UR-5 - User´s Guide
Contents
1. Set SMS Service Center Address Service Center Address Fig 66 Set SMS service center address 1 33 Unlock SIM card The industrial router XR5i v2 is not availability item Unlock SIM card Possibility to unlock SIM PIN is under Unlock SIM Card item If the inserted SIM card is secured by a PIN number enter the PIN to field S M PIN and push button Apply SIM card is blocked after three failed attempts to enter the PIN code Unlock SIM Card Fig 67 Unlock SIM card 63 CONFIGURATION 1 34 Send SMS The industrial router XR5i v2 is not availability item Send SMS Sending SMS messages is possible in menu Send SMS The SMS message will be sent after entering the Phone number and text SMS Message and by pushing button Send Send SMS Phane number Message Fig 68 Send SMS SMS message sending via HTTP request is in the form GET send_exec cgi phone 2B420712345678 amp message Test HT TP 1 1 Authorization Basic cm9vdDpyb290 HTTP request will be sent to TCP connection on router port 80 Router sends an SMS message with text Test SMS is sent to phone number 420712345678 Authorization is in the format user password coded by BASE64 In the example is used for root root 1 35 Backup configuration The router configuration is possible to save by help of the Backup Configuration menu item After clicking on this menu it is possible to check a destination directory where it will save the2. 0 ppp l32 1568 1 O 0 255 255 255 0 uU eth 0 0 0 0 0 0 0 0 UG 0 ppp Fig 2 Network status 1 3 DHCP status Information on the activities of the DHCP server can be accessed by selecting the DHCP status DHCP status informs about activities DHCP server The DHCP server provides automatic configuration of devices connected to the network managed router DHCP server assigns to each device s IP address netmask default gateway IP address of router and DNS server IP address of router For each configuration the DHCP status window displays the following information tem n Description n lease Assigned IP address starts Time of assignation of IP address ends Time of termination IP address validity hardware ethernet Hardware MAC unique address uid Unique ID client hostname Computer name Table 3 DHCP status description DHCP Status Active DHCP Leases lease 192 168 1 2 starts l 24011701717 08 08 37 ends l 2011 01 17 06 15 37 hardware ethernet OO ld 32 25 72 33 uid O1 00 1ld 92 25 72 33 client hostname felgrz Fig 3 DHCP status In the extreme the DHCP status can display two records for one IP address That could have been caused by resetting of network cards CONFIGURATION 1 4 GPRS UMTS status ah The industrial router XR5i v2 is not availability item GPRS UMTS status GPRS menu item contains actual information about GPRS UMTS connections PL
3. 1 8 LAN configuration To enter the network configuration select the LAN menu item ETH network set in Primary LAN configuration expansion PORT ETH set in Secondary LAN configuration tem ieesscription O O DHCP Client e disabled The router does not allow automatic allocation IP address from a DHCP server in LAN network e enabled The router allows automatic allocation IP address from a DHCP server in LAN network IP address Fixed set IP address of network interface ETH Subnet Mask IP address of Subnet Mask Media type e Auto negation The router selects the speed of communication of network options e 100 Mbps Full Duplex The router communicates at 100Mbps in the full duplex mode e 100 Mbps Half Duplex The router communicates at 100Mbps in the half duplex mode e 10 Mbps Full Duplex The router communicates at 10Mbps in the full duplex mode e 10 Mbps Half Duplex The router communicates at 10Mbps in the half duplex mode Default Gateway IP address of Default gateway of router When entering IP address of default gateway all packets for which the record was not found in the routing table sent to this address DNS server IP address of DNS server of router Address where they are forwarded to all DNS questions on the router Table 9 Configuration of network interface DHCP server assigns IP address gateway IP address IP address of the router and IP address of the DNS
4. Primary LAN Secondary LAN DHCP client disabled EREN IP Address li Subnet Mask 255 255 255 0 T Media Type auto negotiation auto negotiation Default Gateway DAS Server Enable dynamic DHCP leases IP Pool Start 192 168 1 2 IP Pool End Lease Time C Enable static DHCP leases MAC Address IP Address Fig 10 Example LAN configuration 1 10 CONFIGURATION Example of the network interface with dynamic and static DHCP server The range of allocated addresses from 192 168 1 2 to 192 168 1 4 The address is allocated 10 minutes Client s with MAC address 01 23 45 67 89 ab has IP address 192 168 1 10 Client s with MAC address 01 54 68 18 ba 7e has IP address 192 168 1 11 ETH 192 168 1 1 192 168 1 10 01 23 45 67 89 ab 192 168 1 11 01 54 68 18 ba 7e Fig 11 Topology of example LAN configuration 2 LAN Configuration Primary LAN Secondary LAN DHCP client disabled disabled IP Address 192 168 1 1 il Subnet Mask 255 255 255 0 Media Type auto negotiatiori i auto negotiation Default Gateway DANS Server Enable dynamic DHCP leases IP Pool Start 132 158 1 2 PPodEnd 1216814 Lease Time 600 Enable static DHCP leases MAC Address IP Address 01 23 45 67 89 ab 192 168 1 10 li 54 68 18 ba e 192 168 1 11 Fig 12 Example LAN configuration 2 11 CONFIGURATION Example of th
5. Remate ID Remote Subnet Remote Subnet Mask Local ID l Local Subnet Local Subnet Mask Key Lifetime 3600 IKE Lifetime 3600 Rekey Margin 540 Rekey Fuzz 100 DPD Delay a DPD Timeout L NAT Traversal disabled Aggressive Mode disabled Authenticate Mode pre shared kay Pre shared Key CA Certificate Remote Certificate Local Certificate Extra Options can be blank Fig 33 IPsec tunnel configuration 33 CONFIGURATION B 192 168 1 2 192 168 2 2 Router B ppp0 10 0 0 2 Router A 192 168 2 0 Switch ppp0 10 0 0 1 m Switch 192 168 1 0 Kp IE 1 Ze 5 Bo 192 168 1 3 ic LEER J 192 168 2 3 192 168 1 4 192 168 2 4 Default Gateway 192 168 1 1 Default Gateway 192 168 2 1 Fig 34 Topology of example IPsec configuration IPsec tunnel configuration Configuration Remote IP Address 10 0 0 2 10 0 0 1 Remote Subnet 192 168 2 0 192 168 1 0 Remote Subnet Mask 255 255 255 0 255 255 255 0 Local Subnet 192 168 1 0 192 168 2 0 Local Subnet Mas 255 255 255 0 255 255 255 0 Authenticate mode pre shared key pre shared key Pre shared key test test Table 31 Example IPsec configuration Examples of different options for configuration and authentication of IPsec can be found in the configuration manual IPsec tunnel 34 CONFIGURATION 1 16 GRE tunnels configuration To enter the GRE tunnels configuration select the GRE menu item The GRE tunnel
6. SNMP Configuration Enable SNMP agent Community public Contact Jack Roghul 420 732 123 Mame Canal Location Usti nad Orlici Enable I O extension C Enable XC CNT extension Enable M BUS extension Baudrate 300 Parity even Stop Bits l1 can be blank Fig 42 Example of SNMP configuration MG SOFT MIB Browser Professional Edition KB File Edit wiew SNMP Action Tools Window Help ii D I0 PRO 1 ES E ee Bea ee Gu apate age Split 192 168 2 250 w v Vertical Query results A Ce ic ccitt Remote address 192 168 2250 port 161 transport IP UDP c e d Lacal address 192 168 2 115 part 4815 transport IP LDP Es Protacal version SAM Fwi Be ag Operation Get EH dad Request binding EI c3 internet 1 sysLocatian D DisplayString null i73 directory B A mant 2 47 mib 2 B a system sysDescr Qe sysObjectID B sysUpTime B sysName sysLocation OID 1 3 6 1 2 1 1 4 ii SNMP Joe 8 Fig 43 Example of the MIB browser It is important to set the IP address of the SNMP agent router in field Remote SNMP agent After enter the IP address is in a MIB tree part is possible show object identifier The path to objects is iso gt org gt dod gt internet gt private gt enterprises gt conel gt protocols The path to information about router is iso gt org gt dod gt internet gt mgmt gt mib 2 gt system 43 CONFIGURATION
7. 10 0 2 123 ag 142 2 26 54 Fig 23 Topology of example firewall configuration Firewall Configuration Allow remote access only from specified hosts Source Source IP Address Protocol Target Port single address w 171 92 5 45 at Mj l single address 10 0 2 123 ITCP w 1000 single address 1422 26 54 single address ma single address single address single address 1 IN single address can be blank Fig 24 Example firewall configuration 23 CONFIGURATION 1 13 NAT configuration To enter the Network Address Translation configuration select the NAT menu item NAT Network address Translation Port address Translation PAT is a method of adjusting the network traffic through the router default transcript and or destination IP addresses often change the number of TCP UDP port for walk through IP packets The window contains sixteen entries for the definition of NAT rules Public Port Public port Private Port Private port Type Protocol selection Server IP address IP address which will be forwarded incoming data Table 23 NAT configuration If necessary set more than sixteen rules for NAT rules then is possible insert into start up script following script iptables t nat A napt p tcp dport PORT PUBLIC j DNAT to destination IPADDRI PORT1 PRIVATE Concrete IP address IPADDR
8. In the bottom part of the window it is possible to define access over CSD connection by Enable Dial ln Access function Access can be secured by used the Username and Password In the event that this function is enabled and the router does not have a PPP connection is granted access to the router via dial up connections CSD The router waits 2 minutes to accept connections If the router during this time nobody logs on the router will try again to establish a GPRS connection tem Description a Username User name for secured Dial In access Password Password for secured Dial In access Table 20 Dial In access configuration 1 10 7 PPPoE bridge mode configuration If the Enable PPPoE bridge mode option selected it activate the PPPoE bridge protocol PPPoE point to point over ethernet is a network protocol for encapsulating Point to Point Protocol PPP frames inside Ethernet frames Allows you to create a PPPoE connection from the device behind router For example from PC which is connected to ETH port router There will be allot Ip address of SIM card to PC 18 CONFIGURATION The changes in settings will apply after pressing the Apply button UMTS GPRS Configuration Create PPP connection Primary SIM card Secondary SIM card APN Username Password E Authentication PAP or CHAP v PAP or CHAP IP Address i Phone Number Operator Network Type automatic sel
9. and ports numbers PORT PUBLIC and PORT1 PRIVATE are filled up into square bracket Reconfiguration of PPPoE Firewall NAT OpenVPN IPsec Expansion Port and USB Port always leads to restarting IPtables In case that someone has additional rules in Startup script then reboot of router is needed The following items are used to set the routing of all incoming traffic from the PPP to the connected computer Send all incoming pack By checking this item and setting the Default Server item it is ets to default server possible to put the router into the mode in which all incoming data from GPRS will be routed to the computer with the defined IP address Default Server Send all incoming packets to this IP addresses Table 24 Configuration of send all incoming packets Enable the following options and enter the port number is allowed remote access to the router from PPP interface Enable remote HTTP If this item field and port number is filled in then configuration access on port of the router over web interface is possible Enable remote HTTPS f this item field and port number is filed in then configuration access on port of the router over web interface is possible Enable remote FTP Choice this item and port number makes it possible to access over access on port FTP Enable remote SSH Choice this item and port number makes it possible to access over access on port SSH Enable remote Telnet Choice this item and port number make
10. remaining incoming packets to the default server fulfill oneself connection on induction IP address If it is not selected selection Send all remaining incoming packets to default server and Default server IP address then connection requests a failure 1 14 OpenVPN tunnel configuration OpenVPN tunnel configuration can be called up by option OpenVPN item in the menu OpenVPN tunnel allows protected connection of two networks LAN to the one which looks like one homogenous In the OpenVPN Tunnels Configuration window are two rows each row for one configured OpenVPN tunnel LLC n a Description n Create This item enables the individual tunnels Description This item displays the name of the tunnel specified in the configuration of the tunnel Edit Configuration OpenVPN tunnel Table 26 Overview OpenVPN tunnels Open PN Tunnels Configuration Create Description 1st no v Edit 2nd na Wi Fig 29 OpenVPN tunnels configuration LLC n A Description NN Description Description of tunnel Protocol Protocol by which the tunnel will communicate e UDP OpenVPN will communicate using UDP e TCP server OpenVPN will communicate using TCP in server mode e TCP client OpenVPN will communicate using TCP in client mode UDP TCP port Port by which the tunnel will communicate Remote IP Address IP address of the opposite side of the tunnel Can be used domain name Remote Subnet Network IP address of the opposite side
11. 0 Username username Password password Table 36 Example L2TP tunel configuration 38 192 168 2 2 Router B ppp0 10 0 0 2 192 168 2 1 eu ze 192 168 2 3 zm 192 168 2 4 Default Gateway 192 168 2 1 L2TP Client 10 0 0 1 192 168 1 0 255 255 255 0 username password CONFIGURATION 1 18 DynDNS client configuration DynDNS client Configuration can be called up by option DynDNS item in the menu In the window can be defined a third order domain registered on server www dyndns org LC n _escription n Hostname Third order domain registered on server www dyndns org Username Username for login to DynDNS server Password Password for login to DynDNS server Server lf you want to use another DynDNS service than www dyndns org then enter the update server service to this item If this item is left blank it uses the default server members dyndns org Table 37 DynDNS configuration Example of the DynDNS client configuration with domain conel dyndns org DynDNS Configuration Enable DynDNS client Hostname cane dyndns org a Username conel Password conel can be blank Fig 40 Example of DynDNS configuration 39 CONFIGURATION 1 19 NTP client configuration NTP client Configuration can be called up by option NTP item in the menu NTP Network Time Protocol allows set the exact time to the router from the servers which provide the exact time on the network By paramete
12. 162 209 13 222 Ue 10 0 0 1 81 pppO 10 0 0 1 10 0 0 1 82 192 168 1 2 80 10 0 0 1 83 192 168 1 3 80 192 168 1 4 80 Fig 27 Topology of example NAT configuration MAT Configuration Public Port Private Port Type Server IP Address deo j TCP iw 9216812 180 TCP y 192 168 1 3 ga TCP v 192 168 1 4 Enable remate FTP access on port Enable remate Telnet access an port 23 Enable remote SNMP access on port 161 a Send all remaining incoming packets to default server Default Server IP Address i Masquerade outgoing packets Fig 28 Example of NAT configuration 2 26 CONFIGURATION In this configuration equipment wired behind the router defines the address Server P Address The router replies while PING on address of SIM card Access on web interface of the equipment behind the router is possible by the help of Port Forwarding when behind IP address of SIM is indicating public port of equipment on which we want to come up At demand on port 80 it is surveyed singles outer ports Public port there this port isn t defined therefore at check selection Enable remote http access it automatically opens the web interface router If this choice isn t selected andis selected volition Send all
13. 19 16 2 0 19 18 1 0 Compression LZO LZO Authenticate mode none none Table 28 Example OpenVPN configuration Examples of different options for configuration and authentication of OpenVPN can be found in the configuration manual OpenVPN tunnel 30 CONFIGURATION 1 15 IPSec tunnel configuration IPsec tunnel configuration can be called up by option IPsec item in the menu IPsec tunnel allows protected encrypted connection of two networks LAN to the one which looks like one homogenous In the IPsec Tunnels Configuration window are four rows each row for one configured one IPSec tunnel LC n a Description n Create Description This item enables the individual tunnels This item displays the name of the tunnel specified in the configuration of the tunnel Edit Configuration IPsec tunnel Table 29 Overview IPsec tunnels IPsec Tunnels Configuration Create Description ist no 2nd no v 3rd no 4th no esi Edit Fig 32 IPsec tunnels configuration LLC n Description NN Description Remote IP Address Remote ID Remote Subnet Remote Subnet Mask Local ID Local Subnet Local subnet mask Key Lifetime IKE Lifetime Rekey Margin Rekey Fuzz DPD Delay DPD Timeout NAT traversal Aggressive mode Description of tunnel IP address of opposite side tunnel Can be used domain main Identification of opposite side tunnel Parameters ID contain two parts hostname a
14. LAN configuration 1 9 VRRP configuration 1 10 GPRS configuration 1 10 1 GPRS connection 1 10 2 DNS address configuration 1 10 3 Check PPP connection configuration 1 10 4 Data limit configuration 1 10 5 Switch between SIM cards configuration 1 10 6 Dial In access configuration 1 10 7 PPPoE bridge mode configuration 11 PPPoE configuration 12 Firewall configuration 13 NAT configuration 14 OpenVPN tunnel configuration IPSec tunnel configuration 16 GRE tunnels configuration 17 L2TP tunnel configuration 18 DynDNS client configuration 19 NTP client configuration 1 20 SNMP configuration 1 21 SMTP configuration 1 22 SMS configuration 1 22 1 Send SMS 1 23 Expansion port configuration 1 24 USB port configuration 1 25 Startup script 1 26 Up Down script 1 27 Automatic update configuration 1 28 User modules 1 29 Change profile 1 30 Change password 1 31 Set real time clock 1 32 Set SMS service center address 1 33 Unlock SIM card 1 34 Send SMS 1 35 Backup configuration 1 36 Restore configuration 1 37 Update firmware 1 38 Reboot 2 Configuration setting over Telnet a LL ll ll CONTENTS 1 2 3 4 5 4 1 8 9 PICTURE LIST Picture list Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig Fig F
15. availability item GPRS Configuration To enter the GPRS connection configuration select the GPRS menu item 1 10 1 GPRS connection lf the Create GPRS connection option is selected the modem automatically tries to establish GPRS connection after switching on LLC n Description NNNM APN Network identifier Access Point Name Username User name to log into the GSM network Password Password to log into the GSM network Authentication Authentication protocol in GSM network e PAP or CHAP Router is chosen one of the authentication methods e PAP It is used PAP authentication method e CHAP It is used CHAP authentication method IP Address IP address of SIM card The user sets the IP address only in the case IP address was assigned of the operator Phone Number Telephone number to dial GPRS or CSD connection Router as a default telephone number used 99 1 Operator This item can be defined PLNM preferred carrier code Network type e Automatic selection The router automatically selects a specific transmission method according to the availability of transmission technology e Furthermore according to the type of router it is also possible to select a specific method of data transmission GPRS EDGE UMTS PIN PIN parameter should be set only if it requires a SIM card router SIM card is blocked in case of several bad attempts to enter the PIN MRU Maximum Receiving Unit it is the identifier of the maximum
16. of the tunnel Remote Subnet Subnet mask of the opposite side of the tunnel Mask Redirect Gateway By this parameter is possible to redirect all traffic on Ethernet Local Interface IP IP address of the local side of tunnel Address 2 CONFIGURATION Remote Interface IP Address Ping Interval Ping Timeout Renegotiate Interval Max Fragment Size Compression NAT Rules Authenticate Mode Pre shared Secret CA Certificate DH Parameters Local Certificate Local Private Key Username Password 28 IP address of interface local side of tunnel This parameter defines the time period after which router sends a message to opposite side of tunnel for check the existence of the tunnel Ping Timeout waits on message from off side tunnel For OpenVPN tunnel right verifies parameter Ping Timeout has to be bigger than Ping Interval This parameter sets renegotiate period reauthorization of the OpenVPN tunnel This parameter is possible to set only at username password authentication or at X 509 certificate using After this time period the router changes the encryption tunnel to ensure the continued safety of the tunnel By parameter Max Fragment Size it is possible to define maximum sending packet size Sending data is possible compress e none No compression is used e LZO Are used lossless LZO compressions Compression has to be on both tunnel ends By parameter NAT Rules it is possible to apply set NAT rul
17. router configuration 1 36 Restore configuration In case it is needed to restore the router configuration it is possible in Restore Configuration menu item to check configuration by help Browse button Restore Configuration Configuration File Proch zet Fig 69 Restore configuration 64 CONFIGURATION 1 37 Update firmware To view the information about the firmware version and instructions for its update select the Update Firmware menu item New firmware is selected via Browse button and update the following pressing the Update button Update Firmware Firmware version 2 0 7 2010 12 16 Mew Firmware Fig 70 Update firmware After successful firmware updating the following statement is listed Uploading firmware to RAM ok Vo te REM ak Reboot in progress Continue here after reboot There is information about updating of the FLASH memory Upload firmware of different device can cause damage of the router During updating of the firmware permanent power supply has to be maintained 1 38 Reboot To reboot the router select the Reboot menu item and then press the Reboot button The reboot process will take about 15 seconds to complete Fig 71 Reboot 65 CONFIGURATION 2 Configuration setting over Telnet a Attention If the SIM card isn t inserted in the router it is impossible for the router to operate The Included SIM card must be activated for GPRS t
18. server IP address of the router to the connected clients DHCP server supports static and dynamic assignment of IP addresses Dynamic DHCP server assigns clients IP addresses from a defined address space Static DHCP assigns IP addresses that correspond to the MAC addresses of connected clients Enable dynamic DHCP lf this option is checked can enable a dynamic DHCP server eases IP Pool Start Start IP addresses space to be allocated to the DHCP clients IP Pool End End IP addresses space to be allocated to the DHCP clients Lease time Time in seconds after which the client can use IP address Table 10 Configuration of dynamic DHCP server Jtem Description a Enable static If this option is checked can enable a static DHCP server DHCP leases MAC Address MAC address of a DHCP client IP Address Assigned IP address Table 11 Configuration of static DHCP server a CONFIGURATION lt is important not to overlap ranges of static allocated IP address with address allocated by the dynamic DHCP Then risk collision of IP addresses and incorrect function of network Example of the network interface with dynamic DHCP server e The range of dynamic allocated addresses from 192 168 1 2 to 192 168 1 4 e he address is allocated 600 second 10 minutes GSM GPRS ETH tt 4x ZZ 192 168 1 1 192 168 1 3 7 Ag 192 168 1 4 Fig 9 Topology of example LAN configuration 1 LAN Confiquration
19. 1 21 SMTP configuration To enter the SMTP it is possible configure SMTP Simple Mail Transfer Protocol client which is set by sending emails SMTP Server IP or domain address of the mail server Address Username Name to email account Password Password to email account Own Email Address of the sender Address Fig 44 SMTP client configuration Mobile operator can block other SMTP servers then you can use only the SMTP server of operator Example settings SMTP client SMTP Configuration SMTP Server Address smtp domain com Username nametedamain coam Password pass Own Email Address jnamet domain com Fig 45 SMTP configuration E mail can be send from the Startup script This command is used to email with following parameters e t receiver Email address e S subject e m message e a appendix e r number of attempts to send email default set 2 attempts Commands and parameters can be entered only in lowercase Example to send email email t name domain com s subject m message a c directory abc doc r 5 This command sends e mail to address jack google com with the subject subject body message message and annex abc doc right from the directory c directory and 5 attempts to send 44 CONFIGURATION 1 22 SMS configuration a The industrial router XR5i v2 is not availability item SMS Configuration SMS Configuration can be called up by option SMS ite
20. 24 last message repeated l time 24 pppad 491 24 pppd 491 24 pppad 491 24 pppd 491 24 pppa 491 rcvd rcvd sent rcvd rcvd CHAP CHAP sent revd sent revd sent IPCP IPCP IPCP IPCP IPCP Success id Oxl authentication succeeded ConfRedq id xl addr ConfRedq id Ox0 ConfNak id 0x0 addr ConfNak id xl addr ConfRkeq id O0x2 addr LCP DiscReq id xl magic O0xd s6e2fe9 CHAP Challenge id 0x1 O O0000000000000000000000000000000 name UMTS CHAP SRVR CHAP Response id O0xl Da9 7e9Shbz259c6ef6 75514121954 hb7h03 name LCP EchoRep id 0x0 magic Oxd68t6ezfe9 60 8d 8c 57 0 0 0 0 ms dnsl 0 0 0 0 ms dns3 0 192 168 254 254 10 169 109 133 ms dnsl 93 153 117 10 169 109 133 ms dnsl 93 153 117 a meer 0 0 0 l ms dns3 62 141 0 2 l ms dns3 62 141 0 2 1970 01 01 1970 01 01 1970 01 01 1970 01 01 1970 01 01 1970 01 01 1970 01 01 1970 01 01 1970 01 01 1970 01 01 1970 01 01 1970 01 01 1920 01 01 24 pppd 491 rcvd 24 pppd 491 sent 24 pppd 491 rcvd IPCP 24 dnsmasq 399 reading etc resolv conf 24 dnsmasq 399 using nameserver 62 141 0 2 53 24 dnsmasq 399 using nameserver 93 153 117 1 53 24 pppd 491 local IP address 10 169 109 133 24 pppd 4d91 remote IP address 192 168 254 254 24 pppd 491 primary DNS address 93 153 117 1 24 pppd 491 secondary DNS address 62 141 0 2 24 pppd 491 Script etc scripts ip up started pid 495 25 pp
21. 492 MTU 1 492 Get ONS addresses from server Fig 22 PPPoE configuration 21 CONFIGURATION 1 12 Firewall configuration By the help of a firewall it is possible to set IP addresses from which are possible to remotely access the router and internal network connected behind a router The choice Allow remote access only from specified hosts is given for easier configuration of hosts In this firewall configuration it is possible to set up to four remote accesses by the help of Source Source IP Address Protocol and Target Port tem n Description n Source e single address access allowed a single IP address defined in the Source IP Address e any address allowed access to any IP address Source IP address IP address from which it is allowed to access the router Protocol Specify protocol for remote access e all access is allowed by all e CP access is allowed by TCP e UDP access is allowed by UDP e ICMP access is allowed by ICMP Target Port The port number on which it is allowed to access the router Table 22 Firewall configuration a Caution Firewall doesn t filter via Ethernet 22 CONFIGURATION Example of the firewall configuration The router has allowed the following access e from address 171 92 5 45 using any protocol e from address 10 0 2 123 using TCP protocol on any ports e from address 142 2 26 54 using ICMP protocol NS TCP 1000 ki j ep a W at W 171 92 5 45
22. AT SMS protocol on expansion port 1 Baudrate 9600 ba C Enable AT EMS protocol on expansion port 2 Baudrate a600 v Enable AT SMS protocol over TCP TCP Port can be blank Fig 46 Example of SMS configuration 1 48 CONFIGURATION Example of the router configuration for SMS sending via serial interface on the PORT 1 SMS Configuration Send SMS on power up C Send SMS on PPP connect Send SMS on PPP disconnect C Send SMS when datalimit is exceeded C Send SMS when binary input on I O port BINO is active Send SMS when binary input on expansion port 1 BIN1 BIN4 is active Phone Mumber 1 a i Phone Number 2 Phone Number 3 Unit ID BINO SMS BIM1 SMS BINZ SMS BINS SMS BIN4 SMS Enable remote control via SMS Phane Number 1 Phone Number 2 Phone Number 3 Enable AT EMS protocol on expansion port 1 Baudrate 3600 w C Enable AT SMS protocol on expansion port 2 Baudrate 9600 w Enable AT SMS protocol over TCP TCP Part can be blank Fig 47 Example of SMS configuration 2 49 CONFIGURATION Example of the router configuration for controlling via SMS from every phone numbers SMS Configuration C Send SMS on power up Send SMS on PPP connect C Send SMS on PPP disconnect Send SMS when datalimit is exceeded Send SMS when binary input on I O port BIMO is active C Send SMS when binary i
23. In the middle part of window is shows information about transferred data and number of connection both SIM card for each period RX data Total volume of received data TX data The total volume of data sent Connections Number of PPP connection establishment Table 7 Description of GSM traffic CONFIGURATION The PPP Connection Log is inthe bottom of window where are information about the make up of the PPP connection and problems in establishment GPRS Status GSM Information PLMN Cell z Channel z 30 Level 77 dem Neighbours 79 dBm 80 Uptime e3 001l Today 893 dEn 74 dEn Level Min Level Avg Lewel Max Cells shoes Availability 97 95 Ex Data Tx Data Connections Ex Data Tx Data Connections z ll 5 9 11 49 55 Connection successfully established Fig 4 GPRS status 0 days O hours 6946 EDGE attached 84 dBm 57 92 dBm 59 29 minutes Yesterday dBm dBm 67 GB 2011 05 09 11 15 37 NE Yesterday KB KB Yesterday EE KB 33 dBm 55 GSM Statistics This Week 59 dem 74 dem 67 dBm 79 AP AS Last Week 91 dBm 74 dem 67 dBm 394 A3 Z 15 dBm il 03 This Period 91 dEm 74 dEn 67 den 472 99 14 Traffic Statistics for Primary SIM card This Week 69 KE 6l EE 5 Last Week 423 EB 42929 KE au This Feriod B92 KE 560 KE a5 Traffic Statistics for Secondary SIM card This Wee
24. MN Code of operator Cell The cell to which the router is connected Channel The channel on which the router communicates Level The signal quality of the selected cell Neighbours Signal quality of neighboring hearing cells Uptime Time to establish PPP connection Table 4 Description of GSM information item lf the neighbor cell is highlighted in red risk of often switching between neighbor and actual cells The next section of this window displays information about the quality of the GPRS UMTS connection in each period Definition of the period Today Today from 0 00 to 23 59 Yesterday Yesterday from 0 00 to 23 59 This week This week from Monday 0 00 to Sunday 23 59 Last week Last week from Monday 0 00 to Sunday 23 59 This period This accounting period The interval must be set in the GPRS Configuration Last period Last accounting period The interval must be set in the GPRS Configuration Table 5 Description of period teM n Description n Level Min Minimal signal strength Level Avg Average signal strength Level Max Maximal signal strength Cells Number of switch between cells Availability Availability of PPP connection Table 6 Description of GSM statistic Availability is information in percentage that is calculated us ration of PPP connect time and router power on time After you place your cursor on the maximum or minimum signal strength will show b the last time when the signal strength reaching the router
25. ORT1 configuration Send SMS on serial PORT1 configuration send SMS on ethernet PORT1 configuration 3 3 4 5 5 5 5 7 9 9 9 TABLE LIST Table 50 Table 51 Table 52 Table 53 Table 54 Table 55 Table 56 Table 57 Table 58 Table 59 Table 60 AT commands for work with SMS Expansion PORT configuration 1 Expansion PORT configuration 2 CD signal description DTR signal description USB port configuration 1 USB PORT configuration 2 CD signal description DTR signal description Automatic update configuration Telnet commands VII CONFIGURATION 1 Configuration settings over web browser Attention If the SIM card is not inserted in the router then wireless transmissions will not work The inserted SIM card must have activated GPRS Insert the SIM card when the router is switched off Monitoring of the status configuration and administration of the router can be performed by means of the web interface which is available after insertion of IP address of the modem into the web browser The default IP address of the modem is 192 168 1 1 Configuration may be performed only by the user root with initial password root The left part of the web interface contains the menu with pages for monitoring of the Status Configuration and Administration of the router Name of the router is displayed depending on type of your router Items Name and Location displays the name and location of the router filled in
26. Port In both modes of connection is necessary to specify the TCP port on which the router will communicate TCP connections Table 55 USB port configuration 1 After check Check TCP connection it activates verification of established TCP connection Description Keepalive Time Time after which it will carry out verification of the connection Keepalive Interval Waiting time on answer Keepalive Probes Number of tests Table 56 USB PORT configuration 2 When you select items Use CD as indicator of the TCP connection is activated function indication TCP connection using signal CD DTR on the router Active TCP connection is on Nonactive TCP connection is off Table 57 CD signal description 55 CONFIGURATION When you select items Use DTR as control of TCP connection is activated function control TCP connection using signal DTR CD on the router DTR Description client Active The router allows establishing a TCP Router starts TCP connection connection Nonactive The router does not permit establishing Router stops TCP connection a TCP connection Table 58 DTR signal description Supported USB RS232 converters e FTDI e Prolific PL2303 e Silicon Laboratories CP210x Podporovan od firmware verze 3 0 1 The changes in settings will apply after pressing the Apply button USB Port Configuration C Enable USB serial converter access over TCP UDP Baudrate 3600 w Data Bits j v Parity w Stop Bits v Split Ti
27. VENT SA REPLACE in 2733s newest ISARHP lastdpd lsisq Fig 5 IPsec status 1 6 DynDNS status DynDNS up dating entry result on server www dyndns org can be called up in option DynDNS item in the menu DynDNS Status Last DynDNS Update Status DynDNS record successfully updated Fig 6 DynDNS status In detecting the status of updates DynDNS record are possible following message DynDNS client is disabled Invalid username or password Specified hostname doesn t exist Invalid hostname format Hostname exists but not under specified username No update performed yet DynDNS record is already up to date DynDNS record successfully update DNS error encountered DynDNS server failure Table 8 Possibly DynDNS report For correct function DynDNS SIM card of router must have assigned public IP address CONFIGURATION 1 7 System log In case of any problems with connection to GPRS it is possible to view the system log by pressing the System Log menu item In the window are displayed detailed reports from individual applications running in the router By the help of button Save it is possible to save the system log to the computer System Log System Messages 1970 01 01 1970 01 01 1970 01 01 1970 01 01 1970 01 01 1970 01 01 1970 01 01 1970 01 01 1970 01 01 1970 01 01 1970 01 01 1970 01 01 Z4 pppd 491 24 pppa 491 24 pppd 491 24 pppa 491 24 pppd 491 24 pppa 491
28. WWW INFOPULSAS LT M on info infopulsas It CONFIGURATION MANUAL for v2 routers ER75i v2 ant 4 PPP GSM PWR SIM2Z SIMT LI e 4 2 e USR OUT IN ETH ax URS v2 ANT A PPP GSM p CEID e A A 2 re e edite OUT IN PORT2 PORT USED SYMBOLS Used symbols Danger important notice which may have an influence on the user s safety or the function of the device Attention notice on possible problems which can arise in specific cases Information notice information which contains useful advice or special interest Firmware version Actual version of firmware is 3 0 1 26 9 2011 GPL license Source codes under GPL license are available free of charge by sending an email to info conel cz Routers version Properties and settings of router associated with the GSM connection is not available in industrial router XR5i v2 PPPoE configuration item is only available on the industrial router XR5i v2 used to set the PPPoE connection over Ethernet ens i tov Declared quality system aw ISO 9001 t A Tosg38 Conel s r o Sokolska 71 562 04 Usti nad Orlici Czech Republic Manual issued in CZ 12 15 2011 Contents 1 Configuration settings over web browser 1 1 Secured access to web configuration 1 2 Network status 1 3 DHCP status 1 4 GPRS UMTS status 1 5 IPsec status 1 6 DynDNS status 1 7 System log 1 8
29. able 15 Table 16 Table 17 Table 18 Table 19 Table 20 Table 21 Table 22 Table 23 Table 24 Table 25 Table 26 Table 27 Table 28 Table 29 Table 30 Table 31 Table 32 Table 33 Table 34 Table 35 Table 36 Table 37 Table 38 Table 39 Table 40 Table 41 Table 42 Table 43 Table 44 Table 45 Table 46 Table 47 Table 48 Table 49 VI Configuration of dynamic DHCP server Configuration of static DHCP server VRRP configuration Check PPP connection GPRS connection configuration Check PPP connection configuration Data limit configuration Default and backup SIM configuration Switch between SIM card configurations Switch between SIM card configurations Dial In access configuration PPPoE configuration Firewall configuration NAT configuration Configuration of send all incoming packets Remote access configuration Overview OpenVPN tunnels OpenVPN configuration Example OpenVPN configuration Overview IPsec tunnels IPsec tunnel configuration Example IPsec configuration Overview GRE tunnels GRE tunnel configuration Example GRE tunnel configuration L2TP tunnel configuration Example L2TP tunel configuration DynDNS configuration NTP configuration SNMP configuration SNMP configuration Object identifier for binary input and output Object identifier for CNT port Object identifier for M BUS port send SMS configuration Control via SMS configuration Control SMS Send SMS on serial P
30. able 52 Expansion PORT configuration 2 When you select items Use CD as indicator of the TCP connection is activated function indication TCP connection using signal CD DTR on the router Active TCP connection is on Nonactive TCP connection is off Table 53 CD signal description 52 CONFIGURATION When you select items Use DTR as control of TCP connection is activated function control TCP connection using signal DTR CD on the router DTR Description client Active The router allows establishing a TCP Router starts TCP connection connection Nonactive The router does not permit establishing Router stops TCP connection a TCP connection Table 54 DTR signal description The changes in settings will apply after pressing the Apply button Expansion Port 1 Configuration L Enable expansion port 1 access over TCP UDP Port Type 1 Baudrate 9600 Data Bits E Farity Stop Bits Split Timeout Protocol Mode Server Address TOP Port C Check TCP connection Keepalive Time 3600 Keepalive Interval 10 Keepalive Probes 5 Fig 50 Expansion port configuration 53 CONFIGURATION Example of external port configuration M PLC pppO 10 0 0 2 ppp 10 0 0 1 SH 192 168 1 1 M 192 168 1 100 Ep Sa Settings in application on PC Settings in the router TCP connection on 10 0 0 2 2000 Mode TCP server Default Gateway 192 168 1 1 Server Address TCP Port 2000 Fig 51 Example of expansion
31. active line It is activated by selecting Enable traffic monitoring parameter If this parameter is set and any packet different from ping is sent to the monitored line then any answer to this packet is expected for Ping Timeout If Ping Timeout expires with no answer received then process of testing the active line continues the same way like in the case of standard testing process after first test message answer drops out 13 CONFIGURATION Example of the VRRP protocol Main router Virtual server ID 5 Y a Host priority 255 192 168 1 2 APN 1 J 10 0 1 3 APN 2 192 168 1 3 Backup router Virtual server ID 5 TTT Host priority 100 SU Fig 15 Topology of example VRRP configuration VRRP Configuration Enable VRRP Virtual Server IP Address 192 1 58 1 1 virtual Server ID 5 Hast Priarity 255 Check PPF connection Ping IP Address 10 0 1 3 Ping Interval Ping Timout Ping Probes Enable traffic monitoring Apply Fig 16 Example VRRP configuration main router VRRP Configuration ivi Enable VRRP Virtual Server IP Address 192 168 1 1 Virtual Server ID 5 Host Priority Check PPP connection Ping IP Address Ping Interval Ping Timout Ping Probes C Enable traffic monitoring Fig 17 Example VRRP configuration backup router 14 CONFIGURATION 1 10 GPRS configuration ah The industrial router XR5i v2 is not
32. agent Contact Person who manages the router together with information how to contact this person Name Designation of the router Location Placing of the router Table 39 SNMP configuration By choosing Enable I O extension it is possible to monitor binary inputs I O on the router By choosing Enable XC CNT extension it is possible to monitor the expansion port CNT inputs and outputs status By choosing Enable M BUS extension and enter the Baudrate Parity and Stop Bits it is possible to monitor the meter status connected to the expansion port M BUS status LLC n Description NN Baudrate Communication speed Parity Control parity bit e none Data will be sent without parity e even Data will be sent with even parity e odd Data will be sent with odd parity Stop Bits Number of stop bit Table 40 SNMP configuration a Parameters Enable XC CNT extension and Enable M BUS extension can not be checked together 41 CONFIGURATION Every monitor value is uniquely identified by the help of number identifier OID Object Identifier For binary input and output the following range of OID is used 1 3 6 1 4 1 30140 2 3 1 0 Binary input BINO values 0 1 1 3 6 1 4 1 30140 2 3 2 0 Binary output OUTO values 0 1 Table 41 Object identifier for binary input and output For the expansion port CNT the following range of OID is used 1 3 6 1 4 1 30140 2 1 1 0 Analogy input AN1 range 0 4095 1 3 6 1 4 1 30140 2 1 2 0 An
33. alogy input AN2 range 0 4095 1 3 6 1 4 1 30140 2 1 3 0 Counter input CNT1 range 0 4294967295 1 3 6 1 4 1 30140 2 1 4 0 Counter input CNT2 range 0 4294967295 1 3 6 1 4 1 30140 2 1 5 0 Binary input BIN1 values 0 1 1 3 6 1 4 1 30140 2 1 6 0 Binary input BIN2 values 0 1 1 3 6 1 4 1 30140 2 1 7 0 Binary input BINS values 0 1 1 3 6 1 4 1 30140 2 1 8 0 Binary input BIN4 values 0 1 1 3 6 1 4 1 30140 2 1 9 0 Binary output OUT1 values 0 1 Table 42 Object identifier for CNT port For the expansion port M BUS the following range of OID is used 1 3 6 1 4 1 30140 2 2 address 1 0 IdNumber meter number 1 3 6 1 4 1 30140 2 2 address 2 0 Manufacturer 1 3 6 1 4 1 30140 2 2 address 3 0 Version specified meter version 1 3 6 1 4 1 30140 2 2 address 4 0 Medium type of metered medium 1 3 6 1 4 1 30140 2 2 lt address gt 5 0 Status errors report 1 3 6 1 4 1 30140 2 2 address 6 0 0 VIF value information field 1 3 6 1 4 1 30140 2 2 address 7 0 0 measured value 1 3 6 1 4 1 30140 2 2 address 8 0 1 VIF value information field 1 3 6 1 4 1 30140 2 2 address 9 0 1 measured value 1 3 6 1 4 1 30140 2 2 address 100 0 47 VIF value information field 1 3 6 1 4 1 30140 2 2 address 101 0 47 measured value Table 43 Object identifier for M BUS port The meter address can be from range 0 254 when 254 is broadcast 42 CONFIGURATION Example of SNMP settings and readout
34. amefdomain com s Conel router m PPP connection is lost Fig 59 Example of Up Down script 99 CONFIGURATION 1 27 Automatic update configuration In the window Automatic update it is possible to set automatic configuration update This choice enables that the router automatically downloads the configuration and the newest firmware from the server itself The configuration and firmware are stores on the server By Enable automatic update of configuration it is possible to enable automatic configuration update and by Enable automatic update of firmware it is possible to enable firmware update LLC n Cesscription n Source In the item source can be set where new firmware download e HTTP FTP server new firmware or configuration look at address in the Base URL item e USB flash drive Router finds current firmware or configuration in the root directory of the connected USB device e Both looking for the current firmware or configuration from both sources Base URL By parameter Base URL it is possible to enter base part of the domain or IP address from which the configuration file will be downloaded Unit ID Name of configuration If the Unit ID is not filled then as the file name used the MAC address of the router The delimiter is a colon is used instead of a dot Update Hour Automatic configuration update starts 5 minutes after turning on the router and then every 24 hours or it is possible to set the time of
35. automatic configuration in parameter Update Hour lf the entered URL is different configuration than in the router then the router downloads this configuration and restarts itself Table 59 Automatic update configuration The configuration file name is from parameter Base URL hardware MAC address of ETHO interface and cfg extension Hardware MAC address and cfg extension is connected automatically and it isn t needed to enter this By parameter Unit ID enabled it defines the concrete configuration name which will be download to the router When using parameter Unit ID hardware MAC address in configuration name will not be used The firmware file name is from parameter Base UAL type of router and bin extension 60 CONFIGURATION The following examples find if there is a new firmware or configuration each day at 1 00 in the morning An example is given on the type of router ER75i v2 e Firmware http router cz er75i v2 bin e Configuration file http router cz temelin cfg Automatic Update Enable automatic update of configuration Enable automatic update of firmware Source Base URL route 000000000000 Unit ID temelin Update Hour can be blank Fig 60 Example of automatic update 1 The following examples find if there is a new firmware or configuration each day at 1 00 in the morning An example is given on the type of router ER75i v2 with MAC address 00 11 22 33 44 55 e Firmware http router
36. certificate is necessary to insert Authentication mode x 509 Local Certificate This certificate is necessary to insert Authentication mode x 509 Local Private Key This private key is necessary to insert Authentication mode x 509 Local Passphrase This Local Passphrase is necessary to insert Authentication mode X 509 Extra Options By the help of this parameter it is possible to define additional parameters of the IPsec tunnel for example secure parameters etc Table 30 IPsec tunnel configuration The certificates and private keys have to be in PEM format As certificate it is possible to use only certificate which has start and stop tag certificate Random time after which it will re exchange of new keys are defined Lifetime Rekey margin random value in range from 0 to Rekey margin Rekey Fuzz 100 By default the repeated exchange of keys held in the time range e Minimal time 1h 9m 9m 42m e Maximal time 1h 9m 0m 51m When setting the times for key exchange is recommended to leave the default setting in which tunnel has guaranteed security When set higher time tunnel has smaller operating costs and smaller the safety Conversely reducing the time tunnel has higher operating costs and higher safety of the tunnel 32 CONFIGURATION The changes in settings will apply after pressing the Apply button IPsec Tunnel Configuration i i Create 1st IPsec tunnel Description l Remote IP Address
37. cz er75i v2 bin e Configuration file X http router cz 00 11 22 33 44 55 cfg Automatic Up date Enable automatic update of configuration Enable automatic update of firmware Source HTTP FTP server v BaseURL jmutengg 0000000000000 Update Hour can be blank Fig 61 Example of automatic update 2 1 28 User modules Custom configuration of modules can be accessed by selecting the Users Modules In the menu is possible add new software modules remove them and move into their configuration Programming compiling and upload of user modules are described in the application programming guide User Modules Mew Module Proch zet Add Fig 62 User modules 61 CONFIGURATION 1 29 Change profile To open the dialog box for changing profile select the Change Profile menu item Profile switch is making by press the button Apply Change take effect after restarting router by the help of button Reboot in web administration or by SMS message It is possible select the standard profile or up to three alternative profiles It is possible to copy actual configuration to selected configuration by selecting Copy settings from current profile to selected profile Example of usage profiles Profiles can be used for example to switch between different modes of operation of the router router has compiled a PPP connection the router has not compiled a PPP connection and the router creates a tunnel
38. ding SMS warning when reaching 400MB With the beginning billing day of the 18th of the month Data Limit Warning Threshold 50 Yo Accounting Start 16 Default SIM card primary v Backup SIM card secondary v Switch to other SIM card when connection fails Switch to backup SIM card when roaming is detected CI Switch to backup SIM card when binary input is active Switch to primary SIM card after timeout Initial Timeout 60 min Subsequent Timeout min Additive Constant min Fig 20 Example of GPRS configuration 2 Example Primary SIM card switch to offline modes after router detection roaming The first attempt to switch back to the default SIM card is done after 60 minutes the second after 40 minutes the third after 50 minutes 40 10 Default SIM card Backup SIM card C Switch to other SIM card when connection fails Switch to backup SIM card when roaming is detected C Switch to backup SIM card when data limit is exceeded C Switch to backup SIM card when binary input is active Switch to primary SIM card after timeout Fig 21 Example of GPRS configuration 3 20 CONFIGURATION 1 11 PPPoE configuration PPPoE configuration item is available only on the industrial router XR5i v2 PPPoE for industrial router works in client mode Router using connection to the PPPoE server or PPPoE bridge for example ADSL modem To enter
39. e network interface with default gateway and DNS server e Default gateway IP address is 192 168 1 20 e DNS server IP address is 192 168 1 20 GD GSM GPRS 192 168 1 1 CO 192 168 1 20 dA Fig 13 Topology of example LAN configuration 3 LAN Configuration Primary LAN Secondary LAN DHCP client disabled disabled IP Address 192 188 1 1 Subnet Mask 255 255 255 0 Jl Media Type auto negotiation auto negqotiation Default Gateway 19 2 168 120 DNS Server 192 168 1 20 Enable dynamic DHCP leases IP Pool Start 192 168 1 2 IP Pool End 192 168 1 4 Lease Time 600 C Enable static DHCP leases MAC Address IP Address Fig 14 Example LAN configuration 3 12 CONFIGURATION 1 9 VRAP configuration To enter the VRRP configuration select the VRRP menu item VRRP protocol Virtual Router Redundancy Protocol is a technique by which it is possible to forward routing from main router to backup router in the case of the main router failure If the Enable VRRP is checked then it is possible to set the following parameters Virtual Server IP This parameter sets virtual server IP address This address should be Address the same for both routers A connected device sends its data via this virtual address Virtual Server ID Parameter Virtual Server ID distinguishes one virtual router on the netwo
40. e to read the new SMS message by command AT CMGR lt index gt AT CMGR 1 Enter CMGL index lt status gt lt sender number date time SMS text CMGL 1 REC READ 420721 123456 08 01 12 9 48 04 04 Hello Worid Received SMS is possible to delete by command AT CMGD lt index gt AT CMGD 1 Enter OK 47 CONFIGURATION After powering up the router at introduction of the telephone number comes SMS in the form of Router Unit ID has been powered up GSM signal strength xx dBm After PPP connect at introduction of the telephone number comes SMS in the form Router Unit ID has established PPP connection IP address XXX XXX XXX XXX After PPP disconnect at introduction of the telephone number comes SMS in the form Router Unit ID has lost PPP connection IP address XXX XXX XXX XXX Configuration of sending this SMS is following SMS Configuration Send SMS on power up Send SMS an PPP connect Send SMS on PPP disconnect Send SMS when datalimit is exceeded Send SMS when binary input on I O port BINO is active Send SMS when binary input on expansion port 1 BINL BIN4 is active Phone Mumber 1 7231 23456 Phone Number 2 756858635 Phone Number 3 603854758 Unit ID Router BING SMS BIND BINi SMS BINI BINZ SMS BIN2 BIM3 SMS BIN3 BIN4 SMS BINA Enable remote control via SMS Phone Number 1 Phone Number 2 Phone Number 3 Enable
41. ection W automatic selection v PIN il MRU 1500 1500 bytes MTU 1500 J 1500 bytes FI Check PPP connection necessary for uninterrupted operation Ping IP Address I Ping Interval Enable traffic monitoring Data Limit Warning Threshold Accounting Start Default SIM card primary Backup SIM card secondary Switch to other SIM card when connection fails Switch to backup SIM card when roaming is detected Switch to backup SIM card when data limit is exceeded F Switch to backup SIM card when binary input is active O Switch to primary SIM card after timeout Initial Timeout 60 Subsequent Timeout Additive Constant Enable Dial In access Username Password Enable PPPoE bridge mode can be blank Fig 18 GPRS configuration 19 CONFIGURATION Example of setting controls the PPP connection to the address 8 8 8 8 in the time interval of 60s for primary SIM card and to the address www google com in the time interval 80s for secondary SIM card In the case of traffic on the PPP control pings are not sent but the traffic on PPP is observed Check PPP connection necessary for uninterrupted operation Enable traffic monitoring Fig 19 Example of GPRS configuration 1 Example of switching to a backup SIM card after exceeding the data limits of 800MB Sen
42. er Table 44 Send SMS configuration In the second part of the window it is possible to set function Enable remote control via SMS After this it is possible to establish and close PPP connection by SMS message Phone Number 1 This control can be configured for up to three numbers If is set Phone Number 2 Enable remote control via SMS all incoming SMS are processed Phone Number 3 and deleted In the default settings this parameter is turned on Table 45 Control via SMS configuration If no phone number is filled in then it is possible to restart the router with the help of SMS in the form of Reboot from any phone number While filling of one two or three ab numbers it is possible to control the router with the help of an SMS sent only from these numbers While filling of sign it is possible control the router with the help of an SMS sent from every numbers Control SMS message doesn t change the router configuration If the router is switched to offline mode by the SMS message the router will be in this mode up to next restart This behavior is the same for all control SMS messages 45 CONFIGURATION It is possible to send controls SMS in the form SMS Description A go online sim 1 Switch to SIM1 card go online sim 2 Switch to SIM2 card go online Switch router in online mode go offline PPP connection termination set out0 0 Set output I O connector on 0 set out0 1 Set output I O connector on 1 set ou
43. es to OpenVPN tunnel e notapplied NAT rules to OpenVPN is not applied e applied NAT rules to OpenVPN is applied This parameter can be set authentication mode e none is used any authentication mode e Pre shared secret enables authentication using Pre shared secret This authentication set shared key for both off side tunnel e Username password enables authentication using CA Certificate Username and Password e X 509 Certificate multiclient enables authentication by CA Certificate Local Certificate and Local Private Key e X 509 Certificate client enables authentication by CA Certificate Local Certificate and Local Private Key e X 509 Certificate server enables authentication by CA Certificate Local Certificate and Local Private Key Authentication using Pre shared secret can be used in all offered authentication mode This authentication certificate can be used in authentication mode Username password and X 509 certificate Protocol for exchange key DH parameters can be in authentication mode X 509 server This authentication certificate can be used in authentication mode X 509 certificate Local private key can be used in authentication mode X 509 certificate Authentication using a login name and password authentication can be used in the Authenticate Mode Username Password used CONFIGURATION Extra Options By the help of parameter Extra Options it is possible to define additional parameters
44. f overload e carrier wrong outgoing packets with errors resulting from the physical layer collisions Number of collisions on physical layer txqueuelen Length of front network device RX bytes Total number of received bytes TX bytes Total number of transmitted bytes Table 2 Description of information in network status It is possible to read status PPP connection from the network information If the PPP connection is active then it is in the system information shown as pppO interface For industrial router XR5i v2 interface pppO indicates PPPoE connection e CONFIGURATION Network Status Interfaces Link encap Ethernet HWaddr 0 l1 22 33 44 55 inet addr l932 1568 1 1 Bcast l8z 1868 1 z255 HMask z55 255 z55 i UP BROADCAST BUNNING MULTICAST MTU 1500 Metric l Es packets 407 errars 0 dropped overrunz frame TH packets 4d61 errars 0 dropped O overrunz carrier collisionz txuqueuelen 32 BH bytes 51793 50 5 KB TH bytes 321807 314 2 KB Interrupt 23 Link encap Point Point Protacol inet addr l0 169 80 137 P t P l 0 0 0 1 HMask z55 255 55 ZELE UP PFOINTOPOINT RUNNING NOAPRPF MULTICAST MTU l5 00 Metric 1 BPH packetz 35 errnors dropped overruns 0 frame D0 TH packets 46 errnors dropped 0 overruns 0 carrier collisions txequeuelen 3 BA bytes 7772 7 5 KB TH bybes 8716 8 5 EE Route Table Destination Genmask Flags Metric Fef Use Iface 10 0 0 1 O 0 255 255 255 255 UH
45. f the MIB browser SMTP client configuration SMTP configuration Example of SMS configuration 1 Example of SMS configuration 2 Example of SMS configuration 3 Example of SMS configuration 4 PICTURE LIST Fig 50 Expansion port configuration 53 Fig 51 Example of expansion port configuration 1 54 Fig 52 Example of expansion port configuration 2 54 Fig 53 USB configuration 56 Fig 54 Example of USB port configuration 1 57 Fig 55 Example of USB port configuration 2 57 Fig 56 Startup script 58 Fig 57 Example of Startup script 58 Fig 58 Up Down script 59 Fig 59 Example of Up Down script 59 Fig 60 Example of automatic update 1 61 Fig 61 Example of automatic update 2 61 Fig 62 User modules 61 Fig 63 Change profile 62 Fig 64 Change password 62 Fig 65 Set real time clock 63 Fig 66 Set SMS service center address 63 Fig 67 Unlock SIM card 63 Fig 68 Send SMS 64 Fig 69 Restore configuration 64 Fig 70 Update firmware 65 Fig 71 Reboot 65 TABLE LIST Table list Table 1 Description of interface in network status Table 2 Description of information in network status Table 3 DHCP status description Table 4 Description of GSM information item Table 5 Description of period Table 6 Description of GSM statistic Table 7 Description of GSM traffic Table 8 Possibly DynDNS report Table 9 Configuration of network interface Table 10 Table 11 Table 12 Table 13 Table 14 T
46. ich is offered by server to clients Address Client End IP End IP address in range which is offered by server to clients Address Local IP Address IP address of the local side of the tunnel Remote IP Address IP address of the remote side of the tunnel Hemote Subnet Address of the network behind the remote side of the tunnel Hemote Subnet The mask of the network behind the remote side of the tunnel Mask Username Username for login to L2TP tunnel Password Password for login to L2TP tunnel Table 35 L2TP tunnel configuration The changes in settings will apply after pressing the Apply button L2TP Tunnel Configuration C Create L2TP tunnel Mode LTF client Server IP Address Client Start IP Address Client End IP Address Local IP Address Remote IP Address Remote Subnet Remote Subnet Mask Username Password can be blank Apply Fig 38 L2TP tunnel configuration 3 7 CONFIGURATION Example of the L2TP Tunnel configuration ze 192 168 1 2 Router A ppp 10 0 0 1 Switch 192 168 1 1 Hime c t l AE 192 168 1 3 192 168 1 4 Default Gateway 192 168 1 1 Fig 39 Topology of example L2TP tunnel configuration Configuration of the L2TP tunnel Konfigurace Mode L2TP Server Server IP Address Client Start IP Address 192 168 1 2 Client End IP Address 192 168 1 254 Local IP Address 192 168 1 1 Hemote IP Address Remote Subnet 192 168 2 0 Remote Subnet Mask 255 255 255
47. ig Fig Fig Fig Fig Fig Fig Fig Fig Web configuration Network status DHCP status GPRS status IPsec status DynDNS status System log Example program syslogd start with the parameter r Topology of example LAN configuration 1 0 Example LAN configuration 1 Topology of example LAN configuration 2 Example LAN configuration 2 Topology of example LAN configuration 3 Example LAN configuration 3 Topology of example VRRP configuration Example VRRP configuration main router Example VRRP configuration backup router GPRS configuration Example of GPRS configuration 1 Example of GPRS configuration 2 Example of GPRS configuration 3 PPPoE configuration Topology of example firewall configuration Example firewall configuration Topology of example NAT configuration Example NAT configuration 1 Topology of example NAT configuration Example of NAT configuration 2 OpenVPN tunnels configuration OpenVPN tunnel configuration Topology of example OpenVPN configuration IPsec tunnels configuration IPsec tunnel configuration Topology of example IPsec configuration GRE tunnels configuration GRE tunnel configuration Topology of GRE tunnel configuration L2TP tunnel configuration Topology of example L2TP tunnel configuration Example of DynDNS configuration Example of NTP configuration Example of SNMP configuration Example o
48. is used for connection of two networks to one that appears as one homogenous It is possible to configure up to four GRE tunnels In the GRE Tunnels Configuration window are four rows each row for one configured GRE tunnel LC n a Description stg Create This item enables the individual tunnels Description This item displays the name of the tunnel specified in the configuration of the tunnel Edit Configuration GRE tunnel Table 32 Overview GRE tunnels GRE Tunnels Confiquration Create Description 1st na Fig 35 GRE tunnels configuration tem Description n Description Description of tunnel Remote IP Address IP address of the remote side of the tunnel Local Interface IP IP address of the local side of the tunnel Address Remote Interface IP IP address of the remote side of the tunnel Address Hemote Subnet IP address of the network behind the remote side of the tunnel Hemote Subnet Mask of the network behind the remote side of the tunnel Mask Pre shared Key An optional value that defines the 32b shared key through which the filtered data through the tunnel This key must be defined on both routers as same otherwise the router will drop received packets Using this key the data do not provide a tunnel through Table 33 GRE tunnel configuration d Attention GRE tunnel doesn t connect itself via NAT The changes in settings will apply after pressing the Apply button 35 CONFIGURATION GRE T
49. k EE 0 KB Last Week KB KB PPP Connection Log This Period EE EE Last Period 8l dBm 76 dem 70 dem 06 FAVE Last Period Z0U KE lesu KE 36 Last Period KB KB CONFIGURATION 1 5 IPsec status Information on actual IPsec tunnel state can be called up in option IPsec in the menu After correct build the IPsec tunnel status display IPsec SA established highlighted in red in IPsec status information Other information is only internal character IP sec Status IPsec Tunnels Information interface seth sth 192 168 2 250 interface ppplipppl l0 0 0 13z myid none debug none lpzsecl l8982 168 2 0 24 10 0 0 13z2 10 0 1 z2z8 2 2 218982 168 1 0 24 erouted eroute owner z ipsecl nyip unset hisip unset wyup etc scripts updowm hisup etc scripts updown ipsecl ike life 3600s ipsec life 3600s rekey margin 405 rekey fuzz lO0 keyingtries ipsecl policy PSEtENCEYPT TUNNEL UF prio 4 24 interface pppo ipsecl newest ISAEMP SA 1 newest IPsec SA z ipsecl IKE algorithm newest AES CBC 1Z3 S5HAI HODPZO4S 2 ipsecl 500 STATE QUICK IZ sent Q1e IPsec SA established EVENT SA REPLACE in 4708s newest IPSEC eroun 2 ipsecl esp d 7e30s80gBlnD 0 1 229 esp 723Bbe eeWlu u u un gBl o0 0 1 2298 tun 0gBlO0 0 0 132 ref refhim 4z394 1 ipsecl 500 STATE MAIN I4 ISAKNP SA established E
50. m in the menu SMS configuration defines the options for sending SMS messages from the router at different defined events and states of the router In the first part of window it configuration send SMS Send SMS on power up Automatic sending of SMS messages after power up Send SMS on PPP connect Send SMS on PPP disconnect Send SMS when datalimit exceeded Send SMS when binary input on I O port BINO is active Send SMS when binary Automatic sending SMS message after binary input on expansion input on expansion port port BIN1 BIN4 is active Text of message is intended parameter BIN1 BIN4 is active BIN1 BINA Phone Number 1 Automatic sending SMS message after PPP connection Automatic sending SMS message after PPP disconnection Automatic sending SMS message after datalimit exceeded Automatic sending SMS message after binary input on I O port BINO is active Text of message is intended parameter BINO Phone Number 2 Telephone numbers for sending automatically generated SMS Phone Number 3 Unit ID The name of the router that will be sent in an SMS BINO SMS SMS text messages when activate the binary input on the router BIN1 SMS SMS text messages when activate the binary input on the expansion port BIN2 SMS SMS text messages when activate the binary input on the router BIN3 SMS SMS text messages when activate the binary input on the router BINA SMS SMS text messages when activate the binary input on the rout
51. meout Protocol Mode Server Address TCP port C Check TCP connection Keepalive Time 3600 Keepalive Interval 10 Keepalive Probes 5 Fig 53 USB configuration 56 CONFIGURATION Example of USB port configuration x Equipment pppO 10 0 0 2 pppO 10 0 0 1 USB RS232 l en 192 168 1 1 d 192 168 1 100 Ep a 7 ON Settings in application on PC s Settings in the router TCP connection on 10 0 0 2 2000 Mode TCP server Default Gateway 192 168 1 1 Server Address TCP Port 2000 Fig 54 Example of USB port configuration 1 M Equipment pppO 10 0 0 2 USB RS232 ETH ppp 10 0 0 1 NT d l E E es ki e e Settings in the router Settings in the router Mode TCP client Mode TCP server Server Address 10 0 0 2 Server Address TCP Port 2000 TCP Port 2000 Fig 55 Example of USB port configuration 2 57 CONFIGURATION 1 25 Startup script In the window Startup Script it is possible to create own scripts which will be executed after all initial scripts The changes in settings will apply after pressing the Apply button bin sh I This script will be executed after all the other init scripts I You can put your own initialization stuff in here Fig 56 Startup script d Change take effect after shut down and witch on router by the help of button Heboot in web administration or by SMS message Example of Startup script When start the rou
52. n port configuration Configuring of the expansion ports PORT1 and PORT2 can cause selecting Expansion Port 1 or Expansion Port 2 Item Description n Baudrate Applied communication speed Data Bits Number of data bits Parity Control parity bit e none Will be sent without parity e even Will be sent with even parity e odd Will be sent with odd parity Stop Bits Number of stop bit Split Timeout Time to rupture reports If you receive will identify the gap between two characters which is longer than the parameter value in milliseconds Then all of the received data compiled and sent the message Protocol Protocol e CP communication using a linked protocol TCP e UDP communication using a unlinked protocol UDP Mode Mode of connection e CP server The router will listen to incoming requests about TCP connection e CP client The router will connect to a TCP server on the specified IP address and TCP port Server Address In mode TCP client it is necessary to enter the Server address and final TCP port TCP Port In both modes of connection is necessary to specify the TCP port on which the router will communicate TCP connections Table 51 Expansion PORT configuration 1 After check Check TCP connection it activates established of TCP connection Po Description n Keepalive Time Time after which it will carry out verification of the connection Keepalive Interval Waiting time on answer Keepalive Probes Number of tests T
53. nd domain name Address nets behind off side tunnel Subnet mask behind off side tunnel Identification of local side Parameters ID contain two parts hostname and domain name Local subnet address Local subnet mask Lifetime key data part of tunnel The minimum value of this parameter is 60s The maximum value is 86400 s Lifetime key service part of tunnel The minimum value of this parameter is 60s The maximum value is 86400 s Specifies how long before connection expiry should attempt to negotiate a replacement begin The maximum value must be less than half the parameters IKE and Key Lifetime opecifies the maximum percentage by which should be randomly increased to randomize re keying intervals Defines time after which is made IPsec tunnel verification By parameter DPD Timeout is set timeout of the answer If address translation between two end points of the IPsec tunnel is used it needs to allow NAT Traversal If this parameter is enabled establishing of IPsec tunnel will be faster but encryption will set permanently on 3DES MD5 31 CONFIGURATION Authenticate Mode Authentication is possible to set by parameter Authenticate mode at choice are following possibilities e Pre shared key shared key for both off side tunnel e X 509 Certificate Pre shared Key sharable key for both parties tunnel CA Certificate This certificate is necessary to insert Authentication mode x 509 Remote Certificate This
54. nput on expansion port 1 BIN1 BIM4 is active Phone Number 1 Phone Number 2 Phone Number 3 Unit ID BINO SMS BIN1 SMS BINZ SMS BINS SMS BIN4 SMS Enable remote control via SMS Phone Number 1 Phone Mumber 2 Phone Number 3 Enable AT SMS protocol on expansion port 1 Baudrate 3600 Xj Enable AT SMS protocol on expansion port 2 Baudrate 9600 I Enable AT SMS protocol over TCP TCF Fart san be blank Fig 48 Example of SMS configuration 3 50 CONFIGURATION Example of the router configuration for controlling via SMS from two phone numbers SMS Configuration Send SMS on power up C Send SMS on PPP connect Send SMS on PPP disconnect C Send SMS when datalimit is exceeded Send SMS when binary input on I O port BINO is active Send SMS when binary input on expansion port 1 BIN1 BIN4 is active Phone Mumber 1 a i Phone Number 2 Phone Number 3 Unit ID BINO SMS BIM1 SMS BINZ SMS BINS SMS BIN4 SMS Enable remote control via SMS Phone Number 1 7281 23455 Phone Mumber 2 766254864 Phone Number 3 Enable AT SMS protocol on expansion port 1 Baudrate 3600 E C Enable AT SMS protocol on expansion port 2 Baudrate 9600 w Enable AT SMS protocol over TCP TCP Part can be blank Fig 49 Example of SMS configuration 4 51 CONFIGURATION 1 23 Expansio
55. of the OpenVPN tunnel for example DHCP options etc Table 27 OpenVPN configuration The changes in settings will apply after pressing the Apply button OpenYPN Tunnel Confiquration Create 1st OpenVPN tunnel Description Protocol LIDP UDP part 1194 Remote IP Address Remote Subnet Remote Subnet Mask Redirect Gateway Local Interface IP Address Remote Interface IP Address Ping Interval Ping Timeout Renegotiate Interval Max Fragment Size Compressian L o MAT Rules not applied Authenticate Mode nang Pre shared Secret CA Certificate DH Parameters Local Certificate Password Extra Options can be blank Fig 30 OpenVPN tunnel configuration 29 CONFIGURATION B Ap 192 168 1 2 192 168 2 2 Router B ppp0 10 0 0 2 Router A 192 168 2 0 L ppp0 10 0 0 1 tun 0 19 16 2 0 Switch 192 168 1 0 TT DERI Switch tun0 19 16 1 0 C AMI zi TIT en z 192 168 1 3 E IEEE TIT 192 168 2 3 un Fa CE ag 192 168 1 4 192 168 2 4 Default Gateway 192 168 1 1 Default Gateway 192 168 2 1 Fig 31 Topology of example OpenVPN configuration OpenVPN tunnel configuration Configuration PA eee e Protocol UDP UDP UDP Port 1194 1194 Hemote IP Address 10 0 0 2 10 0 0 1 Remote Subnet 192 168 2 0 192 168 1 0 Remote Subnet Mask 255 255 255 0 255 255 255 0 Local Interface IP Address 19 16 1 0 19 16 2 0 Remote Interface IP Address
56. onfiguration by typing address https 00 11 22 33 44 55 in the web browser The first approach is the need to install a security certificate When using self signing certificate must upload your files and http cert http key directory etc certs in the router CONFIGURATION 1 2 Network status To view the system information about the router operation select the Network menu item The upper part of the window displays detailed information about active interfaces Interface Description A ethO Networks interface pppO Interface active connection to GPRS EDGE tunO OpenVPN tunnel interface ipsecO IPSec tunnel interface gre1 GRE tunnel interface Table 1 Description of interface in network status By each of the interfaces is then shown the following information tem n n Description n HWaddr Hardware unique address of networks interface inet IP address of interface P t P IP address second ends connection Bcast Broadcast address Mask Mask of network MTU Maximum size of packet which is equipment able transmit Metric Number of routers over which packet must go trought RX e packets received packets e errors number of errors e dropped dropped packets e overruns incoming packets lost because of overload e frame wrong incoming packets because of incorrect packet size TX e packets transmit packets e errors number of errors e dropped dropped packets e overruns outgoing packets lost because o
57. pd 491 Script etc scripts ip up finished pid 495 14 login 528 root login on ttypo IPCP IPCP ConfRkeq id 0x1 ConfAck id xl ConfAck id Ox2 addr 10 169 109 133 ms dnsl 93 153 117 1 ms dns3 62 141 0 2 status 0x0 Fig 7 System log The Syslog default size is 1000 lines After completion of the 1000 lines will create new file for storing system log After completion of the 1000 lines in the second file the first file is deleted and creates a new one Program syslogd can be started with two options that modifies its behavior Option s followed by decimal number set maximal number of lines in one log file Option r followed by hostname or IP address enable logging to remote syslog daemon In the Linux must be enabled remote logging on the target computer Typically running syslogd with the parameter r On Windows must be installed the syslog server for example Syslog Watcher For starting syslogd with these options you could modify script etc init d syslog or add lines killall syslogd and syslogd options amp into Startup Script Example of logging into the remote daemon at 192 168 2 115 Startup Script Startup Script bin sh This script will be executed after all the other init scripts You can put your own initialization stuff in here killall syslogd syslogd R 192 166 2 115 Fig 8 Example program syslogd start with the parameter r CONFIGURATION
58. port configuration 1 PLC pppO 10 0 0 2 a WN RS232 ppp 10 0 0 1 c l E E B 7 _ L Settings in the router Settings in the router Mode TCP client Mode TCP server Server Address 10 0 0 2 Server Address TCP Port 2000 TCP Port 2000 Fig 52 Example of expansion port configuration 2 54 CONFIGURATION 1 24 USB port configuration The USB port configuration can be called up by airbrush option USB Port in menu Configuration can be done if we have USB RS232 converter Item Description n Baudrate Applied communication speed Data Bits Number of data bits Parity Control parity bit e none Will be sent without parity e even Will be sent with even parity e odd Will be sent with odd parity Stop Bits Number of stop bit Split Timeout Time to rupture reports If you receive will identify the gap between two characters which is longer than the parameter value in milliseconds Then all of the received data compiled and sent the message Protocol Communication protocol e CP communication using a linked protocol TCP e UDP communication using a unlinked protocol UDP Mode Mode of connection e TCP server The router will listen to incoming requests about TCP connection e CP client The router will connect to a TCP server on the specified IP address and TCP port Server Address In mode TCP client it is necessary to enter the Server address and final TCP port TCP
59. r Commands enables to send SMS on entered tel number AT CMGL ALL List of all SMS messages AT CMGR lt index gt Read of the definite SMS all SMS has our index AT CMGD lt index gt SMS delete according to index Table 50 AT commands for work with SMS 46 CONFIGURATION For the text mode for SMS writing is used command AT CMGF 1 AT CMGF 1 Enter OK The SMS message is created by the help of command AT CMGS tel number After Enter button is pressed is displayed mark gt behind this mark it is possible to write your own SMS message The SMS message is sent by the help of CTRL Z SMS sending takes a few minutes SMS writing is possible to cancel by pressing Esc AT CMGS 712123456 Enter gt Hello World CTRL Z keys combination OK lt is possible to find the new SMS by the help of command AT CMGL ALL This command reproaches all SMS messages AT CMGL ALL Enter CMGL index lt status gt lt sender number lt date gt lt time gt SMS text CMGL 1 REC UNREAD 420721 123456 08 02 02 10 33 26 04 Hello Worid where lt index gt is ordinal number of the SMS lt status gt is SMS status REC UNREAD SMS unread REC READ SMS read STO UNSENT stored unsent SMS STO SENT stored sent SMS ALL all SMS messages sender numbers is tel number from which the SMS was receive date is date of SMS received time is time of SMS received It is possibl
60. r Enable local NTP service router is set to a mode in which it operates as an NTP server for other devices in the LAN behind the router By parameter Enable local NTP service it is possible to set the router in mode that it can serve as NTP server for other devices Primary NTP IP or domain address primary NTP server Server Address Secondary NTP IP or domain address secondary NTP server Server Address Timezone By this parameter it is possible to set the time zone of the router Daylight Saving By this parameter is possible to define time shift Time e No time shift is disabled e Yes time shift is allowed Table 38 NTP configuration Example of the NTP configuration with set primary ntp cesnet cz and secondary tik cesnet cz NTP server and with daylight saving time NTP Configuration Enable local NTP service Synchronize clock with WTP server Primary MTP Server ntp cesnet cz Secondary NTP Server tik cesnet ca Timezone GMT 01 00 Daylight Saving Time yes Fig 41 Example of NTP configuration 40 CONFIGURATION 1 20 SNMP configuration To enter the SNMP Configuration it is possible with SNMP agent ver 1 configuration which sends information about the router eventually about the status of the expansion port CNT or M BUS SNMP Simple Network Management Protocol provides status information about network elements such as routers or end computers Community Password for access to the SNMP
61. r network type 1 10 2 DNS address configuration The choice Get DNS address from operator is given for easier configuration on client side If this field is filled in then the router tries to get an IP address of primary and secondary DNS server from the operator automatically 1 10 3 Check PPP connection configuration If the Check PPP connection option is selected it has active control of connection over PPP The modem will automatically send the ping question to the selected domain name or IP address in periodic time intervals If the PING failed new ping be sent immediately After three unsuccessfully pings on appropriate IP address the router terminates connection and tries to establish a new connection It is possible to use for example the DNS server of a mobile operator as the ping IP address Po Description Ping IP Address Destinations IP address or domain name of ping queries Ping Interval Time intervals between the outgoing pings Table 15 Check PPP connection configuration If the Enable Traffic Monitoring option is selected then the router stops sending ping questions to the Ping IP Address and it will watch traffic in PPP connection If PPP connection is without traffic longer than the Ping Interval then the router sends ping questions to the Ping IP Address ao Attention We recommend checking the GPRS connection in case of uninterrupted running 1 10 4 Data limit configuration Data limit With this parameter
62. ransmissions Monitoring of status configuration and administration of the router can be performed by means of the Telnet interface After IP address entry to the Telnet it is possible to configure the router by the help of commands The default IP address of the modem is 192 168 1 1 Configuration may be performed only by the user root with initial password root For Telnet exists the following commands cat file contain write cp copy of file date show change of system time df displaying of informations about file system dmesg displaying of kernel diagnostics messages echo string write email Email send free displaying of informations about memory gsmat AT commend send gsminfo displaying of informations about signal quality gsmsms SMS send hwclock displaying change of time in RTC ifconfig displaying change of interface configuration lo reading writing input output pins ip displaying change of route table iptables displaying modification of NetFilter rules kill process kill killall processes kill In link create Is dump of directory contain mkdir file create mv file move ntpdate synchronization of system time with NTP server passwd password change ping ICMP ping ps displaying of processes information pwd dump of actual directory reboot reboot rm file delete rmdir directory delete route displaying change of route table service start stop of service sleep pause on set seconds number slog displaying of sys
63. rk from others Main and backup routers must use the same value for this parameter Host Priority The router with higher priority set by the parameter Host Priority is the main router According to RFC 2338 the main router has the highest possible priority 255 The backup router has priority in range 1 254 init value is 100 The priority value equals 0 is not allowed Table 12 VRRP configuration It is possible to set Check PPP connection flag in the second part of the window The currently active router main backup will send testing messages to defined Ping IP Address at periodic time intervals Ping Interval with setting time of waiting for answer Ping Timeout The function check PPP connection is used as a supplement of VRRP standard with the same final result If there are no answers from remote devices Ping IP Adaress for a defined number of probes Ping Probes then connection is switched to the other line LC n n Description NNI Ping IP Address Destinations IP address ping queries Address can not specify as domain name Ping Interval Time intervals between the outgoing pings Ping Timeout Time to wait to answer Ping Probes Number of failed ping requests after which the route is considered to be impassable Table 13 Check PPP connection d Ping IP address is possible to use for example a DNS server of mobile operator j as a test message ping IP address There s an additional way for evaluating the state of the
64. s it possible to access over access on port Telnet Enable remote SNMP Choice this item and port number makes it possible to access access on port to SNMP agent Masquerade outgoing Choice Masquerade alternative name for the NAT system item packets option turns the system address translation NAT 24 CONFIGURATION Table 25 Remote access configuration Example of the configuration with one connection equipment on the router ii 162 209 13 222 y C IP 192 168 1 2 Default gateway 192 168 1 1 pppO 10 0 0 1 ethO 192 168 1 1 Fig 25 Topology of example NAT configuration MAT Configuration Public Part Private Port Type Server IP Address Enable remote HTTP access an port au Enable remate FTP access on port i21 Enable remote Telnet access on port 23 Enable remote SNMF access on port 161 Send all remaining incoming packets to default server Default Server IP Address 192 1 58 1 2 Masquerade outgoing packets Fig 26 Example NAT configuration 1 In these configurations it is important to have marked choice of Send all remaining incoming packets it default server IP address in this case is the address of the device behind the router Connected equipment behind the router must have set Default Gateway on the router Connected device replies while PING on IP address of SIM card 25 CONFIGURATION Example of the configuration with more connected equipment mn x SWITCH pa lta
65. size of packet which is possible to receive in a given environment Default value is 1500 bytes Other settings may cause incorrect transmission of data MTU Maximum Transmission Unit it is the identifier of the maximum size of packet which is possible to transfer in a given environment Default value is 1500 bytes Other settings may cause incorrect transmission of data Table 14 GPRS connection configuration If the IP address field is not filled in the operator automatically assigns the IP address when it is establishing the connection If filled IP address supplied by the operator router accelerate access to the network lf the APN field is not filled in the router automatically selects the APN by the IMSI code of the SIM card If the PLMN operator number format is not in the list of APN then default APN is internet The mobile operator defines APN 15 CONFIGURATION ab If only one SIM card is plugged in the router router switches between the APN Router with two SIM cards switches between SIM cards a Correct PIN must be filled For SIM cards with two APN s there will be the same PIN for both APN s Otherwise the SIM card can be blocked by false SIM PIN Items marked with an asterisk must be filled only if the information required by the operator In the case of a failed build a PPP connection is recommended to check the accuracy of entered data Alternatively try a different authentication method o
66. t1 0 Set output expansion port XC CNT on 0 set out1 1 Set output expansion port XC CNT on 1 set profile std Set standard profile set profile alt1 Set alternative profile 1 set profile alt2 Set alternative profile 2 set profile alt3 Set alternative profile 3 reboot Router reboot get ip Router send answer with IP address SIM card Table 46 Control SMS By choosing Enable AT SMS protocol on expansion port 1 and Bauarate it is possible to send receive an SMS on the serial Port 1 Baudrate Communication speed expansion port 1 Table 47 Send SMS on serial PORT1 configuration By choosing Enable AT SMS protocol on expansion port 2 and Bauarate it is possible to send receive an SMS on the serial Port 2 tem Description Baudrate Communication speed expansion port 1 Table 48 Send SMS on serial PORT1 configuration By choosing Enable AT SMS protocol on TCP port and enter the TCP port it is possible to send receive an SMS on the TCP port SMS messages are sent by the help of a standard AT commands Item Description NNI TCP Port TCP port on which will be allowed to send receive SMS messages Table 49 Send SMS on ethernet PORT1 configuration 1 22 1 send SMS The SMS is possible to do for example in HyperTerminal program After establishing connection with the router via serial interface or Ethernet it is possible to do with SMS by the help of the next AT commands AT CMGF 1 Set the text mode for SMS writing AT CMGS tel numbe
67. tem log tail displaying of file end tcpdump monitoring of network touch file create actualization of file time stamp vi text editor Table 60 Telnet commands 66
68. ter stop syslogd program and start syslogd with remote logging on address 192 168 2 115 and limited to 100 entries listing Startup Script Startup Script ff bin sh E This script will be executed after all the other init scripts You can put your oun initialization stuff in here killall syslogd syslogd R 192 168 2 115 5 100 Fig 57 Example of Startup script 58 CONFIGURATION 1 26 Up Down script In the window Up Down Script it is possible to create own scripts In the item Up script is defined scripts which begins after establishing a PPP WAN connection In the item Down Script is defines script which begins after lost a PPP WAN connection The changes in settings will apply after pressing the Apply button is foomm sert ARN Up Script bin sh This script will be executed when PPP WAM connection is established Down Script bin sh This script will be executed when PPP WAN connection is lost Fig 58 Up Down script Example of UP Down script After establishing or lost a PPP connection the router sends an email with information about establishing or loss a PPP connection Up Down Script Up Script ft bin sh E This script will be executed when PPP WAM connection is established email t namegddomain com 3 Conel router m PPP connection is established Down Script B bin sh This script will be executed when PPP WAM connection is lost email t n
69. that the router will switch the defining one of the following rules Table 17 Default and backup SIM configuration lf parameter Backup SIM card is set to none then parameters Switch to other SIM card when connection fails Switch to backup SIM card when roaming is detected and Switch to backup SIM card when data limit is exceeded switch the router to off line mode Switch to other SIM card when connection fails Switch to backup SIM card when roaming is detected Switch to backup SIM card when data limit is exceeded Switch to backup SIM card when binary input is active Switch to primary SIM card after timeout If PPP connection fails then this parameter ensures switch to secondary SIM card or secondary APN of the SIM card Failure of the PPP connection can occur in two ways When start the router when three fails to establish a PPP connection Or if it is checked Check the PPP connection and is indicated by the loss of a PPP connection In case that the roaming is detected this parameter enables switching to secondary SIM card or secondary APN of the SIM card This parameter enables switching to secondary SIM card or secondary APN of the SIM card when the data limit of default APN is exceeded This parameter enables switching to secondary SIM card or secondary APN of the SIM card when binary input binO is active This parameter defines the method how the router will try to switch back to default SIM card or defa
70. the PPPoE configuration select the PPPoE menu item If the Create PPPoE connection option is selected the router tries to establish PPPoE connection after switching on PPPoE Point to Point over Ethernet is a network protocol which PPP frames encapsulating to the Ethernet frames PPPoE client to connect devices that support PPPoE bridge or a server typically ADSL router After connecting the router obtains the IP address of the device to which it is connected All communications from the device behind the PPPoE server is forwarded to industrial router Username Username for secure access to PPPoE Password Password for secure access to PPPoE Authentication Authentication protocol in GSM network e PAP or CHAP Router is chosen one of the authentication methods e PAP Itis used PAP authentication method e CHAP It is used CHAP authentication method MRU Maximum Receiving Unit it is the identifier of the maximum size of packet which is possible to recese in given environment Default value is set to 1492 bytes Other settings may cause incorrect data transmission MTU Maximum Transmission Unit it is the identifier of the maximum size of packet which is possible to transfer in given environment Default value is set to 1492 bytes Other settings may cause incorrect data transmission Table 21 PPPoE configuration PPPoE Configuration C Create PPPoE connection Username Password Authentication PAP or CHAP MRL 1
71. the SNMP configuration See SNMP Configuration For enhanced security of network managed router is must change the default password router If the router s default password is set the item Change password is highlighted in red s Name Conel EDGE router ER75I v2 Location Usti nad Orlici Network Interfaces DHCP GPRS Link encap Ethernet HWaddr 00 11 22 33 44 55 inet addr 192 168 1 1 Beast 192 168 1 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric l RX packets 291 errors 0 dropped 0 overruns 0 frame 0 System Log TX packets 359 errors 0 dropped 0 overruns 0 carrier onfi 4 collisions 0 txqueuelen 32 Configuration RX bytes 33455 32 6 KB TX bytes 263711 257 5 KB Interrupt 23 IPsec DynDNS LAN VRRP Link encap Point Point Protocol GPRS inet addr 10 169 80 137 P t P 10 0 0 1 Mask 255 255 255 255 Firewall UP POINTOPOINT RUNNING NOARP MULTICAST MTU 1500 Metric l NAT RX packets 4 errors 0 dropped 0 overruns 0 ranan OpenVPN TX aca ais oe errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 3 IPsec RX bytes 102 102 0 B TX bytes 142 142 0 B GRE LZTP Route Table DynDNS NTP Destination Gateway Genmask Flags Metric Ref Use Iface SNMP TO OSOS 0 0 0 0 255 255 255 255 UH 0 pppo SMTP FIZT p ean Reda 0 0 0 0 255 255 255 0 U 0 eth SMS 0 0 0 0 Tn0S O L 0 0 0 0 UG 0 pppo Expansion Port 1 Expansion Port 2 USB Port Startup Script Up Down Script Automatic Update Customi
72. to the service center Change the profile can then be done using a binary input SMS or Web interface of the router Change Profile TPEPPEERPPEPEEPEPPPPEEEPEPPIPEPEIT Copy settings fram current profile to selected profile Fig 63 Change profile 1 30 Change password To open the dialog box for changing the access password select the Change Password menu item The new password will be saved after pressing the Apply button In basic settings of the router the password is set on default form root For higher security of your network we recommend changing this password Change Password New Password Confirm Password Fig 64 Change password 62 CONFIGURATION 1 31 Set real time clock One shot inner clock of the router setting can be called up in option Set Real Time Clock item in the menu Clocks are set according to the engaged NTP server after push button operation Apply Set Real Time Clock NTP Server Address Fig 65 Set real time clock 1 32 Set SMS service center address The industrial router XR5i v2 is not availability item Set SMS service center address In some cases it is needed to set the phone number of the SMS service centre because of SMS sending This parameter can not be set when the SIM card has set phone number of the SMS service centre The phone number can be formed without international prefix xxx xxx xxx or with international prefix for example 420 xxx Xxx xxx
73. ult APN Table 18 Switch between SIM card configurations 17 CONFIGURATION The following parameters define the time after which the router attempts to go back to the default SIM card or APN tem n Description a Initial timeout The first attempt to switch back to the primary SIM card or APN shall be made for the time defined in the parameter Initial Timeout range of this parameter is from 1 to 10000 minutes Subsequent Timeout In an unsuccessful attempt to switch to default SIM card the router on the second attempt to try for the time defined in the parameter Subsequent Timeout range is from 1 to 10000 minutes Additive constants Any further attempt to switch back to the primary SIM card or APN shall be made in time computed as the sum of the previous time trial and time defined in the parameter Additive constants range is 1 10000 minutes Table 19 Switch between SIM card configurations Example f parameter Switch to primary SIM card after timeout is checked and parameters are set as follows nitial Timeout 60min Subsequent Timeout 30min a Subsequent Timeout 20min The first attempt to switch the primary SIM card or APN shall be carried out after 60 minutes Switched to a failed second attempt made after 30 minutes Third after 50 minutes 30 20 Fourth after 70 minutes 30 20 20 1 10 6 Dial In access configuration Dial in access configuration is supported only for routers ER75i UR5 ER75i v2 UR5 v2 and v2
74. unnel Configuration i Create 1st GRE tunnel Description Remote IP Address Remote Subnet Remote Subnet Mask Local Interface IP Address Remote Interface IP Address Pre shared Key can be blank Fig 36 GRE tunnel configuration Example of the GRE Tunnel configuration Ak A 192 168 1 2 192 168 2 2 Router B ppp0 10 0 0 2 A Router A eth 192 168 2 1 Switch ppp0 10 0 0 1 ETAN eth0 192 168 1 1 AE 192 168 1 3 192 168 2 3 192 168 1 4 192 168 2 4 Default Gateway 192 168 1 1 Default Gateway 192 168 2 1 Fig 37 Topology of GRE tunnel configuration GRE tunnel Configuration Remote IP Address 10 0 0 2 10 0 0 1 Hemote Subnet 192 168 2 0 192 168 1 0 Hemote Subnet Mask 255 255 255 0 255 255 255 0 Table 34 Example GRE tunnel configuration 36 CONFIGURATION 1 17 L2TP tunnel configuration To enter the L2TP tunnels configuration select the L2TP menu item L2TP tunnel allows protected connection by password of two networks LAN to the one which it looks like one homogenous The tunnels are active after selecting Create L2TP tunnel Item n iescription n Mode L2TP tunnel mode on the router side e L2TP server in the case of a server must define the start and end IP address range offered by the server e L2TP client in case of client must define the IP address of the server Server IP Address IP address of server Client Start IP otart IP address in range wh
75. you can set the maximum expected amount of data transmitted sent and received over GPRS in one billing period month Warning Threshold Parameter Warning Threshold determine per cent of Data Limit in the range of 5096 to 99 which if is exceeded then the router sends SMS in the form Router has exceeded value of Warning Threshold o data limit Accounting Start Parameter sets the day of the month in which the billing cycle starts SIM card used Start of the billing period defines the operator which gives the SIM card The router begin to count the transferred data since that day Table 16 Data limit configuration 16 CONFIGURATION lf the parameter Switch to backup SIM card when data limit is exceeded see next or Send SMS when datalimit is exceeded see SMS configuration are not selected the data limit will not count 1 10 5 Switch between SIM cards configuration At the bottom of configuration it is possible to set rules for switching between two APN s on the SIM card in the event that one SIM card is inserted or between two SIM cards in the event that two SIM cards are inserted Default SIM card Backup SIM card LLC n Description NNI This parameter sets default APN or SIM card from which it will try to establish the PPP connection If this parameter is set to none the router launches in off line mode and it is necessary to establish PPP connection via SMS message Defines backup APN or SIM card
76. zation User Modules Administration Change Profile Change Password Set Real Time Clock Set SMS Service Center Unlock SIM Card Send SMS Backup Configuration Restore Configuration Update Firmware Reboot Fig 1 Web configuration CONFIGURATION After green LED starts to blink it is possible to restore initial settings of the router by pressing button RST on front panel If press button RST configuration is restored to default and it is reboot green LED will be on 1 1 Secured access to web configuration To the web configuration can be accessed via a secure HTTPS protocol In the event of a default router IP address is a secure router configuration accessed by typing address https 192 168 1 1 in the web browser The first approach is the need to install a security certificate If your browser reports a disagreement in the domain this message can be prevented use the following procedure Since the domain name in the certificate is given the MAC address of the router Such separators are used dashes instead of colons it is necessary to access the router under this domain name For access to the router via a domain name it is adding a DNS record in the DNS table the operating system e Editing etc hosts Linux Unix e Editing C WINDOWS system32 drivers etc hosts Windows XP e Configuring your own DNS server In addition to configuring the router with MAC address 00 11 22 33 44 55 is accessed to secure c
Download Pdf Manuals
Related Search