wireless Security MAC Filter Advanced Settings separate clients 65 7 5 1 3 Client RUT9xx can work as a Wi Fi client check 6 5 Chapterof this manual Client mode is nearly identical to AP except for the fact that most for the options are dictated by the wireless access point that the router is connecting to Changing them can result in an interrupted connection to an AP In addition to standard options you can also click the Scan button to rescan the surrounding area and attempt to connect to a new wireless access point 7 6 Firewall In this section we will look over the various firewall features that come with RUT950 7 6 1 General Settings The routers firewall is a standard Linux iptables package which uses routing chains and policies to facilitate control over inbound and outbound traffic General Settings Port Forwarding Traffic Rules Custom Rules DDOS Prevention Firewall General settings allows you to set up default firewall policy General Settings Drop invalid packets Input Accept Y Output Accept Y Forward Reject Y Field Name Sample value Explanation Drop Invalid packets Checked Unchecked A Drop action is performed on a packet that is determined to be invalid 2 Input Reject Drop Accept DEFAULT action that is to be performed for packets that pass through the Input chain 3 Output Reject Drop Accept DEFAULT action that is to be performed for packets that pass th
18. Enable automatic Enable Disable switching 3 Check interval 20 3600 On weak signal Enable Disable 5 On data limit Enable Disable 6 Onsms limit Enable Disable 7 Onroaming Enable Disable 8 On data connection Enable Disable fail 9 Switch back to Enable Disable primary SIM card after timeout SIM card that will be used in the system as a primary SIM card Automatically switch between primary and secondary SIM cards based on the various rules and criterions defined below Check interval in seconds Perform a SIM card switch when a signal s strength drops below a certain threshold Perform a SIM card switch when mobile data limit for your currrent SIM card is exceeded Perform a SIM card switch when sms limit for your currrent SIM card is exceeded Perform a SIM card switch when roaming is detected Perform a SIM card switch when data connection fails Switch back to primary SIM card after timeout has been reached 48 7 1 3 Network Operators This function lets you Scan Select and enter manual Network Operator to which router should connect Function will provide great utility when router is in Roaming conditions Operator is selected only for the active SIM card In order to specify operator for the other SIM card it must first be selected as primary SIM in SIM Management Network Operators Current SIM SIM card in use Current operator Scan For Network Operators status Operator name Available Tele LT L
19. Message Authentication Code Protocol encryption protocol designed for Wireless LAN products that implement the standards of the IEEE 802 111 amendment to the original IEEE802 11 standard CCMP is an enchanged data cryptographic encapsulation designed for data confidentiality and based upon the Counter Mode with CBC MAC CCM of the AES Advanced Encyprion Standard standard MAC Media Access Control hardware address that uniquely identifies each node of a network In IEEE 802 networks the Data Link Control DCL layer of the PSO Reference Model is divided into two sub layers the Logical Link Control LLC layer and the Media Access Control layer The MAC layer interfaces directly with the network medium Consequently each different type of network medium requires a different MAC layer DMZ Demilitarized Zone a computer or small subnetwork that sits between a trusted internal network such as a corporate private LAN and an untrusted external network such as the public internet UDP User Datagram Protocol a connectionless protocol that like TCP runs on top of IP networks Provides very few error recovery services offering instead a direct way to send and receive datagrams over IP network VPN Virtual Private Network a network that is constructed by using public wires usually the Internet to connect to a private network such as a company s internal network VRRP Virtual Router Redundancy Protocol
20. Network Management Protocol service may be reached from WAN SNMP Simple Network Management Protocol service s port The SNMP Simple Network Management Protocol Community is an ID that allows access to a router s SNMP data Set custom name to access SNMP Trap named sysLocation Trap named sysContact Trap named sysName 94 Variables OID POI Description 1 1 3 6 1 4 1 99999 1 1 1 Modem IMEI 2 1 3 6 1 4 1 99999 1 1 2 Modem model 3 1 3 6 1 4 1 99999 1 1 3 Modem manufacturer 4 1 3 6 1 4 1 99999 1 1 4 Modem revision 5 1 3 6 1 4 1 99999 1 1 5 Modem serial number 6 1 3 6 1 4 1 99999 1 1 6 SIM status 7 1 3 6 1 4 1 99999 1 1 7 Pin status 8 1 3 6 1 4 1 99999 1 1 8 IMSI 9 1 3 6 1 4 1 99999 1 1 9 Mobile network registration status 10 1 3 6 1 4 1 99999 1 1 10 Signal level 11 1 3 6 1 4 1 99999 1 1 11 Operator currently in use 12 1 3 6 1 4 1 99999 1 1 12 Operator number MCC MNC 13 1 3 6 1 4 1 99999 1 1 13 Data session connection state 14 1 3 6 1 4 1 99999 1 1 14 Data session connection type 15 1 3 6 1 4 1 99999 1 1 15 Signal strength trap 16 1 3 6 1 4 1 99999 1 1 16 Connection type trap 8 7 2 TRAP Settings TRAP Service Settings SNMP Trap Host IP 192 168 99 155 Port 162 Community Public TRAP Rules Action Enable Connection type trap Delete Signal strength trap Delete New TRAP Rule Action Signal strength trap 95 MECA E Explanation SNMP Trap 2 Hos
21. WAN LAN Wireless Wireless Information Wireless Information Channel Country code Wireless Status SSID Teltonika_Pouter Teltonika_Router Test Mode Station STA Associated Stations MAC Address 00 1 42 10 80 22 Device Name 7 Client mode information A Field Name Sample Value Explanation 1 Channel 2 Country 3 SSID Mode 5 Encryption 6 Wireless MAC 7 Signal Quality 1 2 41 GHz 00 Teltonika_Router Station STA WPA2 PSK CCMP 00 1E 42 10 80 22 61 OpenVPN VRRP Topology Access 1 2 41 GHz 00 Worle 00 World Encryption Wireless MAC Signal quality Bitrate no encryption 00 1 42 10 80 22 61 43 3 MBit s Access Point AP no encryption 02 1 42 00 11 03 790 1 0 MBit s Signal RX Rate TX Rate 67 dBm 1 0 Mbits MCS 0 20MHz 43 3 Mbits MCS 10 20MHz Refresh lt gt The channel that the AP to which the routers is connected to uses Your wireless radio is forced to work in this channel in order to maintain the connection Country code The SSID that the AP to which the routers is connected to uses Connection mode Client indicates that the router is a client to some local AP The AP to which the router is connected to dictates the type of encryption The MAC address of the access points radio The quality between routers radio and some other device that is 23 8 Bitrate 43 3 MBit s 6 3 1 4 2 Access Point connecting to th
22. an election protocol that dynamically assigns responsibility for one or more virtual router s to the VRRP router s on a LAN allowing several routers on a multiaccess link to utilize the same virtual IP address GRE Tunnel Generic Routing Encapsulation a tunneling protocol developed by Cisco Systems that can encapsulate a wide variety of network layerprotocols inside virtual point to point links over an Internet Protocol internetwork PPPD Point to Point Protocol Daemon it is used to manage network connections between two nodes on Unix likeoperating systems It is configured using command line arguments and configuration files SSH Secure SHell a program to log into another computer over a network to execute commands in a remote machine and to move files from one machine to another It provides strong authentication and secure communications over insecure channels VRRPD Virtual Router Redundancy Protocol it is designed to eliminate the single point of failure associated with statically routed networks by automatically providing failover using multiple LAN paths through alternate routers SNMP Simple Network Management Protocol a set of protocols for managing complex networks SNMP works by sending messages called protocol data units PDUs to different parts of a network 140
23. are not otherwise covered by the firewall framework The commands are executed after each firewall restart right after the default ruleset has been loaded This file is interpreted as shell script Put your custom iptables rules here they will be executed with each firewall re start Internal uci firewall chains are flushed and recreated on reload so put custom rules into the root chains e g INPUT or FORWARD or into the special user chains e g input_wan_rule or postrouting_lan_rule Submit 74 7 6 6 DDOS Prevention 7 6 6 1 SYN Flood Protection SYN Flood Protection allows you to protect from attack that exploits part of the normal TCP three way handshake to consume resources on the targeted server and render it unresponsive Essentially with SYN flood DDoS the offender sends TCP connection requests faster than the targeted machine can process them causing network saturation General Settings Port Forwarding Traffic Rules Custom Rules DDOS Prevention DDOS Prevention SYN Flood Protection Enable SYN flood protection SYN flood rate SYN flood burst TCP SYN cookies mu Field Name Sample value Explanation Enable SYN flood Enable Disable Makes router more resistant to SYN flood attacks protection 2 SYN flood rate 257 Set rate limit packets second for SYN packets above which the traffic is considered a flood 3 SYN flood burst 50 Set burst limit for SYN packets above which the traffic is
24. edu ceseaae cases 10 23 TA Mi ctr eno P ote nee eto ect nee a th eanieeeed 10 24 Electrical VieChanical amp ENViFOAMEN Al sinsecustiveccsncavessrcccseovtsaveederaimseneshivencnnsvascuccaveewiddaveedereimsesteedsenstecss 10 2 PAD DMC ATO Sosa 11 3 Setting Up your ROUGE Pia tete 12 O A 12 3 1 1 Front Panel and Back Panel ccccsscccccccccesssecccceeessececesseseececeesseeeeeeeesseuseeeeesaueseeeeeessuueseeessaaaaeeess 12 s POW Ae Mista QUOU e In E 12 s2 OIE Mesa 13 4 OPEN IVS SS ghar E AEE EAA ducetasiacusecnesiieeoanee 16 5 POW OTIS COU ONS ranas osiana 16 5 1 Powering the device from higher VOltage ccccccssccccsssecccccseccceesecessesececeeececeeeeecceseesecessunecesseneceeeeaees 17 6 A a o o A ead eatesanaeseqnstaeehsa aces 18 GE OVI A Eon 18 2 A 19 63 Networcintormado asco aa 20 6 4 Device information cc ceeeeeseccccccccneseseeeeceeeesaaesseeeeeeeeessseeeeeseeeeeeeessaeeessseeeeeesseauaesssseeecesseuauaseeeeeeeeeesaaas 31 E A o o E A O E feccune aadeeeetens 32 co POUE A A E eee ee ee eer ee ere 32 GOT PURE O Un o O E A 32 Ea om PP E gt Po S 33 0 03 Active TEN OOS aro iaciicas 33 A PRE IIIS lo PO ZP o A 34 6 7 1 Mobile Signal Strenght ccooccccoocnncnocnnncnocnnononnnnncononarononronononnnnonronnnnrnnonnrnnonrnnonnnnnnnnrnnenarnnenanononoss 34 SU ROUNE LO A o E 35 BdL VAC PO POCO OOPS E E o O EE E 36 OLE Realtime Miralles id ee e do 37 So Realtime COMME Cuotas 38 6 8 Mobile Tr she
25. empty to auto detect 4 Service Name isp Specifies the name of the service Leave empty to auto detect 54 7 2 2 2 Advanced These are the advanced settings for each of the protocols if you are unsure of how to alter these attributes it is highly recommended to leave them to a trained professional 7 2 2 2 1 Static Common Configuration General Setup Advanced Settings Disable NAT Override MAC address Override MTU Use gateway metric a Sample value Explanation Disable NAT On Off Toggle NAT on and off 2 Override MAC address 86 48 71 B7 E9 E4 Override MAC address of the WAN interface If your ISP gives you a static IP address it might also bind it to your computers MAC address i e that IP will only work with your computer In this field you can enter your computers MAC address and fool the gateway in thinking that it is communicating with your computer 3 Override MTU 1500 Maximum transmission unit specifies the largest possible size of a data packet 4 Use gateway metric 0 The WAN configuration by default generates a routing table entry With this field you can alter the metric of that entry 7 2 2 2 2 DHCP Common Configuration General Setup Advanced Settings Disable NAT Use broadcast flag Use default gateway Use DNS servers advertised by peer Use gateway metric Client ID to send when requesting DHCP Vendor Class to send when requesting DHCP Override MAC address Override MTU ISE Ee E
26. gt 80 You can use port forwarding to set up servers and services on local LAN machines The above picture shows how you can set up a rule that would allow a website that is being hosted on 192 168 1 109 to be reached from the outside by entering http routersExternallp 12345 Field Name Sample value Explanation Name localWebsite Name of the rule Used purely to make it easier to manage rules 2 Protocol TCP UDP TCP UDP Other Type of protocol of incoming packet 3 External Port 1 65535 From what port on the WAN network will the traffic be forwarded 4 Internal IP address IP address of some computer The IP address of the internal machine that hosts some on your LAN service that we want to access from the outside 5 Internal port 1 65535 To what port on the internal machine would the rule redirect the traffic 67 When you click edit you can fine tune a rule to near perfection if you should desire that Rule is enabled Name Protocol Source zone Source MAC address Source IP address Source port External IP address External port Internal zone Internal IP address Internal port Erable NAT loopback Extra arguments Disable locale bs ite TOP lan lan Za vpn empty wan wan Sz y PPP i wanz A ES 12345 fan lan o vpn empty wan wan S4 ppp EF wane i 182 168 1108 BO wf um Field Name Sample value Explanation Name localWebs
27. is being matched against Source MAC address any D be traffic rules Source zone LAN VPN WAN Match incoming traffic from this zone only Match incoming traffic from these MACs only Source address any Match incoming traffic from this IP or range only Source port any Match incoming traffic originating from the given source port or port range on the client host only 7 Destination zone LAN VPN WAN Match forwarded traffic to the given destination zone only 73 8 Destination address Select from the list Match forwarded traffic to the given destination IP address or IP range only 9 Destination port any Match forwarded traffic to the given destination port or port range only 10 SNAT IP address 10 101 1 10 Rewrite matched traffic to the given IP address 11 SNAT port 227 Rewrite matched traffic to the given source port May be left empty to only rewrite the IP address 12 Extra arguments Passes additional arguments to iptables Use with care 7 6 5 Custom Rules Here you have the ultimate freedom in defining your rules you can enter them straight into the iptables program Just type them out into the text field ant it will get executed as a Linux shell script If you are unsure of how to use iptables check the internet out for manuals examples and explanations General Settings Port Forwarding Traffic Rules Custom Rules Firewall Custom Rules Custom rules allow you to execute arbitrary iptables commands which
28. mode connection creation and management 15 APN internet mnc012 mcc345 gprs APN is the name of a gateway between a GPRS 3G or 4G mobile network and another computer network frequently the public Internet 16 Dialing number 37060000001 A phone number that will be used to establish a mobile PPP Point to Point Protocol connection 17 Authentication CHAP PAP None Select an authentication method that will be used to method authenticate new connections on your GSM carrier s network 18 Username admin User name used for authentication on your GSM carrier s network 19 Password password Password used for authentication on your GSM carrier s network 20 Service mode 2G only Select network s preference If your local mobile 2G preferred network supports GSM 2G UMTS 3G or LTE 4G 3G only you can specify to which network you prefer to 3G preferred connect to 4G LTE only 4G LTE preferred Automatic 21 IP address 192 168 1 1 IP address that router will use on LAN Local Area Network network 22 IP netmask 255 255 255 0 A subnet mask that will be used to define how large the LAN Local Area Network network is 23 IP broadcast 192 168 1 255 A logical address at which all devices connected to a Send Configuration Message network wan ifname ethi network ppp enabled 0 network wan proto static network wan ipaddr 21 7 147 40 44 network wan netmask 255 255 255 0 network w
29. of PoE standard 5 1 Powering the device from higher voltage If you decide not to use our standard 9 VDC wall adapters and want to power the device from higher voltage 15 30 VDC please make sure that you choose power supply of high quality Some power supplies can produce voltage peaks significantly higher than the declared output voltage especially during connecting and disconnecting them While the device is designed to accept input voltage of up to 30 VDC peaks from high voltage power supplies can harm the device If you want to use high voltage power supplies it is recommended to also use additional safety equipment to suppress voltage peaks from power supply One of the options is to use Teltonika PR1000 overvoltage protection device conforming ISO 7637 2 17 6 Status The status section contains various information like current IP addresses of various network interfaces the state of the routers memory firmware version DHCP leases associated wireless stations graphs indicating load traffic etc and much more 6 1 Overview Overview section contains various summary information Status Network Services CS TELTONIKA Overview System Y t Router uptime Local device time ZO 7 0 CPU load Od 2h 21m 28s since 2015 05 11 11 35 24 2015 05 11 13 56 52 Mobile ES Es Data connection State 87 MB 70 RAM 0 9 MB 75 FLASH Free memory SIM card slot in use Firmware version RUTIX
30. upload the logs on Monday Wednesday and Saturday you should enter 1 3 6 Shows up only when Mode is set to Interval Specifies the interval of regular uploads on one specific day E g If you choose 4 hours the uploading will be done on midnight 4 00 Mode 2 Weekdays 3 Interval 4 Hours Minutes 8 00 12 00 16 00 and 20 00 Shows up only when Mode is set to Fixed Uploading will be done on that specific time of the day E g If you want to upload your logs on 6 48 you will have to simply enter hours 6 and minutes 48 118 8 11 4 Landing Page 8 11 4 1 General Landing Page Settings With this functionality you can customize your Hotspot Landing page General Template Wireless Hotspot Landing Settings Landing Page Settings Terms Of Services Page title Teltonika Hotspot Theme Custom Upload login page Browse No file selected Login page file Download Demo preview Background Configuration Logo Image Configuration Link Configuration Text Configuration Field name Explanation 1 Za 3 4 Configuration Page title Theme Upload login page Login page file In the sections lt Will be seen as landing page title Landing page theme selection Allows to upload custom landing page theme Allows to download and save your landing page file Terms Of Services Background Configuration Logo Image Configuration
31. which requires only Servers IP Username and Password 92 8 6 Dynamic DNS Dynamic DNS DDNS is a domain name service allowing to link dynamic IP addresses to static hostname To start using this feature firstly you should register to DDNS service provider example list is given in description You are provided with add delete buttons to manage and use different DDNS configurations at the same time You can configure many different DDNS Hostnames in the main DDNS Configuration section DDNS Configuration DDNS Name Hostname Myddns yourhost example org my personaldomain dyndns org New configuration name To edit your selected configuration Enable Status Service Hostname User name Password IP source Network IP renew interval min Force IP renew min Status Enabled NA No Delete Delete Add New hit Edit N A 3322 org yourhost example org your _usemame Custom WAN 7 10 Af2 eS Ec Explanation Enable 2 Status 3 Service 1 dydns org 2 3322 org 3 no ip com 4 easydns com 5 zoneedit com 4 Hostname Yourhost example org Enables current DDNS configuration Timestamp of the last IP check or update Your dynamic DNS service provider selected from the list In case your DDNS provider is not present from the ones provided please feel free to use custom and add hostname of the update URL Domain name which will be linked with dynamic IP address
32. 0 192 168 55 255 192 168 55 161 255 255 255 0 192 168 55 0 192 168 55 255 192 168 0 0 255 255 0 0 192 168 0 0 192 168 255 255 78 8 Services 8 1 VRRP 8 1 1 VRRP LAN Configuration Settings MITE ETE EEE VRRP LAN Configuration Settings Enable IP address 192 168 1 253 Virtual ID Priority 1 Enable 2 IP address 3 Virtual ID 4 Priority Enable Disable 192 168 1 253 100 8 1 2 Check Internet connection Check internet connection Enable VRRP Virtual Router Redundancy Protocol for LAN Virtual IP address for LAN s VRRP Virtual Router Redundancy Protocol cluster Routers with same IDs will be grouped in the same VRRP Virtual Router Redundancy Protocol cluster Router with highest priority value on the same VRRP Virtual Router Redundancy Protocol cluster will act as a master Enable Ping IP address Ping interval Ping timeout sec Ping packet size Ping retry count MIST EE ES 1 2 3 4 5 Mm Enable Ping IP address Ping interval Ping timeout sec Ping packet size Ping retry count Enable Disable 8 8 4 4 10 1 50 10 Enable WAN s connection monitoring A host to send ICMP Internet Control Message Protocol packets to Time interval in minutes between two Pings Response timeout value interval 1 9999 ICMP Internet Control Message Protocol packet s size interval 0 1000 Failed Ping attempt s count before determining that connec
33. 1 entries Refresh Delete Select all 8 8 4 2 Send SMS Read SMS Send SMS Send SMS Send SMS Message Phone Number 3701111111 Message My text SMS 1 152 characters left _ Field name ECTS Explanation 1 Phone number 3701111111 Recipients phone number Should be preceded with country code i e 370 2 Message My text Message text special characters are allowed 8 8 4 3 Storage With storage option you can choose for router NOT to delete SMS from SIM card If this option is not used router will automatically delete all incoming messages after they have been read Message status read unread is examined every 60 seconds All read messages are deleted 100 Read SMS Send SMS Storage SMS Storing Configuration Save messages on SIM w SIM card memory Used 0 Available 50 Leave free space 1 Field name ET EEE 1 Save messages on SIM Enabled Disabled Enables received message storing on SIM card 2 Leave free space 1 Specifies how much space for SMS should remain free on SIM at all times 8 8 5 Remote Configuration RUT9xx can be configured via SMS from another RUT9xx You only have to select which configuration details are to be sent generate the SMS Text type in the phone number and Serial number of the router that you wish to configure and Send the SMS Total count of SMS is managed automatically You should be aware of possible number of SMS and use this feature at your o
34. 167 192 168 1 167 192 168 1 167 IP 192 168 99 109 192 168 99 109 Authentications Status Succeeded Succeeded Succeeded Succeeded Succeeded Succeeded Succeeded Succeeded Succeeded Authentications Status Failed Failed 2015 05 07 10 36 16 142 168 959 109 Succeeded 2015 05 07 09 07 17 2015 05 08 08 44 13 2015 05 08 09 45 21 142 168 959 109 192168 99 109 19216899109 There are no records vel Refresh E Field Name Sample Value Explanation Type SSH HTTP HTTPS Type of connection protocol 2 Date 2015 05 11 10 36 59 Date and time of connection 3 IP 192 168 1 167 IP address from which the connection was made 4 Authentications Failed Succeded Status of authentication attempt Status 30 6 4 Device information The page displays factory information that was written into the device during manufacturing process Device Information Device Serial number Product code Batch number Hardware revision IMEI IMSI Ethernet LAN MAC address Ethernet WAN MAC address Wireless MAC address Modem Model FW version 02345678 RUT900101010 0222 0321 8604610241 64561 2460201 00070220 3E 83 6F 84 E1 A4 AE FP4 F3 5B 9D CC MZA ME909u 521 11 235 07 00 00 nu Field Name Sample Value Explanation SODA 10 Serial number Product code Batch number Hardware revision IMEI IMSI Ethernet LAN MAC Ethernet WAN MAC Wireless MAC Model FW ve
35. 4G LTE preferred Deny data roaming Use IPv4 only MESA EZ Mobile PPP NDIS PPP mode uses dialling number to establish data connection connection NDIS mode default does not use dialling and PPP protocol to establish data connection it is usually faster than PPP mode 2 Mode NAT Passthrough Use NAT mode enables network address translation on router Bridge bridge mode bridges LTE data connection with LAN In this mode the router does not have internet connection as ISP provides IP directly to end device PC tablet or smartphone Using Bridge mode will disable most of the router capabilities and you can access your router s settings only by using static IPaddress on your end device Passthrough mode is similar with bridge mode except that in passthrough mode router do have internet connection 3 APN APN Access Point Name APN is a configurable network identifier used by a mobile device when connecting to a GSM carrier 4 PIN number 1234 or any number A personal identification number is a secret numeric password that falls between 0000 shared between a user and a system that can be used to and 9999 authenticate the user to the system 5 Dialing 99 1H Dialling number is used to establish a mobile PPP Point to Point number Protocol connection 6 Authentication CHAP PAP or none Authentication method which your carrier uses to authenticate new 46 method connections This selection is unavailable on the a
36. 5 Backup WAN configuration Backup WAN is function that allows you to back up your primary connection in case it goes down There can be two backup connections selected at the same time in that case when primary connection fails router tries to use backup with higher priority and if that is unavailable or fails too then router tries the backup with lower priority Backup Configuration Timing and other parameters will indicate how and when it will be determined that your conventional connection has gone down Health monitor interval 10 sec Health monitor ICMP host s 8 8 4 4 Health monitor ICMP timeout 3 Seo Attempts before failover 3 Attempts before recovery 3 57 The majority of the options consist of timing and other important parameters that help determine the health of your primary connection Regular health checks are constantly performed in the form of ICMP packets Pings on your primary connection When the connections state starts to change READY gt NOT READY and vice versa a necessary amount of failed or passed health checks has to be reached before the state changes completely This delay is instituted so as to mitigate spikes in connection availability but it also extends the time before the backup link can be brought up or down D Field Name Sample value Explanation 1 Health monitor Interval Disable 5 10 20 30 60 120 The interval at which health checks are performed Seconds 2 Health monito
37. 508 e Power supply 100 240 VAC gt 9 VDC wall adapter e Input voltage range 9 30VDC e Power consumption lt 7W e Operating temperature 40 to 75 C e Storage temperature 45 to 80 C e Operating humidity 10 to 90 Non condensing e Storage humidity 5 to 95 Non condensing 10 2 5 Applications ROUTER WIFI WIFI WIFI ANTENNA ANTENNA LTE MAIN ANTENNA Power Porl Switch Please use the included power adapter 11 LTE Network LTE LTE AUX ANTENNA WAN or LAN connection depending on your needs and configuration 3 Setting up your router 3 1 Installation After you unpack the box follow the steps documented below in order to properly connect the device For better Wi Fi performance put the device in clearly visible spot as obstacles such as walls and door hinder the signal 1 First assemble your router by attaching the necessary antennas and inserting the SIM card 2 TO power up your router please use the power adapter included in the box IMPORTANT Using a different power adapter can damage and void the warranty for this product 3 If you have a wired broadband connection you will also have to connect it to the WAN port of the router 3 1 1 Front Panel and Back Panel LTE AUX LTE MAIN RESET LAN Ethernet ports am LTE auxiliary antenna connector WAN Ethernet port LTE main antenna connector EF LAN LEDs Wi Fi antenna connectors 8 WAN LED 4 Reset button
38. 68 1 232 IP address for client FC C2 DE 91 36 46 android 9aed2b2077a54c74 in WiFi 31755 2015 05 11 16 02 37 Leased 192 168 1 232 IP address for client FC C2 DE 91 36 46 android 9aed2b2077a54c74 in WiFi 31745 2015 05 11 16 02 36 Leased 192 168 1 232 IP address for client FC C2 DE 91 36 46 android 9aed2b2077a54c74 in WiFi 31735 2015 05 11 16 02 36 Leased 192 168 1 232 IP address for client FC C2 DE 91 36 46 android 9aed2b2077a54c74 in WiFi 31725 2015 05 11 16 02 35 Leased 192 168 1 232 IP address for client FC C2 DE 91 36 46 android 9aed2b2077a54c74 in WiFi Showing 1 to 10 of 1912 entries Next gt gt 40 6 10 2 System Events Displays all system events their type and time of occurance Events include authentication or reboot requests safemode incoming and outgoing SMS and calls configuration changes DHCP events All Events System Events Network Events Events Reporting Reporting Configuration System Log All Authentication Reboot Safemode sMS Call Configuration DHCP Events Log Events per page 10 Y Search ID Date Event type Event 3181 2015 05 11 16 11 47 Config Firewall configuration has been changed 3180 2015 05 11 16 09 29 Port Wired WAN connection operational 3179 2015 05 11 16 05 13 Port Wired WAN connection non operational 3178 2015 05 11 16 02 39 Leased 192 168 1 232 IP address for client FC C2 DE 91 36 46 android 9aed2b2077a54c74 in WiFi 3177 2015 05 11 16 02 39 Wired WAN connection operati
39. 7 The first number mean past minute and second number 11 means that in the past minute there have been on average 11 processes running or waiting for a resource Device s temperature 19 Memory explanation Field Name Sample Value Explanation 1 Free 2 Cached 3 Buffered 94532 kB 126452 kB 74 10828 kB 126452 kB 8 4308 kB 126452 kB 3 6 3 Network Information 6 3 1 1 Mobile The amount of memory that is completely free Should this rapidly decrease or get close to 0 it would indicate that the router is running out of memory which could cause crashes and unexpected reboots The size of the area of memory that is dedicated to storing frequently accessed data The size of the area in which data is temporarily stored before moving it to another location Displays information aboutmobile modem connection Mobile WAN LAN Mobile Information Mobile eff MEI MSI Sim card Data connection state state Signal strength Cell ID RSRP SRO SINR Operator Operator state Connection type Bytes received Bytes sent Reset modem Mobile information Wireless OpenVPN VRRP Topology Access SIM card slot in use SIM 1 Connected 860461 024164561 246020100070220 Ready 65 dBm FD90B 88 dBm 7 dBm 21 4 dBm LT BITE GSM Registered home 4G LTE 3 3 KB 3345 bytes 3 4 KB 3487 bytes Refresh PE Field Name Samp
40. 9 4 2015 09 18 08 28 46 EEST built in shell Enter help for a list of built in commands Teltonika 2014 root Teltonika Use CTRL ATL SHIFT T keyboard shorcut to open CLI in new tab 8 11 Hotspot Wireless hotspot provides essential functionality for managing an open access wireless network In addition to standard RADIUS server authentication there is also the ability to gather and upload detailed logs on what each device denoted as a MAC address was doing on the network what sites were traversed etc 8 11 1 General settings General Restricted Internet Access Logging Landing Page Radius Server Statistics Wireless Hotspot Configuration General Settings Main Settings Session Settings Enable AP IP 192 168 2 254 24 Authentication mode Without radius External landing page Landing page address Protocol HTTPS redirect 115 Users Configuration User name Password There are no users created yet ae Field name Explanation 1 Enabled Check this flag to enable hotspot functionality on the router 2 AP IP Access Point IP address This will be the address of the router on the hotspot network The router will automatically create a network according to its own IP and the CIDR number that you specify after the slash E g 192 168 2 254 24 means that the router will create a network with the IP address 192 168 182 0 netmask 255 255 255 0 for the express purpose of contai
41. 9 Power socket 10 Power LED 11 Connection status LED 12 Signal strength indication LEDs 3 1 2 Hardware installation 1 Remove back panel and insert SIM card which was given by your ISP Internet Service Provider Correct SIM card orientation is shown in the picture e o IIIN ODA JE A JE gt ST s amp gt SIM 1 primary SIM 2 secondary 2 Attach LTE main and Wi Fi antennas 3 Connect the power adapter to the socket on the front panel of the device Then plug the other end of the power adapter into a wall outlet or power strip 4 Connect to the device wirelessly SSID Teltonika_Router or use Ethernet cable and plug it into any LAN Ethernet port 12 3 2 Logging in After you re complete with the setting up as described in the section above you are ready to start logging into your router and start configuring it This example shows how to connect on Windows 7 On windows Vista click Start gt Control Panel gt Network and Sharing Centre gt Manage network Connections gt Go to step 4 On Windows XP Click Start gt Settings gt Network Connections gt see step 4 You wont s see Internet protocol version 4 TCP IPv4 instead you ll have to select TCP IP Settings and click options gt Go to step 6 We first must set up our network card so that it could properly communicate with the router 1 Press the start button 2 Type in network connections wait for the results to pop
42. A_R 00 01 290 Bytes received sent Wireless El E wan B ES Ma Teltonika_ Router AP IP address Mode 1 AP 11 CH 2 462 GHz Backup WAN status Local Network UU Es Access Control Es IP netmask 192 168 1 1 255 255 255 0 LAN Clients connected WAN Recent System Events UY ti 2015 05 11 13 52 14 Port Wired WAN connection operational 1 2015 05 11 13 51 07 2015 05 11 13 51 09 Config Network configuration has been 2015 05 11 11 36 17 2015 05 11 11 56 27 Config Access Control configuration ha 2015 03 18 16 32 14 2015 05 11 11 56 27 Config Firewall configuration has been 2015 03 18 16 04 26 18 79 dBm di Disconnected Registered home LT BITE GSM 3G WCDMA SIM 1 Ready 2 7KB 3 1 KB Wired a 192 168 99 110 Backup link is disabled SS Ae Aes HTTP Recent Network Events El E Mobile data disconnected Mobile data connected IP 10 1 12 123 Joined 3G WCDMA Joined 36 WCDMA 6 2 System Information The System Information tab contains data that pertains to the routers operating system System Information System Router name Host name Router model Firmware version Kernel version Local device time Uptime Load average Temperature Memory Free Cached Buffered System explanation eltonika Teltonika Teltonika RUT9XX RUT9XX_T_00 00 372 2014 11 03 14 29 09 Oh 35m 56s since 2014 11 03 13 53 13
43. Control General General Safety Access Control SSH Access Control Enable 55H access Remote SSH access Port Web Access Control Erable HTTP access Enable remote HTTP access Port Erable remote HTTPS access Port CLI Configuration Erable CL Erable remote CLI Part 130 O Field name EEE 1 Enable SSH access Check box to enable SSH access 2 Remote SSH access Check box to enable remote SSH access 3 Port Port to be used for SSH connection 4 Enable HTTP access Enables HTTP access to router 5 Enable remote HTTP Enables remote HTTP access to router access 6 Port Port to be used for HTTP communication 7 Enable remote Enables remote HTTPS access to router HTTPS access 8 Port Port to be used for HTTPS communication 9 Enable CLI Enables Command Line Interface 10 Enable remote CLI Enables remote Command Line Interface 11 Port Port to be used for CLI communication Note The router has 2 users admin for WebUl and root for SSH When logging in via SSH use root 9 3 3 2 Access Control Safety General Troubleshoot Backup Access Control Diagnostics MAC Clone Overview General Safety Block Unwanted Access SSH Access Secure Enable Clean after reboot Fail count WebUl Access Secure Enable Clean after reboot Fail count List Of Blocked Addresses Service Blocked address There are no addresses blocked WET Explanation SSH access secure Check box to enable SSH access
44. It happens when bootloader does not detect neither master nor safemode firmware Flashing all 4 Ethernet LEDs indicate that bootloader s webserver has started Manually Bootloader s webserver can be requested by holding reset button for 3 seconds while powering the device on Flashing all 4 Ethernet LEDs indicates that bootloader s webserver has started Bootloader s WebUI can be accessed by typing this address in the web browser http 192 168 1 1 index html Note it may be necessary to clear web browser s cache and to use incognito anonymous window to access bootloader s WebuUI 138 11 Glossary WAN Wide Area Network is a telecommunication network that covers a broad area i e any network that links across metropolitan regional or national boundaries Here we use the term WAN to mean the external network that the router uses to reach the internet LAN A local area network LAN is a computer network that interconnects computers in a limited area such as a home school computer laboratory or office building DHCP The Dynamic Host Configuration Protocol DHCP is a network configuration protocol for hosts on Internet Protocol IP networks Computers that are connected to IP networks must be configured before they can communicate with other hosts The most essential information needed is an IP address and a default route and routing prefix DHCP eliminates the manual task by a network administrator It also pro
45. M card your SIM card will get blocked To avoid such mishaps it is highly advised to use an unprotected SIM If you happen to insert a protected SIM and the PIN number is incorrect your card won t get blocked immediately although after a couple of reboots OR configuration saves it will 7 1 1 2 Mobile Data On Demand Mobile Data On Demand Enable Mo data timeout sec 10 META Possible values Explanation Enable Enable Disable Mobile Data On Demand function enables you to keep mobile data connection on only when it s in use 2 No data 1 99999999 A mobile data connection will be terminated if no data is transferred timeout sec during the timeout period 7 1 1 3 Force LTE network Porce LTE network Enable Interval sec 00 Fieldname Possible values Explanation 1 Enable Enable Disable Force LTE network function periodically disables mobile data connection for a few seconds to allow the device to switch to LTE 47 2 Interval sec 180 3600 7 1 2 SIM Management network This could because some operators do not support switching from 3G to LTE networks while data is being transferred Interval in seconds the device will use to periodically disable mobile data connection General SIM Management Network Operators Mobile Data Limit SIM Idle Protection SIM Switching Primary Card SIM Switching SIM1 to SIM2 SIM2 to SIM1 MET Possible values i Explanation Primary SIM card SIM 1 SIM 2 2
46. SMS SMS Forwarding To Email SMS Forwarding To HTTP Configuration SMS Forwarding To HTTP Settings Enable Method Get gt URL 192 168 99 250 getpost in Number value name sender Message value name text Extra data pair1 varl Extra data pair 2 var Mode All messages Field name Values Notes Enable Enable Disable Enable mobile message forwarding to HTTP 2 Method POST GET Defines the HTTP transfer method 3 URL 192 168 99 250 getpost index php URL address to forward messages to Number value name sender Name to assign for sender s phone number value in query string 5 Message value name text Name to assign for message text value in query string 6 Extra data pair 1 Var1 17 If you want to transfer some extra information through HTTP query enter variable name on the left field and its value on the right 7 Extra data pair 2 Var2 go If you want to transfer some extra information through HTTP query enter variable name on the left field and its value on the right 8 Mode All messages From listed numbers Specifies which senders messages to forward 111 8 9 5 2 SMS Forwarding to SMS This functionality allows forwarding mobile messages from specified senders to one or several recipients SMS Forwarding To HTTP SMS Forwarding To SMS SMS Forwarding To Email SMS Forwarding To SMS Configuration SMS Forwarding To SMS Settings Enable Add sender number Mode All messages reci
47. Saed2bh2077a54c74 28 6 3 1 11 Access Displays information aboutlocal and remote active connections status Mobile WAN LAN Wireless OpenVPN VRRP Topology Access Access Status Access information Last Connections Local Access Type Status il Active Connections 33H Enabled O 0 00B Enabled 0 1 9 26KB Enabled iF 0 0 00B Remote Access Type Status 1 Active Connections 55H Disabled 2 O0 000B Disabled j o 0 00 6 Enabled de 6 558 12 KB Refresh lt 3 Field Name Sample Value Explanation Type SSH HTTP HTTPS Type of connection protocol 2 Status Disabled Enabled Connection status 3 Port 22 80 443 Connection port used 4 Active 0 0 00B 1 9 26 KB Count of active connections and amount of data transmitted in KB Connections 6 558 12 KB Exclusive to other Modes with Slave 29 6 3 1 11 1 Last Connections Displays information aboutlocal and remote last 3 connections status Access Status Access information Last Local Connections Type 33H Date 2015 05 11 2015 05 11 2015 05 11 2015 03 18 2015 03 18 2015 05 11 2015 05 0 Last Connections 10 36 39 10 37 54 10 38 41 15 56 44 16 31 47 11 36 23 T 09 07 22 2015 05 08 2015 05 08 10 48 52 13 39 11 Last Remote Connections Type SSH Date 2015 05 0 2015 05 0 7 10 36 01 7 10 36 13 IP 192 168 1 167 192 166 1 167 192 166 1 167 192 168 1 167 192 166 1 167 192 168 1 167 192 168 1
48. T BITE GSM Forbidden OMNITEL LT Connect EN Field Name Sample Value i SY EUEL Cl SIM 1 SIM 2 TELE2 1 SIM card in use 2 Current operator Short name Tele LT OMT SIM 1 TELE Numeric name 24603 24602 24601 Network access type Connect 36 26 Connect Connect Connect Shows current SIM card s in use Operator s name of the connected GSM network Note after clicking Scan button You will lose current mobile connection For changing network operator status have to be available There is manual connection to network operator you have to fill numeric name and it s have to be available 49 7 1 4 Mobile Data Limit This function lets you limit maximum amount of data transferred on WAN interface in order to minimize unwanted traffic costs 7 1 4 1 Data Connection Limit Configuration General SIM Management Network Operators Mobile Data Limit SIM Idle Protection Mobile Data Limit Configuration SIM1 SIM2 Data Connection Limit Configuration Enable data connection limit Data limit MB Period Start day 200 Month 1 Field Name Sample value Explanation Enable data Enable Disable connection limit Data limit MB 200 3 Period Month Week Day Start day Start 1 hour 7 1 4 2 SMS Warning Configuration SMS Warning Configuration Enable SMS warning Data limit MB Period Start day Phone number Disables mobile data whe
49. The highest transient overvoltage in the output secondary circuit of used PSU shall not exceed 36V peak The device can be used with the Personal Computer first safety class or Notebook second safety class Associated equipment PSU power supply unit LPS and personal computer PC shall comply with the requirements of standard EN 60950 1 Do not mount or service the device during a thunderstorm To avoid mechanical damages to the device it is recommended to transport it packed in a damage proof pack Protection in primary circuits of associated PC and PSU LPS against short circuits and earth faults of associated PC shall be provided as part of the building installation gt gt gt To avoid mechanical damages to the device it is recommended to transport it packed in a damage proof pack While using the device it should be placed so that its indicating LEDs would be visible as they inform in which working mode the device is and if it has any working problems Protection against overcurrent short circuiting and earth faults should be provided as a part of the building installation Signal level of the device depends on the environment in which it is working In case the device starts working insufficiently please refer to qualified personnel in order to repair this product We recommend forwarding it to a repair center or the manufacturer There are no exchangeable parts inside the device Device connection Automatic Shut
50. This check box will enable router rebooting at the defined days Uploading will be done on that specific time of the day 123 8 13 QoS QoS Quality of Service is the idea that transmission rates error rates and other characteristics can be measured improved and to some extent guaranteed in advance QoS is of particular concern for the continuous transmission of high bandwidth video and multimedia information QoS can be improved with traffic shaping techniques such as packet network traffic port prioritization Quality of Service With QoS you can prionitize network traffic selected by addresses ports or services Interfaces Interface Enable Calculate overhead Half duplex WAN Interface name WAN Classification Rules Destination host Service Target Source host Priority All Normal All Express All Download speed kbit s 1024 Protocol 124 Upload speed kbit s 128 Number of bytes 20 21 25 8C y Delete 9 System 9 1 Configuration Wizard The configuration wizard provides a simple way of quickly configuring the device in order to bring it up to basic functionality The wizard is comprised out of 4 steps and they are as follows Step 1 General change First the wizard prompts you to change the default password Simply enter the same password into both Password and Confirmation fields and press Next Step 1 General Step 2 Mobile Step3 LAN Step 4 WiFi St
51. Use gateway metric 0 Use DNS servers Enable Disable advertised by peer 5 LCP echo failure 0 threshold 6 LCP echo interval 5 7 Inactivity timeout 0 If checked router will not perform NAT masquerade on this interface If unchecked no default route is configured If unchecked the advertised DNS server addresses are ignored Presume peer to be dead after given amount of LCP echo failures use O to ignore failures Send LCP echo requests at the given interval in seconds only effective in conjunction with failure threshold Close inactive connection after the given amount of seconds use O to persist connection 56 7 2 2 2 4 IP Aliases IP aliases are a way of defining or reaching a subnet that works in the same space as the regular network General Setup Advanced Settings IF Address 192 166 99 161 Metmask 255 255 255 0 192 168 99 254 Delete Add As you can see the configuration is very similar to the static protocol only in the example a 99th subnet is defined Now if some device has an IP in the 99 subnet 192 168 99 xxx and the subnets gateway metric is higher and the device is trying to reach the internet it will reroute it s traffic not to the gateway that is defined in common configurations but through the one that is specified in IP aliases General Setup Advanced Settings IF Broadca Delete Add You may also optionally define a broadcast address and a custom DNS server 7 2 2 2
52. With it you can block or open ports alter how traffic is forwarded between LAN and WAN and many more things General Settings Port Forwarding Firewall Traffic Rules Traffic Rules Custom Rules DDOS Prevention raffic rules define policies for packets traveling between different zones for example to reject traffic between certain hosts or to open WAN ports on the router Traffic Rules Name Allow DHCP Relay Allow DHCP Renew Allow Ping Protocol UDP ICMP with type echo request Destination Action Enable Sort From any host in wan To any router IP at Accept Edit port 67 on this device input Delete From any host in wan To any router IP at Accept Edit port 69 on this device input Delete From any host inwan To any routerlP on Accept Edit this device input Delete Field Name SEMEL Ca 1 Name Name of the rule Used for easier rules management purpose only 2 Protocol Protocol type of incoming or outgoing packet 3 Source Match incoming traffic from this IP or range only 4 Destination Redirect matched traffic to the given IP address and destination port 5 Action Action to be taken for the packet if it matches the rule 6 Enable Self explanatory Uncheck to make the rule inactive The rule will not be deleted but it also will not be loaded into the firewall 7 Sort When a packet arrives it gets checked for a matching rule If there are several rules that match the rule the first one is ap
53. age 0 66 Peak 0 69 15 Minutes Load 0 37 Average 0 37 Peak 0 37 Field Name Sample Value 1 5 15 Minutes 0 83 Time interval for load averaging color of the diagram Load 2 Average 0 86 Average CPU load value over time interval 1 5 15 Minute 3 Peak 1 50 Peak CPU load value of the time interval 35 6 7 3 Traffic This tri graph illustrates average system load over the course of 3 minutes each new measurement is taken every 3 seconds The graph consists out of three color coded graphs each one corresponding to the average system load over 1 red 5 orange and 15 yellow most recent minutes Although not graphed the page also displays peak loads over 1 5 and 15 minutes Mobile Signal Load Traffic Wireless Connections Realtime Traffic Bridge LAN WAN Wired Mobile WiFi all ul Y A AA A 3 minutes window 3 seconds interval Inbound 3 85 Kbits s Average 4 80 Kbits s Peak 22 25 Kbits s 0 48 KBytes s 0 61 KBytes s 2 79 KBytes s Outbound 0 73 Kbits s Average 9 33 Kbits s Peak 257 74 Kbits s 0 09 KBytes s 1 17 KBytes s 35 97 KBytes s Field Name Explanation Bridge Cumulative graph which encompasses wired Ethernet LAN and the wireless network 2 LAN Graphs the total traffic that passes through both LAN network interfaces 3 WAN Wired Graphs the amount of traffic which passed through the current active WAN connection 4 Mobile Graphs the amount of traffic which passed through th
54. age becouse they are needed when adding device to monitoring system General Troubleshoot Backup Access Control Diagnostics MAC Clone Overview Monitoring Remote Monitoring Remote Access Control Enable remote monitoring Status Monitoring Disabled Router LAN MAC acres s 00 7E 42 00 00 00 Router serial number 00000001 MN ETE Explanation 1 Enable remote monitoring Enables the device to connect to remote monitoring system 9 4 User scripts Advanced users can insert their own commands that will be executed at the end of booting process Put your custom commands here that should be executed once the system init finished By default this file does nothing exitQ Upload script file Browse No file selected Upload Backup script file Download 134 9 5 Safe mode Router contains two firmware images in its internal flash memory Master firmware image is the default one and is constantly used by the user Another is safe mode firmware which is the backup of the master firmware Safe mode firmware is similar to the master firmware but in order to reduce its size some functions like Wireless Hotspot VRRPD SNMP Web Filterare removed Safe mode firmware can be recognized from different logo and reduced menu in the WebUI The sole purpose of safe mode firmware is to allow the user to update master firmware and in doing so toremove all previous configuration settings To make safe mode useful it is str
55. an INITIAL CONTACT message Set the device identifier for IPSec tunnel E g You can use your IP address Set the device identifier for IPSec tunnel In case RUT has Private IP its identifier should be its own LAN network address In this way the RoadWarrior approach is possible Specify the authentication secret string Secret s length depends on selected algorithm eg 128 bit long secret is 16 characters in length 128 bits 8 bits one character 16 Set remote IPSec server IP address If the RUT does not receive DPD ACK message from its IPSec peer RUT shuts the connection down Select delay between peer acknowledgement requests 87 Phase 1 and Phase 2 must be configured accordingly to the IPSec server configuration thus algorithms authentication and lifetimes of each phase must be identical Phase The phase must match with another incoming connection to establish IPSec Phase 1 Phase 2 Encryption algorithm 3DES Hash algorithm SHA1 Y DH group MODP 66 Y Lifetime sec 28800 Phase The phase must match with another incoming connection to establish IPSec Phase 1 Phase 2 Encryption algonthm 3DES PFS group MODP768 Y Authentication HMAC SHA1 Y Life time sec 3600 Remote Network Secure Group Set the remote network Secure Policy Database information It must be LAN network of remote IPSec host Remote Network Secure Group IP address Subnet mask Tunnel Keep Alive Allo
56. an be released Start of the reset to defaults will be indicated by flashing of all 5 signal strength LEDs together with red connection status LED SIM PIN on the main SIM card is the only user parameter that is kept after reset to defaults 10 2 Safemode Router contains two firmware images in its internal flash memory One is master firmware which is the default firmware on is constantly used by the user Another is safemode firmware which plays the role of the backup to the master firmware Safemode firmware has most function of master firmware but in order to reduce its size Wireless Hotspot VRRPD SNMP and Web Filter function were removed Safemode firmware can be recognized from different logo and reduced menu in the WebUI The sole purpose of safemode firmware is to allow the user to update master firmware on the routerandto reset all previous configuration changes while doing so To make safemode useful it is strongly recommended to back up configuration of master firmware when the user is satisfied with the setup described in Klaida Nerastas nuorodos Saltinis section After configuration backup is created and it can be tested by requesting safemode 10 3 Bootloader s WebUI Bootloader also provides a way to recover the router functionality when the firmware is damaged To make it easierto use bootloader has its own webserver that can be accessed with any web browser Procedure for starting bootloader s webserver Automatically
57. an gateway 217 147 40 44 network wan broadcast 21 7 147 40 255 Phone number 3 multiple access communications network are enabled to receive datagrams Authorization method Mo authorization _ Field name Values Notes 1 Message text field Generated configuration Here you can review and modify configuration 104 message message text to be sent 2 Phone number 3 7060000001 A phone number of router which will receive the configuration 3 Authorization method No authorization What kind of authorization to use for remote By serial configuration By router admin password 8 8 6 Statistics In statistics page you can review how much SMS was sent and received on both SIM card slots You can also reset the counters SMS Utilities Call Utilities User Groups SMS Management Remote Configuration statistics Statistics SMS Statistics SIM Card Sent SMS Received SMS SIM 1 O 0 8 9 SMS Gateway 8 9 1 Post Get Configuration Post Get Configuration allows you to perform actions by writing these requests URI after your device IP address Post Get Email To SMS Scheduled SMS Auto Reply SMS Forwarding SMPP Post Get Configuration SMS Post Get Settings Enable ul Username admin Password GGAS Field name Values Notes Enable Enabled Disabled Enable SMS management functionality through POST GET 2 Username admin User name used for authorization 3 Password i Password used for authorizatio
58. art OpenVPN service if no ICPM request is received during the window time slice Example Keep Alive 10 60 11 Remote network IP address of remote network an actual LAN network behind another VPN endpoint IP address 12 Remote network Subnet mask of remote network an actual LAN network behind another VPN endpoint IP netmask 13 Certificate Certificate authority is an entity that issues digital certificates A digital certificate certifies the authority ownership of a public key by the named subject of the certificate 14 Client certificate Client certificate is a type of digital certificate that is used by client systems to make authenticated requests to a remote server Client certificates play a key role in many mutual authentication designs providing strong assurances of a requester s identity 15 Client key Authenticating the client to the server and establishing precisely who they are After setting any of these parameters press Save button Some of selected parameters will be shown in the configuration list table You should also be aware of the fact that router will launch separate OpenVPN service for every configuration entry if it is defined as active of course so the router has ability to act as server and client at the same time 8 5 2 IPSec The IPsec protocol client enables the router to establish a secure connection to an IPsec peer via the Internet IPsec is supported in two modes transport and tunnel Tran
59. ation Enable Enable Disable Enables the rule 2 Action Reboot Action to be taken after receiving a call you can choose from following actions Reboot Send status Switch WiFi Switch mobile data switch output 3 Allowed users From all numbers Allows to limit action triggering from all users to user groups or single user numbers 4 Get status via SMS Enable Disable Enables automatic message sendingwith router status information after reboot after reboot 8 8 3 User Groups Gives possibility to group phone numbers for SMS management purposes You can then later use these groups in all related SMS functionalities This option helps if there are several Users who should have same roles when managing router via SMS You can create new user group by entering group name and clicking on Add button in Create New User Group section After that you get to Modify User Group section Modify User Group Group name Group Phone number 37061111111 Field name ECTS EEE 1 Group name Group1 Your name of the phone numbers group 2 Phone number 37061111111 Number to add to users group must match international format You can add many phone numbers fields by clicking on the green symbol 99 8 8 4 SMS Management 8 8 4 1 Read SMS In SMS Management page Read SMS you can read and delete received stored SMS Read SMS Send SMS SMS Messages SMS per page 10 Date Sender There are no messages Showing 1to1 of
60. ation 1 WAN MAC address Enter new WAN MAC address 132 9 3 6 Overview General Troubleshoot Backup Access Control Diagnostics MAC Clone Overview Monitoring Overview Page Configuration Overview Tables Mobile BMS counter system Wireless WAN Local network Access control Recent system events Recent network events Teltonika_Router Hots pot VRRP Monitoring Field name EEE SECTA E E e e sp 0 O Mobile SMS counter System Wireless WAN Local network Access control Recent system events Recent network events lt Hotspot name gt Hotspot VRRP Monitoring Check box to show Mobile table in Overview page Check box to show SMS counter table in Overview page Check box to show System table in Overview page Check box to show Wireless table in Overview page Check box to show WAN table in Overview page Check box to show Local network table in Overview page Check box to show Access control table in Overview page Check box to show Recent system events table in Overview page Check box to show Recent network events table in Overview page Check box to show Hotspot instance table in Overview page Check box to show VRRP table in Overview page Check box to show Monitoring table in Overview page 133 9 3 7 Monitoring Monitoring functionality allows your router to be connected to remote monitoring system Also Mac address and router serial numbers are displayed for conveniencei n this p
61. bers spaces and special symbols Capital letters also matters With this setting enabled router will keep 3G state even after reboot If it is not selected router will revert 3G state after reboot Function disabled by default SMS text can contain letters numbers spaces and special symbols Capital letters also matters You can add as many phone numbers as you need Dropdown list with additional rows will show up if you click on add icon at the end of phone number row e 3G settings must be configured correctly If SIM card has PIN number you must enter it at Network gt 3G settings Otherwise SMS reboot function will not work e Sender phone number must contain country code You can check sender phone number format by reading the details of old SMS text massages you receiving usually 98 8 8 2 Call Utilities Allows users to Call the router in order to perform one of the actions Reboot Get Status turn WiFi ON OFF turn Mobile data ON OFF Only thing that is needed is to call routers SIM card number from allowed phone user and RUT950 will perform all actions that are assigned for this particular number To configure new action on call rules you just need to click the Add button in the New Call rule section After that you get in to the Modify Call Rule section Modify Call Rule Enable Action Reboot Allowed users From all numbers Gel status via SMS after reboot METI E Explan
62. cipient s phone number Message text Test SMS 1 156 characters left Message sending Interval Hour Minute Back to Overview Field name Values Notes Enable Enable Disable Activates periodical messages sending 2 Recipient s phone 37060000001 Phone number that will receive messages number 3 Message text Test Message that will be send 4 Message sending Day Message sending period interval Week Month Year 109 8 9 4 Auto Reply Configuration Auto reply allows replying to every messagethat router receives to everyone or to listed numbers only Post Get Configuration Email To SMS Scheduled Messages Auto Reply SMS Forwarding Auto Reply Configuration Reply Configuration Enable Dont save recieved message Mode Everyone Message Field name Values Notes Enable Enable Disable Enable auto reply to every received mobile message 2 Don t save received Enable Disable If enabled received messages are not going to be message saved 3 Mode Everyone Specifies from which senders received messages are Listed numbers going to be replied 4 Message Text Message text that will be sent in reply 110 8 9 5 SMS Forwarding 8 9 5 1 SMS Forwarding To HTTP This functionality forwards mobile messages from all or only specified senders to HTTP using either POST or GET methods Post Get Email To SMS scheduled SMS Auto Reply SMS Forwarding SMPP SMS Forwarding To HTTP SMS Forwarding To
63. d station 20MHz 6 3 1 6 OpenVPN Client must be updated Displays openVPN connection client side information Mobile WAN LAN Wireless OpenVPN VRRP Topology Access OpenVPN Information Client_Client OpenVPN Status Enabled Client 172 16 1 6 Mask 255 255 255 255 Server IP 172 16 1 0 Time Oh 48m 43s Status Enabled OpenVPN status Type Client A type of OpenVPN instance that has been created IP 172 16 1 6 Remote virtual network s IP address Mask 255 255 255 255 Remote virtual network s subnet mask Server IP 172 16 1 0 Remote virtual server s IP address Time Oh 48m 43s For how long the connection has been established _ FieldName SampleValue Explanation 1 2 3 4 5 6 25 6 3 1 7 OpenVPN Server Displays openVPN connection server side information Mobile WAN LAN Wireless OpenVPN VRRP Topology Access OpenVPN Information Server_Server OpenVPN status Enabled Type Server IP 172 16 1 1 Mask 255 255 255 255 Time 20h 13m Ys Clients Information Common Name Real Address Virtual Address Connection Since Client 192 168 99 91 50850 172 16 1 6 2015 05 15 08 07 15 MN Field Name Sample Value Explanation 1 Status Enabled OpenVPN status 2 Type Server A type of OpenVPN instance that has been created 3 IP 172 16 1 1 Remote virtual network s IP address 4 Mask 255 255 255 255 Remote virtual network s subnet mask 5 Time 20h 13m 9s For how long the connection has been established 6 3 1 8 C
64. down i Wall Outlet Device L AN D 0 le sits n 230V AC AC DC ov B UTP cable 1 Introduction Thank you for purchasing a RUT950 LTE router RUT950 is part of the RUT9xx series of compact mobile routers with high speed wireless and Ethernet connections This router is ideal for people who d like to share their internet on the go as it is not restricted by a cumbersome cable connection Unrestricted but not forgotten the router still supports internet distribution via a broadband cable simply plug it in to the wan port set the router to a correct mode and you are ready to browse 2 Specifications 2 1 Ethernet e IEEE 802 3 IEEE 802 3u standards e 3xLAN 10 100Mbps Ethernet ports e 1x WAN 10 100Mbps Ethernet port e Supports Auto MDI MDIX 2 2 Wi Fi e JEEE 802 11b g n WiFi standards e 2x2 MIMO e AP and STA modes e 64 128 bit WEP WPA WPA2 WPA amp WPA2 encryption methods e 2 401 2 495GHz Wi Fi frequency range e 20dBm max WiFi TX power e SSID stealth mode and access control based on MAC address 2 3 Hardware e High performance 560 MHz CPU with 128 Mbytes of DDR2 memory e 5 5 2 5mm DC power socket e Reset restore to default button e 2xSMA for LTE 2 x RP SMA for WiFi antenna connectors e 4x Ethernet LEDs 1 x Power LED e 1x bi color connection status LED 5 x connection strength LEDs 2 4 Electrical Mechanical amp Environmental e Dimensions HxWxD 80mm x 106mm x 46mm e Weight 2
65. e Host name New Password Confirm new password Language IPv6 support Show mobile info at login page Show WAN IP at login page On Off leds 10 Restore to default Enter your new router name Enter your new host name Enter your new administration password Changing this password will change SSH password as well Re enter your new administration password Website will be translated into selected language Enable IPv6 support on rounter Show operator and signal strength at login page Show WAN IP at login page If uncheck all routers leds are off Router will be set to factory default settings 128 Important notes The only way to gain access to the web management if you forget the administrator password is to reset the device factory default settings Default administrator login settings are User Name admin Password admin01 9 3 2 Troubleshoot General Troubleshoot Backup Access Control Diagnostics MAC Clone Overview Troubleshoot Settings Troubleshoot System log level Debug Save login RAM memory Include GSMD information y Include PPPD information Include chat script information Include network topology information System log Show Kernel log Show Troubleshoot file Download Field name Explanation 1 System log level Debug level should always be used unless instructed otherwise 2 Save log in Default RAM memory should always be used unless instructed otherwise 3 Include GSMD informati
66. e Step 3 LAN Step 4 WiFi Step Wireless Now let s configure your wireless radio Note if you are currently connecting via wireless and you change parameters like SSID encryption etc your connection will be dropped and you will have to reconnect with a new set of parameters WiFi Configuration Enable wireless y SSID Teltonika_Router Mode 802 11g n M Channel Auto Encryption No encryption Country Code 00 World Skip Wizard When you re done with the configuration wizard press Save 9 2 Profiles Router can have virtually unlimited number or configuration profiles which you can later apply either via WebUI or via SMS When you add New Profile you save current full configuration of the router Note profile names cannot exceed 10 symbols Configuration Profiles Manage Profiles Profile name Add profile Profile name Created Action Apply 127 9 3 Administration 9 3 1 General General Troubleshoot Administration Settings Router Name And Host Name Backup Access Control Diagnostics MAC Clone Overview Monitoring Router name Teltonika Administrator Password ost mame Teltonika New password Confirm new password Language Settings IPv6 Support Login Page Language English Erable Show mobile info at login page Show WAN IP at login page Leds indication Restore Default Settings Enable Restore to ce fault ETT Explanation V oND P Router nam
67. e mobile network connection 5 Wi Fi Shows the amount of traffic that has been sent and received through the wireless radio 36 6 7 4 Realtime Wireless Displaysthe wireless radio signal signal noise and theoretical maximum channel permeability Average and peak signal levels are displayed Wireless Realtime Wireless Teltonika_Router_AP 43 dBm 62 dBm 3 minutes window 3 seconds interval Signal 46 dBm SNR 49 dBm Average 45 dBm SNR 49 dBm Peak 31 dBm SNR 64 dBm Noise 95dBm Average 95dBm Peak 95dBm O MBit s O MBit s O MBit s 3 minutes window 3 seconds interval Phy Rate 1 MBit s Average 1 MBit s Peak 1 MBit s 37 6 7 5 Realtime Connections Displays currently active network connections With the information on network protocol source and destination addresses transfer speed Connections Realtime Connections This page gives you an overview of currently active network connections Active Connections 3 minutes window 3 seconds interval Peak 2 Peak 2 Peak 1 Source Destination Transfer 182 1858 90 35 137 182 158 908 255 137 253 35 KB 3226 Pkts 182 156 00 35 40042 182 168 98 1 28 80 110 60 KB 618 Pkts 182 168 28 105 137 182 158 908 255 137 43 27 KB 508 Pkts 0 0 0 0 0 224 0 0 1 0 2 34 KB 75 Pkts j 38 6 8 Mobile Traffic Displays mobile connection data sent and received in KB of this day week month Today Cu
68. e router Will show 0 if no devices are trying to connect or are currently maintaining a connection The physical maximum possible throughput that the routers radio can handle Keep in mind that this value is cumulative The bitrate will be shared between the router and other possible devices that connectto the local AP Displays information about wireless connection Access Point mode Mobile WAN LAN Wireless Wireless Information Wireless Information Channel Country code OpenVPN VRRP Topology Access 11 2 46 GHz 00 World Wireless Status SSID Teltonika Router Test Mode Associated Stations MAC Address FC C2 DE 91 36 46 Device Name Wireless AP information Field Name Sample Value Explanation Channel 2 Country code 3 SSID 4 Mode 5 Encryption 6 Wireless MAC 7 Signal Quality 8 Bitrate 11 2 46 GHz 00 World Teltonika_Router_Test Access Point AP No Encryption 00 1E 42 00 00 03 80 54 0 MBit s Access Point AP android Saed2b207fab4cre Encryption Wireless MAC Signal quality Bit rate no encryption OO 1E 42 00 11 03 80 54 0 MBits Signal RX Rate TX Rate 54 dBm 24 0 Mbits MES 0 20MH2 54 0 Mbits MCS 0 20MHz Refresh The channel which is used to broadcast the SSID and to establish new connections to devices Country code The SSID that is being broadcast Other devices will see this and will be able to use to connect to your wire
69. enabled original senders number will be added at the end of the forwarded message Text that will be inserted in email Subject field Your SMTP server s address Your SMTP server s port number Enables the use of cryptographic protocols enable only if your SMTP server supports SSL or TLS Your full email account user name Your email account password Your address that will be used to send emails from Address that you want to forward your messages to Choose which senders messages to forward to email 8 9 6 SMPP SMPP Short Message Peer to Peer server allows clients to connect to router using SMPP protocol and then send SMS via mobile network This SMPP server implementation allows sending messages but receiving incoming messages is not supported for now SMPP Server Configuration Transmitter Configuration Enable User name admin Password 0600000090 er port Field name Values Notes Enable Enable Disable Enables SMPP server on router 2 Username admin User name which clients will need to connect to SMPP server 3 Password oaa Password which clients will need to connect to SMPP server 4 Server port 7117 Server port to be used for SMPP communication You can choose any unused port 0 65535 114 8 10 CLI CLI or Comand Line Interface functionality allows you to enter and execute comands into routers terminal GS TELTONIKA Status Network Services System Teltonika login root Password BusyBox v1 1
70. end SMS Custom message Recipient s phone number 123456789 43 Field Name Sample Value Explanation Enable Enable Disable 2 Event type Reboot 3 Event subtype After unexpected shut down 4 Action Send SMS 5 Custom message Enable Disable 6 Recipient s 123456789 phone number 6 10 5 Reporting Configuration Make a rule active inactive Select event type about which occurrence information will be sent Specify event subtype to activate the rule Action to perform when an event occurs When action occurs custom message will be send For whom you want to send a SMS Displays configured services for event reporting allows to enable disable view and modify the parameters All Events System Events Network Events Events Log Files Report Create rules for Events Log reporting Events Log Report Rules Events log Transfer type system Email Network All rules are executed in current ist order Events Log Reporting Configuration Events log Transfer type system T Email Events Reporting Reporting Configuration Enable Delete 44 6 10 5 1 Events Log Report Configuration Allows to change the configuration of periodic events reporting to email or ftp All Events System Events Network Events Events Reporting Reporting Configuration Events Log Report Configuration Modify events log file report rule Enable Events log Transfer type Compress file Host 192 168 123 123 Username Userna
71. eneral Setup Advanced Settings Dynamic DHCP Y Force IP netmask DHCP Options MESES E Dynamic DHCP Checked Unchecked Dynamically allocate client addresses if set to 0 only clients present in the ethers files are served 2 Force Checked Unchecked Forces DHCP serving even if another DHCP server is detected on the same network segment 3 IP netmask You can override your LAN netmask here to make the DHCP server think it s serving a larger or a smaller network than it actually is 4 DHCP Options Additional options to be added for this DHCP server For example with 26 1470 or option mtu 1470 you can assign an MTU per DHCP Your client must accept MTU by DHCP for this to work 7 4 VLAN On this page you can configure your virtual LAN settings either Port based or Tag based 7 4 1 VLAN Networks 7 4 1 1 VLAN Functionality VLAN Functionality VLAN mode Disabled i Field Name i Sample Value Explanation 1 VLAN mode Disabled Port based Lets user to choose the VLAN mode or disable VLAN functionality Tag based 61 7 4 1 2 VLAN Network List If VLAN mode Port based VLAN Networks List LAN ports Wireless access points 2 Teltonika Router LAN None Delete Field Name j Sample Value Explanation VLAN ID 1 VLAN Identification number allowed in range 1 4094 2 LAN ports on Switches each LAN port between ON OFF or tagged state 1 2 3 3 Wireless Enabled Disabled Assign selected access
72. ep General First let s change your router password from the default one Password settings New password eeeeeee Confirm new password Time zone settings Current system time 2015 05 13 06 59 23 Syne with browser Time zone UTC Skip Wizard 125 Step 2 Mobile Configuration Next we have to enter your mobile configuration On a detailed instruction on how this should be done see the Mobilesection under Network Step1 General Step 2 Mobile Step3 LAN Step 4 WiFi Mobile Configuration Next let s configure your mobile settings so you can start using internet right away Mobile Configuration SIM 1 Operator profile APN PIN number Dialing number 99 Authentication method None Service mode 4G LTE preferred gt Show mobile info at login page Skip Wizard Step 3 LAN Next you are given the chance to configure your LAN and DHCP server options For a detailed explanation see LAN under Network Step 1 General Step 2 Mobile Step3 LAN Step 4 WiFi Step LAN Here we will setup the basic settings of a typical LAN configuration The wizard will cover 2 basic configurations static IP address LAN and DHCP client General Configuration IP address 192 168 1 1 Netmask Enable DHCP Start Limit Lease time Skip Wizard 126 Step 4 Wi Fi The final step allows you to configure your wireless settings in order to set up a rudimentary Access Point Step 1 General Step 2 Mobil
73. es communication across diverse interconnected networks OK Cancel 5 Use the Following ONS server addresses Validate settings upon exit Pa o cancel 7 If you choose to configure manually here s what you do First select an IP address Due to the stock settings that your router has arrived in you can only enter an IP in the form of 192 168 1 XXX where XXX is a number in the range of 2 254 192 168 1 2 192 168 1 254 192 168 1 155 and so on are valid 192 168 1 0 192 168 1 1 192 168 1 255 192 168 1 699 and so on are not Next we enter the subnet mask this has to be 255 255 255 0 Then we enter the default gateway this has to be 192 168 1 1 Finally we enter primary and secondary DNS server IPs One will suffice though it is good to have a secondary one as well as it will act as a backup if the first should fail The DNS can be your routers IP 192 168 1 1 but it can also be some external DNS server like the one Google provides 8 8 8 8 14 Wireless heho Conrecti n Internet Protocol Version 4 TOP IPy4 Properties Disable General Connect Disconnect You can get IP settings assigned automatically if your network supports Digno this capability Otherwise You need to ask your network administrator For the appropriate IP settings Bridge Connections l l Creste Shortcut Obtain an IP address automatically Use the Following IP address
74. etwork IP netmask Certificate authority Client certificate Client key LI TUN tunnel UDP 1194 BF CBC 125 default w 215 45 60 66 TLS Infinite 10 60 10 0 0 0 255 255 255 0 A A A Es j There can be multiple server client instances 84 OpenVPN IPsec GRE Tunnel PPTP L2TP OpenVPN Instance Client _ demo Main Settings Enable TUN TAP Protocol Port LZO Encryption Authentication Remote host IP address Resolve retry Keep alive Remote network IP address Remote network IP netmask Certificate authority Client certificate Client key LI TUN tunnel UDP 1194 BF CBC 128 default TLS 215 45 60 66 Infinite 10 60 Browse Browse Browse You can set custom settings here according to your VPN needs Below is summary of parameters available to set Field name Explanation 1 Enabled Switches configuration on and off This must be selected to make configuration active 2 TUN TAP Selects virtual VPN interface type TUN is most often used in typical IP level VPN connections however TAP is required to some Ethernet bridging configurations 3 Protocol Defines a transport protocol used by connection You can choose here between TCP and UDP 4 Port Defines TCP or UDP port number make sure that this port allowed by firewall 5 LZO This setting enables LZO compression With LZO compression your VPN connection w
75. h 17 18h 18 18h 18 20h 20 2 1h 21 22h 22 23h 23 24h Internet access allowed ie intenet access blocked 8 11 3 Logging General Restricted Internet Access Logging Landing Page Radius Server Wireless Hotspot Logging Settings Logging To FTP Settings Enable Server address your ftp server User name username Password Port Field name Explanation 1 Al Peete fh Enable Server address Username Password Port Check this box if you want to enable wireless traffic logging This feature will produce logs which contain data on what websites each client was visiting during the time he was connected to your hotspot The IP address of the FTP server to which you want the logs uploaded The username of the user on the aforementioned FTP server The password of the user The TCP IP Port of the FTP server 117 FTP Upload Settings YOU can configure your timing settings forthe log Upload via FTP feature here Mode Hours Minutes Days Fixed y G 15 C Monday Tuesday C wednesday l Thursday l Friday F Saturday E Sunday WET Explanation The mode of the schedule Use Fixed if you want the uploading to be done on a specific time of the day Use Interval If you want the uploading to be done at fixed interval This field specifies on what weekdays the uploading should be done The entry format is numbers from 1 to 7 separated by only commas E g If you want to
76. he smallest packet size that can be fragmented and transmitted by multiple frames In areas were interference is a problem setting a lower fragment threshold might help reduce the probability of unsuccessful packet transfers thus increasing speed 5 RTS CTS Threshold 2346 Request to send threshold It can help resolve problems arising when several access points are in the same area contending 64 7 5 1 2 Interface 7 5 1 2 1 Security Encryption There are many modes of encryption a distinctive classis pointed out below Interface Configuration General Setup Wireless Security MAC Filter Advanced Settings Encryption WWPA PSKAVPALPSE mixed mode Y Key BEEBE First select an encryption method TKIP CCMP TKIP amp CCMP and auto Note Some authentication methods won t support TKIP and TKIP amp CCMP encryption After you ve selected your encryption method you should enter your passphrase which must be at least 8 characters long 7 5 1 2 2 MAC Filter Interface Configuration General Setup Wireless Security MAC Filter Advanced Settings MAC address filter Allow listed only MAC list 00 11 240339 44 55 Filter you can define a rule for what to do with the MAC list you ve defined You can either allow only the listed MACs or allow ALL but forbid only the listed ones 7 5 1 2 3 Advanced settings Separate clients prevents Wi Fi clients from communicating with each other on the sane subnet Interface
77. hone number Get status Enable SMS Status SMS text Sender phone number Get Information Wireless On Off via SMS Wireless on SMS text Wireless on SMS text Sender Phone number Write to config Mobile Settings via SMS SMS text Sender phone number This check box will enable and disable SMS reboot function SMS text which will reboot router Phone number of person who can reboot router via SMS message Check this to receive connection status via SMS after a reboot This check box will enable and disable SMS status function SMS text which will send routers status Phone number of person who can receive router status via SMS message Data state Operator Connection type Signal Strength Connection State IP This check box will enable and disable this function SMS text which will turn Wi Fi ON SMS text which will turn Wi Fi OFF Phone number of person who can receive router status via SMS message Permanently saves Wi Fi state This check box will enable and disable mobile settings function Key word that will precede actual configuration parameters Phone number of person who can receive router status via SMS message 97 If you select Get Status it will send routers status once it has rebooted and is operational again For Get Status description see item No 4 of this table SMS text can contain letters numbers spaces and special symbols Capital letters also matters You can add a
78. iguration General Setup Wireless Security MAC Filter Advanced Settings SSID Teltonika_Router Hide SslD Here you can see the Overview of the wireless configuration It is divided into two main sections device and interface One is dedicated to configuring hardware parameters other software Here you can toggle the availability of the wireless radio and the physical channel frequency 63 Important note As seen in the picture you should always Save before toggling the radio on and off ESSID Your wireless networks identification string This is the name of your Wi Fi network When other Wi Fi capable computers or devices scan the area for Wi Fi networks they will see your network with this name Hide ESSID Will render your SSID hidden from other devices that try to scan the area 7 5 1 1 Device 7 5 1 1 1 Advanced Settings General Setup Advanced Settings Mode 802 11g n Y Country code 00 World Transmit power 100 Y Fragmentation threshold 2346 RTS CTS threshold 2346 Here you can configure more advanced parameters a Sample value Explanation Mode Auto b g g n Different modes provide different throughput and security options 2 Country Code Any ISO IEC 3166 alpha2 Selecting this will help the wireless radio configure its country code internal parameters to meet your countries wireless regulations 3 Transmit power 20 40 60 80 100 Select WiFi signal power Frag Threshold 2346 T
79. ill generate less network traffic however this means higher router CPU loads Use it carefully with high rate traffic or low CPU resources 6 Encryption Selects Packet encryption algorithm z Authentication Sets authentication mode used to secure data sessions Two possibilities you have here Static means that OpenVPN client and server will use the same secret key which must be uploaded to the router using Static pre shared key option Tis authentication mode uses X 509 type certificates Depending on your selected OpenVPN mode client or server you have to upload these certificates to the router 85 For client Certificate Authority CA Client certificate Client key For server Certificate Authority CA Server certificate Server key and Diffie Hellman DH certificate used to key exchange through unsafe data networks All mention certificates can be generated using OpenVPN or OpenSSL utilities on any type host machine Certificate generation and theory is out of scope of this user manual 8 Remote host IP IP address of OpenVPN server applicable only for client configuration address 9 Resolve Retry Sets time in seconds to try resolving server hostname periodically in case of first resolve failure before generating service exception 10 Keep alive Defines two time intervals one is used to periodically send ICMP request to OpenVPN server and another one defines a time window which is used to rest
80. implementation of VPN supported by the RUT950 router A picture below demonstrates default OpenVPN configurations list which is empty so you have to define a new configuration to establish any sort of OpenVPN connection To create it enter desired configuration name in New configuration name field select device role from Role drop down list For example to create an OpenVPN client with configuration name Demo select client role name it Demo and press Add New button as shown in the following picture OpenVPN IPsec GRE Tunnel PPTP L2TP OpenVPN OpenVPN Configuration Tunnel name TUN TAP Protocol Enabled There are no open VPN configurations yet Role Client Y New configuration name demo OpenVPN IPsec GRE Tunnel PPTP L2TP New OpenVPN instance was created successfully Configure it now OpenVPN OpenVPN Configuration Tunnel name TUN TAP Protocol Enabled Client_demo Tun_c_demo UDP Mo lole Client New configuration name To see at specific configuration settings press edit button located in newly created configuration entry A new page with detailed configuration appears as shown in the picture below TLS client example 83 OpenVPN IPsec GRE Tunnel PPTP L2TP OpenVPN Instance Client_demo Main Settings Enable TUN TAP Protocol Port LZO Encryption Authentication Remote host IP address Resolve retry Keep alive Remote network IP address Remote n
81. ion 2 Remote endpoint IP address Specify remote WAN IP address 3 Remote network IP address of LAN network on the remote device 4 Remote network netmask Network of LAN network on the remote device Range 0 32 5 Local tunnel IP Local virtual IP address Can not be in the same subnet as LAN network 6 Local tunnel netmask Network of local virtual IP address Range 0 32 7 MTU Specify the maximum transmission unit MTU of a communications protocol of a layer in bytes 8 TTL Specify the fixed time to live TTL value on tunneled packets 0 255 The O is a special value meaning that packets inherit the TTL value 9 PMTUD Check the box to enable the Path Maximum Transmission Unit Discovery PMTUD status on this tunnel 10 Enable Keep alive It gives the ability for one side to originate and receive keepalive packets to and from a remote router even if the remote router does not support GRE keepalives 11 Keep Alive host Keep Alive host IP address Preferably IP address which belongs to the LAN network on the remote device 12 Keep Alive interval Time interval for Keep Alive Range 0 255 90 8 5 4 PPTP Point to Point Tunneling Protocol PPTP is a protocol set of communication rules that allows corporations to extend their own corporate network through private tunnels over the public Internet Effectively a corporation uses a wide area network as a single large local area network A company no longer needs to lease i
82. ion if it is lost then router tries to connect via backup with higher priority and if that fails too router tries the second backup option WAN Main WAN Backup WAN Ethernet In later sections it will be explained in detail how to configure your router to work in a desired mode 5 Powering Options The RUT9xx router can be powered from power socket or over Ethernet port Depending on your network architecture you can use LAN 1 port to power the device LANI LAN2 RUT9xx can be powered from power socket and over Ethernet simultaneously Power socket has higher priority meaning that the device will draw power from power socket as long as it is available When RUT9xx is switching from one power source to the other it loses power for a fraction of the second and may reboot The device will function correctly after the reboot Signal ID T3634 Color T3636 Color Pins on plug face socket is reversed o white green stipe white orange stripe green solid orange solid white orange sinpe white green sinp e Hu sold blue sold 7 30VDC 5 whitefblue singe whiteblue sinpe RX a _ 1 orange solid green solid GROUND t HH white brown sinpe wiefbrown sinpe GROUND TI i brown solid brown solid 16 Though the device can be powered over Ethernet port it is not compliant with IEEE 802 3af 2003 standard Powering RUT9xx from IEEE 802 3af 2003 power supply will damage the device as it is not rated for input voltages
83. is Month and Monday Sunday if period is week Specifies the hour for SIM idle protection activation Specifies the minute for SIM idle protection activation Enable Enable Disable Enables SIM idle protection 2 Period Month Week 3 Day 1 31 Monday Sunday Hour 1 24 Minute 1 60 Host to ping 8 8 8 8 Ping package size 56 cops pen A E Ping requests 2 Specifies IP address or domain name to send data packages to Specifies ping Package size in bytes Specifies requests to be sent 51 7 1 5 2 Te st Tests the functioning of idle protection with your parameters entered at settings tab General SIM Management Network Operators Mobile Data Limit SIM Idle Protection Settings Test SIM Idle Protection Test SIM state OK inserted Not inserted Field Name Sample value Explanation SIM SIM1 SIM2 Displays SIM number 2 SIM state OK inserted Displays status of the SIM card 3 HostIP 1 31 Monday Displays the IP of the Host Sunday 4 Ping Success Displays status of ping attempt 7 2 WAN 7 2 1 Operation Mode WAN Your WAN configuration determines how the router will be connecting to the internet Operation Mode Main WAN Backup WAN Interface Name Protocol IP Address Mobile DHCP 10 0 139 227 Wired INE Explanation Main WAN Switches between Mobile Wired and WiFi interface for main WAN 2 Backup WAN Let s user to select one or two interfaces for WAN backup 3 Interface 4 Protocol
84. ite Name of the rule Used purely to make it easier to manage rules 2 Protocol TCP UDP TCP You may specify multiple by selecting custom and then UDP ICMP Custom entering protocols separated by space 3 Source zone LAN VPN WAN Match incoming traffic from this zone only 4 Source MAC address Any Match incoming traffic from these MACs only 5 Source IP address any Match incoming traffic from this IP or range only 7 Source port any Match incoming traffic originating from the given source port or port range on the client host only 68 8 External IP address 9 External port 10 Internal zone 11 Internal IP address 12 Internal port 13 Enable NAT loopback 14 Extra arguments 7 6 4 Traffic Rules any 12345 LAN VPN WAN 192 168 1 109 80 Enable Disable Match incoming traffic directed at the given IP address only Match incoming traffic directed at the given destination port or port range on this host only Redirect matched incoming traffic to the specified internal zone Redirect matched incoming traffic to the specified internal host Redirect matched incoming traffic to the given port on the internal host NAT loopback enables your local network i e behind your router modem to connect to a forward facing IP address such as 208 112 93 73 of a machine that it also on your local network Passes additional arguments to iptables Use with care The traffic rule page contains a more generalised rule definition
85. itia a O 39 A NAN Rene eee a ee ee ee eee een aes een en een eee eee cee ea ene 39 6 10 BN TV SO Bc E RR 40 6 10 1 AML EV EIS ii A tods 40 O SYSE EVENTS A EEE EA A cp uewies Sueu aes Sunewecaleun AR 41 610 3 NetWork Veni Suda ne 42 6 104 Events REDON INS arrori eas aout dines aa ca nc epeeece sae eeae eee es enacts eet eee 43 6 10 5 REDOING CONAN sao 44 7 NEUWOFK ares conastcle tacalianseacunee oa S 46 Jade A N O 46 Volek A lA T OSE 46 BEZ SINIM ER CIVIC INU cicaicnnieacscassacycnaeigagea tes cen a A nes anetameagedegeareusen Macqcasgusadcateareeess 48 TAS NetWork OPEO S sce cece nee ericsson ead seca ee tani ee oe 49 ALA Mobile Data Lita ooo cpu 50 LS Sim dale Protec Na id 51 E WAN A A Po y RA 52 Aal ONeraton MOGE as 52 22 COMMONTCONTCEU IN a e 53 Poa Neon 59 Peck COMTI UPAU ON ondas 59 Liz DACP SOI VC I onana a Seatac ead es es lc 60 e NMG AA leche ce ene st cg ct ne acta gc ese eee te Pets ct gat eis ena eid tate nae wiser 61 HEM MEAN NEtWOKS cronos a sli rn N NNA N 61 142 LAN NETWORKS aaa ica 63 E A A ono In aepereaametaa eran gm ata cm an atpaacde eeenaayuantmadeaanass 63 A A e o o eat catsoe RS 66 Fel General Sets ia o lisis 66 OZ DML ia 67 RO IPO ROW al CINE ra ctas 67 TOA AGAR CRU A A uN 69 IS A sea A E tions menteneuagmheacess Manton 74 160 DDOS POE NON a et E A ura niece A ETA 75 Hal STA QUO as 78 8 A 79 Se Uat cette en eee renee reer 79 3 L 1 VRRP LAN Configuration SEt
86. le Value Explanation Data connection state 2 IMEI 3 IMSI 4 SIM card state Connected 860461024164561 246020100070220 Ready Mobile data connection status Modem s IMEI International Mobile Equipment Identity number IMSI International Mobile Subscriber Identity is used to identify the user in a cellular network Indicates the SIM card s state e g PIN required Not inserted etc 20 65 dBm FD90B 88dBm 7dBm 21 4dBm LT BITE GSM Registered home 4G LTE 3 3 Kb 3345 bytes 3 4 kb 3487 bytes Received Signal Strength Indicator RSSI Signal s strength measured in dBm ID of operator cell that device is currently connected to Indicates the Reference Signal Received Power Indicates the Reference Signal Received Quality Indicates the Signalto Interference Noise Ratio Operator s name of the connected GSM network GSM network s status Indicates the GSM network s access technology How many bytes were received via mobile data connection How many bytes were sent via mobile data connection Displays information aboutWAN connection WAN LAN Wireless WAN Information OpenVPN VRRP Topology Access Wired Static 192 168 99 69 200 200 250 0 192 168 99 254 8 8 8 8 Ih 45m 27s UN Field Name Sample Value Explanation 5 Signal strength 6 Cell ID Te RSRP 8 RSRQ 9 SINR 10 Operator state 11 Operator 12 Connection type 13 Bytes received 14 Bytes sent
87. less network Connection mode Master indicates that you router is an access point The type of encryption that the router will use to authenticate establish and maintain a connection MAC address of your wireless radio The quality between routers radio and some other device that is connecting to the router Will show 0 if no devices are trying to connect or are currently maintaining a connection The bitrate will be shared between all devices that connect to the routers wireless network 24 Additional note MBit s indicates the bits not bytes To get the throughput in bytes divide the bit value by 8 for e g 54MBits s would be 6 75MB s Mega Bytes per second 6 3 1 5 Associated Stations Outputs a list of all devices and their MAC addresses that are maintain a connection with your router right now This can either be the information of the Access Point that the router is connecting to in STAmode or a list of all devices that are connecting to the router in AP mode Field Name Sample Value Explanation MAC Address FC C2 DE 91 36 A6 Associated station s MAC Media Access Control address 2 Device Name Android DHCP client s hostname 9aed2b2077a54c74 3 Signal 54dBm Received Signal Strength Indicator RSSI Signal s strength measured in dBm 4 RX Rate 24 0Mbit s MCS O The rate at which packets are received from associated station 20MHz 5 TX Rate 54 0Mbit s MCS O The rate at which packets are sent to associate
88. lic switched telephone network NAT network address translation an internet standard that enables a local area network LAN to use one set of IP addresses for internet traffic and a second set of addresses for external traffic LCP Link Control Protocol a protocol that is part of the PPP Point to Point Protocol The LCP checks the identity of the linked device and either accepts or rejects the peer device determines the acceptable packet size for transmission searches for errors in configuration and can terminate the link if the parameters are not satisfied BOOTP Bootstrap Protocol an internet protocol that enables a diskless workstation to discover its own IP address the IP address of a BOOTP server on the network and a file to be loaded into memory to boot the machine This enables the workstation to boot without requiring a hard or floppy disk drive TCP Transmission Control Protocol one of the main protocols in TCP IP networks Whereas the IP protocol deals only with packets TCP enables two hosts to establish a connection and exchange streams of data TCP guarantees delivery of data and also guarantees that packets will be delivered in the same order in which they were sent 139 TKIP Temporal Key Integrity Protocol scrambles the keys using hashing algorithmand by adding an integrity checking feature ensure that the keys haven t been tampered with CCMP Counter Mode Cipher Block Chaining
89. lientinformation i Field Name Sample Value Explanation 1 Common Name Client1 Client connection 2 Real Address 192 168 99 91 50850 Client s IP address and port number 3 Virtual Address 172 16 1 6 Virtual address which has been given to a client 4 Connection Since 2015 05 15 08 07 15 Since when connection has been established 26 6 3 1 9 VRRP VRRP Virtual Router Redundancy Protocol for LAN Mobile WAN LAN Wireless OpenVPN VRRP Topology VRRP Information VRRP LAN Status Enabled Virtual ip 192 166 1253 Priority 100 Pouter Refresh Field Name Sample Value Explanation Status Enabled VRRP status 2 Virtual IP 192 168 1 253 Virtual IP address es for LAN s VRRP Virtual Router Redundancy Protocol cluster 3 Priority 100 Router with highest priority value on the same VRRP Virtual Router Redundancy Protocol cluster will act as a master range 1 255 4 Router Master Since when connection has been established Exclusive to other Modes with Slave 27 6 3 1 10 Topology Network scanner allowing you to quickly retrieve information about network devices Mobile WAN LAN Wireless OpenVPN VRRP Topology Access Network Topology Network Topology MAP scan LAN scan WAM scan ALL Internet Online WAR Wired 19216899109 00 1E 42 00 11 02 Firewall pul AZ RUT9S0 LTE 192 168 1 1 E Ej E ce 192168 1 167 192 168 1 232 64 70 2 10 8D0 26 FO C DE 91 36 A6 TELTONMIEA androic G
90. lternate model 7 Username username Your username that you would use to connect to your carriers network This field becomes available when you select an authentication method i e authentication method is not none These fields are always enabled on the alternate model 8 Password password Your password that you would use to connect to your carriers network This field becomes available when you select an authentication method i e authentication method is not none These fields are always enabled on the alternate model 9 Service mode 2G only 2G preferred Your network preference If your local mobile network supports 2G 3G only 3G preferred 3G and 4G LTE you can specify to which network you wish to 4G LTE only 4G LTE connect E g if you choose 2G the router will connect to a 2G preferred or automatic network so long as it is available otherwise it will connect to a networkthat provides better connectivity If you select auto then the router will connect to the network that provides better connectivity 10 Deny data Enable Disable If enabled this function prevents the device from establishing mobile roaming data connection while not in home network 11 Use IPv4 only Enable Disable If enabled this function makes the device to use only IPv4 settings when connecting to operator Warning If an invalid PIN number was entered i e the entered PIN does not match the one that was used to protect the SI
91. mber 3 auth_mode 4 service 5 username 6 password i e internet gprs i e 9O 1 none pap chap auto 3gpreferred 3gonly 2gpreferred 2gonly user user Sets APN i e apn internet gprs Sets dial number Sets authentication mode You can add as many phone numbers as you need Dropdown list with additional rows will show up if you click on add icon at the end of phone number row Used only if PAP or CHAP authorization is selected Used only if PAP or CHAP authorization is selected All Mobile settings can be changed in one SMS Between each lt parameter value gt pair a space symbol is necessary Example password user cellular apn internet gprs dialnumber 99 1Hauth_mode pap service 3gonly username user MT Explanation A 3G On Off via SMS 2 3Gon SMS text 3 3G off SMS text Write to config 5 Change profile via SMS 6 SMS text to change profile 7 SMS text to get list of profiles 8 Sender Phone number Important Notes This check box will enable and disable this function Text to turn 3G connection ON Text to turn 3G connection OFF Permanently saves 3G network state This check box will enable and disable this function Keyword that must precede profile name Upon receiving this SMS router will send list of created profiles to the sender number Phone number of person who can control this function Function disabled by default SMS text can contain letters num
92. me Password Interval between reports Week Weekday Monday Hour 12 ian Field Name Sample Value Explanation 1 Enable Enable Disable Make a rule active inactive 2 Events log System Event type for which the rule is applied oF Transfer type FTP Event subtype for which the rule is applied Email ftp 4 Compress file Enable Action to perform when an event occurs 5 Host 192 168 123 123 FTP File transfer Protocol host name e g ftp exemple com 192 168 123 123 Allowed characters a z A Z0 9 S amp _ 6 User name Username User name for authentication on SMTP Simple Mail Transfer Protocol or FTP File Transfer Protocol server Allowed characters a z A Z0 9 S amp _ Z Password password Password for authentication on SMTP Simple Mail Transfer Protocol or FTP File Transfer Protocol server Allowed characters a z A Z0 910HS 18 8 Interval Week Send report every select time interval between reports 9 Weekday Monday Day of the week to get events log report 10 Hour 12 Hour of the day to get events log report 45 7 Network 7 1 Mobile 7 1 1 General 7 1 1 1 Mobile configuration Here you can configuremobile settings which are used when connecting to your local 3G LTE network Mobile Configuration Mobile Configuration SIM 1 SIM 2 Connection type NDIS Mode NAT APN PIN number 1234 Dialing number 99 Authentication method None Y service mode
93. n default admin01 Do not forget to change parameters in the url according to your POST GET Configuration 105 8 9 1 1 SMS by HTTP POST GET It is possible to read and send SMS by using valid HTTP POST GET syntax Use web browser or any other compatible software to submit HTTP POST GET string to router Router must be connected to GSM network when using SMS send feature 0 E POST GET url e g View mobile cgi bin sms_list username admin amp password admin0O1 messages list 2 Read mobile cgi bin sms_read username admin amp password admin01 amp number 37060000001 message 3 Send mobile cgi messages bin sms_send username admin amp password admin01 amp number 3 7060000001 amp text testmessag e 4 View mobile cgi bin sms total username admin8 password admin01 messages total 5 Delete mobile cgi bin sms_delete username admin amp password admin01 amp number 37060000001 message 8 9 1 2 Syntax of HTTP POST GET string HTTP POST GET string Explanation http 1IP_ ADDRESS cgi bin sms_read number MESSAGE_ INDEX Read message cgi bin sms_send number PHONE_NUMBER amp text MESSAGE TEXT Send message cgi bin sms_delete number MESSAGE_INDEX Delete message cgi bin sms_list List all messages cgi bin sms_ total Number of messages in memory Note parameters of HTTP POST GET string are in capital letters inside curly brackets Curly brackets Y are not needed when submitting HTTP POST GET string
94. n a limit for current period is reached Disable mobile data after limit value in MB is reached Period for which mobile data limiting should apply A starting time for mobile data limiting period Y 300 Month B 37012345678 Field Name Sample value Explanation Enable SMS Enable Disable warning 2 Data limit MB 200 3 Period Month Week Day Start day Start hour 5 Phone number 37012345678 Enables sending of warning SMS message when mobile data limit for current period is reached Send warning SMS message after limit value in MB is reached Period for which mobile data limiting should apply A starting time for mobile data limiting period A phone number to send warning SMS message to e g 37012345678 50 7 1 5 Sim Idle protection Some operators block user SIM cards after period of inactivity This function enables router to periodically switch to secondary SIM card and establish data connection with mobile network in order to prevent sim card blocking 7 1 5 1 Settings General SIM Management Network Operators Settings Test SIM Idle Protection Configuration SIM SIM2 Enable Period Day Monday Hour Minute Host to ping Ping package size Ping requests Week Mobile Data Limit SIM Idle Protection Field Name Sample value Explanation Switches between monthly and weekly sim activation periods Specifies the day for SIM idle protection activation 1 31 if Period
95. ning all the wireless clients Such a network will be able to have 253 clients their IP addresses will be automatically granted to them and will range from 192 168 2 1 to 192 168 2 253 3 Authentication External radius mode 4 Radius server 1 The IP address of the RADIUS server that is to be used for Authenticating your wireless clients 5 Radius server 2 The IP address of the second RADIUS server 6 Authentication port RADIUS server authentication port Te Accounting port RADIUS server accounting port 8 Authentication Internal radius A 9 IP address or E g 192 168 1 1 or 192 168 1 0 24 network of the client 10 Eiern Without radius A a 11 Doesn t require any RADIUS configuration Allows simple user connection based on username password 12 External landing Enables the use of external landing page page 13 Landing page The address of external landing page address 14 Protocol HTTP or HTTPS 15 HTTPS redirect Redirects HTTP pages to landing page 116 8 11 2 Internet Access Restriction Settings Allows to disable internet access onspecified day and hour of every week General Teltonika_ Router Restricted Internet Access Logging Landing Page Radius Server Internet Access Restriction Settings Select Time To Restrict Access On Hotspot Teltonika_Router Days Hours Monday Tuesday Wednesday Thursday Friday Saturday Sunday 55h rh F Bh 8 8h 8 10h 10 11h11 12h 12 13h 13 14h 14 15h 15 16h 18 17
96. nnection to the router afterwards FW image router firmware upgrade file Warning Never remove router power supply and do not press reset button during upgrade process This would seriously damage your router and make it inaccessible If you have any problems related to firmware upgrade you should always consult with local dealer 9 6 2 FOTA Firmware FOTA Firmware Over The Air Configuration Server Settings Server address http teltonika sritis It rut User name admin Password eeeeeee Enable auto check y Auto check mode On router startup WAN wired MET Explanation Server address Specify server address to check for firmware updates E g http teltonika sritis It rut9xx_auto_update clients 2 Username User name for server authorization 3 Password Password name for server authorization 4 Enable auto check Check box to enable automatic checking for new firmware updates 5 Auto check mode Select when to perform auto check function 6 WAN wired Allows to update firmware from server only if routers WAN is wired if box is checked 136 9 7 Restore point 9 7 1 Restore point create Create Load Create Restore Point Create Restore Point And Write To External Storage Device There are no devices connected Create Restore Point And Download Allows to create firmware restorepoints with all custom configurations You can download created restore points to your computer 9 7 2 Restore p
97. nnections during the period Indicating the maximum burst before the above limit kicks in 77 7 7 Static Routes Static routes provide a way of entering custom entries in the internal routing table of the router Routes Routes specify over which interface and gateway a certain host or network can be reached Static IP Routes Interface Target Netmask Gateway Metric LAN 192 168 550 200 200 200 0 192 168 55 145 Delete IN ESC EC Explanation Interface LAN WAN PPP WAN2 The zone where the Target resides 2 Target IP address The source of the traffic 3 Netmask IP mask Mask that is applied to the Target to determine to what actual IP addresses the routing rule applies 4 Gateway IP address To where the router should send all the traffic that applies to the rule 5 Metric integer Used as a sorting measure If a packet about to be routed fits two rules the one with the higher metric is applied Additional note on Target amp Netmask You can define a rule that applies to a single IP like this Target some IP Netmask 255 255 255 255 Furthermore you can define a rule that applies to a segment of IPs like this Target some IP that STARTS the segment Netmask Netmask that defines how large the segment is E g 192 168 55 161 255 255 255 255 Only applies to 192 168 55 161 192 168 55 0 255 255 255 0 Applies to IPs in range 192 168 55 0 192 168 55 255 192 168 55 240 255 255 255 240 Applies 192 168 55 24
98. oint load Create Load Load Restore Point Restore Point There are no device Restore Point File Browse Mo file selected Allows to restore configuration from previously saved restore point You can upload restore point from your computer 9 8 Reboot Router reboot Warning During reboot you will temporarily lose the connection Reboot router by pressing button Reboot 10 Device Recovery The following section describes available options for recovery of malfunctioning device Usually device can become unreachable due to power failure during firmware upgrade or if its core files were wrongly modified in the file system Teltonika s routers offer several optionsfor recovering from these situations 137 10 1 Reset button Reset button is located on the back panel of the device Reset button has several functions Reboot the device After the device has started if the reset button is pressed for up to 4 seconds the device will reboot Start of the reboot will be indicated by flashing of all 5 signal strength LEDs together with green connection status LED Reset to defaults After the device has started if the reset button is pressed for at least 5 seconds the device will reset all user changes to factory defaults and reboot To help user to determine how long the reset button should be pressed signal strength LEDs indicatesthe elapsed time All 5 lit LEDs means that 5 seconds have passed and reset button c
99. on Default setting enabled should be used unless instructed otherwise 4 Include PPPD information Default setting disabled should be used unless instructed otherwise 5 Include Chat script Default setting enabled should be used unless instructed otherwise information 6 Include network topology Default setting disabled should be used unless instructed otherwise information 7 System Log Provides on screen System logging information It does not however substitute troubleshooting file that can be downloaded from System gt Backup and Firmware menu 8 Kernel Log Provides on screen Kernel logging information It does not however substitute troubleshooting file that can be downloaded from System gt Backup and Firmware menu 9 Troubleshoot Downloadable archive that contains full router configuration and all System log files 129 9 3 3 Backup General Troubleshoot Backup Access Control Diagnostics MAC Clone Overview Monitoring Backup Backup Configuration Backup archive Download Restore Configuration Upgrade fram file Restore from backup Browse No file selected Upload archive Ge Explanation 1 Backup archive Download current router settings file to personal computer This file can be loaded to other RUT900 with same Firmware version in order to quickly configure it 2 Restore from backup Select upload and restore router settings file from personal computer 9 3 3 1 Access
100. onal 3176 2015 05 11 16 02 38 Leased 192 168 1 232 IP address for client FC C2 DE 91 36 A6 android 9aed2b2077a54c74 in WiFi 3175 2015 05 11 16 02 37 Leased 192 168 1 232 IP address for client FC C2 DE 91 36 46 android 9aed2b2077a54c74 in WiFi 3174 2015 05 11 16 02 36 Leased 192 168 1 232 IP address for client FC C2 DE 91 36 46 android 9aed2b2077a54c74 in WiFi 3173 2015 05 11 16 02 36 Leased 192 168 1 232 IP address for client FC C2 DE 91 36 A6 android 9aed2b2077a54c74 in WiFi 3172 2015 05 11 16 02 35 Leased 192 168 1 232 IP address for client FC C2 DE 91 36 46 android 9aed2b2077a54c74 in WiFi Showing 1 to 10 of 1600 entries Next gt gt 41 6 10 3 Network Events Displays information about recent network events like connection status change lease status change network type or operator change All Events System Events Network Events Events Reporting Reporting Configuration Connections Log All Wireless Mobile Data Network Type Network Operator Connections Log Events perpage 10 search ID Date Action Result 312 2015 05 11 15 48 49 WIFI WiFi client connected FC C2 DE 91 36 46 android 9aed2b2077a54dc74 311 2015 05 11 15 48 43 WIFI WIFI client disconnected FC C2 DE 91 36 46 android 9aed2b2077a54c74 2015 05 11 15 48 37 WiFi WiFi client connected FC C2 DE 91 36 46 android Saed2b20 fad54c74 2015 05 11 15 48 31 WIFI WIFI client disconnected 20 34 47 41 4B 45 2015 05 11 15 36 56 WIFI WIFI client connected 20
101. ongly recommended to back up configuration of master firmware when the user is satisfied with the setup After configuration backup is created it can be tested by requesting safe mode Safe Mode Status Safe mode FW version RUT9XX_SM_00 01 292 Safe mode config backup date 2015 05 12 12 12 09 Safe Mode Configuration Write configuration to config partition Write Delete configuration from config partition Delete Request safemode after reboot Reboot 9 6 Firmware 9 6 1 Firmware Firmware FOTA Firmware Current Firmware Information Firmware Available On Server Firmware version RUT9XX_R_00 01 299 Firmware version RUT9XX_R_00 01 50 Firmware build date 2015 05 13 11 26 59 Check for New FW Kernel version 3 10 36 Firmware Upgrade Settings Keep all settings Keep dynamic DNS settings Keep network settings Keep wireless settings Keep mobile settings Keep firewall settings Keep LAN settings Keep OpenVPN settings Upgrade from file Firmware image file Browse No file selected Upgrade 135 Keep settings if the check box is selected router will keep saved user configuration settings after firmware upgrade When check box is not selected all router settings will be restored to factory defaults after firmware upgrade When upgrading firmware you can choose settings that you wish to keep after the upgrade This function is useful when firmware is being upgraded via Internet remotely and you must not lose co
102. ort Port on which to listen for authentication 121 8 11 6 Statistics On statistics page you can review various statistical information about hotspot instances General Restricted Internet Access Logging Landing Page Radius Server Statistics Hotspot Statistics Hotspot statistics Events perpage 10 Search Username Start time End time Download Upload There are no records yet showing 1 ta 1 of 1 entries 8 12 Auto Reboot 8 12 1 Ping Reboot Ping Reboot function will periodically send Ping command to server and waits for echo receive If no echo is received router will try again sending Ping command defined number times after defined time interval If no echo is received after the defined number of unsuccessful retries router will reboot It is possible to turn of the router rebooting after defined unsuccessful retries Therefore this feature can be used as Keep Alive function when router Pings the host unlimited number of times Ping Reboot Periodic Reboot Ping Reboot Ping Reboot Settings Enable Reboot router if no echo is received Interval between pings 5mins Ping timeout sec Packet size Retry count Host to ping from SIM 1 127 0 0 1 Host to ping from SIM 2 127 0 0 1 2 Explanation Notes Enable This check box will enable or disable Ping reboot Ping Reboot is disabled by feature default 2 Reboot router ifno echo This check box will disable router rebooting after Thi
103. p WAH 36 IN USE And if you plug the cable back in you should again see this Backup WAN Status WON Wired IN USE Backup WAH 3 Sih 58 7 3 LAN This page is used to configure the LAN network where all your devices and computers that you connect to the router will reside 7 3 1 Configuration 7 3 1 1 General Setup Configuration General Setup Advanced Settings IP address 192 168 1 1 IP netmask 255 255 255 0 IP broadcast LT Sample value Explanation IP address 192 168 1 1 Address that the router uses on the LAN network 2 IP netmask 255 255 255 0 A mask used to define how large the LAN network is 3 IP broadcast 0 IP broadcasts are used by BOOTP and DHCP clients to find and send requests to their respective servers 7 3 1 2 Advanced settings Configuration General Setup Advanced Settings Accept router advertisements Override MTU Use gateway metric Lise WAN port as LAN E Sample value Explanation Accept router Enable Disable If enabled allows accepting router advertisements Disabled by advertisements default 2 Override MTU 1500 MTU Maximum Transmission Unit specifies the largest possible size of a data packet 3 Use gateway metric 0 With this field you can alter the metric of that entry Use WAN port as LAN Enable Disable 59 7 3 2 DHCP Server The DHCP server is the router side service that can automatically configure the TCP IP settings of any device that requests such a se
104. pients phone numbers Field name Values Notes Enable Enable Disable Enable mobile message forwarding 2 Add sender number Enable Disable If enabled original senders number will be added at the end of the forwarded message 3 Mode All message Specifies from which senders received messages are From listed numbers going to be forwarded 4 Recipients phone 37060000001 Phone numbers to which message is going to be numbers forwarded to 112 8 9 5 3 SMS Forwarding To Email This functionality forwards mobile messages from one or several specified senders to email address SMS Forwarding To Email Settings Recipient s email address senders email address Enable Add sender s number Subject SMTP server SMTP server port Secure connection admin User name Password 60000 Mode mail teltonika It All messages forwarded message name surnamedtdgmail c ol Names sumameAtbgmail Field name Values Notes Enable 2 Add sender number 3 Subject 4 SMTP server 5 SMTP server port 6 Secure connection 7 User name 8 Password 9 Sender s email address 10 Recipient s email address 11 Mode Enable Disable Enable Disable forwarded message mail teltonika lt 25 Enable Disable admin KOK KK KK name surname gmail com name2 surname2 gmail com All messages from listed numbers 113 Enable mobile message forwarding to email If
105. plied i e the order of the rule list impacts how your firewall operates therefore you are given the ability to sort your list as you wish 69 You can configure firewall rule by clicking edit button Rub E disabled Mame Resinel lo address family Projoceal Maich ICMP type Soure zone Source MAC addres Source address Source por Destination zone Destination addres Destination por Action Exir a ume nts Enable Allow DHG F Relay Pv onb UDP any Any zone lan lan EH vpn empi wan wan 4 ppp a wanz m Device input Any zone Forward lan lan 4 vpn empty wan wan mr PPP a wan2 E accepi mm Field Name Sample value Explanation Name Allow DHCP Relay Used to make rule management easier Restrict to address IPv4 only Match traffic from selected address family only family 3 Protocol TCP UDP Any ICMP Custom Protocol of the packet that is being matched against traffic rules Match ICMP type any Match traffic with selected ICMP type only Source zone Any zone LAN VPN WAN Match incoming traffic from this zone only Source MAC address any SOS E Source address any Match incoming traffic from these MACs only Match incoming traffic from this IP or range only 70 8 Source port any Match incoming traffic originating from the given source port or port range on the client host only 9 Destination zone Device Any Match forwarded traffic to the given des
106. point s to selected LAN access points 4 LAN Select to which LAN to assign selected LAN ports and wireless access points If VLAN mode Taged based VLAN Networks List Wireless access points VLAN ID Teltonika Router Delete Field Name i Sample Value Explanation VLAN ID 1 VLAN Identification number allowed in range 1 4094 3 Wireless Enabled Disabled Assign selected access point s to selected LAN access points 4 LAN Select to which LAN to wireless access point s 62 7 4 2 LAN Networks In this page you can create extra LAN networks and assign them with LAN Ports and wireless access points You can get extra information on how to configure any of your LAN s settings in section 6 3 LAN LAN LAN Networks List LAN name Interface name eth tap LAN name LAN2 Add New UN Field Name j Sample Value Explanation 1 LAN name LAN2 Specifies new LAN name 7 5 Wireless On this page you can configure your wireless settings Depending on whether your WAN mode is set to Wi Fi or not the page will display either the options for configuring an Access Point or options for configuring a connection to some local access point Access Point Wireless General Site Survey Wireless Access Point Here you can configure your wireless settings like radio frequency mode encryption etc Device Configuration General Setup Advanced Settings Enable wireless Channel auto Interface Conf
107. r ICMP host s Disable DNS Server s Where to Ping for a health check As there is no WAN GW Custom definitive way to determine when the connection to internet is down for good you ll have to define a host whose availability that of the internet as a whole 3 Health monitor ICMP timeout 1 3 4 5 10 Seconds How long to wait for an ICMP request to come back Set a higher value if your connection has high latency or high jitter latency spikes 4 Attempts before failover 1 3 5 10 15 20 How many checks should fail for your WAN connection to be declared DOWN for good 5 Attempts before recovery 1 3 5 10 15 20 How many checks should pass for your WAN connection to be declared UP 7 2 2 5 How do set up a backup link First we must select a main link and choose one or two backup links in WAN section Then push the Edit button and configure your WAN and Backup Wan settings to your liking Click Save and wait until the settings are applied Now in the Status gt Network Information gt WAN page there should be a status indication for the backup WAN If everything is working correctly you should see something like this Backup WAN Status WAN Wired IN USE Backup WWA The above picture shows the status for Backup WAN configured on a wired main link You can now simulate a downed link by simply unplugging your Ethernet WAN cable When you ve done so you should see this Backup WAN Status WAN Wired NOT READY Backu
108. rough the Output chain 4 Forward Reject Drop Accept DEFAULT action that is to be performed for packets that pass through the Forward chain DEFAULT When a packet goes through a firewall chain it is matched against all the rules for that specific chain If no rule matches said packet an according Action either Drop or Reject or Accept is performed Accept Packet gets to continue down the next chain Drop Packet is stopped and deleted Reject Packet is stopped deleted and differently from Drop an ICMP packet containing a message of rejection is sent to the source of the dropped packet 66 7 6 2 DMZ DMZ Configuration Enable OMZ host IP address By enabling DMZ for a specific internal host for e g your computer you will expose that host and its services to the routers WAN network i e internet 7 6 3 Port Forwarding Here you can define your own port forwarding rules General Settings Port Forwarding Traffic Rules Custom Rules Firewall Port Forwarding Port forwarding allows remote computers on the Internet to connect to a specific computer or service within the private LAN Port Forwarding Rules Name Protocol Source Via Destination Enable Sort localWebsite TCP From any host in To any router IP at port Forward to IP 192 168 1 109 a j Delete wan 12345 port 80 in lan New Port Forward Rule Name Protocol External port Internal IP Internal port localWebsite TCP 12345 192 168 1 109
109. rrent Week Current Month Total Configuration Daily Data Usage SIM1 SIM2 Both Delete data Today s usage 5 08 KB Sent 2 13 KB Received 2 95 KB 6 9 Speed Test Speed test is a tool for measuring your internet connection upload and download speeds You can select servers for manual testing or use auto test Speed Test Begin auto test Get servers list Server Imhost It Vilnius Lithuania UAB Cgates Vilnius Lithuania Begin test Ping 158 ms Iimhost It Vilnius Lithuania Begin test Download speed 8 48 Mbits s Tele2 Vilnius Lithuania Begin test Upload speed 3 15 Mbits s Bite Lietuva Vilnius Lithuania Begin test Test again 39 6 10 Events Log Event log displays such actions as login reboot firmware flashing and reset 6 10 1 All Events Displays all router events their type and time of occurrence All Events System Events Network Events Events Reporting Reporting Configuration Events Log Events Log Events per page 10 Y Search ID Date Event type Event 3181S 2015 05 11 16 11 47 Config Firewall configuration has been changed 31805 2015 05 11 16 09 29 Port Wired WAN connection operational 31795 2015 05 11 16 05 13 Port Wired WAN connection non operational 31785 2015 05 11 16 02 39 Leased 192 168 1 232 IP address for client FC C2 DE 91 36 46 android 9aed2b2077a54c74 in WiFi 31775 2015 05 11 16 02 39 Wired WAN connection operational 31765 2015 05 11 16 02 38 Leased 192 1
110. rsion 02345678 RUT950 101010 0222 0321 860461024164561 246020100070220 3E 83 6F 84 E1 A4 AE F4 F3 5B 9D CC N A ME909 521 11 235 07 00 00 Serial number of the device Product code of the device Batch number used during device s manufacturing process Hardware revision of the device Identification number of the internal modem Subscriber identification number of the internal modem MAC address of the Ethernet LAN ports MAC address of the Ethernet WAN port MAC address of the Wi Fi interface Router s modem model Router s modem firmware version 31 6 5 Services The page displays usage of the available services Services Services Status VRRP LAN DDNS OpenVPN servers Site blocking OpenVPN clients Privoxy Enabled SNMP agent SMS utils rules Enabled SNMP trap Hotspot NTP client Enabled Hotspot logging IPsec GRE tunnel Ping reboot Qos 6 6 Routes The page displays ARP table active IP routes of the device 6 6 1 ARP Shows the routers active ARP table An ARP table contains recently cached MAC addresses of every immediate device that was communicating with the router ARP IP Address MAC Address Interface 10 0 207 217 02 50 F3 00 00 00 eth2 192 168 99 17 00 25 22 D7 CA AT br lan 192 168 99 36 30 20 44 64 2D E5 br lan 192 168 99 155 00 00 00 00 00 00 br lan Field Name Sample Value Explanation IP Address 192 168 99 17 Recently cashed IP addresses of every immediate device tha
111. rvice If you connect a device that has been configured to obtain IP address automatically the DHCP server will lease an address and the device will be able to fully communicate with the router 7 3 2 1 General Setup DHCP Server General Setup Advanced Settings DHCP Enable Start Limit Lease time Field Name Sample value Explanation DHCP Enable Disable Manage DHCP server 2 Start 100 The starting address of the range that the DHCP server can use to give out to devices E g if your LAN IP is 192 168 2 1 and your subnet mask is 255 255 255 0 that means that in your network a valid IP address has to be in the range of 192 168 2 1 192 168 2 254 192 168 2 0 and 192 168 2 255 are special unavailable addresses If the Start value is set to 100 then the DHCP server will only be able to lease out addresses starting from 192 168 2 100 3 Limit 150 How many addresses the DHCP server gets to lease out Continuing on the above example if the start address is 192 168 2 100 then the end address will be 192 168 2 254 100 150 1 254 4 Lease time 12 How long can a leased IP be considered valid An IP address after the specified amount of time will expire and the device that leased it out will have to request for a new one Select Hour or Minute minimum 2min 60 7 3 2 2 Advanced settings You can also define some advanced options that specify how the DHCP server will operate on your LAN network DHCP Server G
112. s _Exclusive to other Modes with DHCP 6 3 1 3 LAN Displays information aboutLAN connection Mobile WAN LAN Wireless LAN Information LAN Information Name IP address Lan 192 168 959 218 DHCP Leases Hostname IP address 192 168 99 120 LAN information 1 Name Lan Lan instance name 2 IP address 192 168 99 218 3 Netmask 255 255 2550 4 Ethernet LAN 00 1E 42 00 00 00 MAC address 5 Connected for 1h 53m 56s DHCP Leases If you have enabled a DHCP server this field will show how many devices have received an IP address and what those IP addresses are Field Name lo WELT Explanation 1 Ze Hostname IP address 192 168 99 120 DHCP client s hostname Each lease declaration includes a single IP address that has been leased to the client 22 3 Lanname MAC address 5 Lease time remaining 6 3 1 4 Wireless Lan D4 85 64 65 2B D4 10h 11m 13s Lan instance name The MAC Media Access Control address of the network interface on which the lease will be used MAC is specified as a series of hexadecimal octets separated by colons Remaining lease time for addresses handed out to clients Wireless can work in two modes Access Point AP or Station STA AP is when the wireless radio is used to create an Access Point that other devices can connect to STA is when the radio is used to connect to an Access Point via WAN 6 3 1 4 1 Station Displays information about wireless connection Station mode Mobile
113. s Enable URL content example com Delete METE EXT Explanation 1 Enable Enable Disable Enable proxy server based URL content blocking Works with HTTP protocol only 2 Mode Whitelist Blacklist Whitelist allow every part of URL on the list and block everything else Blacklist block every part of URL on the list and allow everything else 81 8 4 NTP NTP configuration lets you setup and synchronize routers time General Time Servers Time Synchronisation General Current system time 2014 11 24 03 30 49 Sync with browser Time zone UTC Enable NTP 4 Update interval in seconds 3600 Save time to flash Count of time sync hronizations Clock Adjustment Offset frequenc y METE PATA EA 1 Current System time Local time of router 2 Timezone Time zone of your country 3 Enable NTP Enables the functionality 4 Update interval How often router updates systems time 5 Count of time Total amount of times that If left blank the count will be infinite synchronizations router will do the synchronization 6 Offset frequency Adjust the minor drift of the clock so that it will be more accurate Note that under Time Servers at least one server has to be present otherwise NTP will not serve its purposes 82 8 5 VPN 8 5 1 OpenVPN VPN Virtual Private Network is a method for secure data transfer through unsafe public network This section explains how to configure OpenVPN which is
114. s check box must be received the defined number of unsuccessful retries unselected if you want to use Ping Reboot feature as Keep Alive function 122 3 Interval between Pings 4 Ping timeout sec 5 Packet size 6 Retry count 7 Host to ping from SIM 1 8 Host to ping from SIM 2 8 12 2 Periodic Reboot Ping Reboot Time interval in minutes between two Pings Time after which consider that Ping has failed This box allows to modify sent packet size Number of times to try sending Ping to server after time interval if echo receive was unsuccessful IP address or domain name which will be used to send ping packets to E g 192 168 1 1 or www host com if DNS server is configured correctly IP address or domain name which will be used to send ping packets to E g 192 168 1 1 or www host com if DNS server is configured correctly Periodic Reboot Periodic Reboot Periodic Reboot Setup Enable L Days Y sunday E Monday Tuesday E Wednesday E Thursday E Friday Saturday Hours 23 Minutes 0 Minimum time interval is 5 minutes Range 1 9999 Should be left default unless necessary otherwise Minimum retry number is 1 Second retry will be done after defined time interval Ping packets will be sending from SIM1 Ping packets will be sending from SIM2 ET Explanation This check box will enable or disable Periodic reboot feature Enable 2 Days 3 Hours Minutes
115. s many phone numbers as you need Dropdown list with additional rows will show up if you click on add icon at the end of phone number row This is both separate SMS Rule and an option under SMS Reboot rule SMS status is disabled by default SMS text can contain letters numbers spaces and special symbols Capital letters also matters You can add as many phone numbers as you need Dropdown list with additional rows will show up if you click on add icon at the end of phone number row You can select which status elements to display Allows Wi Fi control via SMS SMS text can contain letters numbers spaces and special symbols Capital letters also matters SMS text can contain letters numbers spaces and special symbols Capital letters also matters You can add as many phone numbers as you need Dropdown list with additional rows will show up if you click on add icon at the end of phone number row With this setting enabled router will keep Wi Fi state even after reboot If it is not selected router will revert Wi Fi state after reboot Allows cellular control via SMS SMS text can contain letters numbers spaces and special symbols Capital letters also matters You can add as many phone numbers as you need Dropdown list with additional rows will show up if you click on add icon at the end of phone number row Mobile Settings via SMS parameters ME Value s Explanation apn 2 dialnu
116. secure functionality enable 2 Clean after reboot If check box is selected blocked addresses are removed after every reboot 3 Fail count Specifies maximum connection attempts count before access blocking WebUlaccess secure Check box to enable secure WebUlaccess enable 131 9 3 4 Diagnostics General Troubleshoot Backup Access Control Diagnostics MAC Clone Overview Diagnostics Network Utilities Action Ping Traceroute Nslookup oe Explanation Host Enter server IP address or hostname 2 Ping Utility used to test the reachability of a host on an Internet IP network and to measure the round trip time for messages sent from the originating host to a destination server Server echo response will be shown after few seconds if server is accessible 3 Traceroute Diagnostics tool for displaying the route path and measuring transit delays of packets across an Internet IP network Log containing route information will be shown after few seconds 4 Nslookup Network administration command line tool for querying the Domain Name System DNS to obtain domain name or IP address mapping or for any other specific DNS record Log containing specified server DNS lookup information will be shown after few seconds 9 3 5 MACClone General Troubleshoot Backup Access Control Diagnostics MAC Clone Overview MAC Address Clone MAC Address Clone WAN MAC address 00 1E 42 00 00 51 Get PC MAC address Sav Restore to default ee Explan
117. sport mode creates secure point to point channel between two hosts Tunnel mode can be used to build a secure connection between two remote LANs serving as a VPN solution IPsec system maintains two databases Security Policy Database SPD which defines whether to apply IPsec to a packet or not and specify which how I Psec SA is applied and Security Association Database SAD which contain Key of each lIPsec SA The establishment of the Security Association IPsec SA between two peers is needed for IPsec communication It can be done by using manual or automated configuration Note router starts establishing tunnel when data from router to remote site over tunnel is sent For automatic tunnel establishment used tunnel Keep Alive feature 86 OpenVPN IPsec IPsec IPsec Configuration GRE Tunnel PPTP L2TP Enable y Mode Main Enable NAT traversal Enable initial contact My identifier type Address My identifier 100 121 122 123 Pre shared key password Remote VPN endpoint 215 148 3 15 Enable DPD Delay sec E Explanation T 10 Enable Mode Enable NAT traversal Enable initial contact My identifier type My identifier Preshare key Remote VPN endpoint Enable DPD Delay sec Check box to enable IPSec Select Main Aggressive or Base mode accordingly to your IPSec server configuration Enable this function if client to client applications will be used Enable this to send
118. t IP 3 Port Community 8 8 SMS Utilities Enable Disable 192 168 99 155 162 Public Private Enable SNMP Simple Network Management Protocol trap functionality Host to transfer SNMP Simple Network Management Protocol traffic to Port for trap s host The SNMP Simple Network Management Protocol Community is an ID that allows access to a router s SNMP data RUT950 has extensive amount of various SMS Utilities These are subdivided into 6 sections SMS Utilities Call Utilities User Groups SMS Management Remote Configuration Statistics 8 8 1 SMS Utilities SMS Utilities Call Utilities User Groups SMS Utilities SMS Rules Action Reboot Get status Switch WiFi on Switch WiFi off Switch mobile data on Switch mobile data off Change mobile data settings Get list of profiles Change profile SSH access Control Web access Control SMS Text reboot wifion witioft mobileon mobileott cellular profdisp web SMS Management Remote Configuration Statistics Enable gt Delete Delete Delete Delete Delete Delete Delete Delete Delete You can choose your SMS Keyword text to be sent and authorized phone number in the main menu You can edit each created rule by hitting Edit button All configuration options are listed below 96 oaks Explanation Notes 10 11 12 13 14 15 16 Enable SMS Reboot SMS text Sender p
119. t was communicating with the router 2 MAC Address 00 25 22 D7 CA A7 Recently cashed MAC addresses of every immediate device that was communicating with the router 3 Interface br lan Interface used for connection 32 6 6 2 Active IP Routes Shows the routers routing table The routing table indicates where a TCP IP packet with a specific IP address should be directed to Active IP Routes Network Target PPP 0 0 0 0 0 ppp 10 0 207 216 29 PPP 10 0 207 217 192 168 99 0 24 IP Gateway Metric 10 0 207 217 O 0 0 0 0 0 0 0 0 0 0 0 0 UN Field Name Sample Value Explanation 1 Network ppp Interface to be used to transmit TCP IP packets through 2 Target 192 168 99 0 24 Indicates where a TCP IP packet with a specific IP address should be directed 3 IP Gateway 0 0 0 0 Indicates through which gateway a TCP IP packet should be directed 4 Metric 0 Metric number indicating interface priority of usage 6 6 3 Active IPv6 Routes Displays active IPv6 routes for data packet transmittion Active IPv6 Routes Network Target loopback 0 0 0 0 0 0 0 0 0 loopback 0 0 0 0 0 0 0 0 0 loopback 0 0 0 0 0 0 0 1 Ppp FFOO0 0 0 0 0 0 0 0 8 loopback 0 0 0 0 0 0 0 0 0 IPv6 Gateway Metric 0 0 0 0 0 0 0 0 0 FFFFFFFF 0 0 0 0 0 0 0 0 0 FFFFFFFF 0 0 0 0 0 0 0 0 0 00000000 0 0 0 0 0 0 0 0 0 00000100 0 0 0 0 0 0 0 0 0 FFFFFFFF i Field Name Sample Value Explanation 1 Network loopback Network interface used 2 Target
120. tination zone zone LAN VPN WAN only 10 Destination address any Match forwarded traffic to the given destination IP address or IP range only 11 Destination port 67 Match forwarded traffic to the given destination port or port range only 12 Action Drop Accept Reject chain Action to be taken on the packet if it matches the rule additional rules You can also define additional options like limiting packet volume and defining to which chain the rule belongs 7 6 4 1 Open Ports On Router Open Ports On Router Name Protocol External port Open_Port_rule Field Name Sample value Explanation Name Open_Port_rule Used to make rule management easier 2 Protocol TCP UDP Any ICMP Custom Protocol of the packet that is being matched against traffic rules 3 External port 1 65535 Match incoming traffic directed at the given destination port or port range on this host 7 6 4 2 New Forward Rule New Forward Rule Name Source Destination Forward rule new LAN WAN Field Name Sample value Explanation Name Forward_rule_new Used to make rule management easier 2 Source LAN VPN WAN Match incoming traffic from selected address family only 3 Protocol TCP UDP Any ICMP Custom Protocol of the packet that is being matched against traffic rules 71 7 6 4 3 Source NAT Source NAT Source NAT is a specific form of masquerading which allows fine grained control over the source IP used for outgoing traffic for example to map mul
121. tion is lost 79 8 2 TR 069 TR 069 is a standard developed for automatic configuration and management of remote devices by Auto Configuration Servers ACS 8 2 1 TR 069 Parameters Configuration TR 069 Parameters Configuration Enable Enable Periodic Transmission w Sending Interval 100 User name admin Password 060460060000 URL http 1192168 1 110 8080 MESE EI Explanation Enable Enable Disable Enable TR 069 client 2 Enable Periodic Enable Disable Enable periodic transmissions of data to server Transmission 3 Sending interval 100 Periodic data transmission to server period 4 User name admin User name for authentication on TR 069 server 5 Password lo Password for authentication on TR 069 server 6 URL http 192 168 1 110 8080 TR 069 server URL address 80 8 3 Web filter 8 3 1 Site blocking Site Blocking Proxy Based Content Blocker Site Blocking Settings Site Blocking Enable Mode Whitelist Y Enable Host name www yahoo com Delete MITE ETE EEE 1 Enable Enable Disable Enable host name based websites blocking 2 Mode Whitelist Blacklist Whitelist allow every site on the list and block everything else Blacklist block every site on the list and allow everything else 8 3 2 Proxy based URL content blocker Site Blocking Proxy Based Content Blocker Proxy Based URL Content Blocker Configuration Proxy Based URL Content Blocker Enable Mode Blacklist Y URL Filter Rule
122. tiple WAN addresses to internal subnets Name Protocol Source Destination SNAT Enable SNAT TGP UDP From any host To any host port 22 in wan Rewrite to in lan source IP 10 101 1 10 pont 22 New Source NAT Source Destination Source IP Source port LAN WAN gt 10 101 1 10 Field Name Sample value Explanation Name Forward_rule_new Used to make rule management easier 2 Protocol TCP UDP Any ICMP Custom Protocol of the packet that is being matched against traffic rules 3 Source LAN VPN WAN Match incoming traffic from selected address family only 4 Destination Redirect matched traffic to the given IP address and destination port 5 SNAT SNAT Source Network Address Translation rewrite packet s source IP address and port 6 Enable Enable Disable Make a rule active inactive 72 You can configure firewall source NAT rule by clicking edit button Rule is enabled Mame Protocol Source zone Source MAC address Source IP address source port Destination zone Destination IP addres Destination port SWAT IP address SNAT port Extra arguments Dis able NAT All protocols gt lan lam LL vpn empty wan wan 4 ppp l wanz lan lan En vpn empty wan wan 0 ppp l wanz l hi 10 101 1 10 Field Name Sample value Explanation Name Allow DHCP Relay Used to make rule management easier 2 Protocol TCP UDP Any ICMP Custom Protocol of the packet that
123. tnes csi diras 79 81 2 Check Internet connect a 79 A e O o A A RE 80 821 TR O69 Parameters CONTSURACIO Msi la 80 83 Weber reido isa cde 81 Sl Debo 81 832 PO pacad URLCONEent II la de O 81 84 INTP ceo a cual ea saatedene seston E N emotes 82 Sa VEN ee E aan eee ence uae ia mereeeeatecentadioatiecueee 83 Sor OPENVPN cats is as 83 S32 IP ECan PTE Sen OP ITE SED aS PE Sem SOA SE en ee rere 86 Cees RIE A lt sasncuanimadattecns a a E aaeeacecuit iaetacnienasecs 89 oe diarias 91 S59 E2 TP teres aysnceceatiouseatarcuseatasa ons tase sanenacvaa E N A N NN 92 90 DiNamto DIN Sant E E A 93 S SNMP r a ol 94 Seeds SNMP SeN nai S 94 872 ERAP UNS a aa a 95 So MSM ETE TT E NTT 96 Soe SMUTO San E E O A 96 8 0 2 Calk UCUINIGS Ed O ido 99 gt USOS ia ads 99 SO MS Mana mMmeNM Ear ISO E e 100 88 Remote COn e e es 101 2 E o Pa a ncueacaus se senna se opcaienaeein setae ee unis nama euneesaee ater sstaneaenseusaoe 105 S9 E RU aan Aalneu me aane cond acu eanu aaa ave cemuade ts N 105 89 1 POSt Get COMMBULALON sworn isa anna E 105 892 EMAUtOo SMS is 107 8 93 Senecauled Messares sti A TO 108 8 94 Auto Reply Contursi ad ac 110 89 MS POW AI llo 111 A MR oO 114 SO 64 1 PEC A O 115 8 11 MODO dior 115 SILE General Sets eds 115 911 2 IntemetAccess Restriction SCENES siii 117 LS LOL Rda 117 Sd Lancia Por adds 119 S L Radius server conter ONE acosa 121 OLMO a ES A ss 122 sie A VIO 90 A on e o O ee eee eee eee eee 122 ST TARA ll
124. ts own lines for wide area communication but can securely use the public networks This kind of interconnection is known as a virtual private network VPN OpenVPN IPsec GRE Tunnel PPTP L2TP PPTP Server Instance Pptpd_server Main Settings Enable Local IP 192 168 0 1 Remote IP range stat 192 168 0 20 Remote IF range end 192 168 0 30 User name Password youruser A Delete Enable Check the box to enable the PPTP function Local IP IP Address of this device RUT Remote IP range begin IP address leases beginning Remote IP range end IP address leases end Username Username to connect to PPTP this server METE ETA 1 2 3 4 5 6 Password Password to connect to PPTP server 91 8 5 5 L2TP Allows setting up a L2TP server or client and should it be needed using it with IPsec L2TP IPSec Below is L2TP server configuration example OpenVPN IPsec GRE Tunnel PPTP L2TP L2TP Server Instance L2tpd_server Main Settings Enable Local IP 192 168 0 1 Remote IP range begin 192 168 0 20 Remote IP range end 132 168 0 30 User name Password Delete METE Explanation 1 Enable Check the box to enable the GRE Tunnel function 2 Local IP IP Address of this device RUT 3 Remote IP range begin IP address leases beginning 4 Remote IP range end IP address leases end 5 Username Username to connect to L2TP this server 6 Password Password to connect to L2TP server Client configuration is even simplier
125. uring the period 4 Limit burst 15 Indicating the maximum burst before the above limit kicks in 76 7 6 6 4 HTTP Attack Prevention HTTP attack sends a complete legitimate HTTP header which includes a Content Length field to specify the size of the message body to follow However the attacker then proceeds to send the actual message body at an extremely slow rate e g 1 byte 110 seconds Due to the entire message being correct and complete the target server will attempt to obey the Content Length field in the header and wait for the entire body of the message to be transmitted hence slowing it down HTTP Attack Prevention Enable HTTP limit Limit period Second Y Limit Limit burst a Field Name Sample value Explanation 1 Enable HTTP limit Enable Disable 2 Limit period Second Minute Hour Day 3 Limit 10 4 Limit burst 10 7 6 6 5 HTTPS Attack Prevention HTTPS Attack Prevention Enable HTTPS limit Limit period Secon Limit Limit burst Limits HTTP connections per period Select in what period limit HTTP connections Maximum HTTP connections during the period Indicating the maximum burst before the above limit kicks in UN Field Name Sample value Explanation 1 Enable HTTPS limit Enable Disable 2 Limit period Second Minute Hour Day 3 Limit 10 4 Limit burst 10 Limits HTTPS connections per period Select in what period limit HTTPS connections Maximum HTTPS co
126. vides a central database of devices that are connected to the network and eliminates duplicate resource assignments ETHERNET CABLE Refers to the CAT5 UTP cable with an RJ 45 connector AP Access point An access point is any device that provides wireless connectivity for wireless clients In this case when you enable Wi Fi on your router your router becomes an access point DNS Domain Name Resolver A server that translates names such as www google lt to their respective IPs In order for your computer or router to communicate with some external server it needs to know it s IP its name www something com just won t do There are special servers set in place that perform this specific task of resolving names into IPs called Domain Name servers If you have no DNS specified you can still browse the web provided that you know the IP of the website you are trying to reach ARP Short for Adress Resolution Protocol a network layerprotocol used to convert an IP address into a physical address called a DLC address such as an Ethernet address PPPoE Point to Point Protocol over Ethernet PPPoE is a specification for connecting the users on an Ethernet to the internet through a common broadband medium such as DSL line wireless device or cable modem DSL digital subscriber line it is a family of technologies that provide internet access by transmitting digital data using a local telephone network which uses the pub
127. w what you are doing 5 custom DNS servers 8 8 8 8 8 8 6 6 Usually the gateway has some predefined DNS servers As such the router when it needs to resolve a hostname www google com www cnn com etc to an IP address it will forward all the DNS requests to the gateway By entering custom DNS servers the router will take care of host name resolution You can enter multiple DNS servers to provide redundancy in case the one of the server fails 53 7 2 2 1 2 DHCP General Setup Advanced Settings Protocol DHCP Y Hostname to send when requesting DHCP IP Aliases IP aliases are a way of defining or reaching a subnet that works in the same space as the regular network There are no IP aliases created yet Add When you select the DHCP protocol you can use it as is because most networks will not require any additional advanced configuration 7 2 2 1 3 PPPoE This protocol is mainly used by DSL providers Common Configuration General Setup Advanced Settings Protocol PAP CHAP username PAP CHAP password Access Concentrator Service Name This is the configuration setup for when you select PPPoE protocol MEET ES Explanation PAP CHAP username test Your username and password that you would use to connect to your carriers network 2 PAP CHAP password your_password A mask used to define how large the WAN network is 3 Access Concentrator isp Specifies the name of access concentrator Leave
128. wn responsibility It should not generally be used if you have high cost per SMS This is especially relevant if you will try to send whole OpenVPN configuration which might acumulate 40 SMS 8 8 5 1 Receive configuration This section controls how should configuation initiation party should identify itself In this scenario RUT950 itself is being configured Receive Send Recieve Configuration Receive Configuration Enable e Authorization methed Ho authorization Allowed users From all numbers __ Field name Values Notes 1 Enable Enabled Disabled Enables router to receive configuration 101 1 Authorization method No authorization Method at Receiving and Sending ends must match By serial By administration password 2 Allowed users From all numbers Gives greater control and security measures From group From single number Note that for safety reasons Authorization method should be configured before deployment of the router 8 8 5 2 Send configuration This section lets you configure remote RUT950 devices The authorization settings must confirm to those that are set on the receiving party Generate SMS WAN e Interface Wired M Protocol Static M IP address 217 147 40 44 IP netmask 255 255 255 0 IP gateway 217 147 40 44 IP broadcast 217 147 40 255 102 WFN Generate War Interface Mobile connection APH Dialing number Authentication method Usemame Password Service mode
129. ws sending ICMP echo requests to the remote tunnel network Enable Host Ping period sec METEO EEE 1 Tunnel keep alive Allows sending ICMP echo request Ping utility to the remote tunnel network This function may be used to automatically start the IPSec tunnel This function should be used every time 2 Enable Allows sending ICMP echo requests to the remote tunnel network 3 Host Enter IP address to which ICMP echo requests will be sent 4 Ping period sec Set sent ICMP request period in seconds 88 8 5 3 GRE Tunnel GRE Generic Routing Encapsulation RFC2784 is a solution for tunneling RFC1812 private address space traffic over an intermediate TCP IP network such as the Internet GRE tunneling does not use encryption it simply encapsulates data and sends it over the WAN 152 158 0 2 In the example network diagram two distant networks LAN1 and LAN2 are connected To create GRE tunnel the user must know the following parameters 1 Source and destination IP addresses 2 Tunnel local IP address 3 Distant network IP address and Subnet mask 89 OpenVPN IPsec GRE Tunnel PPTP L2TP Gre tunnel Instance Gre_tunnel Main Settings Enabled Remote endpoint IP address 84 148 7 87 Remote network 192 168 2 0 Remote network netmask Local tunnel IP Local tunnel netmask MTU TTL PMTUD Keep Alive host Keep Alive interval ETE Explanation 1 Enabled Check the box to enable the GRE Tunnel funct
130. xplanation 1 Disable NAT Enable Disable If checked router will not perform NAT masquerade on this interface 2 Use broadcast flag Enable Disable Required for certain ISPs e g Charter with DOCSIS 3 55 3 Use default gateway Enable Disable Use DNS server Enable Disable advertised by peer 5 User gateway metric 0 6 Client ID to send when requesting DHCP 7 Vendor Class to send when requesting DHCP 8 Override MAC address 86 48 71 B7 E9 E4 9 Override MTU 1500 7 2 2 2 3 PPPoE Common Configuration General Setup Advanced Settings Disable NAT Use default gateway Use gateway metric Use DNS servers advertised by peer LCP echo failure threshold LCP echo interval Inactivity timeout If unchecked no default route is configured If unchecked the advertised DNS server addresses are ignored The WAN configuration by default generates a routing table entry With this field you can alter the metric of that entry Override MAC address of the WAN interface If your ISP gives you a static IP address it might also bind it to your computers MAC address i e that IP will only work with your computer In this field you can enter your computers MAC address and fool the gateway in thinking that it is communicating with your computer Maximum transmission unit specifies the largest possible size of a data packet TAI Sample value Explanation Disable NAT Enable Disable 2 Use default gateway Enable Disable 3

Download Pdf Manuals

Related Search

Related Contents

Manual do Participante  Instruction Manual  INFORMAZIONI GENERALI  Winch Service Manual - NEW Winches [dir: Drgs&Manuals] Winch  Istruzioni d`Uso - Amazon Web Services  Cryptech-3G User  manuale operativo - Lincoln Electric  Manual do produto (PT)  You can the PDF manual here  Advance Acoustic MCD 200  

Copyright © All rights reserved. Failed to retrieve file