IPL-RS232 IP router
Contents
1. Router 4 192 168 30 128 Network 2 192 168 20 0 192 168 10 1 Network 1 192 168 10 0 Network 3 192 168 30 0 e E PSTN ISDN am Dedicated line E m Router 1 192 168 10 128 Page 38 User manual ref 9018009 01 IP L RS232 router iiia CONFIGURATION Router 1 static route Yes Network 2 192 168 20 0 255 255 255 0 192 168 10 1 Router 3 static routes Yes Network 4 192 168 40 0 255 255 255 0 192 168 30 128 Yes Network 2 192 168 20 0 255 255 255 0 192 168 10 128 Select the Routing menu and click Static routes click the Add a route button Destination IP address amp netmask parameters Enter the destination network IP address and netmask Gateway IP address parameter Enter the Ip address of the gateway through which the IP frames intended for that network must pass IP L RS232 User manual ref 9018009 01 Page 39 CONFIGURATION d 13 Remote users connection 13 1 Principle The IPL provides a remote user connection function called RAS A RAS connection is a tunnel set between a remote PC and the IPL RS232 router through the telecom network RAS connection safety When a remote PC sets a RAS connection with the router e the remote user is identified with a login in and a password or eventually a certificate e The data is encrypted e An IP address belonging to the local network is automatically assigned to2. C IPL RS232 q Im Ethernet Ethernet Ethernet a mm mm M Modem GSM data IP L RS232 User manual ref 9018009 01 Page 13 OVERVIEW d GPRS EDGE or 3G or TETRA radio network Each IPL RS232 router is connected to the appropriate modem 3G or TETRA A PPP connection is set towards a PPP server belonging to the telecom infrastructure That PPP server is in charge of routing the IP packets towards its destination over a private IP network or the Internet A A Supervision T gt Kr e MN GSM GPRS 36 a ne ug Ethernet Ethernet Ethernet Tom A M GSM or TETRA modem R PPP server and IP router belonging to the telecom infrastructure Page 14 User manual ref 9018009 01 IP L RS232 router d INSTALLATION 1 Product description IPL RS232 IPL RS232 2 DIP switches DIP switches ON OFF switch Ethernet 10 Mb s Ethernet 10 Mb s sthemet 10 Mb s RS232 DB9F RS232 DB9 M RS485 3 digital inputs I digital output Supply Voltage 9 40 VDC Supply voltage 9 40 VDC 1 1 Leds Lit PPP Remote connection set Eine Blinking Remote connection in progress VPN Lit One VPN at least has been established Blinking VPN establishment in progress LINK Ethernet Interface connected DATA Data activity RD Bytes received from the modem TD Bytes transmitted to the modem Lit Operation Blinking Reset in progre
3. Select encryption and authentication algorithms for IPSec Phase 1 and Phase 2 DPD Dead Peer Detection is used to detect the tunnel death and in this case delete IKE and IPSec associations for this peer PFS Perfect Forward Secrecy Modify the default value YES only for interoparability purpose ok Cancel I Default configuration Termin Internet g 7 100 Encryption Protocol parameter Select ESP to encrypt the data flow select AH if no encryption is required or if NAT traversal is required Authentication amp encryption key parameters Authentication and encryption can be carried out with a pre shared key or a certificate Page 50 User manual ref 9018009 01 IPL RS232 router iiia CONFIGURATION Pre shared key value The pre shared key value applies to all the connections The maximum length of the key is 40 characters The same preshared key value will be used for remote users L2TP IPSec connections Certificate value The IPL RS232 router is delivered with a certificate stored into the product in our factory To add a certificate refer to the Security menu Encryption and hash algorithm phase 1 amp Encryption and hash algorithm phase 2 parameters That parameters allow to define the encryption and hash algorithms in use during the phase 1 of the exchanges between the end points VPN set up and during the phase 2 data exchange The default value is Au
4. parameter Unless particular difficulties leave the default value PAP CHAP Outgoing mail server and account email address parameters If emails have to be transmitted enter the parameters 11 2 Step 2 Adjusting routing parameters e Select the Internet menu and then click Routing Route LAN traffic to Internet parameter Select that checkbox Idle time out parameter 5 s to 60 mn If no IP packets have to be transmitted and after the idle time out the router clears the connection Page 36 User manual ref 9018009 01 IP L RS232 router iia CONFIGURATION First packet time out parameter 5 s to 60 mn Leave the default value Use modem parameter Select External IP L RS232 User manual ref 9018009 01 Page 37 CONFIGURATION d 12 Configuring static routes If the destination network is not connected to one of the remote routers linked to the router by a remote connection the devices of that destination network cannot be reached In that case it is necessary to enter the route to that hidden network that route is called a static route A static route consists in a table which describes a destination network IP address and netmask and the IP address of the router through which an IP frame intended for that hidden network must pass That router can be one of the routers connected directly to the local network or a router connected to a remote network Example
5. 2 modbus slaves to the serial interface of the IPRS up to 32 e Select the modbus menu and then modbus server and enable the modbus server gateway and set the parameters as follows ASCII RTU protocol Select the right option Proxy Enable the proxy option if you wish to avoid to frequent requests on the RS232 RS485 interface Cache refreshment period Select the period at which the gateway will send request to the slaves PLC Timeout waiting for the answer Set up the timeout the gateway has to wait for the answer of the modbus slave answer IPL RS232 User manual ref 9018009 01 Page 63 CONFIGURATION d Local retry Set up the number of times the gateway will repeat a request before declaring a failure Inter character gap Set up the maximum delay the gateway will have to wait between a received character of a modbus answer frame and the following character of the same frame Modbus slave address Choose specified by the modbus TCP client if the address of the slave PLC must be decoded by the gateway from the modbus TCP frame coming from the client Otherwise specify the modbus address of the slave PLC in that case only one slave can be connected to the RS232 serial interface TCP inactivity Timeout Set the time the gateway will wait before disconnecting the TCP link if no characters are detected TCP port number Set the port number the gateway has to use Page 64 User
6. ADMINISTRATION SERVER 25 RECOVERING A FREE ACCESS TO THE ADMINISTRATION SERVER 25 ASSIGNING AN IP ADDRESS TO THE LAN INTERFACE ns 26 MODEM CONFIGURATION mes 26 CONFIGURING PPP CONNECTIONS BETWEEN IPL RS232 ROUTERS 27 10 1 Principles rasisma 27 10 2 Outgoing PPP connection nennen rns 30 103 Incoming PPP connection sese nennen 32 104 Outgoing and ingoing PPP connection sssini 34 SETTING UP A CONNECTION TO A 3G OR INTERNET OR TETRA NETWORK 36 11 1 Step 1 Step up the PPP connection nn 36 11 2 Step 2 Adjusting routing parameters nn 36 CONFIGURING STATIC ROUTES men 38 REMOTE USERS CONNECTION niet 40 Bl Principle siia 40 13 2 Configuring a TLS remote user connection enne 41 13 3 Configuring a PPTP connection nent 42 134 Configuring the users listes 43 RESTRICTING THE RIGHTS OF A REMOTE USER ms 45 141 Filter structure nennen era irer een 45 14 2 Configurations 46 ids Page 4 User manual ref 9018009 01 IP L R S232 router d CONTENT CONFIGURATION 15 CONFIGURING VPN CONNECTIONS BETWEEN ROUTERS 3G GPRS EDGE 49 l5l Principles iiia n niin dcn ci naa v a acc 49 15 2 Configuring IPSec VPN connections nn 50 15 3 Configuring TLS VPN connections msn 56 16 SERIAL TO IP GATEWAY nes 62 16 1 Modbus gateway nn 63 162 RAW TCP gateway errem i i a 66 16 3 Multicast gateway nan 68 17 ADVANCED FUNCTIONS mes 70 17 Alarms seen nre rer i i i 70 17 2 Configuring the web portal ns 7
7. Page 70 User manual ref 9018009 01 IP L RS232 router iia CONFIGURATION Product start up If that option is selected the router will send an SNMP trap each time it will connect to the Internet 17 1 2 Digital output alarm If an alarm occurs the router will open the digital output The causes which make the output to open cane be either the ADSL disconnection power input 1 failure power input 2 failure 17 1 3 E mail alarm When the digital input is closed or opened an email can be transmitted to one of the users of the users list To set that function select the Alarm menu Enable the alarm email Select this option if you want an email to be sentto a user when the digital input 1 is set ON or OFF Alarm launched on event If the option OPEN is selected the alarm will be sent each time the digital input will be opened If the option CLOSED is selected the alarm will be sent each time the digital input will be opened If the option BOTH is selected the alarm will be sent each time the digital input will be opened or closed Hold time Selectthe time the input has to stay in its alarm state to be taken into account Alarm destination Selectthe user to whom the email must be sent Text to send Enter the email text 17 2 Configuring the web portal The web portal in an html page it displays a list of devices connected to the LAN Each line of the list is made of the device name its IP address and
8. be sure the new release has been installed go to About in the administration web page of the IP product IP L RS232 User manual ref 9018009 01 Page 77 Ease APPENDIX 1 Html configuration server System IP protocol Users list Devices Service list Date amp time Modem RS232 RS485 SNMP DHCP Firmware update Save restore Reboot Routing Remote nodes Static routes RIP Security Administration Firewall VPN IPL RS232 router To enter the IP of the router over the LAN interface To enter the IP assigned to the remote users To assign an ID and PWD to each authorized user and set their rights To store the IP of the devices connected to the LAN To define the protocol and port TCP or others list To set date and time of the day To set the initialisation string of the modem To set the parameters of the serial interface To set the SNMP traps To setthe DHCP server function over the Ethernet interface Update the product firmware To download upload the configuration file of the product To restart the product To describe remote routers To describe the routes to reach hidden devices To enable the RIP protocol To restrict access to the administration server To restrict access to devices of the LAN To restrict access to the Internet To set the VPNs parameters and register certificates User manual ref 9018009 01 Page 79 APPENDIX 1 Html configuration server Internet Account
9. key defined in the IPSec server parameters which will be used You choose an authentication using Pre Shared Ke Page 52 User manual ref 9018009 01 IP L RS232 router ia CONFIGURATION Remote WAN IP address parameter Enter the network IP address and the netmask assigned to the remote router over the internet Remote LAN address amp Remote LAN netmask parameters Enter the network IP address and the netmask assigned to the remote LAN e Case a Preshared key PSK is used for authentication If the preshared key used by the connection is the general PSK entered in the VPN menu no additional parameter has to be entered If a particular PSK must be used complete the configuration of the connection as explained below Unique PSK for this node parameter Select that option if a particular PSK key has to be used for this connection PSK value parameter Enter the value of the PSK My WAN address parameter Enter the IP address of the router on the GPRS interface e Case a certificate is used for authentication My subjectAlt name amp Remote subjectAlt name parameters Paste the field SubjectAltName of the active certificate of the router you are configuring and the one the remote router Aitention For ETIC certificates this field is the Email field IPL RS232 User manual ref 9018009 01 Page 53 CONFIGURATION d 15 2 3 Configur
10. manual ref 9018009 01 IP L RS232 router iiia CONFIGURATION 16 1 2 Modbus client gateway Modbus TCP server Modbus TCP server 1 2 This gateway allows to connect a serial modbus master to the serial interface of the IPRS Modbus slave RS485 Modbus master Modbus slaves up to 31 e Select the modbus menu and then modbus client menu enable the modbus client gateway and set up the parameters as follows ASCII RTU protocol Select the right option Inter character gap Set up the maximum delay the gateway will have to wait between a received character of a modbus answer frame and the following character of the same frame TCP inactivity Timeout Set the time the gateway will wait before disconnecting the TCP link if no characters are detected TCP port number Set the TCP port number the gateway has to use IP address The modbus client gateway allows to transmit modbus requests from the IPL RS232 User manual ref 9018009 01 Page 65 CONFIGURATION d serial modbus master device to any modbus slave device more precisely called modbus server located on the IP network To assign an IP address to each modbus slave device with which the serial master device needs to communicate click the add a link button Assign an IP address in front of each modbus slave address with which the serial master device will have to communicate 16 2 RAW TCP gateway 16 2 1 Raw TCP client
11. multicast datagrams is always the unicast source address 2 The multicast gateway can be used through an Ethernet LAN but it is not easy to send across routers 16 3 2 Configuration IP L RS232 User manual ref 9018009 01 Page 69 CONFIGURATION d To configure the multicast gateway e Select the transparent and then the multicast menus e Enable the multicast gateway and set up the parameters as follows RS232 485 input buffer size Set up the maximum length of an asynchronous string the gateway will store before transmitting it to the IP network Timeout of RS232 485 end of frame parameter Set up the delay the gateway will wait before declaring complete a string received from the asynchronous device Once declared complete the gateway will transmit the string to the IP network TCP port parameter Set the port number the gateway has to use Multicast group IP address Enter the multicast IP address assigned to the group with respect to the rules of the IANA authority 17 Advanced functions 17 1 Alarms 17 1 1 SNMP The IPL RS232 router is able to send snmp traps when alarms occur Activation If that option is selected the router will send an SNMP trap if an alarm is detected SNMP network management IP address Enter the IP address of the management platform SysName amp SysLocation That fields allow to identify the source device Example Sysname etic Syslocation France
12. network and acting like a master also called TCP client RS232 RS485 Be IP software Response T Request or AW TCP client E VEN Sup RAW TCP client RAW TCP server V RAW TCP server Response V Request RS232 RS485 Response Request RS232 RS485 e Select the transparent and then the raw server menus e Enable the raw server gateway and set up the parameters as follows RS232 485 input buffer size Set up the maximum length of an asynchronous string the gateway will store before transmitting it to the IP network Timeout of RS232 485 end of frame Set up the delay the gateway will wait before declaring complete a string received from the asynchronous device IPL RS232 User manual ref 9018009 01 Page 67 CONFIGURATION d Once declared complete the gateway will transmit the string to the IP network TCP inactivity Timeout Set up the time the gateway will wait before disconnecting the TCP link if no characters are detected TCP port number Set up the port number the gateway has to use 16 3 Multicast gateway 16 3 1 Overview The multicast gateway permits to connect together a group of serial devices and also Ethernet IP devices through an IP network The serial multicast gateway can be used for instance when a serial master device has to send requests to many slave serial devices also called server located on the IP network Serial data is transmitted by each serial
13. out parameters This parameter defines the maximum amount of time in seconds a VPN connection will stay established before being cleared if no response to the VPN control message has been received from the remote router Repetition time out parameter A control message also called Keepalive message is sent periodically by the VPN server router to make sure that the VPN must be left active This parameters sets the amount of time in seconds the server will wait for the response before repeating it Encryption algorithm amp Message digest algorithm parameter That parameters allow to define the encryption and hash algorithms in use 15 3 2 Configuring an outgoing TLS connection IPL RS232 User manual ref 9018009 01 Page 57 CONFIGURATION pl Outgoing LAN IP connection Remote LAN IP address Remote WAN IP address Router Remote router To set an outgoing TLS VPN connection e Select the Routing and then the Remote nodes menu e Click the add a node button e Give aname to the connection and select the Outgoing connection direction option Remote node configuration Windows Internet Explorer about blank Select the node Ingoing or Outgoing you wish to configure Outgoing v Enter below the login and password used to authenticate on the remote node Password f Warning VPN network adresses shoul
14. the configuration has been completely carried out click the Reboot red button in the green bar when displayed e Once the product has restarted check the Reboot button has disappeared from the green bar To save the configuration file to a hard disk e Select the maintenance menu and then the Save restore menu e Click the Save current configuration to disk button 4 Recovering the IP address of the router if the IP address you enter is wrong it is possible to recover the factory IP address of the IPL RS232 router by setting SW01 ON and SW2 OFF The factory IP address 192 168 0 128 will be restored as long as the SWO01 and SW02 micro switch will be left in that position Page 24 User manual ref 9018009 01 IPL RS232 router d CONFIGURATION Remark The SWO01 and SW02 must not be left in that position during operations 5 Recovering the factory configuration It may be necessary to restore the factory configuration of the router To restore the IPL RS232 factory configuration e Switch OFF the power supply of IPL RS232 router e Press the push button on the top part of the IPL RS232 router and switch ON the power supply e Keep the push button pressed until the Operation led turns red Remark The stored configuration will be lost the factory IP address 192 168 0 128 will be restored 6 Restricting access to the administration server The access to the administration server can be pro
15. the remote user s PC RAS connection types The IPL RS232 manages PPTP and TLS or L2TP remote connections Only one type can be selected It will apply to all the remote users connections Page 40 User manual ref 9018009 01 IP L RS232 router d CONFIGURATION 13 2 Configuring a TLS remote user connection e Select the Security menu click VPN connections and then VPN parameters e select the Remote users connection VPN type value TLS e click the Properties Button and set the parameters Step 1 Router configuration Port number amp Protocol parameters Select the port Nr and the type of protocol used to transport the TLS VPN UDP will be preferred Attention The selected port number assigned to the remote users connections must be different from the one used for VPN connections between routers if such VPN connections have been configured Users authentication parameter Authentication an encryption can be carried out with a pre shared key or a certificate If the Login password is selected the remote user is authenticated with a login and a password If the Login password and Certificate value is selected the remote PC is authenticated with the certificate and the user with a login and password In that case the PC certificate must be stored in the user list Encryption algorithm amp Message digest algorithm parameters Leave the default values Step 2 Configure the M
16. 1 Complete if necessary the list of TCP ports Important nota bene The main services html ftp modbus are available from factory for that reason most of the time that step can be skipped e Select the menu system and then service list The list of TCP ports is displayed e Click add a service e Enter the label of that the new service assign a protocol udp tcp icmp and a port number e Save The list is updated Step 2 Enter the list of the devices connected to the LAN e Select the System menu then Devices list The list of the devices of the LAN network is displayed e Click add a device e Assign a label and an IP address to the device and click OK Step 3 Build a filter e Select the security menu then firewall and then Filter list The list of the stored filters is displayed e Click add a new filter e Assign a name to the new filter e Choose the policy All is forbidden except what we specify is the advised policy e Click add a new rule to the list e Selecta host also called machine or IP address among the ones which have been stored and a service also called TCP port e Add other rules if necessary e Click OK when the filter is complete the updated filters list is displayed Page 46 User manual ref 9018009 01 IP L RS232 router CONFIGURATION tic Administration Microsoft Internet Ex Beer Edin ados Foros Que I Adress
17. 1 MAINTENANCE 1 DIAGNOSTIC mms 75 2 SAVING THE PARAMETERS FILE niet 76 3 UPDATING THE FIRMWARE mms 76 APPENDIX 1 HTML configuration server IP L M 156 IP L 11128 IP L L134 router User manual ref 9018009 01 Page 5 CONTENT d Page 6 User manual ref 9018009 01 IPL RS232 router d OVERVIEW 1 Products identification IPL RS232 IPL RS232 2 Ethernet 10 Mb s 1 RS232 RS485 1RS232 1 digital output amp 3 digital inputs PPP PAP amp CHAP connection PPP clientor server IP router 25 remote nodes Static routes s 30 routes RAS server Email Alarm SMS HTML configuration IP L R S232 router router User manual ref 9018009 01 Page 7 OVERVIEW ila 2 Specifications General characteristics Dimensions 128 x 38 x 107 mm h p Electrical safe EN 60950 UL 1950 ESD EN61000 4 2 Discharge 6 KV RF field EN61000 4 3 10V m lt 2 GHz Fast transient EN61000 4 4 Surge voltage EN61000 4 5 4KV line earth RoHS 2002 95 CE ROHS Supply voltage 9 to 60 VDC 125 mA at24 VDC Operating T 20 C 60 C Humidity 5 95 Ethernet IP router P router Remote connections static routes RIP V2 Source IP translation NAT Destination IP translation DNAT Port translation P ort forwarding Ip address translation Page 8 User manual ref 9018009 01 IP L R S232 router OVERVIEW PPP connection Login amp pass
18. 2Me Secure software e Click Menu and then New site The Site configuration window is displayed e Select the General gt tab and enter a site name IP L RS232 User manual ref 9018009 01 Page 41 CONFIGURATION d e Select the Connection tab select the option That site can be reached through the Internet e n the field Host name or IP address select the router IP address or DynDNS name or DNS name e Select the Advanced tab select the protocol UDP or TCP the port number and the encryption algorithm The same values of that parameters must be assigned to the PC and to the router 13 3 Configuring a PPTP connection Step 1 Router configuration e select the Security menu click VPN connections and then VPN parameters e select the Remote users connection VPN type value PPTP Step 2 Set a PPTP connection on the PC side Page 42 User manual ref 9018009 01 IP L RS232 router iiia CONFIGURATION 13 4 Configuring the users list The IPL router registers a users list 25 remote users can be stored in the users list Each user form stores the identity of the user Login and password his email address to send alarm emails and the filter assigned to him To display the user list select the System menu and then User list Attention Coming from factory a default user is registered his login is admin and the password is also admin After the test phase w
19. 4 Restricting the rights of a remote user A remote user filter applies to the IP frames received from an authenticated remote user Once the user has been authenticated and the PPP connection or the has been set the router applies the filter assigned to the user who has been recognized the remote user filter checks the destination IP address and port number 25 remote user filters can be configured and assigned individually to each of the users declared in the user list 14 1 Filter structure A filter is a table made of several lines each line is called a rule A rule defines what decision the filter has to make when it receives a particular IP frame from the Internet the decision can be Reject or Authorize Each rule of the filter is composed a two fields which defines a data flow e Service Protocol telnet http e Host destination IP To avoid to be obliged to describe what the filter has to do with any possible data flow the filter policy has to be selected The filter policy is the policy the firewall has to apply when it encounters an IP frame not described by one of the rules of the filter The policy can be e Drop all the IP frames not described by one of the rules or e Accept all the IP frames not described by one of the rules The first policy is generally the right one because it is cautious IP L RS232 User manual ref 9018009 01 Page 45 CONFIGURATION d 14 2 Configuration Step
20. Remote control Routing Remote control Dynamic IP RS to iP gateway Modbus Transparent Unitelway Alarms Diagnostic Logs Network status Gateway status Micro switch Table of routes Ping IO control Resume About Page 80 User manual ref 9018009 01 Ease To set the conditions the router will connect to the Internet To register the Internet subscription parameters To set routing parameters and DNAT rules To define the conditions the router connects to the Internet To setthe conditions the router will publish its temporary IP 9 over the Internet To configure the modbus gateway To configure the rawTCP multicast amp telnet gateway To configure the unitelway gateway To enter the conditions an email is transmitted to a user To display logs To display all the parameters of the connection in use MAC amp IP SHDSL connection data rate error rate statistics To display the status of the gateway To display the micro switches current position To display the table of routes To ping a machine To display the IOs status To display the connections To display the firmware and hardware identification IPL RS232 router TELECOMMUNICATIONS ETIC TELECOM 13 Chemin du Vieux Ch ne 38240 Meylan France Tel 33 4 76 04 20 00 Fax 33 4 76 04 20 01 E mail contact etictelecom com Web www etictelecom com
21. TELEGOMMUNICATIONS IPL RS232 IP router User manual Document reference 9018009 01 pl The IPL RS232 router is manufactured by ETIC TELECOM 13 Chemin du vieux ch ne 38240 MEYLAN FRANCE TEL 33 4 76 04 20 00 FAX 33 4 76 04 20 01 E mail hotline etictelecom com web www etictelecom com Page 2 User manual ref 9018009 01 IPL RS232 router d CONTENT OVERVIEW 1 PRODUCTS IDENTIFICATION ssccccssicscsssisssssccccescecieusiseresanteesierectonsininontaateintcentieninin 7 2 SPECIFICATIONS nn rene a i a i 8 3 PRODUCT OVERVIEW iiescncesicesiic insat receico cn inb oc 10 3 l gt Principles seems 10 3 22 Examples nn 11 INSTALLATION 1 PRODUCT DESCRIPTION Lusis cierran aec 15 LI LOS rri i i i 15 12 Connectors sees mr i 16 13 DIP switches sese ri 17 2 VENTILATION EE 17 3 SUPPLY VOLTAGE seem ia i 17 ETHERNET INTERFACE anneau 17 5 RS232 RS485 INTERFACE mn 18 6 INPUT amp OUTPUT Lanserte creek nadie 19 CONFIGURATION 1 SETUP STEPS a i a i 6 21 2 CONFIGURING THE IPL RS232 ROUTER mins 21 2 1 Overview iussi iii i i nnn 21 22 Firstconfiguration nn 23 2 3 Modifying the configuration nenne nnns 24 3 REBOOTING THE ROUTER AFTER PARAMETERS CHANGES 24 4 RECOVERING THE IP ADDRESS OF THE ROUTER mn 24 IP L R S232 router User manual ref 9018009 01 Page 3 CONTENT d CONFIGURATION 5 6 7 8 9 10 11 12 13 14 RECOVERING THE FACTORY CONFIGURATION ms 25 RESTRICTING ACCESS TO THE
22. aced by the IP address of the router on the PPP connection If no PPP IP address has been entered it is replaced by the IP address of the router over the Ethernet interface Router PPP IP address and Remote router PPP IP address parameters Enter the IP address assigned to the PPP interface If no IP address is entered the address of the Ethernet interface is assigned automatically IP L RS232 User manual ref 9018009 01 Page 35 CONFIGURATION d 11 Setting up a connection to a 3G or Internet or Tetra network The IPL RS232 router can be used to connect the devices of the LAN interface to a remote network through a telecom network like the 3G GPRS network or the Internet or a radio network like a TETRA network The IPL RS232 must set a PPP connection towards the PPP server belonging to the telecom infrastructure The configuration is carried out in two steps Step 1 Setting up the PPP connection Step 2 Setting up technical routing parameters 11 1 Step 1 Set up the PPP connection e Selectthe Internet menu and then click Account Activate Internet connection parameter Select the by modem choice User name amp password parameters Enter the user name and password assigned to the Ipl RS232 router by the telecom provider Careful If no user name or password are assigned by the GSM operator it may be necessary to enter at least an alphabetic character in each field Authentication
23. and the output is featured by the IPL RS232 model only Alarm output 1 relay output is provided to indicate an alarm The alarm condition can be selected using the html server The electrical characteristics of the output are Opto isolated output Maximum voltage 50 VDC Maximum current 500 mA Inputs The product features one digital input it is not isolated if the input is opened an SNMP trap will be sent to the SNMP server is that function has been enabled IPL RS232 User manual ref 9018009 01 Page 19 INSTALLATION Page 20 User manual ref 9018009 01 pl IPL RS232 router d CONFIGURATION 1 Setup steps e Case the IPL RS232 is used on a switched network like PSTN ISDN GSM data private line Step 1 Assign an IP address to the IPL RS232 LAN interface Step2 Setup the modem connection Step 3 Setup PPP connections with other routers Case the IPL RS232 2 is used on such networks as the 3G GPRS network the Internet or a radio TETRA network Step 1 Assign an IP address to the IPL RS232 Step2 Setup the modem connection Step 3 Setup the PPP connection with the PPP server belonging to the infrastructure Step4 Setup VPNs if needed 2 Configuring the IPL RS232 router 2 1 Overview Administration server address The administration html server is located at the LAN IP address of the router The default address is192 168 0 128 Html browser We advise to use Internet Explorer ver
24. assword are checked by the router when a call is incoming Additional parameters Verify calling number and calling number parameters Select the option yes and Enter the telephone number of the remote router to force the router to check the calling number Page 32 User manual ref 9018009 01 IP L RS232 router iila CONFIGURATION Firewall filter parameter Select the firewall filter assigned to the connection NAT parameter Select yes to enable the NAT function In that case the PPP IP address of the router is assigned as the source address to all IP packets transmitted by a device towards the telecom network If no PPP IP address has been entered it is replaced by the IP address of the router over the Ethernet interface Router PPP IP address and Remote router PPP IP address parameters Enter the IP address assigned to the PPP interface If no IP address is entered the address of the Ethernet interface is assigned automatically IP L RS232 User manual ref 9018009 01 Page 33 CONFIGURATION d 10 4 Outgoing and ingoing PPP connection A connection must be set up as outgoing and ingoing if the router can dial to a remote router and receive a cal from that remote router e To add and configure an ingoing and outgoing connection select the Routing menu and then Remote nodes e Click the Add a node button Enable parameter Select the yes option Type parameter Select t
25. connections between routers 1 step Select and set up the VPN type parameters Once a type of VPN has be selected it applies to all the connections with remote routers 2 step Create VPN connections A VPN connection can be an incoming connection or an outgoing connection Outgoing Incoming connection connection If a VPN connection is an E incoming connection the X Internet local router is named VPN server and the remote VPN VPN router is a VPN client client server IP L RS232 User manual ref 9018009 01 Page 49 CONFIGURATION d 15 2 Configuring IPSec VPN connections 15 2 1 Configuring the IPSec protocol e Select the Security menu click VPN connections and then VPN parameters e Select the Remote nodes connections VPN type value IPSEC and then click Properties Connection parameters Windows Internet Explorer about blank IB IPSec parameters Select the protocol used for IPSec connections With AH protocol there is no encryption but authentication only D Select the authentication used for IPSec connections WARNING If the product is behind a router which makes address translation or port forwarding DNAT and you wish to configure an ingoing IPSec connection you must select an authentication by certificate Warning The Pre Shared Key is global for the product The same value will be used for remote connections and for L2TP IPSEC remote user access
26. d ALL be different The configuration of this address is defined in the Ingoing node menu configuration Security configuration VPN connections gt VPN parameters Internet Login amp Password parameters Enter the login and password the router will have to use to authenticate Remote WAN IP address URL parameter Page 58 User manual ref 9018009 01 IP L RS232 router iiia CONFIGURATION Enter the IP address of the remote router or its DNS name Remote WAN IP address parameter Enter the network IP address and netmask assigned to the remote router over the Internet public IP address over Internet IP L RS232 User manual ref 9018009 01 Page 59 CONFIGURATION d 15 3 3 Configuring an ingoing TLS connection Ingoing LAN IP Connection Remote LAN addr IP address Remote a addr IP address Router Remote router To set an ingoing TLS VPN connection e Come back to the VPN connections screen e Click the add a connection button e Give a name to the connection and select the ingoing connection direction option EEK A Select the node Ingoing or Outgoing you wish to configure Ingoing Enter below the login and password the remote node must used to authenticate Enter below the common name of the certificate the remote node should use to authenticate cn Warning VPN network adresses should ALL be different The configuration of this address is defined i
27. device to all other serial devices through the IP network But at the opposite of the RAW UDP technology described previously that Multicast gateway does not send an IP frame to each destination IP gateway Serial data is encapsulated in a unique IP frame transmitted to a multicast address received by all the gateways or IP devices Page 68 User manual ref 9018009 01 IPL RS232 router l RS232 CONFIGURATION RS232 A s IP RS232 RS232 RS232 The Internet Assigned Numbers Authority IANA controls the assignment of IP multicast addresses The range of addresses from 224 0 1 0 through 238 255 255 255 are called globally scoped addresses They can be used to multicast data between organizations and across the Internet The range of addresses from 239 0 0 0 through 239 255 255 255 contains limited scope addresses or administratively scoped addresses These are defined by RFC 2365 to be constrained to a local group or organization Routers are typically configured with filters to prevent multicast traffic in this address range from flowing outside an autonomous system AS or any user defined domain Within an autonomous system or domain the limited scope address range can be further subdivided so those local multicast boundaries can be defined This also allows for address reuse among these smaller domains Nota bene 1 This address range is the destination address of IP multicast traffic The source address for
28. e 48 nem 192 168 0 106 8080 Index ntm vg a o ix a ve e Google G ve Eo doms PME Eh bided ROSA rA Ark ted IPL AD2 1400 Rowteur ADSL cy gt Configuration syst me gt Liste des machi FEE C Cette ime permet d assigser un non aux machines raccors es 83 reseau Ele vous permet Ge creer des Sres en aopeunt les machines par leur nom Ge generer puinatcuemenm UT 207184 wen racceiart es aocresses P 2es machines du reseau acceder Bux machines par leur Nom DNS nom ons s nom machine om domare Note Cette late ne coractue pas un moyen de ri l accessbiit e Ges machines sur le r seas pour Cela recortez vous ia secton s curte du menu La premi re igne Any S signe toutes les machines cu r seau 00 192 168 0 44 S curit Internet propos Filter Edit Microsoft Internet Explorer Les r gles qui sont d finies s appliquent sur les trames IP qui transitent par le serveur d acc s distant quelqu en soit le sens ll y a deux politiques de cr ation d un filtre On d signe ce que l on autorise et tout le reste est interdit ou On d signe ce que l on interdit et tout le reste est autoris La premi re politique est celle qui offre le plus de s curit Lr web et programm automates On d signe ce que l on autorise et tout C on d signe ce que l on interdit et tout le le reste estinterdit reste est autoris Authoriser Machine a forer z Supprimer Autho
29. e PPP the source address of any IP packet transmitted by a device towards the telecom network is replaced by the IP address of the router on the PPP connection If no PPP IP address has been entered it is replaced by the IP address of the router over the Ethernet interface Router PPP IP address and Remote router PPP IP address parameters Enter the IP address assigned to the PPP interface If no IP address is entered the address of the Ethernet interface is assigned automatically IP L RS232 User manual ref 9018009 01 Page 31 CONFIGURATION d 10 3 Incoming PPP connection An incoming connection is a connection established by the remote router Ingoing PPP Outgoing PPP connection connection Telecom network g R2 router Im LAN Remote LAN e To add and configure an ingoing connection select the Routing menu and then Remote nodes e Click the Add a node button Enable parameter Select the yes option Node name parameter Assign a name to the connection for instance the name of the remote site call direction parameter Select Ingoing if the router waits from an incoming call from the remote router Remote router IP and Remote network netmask parameter Enter the IP address and the netmask of the remote router Ethernet interface Node login and Node password parameters Enter the login and the password of the remote router These login and p
30. e advise to modify these login and password Select the System menu and http 192_168 0 146 8080 Param tres utilisateur Microsoft Internet Explorer then User list T Display or modify a user entry e Click the View or modify button Les param tres dauert cano VPN ge e LITPAP Sec M peuvent dere room pos 3 Add a user e Click the add a user button Active value Yes or NO Choose No if you want to prevent the user to access the network Choose yes to authorize the user to access the network Full name parameter It is the name displayed in the user list Login amp password parameters The login and the password will have to be entered by each user at the beginning of the remote connection IP L RS232 User manual ref 9018009 01 Page 43 CONFIGURATION d E mail parameter The IPL RS232 router will send an email to that address in two situations Alarm email the router sends an alarm email to the user s email address If the status of one of the three inputs is closed or opened if that option has been set Internet connection email Once connected to the Internet the router will send to the demanding user an email containing the dynamic IP assigned to the router by the provider Firewall filter parameter Select the filter to assign to the user to restrict his access rights Page 44 User manual ref 9018009 01 IP L RS232 router iiia CONFIGURATION 1
31. e remote end This value is ONLY used for Ingoing nodes An Outgoing node will automatically used the value pushed by the remote Ingoing node Packet retransmit timeout on TLS control channel if no acknowledgment from remote within n seconds RE 020 Select the encryption algorithm and the message digest algorithm used for Ingoing and Outgoing nodes Ok Cancel Default configuration Internet f r Qiz Port number amp protocol parameters Select the port Nr and the type of protocol used to transport the TLS VPN UDP will be preferred Attention The port number value must be different from one used by remote users to configure the VPN dedicated to remote users select the Security and then VPN menu VPN network address amp VPN network netmask Page 56 User manual ref 9018009 01 IPL RS232 router iia CONFIGURATION The TLS VPN server router assigns automatically an IP address to the VPN client router That VPN network IP address must not be confused with the WAN IP address the public IP address assigned to the routers over the Internet nor with the LAN IP addresses VPN network IP address default 172 16 1 0 GSM INTERNET a Ss VEN WAN interfaces IP addr Attention The VPN network IP address field must be different from LAN IP address field The number of VPN addresses cannot be greater than 255 the netmask cannot exceed 255 255 255 0 Connection death time
32. e version It is why we advise to assign a name to a parameter file including the product name and the software version like for instance myrouterfile iplrs232 V241 bin DIP switches Once the router has been set up the DIP switches SWO1 and SW02 must not be left in the factory position SW01 ON and SW02 OFF Page 22 User manual ref 9018009 01 IP L RS232 router dG CONFIGURATION 2 2 First configuration Step 1 Check the DIP switches Coming from factory the DIP switches SW1 and SW2 are set OFF to select the stored IP address Coming from factory the stored IP address is the factory IP address 192 168 0 128 Step 2 Create or modify the PC IP connection Assign to the PC an IP in accordance with the IPL RS232 IP address For the first configuration assign or instance 192 168 0 127 to the PC Step 3 Connect the PC directly to the LAN interface of the IPL RS232 router using a cross wired Ethernet cable Step 4 Launch the html browser Enter the LAN IP 9 of the router 192 168 0 128 The Home page of the administration server is displayed KTIC Administration Windows Internet Explarer GI Le ro YB 4 x NW ven Bio u2 EE C03 0 ttre c oo ad R o mr Pope S te cube IPL G12B 3G industrial router Site name Management WEB Server Quick stan in steps Routing Security locol You must specify the serve
33. ed complete the configuration of the connection as explained below Unique PSK for this node parameter If that option is not selected the preshared key entered in the VPN configuration screen will be used by the router If that option is selected enter the specific key My WAN address amp Remote WAN address parameters Enter the WAN IP address of the IPL RS232 router public IP address over Internet and the WAN IP address of the remote router e Case a certificate is used for authentication My subjectAlt name amp Remote subjectAlt name parameter Paste the field SubjectAltName of the active certificate of the router you are configuring and the one the remote router Aitention For ETIC certificates this field is the Email field IPL RS232 User manual ref 9018009 01 Page 55 CONFIGURATION d 15 3 Configuring TLS VPN connections 15 3 1 Configuring the TLS protocol e Select the Security menu click VPN connections and then VPN parameters e Select the Remote nodes connections VPN type value TLS and then click Properties Connection parameters Windows Internet Explorer about blank TLS parameters Define the port used for Ingoing and Outgoing nodes Warning this value must be different from the one used for remote user connection Choose a VPN network address used for Ingoing nodes ME 200 MN 250 Define the time to detect the dead of th
34. gateway That gateway can be used if a serial master device has to send requests to one or several slave devices also called server located on the IP network RS232 RS485 Request Response RAW TCP client A ZN RAW TOP client 4 Response Request 4 Response RS232 RS485 The serial device must be for example a master device RAW TCP server Request RS232 RS485 e Select the transparent and then the raw client menus e Enable the raw client gateway and set up the parameters as follows RS232 485 input buffer size Set up the maximum length of an asynchronous string the gateway will store before transmitting it to the IP network Timeout of RS232 485 end of frame Set up the delay the gateway will wait before declaring complete a string received from the asynchronous device Once declared complete the gateway will transmit the string to the IP network Page 66 User manual ref 9018009 01 IPL RS232 router iiia CONFIGURATION TCP inactivity Timeout Set the time the gateway will wait before disconnecting the TCP link if no characters are detected TCP port number Set the port number the gateway has to use Raw server IP address The raw client gateway is able to communicate with a raw server gateway Assign an IP address to define the destination gateway 16 2 2 Raw server gateway That gateway can be used if a serial slave device has to answer requests coming from devices located on the IP
35. he switched choice Node name parameter Assign a name to the node call direction parameter Select Outgoing ingoing if the router must dial towards the remote router and receive calls from that remote router Remote router IP and Remote network netmask parameter Enter the IP address and the netmask of the remote router Ethernet interface Modem parameter The external choice is the only possible Dial number parameter Enter the number the router has to dial to connect to the remote router My login and My password parameters Enter the login and the password the router has to transmit to the remote router to connect to it Node login and Node password parameters Enter the login and the password of the remote router These login and password are checked by the router when a call is incoming Idle time out parameter 5 s to 60 mn Set the time duration of the silence before the router will clear the call Page 34 User manual ref 9018009 01 IP L RS232 router d CONFIGURATION First packet time out parameter 5 s to 60 mn Leave the default value Additional parameters Firewall filter parameter Select the firewall filter assigned to the connection NAT parameter Select yes to enable source IP address translation In that case the PPP the source address of any IP packet transmitted by a device towards the telecom network is repl
36. ike TETRA the PPP connection is set with a PPP server belonging to the infrastructure We present hereafter some examples of use of the IPL RS232 router Page 10 User manual ref 9018009 01 IP L RS232 router iiia OVERVIEW 3 2 Examples PSTN network Each router is connected to a PSTN modem V34 V90 If the telecom provider offers the connection between the GSM network and the PSTN some of the IPL RS232 can also be connected to a GSM data modem instead of an ISDN adapter The PPP connection is set between IPL RS22 routers EI IPL RS232 T Modem gt m mn Ethernet Ethernet IPL RS232 User manual ref 9018009 01 Page 11 OVERVIEW d ISDN network Each router is connected to an ISDN adapter V110 or V120 If the telecom provider offers the connection between the GSM network and the ISDN some of the IPL RS232 can also be connected to a GSM data modem instead of an ISDN adapter The PPP connection is set between IPL RS22 routers ga IPL RS232 Adapter a Im Ethernet Ethernet Ethernet mm Page 12 User manual ref 9018009 01 IPL RS232 router iia OVERVIEW GSM data service Each router is connected to a GSM data modem If the telecom provider offers the connection between the GSM network and the PSTN some of IPL RS232 can also be connected to a PSTN modem instead of a GSM data modem The PPP connection is set between IPL RS22 routers E A Supervision
37. ing an ingoing IPSec connection Ingoing LAN IP connection addr Remote LAN IP address Remote WAN addr IP address Router Remote router To set an ingoing IPSec VPN connection e Select the Routing and then the Remote nodes menu e Click the add a node button e Give a name to the connection and select the ingoing connection direction option DOK about blank Ingoing v Informations about the remote network Select the node Ingoing or Outgoing you wish to configure You choose an authentication using Pre Shared Key This parameter can be changed by the menu Security VPN connections VPN parameters You can use a different key for each node by filling the parameters below Otherwise this is the global key defined in the IPSec server parameters which will y E c G E amp Internet Page 54 User manual ref 9018009 01 IP L RS232 router iia CONFIGURATION Remote WAN IP address parameter Enter the IP network address and netmask assigned to the remote router over the Internet public IP address over Internet Remote LAN address amp Remote LAN netmask parameter Enter the IP network address and netmask assigned to the remote LAN e Case a preshared key is used If the key used by the connection is the general PSK entered in the VPN menu no additional parameter has to be entered If a particular PSK must be us
38. n the Ingoing node menu configuration Security configuration gt VPN connections gt VPN parameters Remote router Login amp Remote router password parameter Enter the login and password of the remote router Page 60 User manual ref 9018009 01 IP L RS232 router d CONFIGURATION The remote router has to use that login and password to authenticate Remote LAN address amp Remote LAN netmask parameters Enter the network IP address and netmask assigned to the remote LAN Common name parameter Enter the remote router certificate common name IPL RS232 User manual ref 9018009 01 Page 61 CONFIGURATION d 16 Serial to IP gatewa The gateways listed below are provided Modbus client or server i e master or slave To connect several serial modbus slaves to several IP modbus clients Or to connect a serial modbus master to an IP modbus server RAW TCP server or client To connect two serial devices through an IP network RAW UDP To exchange serial data between several serial and IP devices through an IP network using a table of IP addresses Telnet To connect a Telnet terminal to the IPL Unitelway slave To connect a serial unitelway master to an IP network Page 62 User manual ref 9018009 01 IPL RS232 router iiia CONFIGURATION 16 1 Modbus gateway 16 1 1 Modbus server gateway This gateway allows to Modbus TCP dient Modbus TCP client connect asynchronous 1
39. on A parameters file can only be restored towards a product having the same firmware version 3 Updating the firmware Step 1 Before starting you need A PC with a Web browser An Ethernet cable or a switch The FTP server software which can be downloaded from the firmware page of the ETIC download area web server Step 2 Download the release of the firmware from our download area to your PC Step 3 Prepare the PC Check the Ip address of the PC is compatible with the one of the router Connect the router to the PC Launch the TFTP server tftp32 exe software and select the new release LO26xxx img by using the Browser button Page 76 User manual ref 9018009 01 IP L RS232 router iia MAINTENANCE Click on Show dir to check the files of the directory rfsmini tgz rootfs bin u boot bin and ulmage Step 4 Update the firmware Launch the web browser Enter the IP address of the ETIC product the home page of the ETIC configuration server is displayed Select the System menu and then firmware Update In the field IP address of the TFTP server enter the IP address of your PC Note The IP address of the PC is written in the field Server Interface in the TFTP server windows Click Save and then Update The first file should begin to be downloaded from the PC to the router During the operation the led blinks When the download is finished the product automatically reboots To
40. r IP address on the local network and the IP address attributed to the Internet remote user E mail alarm Coni IP RS Gateway You activate modem s to use the dial prefix and the mstallation country Diagnostics e Define the remote node S For each nodes you define parameters to connect to it access rights and an optionnal calling number About fitenng e Define firewall fiters optional After having defined the network hosts list you will be able to create fiters which will apply during the connection and then assign them to users e Protect the server management access opbonal Copynght 2003 ETIC T l communicatons Enghsh Erancais IP L R S232 User manual ref 9018009 01 Page 23 CONFIGURATION d 2 3 Modifying the configuration From the local network e Launch the html browser and enter the IP address assigned to the router on the LAN e Or launch the ETICFINDER utility if you ignore the IP address assigned to the router Remotely e fno VPN is set with the router seta RAS PPTP TLS L2TP IPSec connection towards the router if a public Ip address is assigned to its antenna interface e Launch the html browser and enter the IP address assigned to the router on the LAN 3 Rebooting the router after parameters changes e After a page of parameters has been completed click the Save button located at the bottom of the page e After some parameters changes the IPL RS232 must restart When
41. riser Machine a forer v Supprimer Authoriser Robot de soudage z Supprimer Authoriser Robot de soudage z Supprimer Ajouter une r gle la liste Ok Annuler IPL RS232 User manual ref 9018009 01 Page 47 CONFIGURATION d Step 4 Assign a filter to each user e Select the System menu and then Users list e Select the user to which you want to assign a filter and click modify the user window is displayed e Assign a filter to the user click OK and save Page 48 User manual ref 9018009 01 IP L RS232 router iila CONFIGURATION VPN connections between routers 3G GPRS EDGE 15 1 Principles A VPN is a safe link set between two end points over an IP network Both routers authenticate data are encrypted and each device of a LAN can exchange data with each device f the other one To get more explanations about how VPNs work refer to appendix 2 25 VPNs can be set on the WAN interface of the IPL RS232 router Two types of VPN can be set TLS VPN and IPSec VPN IPSec has the advantage to be a standard solution TLS is easier to employ because the transport layer is TCP or UDP it is why it can be easily used when the VPN must pass through several company routers Once a type of VPN TLS or IPSec has been selected all the VPN set between the IPL RS232 router and another one must be the same Two steps are necessary to configure the IPL RS232 to create VPN
42. sion 8 First configuration For the first configuration we advise to connect the PC directly to the LAN interface of the IPL RS232 router Modifications Modifications can be carried out from the LAN interface or remotely using a RAS connection or through a VP N IP L R S232 router User manual ref 9018009 01 Page 21 CONFIGURATION d Restoring the factory IP address The factory IP address of the router on the LAN interface can be restored by setting the DIP switches SW01 ON and SW02 OFF In that position o the DIP switches the stored configuration is not deleted Setting the DIP switches in that position gives also a free access to the administration server from the LAN interface During operations the DIP switches must not be left in that position Network IP address Later in the text we often speak of network address We mean the lowest value of the addresses ofthe network For instance if the netmask of a network is 255 255 255 0 the network address of that network is X Y Z 0 Copy and paste Parameters must be entered with the keyboard they cannot be pasted However it can be useful to paste a string when it is long to avoid errors In that case paste the string delete the last character of the pasted string and enter it again with the keyboard Saving and restoring the parameters file see the maintenance chapter A parameters file can only be downloaded to a product having the same firmwar
43. ss or hardware defect IP L RS232 router User manual ref 9018009 01 Page 15 INSTALLATION d 1 2 Connectors pins screw block Supply voltage Function 540 VDG gt emus 8 pins Inputs outputs IPL RS232 only Pin Function 6 OUT2 Reloupu2 8 A RS485 polarity A DB9 RS232 connector Pin Circuit Designation IPL Modem 2 RD i Data Reception gt 3 TD ios Data Emission a DTR 108 Data terminal reay amp 5 leoh Ground e DSR i7 Daasetready gt 7 ars 105 Reqestoseni 8 CTS 106 Cieartosend gt 9 Jar 125 Ring indicator gt Page 16 User manual ref 9018009 01 IPL RS232 router iia INSTALLATION 1 3 DIP switches DIP switches Management The current IP of the product is the stored IP The active IP of the product is the factory IP 192 168 0 128 No login and password are required to access to the html server The active IP is provided by the BOOTP or DHCP server Push button It enables to restore the factory profile To restore the factory profile switch the power on while pressing the push button until the RUN light turns green Attention Once the factory profile has been restored the stored configuration is lost 2 Ventilation To avoid overheating when the ambient temperature is high leave a 1 cm 0 5 inch space on each side of the product 3 Supply voltage The supply vol
44. tage must be strictly lower than 40 VDC and higher than 9 VDC The consumption is 125 mA at 24 VDC 4 Ethernet interface The Ethernet interface is a 10 Mb s interface To connect a PC directly to the router use the cross wired red cable provided with the product IPL RS232 User manual ref 9018009 01 Page 17 INSTALLATION d 5 RS232 RS485 interface The router provides a single serial interface made to connect a modem The modem is controlled by the IPL RS232 using AT commands e PL RS232 model The serial interface is at the same time RS232 and RS485 two wires The RS232 interface is available on a DB9 female connector The RS232 cable must not be longer than 10 meters The RS485 serial interface is provided on the front panel 2 pins screw block Polarisation resistors 1 Kohm bus polarisation resistors are included inside the product RS485 line adaptation by For a several meters long connection Ta over the RS485 local interface it is not en TE necessary to adapt the RS485 line For a longer distance connect a 120 Ohm B RS485 A resistor at each end of the line e IPL RS232 2 model The serial interface is an RS232 interface available on a DB9 male connector If the modem features a DB9 female connector the cable between the IPL RS232 router and the modem is a straight cable Page 18 User manual ref 9018009 01 IP L RS232 router d INSTALLATION 6 Input amp output The digital inputs
45. tected by a login and password To protect access to the administration server e Select the Set up menu the Security menu and then the Administration menu Remark For more simplicity we advise to chose the login and the password of one of the remote users stored in the user list 7 Recovering a free access to the administration server If the Login amp or password entered to reach the administration server have been rejected it is possible to recover a free access to the administration server from the LAN only by setting SW01 ON and SW2 OFF Remark The factory IP address 192 168 0 128 will also automatically be restored as long as SW01 will remain ON and SW2 OFF During normal operations SW01 and SWO02 must not be left in that position IP L RS232 User manual ref 9018009 01 Page 25 CONFIGURATION d 8 Assigning an IP address to the LAN interface e Click System and then IP protocol Local network parameters IP address Enter the IP address assigned to the router over the Ethernet local network Remark Different IP addresses must be assigned to each network connected through IPL RS232 routers Netmask Enter the IP netmask assigned to the local network Remote access parameters Start of users IP address pool and end of users IP addresses pool That parameters define the pool of addresses which will be assigned automatically to remote user s PC when they will connect to
46. ters and users connections and disconnections power on Serial gateway events e Network status sub menu and then status sub menu That screen displays the current status of the LAN interface and of the modem LAN MAC address Ethernet mode half or full IP address Modem Built in or external modem status e Serial gateway That page displays the current status of the serial gateways Type of the gateway Modbus RAW Telnet serial port set up data rate etc number of characters received or sent Number of TCP frames or UDP datagrams received or sent Number of TCP connections enabled e Ping That screen enables to send a ping frame to an IP address e IO control That screen displays the status of the digital input and output and allows to set ON or OFF the alarm digital output IPL RS232 router User manual ref 9018009 01 Page 75 MAINTENANCE d 2 Saving the parameters file Once a product has been configured the parameters file can be stored and restored when necessary To save the parameters file Select the System menu and then Save restore Click the Save button Select the location to store the file and give a name to the file The file suffix is bin To restore a parameters file Select the System menu and then Save restore Click the browse button and select the parameters file Click the Load button and confirm to restart the product Attenti
47. tgoing PPP Ingoing PPP connection connection R seau T l com R1 router R2 router LAN Remote LAN e To add and configure a remote connection select the Routing menu and then Remote nodes e Click the Add a node button Enable parameter Select the yes option Type parameter Select the switched choice Node name parameter Assign a name to the node call direction parameter Select Outgoing if the router must dial towards the remote router Remote router IP and Remote network netmask parameter Enter the IP address and the netmask of the remote router Ethernet interface Modem parameter The external choice is the only possible Dial number parameter Enter the number the router has to dial to connect to the remote router Page 30 User manual ref 9018009 01 IP L RS232 router iia CONFIGURATION My login and My password parameters Enter the login and the password the router has to transmit to the remote router to connect to it Idle time out parameter 5 s to 60 mn Set the time duration of the silence before the router will clear the call First packet time out parameter 5 s to 60 mn Leave the default value Additional parameters Firewall filter parameter Select the firewall filter assigned to the connection NAT parameter Select yes to enable source IP address translation In that case th
48. the router Enter the start address and the end address 9 Modem configuration e Select the System menu and then Modem activate parameter Select that checkbox if a modem is connected to the serial interface Dial prefix parameter If the modem is connected to a PBS for instance enter the prefix which it has to dial Permanent link parameter Select that checkbox if the modem connection is permanent and if no number has to be dialed over the line Use custom initialisation string parameter Enter the necessary initialisation string Page 26 User manual ref 9018009 01 IP L RS232 router iia CONFIGURATION Report connection state on the digital output If that checkbox is selected the digital output is closed when the modem is connected 10 Configuring PPP connections between IPL RS232 routers 10 1 Principles An IPL RS232 router must establish a PPP connection with each router it has to connect to PPP remote connection network mm R1 router R2 router LAN In each router PPP connections must be set up to register the parameters of each connection Dial number remote LAN IP address password A PPP connection with a remote router can be an outgoing connection or an ingoing connection or an outgoing and ingoing connection If a connection is an outgoing connection the local IPL RS232 router dials towards the remote router when IP packets have
49. three links IP L RS232 User manual ref 9018009 01 Page 71 CONFIGURATION d The html link To go directly to the web server of the associated machine The explore link To explore the HD of the associated machine if it is a Windows machine The ftp link To explore the files of the associated device If the we portal option has been selected see below the web portal page is displayed when the remote user launches the navigator and enters the Ip address assigned to the IPL RS232 router In that case the administration server usually can be displayed at the same address but at the port number 8080 instead of 80 when the web portal page option is not selected Portail Web Microsoft Internet Explorer Fichier Edition Affichage Favoris Otis 2 ay Adresse http 192 168 245 79 Ej ox Q Q x a Google G vice B v Vy Bookmarks PageRank E 10s blocked Check gt D Settings wie IPL AD2 1220 Portail Web WEB etic Web Explore FTF 192 168 1 10 FTP etic Web Explore FTP 192 168 1 11 Administration du serveur internet Page 72 User manual ref 9018009 01 IPL RS232 router IPL RS232 User manual ref 9018009 01 CONFIGURATION Page 73 iia MAINTENANCE The html server provides extended diagnostic functions Select the Diagnostic menu and then the appropriate sub menu e Log sub menu The log displays the last 300 dated events Remote rou
50. to in that case both end points will negotiate a common algorithm DPD request period parameter A DPD request also called Keepalive message is a message sent periodically by each end point to the other one to make sure that the VPN must be left active This parameters sets the amount of time in seconds between two of these requests Connection death time out parameter This parameter defines the maximum amount of time in seconds a VPN connection will stay established if no traffic or no DPD request message are received from the remote point ATTENTION Once the parameters of the IPSEC connection have been selected click the OK button and then the Save button IP L RS232 User manual ref 9018009 01 Page 51 CONFIGURATION d 15 2 2 Configuring an outgoing IPSec connection Outgoing LAN IP connection Remote LAN IP address Remote WAN IP address Router Remote router To set an outgoing IPSec VPN connection e Select the Routing and then the Remote nodes menu e Click the add a node button e Give a name to the connection and select the Outgoing option Remote connection configuration Windows Internet Explorer about blank Yes M Select the connection Ingoing or Outgoing you wish to configure informations about the remote network You can use a different key for each connection by filing the parameters below Otherwise this is the global
51. to be transmitted If a connection is an ingoing connection the local IPL router waits for a call from the remote router It cannot dial towards that remote router If a connection is an outgoing and ingoing connection the local IPL dials towards the remote router It can also accept a call coming from that router When a connection has been registered as an outgoing connection inside a router it has to be registered as an ingoing connection in the remote one The addresses of each network connected through the IPL RS232 routers must be different IP networks IP L RS232 User manual ref 9018009 01 Page 27 CONFIGURATION Page 28 User manual ref 9018009 01 pl IPL RS232 router iia CONFIGURATION For instance referring to the diagram below the following connections must be created Router R1 An outgoing connection to R2 and an incoming connection from R4 Router R2 An ingoing connection from R1 and another one from R3 Router R3 An outgoing connection to R2 Router R4 An outgoing connection to R1 e To add and configure a remote node select the Routing menu and then Remote nodes e Click the Add a node button i Router R1 Router R3 v 5 Si modem PSTN ISDN GSM E Modem d va Router R4 IPL RS232 User manual ref 9018009 01 Page 29 CONFIGURATION d 10 2 Outgoing PPP connection An outgoing connection is a connection set by the router itself towards a remote router Ou
52. word Call back Client or server IPSEC or TLS SSL or PPTP Encryption 3DES Certificate 509 Remote access server RAS User list 25 users Serial interface RS232 Serial to IP gateways IPL RS232 PPP connection Login amp password call back 1200 115200 kb s parity N E 0 Modbus master and slave Raw client et server Telnet Multicast UDP multicast unitelway User manual ref 9018009 01 Page 9 OVERVIEW d 3 Product overview 3 1 Principles The IPL RS232 is designed to interconnect safely automated devices through a telecom network A modem must be connected to the serial RS232 port of the IPL RS232 router The connection is carried out in two steps 1 step Modems connection 2 step PPP connection 1 step Modems connection The router controls the modem through the RS232 interface with AT commands If the network is a switched network like the PSTN or the ISDN the call command is sent to the modem each time IP packets have to be transmitted towards a remote router If the network is the 3G GPRS service or a TETRA radio network for instance the modem connection is permanent as soon as the router is switched on 2nd step PPP connection Once the modem connection is set a PPP connection is established If the telecom network is the PSTN or the ISDN or a leased line the PPP connection is set with a remote IPL RS232 If the telecom network is the 3G GPRS network or a radio network l
Download Pdf Manuals
Related Search