Geneko GWR Cellular Gateway Series User Manual
Contents
1. Number of retry 1 Number of retry Pin Enabled 1234 Pin Enabled 1234 Enable Failover After 1 Advanced Advanced Reload Save Reed save t E Wireless Module Status Mobile Device Type Mobile Communication Mobile Provider Port SIEMENS MC75 EDGE Attached 0 Connection Status Connected Copyright 2008 G hip mww denekors Figure 12 WAN Settings configuration page WAN Settings Label Description This field specifies name of GSM UMTS ISP You can setup any name for Provider provider Authentication This field specifies password authentication protocol From the pop up window choose appropriate protocol PAP CHAP PAP CHAP ieee This field specifies Username for client authentication at GSM UMTS network Mobile provider will assign you specific username for each SIM card Password This field specifies Password for client authentication at GSM UMTS network Mobile provider will assign you specific password for each SIM card This field specifies Dial String for GSM UMTS modem connection initialization Dial String In most cases you have to change only APN field based on parameters obtained from Mobile Provider Initial Strin This field specifies Initial String for GSM UMTS modem initialization In most 8 you leave this field at default values Mark this option in order to enable failover feature This2. Phase 2 DH Group Group2 Phase 2 Encryption 3DES Phase 2 Authentication 5 1 v Phase 2 SA Life Time 3600 seconds Preshared Key 1234567890 Advanced WI Aggressive Mode D Compress Support IP Payload Compression Protocol IPComp Cl Dead Peer Deection DPD sec v NAT Traversal Back Reload Save Figure 93 IPSec configuration page II for GWR Router Click Start button on Internet Protocol Security page to initiate IPSEC tunnel GWR ROUTER CONFIGURATION GONSOLE Internet Protocol Security Status ral Network Information Summary WAN Information Settings Tunnels Used 1 Tunnels Avaible 5 Add New Tunnel Phi 3DES SHA1 2 Ph2 3DES SHA1 2 Reducing the MTU size on the client side can help eliminate some connectivity problems occurring at the protocol level Recommended MTU size on client side 1300 Start Stop Refresh Press Refresh button to re check IPSec tunnels status Tunnel status description started ipsec is running and tunnels waiting for other end to connect stopped ipsec is not rumning tunnel is nct enabled Logout Copyright 2008 Geneko All rights reserved http www aeneko rs Figure 94 IPSec start stop page for GWR Router Onthe device connected on GWR router setup default gateway 192 168 10 1 88 MARDWARE 4Gon www 4Gon co uk info 4gon
3. Summary Tunnels Used 1 Tunnels Avaible 5 Add New Tunnel Phi DES MD5 1 2 test no stopped Ph2 DES MDS 1 AJN 10 0 10 1 192 168 10 1 172 29 8 5 Delete Edit Reducing the MTU size on the client side can help eliminate some connectivity problems occurring at the protocol level Recommended MTU size on client side 1300 Start Stop Refresh Press Refresh button to re check IPSec tunnels status semun Tunnel status description started ipsec is running and tunnels waiting for other end to connect established tunnel is up deleted tunnel is down stopped ipsec is not running or tunnel is not enabled Logout ko All rights reserved Copyright Figure 85 IPSec start stop page for GWR Router 1 the device connected on GWR router 1 setup default gateway 10 0 10 1 The GWR Router 2 configuration e Click Network Tab to open the LAN NETWORK screen Use this screen to configure LAN TCP IP settings Configure IP address and Netmask P Address 192 168 10 1 Subnet Mask 255 255 255 0 Press Save to accept the changes Geneko 81 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router CONFIGURATION CONSOLE HARDWARE Status Use the following IP address IP Address 192 168 10 1 __ Subnet Mask 255 255 255 0 Local DNS 1
4. mee eei desierit 100 Figure 107 AutoKey IKE advanced parameters 101 Geneko 5 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Figure 108 Routing parameters cec Dem metre ee ir ep oper nre ire 102 Figure 109 Policies from untrust to trust 103 Figure 110 Policies from trust to untrust zone 104 6 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router List of Tables Table 1 Technical 5 9 Table 2 GWR Router features esses nenanem anan anan nenen 10 Table 3 Network parameters nnper nre Re e ANAA A NARAR AI Ta 19 Table 4 DHCP Server parameters ienei aAa DOS REOR REI DH ORI EI EE 20 5 WANN parameters DEPO O HOP HH EH E P OK HIR Ra inar 23 Table 6 Advanced WAN gt 24 Table 7 Routing parameters sess gt 26 Table 8 parametens n 26 9 parameters 5c detecte ng ro gan a a EH ett ie xe p e ERI Hee par SONG as aaa ga 31 Table
5. back ESCs logout 1 exit gt Figure 49 Network parameters Static vs Dynamic IP Addresses The demand for public IP addresses continues to grow yet there are a finite number of public IP addresses available To solve this problem wireless carriers have resorted to handing out dynamic IP addresses instead of static or fixed public addresses With dynamic IP addresses each device is given an IP address for a limited period of time usually no more than a few hours and then the IP address is changed By using dynamic IP addressing schemes carriers effectively solve their problem of not having a sufficient quantity of fixed IP addresses to meet market demand This creates a challenge for users with mobile terminated applications who need a fixed address to target Fortunately solutions to all of the challenges above are available using the GWR Router For example the network connection type between the carrier s network infrastructure and the customer s data center can provide some flexibility Also a frame relay or Virtual Private Network VPN connection between the carrier network and the customer s data center allows remote devices to use private IP address assignments for mobile terminated application connections A static IP can also be maintained by creating a VPN connection to the end device If you want manually to configure TCP IP parameters of the GWR Router choose option 1 You will get page like one on the
6. Geneko 56 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router IPSec Tunnel wizard page 3 of 6 This screen enables you to configure the Local and Remote Group parameters of the Local Group Setup IPSec tunnel Gateway Type IP Address Local Security Group Type IP Address Remote Group Setup Gateway Type IP Address Remote Security Group Type IP Address Cancel Back Figure 42 IPSec Tunnel Wizard 3 of 6 Step 4 This screen enables you to configure the Phase 1 Phase 2 and Pre Shared Key parameters of the IPSec tunnel e Phase 1 DH Group You can choose 1 Group2 or Group5 Please read the IPSEC section of documentation for the details e Phase 1 Encryption You can choose DES 3DES or AES 128 Please read the IPSEC section of documentation for the details e Phase 1 Authentication You can choose MD5 or 5 1 Please read the IPSEC section of documentation for the details Perfect Forward Secrecy Check this box to enable a Perfect Forward Secrecy method Please read the IPSEC section of documentation for the details e Phase 2 Encryption You can choose NULL DES 3DES or AES 128 Please read the IPSEC section of documentation for the details Phase 2 Authentication You can choose NULL MD5 or 5 1 Please read the IPSEC section of documentation for the details Preshared Key Use this f
7. Jn E K EIER gr Figure 106 AutoKey IKE parameters e Click Advanced button Security level User defined custom Phase 2 proposal pre g2 3des sha Bind to Tunnel interface tunnel 3 from step 1 Proxy ID Enabled LocallP netmask 10 10 10 0 24 RemotelP netmask 192 168 10 0 24 Click Return and OK seneko 19 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router SSG140RBGE 2 g2 esp 3des sha None gt None None y 9 Q Figure 107 AutoKey IKE advanced parameters Step 4 Routing e Click Destination tab on Routing menu e Click New button Routing parameters are IP Address 192 168 10 0 24 Gateway tunnel 3 tunnel interface from step 1 Click OK 101 MARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Network gt Routing gt Routing Entries gt Configuration Virtual Router Name trust vr A IP Address Netmask 152165100 I Configuration NextHop virtual Router untrust vr v O Gateway DNS Interface tunnel3 Gateway IP Address 0 0 0 0 Zones Interfaces Permanent Tag 0 Routing Metric 1 Destination ra Figure 108 Routing parameters Step 4 Policies e Click Polic
8. SEES SEES EEE PU ESC logout 1s exit q gt J 03 O1 Figure 51 DHCP Server configuration In the DNS submenu of DHCP Server menu you can configure Primary and Secondary DNS server Primaru DNS 1 None 2 Used bu ISP 3 User defined 0 0 0 0 back ESC logout 1 exit gt Figure 52 Primary DNS E E E Secondaru DNS 1 2 Used bu ISP 3 User defined 0 0 0 0 back ESCs logout lt exit gt Figure 53 Secondary DNS GPRS EDGE HSDPA Settings To enter the Wireless network GPRS EDGE HSDPA configuration select the GPRS EDGE settings menu item in Custom Setup Figure 54 You can select for which SIM card you want to enter the parameters Figure 55 Geneko 61 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router GPRS EDGE settings EEE EEE 1 SIM card 1 2 2 back ESC logout 1 exit q Figure 54 SIM card selection Once you choose which SIM card to configure you can enter initial parameters for GPRS EDGE HSDPA access and you can choose au
9. e Simply install the GWR Router outside the building and run an RJ 45 Ethernet cable to your switch located in the building e Keep antenna cable away from interferers AC wiring Antenna Options Once optimum placement is achieved if signal strength is still not desirable you can experiment with different antenna options Assuming you have tried a standard antenna next consider e Check your antenna connection to ensure it is properly attached e High gain antenna which has higher dBm gain and longer antenna Many cabled antennas require a metal ground plane for maximum performance The ground plane typically should have a diameter roughly twice the length of the antenna NOTE Another way of optimizing throughput is by sending non encrypted data through the device Application layer encryption or VPN put a heavy toll on bandwidth utilization For example IPsec ESP headers and trailers can add 20 3096 or more overhead 105 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL B Mobile operator GPRS settings GWR Series Router Australia Optus telstra internet Austria Connect Austria ONE OneNet Max Online Business business gprsinternet Max Online Metro gprsmetro Al net 5 internet 5 web one at Mobilkom A1 Belgium GPRS APN Mobistar Proximus internet proximus be Orange
10. eni psss p 10 0 10 0 255 255 255 0 0 v Routing table Enable Dest Network Netmask Gateway Metric Interface Action v 0000 0 0 0 0 1 v Rem 10220 255 255 255 0 1 Rem Maintenance E Add Forward protocol connections from external networks to the following internal devices Enable Tunneling Protocol Send to GRE 10 0 0 1 E ESP 10 0 02 Forward TCP UDP connections from external networks to the following internal devices Enable Protocol Source Port Dest IP Address Destination Port Action o TCP Add Logout Figure 80 Routing configuration page e Optionally configure IP Filtering and TCP service port settings to block any unwanted incoming traffic User from remote LAN should be able to communicate with HO LAN MARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router IPSec Tunnel configuration between two GWR Routers IPSec tunnel is a type of a VPN tunnels with a secure tunneling method On the diagram below Figure 81 is illustrated simple network with two GWR Routers Idea is to create IPSec tunnel for LAN to LAN site to site connectivity Static WAN Static WAN 172 29 8 4 172 29 8 5 mc LAN 10 0 10 1 LAN 192 168 10 1 GWR2 LAN 10 0 10 24 LAN 192 16
11. 150 160 170 1 Figure 103 Gateway parameters e Click Advanced button Security level User Defined custom Phase1 proposal pre g2 3des sha Mode Agressive must be aggressive because of NAT Nat Traversal enabled Click Return and OK Geneko 9f MARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router SSG140RBGE 1 Q b e aum 4 b Figure 104 Gateway advanced parameters Step 3 Create AutoKey IKE e Click VPNs in main menu Click AutoKey IKE e Click New button seneko 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router VPNs gt AutoKey IKE 550140 List 20 per page QJuniper SSG 140 Name Gateway Security Monitor Configure DialupvPN Dialup GW Custom oft Edit LinkToTehnika VPNtoTehnika Custom On Edit Remove TestGwR TestGWR Custom ott Edit Remove VPNtoUSSD GW VPNtoUSSD Custom ott Edit Remove Figure 105 AutoKey IKE AutoKey IKE parameters are VPNname TestGWR Security level Custom Remote Gateway Predefined Choose VPN Gateway from step 2 99 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router SG140RBGE
12. Enable Dest Network Netmask Gateway Metric Interface 10001 255 255 255 255 g 0 ppp vy 10 0 10 0 255 255 255 0 E 0 v Routing table Enable Dest Network Netmask Gatew Metric Interface Action v 0000 0 0 0 0 1 0 Rem v 192 168 4 0 255 255 255 0 1 grel Rem al ethO Add Forward protocol connections from external networks to the following internal devices Enable Tunneling Protocol Send to i E GRE 10 0 0 1 O EsP 1000 2 Port i Forward TCP UDP connections from external networks to the following internal devices Enable Protocol Source Port Dest IP Address Destination Port Action Logout E Add Figure 76 Routing configuration page for GWR Router 2 e Optionally configure IP Filtering and TCP service port settings to block any unwanted incoming traffic e On the device connected on GWR router 2 setup default gateway 192 168 2 1 e MARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router GRE Tunnel configuration between GWR Router and third party router GRE tunnel is a type of a VPN tunnels but it isn t a secure tunneling method However you can encrypt GRE packets with an encryption protocol such as IPSec to form a secure VPN On the diagram below Figure 77 is illustrated simple network w
13. blank blank blank Password jphone Password blank blank Password blank tango Password mobimak Password blank blank blank blank GWR Series Router DNS 10 10 10 30 Optional Settings DNS 212 17 192 49 212 17 192 49 DNS 212 17 192 49 212 17 192 49 DNS 194 185 97 134 DNS 213 230 155 94 213 230 130 222 DNS 212 245 255 2 Optional Settings Optional Settings DNS 213 226 131 131 193 219 32 13 DNS 194 176 32 129 195 22 175 1 Optional Settings DNS 194 154 192 101 194 154 192 102 Optional Settings Optional Settings DNS 203 92 128 131 203 92 128 132 DNS 202 75 129 101 10 216 4 21 DNS 203 121 16 85 203 121 16 120 DNS 202 188 0 133 G seneko 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 110 USER MANUAL Mexico Operator internet itelcel com Netherlands KPN Mobile O2 Telfort T Mobile Vodafone normal 2 office vodafone nl New Zeleand Norway lenor Mobil Netcom internet netcom no oland Operator Idea Plus GSM Polkomtel hillipines Operator Globe Smart an Cellular ortugal MN internet vodafone pt GPRS APN GPRS APN internet internet internet internet or internet act web vodafone nl GPRS APN GPRS APN GPRS APN www idea pl www plusgsm pl GPRS APN www globe com ph internet GPRS APN
14. internet internet vodafone Username blank Username internet Username user specific telsim blank or gprs web vodafone Password blank internet blank Password blank internet blank Password blank blank blank blank Password blank blank Password user specific telsim blank or gprs Password web password GWR Series Router 194 179 001 101 DNS 212 73 32 3 212 73 32 67 Optional Settings Optional Settings DNS 213 55 128 1 213 55 128 2 DNS 212 35 35 35 212 35 35 5 DNS 164 128 36 34 164 128 76 39 Optional Settings DNS 10 1 1 1 DNS 210 241 199 199 Optional Settings DNS 202 183 255 20 202 183 255 21 DNS 203 155 33 1 203 44 144 33 Optional Settings DNS 212 156 4 1 212 156 4 4 212 252 168 240 212 252 119 4 Optional Settings DNS 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 113 c o m gt Z c gt GWR Series Router contract 193 113 200 200 193 113 200 201 o d payandgo o2 co uk payandgo payandgo DNS 158 43 192 1 T Mobile general t mobile uk mms general t mobile uk Username one2one jetsam oem pan SS Ukraine 5 Password Optional Settings www jeons ua UMC USA GPRS APN Username Password Opti
15. bars of signal strength e 101 or less dBm Unacceptable running LED e 100 to 91 dBm Weak 1 LED e 90to 81 dBm Moderate 2 LED e 80 to 75 dBm Good 3 LED e 74 or better dBm Excellent 4 LED e Ois not known or not detectable running LED Signal strength LED will blink when GPRS EDGE connection is not active When GPRS EDGE connection is active Signal strength LED is on Reset condition will be indicated by blinks of the first and last Signal strength LED When signal quality is not known or not detectable there will be running LED indication e Protocol The parameter of networks interface PPP interface active connection to GPRS EDGE Address IP address of the PPP connection e WAN Address The IP address in GPRS EDGE network provided by the mobile service Primary DNS Address IP address of the primary DNS server provided by the mobile service e Secondary DNS Address IP address of the secondary DNS server provided by the mobile service 66 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router e Data received The total number of received bytes e Data transmitted The total number of transmitted bytes RA Packets RX Error Packets RX Dropped Packets The number of received packets number of errors dropped packets e TXPackets TX Error Packets TX Dropped Packets The numbe
16. e reset button USB connector for connection of additional device e Power supply connector Ethernet connector LED e yellow on Network traffic detected off when no traffic detected e Network Link green LED on Ethernet activity or access point engaged 2220 ETHERNET RS 232 SB RST 9 12V DC Figure 2 GWR Router front panel The Reset button can be used for a warm reset or a reset to factory defaults Warm reset If the GWR Router is having problem connecting to the Internet press and hold in the Reset button for a second using the tip of a pen Reset to Factory Defaults To restore the default settings of the GWR Router hold the RESET button pressed for a few seconds Restoration of the default configuration will be signaled by blinks of the first and last signal strength LED on the top panel This will restore the factory defaults and clear all custom settings of the GWR Router You can also reset the GWR Router to factory defaults using the Maintenance gt Default Settings screen Back panel On the back panel of device Figure 3 the following connectors are located e slot for SIM cards e SMA connector for connection of the GSM UMTS antenna ANTENNA SIM CARD 1 SIM CARD 2 Figure 3 GWR Router back panel 11 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Top
17. internet Username webgprs or blank blank blank t mobile Or blank vodafone vodafone Username blank erainternet Username blank Password webgprs2002 Password gprs or blank blank blank t mobile or blank vodafone vodafone Password Password blank blank Password erainternet idea blank Password globe blank blank Password blank blank blank GWR Series Router Optional Settings Optional Settings DNS 62 133 126 28 62 133 126 29 DNS 193 79 237 39 193 79 242 39 Optional Settings Optional Settings DNS 212 45 118 43 212 45 118 44 Optional Settings DNS 213 158 194 1 DNS 194 9 223 79 194 204 159 1 DNS 212 2 96 51 212 2 96 52 Optional Settings DNS 203 127 225 10 203 127 225 11 DNS 202 57 96 3 202 57 96 4 blank Optional Settings DNS 194 79 69 129 DNS 194 65 3 20 194 65 3 21 DNS 212 18 160 133 seneko 111 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL Telcel Russia GPRS APN Megaton internet nw NWGSM erbia GPRS APN VIP Mobile pM Srbija aie ingapore Operator GPRS APN mobilenet or sunsurf lovakia GPRS APN lovenia GPRS APN internet si mobil outh Africa Operator GPRS APN pain GPRS APN elefonica movistar es GWR Series Router 212 18 160 1
18. re s rem v 100 1024 Telnet 23 Rem IP Filtering L Maintenance All Trafic v TCP UDP 1 65535 Add Allow access from the following networks Enable IP Address Subnet Mask Service Protocol Port Action 1001024 2552552550 Custom 56 2 t B All Traffic TCP UDP 1 65535 di la Caution Carefully review settings before applying changes Incorrect settings can make the GWR Router inaccessible from the network Demilitarized Zone Host Settings Logout DMZ Private IP Address 1001088 Reload Save Figure 19 IP Filtering configuration page 38 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router IP Filtering configuration example This example configuration demonstrates how to secure a network with a combination of routers and a GWR Router CR 192 168 4 1 Figure 20 IP Filtering configuration example GWR ROUTER GONFIGORATION GONSODLE IP Filtering Status Information ation O Disable all Enable Firewall O Enable DMZ Firewall Settings Automatically allow access from all devices on the local subnet Allow acce
19. Keep network settings check box allows user to keep all network settings after factory default reset System will be reset after pressing Restore button GWR ROUTER CONFIGURATION GONSOLE Administration Default Settings Settings Be carefull when restoring factory default settings The factory settings will clear all current settings and reboot the system All rights reserved Figure 29 Default Settings page Management Serial Port There are two methods which can be used to configure router serial port Administrator can use following serial port settings e Configuration console Serial to Ethernet converter The GWR Router provides a way for a user to connect from a network connection to a serial port It provides all the serial port setup a configuration file to configure the ports a control login for modifying port parameters monitoring ports and controlling ports The GWR Router supports RFC 2217 remote control of serial port parameters Configuration may be performed by serial RS 232C port DB 9 interface using following credentials user admin and initial password admin Console port allows partial administration configuration and control options The GWR Router serial port configuration 1 Read and follow the User Manual 2 Connect a serial console cable to the 45 console port 47 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295
20. Rem 1 IN _ J 1 add Local Tunnel Address IP Address of virtual tunnel interface Local Tunnel Netmask WE 255 255 255 252 Reload Tunnel Source IP address of tunnel source Tunnel Destination IP address of tunnel destination Period Valid values 3 60 Retries Valid values 1 10 All rights reserved Copyright 200 Figure 15 GRE tunnel parameters configuration page GRE Keepalive GRE tunnels can use periodic status messages known as keepalives to verify the integrity of the tunnel from end to end By default GRE tunnel keepalives are disabled Use the keepalive check box to enable this feature Keepalives do not have to be configured on both ends of the tunnel in order to work a tunnel is not aware of incoming keepalive packets You should to define the time interval in seconds between transmitted keepalive packets Enter a number from 1 to 60 seconds and the number of times to retry after failed keepalives before determining that the tunnel endpoint is down Enter a number from 1 to 10 times Geneko 31 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Internet Protocol Security IPSec Internet Protocol Security IPSec is a protocol suite for securing Internet Protocol communication by authenticating and encrypting each IP packet of a data stream Click VPN Settings Tab to open the VPN
21. 10 IPSec SuTImatys ci eed eei tri rd EQ a ORO HH e Xr He ERO EIU XI UU 33 Table 11 IPSec Parameters cccccssccsssssssesssessecessessecesecsascesscssecsecessecsesessesseecsusesseceaseasecessessecessceasesseceasesaeceneesaes 36 Table 12 filtering parameters acer rrr PO PIPER ER ER REP IERI HE 38 Table 13 Administrator sse entren eene 41 Table 14 Device Identity parameters oett thee EH P ie 41 Table 15 Dat time parameters 5 Dear re ne D IHE AAA PO RIED ID Cro 43 Table 16 Serial port parameters eso cereo onn rom RR EI OT OUO D I DERI D RENE 49 Table 17 SNMP pararneters seen eran RO ERER EUR PORRO 50 Table 18 Syslog parameters 51 7 Geneko HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Description of the GPRS EDGE HSDPA Router Thank you for choosing Geneko GWR Router The GWR Router is a compact electronic device based different kind of GSM UMTS modules which enables data transfers using GPRS EDGE HSDPA technologies Primarily the GWR Router expands the capabilities of GSM UMTS module by the option of connecting entire LAN through the built in Ethernet interface The GWR Router provides automatic establishment and maintenance of GPRS EDGE HSDPA connection Integrate
22. 3 Tunnel Destination 10 251 49 2 KeepAlive enable no Period none Retries none Press ADD to put GRE tunnel rule into GRE table Press Save to accept the changes Geneko i HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router GWR ROUTER GONFIGURATION GONSOLE VPN Settings GRE Generic Routing Encapsulation GRE Tunneling Enable Local Tunnel Address Local Tunnel Netmask Tunnel Source Tunnel Destination Interface ive Enable Period Retries Action iv 10 10 10 2 255 255 255 252 10 251 49 3 10 251 49 2 grel d Rem Add Local Tunnel Address IP Address of virtual tunnel interfac Local Tunnel Unchangeable always 255 255 266 282 Reload Tunnel Source IP address of tunnel source Tunnel Destination IP address of tunnel destination Period Valid values 3 60 IP Filtering Retries Valid values 1 10 Maintenance Copyright 2008 Geneko All rights reserved hitp jjwww geneko co rs Figure 75 GRE configuration page for GWR Router 2 e Configure GRE Route Click Routing on Settings Tab Parameters for this example are Destination Network 192 168 4 0 Netmask 255 255 255 0 Routing table Local network
23. 355634006265786 Revision REVISION 04001 Mobile Connection Operator Cell ID 04C6 Phone Number 1 Signal Strength 5 amp dBm Mobile Statistics Default Settings Management Protocol BemtPoiProtoco Aciviy 090440 fort Time WAN 172 29 8 6 10 001 Address Address Primary 192 168 111 100 Second unknown DNS DNS Address Address Data Received 52 RX 4 RX Error 0 RX Dropped 0 v b 1 Data 101 TX 6 TX Error 0 TX Dropped 0 Transmitted Packets Packets Packets mun Figure 9 WAN Information m MARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Settings Network Click Network Tab to open the LAN network screen Use this screen to configure LAN TCP IP settings Network Tab Parameters Description Choose this option if you want to manually configure TCP IP parameters of Ethernet port Type the IP address of your GWR Router in dotted decimal notation 192 168 1 1 is the factory default IP address The subnet mask specifies the network number portion of an IP address The GWR Router support sub netting You must specified subnet mask for your LAN TCP IP settings Type the IP address of your local DNS server Click Reload to discard any changes and reload previo
24. Allow access from the following networks Enable This check box allows forbidden host to access to the GWR Router IP address This field specifies IP address of the host allow access to the GWR Router Subnet mask This field specifies network mask of the network to allow access to the GWR Geneko 37 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Router Service This field specifies service of the host allow access to the GWR Router Protocol This field specifies protocol of the host allow access to the GWR Router Port This field specifies port of the host allow access to the GWR Router dd Click Add to insert add new item in table to the GWR Router Remove Click Remove to delete selected item from table Demilitarized Zone Host Settings MZ Private IP Address This check box allows forbidden host to access to the GWR Router Reload Click Reload to discard any changes and reload previous settings Save Click Save to save your changes back to the GWR Router Table 12 IP filtering parameters ROUTER GONSOLE O Disable all Enable Firewall O Enable DMZ IP Filtering Firewall Settings Automatically allow access from all devices on the local subnet Allow access from the following devices Enable IP Address Service Protocol Port Action 4 10102 prre
25. Cancel Figure 38 GRE Tunnel Wizard 3 of 4 This screen Figure 39 is a summary of entered parameters on previous pages If the settings are correct click on the Finish button If some of parameters are show in red color that parameters are not entered correctly Please use the Back button to enter parameters correctly Geneko 24 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router GRE Tunnel wizard page 4 of 4 This screen is a summary of entered Network Settings parameters in previous steps Tf the settings are correct click on the IPAddress 10 0 10 150 Finish button Subnet Mask 255 255 255 0 Local DNS Wan Settings Provider telekom Authentication Username mts Password 064 Dial String ATD 99 1 Initial String at cgdcont 1 IP atest PINEnabled x PIN Value 1234 GRE Settings Local Tunnel Address 10 10 10 1 Local Tunnel Netmask 255 255 255 252 Tunnel Source 172 29 8 6 Tunnel Destination 172 29 8 5 Destination Network 10 0 10 0 Destination Network Netmask 255 255 255 0 Cancel Back iL Finish Figure 39 GRE Tunnel Wizard 4 of 4 Wizards IPSec Tunnel This wizard helps you to easily configure the IPSec tunnels You will be asked through six pages about the parameters for the IPSec tunnel Click IPSec Tunnel Tab to open the wizard Use those screens to co
26. EEE EE EEE back ESC logout lt exit q gt Figure 68 Configuration wizard Geneko 67 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Configuration Example GWR Router as Internet Router The GWR Routers can be used as Internet router for a single user or for a grooup of users entire LAN NAT function is enabled by default on the GWR Router The GWR Router uses Network Address Translation NAT where only the mobile IP address is visible to the outside world outgoing traffic uses the GWR Router mobile IP address Ethernet LAN Network Figure 69 GWR Router as Internet router e Click Network Tab to open the LAN NETWORK screen Use this screen to configure LAN settings Configure IP address and Netmask IP address 10 1 1 1 Netmask 255 255 255 0 e Press Save to accept the changes e Use SIM card with a dynamic static IP address obtained from Mobile Operator Note the default gateway may show or change to an address such as 10 0 0 1 this is normal as it is the GSM UMTS provider s network default gateway e Click WAN Settings Tab to configure parameters necessary for GSM UMTS connection parameters necessary for connection configuration should be required from mobile operator e Check the status of GSM UMTS connection WAN Settings T
27. Figure 16 IPSec Summary screen VPN Settings IPSec Summary Description This is the number of IPSec tunnels being defined This is the number of available not yet defined IPSec tunnels This filed indicates the number of the IPSec tunnel Field shows the Tunnel Name that you gave to the IPSec tunnel This field shows if tunnel is enabled or disabled After clicking on Start button only enabled tunnels will be started M a ES a cr un un 9 42 SN 2 7 5 Q E 2 M R 3 cr 3 ct status of defined IPSec tunnels This field shows both Phase 1 and Phase 2 details Encryption method DES 3DES AES Authentication method MD5 SHAT and DH Group number 1 2 5 that you have defined in the IPSec Setup section Field shows the chosen options from IPSec Advanced section by displaying the first letters of enabled options Field shows the IP address and subnet mask of the Local Group Field displays the IP address and subnet mask of the Remote Group Field shows the IP address of the Remote Device HARDWARE 32 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Delete Click on this link to delete the tunnel and all settings for that particular tunnel Edit This link opens screen wher
28. Figure 17 IPSec Settings part I nere gie dbi pei i be dei 33 Figure 18 IPSec Settings part IL nere iriti iinn a aona pen i eb deter papan 34 Figure 19 IP Filtering configuration 38 Figure 20 IP Filtering configuration example sse eene nene 39 Figure21 IP Eitenhng Setting Snurra e E DH pan a X D OM aaa ga UR IR M 39 Figure 22 Administrator Password configuration page sese 40 Figure 23 Device Identity Settings configuration 42 Figure 24 Date Time Settings configuration page sse nennen nennen 42 Figure 25 Diagnostic page eterni e n n P Eee e a Re 44 Figure 26 Update Firmware page etre 45 Figure 27 File download 5 ont eie ee ERR ERO MESE ES EE 46 Pigure260 5ystem Reboot page neos anaa a naga NING UAI REGI UTE RIO OU ODER E PEOR 46 Figure 29 Default Settings page oie reete PH PRU RAPERE HS EU TUE EHI HI 47 Figure 30 Serial Port configuration page 48 Figure 31 SNMP configuration 50 Figure 32 Syslog config ration page nire gagana aane EE ANAA TONG NGENE ANNA Agen ARA 51 Figure 33 Internet Access Wizard page 1 52 Figure 34 Internet Access Wizard page 2 nennen 52 Fi
29. France Operator GPRS APN Password Optional Settings DNS 62 201 119 99 Bouygues ebouygtel com blank 62 201 159 99 Bouygues B2Bouygtel b2bouygtel com blank DNS 62 201 119 99 DNS 172 20 2 10 LENSES DNS Orange Pro orange fr orange orange 194 051 003 056 194 051 003 076 DNS Orange Perso orange orange 194 051 003 056 194 051 003 076 Proxy Germany Operator GPRS APN Password Optional Settings DNS 139 7 30 125 D2 Vodafone web vodafone de any 139 7 30 126 DNS 212 023 97 2 D1 T Mobile gprs DNS 193 254 160 1 2 Viag DNS 195 182 096 28 Interkom Blank 195 182 96 61 Greece Operator GPRS APN Username Password Optional Settings your phone DNS 212 152 79 19 Telestet gnet b online gr 24680 21211527920 DNS 213 249 17 10 Vodafone GR internet vodafone gr blank 213 24917 11 DNS Cosmote internet blank 195 167 065 194 Hongkong Operator GPRS APN Username Password Optional Settings DNS 202 84 255 1 New World internet blank blank 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL Orange web orangehk com internet internet internet GPRS APN People SmarTone Sunday Hungary Pannon contract Username net Pannon flat vitamax snet internet n et or internet vodafone net standardnet vodafone hu or internet vodafone net wap internet or contract ve user specifi
30. IP address configuration SSG140RBGE Interface tunnel 3 IP Netmask 0 0 0 0 0 Properties Basic MIP DIP IGMP NHTB Tunnel Untrust trustv 0000 DIHIN ethernet0 2 trust vr Figure 101 Network Interfaces edit MARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Step 2 Create New VPN IPSEC tunnel e Click VPNs in main menu To create new gateway click Gateway on AutoKey Advanced tab VPNs gt AutoKey Advanced gt Gateway SSG140RBGE 2 List 20 per page Name Peer Type Address ID User Group LocalID Security Level Configure Dialup GW Dialup Dialup Group Custom GW VPNtoUSSD Static Custom EE EIE TestGWR Dynamic 172 27 76 80 212 62 38 106 Custom be gt VPhtoTehnika Static Custom E Figure 102 AutoKey Advanced Gateway e Click New button Enter gateway parameters Gateway name TestGWR Security level Custom Remote Gateway type Dynamic IP address because your GWR router are hidden behind Mobile operator router s firewall NAT Peer ID 172 30 147 96 Presharedkey 1234567890 Local ID 150 160 170 1 Geneko 96 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router SSG140RBGE 2 172 30 147 96
31. Information The GWR Router s Status menu provides general information about router as well as real time network information Status menu has three parts General Information Network Information LAN WAN Information Status General General Information Tab provides general information about device type device firmware version OS version hardware resources utilization MAC address of LAN port and Up Time since last reboot Screenshot of General Router information is shown at Figure 7 Data in Status menu are read only and can not be changed by user If you want to refresh screen data press Refresh button SIM Card detection is performed only at time booting the system 16 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router GWR ROUTER GONFIGURATIONIGONSOLE HARDWARE Status General Status Ger GWR252 B Settini Net Firmware Version 21 0 252 CPU Vendor CirrusLogic ARM9 9302 200Mh UP Time 00 05 26 Mac Address 00 1e 5c 00 02 8d SIM Card Detection Sim card inserted Sim card not inserted 88 Sim card checking Sim card damaged SIM Card detection is performed only at time of booting the system Logout Copyright 2008 Geneko All rights reserved Figure 7 General Router information Status Network Info
32. Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router The GWR Router 2 configuration e Click Network Tab to open the LAN NETWORK screen Use this screen to configure LAN TCP IP settings Configure IP address and Netmask P Address 192 168 2 1 Subnet Mask 255 255 255 0 Press Save to accept the changes ROUTER CONFIGURATION GONSOLE ARE HARDWA Status Network General Use the following IP address IP Address 19216821 Subnet Mask 255 255 255 0 Local DNS Management Serial Port Copyright 2008 Geneko All rights reserved http www geneko co rs Figure 74 Network configuration page for GWR Router 2 e Use SIM card with a static IP address obtained from Mobile Operator Note the default gateway may show or change to an address such as 10 0 0 1 this is normal as it is the GSM UMTS provider s network default gateway Click WAN Settings Tab to configure parameters necessary for GSM UMTS connection All parameters necessary for connection configuration should be required from mobile operator e Check the status of GSM UMTS connection WAN Settings Tab If disconnected please click Connect button e Click VPN Settings gt GRE to configure GRE tunnel parameters Enable yes Local Tunnel Address 10 10 10 2 Local Tunnel Netmask 255 255 255 252 Unchangeable always 255 255 255 252 Tunnel Source 10 251 49
33. ability to monitor the status of the Router and receive notification of any critical events as they occur on the network The Router supports SNMP v1 v2c and all relevant Management Information Base II groups The appliance replies to SNMP Get commands for MIBII via any interface and supports a custom MIB for generating trap messages 49 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router GWR ROUTER CONFIGURATION CONSOLE HARDWARE SNMP Settings Status Simple Network Management Protocol Enable SNMP Get Community test Service Port O User Defined Default 161 Service Access Both SNMP Status Status started ight 2008 Geneko All rights reserved Bitp jjwww geneko co rs Figure 31 SNMP configuration page SNMP Settings Description SNMP is enabled by default To disable the SNMP agent click this option to unmark Create the name for a group or community of administrators who can view SNMP data The default is public It supports up to 64 alphanumeric characters Sets the port on which SNMP data has been sent The default is 161 You can specify port by marking on user defined and specify port you want SNMP data to be sent Sets the interface enabled for SNMP traps The default is Both Click Reload to discard any changes and r
34. be dedicated to specific DHCP Client based on MAC address DHCP server will always assign same IP address to appropriate client Address Exclusi This field specifies IP addresses that will be excluded from the pool of DHCP IP address DHCP server will not assign this IP to DHCP clients Click Add to insert add new item in table to the GWR Router Click Remove to delete selected item from table Click Save to save your changes back to the GWR Router Click Reload to discard any changes and reload previous settings Table 4 DHCP Server parameters 20 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router GWFORGUTER GONFIGOURATION GONSODE DHCP Server YM Enable Dynamic Host Configuration Protocol DHCP Server IP Address range Lease Duration 0 Hays 8 hrs mins From 10 0 10 150 To 10 0 10 160 Primary DNS Secondary DNS G None None a O used by ISP O Used by ISP Maintenance O User Defined O user Defined Static Lease Reservations Address Exclusions Enable IP Address Mac Address Action Enable Start Address End Address Action o Add 10 010 152 10 010 153 Rem o Add Mac Address format KK KK KK KK The IP address pool must specify addresses that are in the subnetwo
35. confused by requests from pppd for CCP negotiation IMaximum Receive Unit bytes Compression Control Protocol negotiation Disable magic number negotiation With this option pppd cannot detect a looped back line This option should only be needed if the peer is buggy Enables the passive option in the LCP With this option pppd will attempt to initiate a connection if no reply is received from the peer pppd will then just wait passively for a valid LCP packet from the peer instead of exiting as it would without this option With this option pppd will not transmit LCP packets to initiate a connection until a valid LCP packet is received from the peer as for the passive option with ancient versions of pppd Append domain Append the domain name d to the local host name for authentication purposes Show PAP password When logging the contents of PAP packets this option causes pppd to show the in log password string in the log message Specifies how many seconds to wait before re initiating the link after it terminates The holdoff period is not applied if the link was terminated because it was idle Time to wait before re initiating the link sec If this option is given pppd will presume the peer to be dead if n LCP echo requests are sent without receiving a valid LCP echo reply If this happens pppd LCP Echo Failure will terminate the connection This option can be used to enable pppd to terminate afte
36. connection Pin enabled If you have enabled the PIN code on your mobile card check this box and enter the PIN code GRE wizard 2 4 This screen enables you to configure the Provider lelekom GSM settings Authentication Username mts Password Dial string 99 1 Tnitial string at cgdcont 1 IP atesi Pin Enabled 1234 Cancel Figure 37 GRE Tunnel Wizard 2 of 4 This screen Figure 38 enables you to configure the GRE settings Step 4 Local Tunnel Address Enter the local IP address of GRE interface Local Tunnel Netmask This field is automatically generated Tunnel Source Enter the IP address of the local WAN interface If the GSM connection is already established this field will be automatically generated Tunnel Destination Enter the IP address of the remote WAN interface Destination Network Enter the remote network address which will be available through the GRE tunnel The route to this address will be inserted automatically Destination Network Netmask Enter the remote network address netmask GRE Tunnel wizard page 3 of 4 This screen enables you to configure the Local Tunnel Address 10 10 10 1 Local Netmask Tunnel Source 172 2986 Destination 17229 85 Destination Network 10 0 10 0 Destination Network Netmask 255 255 255 d
37. or baud rate to use for the serial connection Valid baud rates are 300 1200 2400 4800 9600 19200 38400 57600 or 115200 Indicates the number of bits in a transmitted data package Checks for the parity bit None is the default The stop bit follows the data and parity bits in serial communication It indicates the end of transmission The default is 1 Enable configuration console Flow control manages data flow between devices in a network to ensure it is processed efficiently Too much data arriving before a device is prepared to manage it causes lost or retransmitted data None is the default Number of the TCP IP port to accept connections from for this device Either raw brawl or telnet raw enables the port and transfers all data as is between the port and the long rawlp enables the port and transfers all input data to device device is open without any termios setting It allows using printers connected to them telnet enables the port and runs the telnet protocol on the port to set up telnet parameters This is most useful for using telnet Click Reload to discard any changes and reload previous settings Click Save button to save your changes back to the GWR Router and activate deactivate serial to ethernet converter Table 16 Serial port parameters Management Simple Management Protocol SNMP SNMP or Simple Network Management Protocol is a network protocol that provides network administrators with the
38. required in most site to site VPNs The GWR Router configuration e Click Network Tab to open the LAN NETWORK screen Use this screen to configure LAN settings Configure IP address and Netmask IP Address 192 168 10 1 Subnet Mask 255 255 255 0 Press Save to accept the changes 91 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router GWR GONFIGURATION GONSGLE Use the following IP address IP Address 1001011 Subnet Mask 255 255 255 0 Local DNS 195 78 6 36 Reload Save Copyright 2008 Genek reserved 08 Geneko Al rights http www geneko rs Figure 96 Network configuration page for GWR Router e Use SIM card with a static IP address obtained from Mobile Operator e Click WAN Settings Tab to configure parameters necessary for GSM UMTS connection parameters necessary for connection configuration should be required from mobile operator e Check the status of GSM UMTS connection WAN Settings Tab If disconnected please click Connect button e Click VPN Settings gt IPSEC to configure IPSEC tunnel parameters Click Add New Tunnel button to create new IPSec tunnel Tunnel parameters are e Add New Tunnel Tunnel Name test Enable true e Local Group Setup Local Security Gateway Type IP Only IP Address 172 30 147 96 Local Securi
39. station class B GPRS Quad band 850 900 1800 1900MHz E SE EDGE EDGE multi slot class 10 mobile station class B Connector SMA 500 Ethernet activity network traffic Power on Status LED GSM link activity attached network GSM UMTS Signal quality Power supply 9 12VDC 1000mA Operation 5 to 50 8 Storage 20 C to 85 C Physical Width x Length x Height 95 x 135 x 35 mm characteristics Weight 380g Table 1 Technical parameters Advanced version GWR201 GWR202 GWR251 GWR252 GWR301 GWR302 version GWR201 B GWR202 B GWR251 B GWR252 B eenexo i 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Router features Feature Short description Main Ethernet Configuration GWR Series Router Base version Advanced version Static IP DHCP Client Static and dynamic IP address DHCP Server DHCP Server support Routing Static IP filtering IP address Network filtering NAT NAT on WAN interface IP forwarding IP TCP UDP packets from WAN to LAN GRE Generic Routing Encapsulation is a tunneling protocol that can encapsulate a wide variety of network layer protocol packet types inside IP tunnels GRE Keepalive Keepalive for GRE tunnels IPSec pass through ESP tunnels IPsec Internet Protocol Security is a sui
40. to configure LAN settings Configure IP address and Netmask IP Address 10 1 1 1 Subnet Mask 255 255 255 0 Press Save to accept the changes Geneko HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router GWR ROUTER CONFIGURATION CONSOLE HARDWARE Status use the following IP address IP Address 0 1 1 1 Subnet Mask 255 255 255 0 Local DNS 195178536 Copyright 2008 Geneko All rights reserved http www Figure 78 Network configuration page e Use SIM card with dynamic static IP address obtained from Mobile Operator Note the default gateway may show or change to an address such as 10 0 0 1 this is normal as it is the GSM UMTS provider s network default gateway Click WAN Settings Tab to configure parameters necessary for GSM UMTS connection All parameters necessary for connection configuration should be required from mobile operator e Check the status of GSM UMTS connection WAN Settings Tab If disconnected please click Connect button e Click VPN Settings gt GRE Tunneling to configure new VPN tunnel parameters Enable yes Local Tunnel Address 10 1 1 1 Local Tunnel Netmask 255 255 255 252 Unchangeable always 255 255 255 252 Tunnel Source 195 200 200 2 Tunnel Destination 195 178 54 1 KeepAlive enabl
41. to discard any changes and reload previous settings Click Save to save your changes back to the GWR Router After pressing Save button it make take more then 10 seconds for router to save parameters and become operational again Table 7 Routing parameters 26 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Port translation For incoming data the GWR Router forwards IP traffic destined for a specific port port range or GRE IPsec protocol from the cellular interface to a private IP address on the Ethernet side of the GWR Router Settings Dynamic Routing Protocol Dynamic routing performs the same function as static routing except it is more robust Static routing allows routing tables in specific routers to be set up in a static manner so network routes for packets are set If a router on the route goes down the destination may become unreachable Dynamic routing allows routing tables in routers to change as the possible routes change Routing Information Protocol RIP The Routing Information Protocol RIP is a dynamic routing protocol used in local and wide area networks As such it is classified as an interior gateway protocol IGP using the distance vector routing algorithm The Routing Information Protocol provides great network stability guaranteeing that if one network connection goes down the network can quickly adapt to se
42. uses the Preshared Key to authenticate the remote IKE peer Both ends of IPSec tunnel must use the same mode of key management IPSec Setup Keying Mode Phase 1 is used to create the SA DH Diffie Hellman is a key exchange protocol used during Phase 1 of the authentication process to establish pre shared keys There are three groups of different prime key lengths Group 1 is 768 bits Group 2 is 1024 bits and Group 5 is 1536 bits long If network speed is preferred select Group 1 If network security is preferred select Group 5 Select a method of encryption DES 56 bit 3DES 168 bit or AES 128 128 bit The method determines the length of the key used to encrypt or decrypt ESP packets AES 128 is recommended because it is the most secure Make sure both ends of the IPSec tunnel use the same encryption method Select a method of authentication MD5 or SHA1 The authentication method determines how the ESP packets are validated MD5 is a one way hashing Phase 1 Authentication algorithm that produces a 128 bit digest SHA1 is a one way hashing algorithm that produces a 160 bit digest SHAT is recommended because it is more secure Make sure both ends of the IPSec tunnel use the same authentication method Phase 1 Encryption Configure the length of time IPSec tunnel is active in Phase 1 The default value is 28800 seconds Both ends of the IPSec tunnel must use the same Phase 1 SA Life Time setting If the Perfect Forward Secrecy PF
43. 10 0 Subnet Mask 2552552550 Figure 97 IPSEC configuration page I for GWR Router Geneko 93 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router IPSec Setup Keying Mode IKE with Preshared key Phase 1 DH Group Group2 Phase 1 Encryption 3DES Phase 1 Authentication 5 1 Phase 1 SA Life Time 28800 seconds Perfect Forward Secrecy Phase 2 DH Group Group2 Phase 2 Encryption 3DES Phase 2 Authentication 5 1 v Phase 2 SA Life Time 3600 seconds Preshared Key 1234567890 Advanced WI Aggressive Mode D Compress Support IP Payload Compression Protocol IPComp Cl Dead Peer Deection DPD sec v NAT Traversal Back Reload Save Figure 98 IPSec configuration page II for GWR Router Click Start button on Internet Protocol Security page to initiate IPSEC tunnel GWR ROUTER CONFIGURATION GONSOLE Internet Protocol Security Status ral Network Information Summary WAN Information Settings Tunnels Used 1 Tunnels Avaible 5 Add New Tunnel Phi 3DES SHA1 2 Ph2 3DES SHA1 2 Reducing the MTU size on the client side can help eliminate some connectivity problems occurring at the protocol level Recommended MTU size on client side 1300 Star
44. 1000 Belgrade Serbia tel 381 11 3340 591 3140 178 fax 381 11 3224 437 officeihgeneko co rs gt www geneko co rs Figure 5 Declaration of conformity Geneko 14 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Device Configuration There are two methods which can be used to configure the GWR Router Administrator can use following methods to access router e Web browser e Console port Default access method is by web interface This method gives administrator full set of privileges for configuring and monitoring Configuration administration and monitoring of the GWR Router can be performed through the web interface The default IP address of the router is 192 168 1 1 Another method is by console port RJ45 serial interface This method has limited option for configuring the GWR Router Device configuration using web application The GWR Router s web based utility allows you to set up the Router and perform advanced configuration and troubleshooting This chapter will explain all of the functions in this utility For local access of the GWR Router s web based utility launch your web browser and enter the Router s default IP address 192 168 1 1 in the address field A login screen prompts you for your User name and Password Default administration credentials are admin admin For administration by web interface please enter IP address of ro
45. 234567890 Advanced Aggressive Mode true Compress Support IP Payload Compression Protocol IPComp false Dead Peer Detection DPD false NAT Traversal true Press Save to accept the changes Device 2 Device Tunnel Add New Tunnel Tunnel Number 2 Tunnel Name test Enable o Local Group Setup Local Security Gateway Only IP Address 1722985 Local Security Group Type IP Address 192 168 10 1 Remote Group Setup Remote Security Gateway IP Only v Type Address 1722984 Remote Security Group Type IP Address 100 101 Figure 87 IPSEC configuration page I for GWR Router 2 IPSec Setup Keying Mode IKE with Preshared key Phase 1 DH Group Groupl Phase 1 Encryption DES Phase 1 Authentication 5 Phase 1 SA Life Time 28800 seconds Perfect Forward Secrecy v Phase 2 DH Group Groupl Phase 2 Encryption DES 2 Authentication MD5 2 SA Life Time 3600 seconds Preshared Key 1234567890 Advanced Aggressive Mode compress Support IP Payload Compression Protocol IPComp C Dead Peer Deection DPD sec V NAT Traversal zm Figure 88 IPSec configuration page II for GWR Router 2 Geneko 83 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245
46. 34 beeline mobtel vipmobile Username blank jusernejm Cellcis CLIENTE movistar Password beeline blank mts Password gprs 064 vipmobile Password blank blank blank Password blank pasvord Password blank blank Password Cellcis Password AMENA movistar Optional Settings DNS 194 190 195 66 194 190 192 34 DNS 213 87 0 1 213 87 1 1 Optional Settings DNS 217 65 192 1 DNS 195 178 38 3 Optional Settings DNS 202 79 64 21 202 79 64 26 DNS 165 21 100 88 165 21 83 88 DNS 203 116 1 78 203 116 254 150 Optional Settings Optional Settings DNS 193 189 160 11 193 189 160 12 DNS 80 95 225 230 80 95 225 231 Optional Settings Optional Settings DNS 213 143 33 8 213 143 32 20 DNS 94 179 001 100 seneko 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 112 USER MANUAL Movistar Vodafone Airtel weden Operator airtelnet es GPRS APN elia online telia se ele2 Vodafone Europolitan ispInk1 swip net internet vodafone net witzerland Operator GPRS APN internet Orange Sunrise internet Swisscom gprs swisscom ch Taiwan Operator GPRS APN Chunghwa emome or internet Telekom Far EasTone fetnet01 KG Telecom aiwan Cellular Thailand GPRS Turkey GPRS AVEA UK GPRS APN Vodafone UK mobile o2 co uk
47. 5 255 0 configure the Internet connection This screen enables you to configure the Local DNS LAN settings Cancel Figure 33 Internet Access Wizard page 1 of 3 Step 2 This screen Figure 34 enables you to configure the settings e Provider Enter the name for the Internet connection e Authentication In this menu you can choose the type of the PPP authentication e Username Enter the username for your Internet connection This username is provided by your GSM mobile provider Password Enter the password for your Internet connection This password is provided by your GSM mobile provider e Dial string Enter the dial string for your Internet connection This dial string is provided your GSM mobile provider In most cases you do not need to change this field Initial string Enter the initial string for your Internet connection This initial string is provided by your GSM mobile provider In most cases you do not need to change this field except the APN string which is the Access Point Name of your GSM Internet connection e Pin enabled If you have enabled the PIN code on your mobile card check this box and enter the PIN code Internet Access wizard page 2 of 3 This screen enables you to configure the Provider telekom GSM settings Authentication vi Username mts i Password 064 zi Dial string ATD 99 8 Initial string at cgdcont 1 IP
48. 8 10 100 Gateway 10 0 10 1 Gateway 192 168 10 1 Figure 81 IPSec tunnel between two GWR Routers The GWR Routers requirements e Static IP WAN address for tunnel source and tunnel destination address e Source tunnel address should have static WAN IP address e Destination tunnel address should have static WAN IP address GSM UMTS Type For GSM UMTS networks GWR Router connections may require a Custom APN A Custom allows for various IP addressing options particularly static IP addresses which are needed for most VPN connections A custom APN should also support mobile terminated data that may be required in most site to site VPNs The GWR Router 1 configuration e Click Network Tab to open the LAN NETWORK screen Use this screen to configure LAN settings Configure IP address and Netmask IP Address 10 0 10 1 Subnet Mask 255 255 255 0 Press Save to accept the changes Geneko 8 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router GWR ROUTER CONFIGURATION CONSOLE HARDWARE Network Use the following IP address IP Address 1001011 Subnet Mask 255 255 255 0 Local DNS 195 78 6 36 Status Reload Save Figure 82 Network configuration page for GWR Router 1 e Use SIM card with a static IP address obtained from Mobile Operator Click WAN Setting
49. 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Click Start button on Internet Protocol Security page to initiate IPSEC tunnel GWR ROUTER GONFIGORATION GONSOLE rnet Protocol Security Information Summary mation Status Settings Tunnels Used 1 Tunnels Avaible 5 D WAN 5 Routing Add New Tunnel Routing Protocol No Reducing the MTU size on the cient side can help eliminate some connectivity problems occurring at the protocol level Recommended MTU size on client side 1300 Start Stoj Refresh Press Refresh button to re check IPSec tunnels status 55 a Tunnel status description started ipsec is running and tunnels waiting for other end to connect estabished tunnel is up deleted tunnel is down stopped ipsec is not running or tunnel is not enabled fault Management Logs Wizards Logout Copyright 2008 Geneko All rights reserved http Figure 89 IPSec start stop page for GWR Router 2 e the device connected on GWR router 2 setup default gateway 192 168 10 1 94 MARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router IPSec Tunnel configuration between GWR Router and Cisco Router IPSec tunnel is a type of a VPN tunnels with a secure tunneling method On the diagram below Figure 90 is illustrated simple network with GWR Router a
50. 95 78 6 36 Reload Save c Tunnel Figure 86 Network configuration page for GWR Router 2 e Use SIM card with a static IP address obtained from Mobile Operator Click WAN Settings Tab to configure parameters necessary for GSM UMTS connection All parameters necessary for connection configuration should be required from mobile operator e Check the status of GSM UMTS connection WAN Settings Tab If disconnected please click Connect button e Click VPN Settings gt IPSEC to configure IPSEC tunnel parameters Click Add New Tunnel button to create new IPSec tunnel Tunnel parameters are Add New Tunnel Tunnel Name test Enable true e Local Group Setup Local Security Gateway Type IP Only IP Address 172 29 8 5 Local Security Group Type IP IP Address 192 168 10 1 Remote Group Setup Remote Security Gateway Type IP Only IP Address 172 29 8 4 Remote Security Group Type IP IP Address 10 0 10 1 e IPSec Setup Keying Mode IKE with Preshared key Phase 1 DH group Group 1 Phase 1 Encryption DES Phase 1 Authentication MD5 Phase 1 SA Life Time 28800 Perfect Forward Secrecy true Phase 2 DH group Group 1 Phase 2 Encryption DES Phase 2 Authentication MD5 82 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Phase 2 SA Life Time 3600 Preshared Key 1
51. BASE Operator GPRS APN IM Canada GPRS APN Operator Rogers AT amp T vpn com web pro be Internet Rogers AT amp T VPN user specific gprs alplus at web telering at mobistar Username Username wapuserl wapuserl Password blank blank Password user specific blank blank blank blank web Password mobistar blank blank Password claro tim Password wap wap Optional Settings DNS 202 139 83 3 192 65 91 129 DNS 139 130 4 4 203 50 170 2 DNS 202 124 68 130 202 124 76 66 DNS 192 189 54 33 210 80 58 3 Optional Settings DNS 194 24 128 100 194 24 128 102 DNS 213 162 64 1 213 162 64 2 DNS 213 162 64 1 213 162 64 2 DNS 213 162 64 1 213 162 64 2 DNS 194 48 124 200 194 48 139 254 DNS 212 95 31 11 212 95 31 35 Optional Settings DNS 212 65 63 10 212 65 63 145 DNS 195 238 2 21 195 238 222 Optional Settings G 4Gon www 4Gon co uk info 4gon co uk Tel 444 0 1245 808295 Fax 44 0 1245 808299 106 USER MANUAL China GPRS Croatia Operator 5 VIPNET Start gprs0 vipnet hr VIPNET Pro gprs5 vipnet hr Czech Republic GPRS Cesky Mobil contract M Cesky Mobil prepaid cinternet Eurotel contract internet Eurotel Go gointernet Oscar contract internet Oscar Oskarta ointernet T Mobile internet t mobile
52. Custom APN allows for various IP addressing options particularly static IP addresses which are needed for most VPN connections A custom APN should also support mobile terminated data that may be required in most site to site VPNs The GWR Router 1 configuration e Click Network Tab to open the LAN NETWORK screen Use this screen to configure LAN settings Configure IP address and Netmask P Address 192 168 4 1 Subnet Mask 255 255 255 0 Press Save to accept the changes 69 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router GWR ROUTER CONFIGURATION GONSOLE ARE HARDWA Status Network 3 use the following IP address IP Address 1192168 41 Subnet Mask 2552552550 Local DNS Copyright 2008 Geneko All rights reserved http www geneko co rs Figure 71 Network configuration page for GWR Router 1 Use SIM card with a static IP address obtained from Mobile Operator Note the default gateway may show or change to an address such as 10 0 0 1 this is normal as it is the GSM UMTS provider s network default gateway e Click WAN Settings Tab to configure parameters necessary for GSM UMTS connection parameters necessary for connection configuration should be required from mobile operator e Check the status of GSM UMTS connection WAN Settings Tab
53. Displays messages about Internet Key Exchange IKE events debug crypto ipsec Displays IPsec events debug crypto engine Displays crypto engine events ceneko 90 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router IPSec Tunnel configuration between GWR Router and Juniper SSG firewall IPSec tunnel is a type of a VPN tunnels with a secure tunneling method On the diagram below Figure 95 is illustrated simple network with GWR Router and Cisco Router Idea is to create IPSec tunnel for LAN to LAN site to site connectivity Private Static WAN Public Static WAN 172 30 147 96 150 160 170 1 GWR Initiator Juniper SSG firewall VPN terminator LAN 192 168 10 1 LAN 10 10 10 1 LAN 192 168 10 x LAN 10 10 10 x Gateway 192 168 10 1 Gateway 10 10 10 1 Figure 95 IPSec tunnel between GWR Router and Cisco Router The GWR Routers requirements e Static IP WAN address for tunnel source and tunnel destination address Source tunnel address should have static WAN IP address e Destination tunnel address should have static WAN IP address GSM UMTS Type For GSM UMTS networks GWR Router connections may require a Custom APN A Custom APN allows for various IP addressing options particularly static IP addresses which are needed for most VPN connections A custom APN should also support mobile terminated data that may be
54. Fax 44 0 1245 808299 USER MANUAL GWR Series Router 3 Serial port parameters e Baud rate 57600 e Data bits 8 Parity None e Stop bits 1 Flow control None Click Serial Port Tab to open the Serial Port Configuration screen Use this screen to configure the GWR Router serial port parameters Figure 30 GWR ROUTER CONFIGURATION CONSOLE Serial Port Serial Port Settings Settings O Enable configuration console Enable serial ethernet converter Bits per second 57600 Data bits 8 Parity None Stop bits 1 xi I Flow control None Bind to port 223 Type of socket Port Valid values 1 65535 Copyright 2008 Geneko All rights reserved http www geneko co rs Figure 30 Serial Port configuration page 25 MARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Serial Port Settings Enable router configuration console Default serial port parameters are Serial port parameters baud rate 57600 data bits 8 parity none stop bits 1 flow control none Enable serial Ethernet Enable serial to Ethernet converter This provides a way for a user to converter connect from a network connection to a serial port The unit and attached serial device such as a modem must agree on a Bits per second speed
55. Figure 50 60 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Static 1 IP 10 0 10 113 2 Netmask 255 255 255 0 back ESC logout 1 exit q Figure 50 Network parameters configuration DHCP Server Settings Option 2 in Custom setup menu Figure 48 is DHCP server This menu Figure 51 enables you to configure full DHCP server parameters It is possible to define the beginning option 2 IP Address From and end option 3 IP Address To of the pool of IP addresses which will be assigned to DHCP clients as well as DNS and excluded IP addresses currently under construction LLLI LL X DHCP Server Ge ae ae ae ae e e ae ae ae ae e eee e Oe OE OE EIE 1 Enable DHCP lt N 2 IP Address From 0 0 0 0 3 IP Address To 0 0 0 09 Address Exclusions Primary DNS None Secondary DNS None Lease Duration days 00 hrs mins 20 Ge ae ae ae ae ae eae ae ae ae e eee e EEE EEE EEE EE EE EE EEE EEE
56. Firefox do with this File Notepad default FlashGot Save File Do this automatically For Files like this from now on Figure 27 File download Click Export and then select the location where you want to store your backup configuration file By default this file will be called confFile bkg but you may rename it if you wish This process may take up to a minute Maintenance System Reboot If you need to restart the Router Geneko recommends that you use the Reboot tool on this screen Click Reboot to have the GWR Router reboot This does not affect the router s configuration ceneko GWR ROUTER CONFIGURATION CONSOLE HARDWARE Administration Reboot System Reboot AN I Settings Click reboot button if you want to reboot the system The reboot process need approximately 2 3 minutes to complete IP Filtering Maintenance Copyright ko All rights reserved http j www geneko co rs Figure 28 System Reboot page HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Maintenance Default Settings Use this feature to clear all of your configuration information and restore the GWR Router to its factory default settings Only use this feature if you wish to discard all the settings and preferences that you have configured Click Default Setting to have the GWR Router with default parameters
57. If disconnected please click Connect button e Click VPN Settings gt GRE to configure GRE tunnel parameters Enable yes Local Tunnel Address 10 10 10 1 Local Tunnel Netmask 255 255 255 252 Unchangeable always 255 255 255 252 Tunnel Source 10 251 49 2 Tunnel Destination 10 251 49 3 KeepAlive enable no Period none Retries none Press ADD to put GRE tunnel rule into GRE table Press Save to accept the changes i HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router GWR ROUTER GONFIGOURATION GONSOLE VPN Settings GRE Generic Routing Encapsulation GRE Tunneling Enable Local Tunnel Address Local Tunnel Netmask Tunnel Source Tunnel Destination Interface KeepAlive Enable Period Retries Action iv 10 10 10 1 255 255 255 252 10 251 49 2 10 251 48 3 grel o Rem o Add Local Tunnel Address Address of virtual tunnel interfa Tunnel Nemask unchangeable always 255 285 255 252 Reload Tunnel Source IP address of tunnel source Tunnel Destination IP address of tunnel destination Period Valid values 3 60 IP Filtering Retries Valid values 1 10 Maintenance Copyright 2008 Geneko All rights reserved http Jjwww geneko co rs Figu
58. M card must be inserted And finally device should have power supply by power supply connector and the attached adaptor SIM card must not be changed installed or taken out while device operates This procedure is performed when power supply is not connected 13 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Declaration of conformity Re Geral Ekonomik HARDWARE SOFTWARE ENGINEERING DECLARATION OF CONFORMITY We hereby declare that following product COMMUNICATION EQUIPMENT WIRELESS ROUTER Type Product name Technical specifications GWR201 GWR201B GWR202 GENEKO GWR ROUTER Input 9 12V 7 GWR202B GWR251 GWR251B GWR252 GWR252B GWR301 GWR302 are in conformity with standards harmonised with directives LVD EN 60950 1 2001 1st and or EN 60950 1 2001 EMC DIRECTIVE 2004 108 EC EN 301 489 1 V1 6 1 2005 09 EN 301 489 7 V1 3 1 2005 11 R amp TTE DIRECTIVE 1999 5 EC ETSI EN 301 511 V9 0 2 ETSI EN 301 511 V9 0 2 EN 301 908 1 amp EN 301 908 2 V2 2 1 RoHS DIRECTIVE 2002 95 EC EU COMMISION DECISION 2005 618 EC 2005 717 EC 2005 747 EC 2006 310 EC 2006 690 EC 2006 691 and 2006 692 reds esistere C 1304 SI Year of affixing of CE mark 2008 Director Place and date Belgrade October 1 2008 RB GeneralEkonomik Bul Despota Sefana 59 1
59. Netmask This is the netmask of the local LAN address of the router e Local DNS This field holds the address of the local DNS server that you want to use GRE Tunnel wizard page 1 of 4 This wizard helps you to easily IP Address 110 0 10 150 configure the GRE tunnels Subnet Mask 2552552550_ This screen enables you to configure the Local DNS LAN settings Figure 36 GRE Tunnel Wizard 1 of 4 Step 2 This screen Figure 37 enables you to configure the settings e Provider Enter the name for the Internet connection e Authentication In this menu you can choose the type of the PPP authentication e Username Enter the username for your Internet connection This username is provided by your GSM mobile provider Geneko 59 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Step 3 Password Enter the password for your Internet connection This password is provided by your GSM mobile provider Dial string Enter the dial string for your Internet connection This dial string is provided by your GSM mobile provider In most cases you do not need to change this field Initial string Enter the initial string for your Internet connection This initial string is provided by your GSM mobile provider In most cases you do not need to change this field except the ADN string which is the Access Point Name of your GSM Internet
60. ONFIGORATION GONSODLE Routing table Local network Enable Dest Network Netmask Gateway Metric Interface 10001 255 255 255 255 lo ppp 10 0 10 0 255 255 255 0 0 Routing table Enable Dest Network Netmask Gateway Metric Interface Action v 0000 0000 1 0 Rem v 1921681 0 255 255 255 0 J gret Rem et Forward protocol connections from external networks to the following internal devices Enable Tunneling Protocol Send to ESP 10002 Forward TCP UDP connections from external networks to the following internal devices Enable Protocol Source Port Dest IP Address Destination Port Action ada Copyright Geneko All rights reserved http jwww geneko co r Figure 13 Routing configuration page Use this menu to setup all routing parameters Administrator can perform following operations e Create Edit Remove routes including default route e Reroute GRE and IPSEC packet to dedicated destination at inside network e Port translation Reroute TCP and UPD packets to desire destination at inside network Routing Settings Routing Table This check box allows you to activate deactivate thi
61. Panel There is a sequence of 8 LED indicators on the top of this device by which the indication of the system current state device power supply and presence of GSM UMTS network as well as signal level is performed GWR ROUTER Figure 4 GWR Router top panel side LED Indicator Description Reset red LED the GWR Router reset state 2 Power status green LED Power supply Power status LED will blink when the GWR Router is in initializing state Link red LED will blink when connection is active 4 Signalstrength LED indicator e 101 or less dBm Unacceptable running LED e 100 to 91 dBm Weak 1 LED e 90to 81 dBm Moderate 2 LED e 80to 75 dBm Good 3 LED 74 or better dBm Excellent 4 LED e Qis not known or not detectable running LED Signal strength LED will blink when GPRS EDGE UMTS HSDPA connection is not active When GPRS EDGE connection is active Signal strength LED is on Reset condition will be indicated by blinks of the first and last Signal strength LED When signal quality is not known or not detectable there will be running LED indication e 12 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Putting Into Operation Before putting the GWR Router in operation it is necessary to connect all components needed for the operation GSM antenna e Ethernet cable and e SI
62. Router s Syslog captures all log activities and includes this information about all data transmissions every connection source and destination IP address IP service and number of bytes transferred Enter the Syslog server name or IP address Sets the port on which Syslog data has been sent The default is 514 You can specify port by marking on user defined and specify port you want Syslog data to be sent Click Reload to discard any changes and reload previous settings Click Save button to save your changes back to the GWR Router and enable disable Syslog Table 18 Syslog parameters HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Wizards Internet Access This wizard helps you to easily configure the Internet connection You will be asked through three pages about the parameters for the Internet connection Click Internet Access Tab to open the wizard Use those screens to configure the GWR Router Step 1 This screen Figure 33 enables you to configure the LAN settings e IP Address In this field you must enter the local LAN address of the router e Netmask This is the netmask of the local LAN address of the router e Local DNS This field holds the address of the local DNS server that you want to use Internet Access wizard page 1 of 3 This wizard helps you to easily IP Address 10010150 Subnet Mask 255 25
63. S feature is enabled IKE Phase 2 negotiation will generate new key material for IP traffic encryption and authentication so hackers using brute force to break encryption keys will not be able to obtain future IPSec keys Both ends of the IPSec tunnel must enable this option in order to use the function If the Perfect Forward Secrecy feature is disabled then no new keys will be generated so you do not need to set the Phase 2 DH Group There are three groups of different prime key lengths Group 1 is 768 bits Group 2 is 1024 bits and Group 5 is 1536 bits long If network speed is preferred select Group 1 If network security is preferred select Group 5 You do not have to use the same DH Group that you used for Phase 1 but both ends of the IPSec tunnel must use the same Phase 2 DH Group Phase 2 is used to create one or more IPSec SAs which are then used to key IPSec sessions Select a method of encryption NULL DES 56 bit 3DES 168 bit or AES 128 128 bit It determines the length of the key used to encrypt or decrypt Phase 2 Encryption ESP packets AES 128 is recommended because it is the most secure Both ends of the IPSec tunnel must use the same Phase 2 Encryption setting NOTE If you select a NULL method of encryption the next Phase 2 Authentication method cannot be NULL and vice versa Select a method of authentication NULL MD5 or SHA1 The authentication method determines how the ESP packets are validated MD5 is a on
64. SG140RBGE Figure 110 Policies from trust to untrust zone seneko G 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Apendix A How to Achieve Maximum Signal Strength with GWR Router The best throughput comes from placing the device in an area with the greatest Received Signal Strength Indicator RSSI RSSI is a measurement of the Radio Frequency RF signal strength between the base station and the mobile device expressed in dBm The better the signal strength the less data retransmission and therefore better throughput RSSI information is available from several sources LEDs on the device give a general indication e Via the GWR Router local user interface Signal strength LED indicator e 101 or less dBm Unacceptable running LED e 100 to 91 dBm Weak 1 LED e 90 to 81 dBm Moderate 2 LED e 80 to 75 dBm Good 3 LED e 740 better dBm Excellent 4 LED e Ois not known not detectable running LED Antenna placement Placement can drastically increase the signal strength of a cellular connection Often times just moving the router closer to an exterior window or to another location within the facility can result in optimum reception Another way of increasing throughput is by physically placing the device on the roof of the building in an environmentally safe enclosure with proper moisture and lightning protection
65. USER MANUAL GWR Series Router Content EIST OF FIGURES 4 LII IL NL f 7 DESCRIPTION OF THE GPRS EDGE HSDPA ROUTER 8 Examples of Possible 8 Technical o niei hinteren Er n EDT e i 9 GWR Router FEACULES oo ccc eescsesesscscsesscscsesecsesesscsesssscsesssecsesessesesesaescsesacsesesecseeesecsesecessesesaesesesseseeees 10 Product Overview Front Panel A TAA Back panel eere opa ena amp iere gak KAWAK Top Panel Putting Into OperatlOTnis iere rer re t aste E E Hn AE EE D Por rise Pe iaa 13 Declaration of conformity essit nte tenens 14 M 15 DEVICE CONFIGURATION USING WEB APPLICATION seseeeee nennen eene nnne nnne rennen 00000000 15 Add Remove Update manipulation in tables sse 16 Save Reload changes sees tete tete a En PEN ggap aaa Nan ag Status Information ari a do irae Status Status Network Information Status WAN I
66. ab If disconnected please click Connect button Check Routing Tab to see if there is default route should be there by default Router will automatically add default route via ppp0 interface e Optionally configure IP Filtering and TCP service port settings to block any unwanted incoming traffic e Configure the GWR Router LAN address 10 1 1 1 as a default gateway address on your PCs Configure valid DNS address on your PCs 68 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router GRE Tunnel configuration between two GWR Routers GRE tunnel is a type of a VPN tunnels but it isn t a secure tunneling method On the diagram below Figure 70 is illustrated simple network with two GWR Routers Idea is to create GRE tunnel for LAN to LAN site to site connectivity Static WAN Static WAN 10 251 49 2 10 251 49 3 LAN 192 168 2 1 GWR 2 GWR 1 LAN 192 168 4 1 LAN 192 168 4 x LAN 192 168 2 x lt Gateway 192 168 4 1 Gateway 192 168 2 1 Figure 70 GRE tunnel between two GWR Routers The GWR Routers requirements e Static IP WAN address for tunnel source and tunnel destination address Source tunnel address should have static WAN IP address e Destination tunnel address should have static WAN IP address GSM UMTS APN Type For GSM UMTS networks GWR Router connections may require a Custom APN A
67. ables containing the statistics were last cleared Descriptions of the network statistics follow e Protocol The parameter of networks interface e Address Hardware unique address of networks interface Netmask Mask of network e Broadcast Address Broadcast IP Address e Metric Number of routers over which packet must pass e MAC Address A unique network identifier All network devices are required to have their own unique MAC address The MAC address is on a sticker on you re the GWR Router The number is displayed as 12 hexadecimal digits usually starting with 00 1E 5C e MTU Maximal size of packet which is equipment able transmit e Data received The total number of received bytes e Data transmitted The total number of transmitted bytes e RA Packets RX Error Packets RX Dropped Packets The number of received packets number of errors dropped packets e TXPackets TX Error Packets TX Dropped Packets The number of transmitted packets number of errors dropped packets DHCP Server Information about DHCP status 65 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Network information X Protocol Ethernet Address 10 0 0 139 Netmask 255 255 255 0 Broadcast address 0 0 0 0 Metric 1 addr
68. age for GWR Router 2 eene e e enne 82 Figure 87 IPSEC configuration page I for Router 2 0 83 Figure 88 IPSec configuration page for GWR Router 2 eene nennen 83 Figure 89 IPSec start stop page for GWR Router 2 eee eene nennen 84 Figure 90 IPSec tunnel between GWR Router and Cisco Router 85 Figure 91 Network configuration page for GWR Router 86 Figure 92 IPSEC configuration page I for 22 87 Figure 93 IPSec configuration page for GWR Router sse eene 88 Figure 94 IPSec start stop page for GWR Router eene e enn S ESES 88 Figure 95 IPSec tunnel between GWR Router and Cisco Router 91 Figure 96 Network configuration page for GWR Router 92 Figure 97 IPSEC configuration page I for 93 Figure 98 IPSec configuration page II for GWR 94 Figure 99 IPSec start stop page for GWR Router eene nennen e en nnne 94 Figure 100 Network Interfaces 18 anang agan aaa nter nene netten tnnt 95 Figure 101 Network Interfaces edit eie te e OD noe cor 95 Figure 102 AutoKey Advanced Gateway 96 Figure 103 Gateway parameters eite get d EE Rie E papa pi inaning pahan 97 Figure 104 Gateway advanced parameters 2 98 Figure 105 Autokey IKE eee ate teet id de iss 99 Figure 106 AutoKey IKE parameters
69. al Click Back to return on IPSec Summary screen Click Reload to discard any changes and reload previous settings Click Save to save your changes back to the GWR Router After that router automatically goes back and begin negotiations of the tunnels by clicking on the Start button Table 11 IPSec Parameters 36 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Settings IP Filtering IP filtering is simply a mechanism that decides which types of IP datagram s will be processed normally and which will be discarded By discarded we mean that the datagram is deleted and completely ignored as if it had never been received You can apply many different sorts of criteria to determine which datagram s you wish to filter some examples of these are e Protocol type TCP UDP ICMP etc e Socket number for TCP UPD e Datagram type SYN data ICMP Echo Request etc e Datagram source address where it came from e Datagram destination address where it is going to It is important to understand at this point that IP filtering is a network layer facility This means it doesn t understand anything about the application using the network connections only about the connections themselves The IP filtering rule set is made up of many combinations of the criteria listed previously Use firewall option to set IP addresses from which is
70. atesl Pin Enabled 1234 Cancel Back i Figure 34 Internet Access Wizard page 2 of 3 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Step 3 This screen Figure 35 is a summary of entered parameters on previous pages If the settings are correct click on the Finish button If some of parameters are show in red color that parameters are not entered correctly Please use the Back button to enter parameters correctly Internet Access wizard page 3 of 3 This screen is a summary of entered Network Settings parameters in previous steps Tf the settings are correct click on the Address 10 0 10 150 Finish button Subnet Mask 255 255 255 0 Local DNS Wan Settings Provider telekom Authentication Username mts Password 064 Dial String ATD 99 1 Initial String at cgdcont 1 IP atest PINEnabled x PIN Value 1234 Cancel Back es lex E Finish Figure 35 Internet Access Wizard page 3 of 3 Wizards GRE Tunnel This wizard helps you to easily configure the GRE tunnels You will be asked through four pages about the parameters for the GRE tunnel Click GRE Tunnel Tab to open the wizard Use those screens to configure the GWR Router Step 1 This screen Figure 36 enables you to configure the LAN settings IP Address In this field you must enter the local LAN address of the router
71. button to enter parameters correctly IPSec Tunnel wizard page 6 of 6 This screen is a summary of entered Network Settings in previous steps If the settings are correct click on the Finish Address 10010150 button Subnet Mask 255 255 255 0 Local DNS Wan Settings Provider telekom Authentication Username mis Password 064 Dial String ATD S9 1s String at cgdcont 1 IP atest PIN Enabled PIN Value Group Setup Local Gateway Type IP Address Local Security Group Type 1 IP Address Remote Gateway Type IP Address Remote Security Group Type 1 Remote IP Address IPSec Setup DH Group Groupi bon DES Authentication MDS Perfect Forward Secrecy DH Group Groupi Encryption NULL Authentication NULL Preshared Key Advanced Aggressive Mode x Compress x Dead Peer Deection Enabled Dead Peer Deection NAT Traversal Cancel Back Figure 45 IPSec Tunnel Wizard 6 of 6 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax Geneko 58 HARDWARE 444 0 1245 808299 USER MANUAL GWR Series Router Logout The Logout tab is located on the down left hand corner of the screen Click this tab to exit the web based utility If you ex it the web based utility you will need to re enter your User Name and Password to log in and then manage the Router Device configuration using console Configuration may be performed via
72. c GPRS APN blank B bplgprs com PL ndonesia GPRS APN satelindogprs com Treland GPRS APN srael bplmobile Username vodafone GPRS APN Username Password blank blank blank blank wap user specific Password blank blank blank Password im3 blank Password gprs gprs vodafone Password GWR Series Router DNS 202 140 96 51 202 140 96 52 Optional Settings DNS 193 225 155 254 194 149 0 157 DNS 193 225 155 254 194 149 0 157 DNS 80 244 97 30 80 244 96 1 DNS 80 244 97 30 80 244 96 1 DNS 194 176 224 3 194 176 224 1 Optional Settings DNS 202 169 145 34 202 169 129 40 DNS 10 11 206 51 10 11 206 50 Optional Settings DNS 202 152 162 66 202 152 162 67 Optional Settings DNS 62 40 32 33 62 40 32 34 DNS 62 40 32 33 62 40 32 34 Optional Settings seneko 109 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL MIC Vodafone taly Operator GPRS APN BLU Contratto INTERNET BLU Prepagata PINTERNET Vodafone Webomnitel t Omnitel J Phone ithuania Operator GPRS APN Omnitel Lithuania gprs omnitel net uxembourg GPRS APN VOXsbile Macedonian Operator GPRS APN Malaysia Operator GPRS APN Timecel timenet com my Username internet Password blank blank
73. ccess the tunnel Subnet Mask Enter the subnet mask Select the remote LAN user s behind the Router at the other end that can use this IPSec tunnel Select the type you want to use IP or Subnet NOTE The Remote Security Group Type you select should match the Local Security Group Type selected on the IPSec device at the other end of the tunnel IP Address Only the computer with a specific IP address will be able to access the tunnel Select the remote LAN user s behind the Router at the other end that can use this Remote Security Group IPSec tunnel Select the type you want to use IP or Subnet NOTE The Remote Security Group Type you select should match the Local Security Group Type selected on the IPSec device at the other end of the tunnel Remote Security 34 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router IP Address Only the computer with a specific IP address will be able to access the tunnel Subnet Mask Enter the subnet mask In order to establish an encrypted tunnel the two ends of an IPSec tunnel must agree on the methods of encryption decryption and authentication This is done by sharing a key to the encryption code For key management the Router uses only IKE with Preshared Key mode IKE with Preshared Key IKE is an Internet Key Exchange protocol used to negotiate key material for Security Association SA IKE
74. co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router The Cisco Router configuration version 12 4 Service timestamps debug datetime msec Service timestamps log datetime msec no service password encryption hostname Cisco Router boot start marker boot end marker username admin password 7 KAKAK ck ck ck KAKAK KAKAK enable secret 5 no aaa new model no ip domain lookup Keyring that defines wildcard pre shared key crypto keyring remote pre shared key address 0 0 0 0 0 0 0 0 key 1234567890 ISAKMP policy crypto isakmp policy 10 encr 3des authentication pre share group 2 lifetime 28800 Profile for LAN to LAN connection that references the wildcard pre shared key and a wildcard identity crypto isakmp profile L2L description LAN to LAN connection keyring remote match identity address 0 0 0 0 crypto ipsec transform set testGWR esp 3des esp sha hmac 1 Instances of the dynamic crypto map 1 reference previous IPsec profile crypto dynamic map dynGWR 5 set transform set testGWR set isakmp profile L2L 1 Crypto map only references instances of the previous dynamic crypto map crypto map GWR 10 ipsec isakmp dynamic dynGWR interface FastEthernet0 0 description WAN INTERFACE ip address 150 160 170 1 255 255 255 252 ip nat outside no ip route cache no i
75. configuration screen At the Figure 16 you can see IPSec Summary screen This screen gathers information about settings of all defined IPSec tunnels You can define up to 5 Device to Device tunnels HARDWARE Routing Dynamic Routing Protocol RIP VPN Settings Management Serial Port SNMI Logout aja aja Sim em gt m m Enable Status Enc Auth Grp Advanced Setup GWR ROUTER GONFIGORATION GONSODLE Internet Protocol Security Summary Tunnels Used Tunnels Avaible Add New Tunnel No Name Enabled Status Enc Auth Grp Advanced Setup Local Group Remote Group Remote Gateway Action m Local Group Remote Gateway wizard yes started Phi DES MDS 1 Ph2 DES NULL none 10 10 10 12 none 10 10 10 11 10 10 10 13 Delete Reducing the MTU size on the client side can help eliminate some connectivity problems occurring at the protocol level Recommended MTU size on client side 1300 Dress Refresh button to re check IPSec tunnels status 5 description Tunnel statu started ipsec is n established tunnel is up deleted tunnel is down Start Stop ji Refresh n g and tunnels waiting for other end to connect stopped ipsec is not running or tunnel is not enabled Copyright 2008 Geneko All rights reserved http www geneko rs
76. cz Denmark Operator GPRS APN DC internet Sonofon blank Orange DK web orange dk gypt Operator GPRS APN Click Vodafone internet vodafone net MobiNil stonia Operator mobinilweb GPRS APN MT internet emt ee LE internet inland GPRS APN blank Username Username Username internet Username Username Password blank blank Password 38591 38591 Password blank blank blank blank blank blank blank Password blank blank blank Password internet blank Password blank blank Password GWR Series Router DNS 204 92 15 211 Optional Settings DNS 10 0 2 100 Optional Settings Optional Settings DNS 212 67 64 2 DNS 212 67 64 2 DNS 160 218 10 200 160 218 43 200 DNS 160 218 10 201 194 228 2 1 DNS 217 77 161 130 217 77 161 131 DNS 217 77 161 130 217 77 161 131 DNS 62 141 0 1 62 141 0 2 Optional Settings DNS 193 162 146 9 193 162 153 31 DNS 212 88 64 14 212 88 64 15 DNS 212 97 206 131 212 97 206 161 Optional Settings Optional Settings DNS 217 71 33 200 217 71 32 20 Optional Settings seneko 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 107 USER MANUAL GWR Series Router DNS 217 78 192 78 217 78 192 22 DNS 213 161 33 200 Sonera interet DNS 192 89 123 230 192 89 123 231
77. d DHCP server provides the users simple installation procedure and fast Internet access Built in VPN server provides VPN capabilities like GRE server client VPN IPSec GRE pass trough and VPN IPSec Figure 1 GWR Router Examples of Possible Application e mobile office e fleet management e security system e telemetric e remote monitoring e vending and dispatcher machines HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Technical Parameters Directive 2004 108 EC EN 301 489 1 V1 6 1 2005 09 EN 301 489 7 V1 3 1 2005 11 EN 60950 1 2001 1st Ed and or EN 60950 1 2001 Complies with Directive 1999 05 EC standards R amp ITE ETSI EN 301 511 V9 0 2 EN 301 908 1 amp EN 301 908 2 v2 2 1 Directive 2002 95 EC RoHS EU Commission 2005 618 2005 717 EC 2005 747 EC 2006 310 EC 2006 690 EC 2006 691 and 2006 692 Connector 45 Standard IEEE 802 3 Ethernet interface Physical layer 10 100Base T Speed 10 100Mbps Mode full or half duplex 1x UART RS 232C Other interfaces 1x USB Host GPRS Tri band 900 1800 1900 GPRS multi slot class 10 mobile station class B GSM module GPRS multi slot class 12 mobile station class B UMTS HSDPA Triple band 850 1900 2100MHz GSM GPRS EDGE Quad band 850 900 1800 1900MHz GPRS multi slot class 10 mobile station class B EDGE multi slot class 10 mobile
78. dividual clients workstations to obtain TCP IP configuration at startup from a server When configured as a server the GWR Router provides TCP IP configuration for the clients To activate DHCP server click check box Enable DHCP Server To setup DHCP server fill in the IP Starting Address and IP Ending Address fields Uncheck Enable DHCP Server check box to stop the GWR Router from acting as a DHCP server When Unchecked you must have another DHCP server on your LAN or else the computers must be manually configured This field specifies the first of the contiguous addresses in the IP address pool This field specifies last of the contiguous addresses in the IP address pool This field specifies DHCP session duration time This field specifies IP addresses of DNS server that will be assigns to systems that support DHCP client capability Select None to stop the DHCP Server from assigning DNS server IP address When you select None computers must be manually configured with proper DNS IP address Select Used by ISP to have the GWR Router assigns DNS IP address to DHCP clients DNS address is provided by ISP automatically obtained from WAN side This option is available only if GPRS connection is active Please establish GPRS connection first and then choose this option Select Used Defined to have the GWR Router assigns DNS IP address to DHCP clients DNS address is manually configured by user This field specifies IP addresses that will
79. ds of the IPSec tunnel must use the same mode of exchanges NOTE If the GWR Router is at both ends it is sufficient to enable Aggressive mode only at one end and the other end will automatically detect that Aggressive mode is proposed and switch to this mode aggressive Mode Compress IP Payload Payload Compression is a protocol that reduces the size of IP datagram Select Compression Protocol this option if you want the Router to propose compression when it initiates a IP connection When DPD is enabled the Router will send periodic HELLO ACK messages to check the status of the IPSec tunnel this feature can be used only when both peers Dead Peer Detection or IPSec devices of the IPSec tunnel use the DPD mechanism Once a dead peer DPD has been detected the Router will disconnect the tunnel so the connection can be re established Specify the interval between HELLO ACK messages how often you want the messages to be sent The default interval is 20 seconds Both the IPSec initiator and responder must support the mechanism for detecting the NAT router in the path and changing to a new port as defined in RFC 3947 NOTE If you select this mode the Aggressive mode will be automatically selected because it is obligatory option for NAT T to work properly NOTE Keep alive for NAT T function is enabled by default and cannot be disabled The default interval for keep alive packets is 20 seconds INAT Travers
80. e no Period none Retries none Press ADD to put GRE tunnel rule into VPN table Press Save to accept the changes Geneko 7b HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router GWR ROUTER CONFIGURATION CONSOLE VPN Settings GRE Status General Generic Routing Encapsulation GRE Tunneling Local Tunnel Local Tunnel Tunnel KeepAlive Enable Address Netmask Tunnel Source Destination Interface Enable Period Retries Action v 10 1 1 1 255 255 255 252 195 200 200 2 195 178 54 1 grel o Rem o 0 Add Local Tunnel Address IP Address of virtual tunnel interf e I Tunnel Source IP address of tunnel source Eri Tunnel Destination IP address of tunnel destination IP Filtering Period Valid values 3 60 Maintenance Retries Valid values 1 10 Administrator Copyright 2008 Geneko All rights reserved http jwww geneko co rs Figure 79 GRE configuration page e Configure GRE Route Click Routing on Settings Tab Parameters for this example are Destination Network 10 2 2 0 Netmask 255 255 255 0 GWR ROUTER GONFIGURATION GONSOLE HARDWARE WAN Information Settings Routing table Local network Enable Dest Network Netmask Gateway Metric Interface
81. e A TRATABAN HEB ga aa TEN AREE ERR NA 44 Maintenance Update Firmware 44 Maintenance Settings Backup sse netten tenente nnne tenes 45 Import Configuration File cr ean niii Ut Export Configuration Maintenance System Reboot Maintenance Default Settings sess tette nennen tenes 47 Management Serial 2 4 2 00 0 202400 00 eter tentent tenete tnter tenens 47 Management Simple Management Protocol SNMP 49 Management Log Semineri eur tere i 50 Wizards Internet Access sss 52 Wizards GRE TUNAeI z 555 aaa eere venir us oe ri I Do 53 Wizards IPSEC Tunnel essent 55 LJOU PEE 59 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router DEVICE CONFIGURATION USING CONSOLE 2 4 0 1 nennen 59 N twork SCRtINGS ULLAS DENIM I 60 Static vs Dynamic IP Addresses apanga ga PADING DANG Ra O ENG 60 DHCP Server Settings edente o NIRE TAA Pa ag
82. e Tunnel Add New Tunnel Tunnel Number 2 Tunnel Name test Enable Local Group Setup Local Security Gateway Only IP Address 172 29 84 Local Security Group IP hd IP Address 10 0 10 1 Remote Group Setup Remote Security Gateway Type IP Only v IP Address 1722985 Remote Security Group iMi TP Address 192 168 101 Figure 83 IPSEC configuration page I for GWR Router 1 IPSec Setup Keying Mode IKE with Preshared key v Phase 1 DH Group Group1 Phase 1 Authentication Phase 1 SA Life Time 28800 seconds Perfect Forward Secrecy Phase 1 Encryption 5 MDS Phase 2 DH Group Group Phase 2 Encryption DES Phase 2 Authentication MD5 v Phase 2 SA Life Time 3600 seconds Preshared Key 1234567890 Advanced Aggressive Mode Compress Support IP Payload Compression Protocol IPComp C Dead Peer Deection DPD sec v Traversal Back Reload Save Figure 84 IPSec configuration page II for GWR Router 1 80 MARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Click Start button on Internet Protocol Security page to initiate IPSEC tunnel GWR ROUTER GONFIGORATION GONSOLE Internet Protocol Security Status
83. e way Phase 2 Authentication hashing algorithm that produces a 128 bit digest SHAT is a one way hashing algorithm that produces a 160 bit digest 5 1 is recommended because it is more secure Both ends of the IPSec tunnel must use the same Phase 2 35 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Authentication setting NOTE If you select a NULL method of authentication the previous Phase 2 Encryption method cannot be NULL Configure the length of time an IPSec tunnel is active in Phase 2 The default is 3600 seconds Both ends of the IPSec tunnel must use the same Phase 2 SA Life Time setting This specifies the pre shared key used to authenticate the remote IKE peer Enter a key of keyboard and hexadecimal characters e g 264222 or 345fa929b8c3e This field allows a maximum of 1023 characters and or hexadecimal values Both ends of the IPSec tunnel must use the same Preshared Key NOTE It is strongly recommended that you periodically change the Preshared Key to maximize security of the IPSec tunnels There are two types of Phase 1 exchanges Main Mode and Aggressive Mode Aggressive Mode requires half of the main mode messages to be exchanged in Phase 1 of the SA exchange If network security is preferred don t use this option Main Mode will be used If network speed is preferred select Aggressive Mode Both en
84. e you can change the tunnel s settings Add New Tunnel Click on this button to add a new Device to Device IPSec tunnel After you have added the tunnel you will see it listed in the Summary table Start This button starts the IPSec negotiations between all defined and enabled tunnels If the IPSec is already started Start button is replaced with Restart button This button will stop all IPSec started negotiations Click on this button to refresh the Status field in the Summary table Table 10 IPSec Summary To create a tunnel click Add New Tunnel button Depending on your selection the Local Group Setup and Remote Group Setup settings will differ Proceed to the appropriate instructions for your selection Add New Tunnel Tunnel Number 2 Tunnel Name Enable Local Group Setup Local Security Gateway Type Only IP Address Local Security Group Type IP Remote Group Setup Remote Security Gateway Type IP Only IP Address Remote Security Group Type v IP Address Figure 17 IPSec Settings part I 33 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router IPSec Setup Keying Mode IKE with Preshared key Phase 1 DH Group Groupl Phase 1 Encryption DES v Phase 1 Authentication MD5 Phase 1 SA Life Time 28800 seconds Perfect Forward Secrecy Phase 2 E
85. eboot after pressing Q button and you will have to wait 1 min before it become available again Press ESC button if you want to go back and return to previous menu If you want to logout and quit console session pres button L When you logout you will have to retype username password if you want to log in router again OC eMe ME IE ICE MIC IEEE Me Custom Setup Ge ae ae ae ae ae ae ae ae ae ae eae ae ae ae ae ae eae ae ae ae ae ae ee ae ae ae ae e ae 1 Network settings 2 DHCP Server 3 GPRS EDGE settings 4 Routing 5 Administration 6 Status 7 Configuration wizard Ge de ac ae ae ae ae ae ae ac ae ae ae ae ae ae ac ac ae ae eae ae ace ae ae ae eae ae ae ae ae ae e e ae ae ae ae aee eae ae ae ee ERE back ESC logout 1 exit q gt EK Figure 48 Main configuration menu Network Settings To enter the network configuration select the Network settings menu Figure 49 item in Custom Setup To define the network interface IP address IP address the network mask Netmask you can choose between static and dynamic IP configuration option Network settings 1 Use static IP address Y 2 Obtain an IP address automatically lt N
86. ees nennen rentrer 67 Figure 69 GWR Router as Internet rOUter ecce entere TANGAN nee te tiet ti ie ita dne rank 68 Figure 70 GRE tunnel between two GWR 69 Figure 71 Network configuration page for GWR Router 12 2 enne 70 Figure 72 GRE configuration page for GWR 1 71 Figure 73 Routing configuration page for Router 1 sss nennen 71 Figure 74 Network configuration page for GWR Router 2 72 Figure 75 GRE configuration page for GWR 2 73 Figure 76 Routing configuration page for GWR Router 2 02 nennen 73 Figure 77 GRE tunnel between Cisco router and GWR 74 Figure 78 Network configuration 2 tenente nennen tenerent nennen nnne nne 76 Figure 79 GRE configuration page eee niei iei niin HERI HR HIER NANG TANGAN GADA AA Kana 77 Figure 80 Routing configuration 2 77 Figure 81 IPSec tunnel between two Routers Kagan AAS EA enne e en eren 78 Figure 82 Network configuration page for GWR Router 1 sss eene 79 Figure 83 IPSEC configuration page I for Router 1 sees 80 Figure 84 IPSec configuration page for GWR Router 1 sse enn nennen 80 Figure 85 IPSec start stop page for GWR Router eene e eene 81 Figure 86 Network configuration p
87. eload previous settings Click Save button to save your changes back to the GWR Router and enable disable SNMP Table 17 SNMP parameters Management Logs Syslog is a standard for forwarding log messages in an IP network The term syslog is often used for both the actual syslog protocol as well as the application or library sending syslog messages Syslog is a client server protocol the syslog sender sends a small less than 1KB textual message to the syslog receiver Syslog is typically used for computer system management and security auditing While it has a number of shortcomings syslog is supported by a wide variety 50 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router of devices and receivers across multiple platforms Because of this syslog can be used to integrate log data from many different types of systems into a central repository CONFIGURATION CONSOLE System Logger Syslog Settings Service Server 10 0 10 88 Service Port O User Defined Default 514 Syslog Status Status stopped All rights reserved ph geneko co rs Figure 32 Syslog configuration page The GWR Router supports this protocol and can send its activity logs to an external server Syslog Settings The GWR Router can send a detailed log to an external Syslog server The
88. ess 0031E35C 300 300302 MTU 1500 Data receiced 0 Data transmitted 12374 RX packets 0 TH packets 400 RM error packets 12374 TM error packets 0 RK dropped packets 0 TH dropped packets 0 DHCP server Stoped GE ae ae ae ae ac IEEE LEE back ESC refresh logout l exit q gt Figure 66 Status of LAN network connection GPRS EDGE Information The GPRS EDGE information page displays the mobile information mobile connection and mobile statistics about the GWR Router which can be useful in device monitoring and troubleshooting e Modem Manufacturer A character string null terminated describing the modem module e Modem Model A character string null terminated describing the modem module e Modem Serial Number A character string null terminated used as a unique ID per modem module Modem Revision A character string null terminated describing the modem module s firmware version e Operator The Mobile operator e Cell ID The modem reports this as a 4 hex digit string In the mobile statistics it is displayed both as hex and decimal representations For example 00C3 195 e Phone Number SIM card phone number e Signal Strength Returned as a signed integer value 0 zero indicates no signal Signal strength is indicated as a negative value in units of dBm The following scale indicates the signal Strength LED
89. feature is used when both SIM have been enabled You specify the amount of time after which Failover feature brings down current WAN connection SIM2 and brings up previous WAN connection SIMI Click Reload to discard any changes and reload previous settings Enable Failover Geneko 22 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Save Save to save your changes back to the GWR Router Refresh Click Refresh to see updated mobile network status Connect Click Connect Disconnect to connect or disconnect from mobile network Disconnect Table 5 WAN parameters Figure 12 shows screenshot of GSM UMTS tab configuration menu GSM UMTS menu is divided into two parts e Upper part provides all parameters for configuration GSM UMTS connection These parameters can be obtained from Mobile Operator Please use exact parameters given from Mobile Operator e Bottom part is used for monitoring status of GSM UMTS connection create maintain destroy GSM UMTS connection Status line show real time status connected disconnected If your SIM Card credit is too low the GWR Router will performed periodically connect disconnect actions WAN Settings advanced Label Description This field specifies if Advanced WAN settings is enables at the GWR Router Accept Local IP With this option pppd will accept the peer s idea of our local IP addres
90. gure 35 Internet Access Wizard page 3 53 Figure 36 GRE Tunnel Wizard 1 of 4 uiscera HE OX HR ERE HEURE EE 53 Figure 37 GRE Tunnel Wizard 2 of 4 54 Figure 38 GRE Tunnel Wizard 3 0f 4c dessert ni ise p NAH HE Pere 54 Figure 39 GRE Tunrel Wizard 4 0 4 esee eon HE RETIUM OD rp IER 55 Figure 40 IPSec Tunnel Wizard 1 of 55 Figure41 IPSec Tunnel Wizard 2 of 6 uses Dgn ga apaa Pr oH ER PH oH gr e atrii i erg 56 Figure42 IPSec Tunnel Wizard 3 of 6 oceano te E HERRERA 57 Figure 43 IPSec Tunnel Wizard 4 6 57 Figure44 IPSec Tunnel Wizard 5 066 Na RAN n A HEP Pre ra EY Fre eee Aah na 58 Figure 45 IPSec Tunnel Wizard 6 58 Figure 46 Default serial port parameters nennen nennen 59 47 Login MeN p 59 Figure 48 Main configuration menu sese ten tnter neret tenete nennen nnn 60 Figure 49 Network parameters 60 Figure 50 Network parameters 2 61 Figure 51 DHCP Server Config uration ocurrir eee beri Og bs io Eo EHE ER MERE E ANAA RN EM e teen un Ga 61 Figure 52 Primary ierit esie petente aC e b Pe EPIS in 61 4 Geneko HARDWARE 4Gon www 4Gon co uk info 4go
91. hmen RR WT n E mn iHd Antenna OpUONS B Mobile operator GPRS settings ases aa n Pe ds Austria Belgium Brasil Canada COME oes ete E eo GE Czech Republic ESIOTI aana GETMAN Indonesia GA Japan Lithuania LUxemboUtg citet gi aan ga Aan a ska aga pan dada aa jaan ag Yaaa Maced OMAN a Aa Malaysia ssnin ios MEXICO hte ti ens Netherlands sss New Zeleand sess Ph llipines eere lj R IUSSI LEER 2 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Rr p Singapore Slovakia Slovenia South Africa ceneko 3 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Lis
92. ider Generally a VPN has a topology more complex than point to point The distinguishing characteristics of VPNs are not security or performance but that they overlay other network s to provide a certain functionality that is meaningful to a user community Generic Routing Encapsulation GRE Originally developed by Cisco generic routing encapsulation GRE is now a standard defined in RFC 1701 RFC 1702 and RFC 2784 GRE is a tunneling protocol used to transport packets from one network through another network If this sounds like a virtual private network VPN to you that s because it theoretically is Technically a GRE tunnel is a type of a VPN but it isn t a secure tunneling method However you can encrypt GRE with an encryption protocol such as IPSec to form a secure VPN In fact the point to point tunneling protocol PPTP actually uses GRE to create VPN tunnels For example if you configure Microsoft VPN tunnels by default you use PPTP which uses GRE Solution where you can use GRE protocol e You need to encrypt multicast traffic GRE tunnels can carry multicast packets just like real network interfaces as opposed to using IPSec by itself which can t encrypt multicast traffic Some examples of multicast traffic are OSPF EIGRP Also a number of video VoIP and streaming music applications use multicast e You have a protocol that isn t routable such as NetBIOS or non IP traffic over an IP network You could u
93. ield to enter the PreShared Key string Please read the IPSEC section of documentation for the details IPSec Tunnel wizard page 4 of 6 This screen enables you to configure the Phase 1 DH Group Phase 1 Phase 2 and Pre Shared Key h parameters of the IPSec tunnel Phase 1 Encryption Phase 1 Authentication Perfect Forward Secrecy Phase 2 Encryption Phase 2 Authentication Preshared Key Cancel Back Figure 43 IPSec Tunnel Wizard 4 of 6 57 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Step 5 This screen Figure 44 enables you to configure advanced parameters of the IPSec tunnel You can choose a various advanced parameters for the tunnel Please read IPSEC section of the documentation for the details IPSec Tunnel wizard page 5 of 6 This screen enables you to configure the Aggressive Mode Advanced parameters of the IPSec tunnel Compress Support IP Payload Compression Protocol IPComp Dead Peer Deection sec NAT Traversal Cancel Back i Next ij Figure 44 IPSec Tunnel Wizard 5 of 6 Step 6 This screen Figure 45 is a summary of entered parameters on previous pages If the settings are correct click on the Finish button If some of parameters are show in red color that parameters are not entered correctly Please use the Back
94. ies in main menu e Click New button from Untrust to trust zone Source Address 192 168 10 0 24 Destination Address 10 10 10 0 24 Services Any e Click OK 102 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Policies From Untrust Trust SSG140RBGE 2 Name optional new Address Source Address Home address Book Entry 192 168 10 0 24_ O new Address Al Network Destination Add Binding 55 D Address Book 10 0 0 0 24 x DNS Service ANY i Moltiple Application None vj 8021X WEE Filtering Action v Source Interface Antispam enable MCast Routing Tunnel ven None Virtual Routers Modify matching bidirectional VPN policy 1 5 NSRP tete None v 21 Screening Logging at Session Beginning 7 Policies Position at Top VPNs Cancel Advanced Figure 109 Policies from untrust to trust zone e Click Policies in main menu e Click New button from trust to untrust zone Source Address 10 10 10 0 24 Destination Address 192 168 10 0 24 Services e Click OK 103 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router S
95. ith two sites Idea is to create GRE tunnel for LAN to LAN site to site connectivity Ethernet Static WAN 195 200 200 2 Static WAN 195 178 54 1 10 1 1 x LAN Network E n P Cisco Router VPN 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 Site 1 M Figure 77 GRE tunnel between Cisco router GWR Router GRE tunnel is created between Cisco router with GRE functionality on the HQ Site and the GWR Router on the Remote Network In this example it is necessary for both routers to create tunnel interface virtual interface This new tunnel interface is its own network To each of the routers it appears that it has two paths to the remote physical interface and the tunnel interface running through the tunnel This tunnel could then transmit unroutable traffic such as NetBIOS or AppleTalk The GWR Router uses Network Address Translation NAT where only the mobile IP address is visible to the outside outgoing traffic uses the GWR Router WAN VPN mobile IP address Cisco router acts like gateway to remote network for user in corporate LAN It also performs function of GRE server for termination of GRE tunnel The GWR Router act like default gateway for Remote Network and GRE server for tunnel 1 HO router requirements e HQ router require static WAN address e Router or VPN appliance have to su
96. n any space Re enter the new password to confirm it Click Save button to save your changes back to the GWR Router Click Reload to discard any changes and reload previous settings Table 13 Administrator password Maintenance Device Identity Settings Within Device Identity Settings Tab there is an option to define name location of device and description of device function These data are kept in device permanent memory Device Identity Settings window is shown on Figure 23 Device Identity Settings Label This field name of the GWR Router Description This field specifies description of the GWR Router Only for information purpose Location This field specifies location of the GWR Router Only for information purpose ave Click Save button to save your changes back to the GWR Router Reload Click Reload to discard any changes and reload previous settings Table 14 Device Identity parameters 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router CONSOLE istratio ice Identity Settings Settings Name GWR252 B Description Geneko test Location Beograd Reload IP Filtering Maintenance Management al Port Copyright 2008 Geneko All rights reserved http jwww geneko co rs Figure 23 Device Identity Setti
97. n co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Pisure 93 gt Secondary DING 250 aatinaa nasag Gorse no OO MEE DI TER OLDER 61 Figureb54 SIM card selection innt ia nU HR REED nga ana nan ag pah innaka 62 Figure 55 SIM card GSM UMTS eren e nennen nnn 62 Figure 56 GSM UMTS authentication tenente nennen 62 Figure 57 Routing merit ieu ede tede e teet teret evite indie eva e 62 Figure 58 Routing table list of all routes 63 Figure 59 Admitmstration Menu etie eU o DO REQUE NE R 63 Figure 60 Administrator password etuer mr ERA I TENAN FEIER 63 Figure 61 Network diagnostic utility eee emer e Phara 63 Figure 62 Date time parameters nennen nnn 64 Figure 63 LIstiof Restore ise asana an aaa daga 64 ligure 64 Status Menu E TA Ng KE Sn 64 Figure 65 List of basic system 65 Figure 66 Status of LAN network connection seen nnne nennen nenne 66 Figure 67 G5M UM S Status tono nenne anii pH RE THU Ern 67 Figure 68 Configuration wizard s
98. n www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Phase2 Encryption 3DES Phase2 Authentication SHA1 Phase 2SA Life Time 3600 Preshared Key 1234567890 Advanced Aggressive Mode true Compress Support IP Payload Compression Protocol IPComp false Dead Peer Detection DPD false NAT Traversal true Press Save to accept the changes Device 2 Device Tunnel Add New Tunnel Tunnel Number 2 Tunnel Name test Enable v Local Group Setup Local Security Gateway Type Only Address 172 30 147 96 Local Security Group Type Subnet IP Address 192 168 10 0 Subnet Mask 255 255 255 0 Remote Group Setup Remote Security Gateway rYA Type IP Only 1 Address 150 160 170 1 Remote Security Group Type Subnet v IP Address 10 10 10 0 Subnet Mask 255 255 255 0 Figure 92 IPSEC configuration page I for GWR Router Geneko 87 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router IPSec Setup Keying Mode IKE with Preshared key Phase 1 DH Group Group2 Phase 1 Encryption 3DES Phase 1 Authentication 5 1 Phase 1 SA Life Time 28800 seconds Perfect Forward Secrecy
99. ncryption DES Nj Phase 2 Authentication MD5 Phase 2 SA Life Time 3600 seconds Preshared Key Advanced Aggressive Mode Compress Support IP Payload Compression Protocol IPComp Dead Peer Deection 20 sec NAT Traversal Figure 18 IPSec Settings part II VPN Settings IPSec Settings Description This number will be generated automatically and it represents the tunnel number Enter a name for the IPSec tunnel This allows you to identify multiple tunnels and does not have to match the name used at the other end of the tunnel Check this box to enable the IPSec tunnel Select the type you want to use IP Only Only a specific IP address will be able to establish a tunnel NOTE The Local Security Gateway Type you select should match the Remote Security Gateway Type selected on the IPSec device at the other end of the tunnel The WAN or Internet IP address of the Router automatically appears If the Router is not yet connected to the GSM UMTS network this field is without IP address Select the local LAN user s behind the Router that can use this IPSec tunnel IP Address Local Security Group Select the type you want to use IP or Subnet NOTE The Local Security Group Type you select should match the Remote Security Group Type selected on the IPSec device at the other end of the tunnel IP Address Only the computer with a specific IP address will be able to a
100. nd Cisco Router Idea is to create IPSec tunnel for LAN to LAN site to site connectivity Private Static WAN 172 30 147 96 Public Static WAN 150 160 170 1 d LAN 10 10 10 1 Cisco 1841 VPN terminator GWR Initiator LAN 192 168 10 1 LAN 192 168 10 x LAN 10 10 10 x Gateway 192 168 10 1 Gateway 10 10 10 1 Figure 90 IPSec tunnel between GWR Router and Cisco Router The GWR Routers requirements e Static IP WAN address for tunnel source and tunnel destination address e Source tunnel address should have static WAN IP address e Destination tunnel address should have static WAN IP address GSM UMTS Type For GSM UMTS networks GWR Router connections may require a Custom APN A Custom APN allows for various IP addressing options particularly static IP addresses which are needed for most VPN connections A custom APN should also support mobile terminated data that may be required in most site to site VPNs The GWR Router configuration e Click Network Tab to open the LAN NETWORK screen Use this screen to configure LAN settings Configure IP address and Netmask P Address 192 168 10 1 Subnet Mask 255 255 255 0 Press Save to accept the changes 85 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router GWR GONFIGURATION GONSGLE Use the following IP addre
101. nd packets through another connection Click RIP Tab to open the Routing Information Protocol screen Use this screen to configure the GWR Router RIP parameters Figure 14 GWR ROUTER GONFIGURATION GONSOLE Routing Information Protocol Information Routing Manager Informatic Hostname Routet Password zebra 1 Enable log Port to Bind At O User Defined E IP Filtering Default 2601 Maintenance Hostname Prompt name that will be displayed on telnet console Ad istr RIPD Hostname Password zebra Port to Bind At Management Port O User Defined 9 Default 2602 Hostname Prompt name that will be displayed on telnet console For the Routing Information Protocol Manager Port to bind at Local port the service wil listen to Reload Save Routing Information Protocol Status Status stopped Start Stop Restart Figure 14 RIP configuration page HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router RIP Settings Routing Manager RIPD Prompt name that will be displayed on telnet console of the Routing ostname Information Protocol Manager Login password Local port the service will listen to J X s ah Routi
102. necessary that the user performs system reset Select Firmware Browse Copyright 2008 Geneko All rights reserved http jwww geneko co rs Figure 26 Update Firmware page In order to activate new firmware version it is necessary that the user performs system reset In the process of firmware version change all configuration parameters are lost and after that the system continues to operate with default values Maintenance Settings Backup This feature allows you to make a backup file of your preferences file for the GWR Router To save the backup file you need to export the configuration file To use the backup preferences file you need to import the configuration file that you previously exported Import Configuration File To import a configuration file first specify where your backup configuration file is located Click Browse and then select the appropriate configuration file After you select the file click Import This process may take up to a minute Restart the Router in order to changes will take effect Export Configuration File To export the Router s current configuration file click Export Geneko HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Opening confFile bkg You have chosen to open confFile bkg which is BKG file From http 10 0 10 150 What should
103. nfigure the GWR Router Step 1 This screen Figure 40 enables you to configure the LAN settings IP Address In this field you must enter the local LAN address of the router e Netmask This is the netmask of the local LAN address of the router e Local DNS This field holds the address of the local DNS server that you want to use IPSec Tunnel wizard page 1 of 6 This wizard helps you to easily IP Address 10 0 10 150 configure the IPSec tunnels Subnet Mask 255 255 255 0 Local DNS This screen enables you to configure the LAN settings Cancel Figure 40 IPSec Tunnel Wizard 1 of 6 Step 2 This screen Figure 41 enables you to configure the GSM settings e Provider Enter the name for the Internet connection Authentication In this menu you can choose the type of the PPP authentication e Username Enter the username for your Internet connection This username is provided by your GSM mobile provider Geneko 55 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Password Enter the password for your Internet connection This password is provided by your GSM mobile provider e Dial string Enter the dial string for your Internet connection This dial string is provided your GSM mobile provider In most cases you do not need to change this field e Initial string Enter the initial string for yo
104. nformation Settings RERO PR Pe Settings DHCP SSerV8r Pere ert tbe n te ete Settings Setting reset ea HI IER HEAT TERRI UI ERETEIR I Settings Routirig inse RH I HERE cH ERES ETT Eee HERR Ree SEPT Port translation sse Settings Dynamic Routing Protocol Routing Information Protocol RIP routing engine for the GWR Router Settings VPN 5 Generic Routing Encapsulation GRE GRE aane eaaa anana anana nean nana nana an Internet Protocol Security 5 Settings IP Filtering ssssssssssseseseeeeeeeetetn tette tenente tenente tette tette nnns IP Filtering configuration MAINTENANCE eee ccccessessesessesecsescesscsesecsecsesssesesessessessssesseseseeceesecsssessassessessesessesaesesaesaesecaecseseesecaesaeeasseeaes Maintenance Administrator Password sse nnne nnne rnnt nnns 40 Maintenance Device Identity Settings oo sss netten 41 Maintenance Date Time nete nenen anane nenen ane 42 Maintenance DiagrnioSLICs sciet er
105. ng Information Protocol Status Start RIP Stop Stop RIP estart Restart RIP Click Save to save your changes back to the GWR Router Click Reload to discard any changes and reload previous settings Table 8 RIP parameters RIP routing engine for the GWR Router Use telnet to enter in global configuration mode telnet 192 168 1 1 2602 telnet to 0 at TCP port 2602 To enable RIP use the following commands beginning in global configuration mode router router rip To associates a network with a RIP routing process use following commans routerf network A B C D Mask By default the GWR Router receives RIP version 1 and version 2 packets You can configure the GWR Router to receive an send only version 1 Alternatively tou can configure the GWR Router to receive and send only version 2 packets To configure GWR Router to send and receive packets from only one version use the following command routerf rip version 1 2 Same as other router Disable route redistribution router no redistribute kernel router no redistribute static router no redistribute connected Geneko 28 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Disable RIP update optional router passive interface eth0 router no passive interface eth0 Routing protocols use several timer that determine such variables as the frequency of routing updates
106. ngs configuration page Maintenance Date Time Settings To set the local time select Date Time Settings using the Network Time Protocol NTP automatically or Set the local time manually Date and time setting on the GWR Router are done through window Date Time Settings GWR ROUTER GONFIGURATION Administration Date Time Settings Current Date and Time Date 2009 02 07 Time 13 53 51 Date and Time Setup uting Protocol Set Manually Date 2009 w 02 w 07 IP Filtering Time 13 53 5 Sync Clock With Client Time Server Time Protocol NTP 1305 5 Time Server Address Management Time Zone GMT Western Europe Time London Lisbon Casablanca Monrovia y Serial Port Reload Copyright 2008 Geneko All rights reserved http www geneko co rs Figure 24 Date Time Settings configuration page 42 Geneko MARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Date Time Settings Label Description Set Manually Sets date and time manually as you specify it This field species Date and Time information You can change date and time changing parameters Clock With Client Date and time setting on the basis of PC calendar From Time Server Sets the local time using the Network Time Prot
107. ocol NTP automatically Enter the URL or IP address of the NTP server Time Zone Select your time zone Save Click Save button to save your changes back to the GWR Router Click Reload to discard any changes and reload previous settings Table 15 Date time parameters G 43 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Maintenance Diagnostics The GWR Router provide built it tool which is used for troubleshooting network problems The ping test bounces a packet of machine on the Internet back to the sender This test shows if the GWR Router is able to conect the remote host If users on the LAN are having problems accessing service on the Internet try to ping the DNS server or other machine on network Click Diagnostic tab to provide basic diagnostic tool for testing network connectivity Insert valid IP address in Hostname box and click Ping Every time you click Ping router sends four ICMP packets to destination address Before using this tool make sure you know the device or host s IP address Geneko GWR ROUTER CONFIGURATION CONSOLE HARDWARE Administration Diagnostics Ping Utility Ping the IP address of a device in order to communicate with it IP Address 10 011088 Response Average response time is 1ms Average response time is 0 9ms Average response time is 1 5ms Average response time is 0 95 All right
108. onal Settings Gateway IP 10 250 250 250 or blank EM Port 9201 or blank 207 236 197 199 Port 9203 cellularlwap 207 236 197 199 Port 9203 wap gocbw com cbw 216 68 79 199 Port 9201 Gateway IP former AT amp T nn d Port 9201 or blank WAPO CINGULARGPR MediaWorks S 7 COM EON ERE DMA and n puni DU 7 7 oe 4 eneko B 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router 7 blank Your blank Your TMobile T MOE T MOBILE Zone Username Password DNS 2 internet2 voicestream c blank 216 155 175 105 deme in 216 155 175 106 int t3 voicestream T Mobile VPN blank blank 216 155 175 105 216 155 175 106 115 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299
109. ord LLL LLL LLL E E E E Administrator password IEEE 1 Username tadnin 2 Password admin 3 Enable password authentication back ESCs logout lt exit q gt Figure 60 Administrator password The GWR Router has basic diagnostic tool Ping for testing network connectivity If you want to use Ping utility please use Diagnostic under Administration menu Figure 61 EER Ping utilitu LXXX E LLL LL LL 1 Ping IP Address of device i 2 Number of retries 1 3 Packet size 56 d Ping back ESCs logout lt exit q gt Figure 61 Network diagnostic utility If you want to setup change time and date parameters choose Date time settings Figure 62 Geneko 63 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Date Time settings Lc 1 Date 01 01 1970 2 Time 02 05 27 EE back ESC refresh logout l exit q gt Figure 62 Date time parameters If you want to resto
110. ough Username and Password mechanism Within this menu change of authorization data Username Password is also done Administer Password Tab window is shown on Figure 22 NOTE The password cannot be recovered if it is lost or forgotten If the password is lost or forgotten you have to reset the Router to its factory default settings this will remove all of your configuration changes GWR ROUTER CONSOLE Administration Administrator Password Password User Name admin Old Password Y Enable Password Authentication New Password Confirm Password COT Maintenance Copyright 2008 Geneko All rights reserved http jwww geneko co rs Figure 22 Administrator Password configuration page 40 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Administrator Password Description Username This field specifies Username for user administrator login purpose Enter the old password The default is admin when you first power up the GWR Old Password Router Enable Password By this check box you can activate or deactivate function for authentication when Authentication you access to web console application Enter a new password for GWR Router Your password must have 20 or fewer New Password characters and cannot contai
111. out lt exit gt Figure 57 Routing menu Geneko 62 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Routing table Destination Gateway Flags Metric Ref Use Iface 10 0 0 0 0 0 0 0 2e55 255 255 0 U 0 0 0 127 0 0 0 0 0 0 0 255 0 0 0 u 0 0 0 lo GE KE GE OE ka a an a a kn a a kn a a aa r ESCs refresh rz logout 1 exit 4 gt Figure 58 Routing table list of all routes Administration Administration menu is available under option 5 Figure 48 The changes in settings will apply after pressing button and saving configuration data OC Administration c cc 1 Administrator password 2 Diagnostic 3 Date Time settings 4 Reboot 5 Factory default settings Ge de ae ae ae ae ae ae ae ae ae ae ae ae ae ae ae ae ae ae ae ae ae ae ae ae eae ae ae ae ae ae eae ae ae ae eee ae ae ae EES ae e SEES back ESC logout 1 exit Figure 59 Administration Menu If you want to change default username password please choose option 1 Administrator passw
112. p mroute cache duplex auto Speed auto crypto map GWR interface FastEthernet0 1 description LAN INTERFACE ip address 10 10 10 1 255 255 255 0 ip nat inside no ip route cache no ip mroute cache duplex auto Speed auto route 0 0 0 0 0 0 0 0 150 160 170 2 89 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router ip http server no ip http secure server ip nat inside source list nat list interface FastEthernet0 0 overload ip access list extended nat list deny 10 10 10 0 0 0 0 255 192 168 10 0 0 0 0 255 permit 10 10 10 0 0 0 0 255 access list 23 permit any 11 0 line au lt 0 line vty 0 4 access class 23 in privilege level 15 login local transport input telnet ssh line vty 5 15 access class 23 in privilege level 15 login local transport input telnet ssh Use this section to confirm that your configuration works properly Debug commands that run on the Cisco router can confirm that the correct parameters are matched for the remote connections show ip interface Displays the IP address assignment to the spoke router show crypto isakmp sa detail Displays the IKE SAs which have been set up between the IPsec initiators show crypto ipsec sa Displays the IPsec SAs which have been set up between the IPsec initiators debug crypto isakmp
113. perating system e OS Version The current OS version CPU Utilization The amount of CPU resources being used by the GWR Router Up Time The amount of time the GWR Router has been running since it was last powered on or rebooted e Total Used Free Memory The amount of memory RAM available currently in use and currently not being used 64 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router e MAC Address A unique network identifier All network devices are required to have their own unique MAC address The MAC address is on a sticker on you re the GWR Router The number is displayed as 12 hexadecimal digits usually starting with 00 1E 5C General LXXX LXI c ccc Model GWR251 S Firmware version 1 1 7 s 0S3 Linux OS version 2 6 8 1 crus2 0 8 CPU utilization CirrusLogic ARMY EP9302 200Mhz Up time 02 07 31 Total memoru 29520 Used memory 25784 Free memory 3736 address 00 1 5 00 00 02 back ESCs refresh logout 1 exit gt Figure 65 List of basic system parameters Network Information The Network information Figure 66 is used to view more detailed network statistics that may aid in troubleshooting network communication problems The statistics displayed are those gathered since the t
114. possible remote access on the GWR Router Demilitarized Zone DMZ allows one IP Address to be exposed to the Internet Because some applications require multiple TCP IP ports to be open DMZ provides this function by forwarding all the ports to one computer at the same time In the other words this setting allows one local user to be exposed to the Internet to use a special purpose services such as Internet gaming Video conferencing and etc It is recommended that you set your computer with a static IP if you want to use this function IP Filtering Label Description IP Filtering Disable all This field specifies if Firewall and DMZ settings are disabled at the GWR Router Enable Firewall This field specifies if Firewall is enabled at the GWR Router Enable DMZ This field specifies if DMZ settings is enabled at the GWR Router Allow access from the following devices Enable This check box allows forbidden host to access to the GWR Router IP address This field specifies IP address of the host allow access to the GWR Router Service This field specifies service of the host allow access to the GWR Router Protocol This field specifies protocol of the host allow access to the GWR Router Port This field specifies port of the host allow access to the GWR Router dd Click Add to insert add new item in table to the GWR Router Remove Click Remove to delete selected item from table
115. pport GRE protocol e Tunnel peer address will be the GWR Router WAN s mobile IP address For this reason a static mobile IP address is preferred on the GWR Router WAN GPRS side Remote Subnet is remote LAN network address and Remote Subnet Mask is subnet of remote LAN Geneko HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router 2 The GWR Router requirements e Static IP WAN address Peer Tunnel Address will be the HQ router WAN IP address static IP address e Remote Subnet is HO LAN IP address and Remote Subnet Mask is subnet mask of HO LAN GSM UMTS Type For GSM UMTS networks GWR Router connections may require a Custom APN A Custom APN allows for various IP addressing options particularly static IP addresses which are needed for most VPN connections A custom APN should also support mobile terminated data that may be required in most site to site VPNs Cisco router sample Configuration Interface FastEthernet 0 1 ip address 10 2 2 1 255 255 255 0 description LAN interface interface FastEthernet 0 0 ip address 195 178 54 1 255 255 255 0 description WAN interface interface 10 ip address 10 1 1 1 255 255 255 0 tunnel source FastEthernet0 0 tunnel destination 195 200 200 2 ip route 10 1 1 0 255 255 255 0 tunnelO The GWR Router Sample Configuration e Click Network Tab to open the LAN NETWORK screen Use this screen
116. present GSM mobile interface of the GWR Router VPN Traffic redirection This check box allows you to activate deactivate this static Protocol translation Encapsulated Security Payload ESP protects the IP packet data from third party interference by encrypting the contents using symmetric cryptography algorithms Unlike AH the IP packet header is not protected by ESP ESP operates directly on top of IP using IP protocol number 50 Generic Routing Encapsulation GRE is a tunneling protocol designed to encapsulate a wide variety of network layer packets inside IP tunneling packets The original packet is the payload for the final packet GRE creates a virtual point to point link with routers at remote points on an IP Internet work GRE uses IP protocol number 47 This field specifies IP address of the VPN server on local area network VPN tunnel ends at this VPN server You must use VPN tunnel option when configuring VPN connection because of NAT TCP UDP Traffic redirection This check box allows you to activate deactivate this static port translation This is the IP protocol type This is the TCP UDP port of incoming traffic Dest IP address This field specifies IP address of the Virtual server Computer on the LAN where traffic is redirected This is the TCP UDP port of application E Click Add to insert add new item in table to the GWR Router Click Remove to delete selected item from table N Click Reload
117. r of transmitted packets number of errors dropped packets LL LLL LLL E E E LLL GPRS EDGE information LLL ccc Mobile information Modem manufacturer SIEMENS Modem model SIEMENS MC75 Modem serial number 35563400348027 1 Modem revision REVISION 03 010 Operator t YU MOBTEL Cell ID 04C6 Phone number Signal strength 59dB Mobile connection Protocol unknown WAN address unknown PPP address unknown Primaru DNS address unknown Secondary DNS address unknown Mobile statistics Data receiced Data transmitted RK packets TX packets RK error packets error packets RK dropped packets TX dropped packets LLL LL ak r ESC refresh logout lt exit 2 kkkk KK KK KK KK KKK KK KK KK KK KK K X OK OK KKK KK KK KK KK K KK KK KK KK KK K Figure 67 GSM UMTS status Configuration Wizard To enter the Configuration wizard select the Configuration wizard menu item in Custom Setup In this version of router s software you are able only to see routing table and not to add change routes For add edit remove routes please use web configuration Configuration wizard kakak akak 1 Internet configuration 2 VPN GRE tunneling akak EEE
118. r the physical connection has been broken e g the modem has hung up in situations where no hardware modem control lines are available If this option is given pppd will send an LCP echo request frame to the peer every n seconds Normally the peer should respond to the echo request by sending an echo reply This option can be used with the Icp echo failure option to detect that the peer is no longer connected LCP Echo Interoal Add a default route to the system routing tables using the peer as the gateway Add a default route when IPCP negotiation is successfully completed This entry is removed when the PPP connection is broken Table 6 Advanced WAN Settings 24 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Settings Routing The static routing function determines the path that data follows over your network before and after it passes through the GWR Router You can use static routing to allow different IP domain users to access the Internet through the GWR Router Static routing is a powerful feature that should be used by advanced users only In many cases it is better to use dynamic routing because it enables the GWR Router to automatically adjust to physical changes in the network s layout The GWR Router is a full functional router with static routing capability Figure 13 show screenshot of Routing Menu GWR ROUTER G
119. re 72 GRE configuration page for GWR Router 1 e Click Routing on Settings Tab to configure GRE Route Parameters for this example are Destination Network 192 168 2 0 Netmask 255 255 255 0 Interface gre x GWR ROUTER GONSOLE Status Gene Routing table Local network Enable Dest Network Netmask Gateway Metric Interface 10 0 0 1 255 255 255 255 E 0 0 100100 255 255 255 0 0 gt Routing table Enable Dest Network Netmask Gatew Metric Interface Action v 0000 0 0 0 0 1 ppp Rem v 192 168 2 0 255 255 255 0 1 grel Rem al Add Forward protocol connections from external networks to the following internal devices Enable Tunneling Protocol Send to GRE 10 0 0 1 E 10 0 0 2 Forward TCP UDP connections from external networks to the following internal devices Enable Protocol Source Port Dest IP Address Destination Port Action Logout Add Seve Figure 73 Routing configuration page for GWR 1 e Optionally configure IP Filtering and TCP service port settings to block any unwanted incoming traffic Onthe device connected on GWR router 1 setup default gateway 192 168 4 1 d MARDWARE 4Gon www 4Gon co uk info 4gon co uk
120. re REC 61 GPRS EDGE HSDPA Settings 61 eUam 62 Administration csetera un re en bee quen qd ad 63 Su nPeme M 64 General System Information sse tette tnnt tnter tret 64 Network Information sese tete 65 GPRS EDGE 2 wawan wawan 66 Config ration Wizard edendi en E 67 CONFIGURATION YR RM 68 GWR Router as Internet Router sss enne etre nenen anana naen nnn 68 GRE Tunnel configuration between two GWR Routers sss 69 GRE Tunnel configuration between GWR Router and third party 74 IPSec Tunnel configuration between two GWR Routers sse 78 IPSec Tunnel configuration between GWR Router and Cisco 85 IPSec Tunnel configuration between GWR Router and Juniper SSG firewall 91 naa P L M 105 A How to Achieve Maximum Signal Strength with GWR 105 Antenna placement vendo anne
121. re factory default settings you have to possibilities Factory default settings can be applied with default network parameters and without default network parameters The default IP address of the router is 192 168 1 1 Option 1 Settings with default network params enable you to restore full factory default settings and option 2 Settings without default network params enable you to restore default settings without changing network parameters EE IEEE Factou default settings 1 Settings with default network params 2 Settings without default network params back ESCs logout lt exit q gt Figure 63 List of Restore option Status If you want to monitor system and check statuses please choose option Status in Custom menu There are options for monitoring LAN and wireless parameters as well as global router parameters Status 1 General 2 Network information 3 GPRS EDGE information back ESC logout 1 exit q gt Figure 64 Status Menu General System Information The General page Figure 65 displays the following information about the GWR Router which can be useful in device monitoring and troubleshooting Model The model of the GWR Router device e Firmware Version The current firmware version This information may be used to help locate and download new firmware e OS The o
122. rk of the GWR Router The DHCP server will not operate if this configuration does not meet this requirement reservation IP address must not be the same as the IP address of the DHCP server itself It must a valid IP address in the subnetwork of the DHCP server The DHCP server will ignore a reservation that does not meet these requirements An IP address exclusion range must specify valid IP addresses in the subnetwork of the DHCP server The DHCP server will ignore an exclusion that does not meet this requirement Copyright 2008 Geneko All rights reserved hitp jjwww geneko co rs Figure 11 DHCP Server configuration page El MARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Settings WAN Setting Click WAN Settings Tab to open the Wireless screen Use this screen to configure the GWR Router GPRS EDGE UMTS HSDPA parameters Figure 12 GWR ROUTER CONFIGURATION CONSOLE HARDWARE Status WAN Settings information SIM1 SIM 2 Y Enabled Enabled Provider telenor Provider telekom Authentication Authentication Routing a A a Dynamic Routing Protocol Username geneko Username mts RIP Password geneko Password Dial string ATD 99 1 amp Dial string RIP VPN Settings Initial string at cgdcont 1 Tnitial string
123. rmation Network Information Tab provides information about Ethernet port and Ethernet traffic statistics Screenshot of Network Router information is shown at Figure 8 Status WAN Information WAN Information Tab provides information about GPRS EDGE UMTS HSDPA connection and GPRS traffic statistics WAN information menu has three sub menus which provide information about GPRS EDGE UMTS HSDPA mobile module manufacturer and model Mobile operator and signal quality Mobile traffic statistics Screenshot of WAN Router information is shown at Figure 9 17 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router ceneko GWR ROUTER CONFIGURATION CONSOLE HARDWARE Status Status Network Information General ork Information Network Statistics WAN Information 00 1e 5 00 02 8d Technology Address Netmask 105 Data Received 174432 RX 1540 RX Error RX Dropped IP Filtering Data 312877 567 TX Error TX Dropped Maintenance Transmi 312877 Packets Packets ts 0 DHCP Server stopped Management Serial Port NMP Logout Copyright 2008 Geneko All rights reserved Figure 8 Network Information Status WAN Information Mobile Information Modem Manufacturer SIEMENS Status Modem SIEMENS MC75 Modem Serial Number
124. s even if Address the local IP address was specified in an option Accept Remote IP With this option pppd will accept the peer s idea of its remote IP address even Address if the remote IP address was specified in an option Idle time before Specifies that pppd should disconnect if the link is idle for seconds The link is disconnect sec idle when no data packets are being sent or received Refuse PAP With this option pppd will not agree to authenticate itself to the peer using PAP Require PAP Require the peer to authenticate using PAP Password Authentication Protocol authentication Refuse CHAP With this option pppd will not agree to authenticate itself to the peer using CHAP Require the peer to authenticate using CHAP Challenge Handshake Authentication Protocol authentication wend challenge Set the maximum number of CHAP challenge transmissions to n default 10 transmissions CHAP restart interval Set the CHAP restart interval retransmission timeout for challenges to n sec seconds default 3 Refuse MS CHAP option pppd will not agree to authenticate itself to the peer using MS Refuse MS CHAPv2 With this option pppd will not agree to authenticate itself to the peer using MS CHAPv2 Refuse EAP With this option pppd will not agree to authenticate itself to the peer using EAP Enables connection debugging facilities If this option is given pppd will log the Connection debugging conten
125. s Tab to configure parameters necessary for GSM UMTS connection All parameters necessary for connection configuration should be required from mobile operator e Check the status of GSM UMTS connection WAN Settings Tab If disconnected please click Connect button e Click VPN Settings gt IPSEC to configure IPSEC tunnel parameters Click Add New Tunnel button to create new IPSec tunnel Tunnel parameters are Add New Tunnel Tunnel Name test Enable true e Local Group Setup Local Security Gateway Type IP Only IP Address 172 29 8 4 Local Security Group Type IP IP Address 10 0 10 1 Remote Group Setup Remote Security Gateway Type IP Only IP Address 172 29 8 5 Remote Security Group Type IP IP Address 192 168 10 1 e IPSec Setup Keying Mode IKE with Preshared key Phase 1 DH group Group 1 Phase1 Encryption DES Phase1 Authentication MD5 Phase 1 SA Life Time 28800 Perfect Forward Secrecy true Phase 2 DH group Group 1 Phase2 Encryption DES Phase2 Authentication MD5 Phase 2SA Life Time 3600 Preshared Key 1234567890 19 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Advanced Aggressive Mode true Compress Support IP Payload Compression Protocol IPComp false Dead Peer Detection DPD false NAT Traversal true Press Save to accept the changes Device 2 Devic
126. s reserved Figure 25 Diagnostic page Maintenance Update Firmware You can use this feature to upgrade the GWR Router firmware to the latest version If you need to download the latest version of the GWR Router firmware please visit Geneko support site Follow the on screen instructions to access the download page for the GWR Router If you have already downloaded the firmware onto your computer click Browse button on Update firmware Tab to look for the firmware file After selection of new firmware version through Browse button mechanism the process of data transfer from firmware to device itself should be started This is done by Upload button The process of firmware transfer to the GWR device takes a few minutes and when it is finished the user is informed about transfer process success NOTE The Router will take a few minutes to upgrade its firmware During this process do not power off the Router or press the Reset button 44 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router GONFIGURATION CONSOLE Administration Update Firmware Update Caution 1 Upgrading firmware will take a few minutes please wait and do not turn off the power or press the reset button 2 Please don t close the window or disconnect the link during the upgrade process 3 In order to activate new firmware version it is
127. s static route This parameter specifies the IP network address of the final destination Routing is always based on network number If you need to specify a route to a single host use a subnet mask of 255 255 255 255 in the subnet mask field to force the network number to be identical to the host ID Dest Network This parameter specifies the IP netmask address of the final destination Geneko 25 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router This is the IP address of the gateway The gateway is a router or switch next hope on the same network segment as the device s LAN or WAN port The gateway helps forward packets to their final destinations Gateway For every routing rule enter the IP address of the gateway Please notice that ppp interface has only one default gateway provided by Mobile operator and because of that that there is no option for gateway when you choose 0 interface Metric represents the cost of transmission for routing purposes IP routing uses hop count as the measurement of cost with a minimum of 1 for directly connected networks Enter a number that approximates the cost for this link The number need not be precise but it must be between 1 and 15 In practice 2 or 3 is usually a good number Interface represents the exit of transmission for routing purposes In this case Eth0 represent LAN interface an ppp0 re
128. se GRE to tunnel IPX AppleTalk through an IP network e You need to connect two similar networks connected by a different network with different IP addressing Click VPN Settings Tab to open the VPN configuration screen At the Figure 15 you can see screenshot of GRE Tab configuration menu VPN Settings GRE Tunneling Parameters Defines the time interval in seconds between transmitted keepalive packets Enter a number from 3 to 60 seconds Defines the number of times retry after failed keepalives before determining that the tunnel endpoint is down Enter a number from 1 to 10 times 30 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Add Click Add to insert add new item in table to the GWR Router Click Remove to delete selected item from table Click Reload to discard any changes and reload previous settings Click Save to save your changes back to the GWR Router Table 9 GRE parameters GWR ROUTER GONFIGORATION GONSOLE VPN Settings GRE Generic Routing Encapsulation GRE Tunneling Local Tunnel Local Tunnel Tunnel KeepAlive a 2 5 Enable Address Netmask Tunnel Source Destination Interface Enable Period Retries Action 1010102 255 255 255252 172277682 172 27 76 80 gel
129. serial RS 232C port DB 9 interface using following credentials user admin and initial password admin Console port allows partial administration configuration and control options The GWR Router serial port configuration 4 Read and follow the User Manual 5 Connecta serial console cable to the RJ45 console port 6 Serial port parameters e Baud rate 57600 e Data bits 8 e Parity None e Stop bits 1 e Flow control None COM1 Properties p Port Settings Bits per second 57600 Parity None Stop bits 1 Flow control None Figure 46 Default serial port parameters Configuration may be performed by following credentials the user admin with initial password admin FEES SEE EEE EEE EEE SESE ESSE Log in LII LL LL Enter username gt admin Enter passwuord gt f Figure 47 Login menu 59 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router After successfully finished process of authentication of username password you can access Custom Setup menu which is shown at Figure 48 For navigation through menu please use following tips The changes in settings will be applied after pressing Q button and process of saving configuration data If you change network parameters router will r
130. ss IP Address 1001011 Subnet Mask 255 255 255 0 Local DNS 195 78 6 36 Reload Save Copyright 2008 Genek reserved 08 Geneko Al rights http www geneko rs Figure 91 Network configuration page for GWR Router e Use SIM card with a static IP address obtained from Mobile Operator e Click WAN Settings Tab to configure parameters necessary for GSM UMTS connection parameters necessary for connection configuration should be required from mobile operator e Check the status of GSM UMTS connection WAN Settings Tab If disconnected please click Connect button e Click VPN Settings gt IPSEC to configure IPSEC tunnel parameters Click Add New Tunnel button to create new IPSec tunnel Tunnel parameters are e Add New Tunnel Tunnel Name test Enable true e Local Group Setup Local Security Gateway Type IP Only IP Address 172 30 147 96 Local Security Group Type Subnet IP Address 192 168 10 0 Subnet Mask 255 255 255 0 Remote Group Setup Remote Security Gateway Type IP Only IP Address 150 160 170 1 Remote Security Group Type IP IP Address 10 10 10 0 Subnet Mask 255 255 255 0 e IPSec Setup Keying Mode IKE with Preshared key Phase 1 DH group Group 2 Phase 1 Encryption 3DES Phase 1 Authentication SHA1 Phase 1 SA Life Time 28800 Perfect Forward Secrecy true Phase 2 DH group Group 2 86 HARDWARE 4Go
131. ss from the following devices Enable IP Address Service Protocol Port Action v 19216811 IMP v Rem 19216821 All Traffic TCP UDP 1 65535 Rem 19216831 Custom v 222 Rem v 19216841 Custom 69 Rem All Traffic TCP UDP 1 65535 Add Allow access from the following networks Enable IP Address Subnet Mask Service Protocol Port Action All Traffic TCP UDP 1 65535 Add Caution Carefully review settings before applying changes Incorrect settings can make GWR Router inaccessible from the network Demilitarized Zone Host Settings Logout DMZ Private IP Address Copyright 2 All rights reserved Figure 21 IP Filtering settings Geneko 39 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Maintenance The GWR Router provides administration utilities via web interface Administrator can setup basic router s parameters perform network diagnostic update software or restore factory default settings Maintenance Administrator Password By Administrator Password Tab it is possible to activate and deactivates device access system thr
132. t Stop Refresh Press Refresh button to re check IPSec tunnels status Tunnel status description started ipsec is running and tunnels waiting for other end to connect stopped ipsec is not rumning tunnel is nct enabled Logout Copyright 2008 Geneko All rights reserved http www aeneko rs Figure 99 IPSec start stop page for GWR Router e the device connected on GWR router setup default gateway 192 168 10 1 94 MARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router The Juniper SSG firewall configuration Step1 Create New Tunnel Interface e Click Interfaces on Network Tab Network gt Interfaces List SSGI40RBGE 2 List 20 per page List 14 Interfaces Xe J TumellF vj ethernet0 0 10 0 0 250 24 etherneto 1 Em DMZ etherneto 2 EE Untrust ethernet0 3 10 0 10 254 24 Trust etherneto 4 0 0 0 0 0 Null ethernet0 5 0 0 0 0 0 ethernet0 6 0 0 0 0 0 ethernet0 7 0 0 0 0 0 B ethernet0 8 0 0 0 0 0 etherneto 9 0 0 0 0 0 Unused tunnel i unnumbered Tunnel tunnel 2 unnumbered Untrust Tunnel 0 0 0 0 0 Figure 100 Network Interfaces list e Bind New tunnel interface to Untrust interface outside int with public IP addresss e Use unnumbered optuion for
133. t of Figures 1 8 Figure 2 Router front pannel isc asarana ttr ihr e DR Kaga AI NGA KESAEN an 11 Figure23 GWR Router back panel eene iere aa S HERRERA E 11 Figure 4 Router top panel 2 12 Figureb5 Declaration of CONTO sasasi anana reine ia ipa Et ees 14 Figure 6 Userau thentiCatlOD seni HERO RP THEE APRES HERD ee rope 15 Figure 7 General Router 17 Figure 5 Network InformoatiOri a teens Ka tei hereto a ERE Knie Pea HEN AA EY eee ANG ir Ee 18 Figure 9 WAN Information dene beb eerie e ne ene ee erre PR AERE EAE TER YE 18 Figure 10 Network parameters configuration page sse anane 19 Figure 11 DHCP Server configuration 21 Figure 12 WAN Settings configuration Page 22 Figure 13 Routing configuration page 25 Figure 14 configuration Pase ad dasane en iei e ERRARE SEE YN MH FR ANTO ERE EMEN EXER EM ERE Sue Ra 27 Figure 15 GRE tunnel parameters configuration page 31 16 ePi eO net 32
134. te of protocols for securing IP communications by authenticating and encrypting each IP packet of a data stream Simple Network Management Protocol is used in network management systems to monitor network attached devices for conditions that warrant administrative attention RIP The Routing Information Protocol is a dynamic routing protocol used in local and wide area networks NTP The Network Time Protocol is a protocol for synchronizing the clocks of router Failover Failover Ser2net Configuration Serial to Ethernet converter WEB Application HTTP based Remote configuration Access to web interface over mobile network Configuration via serial console basic functionality full functionality Wizards Internet access GRE Tunnel IPSec Tunnel Default reset File Management by external taster and configuration application Upload firmware Backup configuration Table 2 GWR Router features HARDWARE 10 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Product Overview Front panel On the front panel Figure 2 the following connectors are located RJ45 connector Ethernet port for connection into local computer network RJ45 connector for RS232 serial communication
135. the length of time before a route becomes invalid an other parameters You can adjust these timer to tune routing protocol performance to better suit your internetwork needs Use following command to setup RIP timer router timers basic UPDATE INTERVAL INVALID TIMEOUT GARBAGE COLLECT router no timers basic Configure interface for RIP protocol router interface greX router rip send version VERSION router ip rip receive version VERSION Disable rip authentication at all interface router interface no ip rip authentication mode md5 text Debug commands router debug rip router debug rip events router debug rip packet router terminal monitor Geneko 29 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Settings VPN Settings Virtual private network VPN is a communications network tunneled through another network and dedicated for a specific network One common application is secure communications through the public Internet but a VPN need not have explicit security features such as authentication or content encryption VPNs for example can be used to separate the traffic of different user communities over an underlying network with strong security features A VPN may have best effort performance or may have a defined Service Level Agreement SLA between the VPN customer and the VPN service prov
136. thentication type These parameters you will get from your Mobile provider The changes in settings will apply after pressing Q button and saving configuration data eMe EIE IEEE e MICE IEEE EIE IEEE SIM card 1 Ge de ae e e e e e e Ie e e e IE IE a OLEI Authentication Username Password 064 Dial string at cegdcont 1 IP RBPN1 Initial string BTD 99 x x149 Number of retries 6 SIM enable ESC logout 1 exit gt Figure 55 SIM card GSM UMTS configuration Ruthentication GE de ae de ae ee e e Ie e e 1 2 3 CHAP E ESCs logout 1 exit gt Figure 56 GSM UMTS authentication Routing To enter the Routing configuration select the Routing menu item in Custom Setup In this version of router s software you are able only to see routing table and not to add change routes For add edit remove routes please use web configuration IE EIE IE IEEE IE GIC OEC GIC EIE IEEE IE E E Routing cc aE E 1 Routing table r ESC log
137. ts of all control packets sent or received in a readable form Maximum Transmit the MTU Maximum Transmit Unit value to n Unless the peer requests Unit bytes smaller value via MRU negotiation pppd will request that the kernel networking 23 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router code send data packets of no more than n bytes through the PPP network interface Set the MRU Maximum Receive Unit value to n Pppd will ask the peer to send packets of more than bytes The value of n must be between 128 and 16384 the default is 1500 Disable Van Jacobson style TCP IP header compression in both directions ction ID Disable the connection ID compression option in Van Jacobson style TCP IP header compression With this option pppd will not omit the connection ID byte P from Van Jacobson compressed TCP IP headers Protocol POM Disable protocol field compression negotiation in both directions Compression gu Disable Address Control compression in both directions Compression EIU Disable or enable accept or agree to Predictor 1 compression Compression BSD Compression Disable or enable BSD Compress compression Deflate Compression Disable or enable Deflate compression Disable CCP Compression Control Protocol negotiation This option should only be required if the peer is buggy and gets
138. ty Group Type Subnet IP Address 192 168 10 0 Subnet Mask 255 255 255 0 Remote Group Setup Remote Security Gateway Type IP Only IP Address 150 160 170 1 Remote Security Group Type IP IP Address 10 10 10 0 Subnet Mask 255 255 255 0 e IPSec Setup Keying Mode IKE with Preshared key Phase 1 DH group Group 2 Phase 1 Encryption 3DES Phase 1 Authentication SHA1 Phase 1 SA Life Time 28800 Perfect Forward Secrecy true Phase 2 DH group Group 2 92 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Phase2 Encryption 3DES Phase2 Authentication SHA1 Phase 2SA Life Time 3600 Preshared Key 1234567890 Advanced Aggressive Mode true Compress Support IP Payload Compression Protocol IPComp false Dead Peer Detection DPD false NAT Traversal true Press Save to accept the changes Device 2 Device Tunnel Add New Tunnel Tunnel Number 2 Tunnel Name test Enable v Local Group Setup Local Security Gateway Type Only Address 172 30 147 96 Local Security Group Type Subnet IP Address 192 168 10 0 Subnet Mask 255 255 255 0 Remote Group Setup Remote Security Gateway honc Type IP Only Address 150 160 170 1 Remote Security Group Type Subnet v IP Address 10 10
139. ur Internet connection This initial string is provided by your GSM mobile provider In most cases you do not need to change this field except the ADN string which is the Access Point Name of your GSM Internet connection Pin enabled If you have enabled the PIN code on your mobile card check this box and enter the PIN code IPSec Tunnel wizard page 2 of 6 This screen enables you to configure the Provider telekom Authentication PAP CHAP GSM settings Username Password Dial string ATD 99 1 amp Initial string at cgdcont 1 IP atesi Pin Enabled 1234 Figure 41 IPSec Tunnel Wizard 2 of 6 Step 3 This screen Figure 42 enables you to configure the Local and Remote Group parameters of the IPSec tunnel Local Group Setup e Gateway Type IP Address Enter the IP address of the local WAN interface If the GSM connection is already established this field will be automatically generated e Local Security Group Type You can choose IP or Subnet In case you want only one host on the local network behind the tunnel you will choose IP If you want to use a range of addresses choose Subnet Remote Group Setup Gateway Type IP Address Enter the IP address of the local WAN interface e Remote Security Group Type You can choose IP or Subnet In case there is only one host on the remote network behind the tunnel you will choose IP If there is a range of addresses choose Subnet
140. us settings Click Save button to save your changes back to the GWR Router Whether you make changes or not router will reboot every time you click Save Table 3 Network parameters At the Figure 10 you can see screenshot of Network Tab configuration menu Geneko GWR ROUTER CONFIGURATION CONSOLE HARDWARE G Use the following IP address IP Address 110 0 10 150 Subnet Mask 255 255 255 0 Local DNS 185 178 6 3 opyright neko All rights reserved http www geneko co rs Figure 10 Network parameters configuration page 19 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Settings DHCP Server The GWR Router can be used as a DHCP Dynamic Host Configuration Protocol server on your network A DHCP server automatically assigns available IP addresses to computer on your network If you choose to enable the DHCP server option all of the computers on your LAN must be set to obtain an IP address automatically from a DHCP server By default Windows computers are set to obtain an IP automatically To use the GWR Router as your network s DHCP server click DHCP Server Tab for DHCP Server setup The GWR Router has built in DHCP server capability that assigns IP addresses and DNS servers to systems that support DHCP client capability DHCP Server Parameters DHCP Dynamic Host Configuration Protocol allows in
141. uter into web browser Please disable Proxy server in web browser before proceed GWR ROUTER CONFIGURATION GONSOLE HARDWARE Username Password D _ Copyright All rights reserved piji geneko co rs Figure 6 User authentication After successfully finished process of authentication of Username Password you can access Main Configuration Menu which is shown at Figure 7 You can set all parameters of the GWR Router using web application All functionality and parameters are grouped through a few main tabs windows 15 HARDWARE 4Gon www 4Gon co uk info 4gon co uk Tel 44 0 1245 808295 Fax 44 0 1245 808299 USER MANUAL GWR Series Router Add Remove Update manipulation in tables To Add a new row new rule or new parameter in the table please do following e Enter data in fields at the bottom row of the table separated with a line e After entering data in all fields click Add link To Update the row in the table e Change data directly in fields you want to change To Remove the row from the table e Click Remove link to remove selected row from the table Save Reload changes To save all the changes in the form press Save button By clicking Save data are checked for validity If they are not valid error message will be displayed To discard changes press the Reload button By clicking Reload previous settings will be loaded in the form Status
Download Pdf Manuals
Related Search