Bytton ICR WiFI Dual Antenna Generic User's Manual
Contents
1. qdiuc pris l dav wan cost rafent 2 banda 2 prismap 1111111111111111 Ces qiiar prife 11 d r wan parent 1 1 limit 1000p ee mdiuc hth 12 dav wan parant 1 2 24 3 default D di act packetm stat 24 SYSTEM qdiuz afg 1211 dew wan parant 12 11 limit 127p quantum 15145 p rturb lleec k SEICE Gdiuc afg 1212 dey wan parant 12 12 limit 127p quantum 15145 pa tu b linet Sp eine afg 1213 dg wan parant 12 13 limit 127p quantum 15145 pa tu b linet F OM eine ingress rr des wan parant ff7f7 f77f qdiuc pfife Cant D dev lan seat rafent 2 banda 3 p iemap 1 222120011111111 tuft qdime pris 1 dee bel s st rafent 2 banda 2 peiemap 1 111111111111111 Commit gdinc afg 1211 dav bel parant 12 11 limit 127p i l514b p rturb l nac i i11 eine pfife Cant 0 dev meon wlan s st rafent 2 banda 3 p iemap 1 2 2212001111111 1 CLASS clans pris 1 1 parant l leaf 11 class pris 1 2 parant l leaf 12 class hth 12 11 parent 12 1 leaf 1211 pris 1 zate S00000bit cail 1200EPit bu ut ZER burat ZER class hth 12 1 s st cate l200EBit cail l200Ebit beret ZER cherst ZER class hth 12 13 parent 12 1 leaf 1213 pris 3 cate 240000bit cail 1200EPit buznt ZER chucot 2Kb class hth 12 12 parent 12 1 leaf 1212 pris 2 cate 350000bit cail 1200EPit bu ut ZER cbu ut ZER filter peetecel ip praf 1 u32 filter peetecel ip praf 1 232 fh BUD ht diwiges 1 filter peetecel ip praf 1 232 fh B00 800 sdas 2048 key ht 800 bkt D f lowid 1 1 match 00382. Off Drop list for Interface includes BRO all logical virtual interfaces LANDNWANO GRE tunnels IPSEC tunnels EACH PI LANO WanO port bridges br0 2 defined Virtual LANs Open ppp1 3 VPN or PPTP tunnels and so Interface br0 2 4 on IPSEC2 tun0 6 Router ppp 1 7 WIFI and LAN Interface ppp 1 3 8 PPPOE Interface DEET tun0 6 9 GRET E m Dpp1 3 8 12 land 14 lanQ 15 1 3 8 12 16 BRO tn0 6 17 LANOWANO wan 18 Embeded Modem ken 1o WAN wan 20 OVPN TUNO Router BRO Embeded Modem WAN WAN Port OVPN TAPO Metric Routing now features also the metric parameter in case of multiple paths to the destination you may specify the metric for each route 0 1 and 2 etc The routing program will check the metric to select the shortest route for the data packets After performing changes over the firewall and routing settings it is recommended that you click again the link View Active Rules explained previously to check that the rules generated by iptables are the ones you really want See below an example of such routes Generated by iptables save v1 4 10 on Fri Jun 22 07 49 03 2012 filter INPUT ACCEPT 364 46765 FORWARD ACCEPT 50 4214 OUTPUT ACCEPT 2398 251024 A INPUT i lo j ACCEPT A INPUT i br j ACCEPT A INPUT p gre j ACCEPT A INPUT m state state RELATED ESTABLISHED j ACCEPT A INPUT i ppp3 j ACCEPT A INPUT i tap0 j
3. Disabled Allows the local wireless network Deny the users with the MAC addresses listed below will be denied access to the Wi Fi network Allow is used to assure access only for authorized users with known MAC addresses Deny should be used to prevent access for specific users who have no right to access the wireless LAN or which are legitimate but whose computers become infected with a virus or other malware the administrator temporary blocks their access to prevent the spreading of the virus into the local network Warning the filtering of MAC ID s is not a foolproof security solution you should not rely only on it to ensure security for the Wi Fi network MAC addresses over a network could be faked unauthorized persons can use Identity Theft MAC Spoofing to simulate MAC ID s that are allowed to join the network ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 73 of 272 5 2 6 802 1x Settings This page controls settings related to the configuration for EAPOL according to the standard 802 1X 2004 Specification IEEE 802 1X 2004 By default it is Disabled 802 1X Disabled e WEP WPA WPA e Eapol Version Eap reauth period EAP Mesage hello Eapol key index workaround b Lee pae group acddr WPA Version Wpa key mgmt WPA EAP e Wpa pairwise COMP Auth server addr n 0 0 0 When you need to use 802 1x authentication you must Enable and configure this feature as shown
4. j wan Figure 5 84 Routes Static Routes Display The routes are shown top downwards from the most specific to the least specific Destination the destination network or host system Declaring a default route means adding a route with 0 0 0 0 as its destination Gateway the access gateway the respective routing entry points to If this field has only zeroes 0 0 0 0 or an asterisk this means no gateway is used the destination network is connected directly to the computer Genmask the bit mask applied to the destination It shows the generality of the route Flags indicator flags that describe some characteristics of the route Such flags are U the route is active and operating the interface to be used is up G the route uses an external gateway the network interfaces of the system supply routes to the networks which are directly connected all other routes use external gateways Thus the networks which are directly connected don t have the G flag but it is activated for all other routes H itis a route towards a single host instead of a network D the table entry has been generated dynamically either by a routing protocol or by a an ICMP redirect message see section 3 5 M this route was modified by a dynamic routing protocol R the route vas re activated following update by dynamic routing protocol Routes may be configured as passive or static even when a protocol for dynamic routing
5. BRO Eth ports for LAN and WiFi clients Embedded Modem Primary or secondary WAN but also all the bridges and logical interfaces IPSEC GRE PPTP or Open VPN Tunnels that you have defined previously IPSEC1 GRET1 GRET2 br0 2 br1 2 3 wan 3 lan 04 ppp1 4 ipsec1 5 OVPN TUN or OVPN TAPO Interface GRET1 greti 5 Off GRET1 BRO LANDOWWANO Embeded Modem GRET2 BRO BRO Embeded Modem Embeded Modem WAN WAN OVPN TAPO OVPN TAPO What is a VLAN First let s remember what is a normal LAN one should consider not just the geographical definition small area just a few computers since a FDDI network has thousands of users and an Internet Protocol Class A LAN can in theory accommodate more than 16 million devices organized into subnets The logical definition is more important a LAN is a single broadcast domain just one subnet The broadcast domain is a restricted area in which information can be transmitted for all devices in the domain to receive In this domain any network equipment can transmit data directly to other equipment or device without going through a routing device The reverse is also true routers block broadcasts by design so they must sit between LANs Between the members or the same LAN no routing is performed there are only hubs bridges and switches Instead routing is required between different LANs A virtual LAN is a logical domain where broadcasts and multicasts go o
6. M M Firmware version tapex 3 0 1 FA 5 PPP link stopped PPPCE link offline System uptime 11 10 00 up 5 45 load average 1 35 0 54 0 21 DHCP Leases 1342555449 a0 88 bi 7a l8 cc 10 0 0 12 Blues 134256559370 Z4 ab 81 90 d2 b8 10 0 0 10 Pauls iEhone 01 24 ab 81 90 d2 b8 1342550614 60 fb 42 39 48 86 10 0 0 20 Mihais iPod 01 0 f b 42 39 48 86 1342566557 00 06 4f 02 15 82 10 0 0 13 VOOO 0073 O0l1 00 06 4 02 15 82 Start PPP Or Ethernet link up PPP link offline PPPOE link offline System uptime 10 41 00 up 23 min load average 0 19 0 16 0 06 DHCP Leases 1338530437 00 1e 33 3h f2 dc 172 168 1 10 Crioan nbk 01 00 1e 33 3b 2 dc 1338530287 00 06 4 02 15 82 172 168 1 13 VOO000073 01 00 06 4 02 15 82 1338590319 00 24 d2 06 52 a6 172 168 1 20 01 00 24 d2 06 52 a6 Figure 5 96 Alternate examples of Status sub page for System with several DHCP clients conected This System Status page displays information about the following items Firmware version version of the firmware running on Bytton ICR you may see Firmware version is company 1 2 3 NETWORK xyz in the above example and so on The company may be topex MobileCarrierB or omniacom the firmware version can be 2 7 1 or 3 0 3 while the final letters such as FA O indicate the type model kind of mobile module fitted with additional options or customized software State of the PPP data link which uses the PPP l
7. null null null null null null null null null null null null null null null null null null ntp null State LISTEN LISTEN LISTEN LISTEN LISTEN LISTEN TIME WAIT TIME WAIT TIME WAIT ESTABLISHED TIME WAIT TIME WAIT TIME WAIT TIME WAIT TIME WAIT ESTABLISHED Active UNIX domain sockets servers and established Proto RefCnt Flags Type State I Node Path unix 2 DGRAM 480 Q org kernel udev udevd unix 9 DGRAM 726 dev log unix 2 DGRAM 3962 unix 2 DGRAM 1614 unix 2 DGRAM 1544 unix 2 DGRAM 1539 unix 2 DGRAM 1022 unix 2 DGRAM 757 unix 2 DGRAM 729 ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 266 of 272 Bytton ICR 13 Annex 4 Quagga Commands 13 Annex 4 Quagga Commands Quagga definition Quagga is a routing software suite for Unix platforms such as Linux and it has been embedded into the Bytton ICR firmware It provides implementations of OSPF RIP and BGP 4 The architecture of Quagga consists of a core daemon and several clients which typically implement a routing protocol and communicate routing updates to the daemon Currently there are clients for various dynamic routing protocols OSPF RIP and BGPv4 In order to configure the static or dynamic routes with Quagga the system administrator does not need to connect to the programming console of BYTTON via SSH he can perform thi
8. the data connection will be switched That means if the connection was online it will be stopped and if it was stopped it will be started ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 209 of 272 5 6 6 DDNS Here are located the settings for the Dynamic DNS Server Topex J Location SERVICES gt DDNS Remote User superuser HOME LAN Dynamic DNS Settings WAN o TUNNELS Dynamic DNS Service Disabled e SYSTEM Username ddnsuser SERVICES SNMP VRRP SERIAL SMS DDNS Ld ROUTING DONS Type gnudip Ld r Fassword Server ddnsserver com Domain ddnsdomain com Please use the COMMIT button to activate your settings Figure 5 142 Services Settings for the Dynamic DNS Dynamic DNS is a service that enables mapping of a dynamically assigned IP address to a static or permanent hostname This allows the use of applications that require a static IP address such as web hosting FTP etc Dynamic DNS Service Enables or disables the DDNS service By default it is disabled Dynamic DNS Settings Dynamic DNS Service Enabled e DDNS Type Username jd Password Server ddnsserver com Figure 5 143 Enabling the Dynamic DNS Server This service allows you to export several hostnames by means of a Dynamic DNS provider Bytton ICR 5 5 ROUTING DONS Type Edem izl Username gnudip p 4 ezip DDNS Type TTT pgpaw Allows you to select the type of DDNS ser
9. Bytton ICR 5 CONFIGURATION EE 802 1x Settings Eap reauth period 1999 EAP Mesage Eapol key index workaround boo o Use pae group acddr WPA Version Wpa key mgmt WPA PSK Wpa pairwise CCMP TKIP Auth server addr Auth server port Auth server shared secret Acct server addr Acct server port Acct server shared secret Filter List MAC Help 8021x Save and Reload Please use the COMMIT button to activate your changes Figure 5 39 Enable and configure settings for 802 1x EAPOL After you have enabled this feature it will control authentication on the LAN side allowing access only to the clients which are acknowledged by a Radius server Help 8021 x Save and Reload Please use the COMMIT button to activate your changes ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 75 of 272 Bytton ICR 5 CONFIGURATION po M For details please see the embedded help page HESS IEEE 802 1X 2004 related configuration Require IEEE 802 1X authorization ieee8021x 1 IEEE 802 1X EAPOL version Is implemented based on IEEE Std 802 1X 2004 which defines EAPOL version 2 However there are many client implementations that do not handle the new version number correctly they seem to drop the frames completely H H OSE eapol version 2 Optional displayable message sent with EAP Request Identity The first 0 in thi
10. GC E Organize v New folder b Di My Documents J ocstemp b n PerfLogs p A Program Files P A Program Files 4 b A Program FilesCf b d ProgramData jj PROGRAME L b di Recovery D A Saves 1 SCANNING Jk System Volume Jj TEMP b Ak Updates J USER P A Users Y 13427410595 4 Location System gt Status Remote User superuser System Status Firmware version topex 3 0 1 FA 5 Ethernet link up PPP link online IP 93 122 148 36 Empowering Communications System uptime 11 38 34 up 2 min load average 0 11 0 09 0 03 FALSI 1 C Updates ICR Name 3j topex 3 0 3 a FA S tx topex 3 0 3 a FA S txt topex 3 0 2 FA S txt E topex 3 0 2 FA S trx F topex 3 0 2 FA S md5 T topex 3 0 1 FA S trx topex 3 0 1 FA S txt F orange 3 0 0 FA O trx orange 3 0 0 FA O txt F topex 3 0 0 FA S trx topex 3 0 0 FA S txt 7 vodafone 3 0 0 FA_V T trx vodafone 3 0 0 FA V T txt all annue DAN CM nM AA Aen File name topex 3 0 3 a FA S trx Date med 7 19 2012 1 29 PM 7 19 2012 1 29 PM 7 19 2012 11 33 AM 7 19 2012 11 33 AM 7 19 2012 11 33 AM 7 13 2012 11 15 AM 7 13 2012 11 15 AM 6 13 2012 3 42 PM 6 13 2012 3 42 PM 5 7 2012 11 32 AM 5 7 2012 11 32 AM 5 7 2012 11 30 AM 5 7 2012 11 30 AM 23 6 9012 3 97 DA 4 00 06 4f 02 15 82 131 168 1 13 VOOD00073 01 00 06 4f 02 15 82 L H Type TRX File Text Docur Text Docur TRX File
11. Base address 0x2200 lanO Link encap Ethernet HWaddr 00 50 C2 F5 23 27 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 16332 errors 0 dropped 0 overruns 0 frame 0 TX packets 1 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 1013345 989 5 KiB TX bytes 46 46 0 B Base address 0x2000 lanl Link encap Ethernet HWaddr 00 50 C2 F5 23 2A inet addr 10 0 58 119 Bcast 10 0 255 255 Mask 255 255 0 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 0 0 0 B TX bytes O 0 0 B l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 87 of 272 Bytton ICR 5 CONFIGURATION lan2 Link encap Ethernet HWaddr 00 50 C2 F5 23 2A inet addr 172 168 27 245 Bcast 172 168 255 255 Mask 255 255 255 254 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 0 0 0 B TX bytes O 0 0 B they will also be present in the Routing table Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10 64 64 65 0 0 0 0 255 255 255 255 UH 0 0 0 pppl 172 168 227 244 0 0 0 0 255 255 255 254 U 0 0 0 lan2 192 168 148 254 0 0 0 0 255 255 255 254 U 0 0 0 lanO 191 168 1 0 0 0 0 0 255 255 255 0 U 0 0 0 brO 10 0 0 0 0 0 0 0 2
12. ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 67 of 272 Bytton ICR 5 CONFIGURATION 5 2 5 WiFi Settings Here you can establish the settings for the embedded wireless Access Point 802 11b g base station of the Bytton ICR router WiFi Settings Wireless Access Enabled Le ESSID ESSID Visibility Show ESSID lim Operating Mode Access Point m Connection Mode Infrastructure Le Radio Channel Auto WEP Security Disabled WEP Key 1 wEPKey2 p 1 1 we Keya b o y WEP Key 4 WEP Key Index WEF Key 1 WPA Security PSK2 Le WPA Key 9Swpapskkey11 WPA Crypto AES and TKIP MAC Security Deny Le MAC Address 1 MAC Address 2 MAC Address 3 MAC Address 4 D0 11 22 33 44 44 MAC Address 5 Please use the COMMIT button to activate your changes Figure 5 34 The LAN page for WiFi Settings ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 68 of 272 Bytton ICR 5 CONFIGURATION EE Wireless access You may enable or disable the wireless access to the Bytton ICR Wireless Access Enabled device When enabled the green LED marked WiFi on the front panel m ights up ess ESSID is the character string that you want to be broadcast as ESSID Visbiity ShowESSID v the name of your wireless network Operating Mode Access Point When you set Wireless Access to Disable the Wi Fi features will Wireless Access Disabled be inactive the front pa
13. LAN settings for the local wired Ethernet network for the wireless LAN Wi Fi embedded Access Point when present additional IPs advanced configuration of each LAN WAN port of the switch parameters for 802 1x authorization configuring bridges defining Virtual LANs and establishing MTU for each interface WAN parameters for remote network Ethernet PPP including AT commands switching from primary to secondary WAN interface etc TUNNELS settings for the tunnels used for VPN type GRE IPSEC Open VPN PPTP etc ROUTING firewall routing NAT network address translation dynamic routes virtual routing tables settings for the Quality of Service traffic shaping and prioritization SYSTEM Shows current status and performs operating system functions logs firmware update save load configuration change of password return to defaults SERVICES Allows you to configure additional services such as Dynamic DND NTP serial interface for equipments fitted with SER ports SMS service VRRP configuration of Reset button and so on SIM Shows info and change settings for the SIM card s and mobile module allows viewing sending out and receiving SMS messages VOICE In case of equipments that have voice capabilities FXS telephone interface this page shows info and allows you to modify parameters for the voice calls performed via Bytton ICR Stuff advanced stuff such as status reporting via email self confi
14. aspect of progress bar Saving changes Commit Settings Saving changes please wait vm The message is really necessary saving will take some times because the changed SERIAL settings are saved into permanent Flash memory of the equipment SMS Bytton ICR is unavailable during Commit you will see an error message for the broken connection Then the equipment resets and when it starts again the new set of parameters will be active Auto cfg BW Test Warning While committing changes when resetting Bytton ICR or while loading a new program image the equipment will cease operation for a few seconds This means all connections data link WiFi serial LAN and WAN will be interrupted then will resume when Bytton ICR starts again For instance the status bar at the bottom of the screen will temporary indicate that the LAN connection with Bytton ICR is not available cable unplugged or limited connectivity message and connection icon with a red x Then Bytton ICR restarts with the new parameters and the LAN connection is immediately restored EE LL 511 111 551 OS SSS san ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 62 of 272 Bytton ICR 5 CONFIGURATION 5 2 4 DHCP Settings Settings for the DHCP server of the local network servers used for DNS and MAC addresses filtering C fi amp Xp5pt 192168 148 148 ad min w
15. 12 06 28 11 30 14 12 0044006F00 7300200042006 10073006500 73006 30075 5 REC READ 411 12 06 25 16 27 134 12 Plata facturii dvs a fost inregistrata in contul Orange In co 6 REC READ 4407320562777 12 06 28 11 30 45 12 AT AC GN 7 REC READ 440754043064 12 07 06 15 53 10412 nothing to configure works in full auto mode 8 REC READ 40754043064 12 06 06 13 27 48 12 Will achieve connection using PPPOE 10 REC READ 40749068601 12 06 06 13 29 514 12 Ill call you back soonest 11 REC READ 4407320562777 12 07 05 10 41 57 12 Ok 12 REC READ 40 753779863 12 07 05 17 56 114 12 Ai 19 7193 Euro credit activ indusiv pana la 10 08 2012 14 REC READ 407 53779863 12 07 06 12 21 28412 Aj 19 136 Euro credit activ indusiy pana la 10 08 2012 15 REC READ 4407537798637 12 07 06 12 22 30 177 Word 16 REC READ 40753779863 12 07 06 15 56 05 12 08741 746366328076 17 REC READ 30754043064 712 07 18 11 41 09 12 AT CREG 18 REC READ 30754043064 12 07 18 18 11 52 12 rx note is 038048303914890 1234890 19 REC READ 4407537798637 12 07 06 12 33 43 177 Info 20 REC READ 4 40754043064 12 07 18 18 12 09 12 AT CGSN 22 REC READ 40 7539779863 12 07 06 12 48 014 12 Load 31 REC READ 4 40754043064 12 07 06 13 05 264 12 AT CREG 32 REC READ 40754045064 12 07 06 15 05 354 12 AT C GSN Figure 5 168 Updated list of sorted
16. 4 bytes sequence divided into four groups of decimal numbers separated by periods dots Each number can be zero to 255 These four groups of numbers look like 127 0 0 1 or 213 154 120 170 The four numbers in an IP address are used in different ways to identify a particular network and a host on that network l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 249 of 272 Bytton ICR 9 Glossary ebe IP Acronym for Internet Protocol It is the protocol from TCP IP that directs the way data is sent from one computer to another on the Internet The messages are divided into data packets routed from the sender network to the receiver network and there re assembled in the right order to re create the original message Because a message is divided into a number of packets each packet can if necessary be sent by a different route across the Internet These data packets can arrive in a different order than the order they were sent in The Internet Protocol just delivers them It s up to TCP protocol Transmission Control Protocol to put the packets back in the right order Note that IP is a connectionless protocol which means that there is no continuing connection between the end points that are communicating IP corresponds to the layer 3 the Networking Layer from the Open oystems Interconnection OSI communication model IP Tunneling a tunneling protocol encapsulates a packet of the same or lower protocol while in a
17. EE 5 3 2 WAN Management Some firmware versions allow you to establish control over it but the feature does exist in all Bytton equipments management of the machine via Web page from the remote WAN side as opposed to the local LAN side This control Enables of Disables the management of the Bytton ICR wan Managament Disabled equipment over the WAN side By default the management from WAN BNEWREHHE is enabled permitted Management means the access to the Web configuration page of the equipment and of SSH from the WAN side By default it is Enabled which means the you can access the web pages of Bytton not only form the local network but also from the remote WAN side When you set it to Disabled instead the configurations pages of Bytton ICR and SSH will be closed no longer accessible from the WAN side In this case you will be able to access the Web configuration page of Bytton only form the BRO Ethernet and WiFi side Note Here WAN refers to all distant as opposed to local networks be they Ethernet connections PPP link over the 3G mobile module PPP over Ethernet IPSEC or GRE secure tunnels for VPN etc The current firmware version topex 3 0 1 FA S does not have this control which means that Web management via WAN is always enabled As you can see in the following examples the Web interface for configuring Bytton ICR is accessible both on the local side addresses in range 10 0 0 xxx SN C
18. PPP TUNNELS ROUTING SYSTEM SERVICES SIM Stuff Commit WAN Interface Type Primary Interface Embedded modem e Secondary Interface Ethernet port Fail over Enabled e Ping IP Ping Interval MASQUERADE Please use the COMMIT button to activate your changes Figure 5 42 Webpage for setting WAN Interface type and Failover Bytton ICR 5 CONFIGURATION E Primary Interface You can select either Embedded modem PPP link Primary Interface Embedded modem PPP over Ethernet PPPoE Secondary Interface Ethernet port Ethernet Port PPP over Ethernet Fail over Secondary Interface You can select either Secondary Interface Ethernet part Embedded modem PPP link cc CC COE CC CC CC CE CC CE PPP over Ethernet PPPoE Ethernet Port Ping IP Embedded modem As you can see there are two options for interfaces primary and secondary If the Fail over feature is enabled when the primary WAN interface is no longer available the Bytton ICR equipment automatically switches to the secondary interface WAN Interface Type Primary Interface Embedded modem e Secondary Interface PPP over Ethernet e Fail over Enabled e Ping IP Ping Interval MASQUERADE Fail over When Enabled the equipment will automatically switch from the primary WAN interface to the secondary interface in case the main connection is broken By default it is disabled Ping IP an external address that
19. RX bytes 12874444 12 2 MiB TX bytes 12037618 11 4 MiB Base address 0x2200 land Link encap Ethernet HWaddr 00 50 C2 F5 23 27 UP BROADCAST MULTICAST MIU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets l errors 0 dropped O0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 0 0 0 B TX bytes 46 46 0 B Base address 0x2000 lo Link encap Local Loopback inet addr 127 0 0 1 MHMask 255 0 0 0 UP LOOPBACK RUNNING MTU 16436 Metric 1 RX packets 7980 errors 0 dropped 0 overruns 0 frame 0 TX packets 7980 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 439768 429 4 KiB TX bytes 439768 429 4 KiB mon wlanO Link encap UNSPEC HWaddr 00 19 70 49 F3 D7 10 07 00 00 00 00 00 00 00 00 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 1125 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped O0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 105192 102 7 KiB TX bytes 0 0 0 B wan Link encap Ethernet HWaddr 00 50 C2 F5 23 29 inet addr 192 168 1 148 Bcast 192 168 255 255 HMask 255 255 0 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 117631 errors 10 dropped 0 overruns 0 frame O0 TX packets 19662 errors 0 dropped O0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 17847736 17 0 MiB TX bytes 12305111 11 7 MiB Base address 0x3000 wland Link encap Ethernet HWaddr 00 19 70 49 F3 D7 UP BROADCAST RUNNING MULTICAST MTU
20. S os ih e e oF Ch CH Ja i 10 0 0 1 https 10 0 0 1 admin 7 Y C o Google A4 T i topex Router Configuration Topex Location LAN gt IP Settings Remote User superuser HOME T LAN IP Settings IP Address 10 0 0 1 DHCP Server E NE Netmask 255 255 255 0 IF Settings for LAN WiFi Settings Bridge 2 Aditional IP VLAN an Tt 802 IX Loopback Eth Port MTU F WAN SW LAM1LANZ F TUNNELS l ROUTING LANO WV ANO And also on the WAN side addresses in class 192 168 1 yyy F xmag e amp t D ux 191681148 https 192168 1 148 status start html https 192 168 1 148 status start html Status Page Administration Pages topex l ByttonICR fulli genericUsermanual_sw303FAS_revG_en doc Page 116 of 272 Bytton ICR 5 CONFIGURATION EE 5 3 3 WAN Port Whenever you use an Ethernet interface for WAN connection you must fill in the settings IP Settings for the WAN Ethernet Interface Top ex i Location WAN gt Ethernet Empowering Communications Remote User superuser HOME F LAN Y WAN settings WAN Port IP Settings for WAN Ethernet Interface Address Type Static IP Address 192 168 1 148 PPPaE Netmask 255 255 0 0 PPP Gateway 192 168 1 8 TUNNELS Nameserver 1 192 163 1 88 pu fo Se ROUTING Nameserver 2 8 8 8 8 Foye SYSTEM SERVICES SIM dich Please use the COMMIT button to activate your changes Commit Figure 5 46 Webpage for setting up WAN
21. TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 0 0 0 B TX bytes 0 0 0 B br0 2 4 Link encap Ethernet HWaddr 00 50 C2 F5 23 2A inet addr 172 168 254 197 Bcast 172 168 254 199 Mask 255 255 255 252 UP BROADCAST RUNNING MULTICAST MTU 1473 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 0 0 0 B TX bytes 0 0 0 B lan0 14 Link encap Ethernet HWaddr 00 50 C2 F5 23 27 inet addr 127 27 155 203 Bcast 127 255 255 255 Mask 255 255 255 254 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 0 0 0 B TX bytes 0 0 0 B lan0 15 Link encap Ethernet HWaddr 00 50 C2 F5 23 27 inet addr 127 27 254 98 Bcast 127 27 254 99 Mask 255 255 255 252 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 0 0 0 B TX bytes 0 0 0 B wan 18 Link encap Ethernet HWaddr 00 50 C2 F5 23 29 inet addr 192 168 148 254 Bcast 192 168 148 255 Mask 255 255 255 252 UP BROADCAST RUNNING MULTICAST MTU 1473 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 l ByttonICR fulli genericUsermanual sw308FAS revG en doc P
22. The explanation in the manual are for the full version of the Web pages respectively for logging in as superuser When you log in as admin or as a simple user some of the sub pages described will not be available 5 2 LAN This first group features several pages of settings related to the local wired network for primary and secondary IP and net mask configuration of the second LAN WAN port parameters for the DHCP server for the WiFi Access Point when your Bytton equipment has this feature for bridging between different networks for Virtual LANs for 802 1X authentication and respectively detailed information and configuration for each of the ETH interfaces of the equipment Top ex J Location LAN Empowering Communications Remote User superuser HOME Y LAN IP Settings Configuration sections DHCP Server WiFi Settings WiFi and LAN Ethernet Switch Configuration Pages IP Settings Configure the IP address and netmask for the LAN Ethernet Switch WiFi Settings Configure the WiFi Access Point working mode ESSID encryption etc Bridge DHCP Server Configure the embedded DHCP Server activation address range lease time etc VLAN 802 1X When you are done please use the COMMIT button to activate your settings Eth Port MTU Figure 5 17 LAN configuration Webpage with subpages 5 2 1 IP Settings On the LAN side settings include primary and additional IP addresses Loopback switch configuration an
23. To use OVPN fist Enable this feature the set up the parameters Settings for OPENVPN Tunnel OPENVPN Tunnel Enabled e Remote Endpoint IP Address 192 168 143 142 Remote Port Protocol UDP e Interface TAP e Masquerade Disabled e Save Please use the COMMIT button to activate your changes Use the blue clickable links at the bottom to edit accordingly the certificates and keys for Open VPN e Client Kev Edit Of course you will need to define and edit suitable Certificates for Certification Authority Then for CRT Client Certificate a Data B Version 3 0x2 Serial Number 2 Ox Signature Algorithm sha1WithRS5AEncr yption Issuer C RO ST BUC L BUCURESTI OzZTOPEX OU ZTOPEX CN TOPEX CA emailAddress vasile iraci topex ro Validity Not Before May 22 15 21 17 2008 GMT Not After July 25 15 21 17 2018 GMT Subject C RO ST BUC L BUCURESTI O TOPEX CN cient emailAddress vasile iracdi topex ro Subject Public Key Info Public Key Algorithm rsaEncryption RSA Public Key 1024 bit Modulus 1024 bit O O0 ba ac bf c be c6 4d f6 f0 84 c1 fd 77 8c 97 93 1581 0b ff 3c c5 38 2a H 28 6c 12 64 39 13 12 9a 61 07 8c 6d 52 4d 85 a0 26 dc c3 7d a4 c2 46 04 3a 5F 47 83 b6 75 e7 2d 9f 3a 36 6d 6f c6 21 e8 35 8a 9c 72 ba 80 5b 1d 59 fre 53 10 08 23 Ld 7 1e f0 92 12 02 75 1c 5f bf 2c d2 4d 2a c6 2a cd 36 5a 5a 1a 47 4 20 64 amp b 69 bd a8 35 41 14 64 80
24. UDP or all Type of Service TOS enabling or not and corresponding TOS match TOS marking enable or disable and corresponding TOS value DIR INT our Lawowano Destination Cog Coa a IN x source KM Source Destination IP 10 0 58 223 192 168 148 209 255 255 255 252 TCP 81 235 91 108 46 193 25 46 77 10 0 0 223 172 163 244 15 39 41 125 78 10 59 125 96 10 0 59 127 8 225 254 132 255 0 0 0 Netmask Protocol Port TOS Match bag 255 255 0 0 UDP 4 Enabled 0x22 Disabled Ox00 255 255 255 254 All 502 Disabled ox00 255 255 255 0 UDP 31021 Disabled ox00 255 255 255 252 UDP 48006 Enabled 0x32 255 255 255 0 All 48620 Disabled 0x00 255 255 255 254 UDP 31022 Enabled 0x28 255 255 255 254 ALL 48615 Disabled 0x00 255 255 255 252 UDP 48007 Enabled Ox2f UDP 397 Enabled ox46 TOS Mark TOS Value raea 7 oes EE EE EE EE Enabled 7 ouo 7 pesti 7o 7 Each record in the marking table may be individually deleted or edited TOS Value Enabled e 0x20 v E Enabled ox28 Enabled e 0x40 vd Enabled 0x38 Enabled e 0x70 vd TOS Mark Enabled 0x90 Enabled e 0x88 vd Enabled e OxAD vd Enabled 0x98_ Disabled 0x00 EditDel Edit Del Edit Del Edit Del Edit Del Edit Del Edit Del Edit Del Edit Del Edit Del Edit Del Enabled Enabled Disabled re 10 0 0 2
25. View Active Rule MASQUERADE Please use the COMMIT button to activate your changes Figure 5 75 The Firewall web page Port Froward and lptables Rules The Firewall page section includes both NAT redirecting addresses port forwarding PAT and Firewall accepts or rejects data packets Thus the Bytton ICR Firewall configuration page features two distinct sections upper pane Port Forward and lower pane Iptables Rules each one with its own Add new and Help links Topex Location System gt Logs ED eg many nl wets Empowering Communicatons Remote User superuser HOME d WAN Settings WAN Port PPPoE PPP TUNNELS ROUTING Firewall No Interface Protocol IPD PortS SameP NewP PortD 1 BRO 193 76 244 115 21 NP Add New Forward Help Routes Dynamic Virtual R T QOS SYSTEM SERVICES SIM Stuff Mo Interface Direction Protocol IP Port Accept Drop 1 GRET1 D ous 10 64 65 65 344 ACCEPT Edit Del Add New Forward Help Commit Advanced Iptables Add Bytton ICR 5 5 ROUTING ee At the bottom of the Firewall page there are another three clickable links Advanced Iptables View Active Rules and Advanced Iptables Add respectively MASQUERADE which will open additional sections View Active Rule MASQUERADE Port forward This section allows the forwarding of firewall ports from the Bytton ICR equipment to a local computer from the covera
26. WAN Port PPPoE PPP Password password ROUTING F SYSTEM Username username PPP Advanced Setings d e dd SERVICES PPP Check Data Link F SIM k stuff Please use the COMMIT button to activate your changes Figure 5 51 Settings for PPP link for the embedded radio modem of Bytton ICR Note The single Sim variant has of course a single entry for APN and a single username password pair but in case of Dual SIM versions there will be two one for each SIM so you will see as detailed below APN SimO and respectively APN Sim1 Username SimO and so on APN SimO0 Access Point Name the name of an access point for the first mobile data network GSM GPRS EDGE or UMTS HSPA The settings here must match with the instructions of your mobile service provider Some mobile Internet carriers rely on authentication via SIM card Caller ID IMSI and thus allow a blank user name and password while other mobile service providers require additional user name and password for authentication Username Sim0 The user name used for log in to the first 3G UMTS or HSPA wireless network such as internet or mobileoperator Password Sim0 The password used for authentication for the respective carrier You should ask your provider for these settings Some network operators do not need username and password log in is allowed or not based upon Caller ID or other equipment specific identification feature Examples The c
27. be STE invalid 192 168 255 255 ff ff ff ftf ff fft static you can clear your ARP cache Arp d and then retry again to establish communication by pinging the remote device you want to connect to Pinging topex ro 193 226 61 45 with 32 bytes of data Reply from 193 226 61 45 bhytes 32 time 2ms TIL 56 Reply from 193 226 61 45 bytes 32 time 3ms TTL 56 Reply from 193 226 61 45 hytes 32 time 4ms TITL 56 Reply from 193 226 61 45 hytes 32 time j3ms TITL 56 Ping statistics for 193 226 61 45 Packets Sent 4 Received 4 Lost B CM loss Approximate round trip times in milli seconds Minimum 2ms Maximum Jms Average Zms New ARP table showing correct entries IP address HW type Flags HW address Mask Device CAs la LOVU 0x1 0x0 00 00 00 00 00 00 x lanO Do uUL0 0x1 0x2 00200 4r 02 15 1982 x bro 140222 1 249947 0x1 0x0 OO200200200200 00 lanO a l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 106 of 272 Bytton ICR 5 CONFIGURATION E 5 2 11 MTU The last element of the LAN menu allows you to set the values for MTU HOME LAN IP Settings DHCP Server o Interface WiFi Settings Bridge VLAN 807 1X Eth Port MAT Help MTU F WAN Interface Status TUNNELS ROUTING SYSTEM SERVICES SIM Please use the COMMIT button to activate your changes di ui Add New Note Although MTU shows up in the LAN section it allows you to set the MTU values for all interfaces of Bytton ICR
28. by joining different physical or logical interfaces In the beginning the Bridge table is empty HOME LAN IP Settings DHCP Server BR IP Metmask WiFi Settings Bridge VLAN 802 1X Eth Port MTU F WAN TUNNELS ROUTING SYSTEM Status Logs Save and Reload Please use the COMMIT button to activate your changes Password date Bridging in Bytton ICR is a logical extension of the concept of Ethernet switch bringing together several real or for logical interfaces Bridging for Ethernet networks essentially involves combining an Ethernet interface with one or more virtual TAP interfaces and joining them together under the umbrella of a single bridge interface Generally Ethernet bridges represent the software analog to a physical Ethernet switch The Ethernet bridge can be thought of as a kind of software switch which can be used to connect multiple Ethernet interfaces either physical or virtual on a single machine while sharing a single IP subnet Most of the applications are related to building virtual private networks for instance by bridging a physical Ethernet interface with an OpenVPN driven TAP interface at two separate locations it is possible to logically merge both Ethernet networks as if they were a single Ethernet subnet l ByttonICR fulli genericUsermanual_sw303FAS_revG_en doc Page 77 of 272 Bytton ICR Netmask 5 CONFIGURATION Le Embeded Modem Le Bridge Help The Bridge f
29. code 014186 or given to a specialized firm Please do not dispose your ROHDE amp SCHWARZ TOPEX S A product as unsorted waste household waste recycle it to protect the WEEE Directive environment Separate the packages according to waste disposal options and sort it for recycling For supplementary information contact us to Phone 4021 408 39 00 or www topex rohde schwarz com Geleet eege ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 5 of 272 Bytton ICR Dear Client p OMS MR I Table of Contents Ree T 2 Ty MINA UG TION 9 o GEET HRC H WEE 12 Sm INGLE NS erae addi E t 13 ec LEE NNI L 15 4 1 Establishing the best location eege 15 4 2 Mounting hardware installation essssseseeeeeeennnnnn 16 A2 RON ZONA ee T Tm 16 a ELA RANONI e BE 17 4 3 Identification of Conpnechors nen nennen eene nennen een 20 4 4 Connecting the data CdDlOS EE 21 4 5 Configuring and installing the GlMcardtiei ccc cccessccesseccesseceesseceesseceesseeessaeees 27 4 6 Connecting the external ANTENNAS eene 29 2 NN PONOT UD seer pects ear AA scien see eased cg atone E 32 Z9 DIALS te Tee E 33 mae HCcUL iae H 34 5 1 Using the Web Interface enne een 34 SN Cl UID El e SCO IW UU ETT 34 21 2 AUtORmale IP ele 36 5 1 9 Manual E ne
30. desktop computers tablets Smartphones and various peripherals or measurement or commercial devices at the same time The access to data traffic does no longer require additional investments on equipment or software router switch software wiring operations Bytton ICR broadband router allows connection to the local network LAN via three Fast Ethernet 10 100 Mbps ports Mobile network Figure 8 1 Illustration of SOHO applications for Bytton ICR ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 245 of 272 Bytton ICR 8 APPLICATIONS Ee These kinds of applications are especially suited for both home and small or medium business network environment where land connections are not readily available and also for field applications taken advanced of the industrial grade built of Bytton ICR and its optional extended temperature range features In addition temporary events festivals sporting competitions trade fairs and exhibitions may benefit from the use of a wireless broadband router for data and voice Even if the temporary event is located in the heart of the city getting a wired broadband connection for only two three days makes no economic sense 8 2 M2M Field Applications Bytton ICR is an industrial grade broadband cellular router so its applications are not limited to home and office as described previously The extended temperature range version when
31. includes several different classes of traffic and can apply filters in order to shape the traffic for each class The terminal classes in a particular queuing discipline are known as a leaf class by analogy to the tree structure of the classes EE LL oe OS OS a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 174 of 272 Bytton ICR 5 5 ROUTING pe M M ae You can see below leaf11 leaf12 and so on CLASS class prio 1 1 parent 1 leaf 11 class prio 1 2 parent 1 leaf 12 class htb 12 11 parent 12 1 leaf 1211 prio 1 rate 600000bit ceil 1200Kbit burst 2Kb cburst 2Kb class htb 12 1 root rate 1200Kbit ceil 1200Kbit burst 2Kb cburst 2Kb class htb 12 13 parent 12 1 leaf 1213 prio 3 rate 240000bit ceil 1200Kbit burst 2Kb cburst 2Kb class htb 12 12 parent 12 1 leaf 1212 prio 2 rate 360000bit ceil 1200Kbit burst 2Kb cburst 2Kb Next the filters associated to each class are shown FILTER filter protocol ip pref 1 u32 filter protocol ip pref 1 u32 fh 800 ht divisor 1 filter protocol ip pref 1 u32 fh 800 800 order 2048 key ht 800 bkt 0 flowid 1 1 match 00380000 00380000 at 0 filter protocol ip pref 3 u32 filter protocol ip pref 3 u32 fh 801 ht divisor 1 filter protocol ip pref 3 u32 fh 801 800 order 2048 key ht 801 bkt 0 flowid 1 2 match 00000000 00000000 at 12 filter protocol ip pref 11 u32 filter protocol ip pref 11 u32
32. ingress ICi dey lanU parent Irii EE e Bytton ICR 5 5 ROUTING M M M M MM M M M mi qdisc prio 1 dev wan root refcnt 2 bands 2 priomap 1111111111111 i d 1 qdisc pfifo 11 dev wan parent 1 1 limit 1000p quasc nto iz dev Wan parent 1 2 r2q 2 default 0 direct packRets stat 27 qdisc sfq 1211 dev wan parent 12 11 limit 127p quantum 1514b perturb 10sec qdisc sfq 1212 dev wan parent 12 12 limit 127p quantum 1514b perturb 10sec qdisc sfq 1213 dev wan parent 12 13 limit 127p quantum 1514b perturb 10sec GULSC ingress irri dev wan parent ILLL IIEL eee GdisC piirto fast 0s dev lan root reicnt 2 bands 3 prnromap 12 2 2 2 1 2 0 0 L1 Ld wu wu gGdisc prio 1 dev br root retcnt 2 bands 2 prriomap 1 11111121111111 LL qdisc pirito liz dev Poel parent Lei limit ip quasc nto IZ dev br parent faz r29 S default 0 direct packets star ol qdisc sto 1211 dev brO parent 12 11 limit 127p quantum 1514b perturb 10sec qdisc sto 1212 dev br parent 12 12 limit 127p quantum 1514b perturb 10sec qdisc sto 1213 dev br parent 12 13 limit 127p quantum 1514b perturb 10sec GUISC Ingress Titik dev bDr parent EE E EE ee qdusce pf lro fast 0 dev pppt toot teicat 2 bands gt praomap aL 2 2 2 Li2 0 011 LI ig d gdisc prito fast 0 dev monwlanU root
33. interface traceroute to topex ro 193 226 61 45 30 hops max 38 byte packets 1 2 172 20 175 201 172 20 175 201 1064 733 ms 1030 544 ms 1127 839 ms 3 172 20 182 46 172 20 182 46 1139 473 ms 1118 869 ms 1019 323 ms 4 MobileCarrierB RoNIX Ro 217 156 113 33 1262 126 ms 1163 873 ms 1235 038 ms 5 EuroWEB RoNIX Ro 217 156 113 6 1327 847 ms 1206 329 ms 1363 900 ms ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 92 of 272 Bytton ICR 5 CONFIGURATION 6 ewro crlil qrli2 buh ew ro 81 24 28 198 1247 112 ms 1271 456 ms 1306 368 ms 7 ip4 81 24 28 213 euroweb ro 81 24 28 213 1355 474 ms 1139 117 ms 1139 388 ms 8 webhosting euroweb ro 193 226 61 45 1259 150 ms 1250 796 ms 1119 130 ms And respectively traceroute to k ro 194 102 255 23 30 hops max 38 byte packets 1 k 2 172 20 175 201 172 20 175 201 2332 538 ms 1386 267 ms 1419 006 ms 3 172 20 182 46 172 20 182 46 1363 214 ms 1270 032 ms 2586 818 ms 4 MobileCarrierB peer astralnet ro 83 103 173 38 1283 790 ms 1324 193 ms 1451 071 ms 5 ro buhOla ril ge 2 1 2 v792 astralnet ro 83 103 173 37 1507 310 ms 1258 578 ms 1207 041 ms 6 95 77 36 69 95 77 36 69 1163 062 ms 1155 097 ms 986 773 ms 7 ro buhOla rdl te 1 3 v520 upcnet ro 95 77 36 253 920 070 ms ro buh0la rd1l te 1 2 v519 upcnet ro 95 77 36 249 1298 911 ms ro buhO01a rd1 te 1 1 v5l8 upcnet ro 95 77 36 245 1238 873 ms 8 ro buhOla ral vi1324 astralnet ro 95 77 36 122 1150
34. light up Autoprovisioning Disabled e Autoprovisioning Enabled HTTP Disabled e HTTP Disabled e FIP Disabled e FIP Disabled e Address Address Path Path Username anonymus Username snonymus Password anonymus i Password snonymus pb Joan A GEESS Figure 5 176 Aspect of the fields of Autoprovisioning ehrn the feature is Disabled and respectively Enabled Ii Then you have to choose by enabling it one of the means of retrieving the configuration file which is stored remotely Bytton ICR 5 5 ROUTING pem H M Autoprovisioning Autoprovisioning Enabled e HTTP Enabled e Address FIP Disabled e Figure 5 176 Aspect of the fields of Autoprovisioning ehrn the feature is Disabled and respectively Enabled The name of the respective configuration file must be the IMEI of the Bytton equipment acting as a unique identifier 355060025698866 355060025642740 352099001761481 353060025638866 4901542032375 etc You can choose as means of retrieval HTTP FTP or TFTP HTTP When you choose the http method the standard HTTP Enabled port is used no authentication is required You must only complete the address where the configuration file is to be found as shown Address 192 168 148 205 FIP Disabled e Figure 5 176 Aspect of the fields of Autoprovisioning ehrn the feature is Di
35. loss gt The message is quite clear the value of 1482 is too high the packets need to be fragmented but you have set the flag DF Do Not Fragment so the packets cannot be transmitted You get 100 loss for the PING data packets Repeat this step by decreasing your current MTU value by 10 and using the PING command again Continue until you no longer receive a message that the packets are fragmented Verify this by pinging with successive size increments decrements smaller than ten as shown Pinging k ro 194 182 255 23 with 1473 bytes of data to be fragmented but DF set to be fragmented but DF set to be fragmented but DF set Packet needs to be fragmented but DF set Ping statistics for 194 102 255 234 Packets Sent 4 Received 8 Lost 4 1HH loss gt 1473 is too large Pinging k ro 194 182 255 253 wath 1472 bytes of data Reply from 194 182 255 235 bytes 1472 time 8ms TTL 58 Reply from 194 182 255 253 hytes 1472 time 84ms TIL 58 Reply from 194 182 255 235 hbytes 1472 time 94ms TTL 58 Reply from 194 182 255 235 bytes 1472 time 8Hms ES Ping statistics for 194 102 255 243 Packets Sent 4 Received 4 Lost B CB loss Approximate round trip times in milli seconds Minimum 8Hms Maximum 8ms Average 8 7ms ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 108 of 272 Bytton ICR 5 CONFIGURATION 1472 seems to be just right The final result is that t
36. the router is said to be the master Routers without control of the virtual addresses are referred to as backups This page lets you configure the ID the interface to be used for VRRP and the corresponding IP address the delay for switching routers and the priority as shown below VRRP LAN F WAN TUNNELS ROUTING F over VRRP Id IP Delay Priority SNMP VRRP SERIAL SMS DDNS NTP Reset Please use the COMMIT button to activate your changes k cr SIM Figure 5 130 Configuring VRRP edit the setting for the virtual router VRRP runs on top of the Internet as its own protocol i e it does not use TCP or UDP and sends its announcements to a multicast address for outer VRRP routers to listen If a backup does not hear from the master after the established delay then the backup will take over through an election process whereby the router with the highest priority within the VRRP routers VRRP Id IF B Delay Priority Enabled LANO WANO v 10 10 10 94 ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 203 of 272 Bytton ICR 5 5 ROUTING p 5 6 2 SNMP Settings for the Simple Network Management Protocol This is a set of protocols for managing complex networks and works by sending messages to different parts of a network Topex Location SNMP gt Settings Empowering Communications Remote User superuser HOME F LAN WAN TUNNELS RO
37. using the link Add New up to four Virtual Table entries VT1 to VT4 Each of the four VT entries may join up to six interfaces of the Bytton equipment Choose for every VT entry the corresponding interfaces IF1 to IF6 from the drop list IF3 IF4 IF5 IF6 rm 11 ni se LANOWANO Embeded Modem e Off bri I m a m ex LANONWANO Embeded Modem WAN bri OVPN TAPO Next you will define the routes for each of these Virtual Routing entries For this use the links located at the bottom of the page VT Links To the left under the table with the four VT entries there are several links to Add New additional pages as shown Add New to add a new entry maximum four Virtual Table Help VT Help help that explains about Virtual Routing VT Routes where you define the routes for each VT entry Virtual Table Routes VT Status shows the current state of the Virtual Routing on Bytton nterface Status the current state of all the physical and logical interfaces Virtual Table Status of the Bytton equipment Interface Status VT Help Displays a Help page for the Virtual Routing tables EE LL 25 5 511 111 11 11 511 1 1 151 a ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 163 of 272 Bytton ICR 5 5 ROUTING EE VT Routes On top of the Virtual table page are displayed the established routes for each of the four VR tables while at t
38. 0 0 220 3D n m n n n ip mpL 4HUDE Con mateh Dx3i2 0xff TOS mat Dx7D U xff Chain INPUT policy ACCEPT 4052 packets 373E byte Pete Byte ta gat pest apt in aut Baa De untinztinsn Chain FORWARD pslicey ACCEPT 71E packata 417E byte pktu Bytes ta qat pret ept in ont Hurmi dantinatisn Chain OUTPUT pelicy ACCEPT 3287 packate 75DUE bytan pkta bytaa tasgat Brest opt in aut Bowe uutinatiecn pktm Byteg ta qgat t uutinatihon gin POSTHOUTING policy AC 4170 packetea LIVE byte DH H TOS udp be Iani HDD Den 10 0 0 0 l1 amp udp dprt 4 tem match xz1 U0xf f TOH get xzd4n0 Uxff DH D Tos udp hel u 0 0 0 u 151 2E 4E U0 24 wip dpr 311021 Tod aat x3iB Uxff DIR Saurcej Destinatian IP Prducd Pat TOS Match TOS Value TOS Mark TOS Value mass c exe T am xe v sm ne sosse SS x v mm n 259110848 sz ER De our el Destination el 18325 4877 une el aim ep 033 Bst De In el m sel 1000223 43005 tuse Oc mon Est Del Embeded Modem e Source 172 158 244 15 M Ox el PR Del Add Hew Marking Hel BACK Then you can edit and Save the respective entry as shown 25 Martang Chain DSREROUTING ipolicy ACCEPT 5622 peckets 12M bytes ptte bytes target prot opt in cut source Geesetinaticn D 0 TOS tep wan e 0 0 2 0 0 191 168 148 108 3D tep dprt 81 Op set Oxz8 0xff o D TOS udp bei 20 0 0 220 35 0 0 0 9 0 wap spt 48006 tcs match x 2 0z77 TOS set Ox C2 Oxff D H TOS dp tand e 35 41 25 78 31 9 0 0 90970 wap pr
39. 0 0 255 255 255 0 U 0 0 0 wan 3 10 0 0 0 0 0 0 0 255 255 255 0 U 0 0 0 brO 109 73 221 0 0 0 0 0 255 255 255 0 U 0 0 0 br4 192 168 0 0 0 0 0 0 255 255 0 0 U 0 0 0 wan 10 0 0 0 0 0 0 0 255 0 0 0 U 0 0 0 bri 0 0 0 0 10 0 58 1 0 0 0 0 UG 0 0 0 bri And respectively Generated by iptables save v1 4 10 on Mon Jul 16 14 10 41 2012 mangle PREROUTING ACCEPT 1467 112797 INPUT ACCEPT 1204 85519 FORWARD ACCEPT 68 7025 OUTPUT ACCEPT 1922 278113 POSTROUTING ACCEPT 2057 287583 COMMIT Completed on Mon Jul 16 14 10 41 2012 Generated by iptables save v1 4 10 on Mon Jul 16 14 10 41 2012 nat PREROUTING ACCEPT 290 28646 OUTPUT ACCEPT 224 14409 POSTROUTING ACCEPT 240 16782 A PREROUTING i br0 p tcp m tcp dport 21 j DNAT to destination 193 76 244 115 47 A POSTROUTING o pppl j MASQUERADE A POSTROUTING o wan j MASQUERADE COMMIT Completed on Mon Jul 16 14 10 41 2012 Generated by iptables save v1 4 10 on Mon Jul 16 14 10 41 2012 filter INPUT ACCEPT 51 1632 FORWARD ACCEPT 68 7025 OUTPUT ACCEPT 1725 267192 A INPUT i lo j ACCEPT A INPUT i br0 j ACCEPT A INPUT p gre j ACCEPT A INPUT m state state RELATED ESTABLISHED j ACCEPT A INPUT p tcp m tcp dport 2601 j ACCEPT A INPUT p tcp m tcp dport 2604 j ACCEPT A INPUT p udp m udp dport 161 j ACCEPT A INPUT p udp m udp dport 162 j ACCEPT A INPUT i tap0 j ACCEPT A INPUT p udp m udp
40. 0 0 FA 5 the signal level is much too low the network related Modem Version SWI9200X 03 00 08 02AP information cannot be displayed Security unlocked But the information related to the equipment IMSI error firmware version version of the GSM or HSPA IMEI 358178040059414 modem IMEI code will still be shown on the Signal Level 4 30 screen Network 0 0 Limited Service 2 Registration offline Ifthe SIM is active and the signal is above zero it will show IMSI and network information even if not properly registered with the mobile carrier you cannot make voice or data calls ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 240 of 272 Bytton ICR TECHNICAL SPECIFICATIONS for Bytton ICR 6 TECHNICAL SPECIFICATIONS for Bytton ICR Cellular networks Depending upon actual type of mobile module used supported It can be GSM GPRS EDGE and respectively UMTS HSDPA HSPA or LTE Frequency bands GSM GPRS EDGE quad band 850 900 1800 1900 MHz HSPA UMTS WCDMA tri band or quad band 850 900 1900 2100MHz LTE quad band 800 900 1800 2100 2600 MHz Supported TCP IP PPP CHAP PAP ARP UDP FTP TFTP OSPF RIP BGP NTP protocols and others Features Full Firewall SPI Router Auto negotiation Auto crossover fully configurable 3 1 switch DHCP Server Remote configuration via Web page Multiple IPs over each interface bridges VLAN Fine tuning of each ETH port Masquerade and MTU adjustable for each interface V
41. 0 0 Uc g J pppl Other examples bro Link encap Ethernet HWaddr 00 19 70 49 F3 D7 inet addri l0 0 0 1 Boast I10 0 0 2593 Mask 252 255 2554 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 10092 errors 0 dropped 0 overruns 0 frame 0 TX packets 17301 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 799516 780 7 KiB TX bytes 22576730 21 5 MiB gretl Link encap UNSPEC HWaddr DA 00 3A 25 00 00 00 00 00 00 00 00 00 00 00 00 inest sddrtsl004 59298 IP L P 102 0 50 0 MdsSkr2054220042092254 UP POINTOPOINT RUNNING NOARP MULTICAST MTU 1476 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 0 0 0 B TX bytes 0 0 0 B lan Link encap Ethernet HWaddr 00 50 C2 F5 23 2A UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 9584 errors 0 dropped 0 overruns 0 frame 0 TX packets 16878 errors l dropped 0 ov rruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 870647 850 2 KiB TX bytes 22358900 21 3 MiB Base address 0x2200 lan0 4 Link encap Ethernet HWaddr 00 50 C2 F5 23 27 inet addr 192 169 1480 205 BOast 192 169 148 255 MasSk 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 0 0 0 B TX bytes 0 0 0 B lan0 2 Link encap Ethernet HWaddr 00
42. 0 dropped 0 overruns 0 frame 0 TX packets 1 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 0 0 0 B TX bytes 46 46 0 B Base address 0x2000 lanl Link encap Ethernet HWaddr 00 50 C2 F5 23 2A inet eddrilizgcle6eclsels BeastelizelGtulslS Migk 2595 2955 2599 252 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 0 0 0 B TX bytes 0 0 0 B lan2 Link encap Ethernet HWaddr 00 50 C2 F5 23 2A inet addPtl72 1698 1L L5 BSHSL l7A2 1698404 2590 Maski255 2559u2990 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 0 0 0 B TX bytes 0 0 0 B l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 57 of 272 Bytton ICR 5 CONFIGURATION MJ mon wlanO0 Link encap UNSPEC HWaddr 00 19 70 49 F3 D7 10 07 00 00 00 00 00 00 00 00 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 88 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 7665 7 4 KiB TX bytes 0 0 0 B wan Link encap Ethernet HWaddr 00 50 C2 F5 23 29 inet addr 192 168 1 148 Bcast 192 168 255 255 Mask 255 255 0 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 14449 errors 0 dr
43. 116 time 3260 654 ms 39 bytes from 209 202 254 14 seq 2 ttl1 116 time 3064 698 ms 209 202 254 14 ping statistics 3 packets transmitted 3 packets received 0 packet loss round trip min avg max 2711 108 3012 153 3260 654 ms PING 209 202 254 14 209 202 254 14 from 192 168 1 148 31 data bytes 39 bytes from 209 202 254 14 seq 0 ttl1 116 time 3189 314 ms 39 bytes from 209 202 254 14 seq 1 ttl 116 time 3080 604 ms 39 bytes from 209 202 254 14 seq 2 ttl 116 time 3276 955 ms 209 202 254 14 ping statistics 3 packets transmitted 3 packets received 0 packet loss round trip min avg max 3080 604 3182 291 3276 955 ms In the same destination source configuration and with identical size and number of PING packets when Ethernet connection is used for WAN the round trip delays will be much shorter that in the previous case when connection was achieved via PPP1 PING 209 202 254 14 209 202 254 14 from 192 168 1 148 31 data bytes 39 bytes from 209 202 254 14 seq 0 ttl 111 time 127 213 ms 39 bytes from 209 202 254 14 seq 1 ttl 111 time 132 594 ms 39 bytes from 209 202 254 14 seq 2 ttl 111 time 127 035 ms 209 202 254 14 ping statistics 3 packets transmitted 3 packets received 0 packet loss round trip min avg max 127 035 128 947 132 594 ms PING 209 202 254 14 209 202 254 14 from 192 168 1 148 31 data bytes 39 bytes from 209 202 254 14 seq 0 ttl 111 time 127 440 ms 39 bytes from 209 202 254 14 seq
44. 122 250 36 kernel link PPP1 10 0 0 0 24 10 0 0 1 kernel link brO 192 168 148 0 24 192 168 148 4 kernel link wan 172 27 0 0 16 172 27 168 71 kernel link lanO 192 168 0 0 16 192 168 1 148 kernel link wan default 10 64 64 65 PPP1 172 27 0 0 16 static link lanO VT3 73 0 0 0 8 static link lanO VT3 10 0 59 64 30 static link brO VT1 10 0 0 0 24 static link brO VT1 10 0 0 0 24 10 0 0 1 static brO VT1 172 27 0 0 16 static link lanO VT1 192 168 1 148 local 192 168 1 148 kernel host wan local 127 255 255 255 broadcast 127 0 0 1 kernel link lo local 172 27 0 0 broadcast 172 27 168 71 kernel link lanO local 10 0 0 1 local 10 0 0 1 kernel host brO local 192 168 148 255 broadcast 192 168 148 4 kernel link wan local 10 0 0 0 broadcast 10 0 0 1 kernel link brO local 93 122 250 36 local 93 122 250 36 kernel host PPP1 local 192 168 255 255 broadcast 192 168 1 148 kernel link wan local 192 168 148 4 local 192 168 148 4 kernel host wan local 192 168 0 0 broadcast 192 168 1 148 kernel link wan local 192 168 148 0 broadcast 192 168 148 4 kernel link wan local 172 27 255 255 broadcast 172 27 168 71 kernel link lanO local 172 27 168 71 local 172 27 168 71 kernel host lanO local 10 0 0 255 broadcast 10 0 0 1 kernel link brO local 127 0 0 0 broadcast 127 0 0 1 kernel link lo local 127 0 0 1 local 127 0 0 1 kernel host lo local 127 0 0 0 8 local 127 0 0 1 kernel host lo local target the destination IP together with its netmask such as 192 168 1 236 20 or 9
45. 168 1 8 0 0 0 0 UG 0 0 0 wan l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 60 of 272 Bytton ICR 5 CONFIGURATION Routes Kernel IP routing table Destination Gateway Cenmask Flags Metric Hef Use Itace 192 168 148 148 3 0 0 0 255 255 255 252 U g O land 109 9 0 0 0 0 0 0 2B5b5 255 255 0 U 2 bro 197 168 1 0 0 0 0 0 255 255 255 0 U g wan Access on WAN side over alternate IP example Suppose you set up 192 168 148 148 as alternate IP address over the WAN interface Mo Interface IP Netmask 1 WAN 192 168 148 148 255 255 255 254 Edit Del 2 Embeded Modem 93 122 254 99 255 255 255 0 Edit Del Following a Commit command and restart the Bytton ICR equipment will be now accessible on the WAN side through its port labeled WWANO LAN at the address for second WAN that was set previously e S A topex Router Configuration keng ini S 3 Topex Location Home Remote User superuser Empowering Communications HOME LAN k wan Configuration sections F TUNNELS ROUTING Welcome to topex Router Configuration pages Wireless LAN Access Point and LAN Ethernet Switch settings WAN interface settings t SYSTEM TL TUNNELS settings F SERVICES ROUTING Firewall and routing settings k SIM SYSTE Operating System settings l cuff SERVICES Configure additional services SIM Operations Configure the VOICE ports It also does answer to PING command in the 192 168 xxx yyy netwo
46. 22 bytton user info kernel RPC Registered udp transport module Jan 1 00 00 22 bytton user info kernel RPC Registered tcp transport module Jan 1 00 00 22 bytton user info kernel RPC Registered tcp NFSv4 1 backchannel transport module Jan 1 00 00 22 bytton user debug kernel PCI CLS 32 bytes default 32 Jan 1 00 00 22 bytton user debug kernel alloc irq desc for 16 on node 0 Jan 1 00 00 22 bytton user debug kernel alloc kstat irqs on node 0 Jan 1 00 00 22 bytton user info kernel Fixed MDIO Bus probed Jan 1 00 00 22 bytton user info kernel Freescale PowerQUICC MII Bus probed Jan 1 00 00 22 bytton user debug kernel alloc irq desc for 48 on node O0 Figure 5 100 The beginning of a typical System Log Afterwards the other application begiin to run on the equipment Correspondingly in the log you will see records of the kernel or of the user debug messages info or warnings Jun 26 10 35 49 bytton daemon debug pppd 3604 Script etc ppp ip up started pid 3691 Jun 26 10 35 50 bytton daemon info dnsmasq 1203 read etc hosts 1 addresses Jun 26 10 36 01 bytton cron err crond 2174 USER root pid 3882 cmd net moni Jun 26 10 36 01 bytton cron err crond 2174 USER root pid 3883 cmd ntpcr Jun 26 10 36 12 bytton daemon debug pppd 3604 Script etc ppp ip up finished pid 3691 status 0x0 Jun 26 10 36 17 bytton user notice root RESTART SERVICES Jun 26 10 36 17 bytton user info kernel br0 port 1 wlanO entering disabled
47. 236 30 static link brO VT4 10 0 0 0 24 static link brO VT4 172 27 0 0 16 static link lanO VT4 172 27 0 0 16 static link lan0 VT2 10 0 0 0 16 10 0 0 1 static brO VT2 10 0 0 0 24 10 0 0 1 kernel link brO 192 168 148 0 24 192 168 148 4 kernel link wan 172 27 0 0 16 172 27 168 71 kernel link lanO 192 168 0 0 16 192 168 1 148 kernel link wan default 192 168 1 8 wan 172 27 0 0 16 static link lanO VT3 10 0 59 64 30 static link brO VT1 10 0 0 0 24 static link brO VT1 10 0 0 0 24 10 0 0 1 static brO VT1 172 27 0 0 16 static link lanO VTl 192 168 1 148 local 192 168 1 148 kernel host wan local 127 255 255 255 broadcast 127 0 0 1 kernel link lo local 172 27 0 0 broadcast 172 27 168 71 kernel link lanO local 10 0 0 1 local 10 0 0 1 kernel host brO local 192 168 148 255 broadcast 192 168 148 4 kernel link wan local 10 0 0 0 broadcast 10 0 0 1 kernel link brO local 192 168 255 255 broadcast 192 168 1 148 kernel link wan local 192 168 148 4 local 192 168 148 4 kernel host wan local 192 168 0 0 broadcast 192 168 1 148 kernel link wan local 192 168 148 0 broadcast 192 168 148 4 kernel link wan local 172 27 255 255 broadcast 172 27 168 71 kernel link lanO local 172 27 168 71 local 172 27 168 71 kernel host lanO local 10 0 0 255 broadcast 10 0 0 1 kernel link brO local 127 0 0 0 broadcast 127 0 0 1 kernel link lo local 127 0 0 1 local 127 0 0 1 kernel host lo local 127 0 0 0 8 local 127 0 0 1 kernel host lo local For VT4 also Virtual Table VT4 1
48. 30 static link bro 10 0 0 0 24 static link bro 10 0 0 0 24 10 0 0 1 static bro 172 27 0 0 16 static link lanO Route List Virtual Table VT2 target gateway source proto scope dev tbl 192 168 148 148 31 192 168 1 8 static wan 172 27 0 0 16 static link lanO 10 0 0 0 16 10 0 0 1 static brO Route List Virtual Table VT3 target gateway source proto scope dev tbl 172 27 0 0 16 static link lanO 73 0 0 0 8 static link lanO ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 164 of 272 Bytton ICR 5 5 ROUTING e M Ml Route List Virtual Table VT4 target gateway source proto scope dev tbl 192 168 1 236 30 static link br0 10 0 0 0 24 static link br0 172 27 0 0 16 static link lanO Defining routes At first this table is empy so you must use Add New to create a new rule No Route IP Netmask Router Interface Metric 1 vri 2 0 0248 Router q 2 10 0 59 67 255 255 755 2532 off 20 3 10 0 58 115 255 255 0 0 10 0 0 1 15 VI IT VUE AC i EC ELE DEE LE then choose for this route the IP and net mask the router and or the interface to be used and the metric No Route IP Netmask Router Interface Metric 2 10 0 59 67 255 255 255 252 off oute 20 Edit e 10 0 58 115 255 255 0 0 10 0 0 1 15 Edit 127 27 45 88 255 255 255 254 off 12 Edit 5 192 168 144 254 255 255 255 254 192 168 1 2 20 Edit Thes
49. 31033 zeg matoh Oxi8 0xf7T TOS sez Ox88 Oxff D 0 TOS udp wlan 10 0 65 122 30 0 0 0 9 0 wap spr 48007 tos ratch 0x2f 0aff TOS set On3G Onff Chain INPUT ipolicy ACCEPT 41230 packets 3234K bytes ptits bytes target pect opt in cut source destisatico Chain FORWARD ipelicy ACCEPT 10532 packets 3315K bytes ptte bytes target pect opt in out source destination Chain OCOTDUT ipelicy ACCEPT 2701S packets 17558EK bytes ptts bytes target prot opt in ous source Geszinaticm Chain SOSTROUTING policy ACCEPT S7410 packets ich bytes pirts bytes target prot opt in out source deszinarion 9 0 TOS wap lano 0 0 0 0 0 10 0 0 0 1 wdp dpt 4 tos match Oxl2 0xmff TOS aet 0x20 0a4ff 0 g TOS ep wan 0 0 0 0 0 193 25 46 0 24 wap dpt 310221 TOS eet 0x233 0x ff a INT Source Oestnason P Netnasi Protocol Port TOS Match TOS Value TOS Mark TOS Yaue Op LANDUWAMO Destraton REESE 8 8 5 lbsscssoo e ps eed fc ees o2 o sl ODISC ELE piilo fasc 0r dev wlan root Tefcnt 2 bands o priomap X 4 Z2 2 01 2 0 0 1 l EZ LZ 3 qdisc prio l1 dev lan root retcnt 2 bands 2 priomap 141 1 112211141411 1 1 LLI qdisc pfifo 11 dev lanO parent 1 1 limit 1000p Gduse hub L2 dev lant parent Jas 129 6 Oerault 0 direct packets Start U qdisc sto 1211 dev lanO parent 12 11 limit 127p quantum 1514b perturb 10sec qdisc sto 1212 dev lanO parent 12 12 limit 127p quantum 1514b perturb 10sec qdisc sto 1213 dev lanO parent 12 13 limit 127p quantum 1514b perturb 10sec EE E
50. 4 6 Indicators and Connectors of Bytton ICR with one serial interface The concrete appearance depends upon the current equipping of the Bytton ICH for instance you may have two SIM slots or a single one one two or none serial interfaces connector and indicator for WiFi access point dual antenna connectors for Mobile and or for WiFi and so on the example above is for a low cost unit with a single serial interface one SIM holder and no WiFi capabilities T on the front panel of the Bytton ICR equipment there are from left to right KK VEH oicall WiFi a e e W WARRANTS LAN au 50M DATA op Figure 4 7 Indicators and connectors of an advanced Bytton ICR fully equipped a first circular RF connector female for the Mobile antenna labeled MOB in case of antenna diversity modules for LTE there are two MOB connectors labeled AUX and respectively MAIN Always thread the connector for Main first one two or none RJ45 connector for serial data link labeled GERT SER2 near the center a second circular RF connector male with protruding pin for the wireless local network labeled WiFi in case of wireless AP type N that use antenna diversity instead of one WiFi there are again two antenna connectors for WiFi They are also labeled AUX and respectively MAIN The connectors for multiple antennas replace the SER connectors the Bytton ICR equipments
51. 50 C2 F5 23 27 inet addk rl172 27 0169 244 Bossbt ill2 2171 7160 2550 Masksi2230 255 2554 0 UP BROADCAST MULTICAST MTU 1500 Metric 1 Base address 0x2000 LG Link encap Local Loopback inet addr 127 0 0 1 4M ask 255 0 0 0 UP LOOPBACK RUNNING MTU 16436 Metric 1 RX packets 1221 errors 0 dropped 0 overruns 0 frame 0 TX packets 1221 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 68033 66 4 KiB TX bytes 68033 66 4 KiB EIL 5 2511 11 1111 1 5 1 1 2 1 1 1 a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 85 of 272 Bytton ICR 5 CONFIGURATION EE mon wlanD Link encapsUNSPEC Hwaddr 00U 19 70 49 ES D7 10 07 00 00 00 00 00 00 00 00 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 1582 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 122456 119 5 KiB TX bytes 0 0 0 B pppl Link encap Porint Lto Pornt Protocol inet addr 93 122 148 90 Pet P 10 51 041 05 Maski2551255912595 205 UP POINTOPOINT RUNNING NOARP MULTICAST MTU 1500 Metric 1 RX packets 16822 errors 0 dropped 0 overruns 0 frame 0 TX packets 9646 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 3 RX bytes 22149899 21 1 MiB TX bytes 704660 688 1 KiB wan Link encap Ethernet HWaddr 00 50 C2 F5 23 29 inet dddr 192 168 1 149 BOASL LOZ2 0108 209 209 Magki 2532 253 0 U0 UP BR
52. 55233 packets S62K bytes pkts bytes terget prot opt in out source destination 0 9 TOS tep bro o 152 1 68 148 208 30 0 0 0 0 0 rcp sprt 21 TOS set Ox28 Uxff 9 TOS ud bri 10 9 0 230 39 2 9 0 0 0 udp spt 48200 toe matoh Om32 OnfT TOS set On70 O0xf7 Chain INPUT ipolicy ACCEPT 4669 packets 429 bytes pete bytes target prot apt in cut source destination Chain FORWARD ipolicy ACCESS 716 packets 417K bytes pete Sytese target Psct cpt iz cut source Jastinaticc Chain OUTSUT policy ACCEPT 3741 packets 321E bytes pkrts bytes target prot opt is Cut source dascinarios Chain POSTRCUTING ipolicy ACCEPT 4653 packets 1250X bytes pkzs bytes target prot cpt in cut scurce destination 9 D Z oy 3 land 9 9 9 9 9 10 0 9 9 1 udp dpt 4 toe match O xzi1 Oxff TOR set Ox40 0x f J 2 TOS udp Ee 2 9 9 0 0 293 35 4 0 24 Sep dpt 31071 TOS eet 0Uzx338 Oxf7 TOS IR INT Source Cestnabon IP Netmask Protocol Port TOS Match Te TOS Mart TOS Value 10 0 58 223 255 255 0 0 4 2x21 Ed Del 192 168 148 209 255 255 255 252 81 AE Co Del 235 91 104 4 235 253 255 254 502 LES Con Le 193 25 45 77 255 255 255 0 31021 0x00 10 0 0 223 255 255 255 252 48006 0x32 CM DE 172 168 244 15 255 255 255 0 48520 UG Co Del It also has two parts the upper area displays the current marking rules while the table for packet marking per direction and IP is located at the bottom Marking List Chain PREROUTING policy ACCEPT 2918
53. 7 43AP Security unlocked IMSI 226102100414755 IMEI 355060025698866 Signal Level 12 30 Network 0 0 RO ses 5 2 Registration online Modem connection stopped PPPOE connection offline Firmware Version topex 3 0 3 c FA S Modem Version KA 0 7 43AP Security unlocked IMSI 226102410043179 IMEI 355060025698866 Signal Level 14 30 Network 0 0 RO Provider A 3 Registration online Reload Figure 5 148 Status page example access and aspects for connection stopped Or Bytton ICR 5 5 ROUTING Modem connection online IP 33 122 148 36 PPPOE connection offline Firmware Version orange 3 0 0 FA O b Modem Version K2 0 7 43AP Security unlocked IMSI 226102100414755 IMEI 355060025698366 Signal Level 14 30 Network 0 0 RO aeons A Registration online Figure 5 148 Other status page example modem connection online and mobile IP shown While the configuration web pages shown previously are for configuring the Bytton ICR equipment and are accessible only with log in you have access if you enter the correct user name and password the Status Page can be accesses by any user it does not request a password for log in The Status Page shows you the essential parameters of the Rohde amp Schwarz Topex S A Bytton ICR wireless router that are available in the web page SIM Status and System Status described previously Modem Data connection it may be offline online or stopped When i
54. 7878 localhost 42624 TIME WAIT tcp 0 0 localhost 7878 localhost 42619 TIME WAIT tcp 0 0 localhost 7878 localhost 42620 TIME WAIT tcp 0 0 localhost 7878 localhost 42625 TIME WAIT tcp 0 0 localhost 7878 localhost 42617 TIME WAIT udp 0 0 0 0 0 0 domain 0 0 0 0 udp 0 0 0 0 0 0 bootps 0 0 0 0 udp 0 0 0 0 0 0 1967 0 0 0 0 raw 0 0 0 0 0 0 89 0 0 0 0 7 Active UNIX domain sockets servers and established Proto RefCnt Flags Type State I Node Path unix 2 ACC STREAM LISTENING 1617 var run zserv api unix 2 ACC STREAM LISTENING 1625 var run zebra vty unix 2 ACC STREAM LISTENING 1641 var run ospfd vty unix 2 DGRAM 476 Q org kernel udev udevd unix 12 DGRAM 718 dev log unix 2 DGRAM 2039 unix 2 DGRAM 1958 unix 3 STREAM CONNECTED 1644 var run zserv api unix 3 STREAM CONNECTED 1643 unix 2 DGRAM 721 Or no Internet connections are available for the moment hence the mention without servers and the links are time waiting Active Internet connections w o servers Proto Recv Q Send Q Local Address Foreign Address State tcp 0 O nu11 7878 null 54582 TIME WAIT tcp 0 O null 7878 null 41243 TIME WAIT tcp 0 O null 7878 null 54580 TIME WAIT tcp 0 O null 7878 null 54579 TIME WAIT tcp 0 O null 7878 null 41241 TIME WAIT tcp 0 O null 7878 null 41242 TIME WAIT tcp 0 1276 null 443 null 64416 ESTABLISHED tcp 0 O null 7878 null 41255 TIME WAIT tcp 0 O
55. ACCEPT A INPUT p tcp m tcp dport 0 j ACCEPT A INPUT p tcp m tcp dport 0 j ACCEPT A FORWARD p gre j ACCEPT A FORWARD m state state RELATED ESTABLISHED j ACCEPT A FORWARD p tcp m tcp tcp flags SYN RST SYN j TCPMSS clamp mss to pmtu A FORWARD d 193 76 244 115 32 p tcp m tcp dport 47 j ACCEPT A FORWARD i ppp3 j ACCEPT A FORWARD i tap0 j ACCEPT A OUTPUT p tcp m tcp tcp flags SYN RST SYN j TCPMSS clamp mss to pmtu COMMIT Completed on Fri Jun 22 07 49 03 2012 Generated by iptables save v1 4 10 on Fri Jun 22 07 49 03 2012 mangle PREROUTING ACCEPT 3352 287121 INPUT ACCEPT 2965 228673 FORWARD ACCEPT 274 52886 OUTPUT ACCEPT 2617 264687 POSTROUTING ACCEPT 2891 317573 COMMIT Completed on Fri Jun 22 07 49 03 2012 Generated by iptables save v1 4 10 on Fri Jun 22 07 49 03 2012 nat PREROUTING ACCEPT 375 39168 OUTPUT ACCEPT 279 18046 POSTROUTING ACCEPT 186 11701 A PREROUTING i br0O p tcp m tcp dport 21 j DNAT to destination 193 76 244 115 47 M ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 155 of 272 Bytton ICR 5 5 ROUTING EE A POSTROUTING o ppp3 j MASQUERADE A POSTROUTING o tap0 j MASQUERADE A POSTROUTING o pppl j MASQUERADE A POSTROUTING o wan j MASQUERADE COMMIT Completed on Fri Jun 22 07 49 03 2012 Add New Routes Help For further details click the Routes help link BEEN to see the embedded h
56. Bcast 192 168 148 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 Base address 0x3000 wan 3 Link encap Ethernet HWaddr 00 50 C2 F5 23 29 inet addr 192 168 148 149 Bcast 192 168 148 255 Mask 255 255 255 254 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 Base address 0x3000 wlanO Link encap Ethernet HWaddr 00 19 70 49 F3 D7 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 135 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 0 0 0 B TX bytes 13640 13 3 KiB The respective additional addresses show up also in the Routing Table of Bytton Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10 0 59 18 0 0 0 0 255 255 255 254 U 0 0 0 brO 192 168 148 148 0 0 0 0 255 255 255 254 U 0 0 0 wan 10 0 0 252 0 0 0 0 255 255 255 252 U 0 0 0 bro 192 168 148 148 0 0 0 0 255 255 255 252 U 0 0 0 lanO 172 168 27 0 0 0 0 0 255 255 255 0 U 0 0 0 lanO 10 0 0 0 0 0 0 0 255 255 255 0 U 0 0 0 brO 192 168 148 0 0 0 0 0 255 255 255 0 U 0 0 0 wan 192 168 0 0 0 0 0 0 255 255 0 0 U 0 0 0 wan 0 0 0 0 192 168 1 8 0 0 0 0 UG 0 0 0 wan Aditional IP Loophack This is a virtual local interface used for test purposes Figure 5 21 LAN configuration page access the link SW LAN1LANZ Loopback Click the blue link Loopback to enter its configuration page as shown next a l ByttonICR fulli genericUsermanual s
57. Broadcast subnet mask MTU value metric statistics packets errors collisions mega bytes transferred for the reception RX and respectively transmission RX The logical or virtual interfaces such as bridges are indicated by a digital point such as 0 0 or 1 5 or by numbers following the name Being just aliases they share all the same physical address and they show no information about actual data transfers bytes and packets sent and received BrO is the default bridge lan is the physical two port Ethernet switch wan is the Ethernet WAN connection while lanO is the LAN WAN configurable port When you configure each local port with its own IP address lan1 and lan2 will also show up by default they are joined in the same physical switch Wlan0 is the wireless LAN the embedded WiFi access point Lo is the Local Loopback interface The same parameters are shown for the virtual local loopback interface at the standard address for loopback 127 0 0 1 oince it is a loopback interface the number of bytes sent out will always be identical to the number of bytes received A few commented examples will show how Iface Status may be used to find out what is going on over the interfaces of Bytton ICR bro Link encap Ethernet HWaddr 00 19 70 49 F3 D7 inet addr l10 0 0 5 BOsSt210 0 0 255 Mask 2954 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 939212 errors 0 dropped 0 overruns 0 frame 0 TX pack
58. Bytton ICR 5 CONFIGURATION EECH lo Link encap Local Loopback inet addr 127 0 0 1 Mask 255 0 0 0 UP LOOPBACK RUNNING MTU 16436 Metric 1 RX packets 530 errors 0 dropped 0 overruns 0 frame 0 TX packets 530 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 29284 28 5 KiB TX bytes 29284 28 5 KiB mon wlanO0 Link encap UNSPEC HWaddr 00 19 70 49 F3 D7 10 07 00 00 00 00 00 00 00 00 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 50 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 4313 4 2 KiB TX bytes 0 0 0 B wan Link encap Ethernet HWaddr 00 50 C2 F5 23 29 inet addr 192 168 1 148 Bcast 192 168 255 255 Mask 255 255 0 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 6043 errors 0 dropped 0 overruns 0 frame 0 TX packets 174 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 382541 373 5 KiB TX bytes 26281 25 6 KiB Base address 0x3000 wlanO Link encap Ethernet HWaddr 00 19 70 49 F3 D7 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 41 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 0 0 0 B TX bytes 13386 13 0 KiB Iface Status shows details about all the interfaces of Bytton Info about the real Ethernet interfaces include MAC physical address Internet address logical address
59. ByttonH5PA Connect questwifi Connect Productie Connect testl1z34 D bi nb Help Check Station Please use the COMMIT button to activate your changes 1 When you set the Bytton s WiFi to Station instead of Access Point its green indicator LED will turn off the wireless module is active but it functions as a client not as server 2 If you look at Bridge Status you will notice that BRO now contains only the lan Ethernet port wlanO was taken out of the default local bridge bridge name bridge id SIP enabled interfaces br aggoga ogg5 gczr5232a na lan 3 Asaconsequence of being removed from the default bridge brO Interface in this configuration the WiFi module acting as client Station shows up in the Interfaces drop list as WEI sta a distinct interface or WIFI sta M Router BRO LANO WVANO Bytton while previously in was included in the BRO default local bridge Embeded Modem W AM Connections to WiFi AP s In the System Log of Bytton ICR you o can see these connections Jul 13 13 06 30 bytton user notice root LOG guestwifi Jul 13 13 05 50 bytton user info kernel br0 port 2 wlan0 entering learning state Jul 13 13 06 01 bytton cron err crond 1640 USER root pid 5330 cmd net moni Jul 13 13 06 01 bytton cron err crond 1640 USER root pid 5331 cmd ntpcr Jul 13 13 06 05 bytton user info kernel br0 port 2 wlan0 entering forwarding state Jul 13 13 06 30 bytton user notice root LOG guestwifi
60. Enabling and choosing server for the NTP Client service NTP Service Enabled or Disabled By default it is disabled MTF Service Disabled m Server pool ntp org Current time is Thu Jan 1 00 08 14 UTC 1970 Server enter the full name of the NTP server you want to use such as utcnist colorado edu or ro pool ntp org Even if the time server has a static IP address it is always recommended to use DNS to resolve the name timp mcti ro or ntp sv2 ro and not to enter the IP address like 80 96 120 251 or 81 180 122 154 The Current time indicator shows the current UTC time Universal Coordinated Time of the system with millisecond precision If NTP feature is not active you have disabled it the MTP Service Disabled selected server is not online or you have no connection to SE pool ntp org the Internet it will display the default UTC date time which Ge is Jan 1 2000 and 0 00 E Current time is Sak Jan 1 00 05 41 UTC 2000 When it becomes active it shows the current UTC time NTP Service Enabled e NTP Service Enabled e server 80 96 120 251 Server 192 168 168 168 Current time is Fri Jul 6 11 43 06 UTC 2012 Current time is Fri Sep 28 10 58 18 UTC 2012 Figure 5 149 Examples of current time display when NTP Service is enabled Friday September 28 2012 This UTC time may be different from the local time of your computer ByttonICR fulli genericUsermanual sw30
61. HDD the folder Saves on disk drive C in the above example instead of the default setting of the Internet browser When you manage not a single Bytton ICR but many routers and you have to maintain different confgurations you can divide the Saves folder into several sub folders for speciffic applications or machine ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 198 of 272 Bytton ICR 5 5 ROUTING E The simplest way is to keep a single folder but to change the default name bytton sav into a name meaningful for your actual configuration that you need to save After the downloading of the configuration file has ended successfully the operating system will show a confirmation message such as these The bytton301 initial sav download has completed pen Open folder View downloads Or The byttonPPP1 sav download has completed pen x Open folder View downloads Figure 5 120 Message that confirms the saving the configuration file for Bytton ICR Note t is highly recommended that you backup your configuration from time to time This way you can always load the saved configuration if there is need For instance when you perform a Restore to factory defaults all previous settings are lost If you have saved the configuration you can load it back to perform changes Also you should perform a Save before using Update to load a new software image since the new firmware could erase some of
62. IPSec OVPN and PPTP are supported For instance you can define up to twenty IPSEC tunnels Since this product is Linux based applications to enhance Bytton HSDPA or to customize it can be quickly designed by our software developers according to the special needs of various clients Our best technical experts are available for your technical questions around the clock if you sign up our technical support offer In addition the software upgrades can be done remotely via Internet and are free of charge The Bytton family is a highly versatile solution its embedded firmware can be easily upgraded over the Internet p H ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 14 of 272 Bytton ICR 4 INSTALLATION po 4 INSTALLATION In order to ensure the proper operation of the Bytton ICR equipment you must follow the set up steps shown below Establish the best location Mounting Hardware installation Identification of connectors Connecting the data cables Connecting the telephone cables for the versions with FXS port Configuring and installing the SIM cards Connecting the external antennas for Mobile and respectively for WiFi Power up 4 1 Establishing the best location In order to determine the best location for the ROHDE am
63. Integrity Protocol is an enhanced data encryption weraseanty paz technology that provides important data encryption enhancements including a WPA Key eege per packet key mixing function a message integrity check MIC an extended s initialization vector IV with sequencing rules and a re keying mechanism AES Advanced Encryption Standard which is an encryption algorithm highly recommended to ensure privacy of commercial transactions in the private sector Figure 5 37 Select and set up the advanced WPA Security features Of course you should replace the default generic passphrase WPA Key 99wpapskkey11 with a password of your own ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 72 of 272 Bytton ICR 5 CONFIGURATION MAC Security Controls access to the Wi Fi network based upon MACs physical addresses of the client devices By default MAC Security is Disabled allowing any l nore MAC Securit Al wireless client to connect without checking its MAC TUM ES address MAC Address 1 MAC Address 2 You can enter up to five MAC addresses to be filtered by MAC Address 3 this kind of physical ID security MAC Address 4 MAC Address 5 00 2a 3 93 a1 07 Figure 5 38 Enable and configure MAC Security for WiFi Disabled by default the MAC based security feature is disabled so the fields below are gray inactive Allow only users with the MAC addresses listed below will be allowed to join
64. Jul 13 13 06 31 bytton user notice root CONNECT ON WIFI AP guestwifi Jul 13 13 06 31 bytton user info kernel device wlanO0 left promiscuous mode Jul 13 13 06 31 bytton user info kernel br0 port 2 wlan0O entering disabled state Jul 13 13 07 01 bytton cron err crond 1640 USER root pid 5510 cmd net moni Jul 13 13 08 01 bytton cron err crond 1640 USER root pid 5633 cmd net moni Jul 13 13 09 01 bytton cron err crond 1640 USER root pid 5744 cmd net moni Jul 13 13 09 01 bytton cron err crond 1640 USER root pid 5745 cmd ntpcr Jul 13 13 10 01 bytton cron err crond 1640 USER root pid 5864 cmd net moni l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 70 of 272 Bytton ICR 5 CONFIGURATION Ee Jul 13 13 10 59 bytton user notice root LOG Productie Jul 13 13 11 00 bytton user notice root CONNECT ON WIFI AP Productie Jul 13 13 11 01 bytton cron err crond 1640 USER root pid 6038 cmd net moni Also in ROUTING gt Routes you can see now the route for the wlan local wireless interface Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10 64 64 65 0 0 0 0 255 255 255 255 UH 0 0 0 pppl 192 168 148 4 0 0 0 0 255 255 255 254 U 0 0 0 wan 172 27 1 0 0 0 0 0 255 255 255 0 U 0 0 0 wlanO 191 168 1 0 0 0 0 0 255 255 255 0 U 0 0 0 brO 192 168 0 0 0 0 0 0 255 255 0 0 U 0 0 0 wan 0 0 0 0 10 64 64 65 0 0 0 0 UG 0 0 0 pppl The wifi connection to 172 27 1 1 may be also seen in the System Log Jul 19 1
65. OSPF networks where the OSPF protocol itself would become inoperative Also the usage of BGP allows for increased redundancy This is why the Dynamic routing feature of Bytton ICR does include the BGP protocol too besides RIP and OSPF Dynamic Routes Dynamic Routing BGP Web VTY Shell Please use the COMMIT button to activate your changes Quagga routing Quagga is a routing software suite for Unix platforms such as Linux and it has been embedded into the Bytton ICR firmware It provides implementations of OSPF RIP and BGP 4 The architecture of Quagga consists of a core daemon and several clients which typically implement a routing protocol and communicate routing updates to the daemon Currently there are clients for various dynamic routing protocols OSPF RIP and BGPv4 In order to configure the static or dynamic routes with Quagga the system administrator must connect to the programming console of BYTTON via SSH Topex Bytton ICR lets you choose for dynamic routing the protocol that you think is the best for the actual condition of your applications Dont forget to click the Save button and then Commit to make permanent the change you performed VTY console When you enable Dynamic routing select RIP or OSPF a new link appears in the configuration window Web VTY Shell Top ex d Location ROUTING gt Dynamic Empowering Communications Remote User superuser HOME LAN D ynamic Routes F WAN TUNNELS
66. SMS Read ID STATUS FROM DATE TEXT REC READ 40754043064 12 06 28 10 56 104 12 another SMS test REC READ 40732056277 12 06 28 10 30 50 12 janet will arrive tomorrow A 2dr REC READ 40754043064 12 06 28 11 11 11412 never forget to comply with safety instructions REC READ 440754043064 12 07 06 15 42 38 412 first page will be overwritten now Logs oe PS p 45 33 42 alata facturi dvs a fost inregistrata in contul Orange In consecinta abonamentul REC READ 411 12 06 25 16 27 13 12 eet 7 onectat REC READ 30732056277 12 06 28 11 30 45 12 AT CGSN REC READ 40754043064 12 07 06 15 53 10 12 nothing to configure works in full auto mode Password Update Defaults Save CFG Load CFG Y SERVICES SNMP VRRP SERIAL SMS DONS NTP Reset MEL Status Settings SMS Read SMS Send l Stuff Commit REC READ 440754043064 12 06 06 13 27 48 12 Will achieve connection using PPPOE REC READ 440749068601 12 06 06 13 28 15 12 My number is ok 10 REC READ 40749068601 12 06 06 13 29 51 12 TII call you back soonest 11 REC READ 40732056277 12 07 05 10 41 57 12 Ok 12 REC READ 440753779863 12 07 05 17 56 11 12 Ai 19 7193 Euro credit activ indusiv pana la 10 08 2012 13 REC READ 440753779863 12 07 05 17 57 09 12 Ai 20 3423 Euro credit activ inclusiv pana la 10 08 2012 14 REC READ 440753779863 12 07 06 12 21 28 12 Ai 19 136 Euro credit a
67. Setting Remote Log Ip for the System Log When you leave this address to the default 0 0 0 0 it means the log won t be sent it will be available only locally After issuing a Commit the Bytton ICR will restart operation with the log sent to the remote machine The System gt Logs window the Web browser will be empty since the log is sent only to the specified IP address Topex Location System gt Logs Remote User superuser HOME LAN WAN T Remote Log IP TUNNELS ROUTING SYSTEM Status Password Update Please use the COMMIT button to activate your changes Defaults System Logs Note The remote machine must run a Syslog client such as the syslogd daemon under Linux or a corresponding syslog client application for Windows l ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 190 of 272 Bytton ICR 5 5 ROUTING EA An example of a free Syslog Daemon program for Windows is Kiwi from Kiwi Enterprises aR 5100 Statistics DT EEE EERE EERE ERE bh History Thr History 24hr Severity Top 20 Hosts Counters Figure 5 102 Syslog Statistics in Kiwi Syslog Daemon Help F1 Refresh F5 Close See below an extract form the screen of the Kiwi program which runs on the destination PC and receives the Syslog sent out by Bytton ICR device Zi Kiwi Syslog Daemon ersion 7 2 35 File Edit wiew Help 20 gu A Fe Display 00 Deta 7 RECTE HAC NER VERRE 04 11
68. TOS set tos 0x88 0xff A PREROUTING s 10 0 59 120 30 i wlan0 p udp m udp sport 48007 m tos tos Ox2f Oxff j TOS set tos 0x98 0xff A POSTROUTING d 10 0 0 0 16 o lanO p udp m udp dport 4 m tos tos 0x22 0xff j TOS set tos 0x20 0xff A POSTROUTING d 193 25 46 0 24 o wan p udp m udp dport 31021 j TOS set tos 0x38 0xff A POSTROUTING d 87 0 0 0 8 o wlanO p udp m udp dport 397 m tos tos 0x46 0xff COMMIT Completed on Wed Jul 11 14 28 56 2012 l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 182 of 272 5 5 SYSTEM Shows the current state of the Bytton ICR equipment and the logs also allowing you to perform several system related operations Top ex Location SYSTEM Remote User superuser Empowering Communications HOME LAN WAN Configuration sections TUNNELS System Configuration Pages gt ROUTING View current status Internet connection traffic counters etc pn View or save system log files SYSTEM Firmware update Status assworc Change the administrator password Logs efa Restore factory defaults Save current configuration Load a configuration file Password Update Defaults When you are done please use the COMMIT button to activate your settings save CFG Load CFG SERVICES SIM Stuff Figure 5 94 Aspect of the SYSTEM Web Page The system configuration pages include these settings Status displays the current status of the BYTTON
69. TRX File 15 908 KB ual3 z j topex 3 0 1 FA S txt J 13 201211 115 AM Text Document 1 KE ana p ia 7 orange 3 0 0 FA O trx 6 13 2012 3 42 PM TRX File 15 903 KB A Lj orange 3 0 0 FA O txt 6 13 2012 3 42 PM Text Document 1 KB eeng 2 tonex 3 0 0 FA 5 trx 5 1 201211 32 AM TRX File 15 728 KB Figure 5 106 Listing of a directory holding several firmware image files For instance the firmware image files as shown above may be located in the folder Updates located on the C partition of the hard drive of the PC Select the file you want In this case topex 3 0 1 a FA S trx and press Open EJ TOp amp X 3 U Z F4A 2 DXT ASA LL 335 ANI Let L OCumenr 1 KB en 2 topex 3 D 3 a FA S trx 7 19 2012 1 28 PM TRX File 15 928 KB Lj topex 3 0 3 a FA S txt 7 19 2012 1 29 PM Text Document 1 KB E a vodafone 3 0 0 FA V T trx 5 7 201211 30 AM TRX File 15 741 KB H vodafone 3 0 0 F V T txt 5 7 2012 11 30 AM Text Document 1 KB la Hn i j Filename topex 3 0 3 a FA S trx T Figure 5 108 Selecting the software image to be uploaded Note Each firmware file has an associated Control Sum The control sum is a string of hexadecimal figures such as f2209c63972be34f55d4e69090042093 and it is stored in a text file with txt extension with the same name as the firmware image Using a control sum prevents you from loading a corrupted image The Control Sum is located in a txt with the same name as the firmware T
70. The System Log will show accordingly how they are used when Bytton achieves a connection through the WAN port Jul 4 10 20 36 bytton daemon info dnsmasq 1201 reading etc resolv conf Jul 4 10 20 36 bytton daemon info dnsmasq 1201 using nameserver 172 27 168 7 53 Jul 4 10 20 36 bytton daemon info dnsmasq 1201 using nameserver 192 168 1 88453 Jul 4 10 20 36 bytton daemon info dnsmasq 1201 DHCPREQUEST brO 10 0 0 13 00 06 4 02 15 82 Jul 4 10 20 36 bytton daemon info dnsmasq 1201 DHCPACK brO 10 0 0 13 00 06 4 02 15 82 VO000073 ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 118 of 272 Bytton ICR 5 CONFIGURATION EE 5 3 4 PPPoE Settings for the connection used Point to Point Protocol over the Ethernet PPPoE is a protocol for encapsulating the PPP link over Ethernet thus providing the benefits of PPP such as security encryption and control of connection data rate over an 802 3 network It is used for broadband Internet connections such as DSL or ADSL thus it is useful when the WAN connection of Bytton ICR is achieved by a cable or ADSL modem instead of the HSDPA network TOpex i Location WAN PPPaE Empowering Communicatio Remote User superuser HOME ELAN Settings for PPP over Ethernet connections Y WAN Settings WAN Port Username pppoeuser Password pppoepass SR Redial Period PPP Idle Time F TUNNELS MTU 1500 ROUTING P SYSTEM SERVICES SIM Please use the COMMIT button to a
71. antennas are available only upon special request In order to ensure a correct installation configuration and a good operation of the Bytton ICR equipment the manufacturer strongly recommends you to study this manual before attempting operation ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 11 of 272 Bytton ICR 2 PACKAGE CONTENT 2 PACKAGE CONTENT The component elements that you may identify upon opening the Bytton ICR package are shown below When you open the equipment package please ensure using this list of items that you have the full content Component Image Component Description Bytton ICR unit in its metallic case It is a 3G AG router with embedded firewall an tunneling solution for wired and or wireless local computer networks which allows secure mobile high speed access to Internet using the 3G network or other WAN connections Power supply switching mains adapter Input 100 240Vac Output 12Vpc 2 1A Power Max Output 24 W Ethernet cable for local network connection A piece of UTP straight cable with RJ 45 connectors Stick antenna for WiFi Special antenna for the embedded Access Point the connector can be bended at 90 or rotated for getting the best signal The N type WiFi may use dual antennas Antenna adequate for the mobile module used on the respective Bytton It may be a quad band stick for GSM HSPA with magnetic base and 2 5 m long cable In case of Bytton I
72. both PAP and CHAP while PAP means it will force accepting only PAP MEL rr password authentication refusing CHAP and respectively CHAP means it Password cpap will accept only CHAP challenge authentication and refuse PAP PAP Password Authentication Protocol the most basic form of authentication used by Basic Authentication feature built into the HTTP protocol Here your users name and password are transmitted over a network and compared to a table of name password pairs passwords stored in the table are typically encrypted It is simple but does not ensure security CHAP Challenge Handshake Authentication Protocol is a more advanced method type challenge response Here the authentication agent typically a network server sends to the client program a key to be used to encrypt the username and password This enables the username and password to be transmitted in an encrypted form to protect them against eavesdroppers The ID value is increased with each CHAP dialogue to protect against replay attacks so CHAP provides a moderate degree of security Route Default route Disabled Default route Disabled or Enabled IP Address 84 3 51 98 This is a new feature allows you to ask the Internet provider for Gateway a static address Usually the ISP assigns you the first available address each time you connect Now you have the options either to accept the dynamic address assigned by DHCP or to ask for a specific static address
73. dport 4500 j ACCEPT A INPUT p ipv6 auth j ACCEPT A INPUT p udp m udp sport 500 dport 500 j ACCEPT A INPUT p ipv6 crypt j ACCEPT A INPUT p tcp m tcp dport 0 j ACCEPT A INPUT p tcp m tcp dport 0 j ACCEPT A FORWARD p gre j ACCEPT A FORWARD m state state RELATED ESTABLISHED j ACCEPT A FORWARD p tcp m tcp tcp flags SYN RST SYN j TCPMSS clamp mss to pmtu A FORWARD d 193 76 244 115 32 p tcp m tcp dport 47 j ACCEPT A FORWARD i tap0 j ACCEPT A OUTPUT p tcp m tcp tcp flags SYN RST SYN j TCPMSS clamp mss to pmtu COMMIT Completed on Mon Jul 16 14 10 41 2012 l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 143 of 272 5 4 1 Firewall Bytton ICR comes with a default firewall configuration which ensures the security of your local network Thus the Firewall table is at first empty here you should define additional forwarding and filtering rules TO pex Location System gt Logs Empowering Communications Remote User superuser E g HOME F LAN TUNNELS ROUTING Firewall No Interface Protocol IPD PortS SameP MewP PortD 1 BRO MM TCP 193 7 6 244 115 21 MP e 47 Edit Del Routes Dynamic Virtual R T gos k SYSTEM SERVICES d dir Add New Forward Help Ho Interface Direction Protocol IP Port Accept Drop 1 Output ICMP 10 64 65 65 344 ACCEPT Edit Del Commit Add Mew Forward Help Advanced Iptables Add
74. encap Point to Point Protocol inet addr 93 122 148 36 P t P 10 64 641 65 Mask 255 255 255 255 UP PFOINTOPOINT RUNNING NOARP MULTICAST MIU 1500 Metric l RS packets 2Zl errors 0 dropped 0 owerruns 0 frame T packets 107 errors 0 dropped 0 owerruns 0 carrier 0 eollisions 0 tzxzqueuelen 3 Ha bytes 3222 3 1 KiB TH bytes 5375 5 2 KiB Link encap Ethernet HWaddr 00 159 70 49 F3 D UP BROADCAST RUNNING MULTICAST MIU 1500 Metric 1 EX packets 948 errors 0 dropped 9 overruns 0 frame Tx packets 2940 errors 0 dropped 0 overruns 0 carrier collisinans tzxqueuelen 1000 RA bytes 147289 143 8 KiB IX bytes 531090 518 6 KiB Test Met Figure 5 89 Details of Interface Status window including the Reload button ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 158 of 272 Bytton ICR 5 5 ROUTING RIDERS 5 4 3 Dynamic routes The last configuration page in Routing is for dynamic routing As an alternative to defining static routes for the connection of your network to the Internet using Bytton you may choose Dynamic Routing Top ex d Location ROUTING gt Dynamic Empowering Communications Remote User superuser HOME LAN Dynamic Routes E WAN F TUNNELS ROUTING Firewall Routes Dynamic Please use the COMMIT button to activate your changes Virtual R T gos Dynamic Routing Disabled e Figure 5 90 ROUTING page section Dynamic Routes You may select to leave t
75. fh 801 ht divisor 1 filter protocol ip pref 11 u32 fh 801 800 order 2048 key ht 801 bkt O flowid 12 11 match 00400000 00400000 at O filter protocol ip pref 11 u32 fh 801 801 order 2049 key ht 801 bkt O flowid 12 11 match 00010000 00ff0000 at 8 filter protocol ip pref 12 u32 filter protocol ip pref 12 u32 fh 800 ht divisor 1 filter protocol ip pref 12 u32 fh 800 800 order 2048 key ht 800 bkt O flowid 12 12 match 00480000 00480000 at O filter protocol ip pref 12 u32 fh 800 801 order 2049 key ht 800 bkt O flowid 12 11 match 00060000 00ff0000 at 8 match 05000000 0 00ffcO at 0 match 00100000 00ff0000 at 32 filter protocol ip pref 20 u32 filter protocol ip pref 20 u32 fh 802 ht divisor 1 filter protocol ip pref 20 u32 fh 802 800 order 2048 key ht 802 bkt 0 flowid 12 13 match 00000000 00000000 at 12 Links At the bottom of the screen under the last listing FILTER there PZ are three clickable links QOS Marking QOS Class and respectively the Help for QOS packet marking and sorting into EE classes Marking Hec EIL 151 1 1511 111 111 1 OO a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 175 of 272 Bytton ICR 5 5 ROUTING pu M M M M M MM M M MH M Mm QOS Marking This page marks the data packets according to type input or output source destination IP port number and protocol used Chain DREROUTING ipolicy ACCEPT
76. in the field which are connected via OVPN tunnels OpenVPN connections can be tunneled through almost every firewall and proxy The OVPN Server running on Bytton ICR can be configured to run either as a TCP or as UDP As can bee seen from the configuration page just a single port in the firewall must be opened to allow incoming connections Its masquerading feature means there are no problems with NAT Both OpenVPN server and clients can be within a network using only private IP addresses Every firewall can be used to send the tunnel traffic to the other tunnel endpoint It also provide Transparent high performance support for dynamic IPs Both tunnel endpoints can have low cost broadband access with dynamic IPs The changes of IP on either side will be seldom seen by the users EIL 1 151 11 111 111 1 1 515 111 OS a ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 138 of 272 Bytton ICR 5 CONFIGURATION n HHrr OVPN can be configures either as TUN or TAP interface TAP operates at layer 2 level and simulates Ethernet frames while the Tunnel interface operates with layer 3 packets like IP packets Tap can be used to create a network bridge while TAB is used with routing But finally the biggest advantage of OpenVPN is that it seems to be extremely easy to install and configure compare its Web configuration page to the ones for GRE or IPSEC
77. including for WAN and Want not just for the local Eth or wireless interfaces Why is MTU important Generally MTU Maximum Transmission Unit is the largest physical packet size measured in bytes that a packet or frame based network such as the Internet can transmit unaltered All messages which are larger than the MTU will divided into smaller packets and only after fragmentation will be sent out through the network Every network has a different MTU which is set by the network administrator The minimum value that an MTU can be set to is 68 Also for network protocols other than TCP different MTU sizes may apply On your machine PC computer or Bytton ICR you must also set the MTU value in accordance with the specific settings of the data network you use Ideally you want the MTU to be the same as the smallest MTU of all the networks between your machine and a message s final destination Otherwise if your messages are larger than any one of the intervening MTUS they will get broken up fragmented which slows down considerably the transmission speeds When the large packet encounters a router that can t handle that large a packet it will ask for retransmission also reducing data rates On the other hand if you set a too small MTU size just to be sure this means relatively more overhead because of the header and more acknowledgements that must to be transmitted and handled another cause of reduced throughput Hence
78. is software a set of related programs residing on the gateway server that protect the resources of the local internal network Gateway A network point that manages all the data traffic of your network as well as to the Internet and connects one network to another Bytton ICR is also gateway since it interfaces between the local networks wired or wireless and the HSPA mobile network or another broadband connection GRE Acronym for Generic Routing Encapsulation GRE is used as a tunneling protocol which can encapsulate a wide variety of protocol packet types inside IP tunnels IP tunneling using GRE protocol allows easy creation and expansion of a Virtual Private Network using the 3G mobile network The Bytton ICR router from Rohde amp Schwarz Topex S A allows you to use several different GRE tunnels HSPA also called I HSPA for Internet HSPA or Evolved High Speed Packet Access is a wireless broadband standard defined in 3GPP release 7 and above By its name you can see that HSPA is an enhanced version of the previous 3G High Speed Packet Access system a further increase of the speeds of the basic 3G system and another step towards 4G data rates up to 42Mbps currently and 100 Mbps in the LTE networks By using HSPA the data transfer rates are enhanced further over those that could be achieved using HSPA and other factors such as latency and the backhaul have also been addressed The need for HSPA arose out of the increasin
79. kb TS kl CC kl 1 ka GIS ka 6 static 224 868 868 251 kb TS kal CC kat 1 ka S kt Mr static 224 868 868 252 kb TS kl CC kal 1 ka GI kt c static 239 255 255 250 H1 HB 5e 7 f fa static 255 255 255 255 ff ff fft ff ff fft static Currently due to the overwhelming prevalence of IPv4 and Ethernet in general networking ARP is most frequently used to translate IPv4 addresses OSI Layer 3 into Ethernet MAC addresses OSI Layer 2 In the next generation Internet Protocol IPv6 ARP s functionality is provided by the Neighbor Discovery Protocol NDP ARP Table IP address HW type Flags HW address Mask Device 192 168 1 30 GEN GEZ 00 00 00 00 00 00 S warn 10 0 0 20 xl Oxz 21 ab 81 90 d2 b8 ia br 10 0 0 12 xl Ome Gc r0 49 76 24 4b br 10 0 0 13 xl Ome 0Q0 06 4f 02 15 82 bro ByttonICR fulli genericUsermanual_sw303FAS_revG_en doc Page 104 of 272 Bytton ICR 5 CONFIGURATION In the ARP cache of ByttonICR each entry shows the IP address the hardware type as Ox1 instead of LOMbps Ethernet the flags the hardware address MAC and optionally the corresponding mask and the name assigned to the respective device ARP Table IP address 10 0 0 13 10 0 0 20 192 168 1 8 HW address OHO Oe 4F 02 15 82 2z21 ab 81 90 dZ b8 b 4 959 ba a9 37 b5c Device br bro wan 192 168 1 B8 10 0 0 12 fi ce 465 fb b5 da Gc f0 42 76 z24 4b Please use the COMMIT button to activate your changes The
80. lk blocks Used Available Use Mounted on rootfs 57344 16308 41036 28 dev root 57344 16308 41036 28 tmpfs 100352 1252 99100 LS tmp tmpfs 100352 1252 99100 1 etc tmpfs 100352 1252 99100 1 var tmpfs 100352 1252 99100 1 dev tmpfs 0 0 0 proc tmpfs 100352 1252 99100 13 mnt tmpfs 100352 1252 99100 19 www proc 0 0 0 0 proc devpts 0 0 0 0 dev pts sysfs 0 0 0 0 sys Detailed Listing of the files with command Ls la root root 10 Jan 00 00 flash gt tmp flash root root 4863 Aug 2012 forward html lrwxrwxrwx rwxr xr x drwxr xr x 3 root root 2100 Aug 2 2012 drwxr xr x 3 root root 320 Aug 2 2012 lrwxrwxrwx l root root 22 Jan 1 00 00 htpasswd gt tmp conf htpasswd all rwWXr Xxr x l root root 4074 Aug 2 2012 8021x awk rwXr Xxr x 1 root root 3891 Aug 2 2012 8021x html rWXr Xxr x 1 root root 583 Aug 2 2012 AT html rwxr xr x 1 root root 3531 Aug 2 2012 addip html drwxr xr x 2 root root 160 Aug 2 2012 adm rwxr xr x l root root 8666 Aug 2 2012 autopr html rwxr xr x l root root 1141 Aug 2 2012 br status html rwxr xr x l root root 5045 Aug 2 2012 bridge html rWXr Xxr x l root root 1155 Aug 2 2012 bwmoni html rwxr xr x l root root 7393 Aug 2 2012 bwtest html 1 1 1 2 ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 263 of 272 Bytton ICR 12 Annex 3 Busy Box Commands pu rwxr xr x l root root 4371 Aug 2 2012 system defaults html rwxr xr x l root root 4343 Aug 2 2012 system load html r
81. local 127 0 0 1 kernel host lo local As you can see there is no Virtual Table x sections just the general rules and respectively routes active on the equipment are shown After you have defined Virtual routing tables 1 and 2 Virtual Table VT1 10 0 59 64 30 dev brO proto static scope link metric 20 10 0 0 0 24 dev brO proto static scope link 10 0 0 0 24 via 10 0 0 1 dev brO proto static metric 15 172 27 0 0 16 dev lanO proto static scope link Route List Virtual Table VT1 target gateway source proto scope dev tbl 10 0 59 64 30 static link bro 10 0 0 0 24 static link bro 10 0 0 0 24 10 0 0 1 static bro 172 27 0 0 16 static link lanO Virtual Table VT2 172 27 0 0 16 dev lanO proto static scope link 10 0 0 0 16 via 10 0 0 1 dev brO proto static metric 15 Show Rule 0 from all lookup Local 1011 from all iif brO lookup VT1 1012 from all iif lanO lookup VT1 1023 from all iif lanO lookup VT2 1024 from all iif pppl lookup VT2 1031 from all iif lanO lookup VT3 1032 from all iif pppl lookup VT3 1041 from all iif brO lookup VT4 1042 from all iif lanO lookup VT4 1043 from all iif tapO0 lookup VT4 32766 from all lookup main 32767 from all lookup default ByttonICR fulli genericUsermanual sw303FAS revG en doc EE 215 511 1 1 1 1111 1 1 1 a Page 166 of 272 Bytton ICR 5 5 ROUTING E Show Route target gateway source proto scope dev tbl 192 168 1
82. messages following a new Read command l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 222 of 272 5 7 4 SMS Send This option allows you to send out a SMS message through the mobile network Topex H Location SIM gt SM5 Send T Due c TUM Empowering Communications Remote User superuser HOME LAN SMS Send diss To TUNNELS SE Message pse reset the Main route SYSTEM SERVICES SIM Status settings SMS Read SMS Send Stuff Figure 5 169 SIM pages SMS Send Just type in the destination phone number in the field To and the text you want to transmit in the Message field then click the Send button Wait about 40 seconds for the mobile network to perform the sending operation If the SMS cannot be send network busy congestion or other problems an error messages will appear on top of the screen Note if the phone number for the SMS destination is in the same mobile network you may enter it in short form as 0740999999 or 0754043064 But if it is in a different mobile network you must type it in full format country code area code number for example EE 40732056277 Message Mike see this new test fi 5 8 Stuff The Stuff element of menu holds miscellaneous features that are reserved for advanced users Depending upon the actual firmware revision this configuration Web page may be available or not on your equipment an can in
83. non be achieved Jul 23 07 26 46 bytton daemon warn openvpn 1852 NOTE OpenVPN 2 1 requires script security 2 or higher to call user defined scripts or executables Jul 23 07 26 46 bytton daemon notice openvpn 1852 Re using SSL TLS context Jul 23 07 26 46 bytton daemon notice openvpn 1852 LZO compression initialized Jul 23 07 26 46 bytton daemon notice openvpn 1852 Control Channel MTU parms L 1542 D 138 EF 38 EB 0 ET 0 ELO Jul 23 07 26 46 bytton daemon notice openvpn 1852 Socket Buffers R 112640 gt 131072 S 112640 gt 131072 Jul 23 07 26 46 bytton daemon notice openvpn 1852 Data Channel MTU parms L 1542 D 1450 EF 42 EB 135 ET 0 ELO AF 3 1 Jul 23 07 26 46 bytton daemon notice openvpn 1852 Local Options hash VERZ V4 41690919 Jul 23 07 26 46 bytton daemon notice openvpn 1852 Expected Remote Options hash VERZ V4 530fdded Jul 23 07 26 46 bytton daemon notice openvpn 1852 UDPv4 link local undef Jul 23 07 26 46 bytton daemon notice openvpn 1852 UDPv4 link remote 192 168 143 142 1194 Jul 23 07 26 49 bytton daemon err openvpn 1852 read UDPv4 EHOSTUNREACH EHOSTUNREACH No route to host code 113 Jul 23 07 27 46 bytton daemon err openvpn 1852 TLS Error TLS key negotiation failed to occur within 60 seconds check your network connectivity Jul 23 07 27 46 bytton daemon err openvpn 1852 TLS Error TLS handshake failed Jul 23 07 27 46 bytton daemon notice openvpn 1852 TCP UDP Closing socket
84. of your browser for further examination 19 update the Log press the Save and Reload button located at the bottom of the screen Sep Z8 08 14 01 bytton cron err crond 15665 USER root pid 6347 cmd net moni Sep s 08 15 01 bytton cron err crond 1665 USER root pid 6536 net moni Sep Z8 08 15 01 bytton cron err crond 1665 USER root pid 6537 ntpcr Sep Z8 08 16 01 bytton cron err crond 15665 USER root pid 6734 cmd net moni Sep Z8 08 16 46 bytton user notice root SAVE CONFIG DONE Sep Z8 08 16 48 bytton user notice root SAVE CONFIG DONE Sep zZ8 08 16 56 bytton user notice root SAVE CONFIG DONE Sep 28 08 16 58 bytton user notice root SAVE CONFIG DONE Sep 28 08 17 01 bytton cron err crond 1665 USER root pid 7158 cmd net moni Please use the COMMIT button to activate your changes Remote Log IP There you enter the address where the log will be sent upon occurrence of events Remote Log IP 192 168 144 121 Use this IP setting to send the log messages to a remote location Gs Remote Log IP 192 168 144 121 Jan 1 00 00 22 bytton user info kernel ehci hed USB 2 0 Enhanced Host Controller EHCI Driver Jan 1 00 00 22 bytton user info kernel fal ehci fsl ehci 0 Freescale On Chip EHCI Host Controller Jan 1 00 00 22 bytton user info kernel fsl ehci fsl ehci 0 new USB bus registered assigned bus number 1 Jan 1 00 00 22 bytton user info kernel fasl ehci fsl ehci 0 irq 38 io base Oxe00235000 Figure 5 101
85. packets 218K bytes pkts bytes target prot opt in out source destination 0 0 TOS tcp wan 0 0 0 0 0 192 168 148 208 30 tcp dpt 81 TOS set 0x28 0xff 0 0 TOS udp bri 10 0 0 220 30 0 0 0 0 0 udp spt 48006 tos match 0x32 0xff TOS set 0x70 0xff 0 0 TOS udp land 39 41 125 78 31 0 0 0 0 0 udp spt 31022 tos match 0x28 0xff TOS set 0x88 0xff 0 0 TOS udp wlanO 10 0 59 120 30 0 0 0 0 0 udp spt 48007 tos match 0x2f 0xff TOS set 0x98 0xff Chain INPUT policy ACCEPT 2793 packets 207K bytes pkts bytes target prot opt in out source destination Chain FORWARD policy ACCEPT 13 packets 1894 bytes pkts bytes target prot opt in out source destination Chain OUTPUT policy ACCEPT 2199 packets 158K bytes pkts bytes target prot opt in out source destination Chain POSTROUTING policy ACCEPT 2214 packets 161K bytes pkts bytes target prot opt in out source destination 0 0 TOS udp lanO 0 0 0 0 0 10 0 0 0 16 udp dpt 4 tos match 0x22 0xff TOS set 0x20 0xff 0 0 TOS udp wan 0 0 0 0 0 193 25 46 0 24 udp dpt 31021 TOS set 0x38 0xff 0 0 udp wlanO 0 0 0 0 0 87 0 0 0 8 udp dpt 397 tos match 0x46 0xff ECL 1511 1 1 1 eee SSS ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 176 of 272 Marking Table In this table which is empty at first each entry must specify the direction IN or OUT the source or destination IP and corresponding Net mask the protocol either TCP
86. part is the one that takes care of keeping track of the individual units of data packets that a message was divided into for efficient routing through the Internet TCP is known as a connection oriented protocol which means that a connection is established and maintained until the message or messages to be exchanged by the application programs at each end have been exchanged TCP is responsible for ensuring that a message is divided into the packets that IP manages and for reassembling the packets back into the complete message at the other end At the destination TCP reassembles the individual packets and waits until they have all arrived to forward them to you as a single file It also checks the received packets TCP acts at the transport level level 4 of the ISO OSI model See also ISO OSI model packet TCP IP UDP Acronym for User Datagram Protocol It is a simpler protocol than TCP IP that corresponds to the transport layer of the ISO OSI model UDP converts the messages generated by the application into data packets to be sent through IP but does not check if the messages have been transmitted correctly or not UDP allows individual packets to be dropped with no retries and UDP packets to be received in a different order than they were sent Consequently UDP is more efficient but less reliable than TCP and is used to different purposes primarily for broadcasting messages over a network With UDP reliability is wholly in charge of the
87. port ETH switch of Bytton as shown here IP Settings SW SW LAN1LAN2 SW LAN1IP Address 0 0 0 0 LAN1 Netmask J0 0 0 0 LAN IP Address 0 0 0 0 LAN Netmask 0 0 0 0 ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 54 of 272 Bytton ICR 5 CONFIGURATION ee When left to the default SW switch option as shown above both ETH ports are in a hardware switch and thus share the same IP By default the third ETH port also in this switch In this default situation the fields below are colored in gray showing that they are inactive you cannot edit these IP addresses and associated netmasks IP Settings SW SW LAN1LAN2 SW LAN IP Address LAN1 Netmask LAN IP Address LAN2 Netmask There is a default bridge brO a sort of logical switch that connects lan lanO and the port for WiFi wlanO In this case lan is the generic name for the two ports switch holding Ethernet interfaces lan1 and lan2 bridge name bridge id SIP enabled interfaces br agogog 0013937049 3d 7 DO lan lan wlan This default bridge cannot be deleted but it can be programmed to join more or less wired or wireless ports You can set the two port switch it to LAN 1 LAN2 instead of MEME SW The fields under SW are no longer gray now they can be edited SW LAN1LAN2 T you are allowed to enter the corresponding IP addresses LAN1IP Address 0 0 0 0 LAN1 Netmask 0 0 0 0 eg bridge name b
88. received debug pppd 3604 Script etc ppp ip down started bytton daemon bytton daemon debug pppd 3604 sent LCP TermReq id 0x2 User rcvd LCP TermAck id 0x2 Connection terminated daemon daemon bytton bytton debug pppd 3604 notice pppd 3604 EIL 215 1 1 11 1 11 1 1 1 1 11 1 1 a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 187 of 272 Bytton ICR 5 5 ROUTING EH 5 5 2 Logs Shows the system log Topex Remote Log IF 10 0 53 122 1 00 00 22 byzton user info kernel TEF bind kesb table ertries 81923 czdGez J 22763 bytes 1 90 00 22 bytton user info kernel TCD Hash tables configured jestabliahed 3152 bind 3152 1 00 00 27 byzton user info kernel TCF reno registered 1 99 00 22 baueren gser infc kernel UOS hash table entries 286 cozde ez 0 4054 bytes 1 00 00 22 byttcn user info kernel ODP Lite Bask table entries 256 erger 5 4056 bytes 1 90 90 23 byzion user info kernel WET Registered protocol family 1 1 03 02 22 bytton user info kernel SPC ARegistered sdp transport mod le 1 90 00 22 bytton user info kernel RPC Registered tcp transport module 1 90 00 33 bytton user info kernel RPC Registered tcp NFFv4 1 bsckchenneil ranepcort modole 1 60 00 22 bytton user debug ke nel pCI CLE 32 bytes dafsult 52 1 20 00 22 bytton user debug xernel alloc irq desc for Le on pode 0 1 0
89. regular protocol the lower layer protocol encapsulates the higher level protocol In order to achieve a Virtual Private Network corporate network you must ensure the port forwarding tunneling that is the transmission of private data through a public network such as 3G The routing nodes in the respective public network must not be aware that the transmission is part of a private network Tunneling means the encapsulation of the data and protocol information of the private network within the transmission units of the public network Widely used tunneling methods are the Point to Point Tunneling Protocol PPTP developed by Microsoft and generic routing encapsulation GRE developed by Cisco Systems All Bytton ICR equipments support the GRE protocol Bytton ICR supports several types of secure IP tunnels including GRE IPSEC and PPTP ISP Internet Service Provider An ISP is a business that allows individuals or businesses to connect to the Internet Users log on to the Internet using an account with an ISP or Internet Service Provider ISPs can serve IP addresses dynamically or assign static fixed IP addresses to individual computers In this case the Internet provider is the operator of the 2G 3G or LTE mobile network LAN Acronym for local area network computer network that spans a relatively small area A group of computers workstations and associated devices that share a common communications line or wireless link and are located in
90. serial interface allows remote control of legacy devices older equipments that feature a serial interface TCP server option lets you to remotely access the serial interfaces via telnet Diversity antennas MIMO Enabled both the 3G modem and the WiFi access point of the equipment are available in MIMO variant with two antenna connectors each the usage of multiple antennas for diversity ensures higher speed increased throughput or better signal quality e Flexible ETH port assignment the wan0 lanO connector may be assigned form the Web configuration interface either to LAN or to a second WAN the local ETH ports may be grouped three in switch or just two or they can be allotted individual IP addresses for each you can specify for each ETH port the speed auto negotiation feature operation in full duplex of half duplex mode e Advanced firewall SPI firewall with iptables for filtering and NAT fully configurable from the Web pages e Static and Dynamic routing You may completely define several static routes using Quagga or Kernel for routing Quagga routing program RIP and OSPF protocols implemented e Advanced functions for the superuser has access to additional items in several Web configuration pages the section Stuff provides reporting via e mail self provisioning by loading configuration files and testing the bandwidth e Multiple networks and technologies supported different types
91. so on Remote Endpoint Local Endpoint Ip tunnel Netmask Key 193 297 159 65 10 0 0 7 10 0 0 11 258 255 255 0 198253 64 110 38 205 192 168 144 244 192 168 144 209 253 2535 255 2542 72015492 192 168 148 149 10 0 0 8 10 0 0 14 255 252 0 0 63409172 172 158 1 59 0 0 0 0 10 10 10 67 Z3 225 255 254 4294967294 See the first two gre tunnels now present in the routing table of Bytton ICR Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192 168 144 208 0 0 0 0 255 255 255 254 U 0 0 0 gret2 10 10 10 0 0 0 0 0 255 255 255 252 U 0 0 0 gretl In the Interfaces drop list together with the physical interfaces and the other a logical interfaces of the equipment GRETi LANOWANO Embeded Modem And also in the firewall rules Generated by iptables save v1 4 10 on Mon Jul 16 12 47 48 2012 filter SCENE ACCEPT 4272536323 FORWARD ACCEPT 020 OUTPUT ACCEPT 990 115440 A INPUT 1 lo ACCEPT A INPUT i bro 7 ACCEPT A INPUT p gre j ACCEPT A INPUT m State Sstate RELATED ESTABLISHED 7 ACCEPT A FORWARD 1 bDr 7 ACCEPT A FORWARD p gre j ACCEPT A FORWARD m state state RELATED ESTABLISHED j ACCEPT CA FORWARD p t p em teo Bop erlags SYN RST SYN ZCPMSS eclamp nss Lto pmtu A OUTPUT p top m top top rlags OYN RST SYN TCPMSS 9Seclamp mss to pmtu COMMIT Completed on Mon Jul 16 12 47 48 2012 l ByttonICR fulli genericUsermanual
92. sw308FAS revG en doc Page 130 of 272 Bytton ICR 5 CONFIGURATION 5 4 2 IPSEC The IPSEC page allows you to configure the three types of IPSEC tunnels available to configure the keys used for authentication and to see the current status of the IPSEC tunnels that are active At first the table is empty Top ex H Location Tunnels gt IPSEC Empowering Communications Remote User superuser HOME F LAN WAN TUNNELS GRE QVPN PPTP Global IPSEC Settings Use Default Route Interface for all Tunnels Yes NAT Traversal router behind MAT Firewall Yes Define Specific IPSEC Tunnel Settings Desrintion Tunnel Interface Local Local Local Subnet Local Remote Remote Remote Subnet Remote ric Subnet Netmask ID IP Subnet Netmask ID Confiqure Authentication Keys IPSEC STATUS Please use the COMMIT button to activate your changes Figure 5 65 The IPSEC configuration table empty You may configure the IPSEC tunnel in three different situations between two different networks between two gateways one being your Bytton device and the other a remote equipment between a gateway in the field the Bytton ICR unit and the remote network of the company This kind of application is called road warrior because the agent is on the road and he must connect safely to the company s network over a public network such as the Internet For each of the situations described above the IPSEC tunnel must be configured accordin
93. table information to determine the next host to route a packet to for a specified destination Bytton ICR performs as a router for the wired or wireless local network where it is connected It can perform both static routing with fixed pre defined routes and dynamic routing Dynamic routing is more complex than static routing but it provides several benefits It ensures scalability and adaptability The routes are dynamic interactive permanently updated Routers learn about the network topology by communicating with other routers so it may select a better route optimized for each time period The Bytton equipment supports static and dynamic routing featuring different protocols for dynamic routing such as RIP v 2 for distance vector routing and OSPF for link state routing S HTTP Acronym for SECURE HYPERTEXT TRANSFER PROTOCOL A secure way of transferring information over the Web by using an application level encryption scheme S HTTP is an extension of the normal HTTP with security enhancements for WWW based commerce Web pages that use S HTTP have a URL starting with https Typically HTTP data is sent over TCP IP port 80 but HTTPS data is sent over port 443 The standard was developed for secure transactions and uses 40 bit encryption weak encryption or 128 bit strong encryption The HTTPS standard supports certificates and allows encryption digital signatures authentication or any combination of these The S HTTP type of trans
94. that a network can transmit The size includes the IP header but does not include the size of any Link Layer headers or framing Thus when encapsulation and additional headers are used you must take into account the additional length generated Different networks have different values for MTU which is set by the network administrator Most networking technologies have a default MTU size this is 576 for many PPP connections 1500 for Ethernet networks 65K for HYPER channel etc This is why the Web interface of Bytton ICR lets you to configure specific MTU values for each interface NAT Network Address Translation NAT is an Internet standard that enables a local area network LAN to use one set of IP addresses for internal traffic and another set of addresses for external traffic On the gateway NAT software performs all necessary translations of the IP addresses There are several purposes for NAT usage it provides a type of natural firewall by hiding all the internal IP addresses from the Internet Only the single IP assigned to the router is visible from the Internet Several computers on the local network to use one IP address enabling access to the Internet from any computer network without the need to get more IP addresses from the ISP Also local computers are not directly reachable from the Internet making them more secure With NAT the company can use several internal IP addresses Since they re used only internally there is no possib
95. the bottom are valid only for Bytton equipments with voice capabilities the current model does not have an FXS port Volume level for setting the volume sound level Of course this setting has meaning only in case of Bytton ICR equipments with voice capabilities that feature FXS interface Valid settings for the audio level are from 0 to 4 where 0 means mute Depending of the type of modem module used you may have a single Audio setting or independent settings for transmission Tx and respectively reception Rx re rli E w len J Audio Rx Level E Audio Rx Level RN Audio Rx Level E udin Tw Level 3 Paulin Tx level 2 EE NUM Audio Tx Level E udio Tx Level Geen TE Network Mode Automatic oo Network Mode 3G only Figure 5 1620 SIM Settings for Network Mode Mobile Network selection These two parameters allow you to establish the type of mobile network used and the order of searching for mobile networks Network Mode lets you choose using 2G network or 3G networks The default setting is Automatic but you can select to connect only to GSM networks or only to 3G networks Network Mode GSMonly WERTEN Dreem Network Order Automatic G5M only Sak een Figure 5 163 SIM Settings for Network Mode Mobile Network Order is for choosing the order in which Bytton will look for mobile networks The default is Automatic search but you may select either 2G GSM first and 3G afterwards or the
96. the left of the screen to make permanent the IP settings Usually the IP address allocated for Bytton ICR on the LAN side is a non routable internal address After you change this IP address you will need to reload the configuration page by typing the new IP address in your browser if not redirected automatically Additional IP The firmware allows you to set up supplementary IP addresses for the Bytton ICR Aliases IP Aliasing refers to the possibility of setting up multiple network addresses on the same low level network device driver in this case multiple IP addresses for the Ethernet or PPP interfaces of Bytton ICR Use the blue link to go to the configuration page for the alternate IP addresses Netmask 255 255 255 0 and net mask Aditional IP Loopback At fist the table with additional IP s is empty as shown Interface IP Netmask Figure 5 20 LAN configuration page Additional IP Address Tables Use the link Add New to create a new entry the button Edit to enter select parameters For each of the Interfaces available from the drop list you can set one or several IP addresses with the corresponding subnet masks Mo Interface IP Netmask 1 WAN 192 168 148 5 255 255 255 254 Embeded Modem 0 0 0 0 0 0 0 0 IP Netmask 0 0 0 0 0 0 0 0 Edit Del 192 168 148 254 255 255 255 254 Edit Del 0 0 0 0 0 0 0 0 Interface Off LAN WIFI bt LANOWANO You may assign to the e
97. the lines apart when the lines are not being driven RJ 45 Serial Connector Pinout TX IX RX RIS p NENNEN 8 Io The other pins of the serial connectors are not currently used The metallic casing of the connectors is tied to the signal ground ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 24 of 272 Bytton ICR 4 INSTALLATION Connection Just insert the RJ 45 connector into the corresponding receptacle SER1 or SER2 on the front panel of Bytton ICR as shown Serial Devices Figure 4 11 Connecting the serial cables to Bytton ICR For power supply To power the Bytton ICR unit just insert the jack of the power supply adapter into the supply connector Do not yet plug the adapter into the 230V4 c mains outlet on the wall e e e SG DATA WAR 230 V ac Figure 4 12 Connecting the power supply to Bytton The special adapter from Rohde amp Schwarz Topex S A which is part of the Bytton ICR package supplies the voltage required to power the equipment It is an external power supply adapter Input 100 240VAC 50 or 60 Hz output 12VDC 2 1A power output max 24W Note The adapter is the disconnection device there is no POWER switch so the 230 Vac socket outlet shall be installed near the equipment and shall be easily accessible ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 25 of 272 Warning Use only the power supply adapt
98. thus two WiFi antennas are required Supply voltage 12 Vpc center wire external conductor Standard special switching mode power adapter for 230V AC mains Output 12V pc 2 1 A Input from 100 to 240 V ac 0 3 A 50 Hz Optional car kit adapter Optional wide voltage range supply form 9 up to 48 V pc input by factory order LEDs for POWER DATA WiFi and SGN level of signal plus two LED per each LAN or WAN port Operating Standard 0 70 C Optional Industrial 25 C 75 C Sierra Wireless modules Temp range Optional Industrial 30 C 80 C SIMCOM modules Storage up to 40 485 C for no more than 96 hours Humidity 0 to 95 non condensing P Classification IP 20 Material Ruggedized metallic case Dimensions 210 x 130 x 34 mm except protrusions LxWxH Installation Supply adapter Status indicators Horizontal mounting on a flat surface DIN Rail mounting possible by means of a mechanical adapter Weight Maximum 0 400 Kg equipment box only ByttonICR fulli genericUsermanual_sw303FAS_revG_en doc Page 243 of 272 Bytton ICR 7 OPERATING ENVIRONMENT EE 7 OPERATING ENVIRONMENT Bytton ICR was designed for indoor use only so you should NOT operate it outdoors You must install the Bytton ICR equipment in closed rooms or enclosures where the environment conditions should be Operating temperature range from O to 75 C in case of units with components in the commercia
99. type of ARP entries may be dynamic most often used static or invalid Interface 172 168 1 1 Hxh Internet Address Physical Address PER ET ER a bw KT ke KT ke E TN be HB HH 172 168 255 255 Ef ff ff ff ff Fft 224 88 22 NET ke TC ke KT ke DI keng D 224 60 60 251 hb kickt ki r Type invalid static static static 192 168 1 148 192 168 8 242 HA SA c2 F5 23 29 IS be IS ke be TE be IS e IN 192 168 18H 242 IS be ke be TE be IS e SIN inualid 192 168 13 244 18 a9 H5 88 HH 5d dynamic The invalid entries are the ones which show up incomplete or with MAC values of fffffffff or 00000000 the device may not be actually connected to the network dynamic invalid Interface 169 254 43 24 xb Internet Address Physical Address 169 254 255 255 2 Zem d Zen 2 Zeg 2 Zem Z Zem 2 Type static Since dynamic ARP entries are the most common the correct name would be ARP Cache since a table implies rather static persistent values ARP Table IP address HW type Flags HW address Mask Device 192 168 1 88 O21 Jx fi ce 4i6 fb bb5 da wan 192 168 1 8 Qxl dE b4 99 ba a9 37 h5c S wan 192 168 1445 Jl Ose Gc tf0 419 7650 24 4b las War 172 168 1 13 Jl xz Q0 ec 4r 02 15 8z2 bro Other examples or ARP Table shown on Bytton ICR IP address HW type Flags HW address Mask Device L2 uos A 0x1 0x0 00 00 00 00 00 00 lanO 1050 0 1 3 0x1 0x2 OOSUGI4 T2022 152 32 ZS bro 1725572210095 710 0x1 0x0 KEE 00
100. used number 69 Path etc stor autoconfigs Port 370 Figure 5 179 Configuring the TFTP client of Bytton to get the Auto cfg file l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 229 of 272 5 8 3 BW test Performs Bandwidth tests over the Bytton equipment Location Autoprovisioning Remote User superuser Empowering Communications Topex HOME FLAN Autoprovisioning WAN TUNNELS ROUTING F k SH BW test Disabled e P SYSTEM d d b di Address o 1 Path Fie Username Password janonymus Port IPERF Disabled e Test server 0 0 0 0 Schedule in min 0 SERVICES SIM Stuff Email Auto cfg BW Test Please use the COMMIT button to activate your settings Figure 5 180 Bandwidth Testing data speed tests performed over Bytton ICR First Enable this feature by default it is disabled BW test FIP Disabled e Address Path File Figure 5 181 Enable Bandwidth Testing Then choose the method to be used either FTP or IPERF In both cases the basic principle is simple a large file of known length is uploaded to a destination then downloaded and the time necessary for the operation is measured thus computeing the bandwidth Megabits per second Bytton ICR 5 5 ROUTING t FTP In the BW test web page first enable BW test then Enable the FTP option as shown BW test HEJS v Configure the FTP s
101. user enters a domain name into the Internet browser the user is sent by the DNS Server to the proper IP address The DNS server address used by the computers on your home network is the location of the DNS DNS Server Address Domain Name System DNS allows Internet host computers to have a domain name and one or more IP addresses A DNS server keeps a database of host computers and their respective domain names and IP addresses so that server your ISP has assigned Dynamic DNS service that allows clients connecting to the Internet with a dynamic IP address to be able to use applications that require a static IP address The Internet Service Provider changes the IP address of the users but there are applications that work only with static fixed IP addresses Dynamic DNS makes it possible for sites on the Internet to establish connections to you computer without need for tracking the IP address themselves DDNS is useful both for wired or wireless such as UMTS dialup connection where at each connection a new address is assigned and for DSL services where the address is changed occasionally by the ISP Bytton ICR allows usage of Dynamic DNS a l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 248 of 272 Bytton ICR 9 Glossary ee Domain Name Resolution The resolving of a domain name Internet applications dont communicate with domain names such as google com or topex ro instead they use IP addresses for example 193 226 61
102. wan 109 0 0 0 0 0 0 0 255 0 0 0 U 0 0 0 br0 19 0 0 0 0 192 168 1 8 0 0 0 0 UG 0 0 0 wan EE LL ee 51 1 1 11 1 1 1 51 2 1 1 a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 99 of 272 System eis 5 CONFIGURATION 5 2 10 ETH Ports This menu element allow for fine tuning monitoring and control of each ETH ports of the Bytton equipment Top ex i Location System gt Logs Empowering Communications Remote User superuser HOME LAN IP Settings DHCP Server WiFi Settings Bridge VLAN 802 1X Eth Port MTU wan F TUNNELS ROUTING F SYSTEM SERVICES Autonegotaton 10 100 Mb s Enabled e WAN 10 100 Mb s e Enabled WANO LANG 10 100 Mb s Enabled LAN1 10 100 Mb s v ES abled LAN2 Ld dad Reload Stuff Please use the COMMIT button to activate your changes ARP Table IP address HW type Flaga HW addresa Mask Dewice 10 0 0 13 axl Jx 00 06 48 02 15 82 bro 152 168 144 4 O21 xz zZc 4l 38 Sd 85 95 wan 172_27_168_70 O21 x 00 00 00 00 00 00 lan 172 27 168 172 O21 0220 0O 00 00 00 00 00 lan Please use the COMMIT button to activate your changes While previous IP settings including LANO WANO and individual IP and netmask assignment for each port referred to t
103. will reboot and revert to the factory default settings This way of restoring the factory default settings is faster than using the web interface but you should exercise the same care Note the Return to Defaults option is quite useful when incorrect settings have been performed or when you have forgotten the IP of the Bytton ICR router If you don t the IP address or if you have incorrect settings for iptables you won t be able to connect to the wireless router to administer it So you should perform a hardware factory defaults and Topex Bytton ICR will revert to its original settings including the IP address of 192 168 1 1 l ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 197 of 272 Bytton ICR 5 5 ROUTING SSX LAA 5 5 6 Save CFG Makes a backup copy of the current configuration all the settings you made of the Bytton ICR equipment The configuration file is called by default bytton sav You will see a message similar to the one shown in this image Do you want to open or save bytton sav from 192 168 148 4 Open Save 7 Cancel Save L roup CSV V2 A RMTCDE amp group n Save as 4 saved SMS 3 1 saved SMS B odd d Save and open Figure 5 118 The Save command Saving the bytton sav file Or like this a Save s QU Ui Computer FALSI C Saves gt Organize New folder J e 7 A Program Files Name e Date modified Type Size k di Program Files x86 m EE _ b
104. yea STATUS land Speed l0Mb a Duplex Halt Auto negotiation on Link detected no After a reboot the new parameters for operation of Eth ports will be active and will show up in the ETH Port panel located in the middle of the window as shown in the following examples ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 101 of 272 Speed Autonegotiation 110Mb s Disabled 10 100 Mb s Enabled 1 10Mb s Disabled 10 100 Mb s v Please use the COMMIT button to activate your changes Table IP address HW type Flaga HW address Mask Device 152 168 1 30 Dal 0x0 00 00 00 00 00 00 e wan 10 0 0 20 xl O20 50 00 00 00 00 00 bro 10 0 0 13 Ox1 xz gQ0 Qge 4f 02 15 82 bro Or Speed Autonegotiation 10 100 Mb s e Enabled e WAN 10 100 Mb s e Disabled e WANO LANO i10Mb s Disabled LAN1 10 100 Mb s Enabled LAN2 Reload Please use the COMMIT button to activate your changes IP address HH type Flaga HW address Mask Device 172 27 168 7 xl 0220 00 00 00 00 00 00 lan 10 0 0 13 0x1 Oz g zO06 4f 02 15 82 a bro 172 27 168 70 xl ox 00 00 00 00 090090 00 land Reload Please use the COMMIT button to activate your changes STATUS wan Speed 100Mb s Duplex Full Auto negotiation on Link detected yes STATUS land Speed 10Mb s Duplex Halt Auto negotiation off Link detected no ETH parts Speer Autonegotaton 10 100 Mb s Enabled e 10 100
105. you will have another IMSI code IMSI 226102410043179 IMEI 355060025698866 Figure 5 157 Actual examples of SIM Status page showing IMSI and respectively IMEI codes ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 216 of 272 Bytton ICR 5 5 ROUTING IMEI International Mobile Equipment Identifier 15 digit number that uniquely identifies an individual mobile terminal device While IMSI is specific to the subscriber SIM card IMEI in specific to the wireless equipment the modem of Bytton ICR in our case When the SIM card is missing the SIM Status window will show error in Security error Se Modem Version H2 0 7 1BMCAP Modem Version 11 13 02 00 00 the Security IMSI Signal Level IMSI error IMSI error i Network and Registration fields IMEI 35713000014394 IMEI 352679013269217 But you will still see the version of the Signal Level no signal Signal Level 10 30 3G modem and the IMEI code since they are equipment dependent and not related to the SIM card Signal Level displayed as two groups of two figures such as 15 30 The two digits indicate the level of the RF signal for the Mobile network on a scale from zeroup to 30 When the SIM card is missing or isn t registered its status will be no signal Network the name of the mobile network which the equipment is registered to as transmitted by the mobile carrier It may also indicate the network type 2G or 3G LIIL
106. 0 0 the IP of local interface that have route to Remote endpoint IP will be used IP tunnel GRE tunnel is a point to point tunnel thus each tunnel must have a IP This is Local IP on the tunnel interface Netmask Netmask for IP tunnel Key a Key for the GRE tunnel It is a 32 bit number values from 0 to 4294967295 This Key field is intended to be used for identifying an individual traffic flow within a tunnel Note that this Key field is not involved in any sort of security despite its name EIL ee 1511 1 1 1 1 511 511 111 11 a ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 129 of 272 Bytton ICR 5 CONFIGURATION B Examples When you will set LNC Remote Endpoint Local Endpoint IP tunnel Netmask Key gretl T72 168 1x10 0 0020 E EE b Pate PAra o PAs PEA Ort This will create a GRE tunnel with interface gret1 from any local interface IP with remote 172 168 1 10 The local gret1 interface will have IP 10 10 10 2 and net mask 255 255 255 252 Also this will automatically add a route towards this interface that you will be able to see in see it in Routing gt Routes in this example you will have Destination Gateway Genmask Flags Metric Ref Use lIface 10 10 10 0 0 0 0 0 255 255 255 252 UO 0 0 gret1 Depending upon the actual requirements of your application you may use a single GRE tunnel or several with different parameters for each tunnel gret1 gret2 gret3 and
107. 0 00 22 byzton user debug kernel alloc Xkwzat irge zm node C 1 00 00 22 bytton uaer debug kernel irzq Lee 5 on host i1mmsr e0000000 interrfu pt scentfollerz8700 sapped to virtual ise 1 1 00 00 23 bytton user debug kernel Slice irq desc for i7 on mode 0 1 00 00 23 bytton user debug kernel allos kwtat irgs ep node 1 00 00 22 bytton n user debug kernel ise Leg 16 on bast ismr aoc0nO00 instarrupt econtrs1laf49700 mapped te virtual ise 17 1 00 00 23 bytton user info kernel WOT driver for MPCSHxX initielised mode reset rinmeout 5535 32 seconds 1 90 03 23 bytton user info kernel NTTZ driver 2 1 25 iFlags R W 1 00 00 22 button user info kernel JFFS2 version 2 2 WARD Ae 2001 200 Red Eat Inc 1 90 00 37 byston user info kernel msgmni has been eer to 37 1 60 00 22 bytton user info kernel alg Wo test fcr ciphsr null cipher mall genaric 1 00 00 22 bytron user info kernel alg Wo test for ecbicipher suli jecb cipher mull 00 00 33 byston Geer info kernel aig Mo cest for digest null idigewt mall generic 1 00 00 22 bytton user infc kernel alg No test for compress null cctepress null gensatic 1 00 00 23 bytrion user info kernel aig No test for scdrng krng 1 20 00 22 bytton user info kernel i2 scheduler noop registered 1 90 00 22 Bbytten user infc kernel ic scheduler Jdaadlise rfegisteted 1 09 00 27 byston user info kernel io scheduler cfq registered defsuit L 99 00 22 buten zser warn karnal pci stub
108. 0 12 dBi gain and come with a connection cable that is 10 15 m long to allow installation of the antenna on a mast or atop the building where it gets a better level of 3G signal The cable is a special one large diameter which assures low siggnal attenuation in spite of the additional length Such Yagi GSM 3G antennas are available fron R amp S Topex upon request r ByttonICR fulli genericUsermanual_sw303FAS_revG_en doc Page 259 of 272 Bytton ICR ll Annex 2 Antennas for ByttonICR m E m uu EE m a n EE El 4G LTE For the LTE 2600 MHz band the SMO3 magnetic base antenna is shipped in the package This is a thin rod dual coil weather proof antenna specially designed for the 2 6GHz frequency band used for LTE in Europe Figure 11 4 General image of the Mobile Antenna for 4G with magnetic base and connection cable The GSMOS antenna is for frequency ranges 890 960 1710 2150 and respectively 2600 MHz for LTE The connection cable is thin type RG178 and standard cable length is 3 meters which allows more flexible placing of the antenna Besides the SMA connector that matches the Bytton mobile connectors other types are available SMB FME TNC In the 2600MHz frequency band gain is 5dBi for the standard model with 3 m long cable and 7dBi for the variant with shorter cable only 1 m long which has a smaller signal loss The LTE antenna is omnidirectional rated for both outdoor and indoor usage
109. 0 46 23 bytton user info kernel cfg80211 Calling CRDA to update world regulatory domain Jul 19 10 46 29 bytton user notice root LOG guestwifi Jul 19 10 46 30 bytton user notice root CONNECT ON WIFI AP guestwifi Jul 19 10 46 30 bytton user debug kernel wlan0 authenticate with 00 15 2 3d 60 36 try 1 Jul 19 10 46 30 bytton user debug kernel wlan0 authenticated Jul 19 10 46 30 bytton user debug kernel wlan0 associate with 00 15 2 3d 60 36 try 1 Jul 19 10 46 30 bytton user debug kernel wlan0 RX AssocResp from 00 15 2 3d 60 36 capab 0x401 status 0 aid 3 Jul 19 10 46 30 bytton user debug kernel wlan0 associated Jul 19 10 46 34 bytton daemon info dnsmasq 1213 read etc hosts 1 addresses Jul 19 10 46 57 bytton daemon info dnsmasq 1213 read etc hosts 1 addresses Jul 19 10 47 01 bytton cron err crond 1670 USER root pid 3310 cmd net moni Jul 19 10 47 03 bytton daemon info dnsmasq 1213 reading etc resolv conf Jul 19 10 47 03 bytton daemon info dnsmasq 1213 using nameserver 172 27 1 1453 Jul 19 10 47 03 bytton daemon info dnsmasq 1213 using nameserver 8 8 8 8 53 Radio Channel Selects the Wi Fi channel in the 2400 MHz band Radio Channel 02 24174Hz e In this band there are up to 14 channels placed 5 MHz apart Auto When left on Auto default setting and the AP will automatically 01 2412MHz select the radio channel with the strongest signal 02 2417MHz OS 2422MHz If instea
110. 0000 00380000 at 0 filters pzateenl ip peat 3 u32 filter peetecel ip praf 3 232 fh O01 ht diwiges 1 filter protocol ip p af 3 232 fh O01 800 s da 2048 key ht 801 bkt D f lowid 1 2 match 00000000 00000000 at 12 filter peetecel ip praf 11 u32 filter peetecel ip praf 11 u32 fh B01 ht diviges 1 filter peetecel ip praf 11 u32 fh BD1 BDD e da 2048 key ht 801 bkt D flowid 12 11 match E at a filter peetecel ip praf 11 x33 fh BD1 BD1 e da 2045 key ht 801 bkt 0 flowid 12 11 match ES at B filta p oterel ip pee 12 u32 fh 800 ht divinse 1 filta pestenel ip pee 12 u32 fh BDD BDD tedar 2048 key ht B00 bkt D flewid 12 12 match n4B ung n n nagnnnn at H filta pestecel ip pee 12 u32 fh BDD BDl1 sedar 2045 Key ht 800 bkt D flewid 12 11 match DDDEDDDDZDDZEZDDDD at B match DEDDDDDDZDZDDZZeH at H match DDlIDDDDD DDTTDDDD at 32 filta pestecel ip peat 20 u32 fh BD2 ht divinse 1 filtar p eterel ip p af 20 u32 fh BD2 B800 r r 2048 Key ht B02 bkt match DDDDDDDDEDDDDDDDD at 12 flowid 12 13 CES Marking Qus Cla Marking Help Peme umm fhe COMMIT buton fo activate your changes Why QoS Generally QoS refers to several networking technologies and techniques that are used with the goal of providing provide guarantees on the ability of the equipment network to deliver predictable results In our case QoS is targeted at assuring the performance of the Bytton router QoS is especially important for the multimedia of Inte
111. 084 ms 591 061 ms 638 912 ms 9 www k ro 194 102 255 23 626 859 ms 695 420 ms 591 892 ms When the Ethernet connection is used for WAN instead of the PPP1 link response times are faster traceroute warning topex ro has multiple addresses using 172 27 168 7 traceroute to topex ro 172 27 168 7 30 hops max 38 byte packets 1 voluntarigw topex ro 192 168 1 8 0 629 ms 0 522 ms 0 978 ms 2 10 0 144 2 10 0 144 2 1 932 ms 1 950 ms 2 434 ms 3 172 27 168 7 172 27 168 7 2 363 ms 2 529 ms 1 956 ms Or traceroute to k ro 194 102 255 23 30 hops max 38 byte packets 1 46 108 17 161 46 108 17 161 2 804 ms 2 191 ms 2 263 ms 2 basarabia 20ge adnettelecom ro 46 108 3 165 2 421 ms 2 130 ms 2 146 ms 3 cr rbas 40gbps adnettelecom ro 46 108 4 217 16 352 ms 2 396 ms 2 317 ms 4 cr cr2 40gbps adnettelecom ro 46 108 4 221 2 403 ms 2 222 ms 2 378 ms 5 95 77 112 137 95 77 112 137 2 327 ms 3 272 ms 2 306 ms 6 ro buhOla rdl v1796 upcnet ro 95 77 36 61 2 789 ms ro buh0la rdl1 te 1 1 v518 upcnet ro 95 77 36 245 2 617 ms 3 874 ms 7 ro buhOla ral vi1324 astralnet ro 95 77 36 122 3 117 ms 2 704 ms 3 123 ms 8 www k ro 194 102 255 23 2 426 ms 2 315 ms 2 399 ms And respectively for the default for target google ro traceroute warning www google ro has multiple addresses using 173 194 39 87 traceroute to www cctld l google com 173 194 39 87 30 hops max 38 byte packets 46 108 17 161 46 108 17 161 3 184ms 2 300ms 2 192 ms basa
112. 1 radus 01 d8 5e 3f 06 25 955 1342743261 00 06 4f 02 15 82 1591 168 1 13 VO0000 73 01 00 06 4f 02 15 82 Commit
113. 1 ttl 111 time 127 259 ms 39 bytes from 209 202 254 14 seq 2 ttl 111 time 126 909 ms 209 202 254 14 ping statistics 3 packets transmitted 3 packets received 0 packet loss round trip min avg max 126 909 127 202 127 440 ms EE LL oe oS a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 91 of 272 Bytton ICR 5 CONFIGURATION u M H j Other network debugging tools are also available in the Test Net utility page TRACE For instance the Trace IP NS box allows you to trace the route towards the respective IP address and Trace IP NS www topex ro also looks up for addresses of nameservers used along this route The default Internet site to be traced is google ro since it is both relevant and supposedly always on See below a few examples of trace ing different targets under various conditions of connecting to Internet Stop Reload Traceroute to www topex ro 193 226 61 45 30 hops max 38 byte packets 1 9 172 20 175 201 172 20 175 201 60 702 ma 859 898 ma 60 046 ma 172 20 182 46 172 20 182 46 687 5253 ma 51 396 ma 79 531 ma Orange Hoh IZ Ho 217 156 113 33 67 719 ma 51 528 ma 559 588 ma EuroaWEB RoNIE Ro 217 156 113 6 59 599 ma 347 338 ma 351 423 ma gewro crlil qrliz buh ew ro 81 24 28 198 48 241 ma 51 550 ma 47 584 ma ip 81 24 28 213
114. 1500 Metric 1 RX packets 351 errors 0 dropped 0 overruns 0 frame 0 TX packets 1191 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 45784 44 7 KiB TX bytes 520166 507 9 KiB Bytton ICR 5 CONFIGURATION EE And the corresponding routing table is very simple Routes Kernel IP routing table Destination Gateway Genmask Flags Metric Ret Use Iface 172 168 1 0 0 0 0 9 255 255 255 0 U 0 g 0 bro 192 168 0 0 0 0 0 0 255 255 0 0 U 0 0 0 wan 0 0 0 0 192 168 1 8 0 0 0 0 UG 0 a 0 wan After you set the additional IP s over the available interfaces of Bytton Interface IP Netmask 10 0 0 254 255 255 255 252 10 0 59 18 2553 2535 255 254 192 168 148 3 255 255 255 0 192 168 148 149 2553 225 255 254 172 168 27 59 255 255 255 0 93 127 148 2 2553 295 255 254 The Iface status changes accordingly br0 Link encap Ethernet HWaddr 00 19 70 49 F3 D7 inet addr 10 0 0 1 HBcast 10 0 0 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 309 errors 0 dropped 0 overruns 0 frame 0 TX packets 403 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 35375 34 5 KiB TX bytes 114640 111 9 KiB br0 0 Link encap Ethernet HWaddr 00 19 70 49 F3 D7 inet addr 10 0 0 254 Bcast 10 0 0 255 Mask 255 255 255 252 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 br0 1 Link encap Ethernet HWaddr 00 19 70 49 F3 D7 inet addr 10 0 59 18 Bcast 10 255 255 255 Mask 255 255
115. 192 109 1411 top m top dport 90 J ACCEPT 4 EE LL 1 5 eee OO SSS a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 145 of 272 Bytton ICR 5 5 ROUTING pe MM M Interface select the type of the used interface in order to communicate with the Bytton equipment Interface The available options are OVPN_TAPO hd BRO the default bridge that joins all local wireless or wired ports of Bytton WAN Ethernet port the WAN port PPP interface the Embedded Modem for mobile UMTS HSPA connection GRET1 the first GRE IP tunnel OPVPN TAPO the Open VPN tunnel working in TAP mode As you can see in addition to the physical real interfaces drop list shows all logical interfaces that you have defined on the system bridges virtual LANs GRE IPSEC or Open VPN tunnels and so on Embeded Modem WAM Port br 2 pppi 3 ethi 4 Protocol select the IP protocol TCP and UDP protocols are used for communications while the ICMP protocol is for the ping command IP D The IP Destination field It contains the IP address of the computer where the firewall ports will be forwarded If you enabled rule but leave the IP to the default 0 0 0 0 then no rule will be added to iptables Port S The source port represents the number of the port that will be forwarded Same P New P This section a
116. 192 168 1 1 the DHCP server must be also set for the same range of IP addresses 172 168 1 yyy where yyy may be from 10 up to 20 or a wider range Start IP 172 168 1 10 End IF 172 168 1 20 IR A To check the correct assignment of IP address double Currently connected to click the icon corresponding to the Bytton ICR network Unidentified network connection on the desktop of your computer Internet access Click the link Open Network and Sharing Center Open Network and Sharing Center Figure 5 25 Open Network and Sharing Center to verify the assignment of IP addresses bs Desktop a RI 341 PM The Status window for the network connection will appear as shown ByttonICR Status General Connection General IPv4 Connectivity Internet IPv6 Connectivity No network access Connecton Media State Enabled Pv4 Connectivity Duration 05 15 14 IPv6 Connectivity Speed 100 0 Mbps Media State Duration Speed Fist Click on the tab General to see Sent 4 Received general information status Internet access connection duration p connection speed about the respective 29 210 833 129 233 012 network connection Bytton ICH Figure 5 26 The General tab of the el Properties connection to Bytton ICR shows its current state The Support or Details window tells General Support you that the IP address has been Assigned by DHCP and IS in thi
117. 2 dev wan parent 1 2 r2q 3 default 0 direct packets stat 272 qdisc sfq 1211 dev wan parent 12 11 limit 127p quantum 1514b perturb 10sec qdisc sfq 1212 dev wan parent 12 12 limit 127p quantum 1514b perturb 10sec qdisc sfq 1213 dev wan parent 12 13 limit 127p quantum 1514b perturb 10sec qdisc ingress ffff dev wan parent ffff fffl qdisc pfifo fast 0 dev lan root refcnt 2 bands 3 priomap qdisc prio 1 dev br0 root refcnt 2 bands 2 priomap 1 11 qdisc pfifo 11 dev brO parent 1 1 limit 1p 20011111111 l T 11 1 1 i 1 Qdisc means queue discipline it is an algorithm that manages the queue of an interface either incoming ingress or outgoing egress Qdisc s function is of a scheduler In each case when the packets are in a queue for instance over the output interface and input interfaces of the equipment some type of scheduler is required The default scheduler invisible to the end user is simply a FIFO First In First Out but qdisc can assign priorities it will rearrange the packets entering the scheduler s queue in accordance with the rules you have defined Scheduling is the mechanism by which packets are re arranged between input and output of a certain interface queue In general any set of traffic control mechanisms on an output queue can be regarded as a scheduler because packets are arranged for output The queuing discipline algorithm used in for implementing QOS in Bytton ICR is classful meaning that it
118. 200 lanO Respectively IP address HW type Flags HW address Mask Device 1 527 1 edu 7 U OxI 0x0 0D 00 00 200200 00 kW lanO N ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 105 of 272 Bytton ICR 5 CONFIGURATION E T0 03 ds T3 Oxl 0x7 OU OGAE U2 15202 Kei 192 169 149 Ox 1 E e Ee x wan ND z 13169 UI 0x0 00200 00200 00200 x lanO IP address HW type Flags HW address Mask Device 17232274109 10 0x1 0x0 00 2002002002007 00 ui lanO LIZ ee T L09 2170 0x1 0x0 O02 00400300 200200 a lanO L0L D 01 3 0x1 0x2 000G 4E 02 13 82 brO 1925 10934149 Oxl OZ paso o para9 27 250 a wan II Ze Zt el OSs 0x1 0x0 OU 002 0G OU 00 D n lanO Usage of ARP table All IP devices must have an ARP table This ARP cache can be used for troubleshooting the network connectivity When everything is working fine with ARP you will have a dynamic ARP entry that is complete both MAC and IP values are there But if you do not have a complete entry if you encounter problems Interface 192 168 144 21 Hxa Internet Address Physical Address Type 192 168 1 1 Hij HB BH BHHB HB HB inualid KKK KW Hij HBH BH BHH HB HB inualid 192 168 1 88 HB HB BHB8 B BB HB WHB inualid 192 168 160 199 Hj HB BiHB BB HBB HB inualid 192 168 144 14 IS be AIS be SD TS be AT e IN invalid 192 168 144 34 IS be AIS be Dk TS be AT e SIN invalid 192 168 144 338 IS be AIS ke SD TS be AT e SIN invalid 192 168 148 148 GI ke be ke TE be
119. 2007 15 52 35 KermelDebug 192 168 1 1 udhcpc 1548 Sending discover 04 11 2007 15 52 34 Kernel Debug 192 158 1 1 udhcpc 1548 Sending discover 04 11 2007 15 52 32 Kernel Debug 192 168 1 1 udhcpc 1548 Sending discover 04 11 2007 15 46 52 Kernel Debug 192 168 1 1 udhcpc 1548 Sending discover 04 11 2007 15 45 56 User Into 192 158 1 1 System time change detected Figure 5 103 Kiwi Syslog Daemon showing the remote System Log for Bytton ICR EE LL 111 1 111 111 11 11 1 SS sss ai ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 191 of 272 5 5 3 Update It allows you to perform an update or upgrade of the firmware running on Bytton ICR Topex Location System gt Update powering Communications UTR I Empowering Communication HOME LAN Firmware Update NEE Please select your firmware update file below enter the control sum and click the SEMD TUNNELS button ROUTING Status Control Sum Po Logs Password Update Defaults Save CFG Load CFG SERVICES SIM Stuff Figure 5 104 Update feature in the System webpage of Bytton ICR The update firmware image must be on your PC The image files have the extension trx You may download the image files from the ROHDE amp SCHWARZ TOPEX S A website Enter the name of the update file or click the button Browse to search your system for it Topex Location System gt Update Remote User sup
120. 23 255 255 255 252 E 48006 Enabled x32 ees pss ss sso Iw fasa L Eed 39 41 125 78 255255255254 o 3102 Seier OB 82 stor 10 59 125 96 255 255 255 254 AL 48615 saed e Oe 10 0 59 172 255 255 255 252 DP 48007 Enabled Of 87225254132 255 0 0 0 397 Enabled thts When you finished entering TOS marking and matching values h neral Save the lon n called Save and Rel use the general Save the long button called Save and Reload CEET ee located at the bottom of the page rn i i 4 1 1 rr 1 R m t 1 I l th a I 1 m i 1 4 1 QOS Class After marking the packets you must separate them into classes of traffic The QOS Class page does this sorts the data packets into several pre defined classes The QOS Class page also has two distinct panes the upper table predefined but which may be extended or modified And respectively the bottom part where you assign for each Interface the upload and download figures and Class distribution according to TOS value Bytton ICR 5 5 ROUTING Interface Upload Download TOS to CLASS BRO 1800 2500 Ox2z0 e VOIP Ox00 e Disabled x28 e Min Delay e x38 e Interactive 1200 2000 Edit Del 1000 3000 QoS Class upper table has 3 1 classes named respectively VOIP Min Delay Interactive and Default wi
121. 255 254 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 lan Link encap Ethernet HWaddr 00 50 C2 F5 23 2A UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 373 errors 0 dropped 0 overruns 0 frame 0 TX packets 394 errors 1 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 54536 53 2 KiB TX bytes 114226 111 5 KiB Base address 0x2200 lanO Link encap Ethernet HWaddr 00 50 C2 F5 23 27 inet addr 192 168 148 148 Bcast 192 168 148 151 Mask 255 255 255 252 UP BROADCAST MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 1 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 0 0 0 B TX bytes 46 46 0 B Base address 0x2000 lan0 4 Link encap Ethernet HWaddr 00 50 C2 F5 23 27 inet addr 172 168 27 59 Bcast 172 168 27 255 Mask 255 255 255 0 UP BROADCAST MULTICAST MTU 1500 Metric 1 Base address 0x2000 ByttonICR fulli genericUsermanual_sw303FAS_revG_en doc Page 51 of 272 Bytton ICR 5 CONFIGURATION EECH wan Link encap Ethernet HWaddr 00 50 C2 F5 23 29 inet addr 192 168 1 148 Bcast 192 168 255 255 Mask 255 255 0 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 28186 errors 16 dropped 0 overruns 0 frame 0 TX packets 135 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 1745238 1 6 MiB TX bytes 17015 16 6 KiB Base address 0x3000 wan 2 Link encap Ethernet HWaddr 00 50 C2 F5 23 29 inet addr 192 168 148 3
122. 3FAS revG en doc Page 212 of 272 Bytton ICR 5 5 ROUTING In the system logs you can see the moment when the applications running on Bytton connect to the Internet and the time jumps from the default Jan 1 2000 to the actual date time supplied by the selected NTP Server Jan 1 00 00 50 bytton user info kernel usb 1 1 Sierra USB modem converter now attached to ttyUSB6 Jan 1 00 00 50 bytton user info phx modem port opened Jan 1 00 00 57 bytton user info kernel PHY mdio e0102120 05 Link is Up 100 Full Jan 1 00 01 00 bytton user notice root Selected SIMO Jan 1 00 01 00 bytton user info pbx clips active Jun 22 10 42 11 bytton user notice root Wee eee eee Jun 22 10 42 12 bytton user notice root Configuring the OPENVPN Tunnel Jun zz 10 42 12 bytton user info kernel tun Universal TUN TAP device driver 1 6 Jun 22 10 42 12 bytton user info kernel tun C 1999 2004 Max Krasnyansky Jun 22 10 42 12 bytton user notice root OVEN INT tapd Jun 22 10 42 12 bytton daemon notice openvpn z408 OpenVPN 2 2 2 powerpc linux SSL Lzoz EPOLL eurephia l Jun 22 10 42 12 bytton daemon warn openvpn z408 NOTE OpenVPN 2 1 requires script security 2 or higher to Or Jan 1 00 00 51 bytton user info kernel sierra 1 1 1 1 Sierra USB modem converter detected Jan 1 00 00 51 bytton user info kernel usb 1 1 Sierra USB modem converter now attached to ttyUSBl Jan 1 00 00 51 bytton user info kernel br0 port 1 wlan0 entering forwardi
123. 4 243 164 98 31 gateway which may be an actual gateway such as 192 168 1 2 or broadcast or local source the source IP address such as 10 81 86 155 or 172 2 168 71 proto the routing protocol which may be static or kernel scope which may be link or host device which may be wan lan brO br1 ppp1 or lo routing table one of the virtual tables VT1 VT4 or local ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 170 of 272 Bytton ICR 5 5 ROUTING EH 5 4 5 Quality of Services The Quality of Service QoS section involves prioritization of network traffic by marking and prioritizing the data packets First you mark the packets then you divide them into classes to ensure adequate performance for critical applications To p ex o wam CEA emote Leer superuser HOME F LAN E WAN E TUNNELS nnisc BUTING qdiuc pfife Cant D dav wlan seat rafent 2 banda 3 p iemap 1 222120011111111 gdisc pric I dow lanl eet rafent 2 banda 2 priemap 1111111111111111 gdisc pfife 11 dew lanl parant 1 1 limit 1000p gdisc hth 12 dav lanl parent 1 2 s39 3 default 0 direct packatm stat 0 Roube mqdiuc afg 1211 davr lanl parant 12 11 limit 127p quantum l514b p rturb Line TERRY qdinc afg 1212 dav lanl parant 12 12 limit 127p quantum 1514b p rturb l nac cher qdiuc afg 1213 dav lanl parant 12 13 limit 127p quantum 1514b pa tu b logos Virtual RT gdis inqg aum fff7T dew lant parent ffff fffl
124. 41 00 06 4f 02 15 82 192 168 1 13 VOO00073 01 00 06 4f 02 15 82 Figure 5 114 System Status showing firmware version following succesful firmware update ByttonICR fulli genericUsermanual sw30S8FAS revG en doc Page 195 of 272 5 5 4 Password Allows you to modify passwords for the log in accounts Topex a Location System gt Password Remote User admin Empowering Communications HOME LAN WAN TUNNELS ROUTING SYSTEM Status Change the administrator password New password new _password038923 Repeat the password Save Logs Please use the COMMIT button to activate your changes Password Figure 5 115 Password changing the login password for Bytton Type the new password then enter it again on the second row to confirm tt Save saves the new password You should replace as soon as possible the default generic password 99admin11 for Admin with one specific to you which will be communicated only to authorized users Please choose a password with minimum six characters In order to effectively prevent unauthorized access the password must be long enough and include both letters and numbers Note that the password is case sensitive Remember that you should change both passwords the one for the ordinary user admin and respectively the one for superuser in the example above is shown the change of password for admin 5 5 5 Defaults This option restores the system settin
125. 42 USER root pid 8871 cmd net moni Jul 6 10 14 14 bytton user notice root SAVE CONFIG DONE Jul 6 10 14 20 bytton user notice root SAVE CONFIG DONE Jul 6 10 14 21 bytton user notice root SAVE CONFIG DONE Jul 6 10 14 28 bytton daemon info dnsmasq 1203 read etc hosts 1 addresses When the SMS management service is enabled you can manage remotely by means of SMS messages some features of the Topex Bytton router Load if you send to the Bytton ICR form the telephone number or prefix that you have previously entered a short message with the text load the equipment will load the backup configuration that was previously saved Info after you send to the SIM used in the Bytton ICR equipment form the telephone number or prefix that you have previously entered a short message with the text info the equipment will answer back to you with a SMS which shows the current state of the data link such as started then stopped in this examples DATA started the name and type MobileCarrierB HI RO seier mobile network where it is DRANGE 3 CEI the value of the signal level such as Figure 5 141 Examples of actual SMS received on a 85dBm mobile phone form the remote Bytton ICR equipment the mobile cell where it is connected like 2 or 2 1 03F2 Reset if you send to the Bytton ICR form the telephone number or prefix that you have previously entered a short message with the text SMS text
126. 44 0 0 0 0 0 255 255 255 0 U d 0 0 wan 3 10 0 0 0 0 0 0 0 255 255 255 0 U d d 0 bro 192 168 148 0 2 0 0 0 255 255 255 0 U d d 0 wan 105 73 241 0 0 0 80 0 255 255 255 0 U d d 0 br 192 168 0 0 0 0 0 0 255b 255 0 0 U d d 0 wan 10 0 0 0 0 0 0 0 255 0 0 0 U d d 0 bri Here you can only see the existing static routes for Bytton ICR default routes gateway masquerading if used interface used and so on you cannot perform changes the lower pane allows you to define several static routes IP Netmask Router Interface 193 65 48 207 255 255 255 254 off Router Quagga 10 0 58 207 255 255 255 0 192 168 1 2 PPPOE Static 10 0 58 216 255 255 255 252 10 0 58 2 WIFI and LAN Or No Route IP Netmask Router Interface Metric 192 168 148 149 255 255 0 0 off Dr 2 30 10 0 58 115 0 0 0 0 10 0 58 1 Router ju Add Mew EE LL 11 eee o 1 a ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 152 of 272 Bytton ICR 5 5 ROUTING E Static Route Display Kernel IP routing table Destination Gateway Cenmask Flags Metric Ret Use Iface 193 57 235 B4 192 168 1 8 255 255 255 255 UGH J wan 192 168 144 254 152 158 1 2 255 255 255 254 UG ZU d j wan 94 243 164 98 0 0 0 0 255 255 255 254 U J bri 192 168 148 252 0 0 0 0 Zb 255 255 252 U d j wan 10 0 0 0 0 0 0 0 2B5b 255 2Zbb 0 U 0 bro 192 168 0 0 0 0 0 0 255 255 0 0 U Oo wan 0 0 0 0 192 168 1 8 0 0 0 0 Uc
127. 463 bytes overall length response and propagation delay When you repeat the test another time the results are close but the response time are not exactly identical l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 90 of 272 Bytton ICR 5 CONFIGURATION CH PING 127 0 0 1 127 0 0 1 455 data bytes 463 bytes from 127 0 0 1 seq 0 ttl 64 time 0 545 ms 463 bytes from 127 0 0 1 seq 1 ttl 64 time 0 417 ma 463 bytes from 127 0 0 1 seq 2 ttl 64 time 0 417 ms 463 bytes from 127 0 0 1 seqg 3 ttl 64 time 0 414 ms 127 0 0 1 ping statistics 4 packets transmitted 4 packets received 0 packet loss round trip min avg max 0 414 0 448 0 545 ms PING 127 0 0 1 127 0 0 1 455 data bytes 463 bytes from 127 0 0 1 seq 0 ttl 64 time 0 556 ms 463 bytes from 127 0 0 1 seq 1 ttl 64 time 0 413 ms 463 bytes from 127 0 0 1 seq 2 ttl 64 time 0 404 ms 463 bytes from 127 0 0 1 seq 3 ttl 64 time 0 402 ms 127 0 0 1 ping statistics 4 packets transmitted 4 packets received 0 packet loss round trip min avg max 0 402 0 443 0 556 ms The Source field inactive when left to the default value 0 0 0 0 allows you to Ping the destination with a different IP than the real one Longer round trip delays are specific to mobile conections PING 209 202 254 14 209 202 254 14 from 192 168 1 148 31 data bytes 39 bytes from 209 202 254 14 seq 0 ttl 116 time 2711 108 ms 39 bytes from 209 202 254 14 seq 1 ttl
128. 55 255 0 0 U 0 0 0 lanl 192 168 0 0 0 0 0 0 255 255 0 0 U 0 0 0 wan 0 0 0 0 10 64 64 65 0 0 0 0 UG 0 0 0 pppl they will be displayed as options in the Interfaces drop list which shows up in several configuration menus of the Bytton ICR equipment IF1 Test Net testing the networks At the bottom of the Interface Status subpage there is another clickable link called Test Net This is used to open a window that allows testing of the network where Bytton ICR Test Net is connected wland Link encap Ethernet HWaddr 00 19 70 49 F3 D7 UP BROADCAST RUNNING MULTICAST MIU 1500 Metric l BA packets 0 errors 0 dropped 0 overruna 0 frame IX packets 15 errors 0 dropped 0 owerruns 0 carrier collisiona txqueuelen l1000 HS bytes 0 0 0 B TX bytes 960 960 0 B Test Met This Test page features several tools used to thoroughly test the network EIL 17151 eee SSS a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 88 of 272 PING 127 0 0 1 127 0 0 1 5 data bytes 13 bytes from 127 0 0 1 seq 0 ttl 04 time 0 525 13 bytes from 127 0 0 1 seq 1 ttl 0t4 time 0 387 13 bytes from 127 0 0 1 seq 2z ttl o64 time 0 391 13 bytes from 127 0 0 1 seq 3 ttl e64 time 0 393 ZEE 127 0 0 1 ping statistics 4 packets transmitted 4 packets received 0 packet loss round trip min avg max 0 387 0 424 0 525 ma Network Test IP Ns 127 0 0 1 Source 0 0 0 0 No Pack 4 sd Siz
129. 6 255 2505 Mask 255 255 0 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 1420977 errors 272 dropped 0 overruns 0 frame 0 TX packets 451456 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 1767668651 1 6 GiB TX bytes 34203167 32 6 MiB Base address 0x3000 l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 157 of 272 Bytton ICR 5 5 ROUTING wan U Link encap Ethernet HWaddr 00 50 C2 F5 23 29 inet addr 192 168 148 254 Bcast 192 1068 148 255 DMjaskc200429992 9962 94 wlanO UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 Base address 0x3000 Link encap Ethernet HWaddr 00 19 70 49 F3 D7 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 2124 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 0 0 0 B TX bytes 339480 331 5 KiB Figure 5 88 Interface Status shows the current state of all network interfaces Use the button Reload located at the bottom to read the latest statistics about the network interfaces of Bytton ICR mon wlanD Link encap UNSPEC HWaddr 00 19 70 45 F3 D7 10 07 00 00 00 00 00 00 00 00 PPPl wland UP BROADCAST RUNNING MULTICAST MIU 1500 Metric 1 RS packeta 950 errors 0 dropped 0 ovwerruns 0 frame IX packets 0 errors 0 dropped 0 owerruns 0 carrier o eollisions 0 txuquevelen 1000 RX bytes 73495 71 7 KiB TH bytes 0 0 0 B Link
130. 6c 0 49 76 24 4b 1340747241 00 06 4 02 15 82 10 0 0 13 01 00 06 4 02 15 82 1340747209 60 b 42 39 48 86 10 0 0 20 Mihais iPod 01 60 fb 42 39 48 86 Or 154275594490 a30 0502Db4sTatrlo coo L0 0 0 12 Blues 1342565970 24 ab 981 90 dZ2 b9 10 0 0 10 Pauls iPhone 01 24 ab 81 90 4022Db8 1342550614 G0 D52472 39 1458 86 10 0 0 20 Mzxhazs iPod 01 60 1b 42 59 40 896 1347566557 DU0SUG 4dErt 07 15 97 10 0 0 15 VODUDUJS QLs00 D6os24r 02 15 92 DHCP Leases S46729927 0 13 ce 72 z4 71 L Lep LL LG weooo l 00 13 ce 72 z4 7l S4e728682 u U4 75 bb5 bl cc l19z 1623 1 12 mcr pd wd n l 0 04 75 b5 bl cc Figure 5 97 Examples of DHCP leases in System Status The Reload button at the bottom of the page refreshes Bytton ICR s status information The Please reload message appears when the internal PPP link is in a transition state PPP link starting Since this state is by definition temporary you must click the Firmware version topex 3 0 1 FA S Reload button in order to get the current status of the PPP link PPP link starting PPPOE link offline Or PPP link starting PPPOE link offline System uptime 10 01 10 up 15 min load average 0 33 0 12 0 05 DHCP Leases 1340747490 O00 ld e0 5e c2 ab 10 0 0 16 DL 1340747274 amp c rf0 49 76 24 4b 10 0 0 15 VOOO00073 01 6c 0 452 76 24 4b 1340747241 00 06 4rf 02 15 82 10 0 0 13 301 00 06 4f 02 15 82 1340747209 amp 0 fb 42 39 48 86 10 0 0 20 M
131. 7d b8 f6 96 2c cl e4 da 4f 33 56 d4 db b1 Exponent 65537 0x 10001 X509v3 extensions X509v3 Basic Constraints CA FALSE m 5ave Please use the COMMIT button to activate your changes ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 139 of 272 Bytton ICR 5 CONFIGURATION Ee and respectively for the Client s Key BEGIN KEY AQUFOXaB3E4IwyLlogtCgENBMSUwIwY trw OyqHNDMLSLHw8zbAD JdKdT JGzh383jg A AOPApih rA igkUk PS1IDAYDVR T4LnJvMIGfMAOGGNBALWwAwEBCSqGSIb3DQEBAQUAAA zANBgkgqhkiG9w B AQUFAAOBgQAg456WzQeW7J8cTkpMyxyv 5kg HJGTYnoAtFgNaO rf JOX 12XXbxHLPzTaKESt4vTc1q T5VO tskRjaTn35fuxfOzfclvDVVJFcSiG g4QWEsf BiS8rhrpTVAUSnagxtiZVRPLEBgQAgUGaKESt vTciqT SVOG 940 WEsf sissrh OyUogtCgtrw OygHNDVADCMLSLHw8zBgQDgEr 2dbAD JdKdT JGzh383jgQzESMBAGA 1UEBXxM JOIVDV V JFU VESQRVaxETAPBaNVBAMTCFR ENBMSUWwIwY JKoZIhvcNAQkBFhz 2YXNpbGLlu pul RvcGV4LnJvMIGIMADGCSqGSIb3DQOEBAQUAAAGNADCEIQKBaODdET 2d Ex 456W2QeW 7J8cTkpMyxyv 5kg 3TH Am PvHFLrAuurPosb hsr 53iagw 79 1FW LuzQPMse4Nr 5 NbmD2PCUG 7rFNpzkMjazr 3sk5MLsUUdfJliosThu35Y OgHCZ 1Wt LaL TTBFc8LACnJapq3rz07j P 2aiEK4F JdyaBwIDAQABo4HxMIHuMBOGA 1UdDgQW BEQk2yOXIUUksNw J5wip F9u 22 fjCBvg Y G 2MIGzgBQK2y0XTuUksNwJ Swip 4 F9u 22 qaGBj6SBjDCBITELMAKkGA 1UEBhMCUKSXxDDAKBgNVBAgTAO VOZES MBAGA 1UEBXMJOQNDVV JFU IRIMO4wDAYDVOOKEwVLT 1BFWDEOMAwGA 1UECXMF VESCQ RVgxETAPBgNVBAMTCFRPUEVYIENBMSUwIWwY JKozZIhvcNA
132. 82 Jun 13 11 13 addip html drwxr xr x root root 160 Jun 13 11 13 adm Filesystem lk blocks Used Available Use Mounted on rootfs 57344 15432 41912 27 dev root 57344 15432 41912 27 tmpfs 100352 1176 SOIT 1 tmp tmpfs 100352 EES 99176 1 etc tmpfs 1003527 1176 99176 Te var tmpfs 100252 1176 99176 1 dev tmpfs 0 0 0 0 proc tmpfs 100352 1176 99176 mnt tmpfs 100352 1176 99176 WWW proc proo devpts dev pts sysfs Sys Should you enter an incorrect or ambiguous command Busybox promots you for the correct syntax and available options Stop Reload BusyBox v1 11 2 OCI multi call binary Usage id OPTIONS USER Print information about USER or the current user Options J Print group ID u Print user ID n Print name instead of a number r Print real user ID instead of effective ID EIL 11 11 1 511 111 51 11 11 5 1 a ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 94 of 272 5 2 9 VLAN This page configure the settings for the Virtual LANs of Bytton ICR Topex Location System gt Logs Remote User superuser HOME Mu LAN IP Settings DHCP Server WiFi Settings Vlan IP Netmask MTU V Int 2 192 168 14 254 255 255 255 254 1500 wan Bridge 802 1X Eth Port 4 192 168 148 255 255 255 255 0 1500 Jon A 10 0 58 36 255 255 255 252 743 greti 5 Add New TUNNELS ROUTING SYSTEM SERVICES F SIM Stuff
133. 92 168 1 236 30 dev brO proto static scope link metric 10 10 0 0 0 24 dev brO proto static scope link 172 27 0 0 16 dev lanO proto static scope link Route List Virtual Table VT4 target gateway source proto scope dev tbl 192 168 1 236 30 static link brO 10 0 0 0 24 static link bro 172 27 0 0 16 static link lanO Show Rule 0 from all lookup Local 1011 from all iif brO lookup VT1 1012 from all iif lanO lookup VT1 1041 from all iif brO lookup VT4 1042 from all iif lanO lookup VT4 1043 from all iif tapO0 lookup VT4 32766 from all lookup main 32767 from all lookup default Show Route target gateway source proto scope dev tbl 192 168 1 236 30 static link brO VT4 10 0 0 0 24 static link brO VT4 172 27 0 0 16 static link lanO vT4 192 168 148 148 31 192 168 1 8 static wan VT2 172 27 0 0 16 static link lanO VT2 10 0 0 0 16 10 0 0 1 static brO VT2 10 64 64 65 93 122 250 36 kernel link PPP1 10 0 0 0 24 10 0 0 1 kernel link brO 192 168 148 0 24 192 168 148 4 kernel link wan 172 27 0 0 16 172 27 168 71 kernel link lanO 192 168 0 0 16 192 168 1 148 kernel link wan default 10 64 64 65 PPP1 EE LL eee Ss aaa ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 167 of 272 Bytton ICR 5 5 ROUTING As you can see Virtual Table Status has three distinct panes 12 2 58 54 22 der brl probo rtrtic ren link matric 22 12 2 2 222 22 der brl proto zrtrtic Seen link matric 17 12 2 2 2 24 der brl probo rentis T
134. 95 or 216 239 39 99 Domain Name Resolution is the process transparent for the user of converting domain names into corresponding IP addresses Every operating system has routines that deal with resolution of domain names Encryption This provides wireless data transmissions with a level of security Bytton provides various degrees of encryption for data sent out via its embedded Wi Fi access point Ethernet Standard for wired computer networks Ethernet networks are connected by cables and hubs and move data around For wired connections Bytton ICR provides Ethernet 10 100 ports three for the local LAN and one for WAN The ports are fully configurable from the Web interface you may join the three LAN ports in the same switch or not assign the different lps set them to operate duplex or half duplex select data speeds of 10 or 100 Mps enable or disable auto negotiation and so on Firewall System designed to prevent unauthorized access to or from a private network The firewall determines which information passes in and out of and prevents anyone outside of your network from accessing your computer without authorization and possibly damaging or viewing your files Any company with an intranet that allows its workers access to the wider Internet must use a software or hardware firewall to prevent outsiders from accessing its own private data resources and for controlling what outside resources its own users have access to Here the firewall
135. ACCEPT 917 80339 ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 140 of 272 Bytton ICR 5 CONFIGURATION FORWARD ACCEPT 87 14031 OUTPUT ACCEPT 664 105325 POSTROUTING ACCEPT 751 119356 COMMIT Completed on Wed Jul 4 10 43 48 2012 filter INPUT ACCEPT 58 3040 FORWARD ACCEPT 0 0 OUTPUT ACCEPT 1165 98890 A INPUT i lo j ACCEPT A INPUT i br0 j ACCEPT A INPUT p gre j ACCEPT A INPUT m state state RELATED ESTABLISHED j ACCEPT A INPUT p tcp m tcp dport 2601 j ACCEPT A INPUT p tcp m tcp dport 2604 j ACCEPT A INPUT p udp m udp dport 161 j ACCEPT A INPUT p udp m udp dport 162 j ACCEPT A INPUT i tap0 j ACCEPT A INPUT p udp m udp dport 4500 j ACCEPT A INPUT p ipv6 auth j ACCEPT A INPUT p udp m udp sport 500 dport 500 j ACCEPT A INPUT p ipv6 crypt j ACCEPT A INPUT p tcp m tcp dport 0 j ACCEPT A INPUT p tcp m tcp dport 0 j ACCEPT A FORWARD p gre j ACCEPT A FORWARD m state state RELATED ESTABLISHED j ACCEPT A FORWARD p tcp m tcp tcp flags SYN RST SYN j TCPMSS clamp mss to pmtu A FORWARD d 193 76 244 115 32 p tcp m tcp dport 47 j ACCEPT A FORWARD i tap0 j ACCEPT A OUTPUT p tcp m tcp tcp flags SYN RST SYN j TCPMSS clamp mss to pmtu COMMIT Completed on Mon Jul 16 13 57 06 2012 An example of System gt Logs where because of incorrect open VPN settings the OVPN tunnel could
136. AN Eth interface in the WAN pages l ByttonICHR fulli genericUsermanual sw303FAS revG en doc Page 117 of 272 Bytton ICR 5 CONFIGURATION um H M M M a Corresponding routing table for Static WAN address of 192 168 1 148 with 192 168 1 8 gateway Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 102 00 20 0 0 0 0 sc E EE U 0 0 H Dro 19244168214 3 0 0 0 0 0 Po tee Oe e E U 0 0 0 wan 172447 00 e s e PAE E AE e trae U 0 0 0 lanO 192 168 0 0 0 0 0 0 PAES P e UE O NEU DU 0 0 0 wan TRO Us L92 16094 es PE OPNS IU UG 0 0 0 wan Name servers When you use a static IP address for connection on the Wan side you must also complete the fields for the name servers to be used The field nameserver1 is for the primary server and the nameserver 2 field for the optionally secondary alternate name server These name servers may be on the local network or on the Internet as illustrated in the examples below Gateway 172 27 168 17 Gateway 192 168 1 8 Mameserver 1 193 227 189 6 Mameserver 1 172 27 168 37 Mameserver 1 192 168 1 38 Mameserver 2 fag 233 194 140 F Mameserwer 2 lod a7 220 220 Nameserver 2 4 4 4 4 Figure 5 49 Setting the name servers for static IP on the ETH Interface for WAN Example When you set up these two nameservers to be used with the WAN Nameserver 1 197 165 1 38 Nameserver 2 172 27 168 7 port as shown
137. AN and avoid WAN links which are expensive EIL eo 511 1 521 111 5 1 11 SSS sss an ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 97 of 272 Bytton ICR Using VLANs After defining the VLANs in the table such as this No Interface IP 10 0 58 19 10 81 90 1 172 168 254 197 192 168 148 257 10 81 81 2 225 49 63 81 245 108 65 37 127 27 155 203 127 27 254 98 245 229 88 63 Netmask 255 255 255 0 255 233 723 254 255 2535 7253 752 255 232 733 0 255 255 0 0 255 2535 0 752 255 2535 255 254 255 0 0 0 255 255 755 254 255 255 755 254 255 235 793 292 5 CONFIGURATION EE 1500 749 V Int br0 2 pppl 3 br0 2 4 tun 6 ppp1 7 ppp1 3 8 bm 6 9 ppp1 3 8 12 land 14 Lan 15 ppp1 3 8 12 16 then issuing a Commit command to make the changes permanent the VLAN interfaces will be visible in Interface Status br0 19 Link encap Ethernet HWaddr 00 50 C2 F5 23 2A inet addr 109 166 184 149 Bcast 109 255 255 255 Mask 255 0 0 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 0 0 0 B TX bytes 0 0 0 B br0 2 Link encap Ethernet HWaddr 00 50 C2 F5 23 2A inet addr 10 0 58 19 Bcast 10 0 58 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0
138. Another test for large file sizes 130 and respectively 248 M bytes show a measured speed that is now of 14 3 M bits per second ID Interval Transfer Bandwidth 3 0 0 101 3 sec 248 MBytes 20 6 Mbits sec Client connecting to 192 168 143 100 TCP port 5001 TCP window size 16 0 KByte default 3 local 192 168 1 148 port 60694 connected with 192 168 143 100 port 5001 ID Interval Transfer 3 0O0 0 76 4 sec 130 MBytes Here are several different BW results Client connecting to 192 168 143 100 TCP port 5001 TCP window size 16 0 KByte default Client connecting to 192 168 143 100 TCP port 5001 TCP window size 16 0 KByte default Figure 5 149 Several BW Tests that were runned for Bytton using the FTP option Bytton ICR 5 5 ROUTING IPERF In the BW test web page first enable BW test then Disable the FTP option and go to Iperf to choose Client Topex Location Autoprovisioning UI eee were Empowering Communicatons JI IUE USET S Peruse R HOME F LAN Autoprovisioning WAN TUNNELS ROUTING d d e t BW test Enabled e F SYSTEM d F hdi FIP Disabled e Address p Path Fie Username SERVICES SIM Stuff Email Password snonymust amp Port 21 Auto cfg BW Test IPERF Test server 10 0 58 119 Schedule in min Please use the COMMIT button to activate your settings Figure 5 150 Using IPERF for BW Tests of the
139. B slot and so on the mode of login a simple user with less rights has access only to basic features while admin or superuser may get access to advanced features such as VRRP or Telnet Typically SNMP SMS DDNS NTP and of course Reset are available in all versions while the rest of the features depend upon the current hardware and firmware configuration of your particular Bytton ICR equipment Bytton ICR 5 5 ROUTING 5 6 1 VRRP Establishes how Virtual Router Redundancy Protocol works on Bytton ICR by default itis Disabled pem POE Top ex J Location LAN gt DHCP Settings Remote User superuser HOME LAN WAN Es de Ic Priority ROUTING m SYSTEM SERVICES SNMP Help VRRP SERIAL SMS DONS NTP Please use the COMMIT button to activate your changes Figure 5 129 VRRP Services setting the virtual router protocol Virtual Router Redundancy Protocol VRRP is a simple yet robust practice that can provide additional availability in your network It provides gateway redundancy by allowing each router within the redundant router topology to share a virtual Ethernet MAC address and a virtual IP address It shares a virtual IP address among two router the one that has active Internet connection gets it When the connection of the primary router fails the virtual IP is given to the secondary backup router When the virtual addresses are active on a particular router
140. CCEPT A INPUT p ipv6 crypt j ACCEPT A INPUT p tcp m tcp dport 0 jJj ACCEPT A INPUT p tcp m tcp dport 0 3j ACCEPT A FORWARD p gre j ACCEPT FORWARD m state state RELATED ESTABLISHED jJj ACCEPT FORWARD p tcp m tcp tcp flags SYN RST SYN j TCPMSS clamp mas to pmtu FORWARD d 193 76 244 115 32 p tcp m tcp dport 47 j ACCEPT A FORWARD i Cep j ACCEPT A OUT DUT p tcp m tcp tcp flags SYN BST SYN j TCPMSS clamp maa rto pmtu COMMTT Completed on Tue Jul 17 10 56 55 2012 Figure 5 80 Viewing the Active Rules of the firewall of Bytton ICR ByttonICR fulli genericUsermanual_sw303FAS_revG_en doc Page 149 of 272 Bytton ICR 5 5 ROUTING pom M Advanced iptables Add This link provides you access to a console where you can add and edit rules for routing Firewall Settings PREROUTING ACCEPT 0 0 OUTPUT ACCEPT 0 0 COMMIT mangle PREROUTING ACCEPT 0 0 INPUT ACCEPT 0 0 FORWARD ACCEPT 0 0 OUTPUT ACCEPT 0 0 POSTROUTING ACCEPT 0 0 COMMIT filter INPUT ACCEPT 0 0 A INPUT 4 bri p udp m dport 3127 j DROP FORWARD ACCEPT 0 0 OLITPUT ACCEPT 0 0 KCCOMMINTT Save Figure 5 82 Example and explanations for Advanced Iptables Add firewall rules The firewall and advanced packet routing can be configured using the iptables commands For more information see http www n
141. CR fitted with 4G modules in the package are shipped 1 2 multiband coil antennas specially for LTE networks LTE technology can use dual antennas for diversity so two antennas will be included in the Bytton ICR package Figure 2 1 Illustrations of the content of the package of Bytton ICR ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 12 of 272 Bytton ICR 3 What is Bytton ICR Mobile network LAN E ge EE mM ud eh Fi e a Q Uv UU Still if you are in an area where you have only UMTS or GPRS or even GSM coverage you may use Bytton ICR in conjunction with the respective networks The Bytton ICR equipment also can feature one or two serial RS 232 RS 485 ports allowing connection to legacy requirements different devices that feature serial ports 3 What is Bytton ICR The Bytton ICR equipment from Topex is versatile advanced router for wireless broadband Internet access using 3G technology As data router Bytton ICR achieves a direct connection transparent for the user between the local networks Ethernet and or WiFi and the GSM GPRS EDGE 2G or UMTS HSDPA HSPA 3G and even 4G using LTE mobile communications networks For wireless WAN connection it uses an embedded radio modem for the GSM GPRS EDGE HSPA or LTE mobile network Its 3G 4G capabilities assure high speed Internet access up to the topmost limit of the respect
142. D any access list lt 100 199 gt lt 2000 2699 gt deny permit ip A B C D A B C D host A B C D access list lt 100 199 gt lt 2000 2699 gt deny permit ip any A B C D A B C D access list lt 100 199 gt lt 2000 2699 gt deny permit ip any any access list lt 100 199 gt lt 2000 2699 gt deny permit ip any host A B C D access list lt 100 199 gt lt 2000 2699 gt deny permit ip host A B C D A B C D A B C D access list lt 100 199 gt lt 2000 2699 gt deny permit ip host A B C D any access list lt 100 199 gt lt 2000 2699 gt deny permit ip host A B C D host A B C D access list WORD deny permit A B C D M access list WORD deny permit A B C D M exact match access list WORD deny permit any bgp config type cisco zebra bgp multiple instance debug bgp a l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 267 of 272 Bytton ICR 13 Annex 4 Quagga Commands pi debug bgp as4 debug bgp as4 segment debug bgp events debug bgp filters debug bgp fsm debug bgp keepalives debug bgp updates debug bgp updates in out debug bgp zebra debug ospf event debug ospf ism debug ospf ism status events timers debug ospf Isa debug ospf Isa generate flooding install refresh debug ospf nsm debug ospf nsm status events timers debug ospf nssa debug ospf packet hello dd Is request Is update Is ack all debug ospf packet hello dd Is request Is updatel Is ack all send recv detail debu
143. EE 36 S14 First e nen E 38 DIbGecureCGonnechonHIIb e eene nennen nennen nenne 38 E ee Die tegt ICR NINE 39 5 1 7 Multiple Log in to the Web interface of Dvtton ccccsecceessseeeeeestseees 41 PLONE NG EE 44 e EAN E 48 Dee DO UMS ea E E 48 5 2 2 Software configuration of the ETH ewtch ccc cccscccesseceesseceesseeessseeeesees 54 SESGO EE 62 APROP CUNO eo E A E E E E E PE 63 peor TE ue E 68 RE E LE 74 v2 iiie NL TI 5 2 8 Interface Status and Test Net features 0 0 0 cccceceesscceeeccceeeessssseeeeeees 81 IN S 95 9 2 TO CTA FON S suncu ec a bad panvanscanadaue ta Eds dM NEP UM UNE MEEIUIDUNUE 100 EEUU 107 nuc ME M 111 9 9 dl Le EE 111 59 2 WAN MAIO Ebo eege 116 WV RINE OM T c TS 117 o6 85 PPRP E 120 5 3 6 PPP Advanced SeMS d tasa io masuu mI bota CE EIE 123 SA TONNEL T 128 ES n a T E E A O E E O E E 129 ALIP E 131 e S IR 137 Jo Sed 138 EX MH B B B BRB BMRBMRRB B B M M ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 6 of 272 Bytton ICR Dear Client ma M M M SO ARC C X O C r 142 sr ME i i RR 144 e Ne ROU EN 151 9 223 DVnSmie TODOS a acras oaebus
144. EPT 133 8594 POSIBOUIING ACCEPT 148 5843 A POSTROUTING o bri j MASQUERADE A POSTROUTING o pppl j MASQUERADE o wan j j MASQUERADE Mon Jul 16 11 00 02 2012 Generated by iptables save vl1 4 10 on Mon Jul 16 11 00 02 2012 filter Examples of Failover action In your office you have a local network with cable or ADSL as WAN connection which uses Bytton Primary Interface Ethernet port Y ICR as a backup link You should set the Primary Secondary Interface Embedded modem e Interface to Ethernet port and the secondary one l EM to the embedded mobile modem pe ET Ping IP 194 102 255 23 Ping Interval MASQUERADE Figure 5 43 Example of setting up primary and secondary WAN Interfaces using Failover ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 114 of 272 Bytton ICR 5 CONFIGURATION In normal operation all computers in your local network Ethernet link up will reach the Internet via ETH port so the Ethernet link PPP link stopped is up and the PPP link GPRS EDGE or UMTS HSPA modem is disconnected PPPOE link offline System uptime 15 02 49 up 2 min load ave The routing is done via 192 168 1 8 gateway in the Ethernet WAN network using the interface wan Routes Kernel IP routing table Destination Gateway Cenmask Flags Metric Bet Use Iface 10 30 0 0 0 0 0 0 255 255 255 0 U g 0 bro 192 168 0 0 0 0 0 0 255 255 0 0 U d g 0 wan 0 0 0 0 192 168 1 8 D 0 0 0 UG d g wan Fig
145. F3 D7 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 5 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 0 0 B TX bytes 320 320 0 B Should you set different IPs for the two interfaces lan1 and lan2 as shown SW LAN1LAN2 LANi LANZ e LAN1IP Address 172 158 1 13 LAN1 Netmask 255 255 255 252 LAN2 IP Address 172 168 1 15 LAN2 Netmask 255 255 255 0 Now a single ETH land is left in the logical switch for local connections bridge brO together with the WiFi interface wlanO bridge name bridge id SIP enabled interfaces br aggg ogn01957049f3d7 no lan wland Correspondingly Ifaces will show bro Link encap Ethernet HWaddr 00 19 70 49 F3 D7 inet addr 172 168 1 1 Bcast 172 168 1 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 0 0 0 B TX bytes 0 0 0 B lan Link encap Ethernet HWaddr 00 50 C2 F5 23 2A UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 61 errors 0 dropped 0 overruns 0 frame 0 TX packets 1 errors 1 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 7654 7 4 KiB TX bytes 46 46 0 B Base address 0x2200 lanO Link encap Ethernet HWaddr 00 50 C2 F5 23 27 UP BROADCAST MULTICAST MTU 1500 Metric 1 RX packets 0 errors
146. FAS revG en doc Page 205 of 272 5 6 3 TELNET Enables the Telnet feature of Bytton ICR and sets the port over which it will operate Top ex Location System gt Update Empowering Communications Remote User superuser HOME LAN WAN TUNNELS ROUTING SYSTEM SERVICES SNMF VRRP SERIAL SMS LONG Telnet Settings Telnet Service Enabled e Current time is Fri Sep 28 10 09 06 UTC 2012 Please use the COMMIT button to activate your settings Figure 5 135 Enable and configure the Telnet service of Bytton ICR 5 6 4 SERIAL This page shows up only in case of Bytton ICR devices fitted with one or two serial interfaces RS232 RS485 The example below is for a Bytton equipment with a single serial port Top ex i Location SERVICES gt Res Empowering Communication Remote User superuser HOME at k IT TE M WAN Serial Service Server w TUNNELS ROUTING rudi Y SERVICES Packet size SNMP Server Port 1 VRRP SERIAL Databit 8 e SMS Parity None DONS Stopbit 1 Flow control Mone SIM Save stutt Please use the COMMIT button to activate your settings Commit Figure 5 136 Enable and Configure Serial ports of Bytton ICR By means of this menu you may control the one or two serial interfaces RS232 of Bytton ICR and their remote port serial over IP feature For each of the one or two serial ports of the equipment you can set the following parameters Bytton ICR 5 5
147. H 0 J pppl 192 168 148 148 0 0 0 0 SER 255 255 252 U g 5 land 109 9 0 0 0 0 0 0 255 255 255 0 U g bro 192 168 1 0 0 0 0 0 255 255 255 0 U 0 O wan 0 0 0 0 10 64 64 65 0 0 0 0 UG d g pppl Another example with bridge br1 created lanO and lan as distinct ports still connecting via mobile modem bro Link encap Ethernet HWaddr 00 19 70 49 F3 D7 inet addr 10 0 0 1 Bcast 10 0 0 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 160416 errors 0 dropped 0 overruns 0 frame 0 TX packets 298549 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 11770863 11 2 MiB TX bytes 412043839 392 9 MiB br1 Link encap Ethernet HWaddr 00 50 C2 F5 23 29 inet addr 172 168 144 15 Bcast 172 168 144 15 Mask 255 255 255 252 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 66410 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 3467166 3 3 MiB TX bytes 0 0 0 B lan Link encap Ethernet HWaddr 00 50 C2 F5 23 2A UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 160518 errors 3 dropped 0 overruns 0 frame 0 TX packets 298568 errors 1 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 14025308 13 3 MiB TX bytes 412045038 392 9 MiB Base address 0x2200 lanO Link encap Ethernet HWaddr 00 50 C2 F5 23 27 UP BROADCAST MULTICAST MTU 1500 Metric 1 RX packets 113 errors 0 dropped 0 overr
148. HOME LAN F WAN TUNNELS GRE OVPN PPTP ROUTING SYSTEM SERVICES F SIM Stuff l ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 136 of 272 5 4 3 PPTP This allows you to define a Point to Point Tunnel which will be used to securely transmit data packets from one VPN node to another over a public network such as the Internet By default it is disabled PPTP enabled Disabled Username Password Server IP Redial Period Idle Time MTU Default route Enabled e Save Figure 5 72 Web configuration page for PPTP disabled Bytton ICR can be set up to operate as a Client for the PTP tunneling protocol Top ex Location WAN gt PPTP Client Empowering Communications Remote User superuser pov 1 S HOME LAN F WAN TUNNELS Username admin GRE IPSEC Password OVPN Server IP 196 87 235 194 PPTP Redial Period P ROUTING Idle Time SERVICES Defaultroute Disabled e SIM Stuff Please use the COMMIT button to activate your changes Settings for PPTP Client PPTP enabled Client Commit Figure 5 73 Setting up parameters as Client for PPTP Bytton ICR 5 CONFIGURATION EE 5 4 4 OVPN Here are the settings for the Open VPN tunnel of Bytton Top ex i Location TUNNELS gt OPENVPN Empowering Communications Remote User superuser HOME LAN da TUNNELS GRE IPSEC OVPN PPTP ROUTING Settings for OPENVPN Tunnel OPENVPN Tunnel Disabled Remo
149. HWaddr 00 50 C2 F5 23 29 inet addr 192 168 1 148 Bcast 192 168 255 255 Measles 25522552020 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 111710 errors 32 dropped 0 overruns 0 frame 0 TX packets 394 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 6938268 6 6 MiB TX bytes 51456 50 2 KiB Base address 0x3000 DOWNLOAD SPEED I UPLOAD SPEED 2 96 Mbps 20m 10m 30m 50m 75M 9 DOWNLOAD SPEED Q UPLOAD SPEED 2 96 Mbps 0 80 Mbps Figure 5 154 Speed test when the Ethernet port is used for WAN Now over the 3G wireless data link PPP link online IP 93 122 148 36 Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10 64 64 65 0 0 0 0 295 255 255 255 UH 0 0 0 pppl 191 168 1 0 0 0 0 0 255 255 255 0 U 0 0 0 brO 192 168 0 0 0 0 0 0 255 255 0 0 U 0 0 0 wan 0 0 0 0 10 64 64 65 0 0 0 0 UG 0 0 0 pppl br Link encap Ethernet HWaddr 00 19 70 49 F3 D7 inet addr 191 103 1 1 Beaste1 91 16e 255 Mask 255 2554755 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 250209 errors 0 dropped 0 overruns 0 frame 0 TX packets 412636 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 24925941 23 7 MiB TX bytes 554504957 528 8 MiB r ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 236 of 272 Bytton ICR 5 5 ROUTING uM M M j ppepl Link encap Porint to Poin
150. ICR equipment Logs shows the log file Update you may perform firmware update Password allows modification of the password Defaults restores the factory default settings Save saves the current configuration of Bytton ICR Load loads a configuration previously saved 5 5 1 Status Shows the current state of the Bytton ICR system Top ex H Location System gt Status Empowering Communications Remote User superuser HOME F LAN WAN TUNNELS ROUTING SYSTEM Status system Status Firmware version topex 3 0 3 a FA 5 Ethernet link up PPP link stopped R PPPOE link offline ogs Password System uptime 10 41 45 up 55 min load average 0 59 0 14 0 04 Update Defaults save CFG Load CFG SERVICES SIM Stuff Q0 06 4f 02 15 82 191 168 1 13 VOOO00073 01 00 06 4f 02 15 82 Figure 5 95 Aspect of SYSTEM Status Web Page with PPP link online Or PPP link online IP 93 122 148 36 PPPOE link offline System uptime 11 07 43 up 5 42 load average 0 00 0 05 0 04 Leases 1342559449 aO 88 b4 7 arl8 ree 19 0 0 12 Blues 1342565270 2z4 ab 81 30 d2 b8 10 0 0 10 Pauls iPhone 01 24 ab 81 30 d2 b8 1342550614 amp 0 fb 42 39 48 86 10 0 0 20 Mihais iPod 01 60 f b 42 39 48 86 13425651359 00 06 4f 02 15 82 10 0 0 13 VOOO00073 01 00 06 4f 02 15 82 Other examples with the PPP link offline this time Bytton ICR 5 5 ROUTING p
151. IM cards also FXS interface for analog fixed telephone The serial ports labeled SER1 and respectively SER2 are available for connections to legacy equipments The RS 232 interfaces feature RJ 45 connectors on the front panel There is also a slot for USB 2 0 Figure 1 8 Photo of Bytton ICR with two serial ports FXS phone interface two SIM cards WiFi and slot for USB ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 10 of 272 Bytton ICR I INTRODUCTION Antenna diversity versions These Bytton may feature with two connectors for MOBILE antennas and also two connectors for WiFi Thus it features up to four antenna connectors labeled MAIN and respectively AUX both for the mobile data network and for the embedded Wireless Access point Je Ja Oo oO WAN WAN OLAN 0 LAN 2 O PWR 3 eE SIM SGN DATA WiFi Both the LTE modem and the embedded WiFi access point of Bytton ICR have MIMO capabilities meaning they can operate with two antennas for achieving diversity higher bandwidth or higher tolerance to perturbations thus achieving increased capacity and or robustness There are several sub variants of MIMO Bytton equipments available for instance as you can see in the photo it may have two antenna conneciors for the mobile data network but only one connector for the WiFi antenna The advanced variants with FXS port and respectively with USB slot and also the special version with up to four
152. In this case should Disable the default route and then you must fill the other parameters too the IP Address and Gateway When you finish with the setting of advanced parameters click on the link BACK BACK located at the bottom to return to the WAN PPP page mm EIL oo 1511 1 11 51 11 11 1 1 1 1 1 1 a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 124 of 272 Bytton ICR 5 CONFIGURATION u MH a PPP Check Data Link Here you can set how the verification of the PPP data link will be performed By default this feature is disabled its fields are colored in gray to show that you cannot edit them Interval No of pack SRC IP Action Ezzii pass Tf Help Check Link Figure 5 55 PPP Check Data Link settings Bytton ICR First you must Enable it then use Edit to perform changes of the way how Bytton ICR checks the data link and finally Save Check link lt e of d Ge SRC IP Action Help Check Link Reload Figure 5 57 Enabling the PPP Check Data Link feature For verification of the link the Bytton ICR equipment sends out a specified number of ping packets at certain time interval to a destination IP You can also specify the source SRO IP or the source outgoing interface Check link Enable or disable the verification of the link If you enable this feature it 5 l only will work for P
153. Jul 23 07 27 46 bytton daemon notice openvpn 1852 SIGUSR 1 soft tls error received process restarting Jul 23 07 27 46 bytton daemon notice openvpn 1852 Restart pause 2 second s EE LL 21 1 1 111 1 511 111 1 1 1 oS a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 141 of 272 Bytton ICR 5 5 ROUTING 5 5 ROUTING As can be seen in the image below the section about ROUTING includes several sub sections A Firewall see and define both packet filtering and port or address redirection Routes display and configure the static routes Dynamic selects OSPF RIP or BGP for dynamic routing access to VTY shell Virtual routing table allows multiple instances of a routing table to exist and work at the same time in Bytton acting as a route QoS marking and prioritizing packets for different types of traffic Top ex Location ROUTING Empowering Communications Remote User superuser HOME F LAN WAN Configuration sections F TUNNELS ROUTING Firewall ROUTING Configuration Pages Firewall Configure the firewall accept or reject traffic redirect ports etc Routes View the routing table and add static routes Routes When you are done please use the COMMIT button to activate your settings D ynamic Virtual R T OOS Figure 5 74 The ROUTING web page for Bytton ICR Examples Kernel IP routing table Destination Gateway Genmask Flag
154. Jun 10 10 10 10 10 10 10 10 10 53 53 53 53 53 53 53 53 16 bytton bytton bytton bytton bytton bytton bytton bytton bytton daemon 65 daemon daemon daemon daemon daemon daemon daemon daemon daemon 03 2f warn pppd 5747 Could not determine remote IP address info dnsmasq 1199 reading etc resolv conf info dnsmasq 1199 using nameserver 62 217 193 65453 notice pppd 5747 local IP address 93 122 148 36 notice pppd 5747 remote IP address 10 64 64 65 notice pppd 5747 primary DNS address 62 217 193 1 notice pppd 5747 secondary DNS address 62 217 193 65 debug pppd 5747 Script etc ppp ip up started pid 5777 info dnsmasq 1199 read etc hosts 1 addresses debug pppd 5747 Script etc ppp ip up finished pid 0x0 bytton status 10 02 19 user notice root RESTART SERVICES 10 36 32 bytton user info kernel br0 port l wlan0 entering forwarding 10 10 10 10 37 38 38 38 10 38 57 Jun 26 10 38 57 7986431 bytes Jun 26 10 38 57 pid 4547 Jun 26 10 38 57 request Jun 26 10 38 57 Jun 26 10 38 57 01 01 57 57 bytton bytton bytton bytton bytton bytton cron err crond 2174 USER root pid 4076 cmd net moni cron err crond 2174 USER root pid 4251 cmd net moni user notice root Stop PPP user daemon info pppd 3604 Terminating on signal 2 daemon info pppd 3604 Connect time 3 2 minutes daemon info pppd 3604 Sent 319574 bytes
155. Key Index shows which key is active You may have a list of pre defined keys out of which the system administrator periodically chooses the active one The selected WEP key is automatically published to the clients of the Access Point Warning WEP is a basic encryption method and it was designed to provide a level of privacy equivalent to an unsecured wired LAN so you should not rely only on WEP for protection WPA sec WPA Security oettings for Wi Fi Protected Access a Wi Fi standard designed to improve the security features of WEP It features improved data encryption through the temporal key integrity protocol TKIP and user authentication through the extensible authentication protocol EAP EAP is built on a secure public key encryption system to ensure that only authorized network users can access the Wi Fi network You can select to Disable the WPA security or to use PSK or PSK keys WPA Security FPSK2 PSK means pre shared keys the keys are public every user is WPA Key Disabled PSK given the same passphrase WPA Crypto P The pre shared key version is called WPA Personal or WPA2 Personal while the more secure version using 802 1X server authentication is WPA Enterprise or WPA2 Enterprise In this case you must enter the respective key in the WPA Key WPA Crypto AES field the select the type of cryptography to be used for WPA TKIP You can select for cryptography TKIP AES or both E TKIP Temporal Key
156. Kibyte 120000 56 complete Erasing 128 Kibyte 140000 62 complete Erasing 128 Kibyte 160000 68 96 Update omplete Erasing 128 Kibyte 180000 75 complete Erasing 128 Kibyte 1a0000 81 complete Erasing 128 Kibyte 1c0000 87 Defaults 2 5 complete Erasing 128 Kibyte 1e0000 93 complete Remount ro rw Remount ro rw Load default settings Logs save CFG Figure 5 117 Loading Defaults the progress bar Updating Settings please wait Under the window Load default settings with its progress bar the equipment displays messages showing detailed information concerning the progress of the operation Erasing 128 Kbyte Flash 096 696 93 complete and finally Remount Then Bytton ICRE reboots and start operation with the factory default settings CAUTION Use this option carefully During the process Bytton ICR will not be available for routing and connecting to the 3G network For a few moments the LAN icon in the status bar will be barred with a red x and the message A network cable is unplugged will show up indicating that Bytton ICR is unavailable Hardware factory defaults If you want you can also perform the Return to Defaults operation via hardware This means you do not need to use the Web interface For this simply press the Reset button located on the back panel among the connectors for at least three seconds The Bytton ICR equipment
157. L 4 I T t Signal Level 0 30 Network 0 2 22601 2 Registration online Registration status indicates whether the SIM card is registered to the mobile network or not Normally it should display Registration online Warning When the mobile module is in a call or while it is transmitting or receiving SMS it cannot be interrogated about its state security error EM age Security error Modem Version error SS Modem version error IMSI error Thus if you click SIM Status while in a IMEL error IMEI error voice call you will get an error message Signal Level na signal Sulit eme ERR Network error Signal Ec To This does not Mean something IS Registration error Network error error wrong simply try again click Reload CELL error later when you have finished the voice Registration error call or the transmission of SMS _ 2n messages Figure 5 158 SIM Status with error messages when the SIM card or module is busy Cell when the mobile voice data provider supports this feature information is shown about the current cell where the Sim of the Bytton equipment is registered 2 1 7D21 0C838945 2 35141 2 1 03F2 00102CE3 2 Ze 0372 DO10CEOF 2 Or CELL 2 1 1B62 00000E42 0 2 1 03F2 001058DF 2 CELL 2 1 03F2 001058DF 2 ByttonICR fulli genericUsermanual_sw303FAS_revG_en doc Page 217 of 272 Bytton ICR 5 5 ROUTING _ REESEN 5 7 2 SIM Settings In this section y
158. MD5 File TRX File Text Docur TRX File Text Docur TRX File Text Docur TRX File You must load also the control sum located in the text file with the same name as the firmware image Open the txt file with Notepad and copy the hex string for the control sum Ej topex 3 0 3 a FA S trx 7 19 2012 1 29 PM TRX File 15 928 KB topex 3 0 3 a FA S txt 7 19 2012 1 29 PM_ Text Document 1 KE topex 3 0 3 a FA S bet Notepad ie Edit Format View Help Firmware topex 3 0 3 a FA S trxcheck Sum EEBEREEBENIEEETRSDISEEREPBUENETT TS Author Iracli vasileBuild Date Thu Jul 12 10 26 12 EEST 2012 Paste this value in the field Control Sum of the Firmware Update window Firmware Update Please select your firmware update file below enter the control sum and dick the SEND button Control Sum Bbd3774d8f 7aaeb 10c188dedd fee6661 After reboot Bytton ICR is operating with the firmware version 3 0 3 as shown below Topex c EN A Empowering Con Remote User superuser HOME LAN WAN TUNNELS ROUTING SYSTEM system Status Firmware version topex 3 0 3 a FA S Ethernet link up PPP link online IP 293 122 148 36 PPPOE link offline Logs Password Update Defaults Save CFG Load CFG SERVICES SIM Stuff System uptime 12 15 20 up 1 min load average 0 78 0 24 0 08 1342743264 00 13 02 6d 73 da 191 168 1 12 Irina Dell 01 00 13 02 6d 73 da 1342743264 d8 9e 3f 06 25 955 151 168 1 1
159. Mb s 1 10 Mb s 10 100 Mb s Enabled Please use the COMMIT button to activate your changes ARP Table IP address HW address 172 27 16B 7 g 00 00 00 00 00 00 10_0_ 0_13 Qa 00 06 4f 02 15 82 172 27 168 70 00 00 00 00 00 200 Please use the COMMIT button to activate your changes When every ETH port is individually configured LAN1 and LAN2 have been assigned each its own IP LANO is set to second WAN but not connected all four Ethernet ports will show up accordingly in the Port Status display pane STATUS wan Speed 100Mb s Duplex Full Auto negotratrion on Link detected yes STATUS lany Speed 10Mb s Duplex Half Auto negotiation off Link detected no STATUS lanl Speed 100Mb s Duplex Full Auto negotiation on Link detected yes STATUS Lanz Speed 100Mb s Duplex Full Auto negotiation on Link detected yes Bytton ICR 5 CONFIGURATION The routing table will also show the routes for the local ETH ports whose IP addresses have been individually assigned Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 199451523594 92 692128 255 255 255 255 UGH 0 0 0 wan 1712 106941 12 0 0 0 0 PAES MIAE AE S TJ 0 0 0 lan2 10 0 03 0 DD D fosa PES ds RO oe U 0 0 0 bro 1772 1698 1 0 Ca On One 209 2559 0 U 0 0 0 lanl 1 92 10920 DN EEGEN Poi PEU ccc re Om 0 U 0 O 0 wan UPON ONE 1 92 EE ils 0 0 0 0 UG 0 0 0 wan ARP TABLE What is it Generally the Address Resol
160. N when the WANO LANO port is taken out of the LAN switch and assigned to a secondary WAN GRE tunnels gret1 gret2 IPSEC tunnels ipsec1 ipsec2 and so on Virtual LANs Bridges between different interfaces br1 br2 br3 Open VPNs OVPN TAPO And so on VP SS ng After reboot the assignment of IP addresses will be performed by the remote DHCP server JHCP Server Forward to e Start IP 10 0 0 50 DHCP Leases End IP 10 0 0 100 Forward to 192 168 144 121 1341274849 00 06 4r 02 15 82 10 0 0 50 VOO0OQOQ073 01 00 06 4rf IF DNS Servers Select which primary and secondary servers for DNS Domain Name Service that will be used Options are Automatic default and Manual DNS Servers Automatic Manual Figure 5 29 Select Manual or Automatic for DSN Servers a If you leave the setting to the default Automatic the equipment will look for DNS servers in the local or remote networks DNS Servers Automatic Also when you have chosen Automatic the fields below will NB be colored in gray indicated they are not editable Nameserver 1 Figure 58 When Automatic option is chosen the next fields are inactive grey color Nameserver 2 0 0 0 0 Should you select the option Manual instead of Automatic then DNS Servers Manual you must complete the IP addresses of the two Nameservers Nameserver 1 192 168 144 88 primary and alternate yourself ME Figure 5 30 S
161. NAM Figure 11 5 Details of the magnetic base of the GSMO03 Antenna for 4G with the thin connection cable and the active road disassembled ERI AA ALAAALLLLL MM ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 260 of 272 Bytton ICR 11 Annex 2 Antennas for ByttonICR EE The following table shows the main characteristics of the multi oand LTE antenna with magnetic base supplied with the Bytton ICR package for 4G LTE variants Name description GSM03 multi band LTE Antenna Electrical specifications Frequency bands GSM 890 960 MHz PCN 1710 1880 MHz PCS 1850 1990 MHz UMTS HSPA 1920 2150 MHz LTE 2500 2690 MHz Gain VSWR Input Impedance Directivity Polarization Maximum Power Active rod wire coil 246 mm Height 32mm Mounting Magnetic Bottom heavy stable Adhesive sticker Type RG178 standard length 3 m Nipple SMA male Temperature range Storage 45 C to 75 C Operating 30 C to 75 C IP protection Fit for outdoors usage In case of locations with a low level of 4G signal Yagi high gain directive antennas are also available for the LTE frequency band They may be apparent or enclosed in a Radome single ori paired LTE technology typically employs antenna diversity thus two antennas are used Typicall Yagi gains range for 9dBi up to 14dBi in the 2500 2700MHz frequency bands and the UV stable UL flame rated radome assures all weather operation Warning Don t use e
162. NO AWANO WANO e and act as a secondary WAN port with or as in this IP Address example without specific IP E Netmask Now the bridge brO joins only lan and wlanO bridge name bridge id SIP enabled interfaces br 8000 _00197049f3d7 no wlan lan The new settings can also be seen in Iface status bro Link encap Ethernet HWaddr 00 19 70 49 F3 D7 inet addr 10 0 0 1 Bcast 10 0 0 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1488 Metric 1 RX packets 453 errors 0 dropped 0 overruns 0 frame 0 TX packets 971 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 49026 47 8 KiB TX bytes 187994 183 5 KiB lan Link encap Ethernet HWaddr 00 50 C2 F5 23 2A UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 920 errors 0 dropped 0 overruns 0 frame 0 TX packets 1095 errors 1 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 88417 86 3 KiB TX bytes 89562 87 4 KiB Base address 0x2200 lanl Link encap Ethernet HWaddr 00 50 C2 F5 23 2A inet addr 172 168 1 13 Bcast 172 168 1 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 547 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 0 0 0 B TX bytes 44758 43 7 KiB lan2 Link encap Ethernet HWaddr 00 50 C2 F5 23 2A inet addr 172 168 1 15 Bcast 172 168 255 255 Mask 255 255 255 254 UP BROADCAST RUNNING MULTICAST MTU 1500 Metri
163. OADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 28290 errors 9 dropped 0 overruns 0 frame 0 TX packets 4 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 1784161 1 7 MiB TX bytes 269 269 0 B Base address 0x3000 wan 0 Link encap Ethernet HWaddr 00 50 C2 F5 23 29 inet addr 192 168 148 148 Beast 192 168 146 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 Base address 0x3000 wlanO Link encap Ethernet HWaddr 00 19 70 49 F3 D7 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 629 errors 0 dropped 0 overruns 0 frame 0 TX packets 605 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 99197 96 8 KiB TX bytes 255677 249 6 KiB The corresponding Routes table Destination Gateway Zenmask Flags Metric Ret Use Iface 10 64 64 65 0 0 0 0 255 255 255 255 UH g d 0 pppl 192 168 144 254 0 0 0 0 255 255 255 254 U g d J wan 10 0 58 8 0 0 0 0 255 255 255 254 U g d J gretl 10 0 58 16 0 0 0 0 255 255 255 252 U g d 0 bro 192 168 148 148 0 0 0 0 Zb 255 255 252 U g d 0 land 172 27 168 0 0 0 0 0 255 255 255 0 U d j land 10 0 0 0 0 0 0 0 Zb 255 255 0 U d J bro 192 168 148 090 0 0 0 0 Zb 255 255 0 U J d J Leni A 192 168 148 0 0 0 0 0 Zb 255 255 0 U J j wan 10 0 0 0 0 0 0 0 255 255 0 0 U g d bri 192 168 0 0 0 0 0 0 255 255 0 0 U J wan 0 0 0 0 10 64 64 65 0 0 0 0 UG g g OU pppl When the LAN1 and LAN2 Ethernet ports are removed from the d
164. ON Ee itself In a VLAN network environment with multiple broadcast domains the network Administrators have control over each port and user Now malicious user can no longer just plug their workstation into any switch port and sniff the network traffic using a packet sniffer The network administrator controls each port and whatever resources it is allowed to use Usage of VLAN means an increase in security since the information is encapsulated in an additional level and possibly analyzed VLANs can separate traffic logically within a switch or station son one VLAN can not communicate directly with stations on another VLAN You can may also restrict which are allowed to communicate with other VLANs thus improving security For instance you could set up a guest VLAN that only allows access to the Internet not to other machines in the local network Another VoIP phone VLAN may be created especially for IP phones only Generally inside a company different sections departments buildings floors or even individual computers may be set up into their own networks as large pr small as really required Much greater flexibility in usage and more flexibility in administration Use A VLAN has the same attributes as a physical local area network LAN but it allows for end stations to be grouped together even if they are not located on the same network switch or even in the same building To physically replicate the functions of a VLAN it wou
165. OSTROUTING o wan j MASQUERADE COMMIT Completed on Mon Jun 18 15 30 55 2012 Generated by iptables save v1 4 10 on Mon Jun 18 15 30 55 2012 filter INPUT ACCEPT 25 4722 FORWARD ACCEPT 0 0 OUTPUT ACCEPT 1084 190069 A INPUT i lo j ACCEPT A INPUT i brO j ACCEPT l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 79 of 272 Bytton ICR 5 CONFIGURATION E A INPUT p gre j ACCEPT A INPUT m state state RELATED ESTABLISHED j ACCEPT A INPUT i tap0 j ACCEPT A FORWARD i br0 j ACCEPT A FORWARD p gre j ACCEPT A FORWARD m state state RELATED ESTABLISHED j ACCEPT A FORWARD p tcp m tcp tcp flags SYN RST SYN j TCPMSS clamp mss to pmtu A FORWARD i tap0 j ACCEPT A OUTPUT p tcp m tcp tcp flags SYN RST SYN j TCPMSS clamp mss to pmtu COMMIT Completed on Mon Jun 18 15 30 55 2012 Bridge Status You can check the state of the three bridges created above by the link BR Status bridge name bridge id SIF enabled interfaces br ag000 00197049 3d7 no wlan lan bri S000 0050e2f52327 no land bre S000 0050e2f52329 na warn br3 aggg og0000000000 no Each bridge has an unique ID hex number This number shows up when the bridge is in effect that means after you issued a Commit The bridge br3 does not use ETH interfaces so ity dos not show up with the interfaces list Notice that brO exists by default you cannot delete it This bridge joins together in
166. OSTROUTING ACCEPT 78 5381 A POSTROUTING o bri j MASQUERADE A POSTROUTING o pppl j MASQUERADE A POSTROUTING o wan j MASQUERADE COMMIT Completed on Mon Jul 16 10 50 29 2012 Note Although masquerading may be applied for all interfaces of the Bytton ICR device it makes sense only for remote networks this is why the NAT sub page was places inside the WAN menu NAT what and why It performs IP Masquerading or NAT translation of source and destination IP addresses and port numbers upon data packets Network Address Translation basically allows a single device such as the Bytton ICR router to act as agent between the a public network such as the Internet and one or several local or private networks This means that for the representation of the entire group of local machines to anything outside their network just a single unique IP address is required Besides this address range compression feature NAT is also used for Security and Administration Implementation of dynamic NAT automatically creates a firewall between your internal network and outside networks or the Internet Dynamic NAT allows only connections that originate inside the stub domain Another benefit of NAT is simpler network administration Changes to the internal networks may be performed easily since the only external IP address either belongs to the router or comes from a pool of global addresses And in case of changing the host for various s
167. OUTING pe mif View the active rules Firewall view rule E Generated by iptables save w1 4 10 on Tue Jul 17 10 56 55 2012 mangle z PREROUTING ACCEPT 80114 77359815 INPUT ACCEPT 34499 2165645 z FORWARD ACCEPT 254 22884 OUTPUT ACCEPT 57756 3799833 POSIROUTING ACCEPT 59711 3879638 COMMTT E Completed on Tue Jul 17 10 56 55 2012 Generated by iptables save vl1 4 10 on Tue Jul 17 10 56 55 2012 nat z PREROUTING ACCEPT 46020 5616338 OUIPUT ACCEPT 5939 3571066 POSTROUTING ACCEPT 5683 351217 A PREROUTING i br p tcp m tcp dport 21 j DNAT to deatination 193 76 244 115 47 A POSIROUIING o pppl j MASQUERADE A POSTBROUTING o wan jJ MASQUERADE COMMTT E Completed on Tue Jul 17 10 56 55 2012 Generated by iptables save v1 4 10 on Tue Jul 17 10 56 55 Zz 1z filter INPUT ACCEPT 20595 87415 FFOBWARD ACCEPT 254 22884 GUIPUT ACCEPT 57561 3788776 A INPUT i lo j ACCEPT A INPUT i br j ACCEPT INPUT p gre j ACCEPT A INPUT m state atate RELATED ESTABLISHED jJ ACCEPT A INPUT p tcp m tcp dport 2601 j ACCEPT amp INPUT p tcp m tcp dport 2604 j ACCEPT A INPUT p udp m udp dport 161 j ACCEPT A INPUT p udp m udp dport 162 j j ACCEPT INPUT i Cep j ACCEPT A INPUT p udp m udp dport 4500 j ACCEPT A INPUT p ipve auth j ACCEPT A INPUT p udp m udp sport 500 dport 500 jJ A
168. PP gt IDLE TIME 0 as explained previous when idle time is set to zero the PPP connection will be always on so there is no more need for verification Check link Check Ping amp Check Ping amp Check sends out PING probing packets and listens for reply to them while the Check option only listens for verification packets form an active source Interval Time interval in seconds to check the status of the data link default is 1500 Check link Interval No of pack IP SRC IP Action Png amp Chek 13000 as Jpe20155 37 33 122 129 175 Resetdatalink v Help Check Link Figure 5 58 Example of editing settings for PPP Check Data Link and explanation of parameters No of pack Number of ping packet to be send after time Interval such as 3 4 or 5 packets N ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 125 of 272 Bytton ICR 5 CONFIGURATION EE IP remote IP address that Bytton will response at ping command This must be a IP address that will either answer to the ping command issued by Bytton or generate PING packets for Bytton ICR to listen to SRC IP The source IP for PING packets You can send ping with a source IP This can be LAN Loopback or Tunnel IP If this IP is left with the default to 0 0 0 0 value the Bytton equipment will ping with source IP of the outgoing interface Action the last field defines the action to be taken when ping replay is not received By defau
169. Port in the WAN settings Address Type options are Static or DHCP Assigned Default is DHCP Assigned which means that the IP address of the WAN Ethernet Interface will Address Type DHCP Assigned z be automatically assigned by a DHCP server IP Address Netmask Note that in this case the fields following this option Gateway are inactive as shown below They are colored in gray because you cannot write Nameserver 1 0 0 0 values into them Mameserver 2 mmm Figure 5 47 Selection of address type Automatic for WAN Port in the page for WAN See the corresponding Routing Table for Automatic WAN the ppp1 link has been stopped Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10 0 0 0 0 0 0 0 255 255 255 0 U 0 0 0 brO 192 168 148 0 0 0 0 0 255 255 255 0 U 0 0 0 wan 172 27 0 0 0 0 0 0 255 255 0 0 U 0 0 0 lanO 192 168 0 0 0 0 0 0 255 255 0 0 U 0 0 0 wan When you select Static instead of DHCP then you must also fill in the IP Address value on the WAN side Netmask for this address and address of the Gateway used for routing You must also specify the name servers Address Type Static IP Address 93 1272 148 198 Netmask 255 255 255 254 Gateway 93 122 143 2 Address Type Static IP Address 192 168 1 148 Metmask 255 255 0 0 Gateway 192 168 1 8 Nameserver 1 1197 168 1 38 Nameserver 1 93 122 148 3 Figure 5 48 Examples of setting Static address for W
170. QkBFhz 2YXNpbGUuaX Jh Y 2xpOHR vcGVALnJvgakAgxwfxi3k BYwBakghkiGawO BCQEWFnzhc2lsz55pcmFjbGlAdGS9wzXgucm8wHhc NMDgwNTIyMTUy MDEwWhcHNMTawNTIWwMTUyMDEwWjCBiI TELMAKGA 10EBhMCUKSxDDAKBaNV OzESMBAGA 1LUEBXMJQU 1R IMO4wDAYDVOOKEWVUT IBFVWDEOMAwGA 1LIECXMF VESQRVgxETAPBgNVBAMTCFRPUEVYTAQKBFhZ2YXNpbGUu In 2xpOHRvcGBiQSnaqxtDVR jBIK EXKoZIhvcNx AL EHD KEY n 5ave Accordingly the Open VPN interface will show up in the Interfaces drop list either with TUN or TAP as suffix Interface OVPN_TUNO BRO LANOW ANG Embeded Modem WAN bri OVPN TUNG The corresponding routing rules will also be automatically inserted in the iptables table look for the tapO entries Generated by iptables save v1 4 10 on Wed Jul 4 10 43 48 2012 filter INPUT ACCEPT 235 26609 FORWARD ACCEPT 0 0 OUTPUT ACCEPT 662 105191 A INPUT i lo j ACCEPT A INPUT m state state RELATED ESTABLISHED j ACCEPT A INPUT i tap0 j ACCEPT A FORWARD i br0 j ACCEPT A FORWARD p gre j ACCEPT A FORWARD m state state RELATED ESTABLISHED j ACCEPT A FORWARD p tcp m tcp tcp flags SYN RST SYN j TCPMSS clamp mss to pmtu A FORWARD i tap0 j ACCEPT A OUTPUT p tcp m tcp tcp flags SYN RST SYN j TCPMSS clamp mss to pmtu COMMIT Completed on Wed Jul 4 10 43 48 2012 Generated by iptables save v1 4 10 on Wed Jul 4 10 43 48 2012 mangle PREROUTING ACCEPT 1021 95186 INPUT
171. ROUTING pem Mf Serial Service 1 or 2 select Disabled to de activate or Server to Serial 2 Service server activate the respective RS 232 port By default they are both disabled Di Parameters for the serial connection Here you can set the usual parameters for a RS 232 serial connection Speed en such as speed in bits per second 1200 9600 115200 etc number of See Ss Data bits 8 7 5 etc per byte number of Stop bits parity checking d Not used Even or Odd flow control Not used Xon Xoff Hardware Parity None Current recommended settings are 9600 bps 8 N 1 Stop bit fi Flow control Mane Figure 5 137 parameters for the serial connection s Data bit f8 i Parity Even Bil d Bl Flow control None E Parity Even e D Stop bit 2 e Data bit 7 Different port configurations Parity odd sl If your Bytton ICR has two RS 232 ports they can be configured with Stop bit BEI different parameters according to the requirements of the particular serial Blauasegeel MON MOFF connection to the respective legacy equipment Remote connection parameters In case of using the remote serial server you must fill in additional parameters for this feature Delay the value in milliseconds of the buffers that stores the characters before sending them over the serial connection Packet Size in bytes def
172. RX bytes 3121857 2 9 MiB TX bytes 13690 13 3 KiB Base address 0x3000 wlanO Link encap Ethernet HWaddr 00 19 70 49 F3 D7 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 147 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 0 0 0 B TX bytes 16962 16 5 KiB l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 110 of 272 5 3 WAN Here are the pages for configuring the WAN remote network side of the Bytton ICR router Location WAN Empowering Communicatians Remote User superuser xi z Topex HOME LAN WAN Configuration sections WAN Configuration Pages JIE Select the desired WAN connection type setup masquerading etc WAM Port Configure the IP settings for the WAM Ethernet port PPPoE Configure the IF settings for a PPF over Ethernet connection FPF FPF settings for the internal data terminal TUNNELS ROUTING SYSTEM SERVICES SIM Stuff When you are done please use the COMMIT button to activate your settings Commit Figure 5 41 The WAN webpage This WAN Home page briefly describes your options in setting the WAN connection 5 3 1 Settings Allow you to select the type of the interface you use for WAN connection the usage of fail over and of masquerading Topex Location WAN gt Settings Remote User superuser Empowering Communications h HOME LAM WAN settings WAN Port PPPoE
173. Rohde amp Schwarz Topex Bytton ICH Industrial Cellular Router User s Manual 2012 Bytton ICR Dear Client p M UUUUUUUUUU I Dear Client Thank you for buying the Bytton ICR product from Rohde amp Schwarz Topex S A and congratulation for your wise choice Bytton ICR has the following features e Very High Throughput download data rates up to 42 Mbps over HSPA depending upon the type of modem selected and the capability of the mobile network used LTE ready data rates up to 100 Mbps over LTE networks with dual antennas wired Ethernet data transfers between clients up to 100 Mbps wireless local data transfers up to 54 Mbps with the standard 802 11g embedded AP and speeds up to 150 Mbps with the optional 802 11n wireless access point also available with antenna Diversity feature e Cross network capabilities Dual SIM variant the dual SIM version uses two SIM cards not concurrently for increased availability when the primary carrier fails or you get out of the coverage area Bytton ICR automatically switches to the second mobile data provider e Rugged metal case compact and reliable the metallic case in ruggedized ensuring reliable operation even in extreme environment conditions extended temperature range available upon request up to the 30 C to 80 C the compact size makes it easy to carry and use e Remote control and monitoring ready for machine to machine applicat
174. T ROUTING Firewall Routes Dynamic Virtual R T Please use the COMMIT button to activate your changes QOS k SYSTEM SERVICES Figure 5 91 Dynamic ROUTING page VTY Shell shows up when Dynamic Routing is enabled Dynamic Routing RIP Web VTY Shell When you click on the link Web VTY Shell the web shell for the Quagga program show up allowing you to enter advanced commands for Quagga routing ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 160 of 272 Top ex J Location ROUTING gt Dynamic Empowering Communications Remote User superuser HOME F LAN VTY Shell F WAN F TUNNELS ROUTING Firewall Routes Dynamic Virtual R T QOS Figure 5 92 Entering commands and parameters in VTY Shell Results of using the Web console for Quagga Mode ve Param 0 Bee we Hello this is Quagga version 0 99 20 Copyright 1996 2005 RKunihiro Ishiguro et al bytton disable bytton show ip route Codes EK kernel route C connected 5 static BR RIP O OSPF I ISIS B BGP gt selected route FIB route EK 0 0 0 0 0 via 192 168 1 8 wan C 10 0 0 0 8 is directly connected bri C 10 0 0 0 24 is directly connected br C 10 0 0 0 30 is directly connected bri C 127 0 0 0 8 ias directly connected lo C 19727 168 0 0 16 is directly connected wan C 1952 168 144 0 24 is directly connected wan 3 C gt 192 168 148 0 24 is directly
175. TP Open VNP and so on Depending upon the actual firmware revision running on your Bytton ICR the Tunnels web page may contain several types of tunnels form three to six sub pages For instance besides GRE and IPSEC which are present in all software revisions you may have also PPTP PPTPD OVPN and respectively L2TP as shown below To D vO Location TUNNELS Remote User admin byttonHSDPA Tunnels Configuration Pages HOME gt LAN WAN i Enabling and configure the GRE IPSEC PPTP L2TP tunnels Y TUNNELS Configure the GRE IP tunnel 0 settings GREO Configure the GRE IP tunnel 1 settings GREI Configure the IPSEC tunnels settings i Configure the PPTP client tunnel settings IPSEC Configure the PPTP server tunnel settings LeTP Configure the L2TP server tunnel settings PPTP PPTPD When you are done please use the COMMIT button to activate your settings Configuration sections t ROUTING P SYSTEM P SERVICES gt SIM d VOICE MISC Figure 5 61 Example of maximal TUNNELS Web page with six sub pages TUNNELS The current version of Bytton ICR has available configuring pages for the GRE IPSEC Open VPN and respectively PPTP tunnels GRE IPSEC OVP D PTF Bytton ICR 5 CONFIGURATION EH 5 4 1 GRE Settings for the GRE IP Tunnels which is used when you need to perform IP tunneling in order to achieve a Virtual Private Network using several Bytton ICR devices interconnect
176. Topex wireless router What it is Generally Iperf is an industry standard tool to measure the bandwidth and the quality of a network link The network link under test is delimited by two hosts running Iperf This tool is accurate and provides clear metrics to understand and use the performance metrics it produces As you notice the lperf feature on Bytton ICR may operate either as a Client or as a Server For extensive BW tests over a link one host must be set as client the other one as server The quality of a link can be tested as follows Latency response time or RTT can be measured with the PING command available in Test Net link that shows up in the Interface Status pages Jitter latency variation can be measured with an Iperf UDP test Datagram loss can be measured with an Iperf UDP test The iperf running on Bytton ICR is a simplified application it just measures the bandwidth The bandwidth is measured through TCP tests The main difference between TCP Transmission Control Protocol and UDP User Datagram Protocol is precisely that TCP use processes to check that the packets were correctly received at the destination while with UDP the packets are sent without any checks but with the advantage of being quicker than TCP The Iperf utility uses the different capacities of TCP and UDP to provide statistics about network links Iperf has a both a client and server functionality and can measure the t
177. UTING SYSTEM Y SERVICES VRRP SERIAL SMS DDNS NTP Reset SIM Stuff SNMP Setings SNMP Enabled Disabled Local name SNMP WAN Enabled Disabled e COMM I Netmask public private Please use the COMMIT button to activate your settings Figure 5 131 SERVICES SNMP enable and configure the network management By default the SNMP service of Bytton ICR is disabled and there are two empty entries for public and respectively private You may also enable or disable the SNMP feature on the remote WAN side of the Bytton router By default this one too is disabled What about SNMP This Simple Network Management Protocol SNMP is used as the transport protocol for network management This Network management business generally consists of network management stations communicating with network elements such as hosts routers servers or printers The agent is the software on the Bytton ICR router that runs the network management software Therefore when the word agent is used it is referring to the network element This agent store information in a management information base MIB The network manager can set the threshold of the monitored event that will trigger the sending of the trap message Among other applications SNMP enables monitoring the performance of the network when used in conjunction with different performance monitoring programs SNMP Communities are groups that devices and management station
178. UTING P SYSTEM d d Autoprovisioning BW test Enabled Le FTP Disabled Le adress Pathe SERVICES SIM Stuff Email Auto cfg BW Test Test server Schedule nmin Please use the COMMIT button to activate your settings Finally use the Commit button at the bottom of the Menu to make these changes permanent after the restarting of the Bytton ICR equipment m Commit Topex Remote User superuser Empowering Communications HOME LAN IP Settings DHCP Server Commit Settings WiFi Settings 5 1 8 MENU Items There are several sections Menu items on the configuration page of Bytton ICR device as shown in the images below Defending upon the type of authorization you may have access to all the features or only to some of them Top ex Location SYSTEM Empowering Communications Remote User admin HOME T LAN IP Settings DHCP Server System Configuration Pages Configuration sections View current status Internet connection traffic counters etc View or save system log files Firmware update Change the administrator password Restore factory defaults Save current configuration Load a configuration file WiFi Settings F WAN TUNNELS GRE ROUTING Firewall When you are done please use the COMMIT button to activate your settings Routes SYSTEM Status Logs Password SERVICES SIM Figure 5 16a Web configuration page listing sub menu items
179. VLAN Help Interface Status Please use the COMMIT button to activate your changes A virtual or logical LAN is a subgroup in the physical local area network which is created by software It functions at Layer 2 unlike IP sub networks which operate at Layer 3 level R amp S Topex s ByttonICR implements VLANs according to the IEEE standard 802 1q This specifies additional bits flags to the data packets marking them for prioritization and or routing for VLAN The VLAN table explained here lets you define several logical networks for each one you must set up the Interface to be used ID number for the respective VLAN IP address and corresponding net mask then establish the MTU Netmask MTU V Int 255 255 255 254 4 192 168 148 255 255 755 255 0 1500 lan0 4 EditDel 10 0 58 36 21595 2535 255 2534 743 greti 5Edit Del LANO WANO Embeded_Modem WAN At first the table is empty you must use Add New to create No Interface vi IP Netmask MTU V Int an additional entry then Edit to change the parameters Bytton ICR 5 CONFIGURATION SSS M SSS SS SS N Also each VLAN definition that you have entered may be individually saved or deleted using the links to the right of the table MTU sV Int 748 br 2 Edit Del 1500 pppi 3 Edit Del o Interface As you can see when you set up the Interface to be used for each VLAN the drop list shows not only the three physical interfaces
180. a to the AUX connector instead of MAIN then it wont be able to work properly The Bytton ICR unit and its antennas should be placed such as to be as far as possible from appliances or office equipment that is sensitive to radio interference microwave ovens copiers TV sets PC displays and multimedia systems For best results try to find for the WiFi and HSPA antennas a place of maximum signal reception In addition the antenna must NOT be located near heavy duty equipment that may generate electromagnetic interferences such as electric motors or heaters ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 262 of 272 Bytton ICR 12 Annex 3 Busy Box Commands 12 Annex 3 Busy Box Commands Here are shown several examples of outputs of the BusyBox utility running on Bytton ICR Outputs of a few BusyBox commands Manipulate ARP cache Network Test backup2 topex ro 192 168 1 88 at f4 ce 46 fb b5 da ether on wan 10 0 0 13 at 00 06 4 02 15 82 ether on brO voluntarigw topex ro 192 168 1 8 at b4 99 ba a9 37 5c ether on wan 10 0 0 12 at 6c 0 49 76 24 4b ether on brO 10 0 0 13 at 00 06 4 02 15 82 ether on brO 10 0 0 20 at 60 b 42 39 48 86 ether on brO Or 192 168 1 8 at on wan 192 168 168 168 at on wan 10 255 0 25 at 00 06 4 02 15 82 ether on brO Print filesystem usage statistics Show all filesystems on the Bytton equipment Filesystem
181. a LAN or WAN The first part of the address is unique to the company that produced the device and beyond that it is a sequence of digits unique to a single device manufactured by a company The IEEE 802 x protocol for instance 802 3 is Ethernet specifies that the MAC sub layer must supply a 48 bit 6 byte address The MAC is most frequently represented as 12 hexadecimal digits When looking at this hex representation of the MAC address the first six hexadecimal digits identify the vendor while the last six hex digits identify the specific network interface card Different companies like to show MAC addresses different ways Bytton ICR makes use of the Unix type MAC formatting where there are six groups of two hex figure and the separator is instead of the used by Microsoft See below a few examples of MAC addresses encountered by the equipment MAC address filtering Since the MAC number is a unique number a router may be programmed to accept or reject only certain MAC addresses from the local Ethernet network or Wi Fi access points When an unknown MAC address tries to connect the Bytton router will not let it MAC filtering can be used to prevent unauthorized access into small corporate networks Without MAC address filtering any wireless client can join authenticate with a Wi Fi network provided they know the network name ESSID and maybe a few other security parameters like passwords or encryption keys When MAC address filteri
182. a relatively limited area typically inside the same office building The communications link that interconnects these computers allows any device of the network to interact with any other from the same network The devices that compose a local network workstations personal computers and peripherals are called nodes and typically share the resources of a single processor or server This server has resources applications processing and data storage capabilities that are shared in common by multiple computer users The LAN can be connected to other local networks over any distance via phone lines wireless links or other connections and the system of LANs connected in this way is called a wide area network WAN The LAN may also be connected to the Internet through a gateway The Bytton ICR equipment performs as a gateway since it interfaces between local Ethernet and or Wi Fi networks and the 3G CDMA or LTE wireless data network MAC Address Media Access Control A MAC address is the hardware physical address of a device connected to a network In the Open Systems Interconnection model of communication the MAC layer is one of two sub layers of the Data Link Control layer and is concerned with sharing the physical connection All network interface controllers must have a hard coded and unique MAC address The MAC address is applied at the factory and uniquely identifies network hardware such as a Ethernet cards modems or wireless adaptors on
183. action security is more secure than a user ID and password thus it is mostly used by financial institutions for example for credit card purchases over the Web Since Bytton ICR provides ensures S HTTP this means a higher degree of security for you SMS Acronym for Short Message Service means the transmission of short text messages to and from cellular phones The messages must be text only no images or graphics and not longer than 160 alpha numeric characters Operators of Mobile Phone Networks use a spare data channel to send SMS messages You may send SMS messages to another mobile subscriber the mobile operator can send you phone settings over the air or commercial companies may send dedicated content to your mobile terminal The embedded firmware allows Bytton ICR equipment to send and receive SMS via mobile network from the computer connected to it Static packet filter One of the simplest and least expensive forms of firewall protection is known as static packet filtering With static packet filtering each packet entering or leaving the network is checked and either passed or rejected depending on a set of user defined rules Dealing with each individual packet the firewall applies its rule set to determine which packet to allow or disallow The static packet filtering firewall examines each packet based on the following criteria Source IP address Destination IP address TCP UDP source port TCP UDP destination port St
184. affic to avoid unnecessary expenses you should set BYTTON to disconnect when there is no data traffic MTU value for the Maximum Transmission Unit MTU is the largest physical packet size measured in bytes which a network can transmit Messages larger than this will be fragmented into several packets Different networks have different values for MTU which is set by the network administrator It is important to set the optimal MTU value if it is incorrectly set the data transfers will be slow The default MTU size is 576 for many PPP connections 1024 for a modem connection 1500 for Ethernet networks etc The same applies for MRU maximum receive unit At the data level the equivalent of MTU is MSS see further on in the manual so you should also set this parameter accordingly ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 119 of 272 Bytton ICR 5 CONFIGURATION EE 5 3 5 PPP Settings for the PPP connections achieved via embedded radio modem To ensure high versatility together with ease of use this page has just settings for the APN username and password while several specialized configurations which are less often used for modem for connection and for routing are located on the PPP Advanced Settings page the first link at the bottom Top ex i Location WAN gt PPP Empowering Communications Remote User superuser HOME E LAN PPP settings for the internal data terminal WAN Settings APN lant
185. age 98 of 272 Bytton ICR 5 CONFIGURATION um M X M a collisions 0 txqueuelen 0 RX bytes 0 0 0 B TX bytes 0 0 0 B wan 20 Link encap Ethernet HWaddr 00 50 C2 F5 23 29 inet addr 203 194 198 31 Bcast 203 194 198 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1480 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 0 0 0 B TX bytes 0 0 0 B wan 0 Link encap Ethernet HWaddr 00 50 C2 F5 23 29 inet addr 192 168 148 4 Bcast 192 168 148 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 Base address 0x3000 The corresponding routes have been added in the static Routing Table of Bytton ICR Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10 64 64 65 0 0 0 0 255 255 255 255 UH 0 0 0 pppl 194 102 255 23 0 0 0 0 255 255 255 255 UH 0 0 0 wan 127 27 155 202 0 0 0 0 255 255 255 254 U 0 0 O0 lan0 14 172 168 254 196 0 0 0 0 255 255 255 252 U 0 0 0 br0 2 4 192 168 148 252 0 0 0 0 255 255 255 252 U 0 0 0 wan 18 127 27 254 96 0 0 0 0 255 255 255 252 U 0 0 0 lan0 15 10 0 0 0 0 0 0 0 255 255 255 0 U 0 0 0 bro 192 168 148 0 0 0 0 0 255 255 255 0 U 0 0 0 wan 203 194 198 0 0 0 0 0 255 255 255 0 U 0 0 0 wan 20 10 0 58 0 0 0 0 0 255 255 255 0 U 0 0 0 br0 2 172 27 0 0 0 0 0 0 255 255 0 0 U 0 0 0 lanO 192 168 0 0 0 0 0 0 255 255 0 0 U 0 0 0
186. al Info about the DIN Rail Bytton ICR comes with an adaptor for mounting its metallic case over a DIN rail as shown here What is DIN Rail used for The standardized DIN rail is widely used to mount on it various modules industrial control equipment simple or power Sockets and circuit breakers backup batteries meters and counters and so on The DIN rail is fitted inside standard equipment racks or weatherproof enclosures such as this one This way the attached devices such as Bytton ICR will be completely shielded form rain dust or other aggressive weather factors The devices to be mounted on the rail may be simple circuit breakers fuses or terminal blocks or advanced equipments such as industrial microcomputers measurement and control units or the Bytton ICR router in our case ud CO E IS k at oF d i jarite Neu ERE 3 ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 256 of 272 Bytton ICR 10 Annex 1 DIN Rail EE What is a DIN Rail A standard steel rail for attaching various equipments including the Bytton box The name comes from the Deutsches Institut f r Normung DIN in Germany who published the original specification but now the format has been adopted as European EN and international ISO standards The current adaptor allows the Bytton box to be mounted on the type Omega Q DIN rail described by European standard EN 50022 illustrated her
187. an 1500 so that the Ethernet packets that are transmitted via ADSL will not be over this limit In practice trial and error is the only sure way of finding the optimal MTU for each case It works like this you issue a PING command towards your Internet provider with the options f set Don t Fragment flag in the packet and 1 1472 specifies the size ping f 1 1472 k ro or ping f 1 1462 209 123 109 175 and watch for the results Finging wuw dslreports com 209 123 109 175 with 1462 bytes of data Reply from 269 123 169 175 bytes 1462 time 267ms TTL 47 Reply from 269 123 169 175 bytes 1462 time 210ms TTL 47 Reply from 269 123 169 175 bytes 1462 time 239ms TTL 47 Reply from 269 123 169 175 bytes 1462 time 229ms TTL 47 Ping statistics for 209 123 169 175 Packets Sent 4 Received 4 Lost H th Approximate round trip times in milli seconds Minimum 2iBms Maximum 267 ms Average 236ms If the answer is OK O loss you can increase the MTU value 1472 by 10 and try again Continue with larger and larger values until you receive the error message Packet needs to be fragmented Pinging wuwu dslreports com 269 123 169 1751 with 1482 bytes of data Packet needs to be fragmented but DF set Packet needs to be fragmented but DF set Packet needs to be fragmented but DF set Packet needs to he fragmented but DF set Ping statistics for 269 123 169 175 Packets Sent 4 Received B Lost 4 18H
188. an UTP cable was connected to the respective input Yellow LED blinking shows data traffic send or receive through that connector LAN1 LAN2 and LANO WANO Green LED Off no cable connected to the respective LAN input On physical connection to Ethernet network an UTP cable was connected to the respective input Yellow LED On shows data connection blinking shows data traffic send or receive through that connector The rate of blinking is always proportional to the data transfers so when Bytton ICR is used as an Ethernet router the difference between the WAN and LAN sides is clearly visible to the naked eye ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 33 of 272 Bytton ICR 5 CONFIGURATION EE 5 CONFIGURATION Bytton ICR can properly perform its functions of wireless high speed router with the default settings However it can be easily configured to meet various usage scenarios Configuring or programming the equipment means adequate setting of all the parameters The embedded Linux firmware allows you to configure Bytton ICR without the need of additional software on the computer used for programming You just need a web browser as configuration terminal This means that Bytton ICR may be used on any computer platform and is not restricted to a certain operating system Using the web browser the configuration can be performed remotely the desktop PC or notebook may be connected to the Bytton ICR Rou
189. application that generates the message UDP is used often in applications such as videoconferencing or games where optimal performance is preferred over guaranteed message delivery WAN Acronym for Wide Area Network A system of LANs connected together A Wan is a network that connects computers located in separate areas e different buildings cities countries The Internet is a wide area network Bytton ICR features a dedicated WAN port and a configurable LAN WAN ports allowing versatile connection to another network or to alternate broadband service providers via Ethernet cable WWAN Acronym fo wireless wide area network Also named broadband wireless WWAN refers to wireless high speed data networks covering a large geographic area This broad category can include 2 5G 3G 4G and other types of technology where each base station tower is designed to reach an area measured inmany kilometers The term WWAN is used primarily to distinguish this group of diverse technologies from WLANs Wireless Local Area Networks which typically cover a much smaller area just 300 m from the base station WLAN includes technology like Wi Fi Wi Fl type N Besides the usual 802 11 b g WiFi modules Bytton ICR may be fitted with N type Wireless Access Point using dual antennas 802 11n is the third generation Wi Fi standard for wireless home networking 802 11n equipment is backward compatible with older 802 11g or 802 11b gear and it supports mu
190. at the link is broken and the above SIM parameters for the second subscriber card Sim1 The values are different since the second SIM is used precisely for connecting to a different wireless data network APN Simi jinternet Second SIM In case of dual SIM equipments it Username Simi jusername Enables or disable usage of the second SIM cad as backup for the data connection The default is Password Simi i Disabled Figure 5 52 Settings for the second SIM of the PPP wireless link in case of dual SIM Bytton ICR device Parameters for switching between SIM cards Check link interval time interval that Bytton expects reply for the IP destination of the probe the delay between successive pings in second s Suggested value is about 20 default Send pack number number of data packets sent as probe to verify the link Default is 10 Switch SIM if reply less than minimum number for probe packets that must be answered With the above settings when Bytton ICR pings the destination of the probe and receives only four replies or less it will decide that the current PPP link is unavailable so it will switch to the second SIM card Probe Destination IP the IP address of the destination of the probe Bytton sends out PING probes to the address you have specified in this field and if it receives no answer from it BYTTON concludes that the primary data connection is broken and it must switch to the secondary Sim1 By
191. atic packet filtering is easy to implement and configure and does not use a lot of resources but its efficiency is limited Basic packet filtering firewalls are susceptible to IP spoofing where an intruder tries to gain unauthorized access to computers by sending messages to a computer with an IP address indicating that the message is coming from a trusted host Another shortcoming is that this form of firewall rarely provides sufficient logging or reporting capabilities EE LL 2511 5 2511 1 11 11 eee cS SS sss aaa ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 252 of 272 Bytton ICR 9 Glossary ee SPI Acronym for Stateful packet inspection The embedded Bytton ICR firewall also performs stateful packet inspection This approach examines the contents of packets rather than just filtering them It takes into account not only the addresses of the data packets but also the contents and the state of the connection Stateful means they take into account the state of the connections they handle so that for example a legitimate incoming packet can be matched with the outbound request for that packet and allowed in In addition an incoming packet masquerading as a response can be blocked if the firewall knows that the outbound request is in fact nonexistent Rather than controlling the individual data packets SPI uses smart rules thus enhancing the filtering process and controlling the network session Static pack
192. ault value 500 and Server x Port the number of the IP port used for the remote serial connection See below a few examples of serial parameters configuration Serial Service Server v Delay IEEE Speed as1000 Padetsze 50 Speed 230000 Delay 150 Server 1Port Di speed be Delay 100 Packet size o Delay poo Padetsize 225 Server 1Port rans Databit 6 e Server 2 Port CEN Server 1Port i906 Figure 5 138 Examples of remote connection parameter settings for the serial link ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 207 of 272 5 6 5 SMS Depending upon the actual firmware version your equipment may have or not this menu item With SERVICES gt SMS Bytton ICR implements a feature for remote administration and reporting via SMS Topex Location SERVICES gt SMS EE Empowering Communications Remote User superuser HOME F LAN F LATAR WAN P TUNNELS TUNNELS SERVICE SMS Enabled e ROUTING E p Phone Mo 0741999999 SYSTEM SERVICES bo 1 1 jJ SNMP bo 5 jJ VRRP Sms Text this word SM5 DONS SAVE CONF Please use the COMMIT button to activate your settings Figure 5 139 Settings for SMS services Service SMS select Enable to activate this feature By default it is disabled Phone No enter a full mobile telephone number such as 074199 in the above example or just a prefix 0741 or 075 Only text messages issued from this number or prefix will be taken into accoun
193. beled SER available for connections to legacy equipments No voice capabilities no WiFi antenna and hence no WiFi indicator a single SIM card The RS 232 interface feature RJ 45 connectors on the front panel the Lite low cost variant of the equipment a Topex Bytton ICR with no voice capabilities and no WiFi a single data SIM and no serial interfaces Out of the four Eth ports there are two LAN ports one configurable WANO LANO port and the dedicated WAN port There is an even simpler variant with no SIM and hence mobile data capability used as an advanced network router The front panel features just four ETH ports one SER advanced variants with one or two serial interfaces and one or two SIM cards besides the Mobile antenna and the four ETH ports The two serial ports labeled SER1 and respectively SER2 are available for connections to legacy equipments The RS 232 interfaces feature RJ 45 connectors on the front panel The phone line interface FXS is missing but the WiFi access point can be present for wireless connection of equipments in the field The front panel features from left to right the circular antenna connector Mob two SER connectors the round WiFi connector for wireless antenna the four Ethernet connectors WAN WANO LANO LAN2 LAN1 the recessed Reset button and the PWR jack for power supply the most advanced variants with full complement of features two serial interfaces and one or two S
194. c 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 547 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 0 0 0 B TX bytes 44758 43 7 KiB mon wlanO0 Link encap UNSPEC HWaddr 00 19 70 49 F3 D7 10 07 00 00 00 00 00 00 00 00 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 17878 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 1671613 1 5 MiB TX bytes 0 0 0 B wan Link encap Ethernet HWaddr 00 50 C2 F5 23 29 inet addr 192 168 1 148 Bcast 192 168 255 255 Mask 255 255 0 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 408697 errors 4 dropped 0 overruns 0 frame 0 TX packets 1712 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 25637960 24 4 MiB TX bytes 355713 347 3 KiB Base address 0x3000 l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 59 of 272 Bytton ICR 5 CONFIGURATION The new configuration is also seen in the ETH Port gt Port Status pane STATUS wan Speed LOORb e Duplex Full Auto negotiation on Link detected yes STATUS land Speed l0Mb a Duplex Halt Auto negotiation oft Link detected no STATUS lanl Speed l00Mb sa Duplex Full Auto negotiation on Link detected yes SIATUS lanz Speed lO00Mb a Duplex Full Auto negotiation on Link detected yes When you specify a certain IP and corresponding netmask for t
195. ccess the Bytton ICR equipment You should enter the IP address of the Bytton ICR device by default 192 168 1 1 in the list of exceptions for the Proxy server Do not use proxy server for addresses beginning with EIL 1 11 111 111 111 1 1 1 1 11 1 1 1 1 a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 37 of 272 Bytton ICR 5 CONFIGURATION EE 5 1 4 First Connection To configure the Bytton ICR product using the web interface just open your favorite web browser and type the default IP address as the URL https 192 168 1 1 as shown E https 192 158 1 1 Microsoft Inte Fie Edit View Favorites Tools https 192 168 1 1 Address ei https 192 Leg 1 1 C ft X bp5p5 19216811 Figure 5 6 Enter the default IP address of the Web page into your browser If you cannot connect to the Bytton ICR router because of problems in the settings of the IP address you must go back to the factory default settings Press the RESET button for at least three seconds The equipment reboots and starts operating with the factory default settings These include the IP address 192 168 1 1 allowing you to connect to the Rohde amp Schwarz Topex S A wireless router in order to configure it After reaching the configuration web pages at the default IP address you may change the IP address of the dev
196. ch faster wireless connections over longer distances It uses several radio modules and antennas EE LL 1 251 1 1 511 OO 11 1 1 a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 253 of 272 Bytton ICR 9 Glossary ee MIMO together with channel bonding techniques which utilizes two adjacent Wi Fi channels simultaneously to double the bandwidth of the wireless link compared to 802 11b g The 802 11n standard specifies 300 Mbps theoretical bandwidth is available when using channel bonding Without it about 5096 of this bandwidth is lost actually slightly more due to protocol overhead considerations and 802 11n equipment will generally report connections in the 130 150 Mbps rated range in those cases As a drawback channel bonding substantially increases the risk of interfering with nearby Wi Fi networks due to the increased spectrum and power it consumes l ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 254 of 272 Bytton ICR 9 Glossary ee The manufacturer reserves the right to modify the product and manual for the purpose of technical improvement without prior notice The manufacturer guarantees the good functioning of the product provided that it has been correctly installed and the directives for storage and usage have been respected The warranty implies exclusively repairing or replacing the defective unit The warranty does not include any indirect losses or loss of p
197. clude more or less elements Topex Location Miscellaneous Remote User superuser Empowering Communications de Miscellaneous LAN EWAN Configuration sections TUNNELS CP T TCP IP parameters F ROUTING ROUTING Driver Parameters SYSTEM F SERVICES SIM Stuff Email When you are done please use the COMMIT button to activate your settings Auto cfg BW Test Commit Figure 5 170 Section Stuff of the configuration Web pages for Superuser These miscellaneous stuff pages may include email reporting remote self configuration and bandwidth testing 5 8 1 E mail Here are the settings allowing Bytton ICR to send out report information via E mail Topex Location E mail HOME F LAN WAN F TUNNELS ROUTING F SYSTEM SERVICES dii MT Auto cfg BW Test Commit By default this feature is Disabled When disabled all the fields that follow are colored in gray indicating that they are not active you cannot edit them Smtp server address 213 165 64 42 Remote User superuser Empowering Communicatons E mail F se Smtp server address smtp example com Smtp server port Authentication None ul Username Username Password From To Subject Bytton report Schedule in hours Please use the COMMIT button to activate your settings Figure 5 171 Status reporting via E mail E mail Disabled Smtp server address smtp example c
198. connected wan C 1955 74 234 12 31 is directly connected brz bytton quit Bytton ICR 5 5 ROUTING 5 4 4 Virtual Routing Table This page lets you define configure and analyze the Virtual routing tables on Bytton Topex Location System gt Logs Empowering Remote User superuser E HOME LAN WAN TUNNELS ROUTING Firewall Virtual Table Routes Add New Dynamic EE gos SYSTEM SERVICES SIM Stuff Virtual Table Help Virtual Table Routes Virtual Table Status Interface Status Please use the COMMIT button to activate your changes What is VR Virtual routing and forwarding is a technology included in IP network routers that allows multiple instances of a routing table to exist in a single router and work simultaneously This way network paths can be segmented without using multiple devices Since traffic is now automatically segregated VR increases not only functionality but also increases network security and can eliminate the need for encryption and authentication not only individual users but also several big Internet service providers take advantage of VR to create separate virtual private networks for customers this is why the Virtual routing and forwarding method is also referred to as VPN routing and forwarding Virtual Routing acts like a logical 1 Route List Virtual Table VT1 router as shown below it displays the routes In each of the Up to four target gatewa
199. ctiv indusiv pana la 10 08 2012 15 REC READ 440753779863 12 07 06 12 22 30 127 Word 16 REC READ 440753779863 12 07 06 15 56 05 12 08741 746 66328076 17 REC READ 40754043064 12 07 18 11 41 094 12 AT CREG 18 REC READ 440754043064 12 07 18 18 11 52412 rx note is 490380483039 14890 1234890 19 REC READ 440753779863 12 07 06 12 33 434 12 Info 20 REC READ 4407540439064 12 07 18 18 12 094 12 AT HCGSN 22 REC READ 440753779863 12 07 06 12 48 014 12 Load 30 REC READ 440754043064 12 07 06 13 05 014 12 AT CREG 31 REC READ 440754043064 12 07 06 13 05 26 712 AT CREG 32 REC READ 440754043064 12 07 06 13 05 35 12 AT HCGSN LN 440732056277 12 07 18 18 49 24412 Dajt jge mjh m 0 1 2 3 4 REC READ 30731040784 12 06 28 11 30 14412 004A006F00 7300200042006 10073006500 7300630075 5 6 7 8 9 21 Delete message with index e Figure 5 166 List of received text messages in SMS Read Bytton ICR 5 5 ROUTING EEUU Deleting SMSs You may delete one or several messages by typing the ee 20707 2656D69756C 7569206465203230303C index number in the box at the bottom and clicking Go Figure 5 167 Deleting one of the messages in the list Delete message with index SMS Read Why delete Because after the maximum storage capacity for instance of 15 messages is reached the BYTTON equipment won t be able to receive newer SMS If you want to continue receivi
200. ctivate your changes F Stuff Figure 5 50 Settings for PPP over Eth connection in webpage for WAN Settings are the same as for normal PPP except that the modem related parameters and command strings are missing here Username The user name used for log in to the Internet account supplied by your ISP Ask your Internet provider for details Some Internet providers need the complete account name together with the hosting domain the same as for an e mail address name domain eu while other ISPs require that you type here just the name of your account Password The password used for authenticating to your Internet account Redial Period time in seconds until redialing a connection if it was broken such as 5 seconds Idle Time Bytton ICR can disable the connection when there is no more data traffic If no data packet is sent through the interface for a specified period of time the Internet connection will be broken This is useful in case of connections where you pay per connected time You can specify this time interval in seconds When the interval is too short even a momentary lack of activity no data traffic will cause the Internet connection to be interrupted If you set the time interval to O zero the connection will remain always on even if there is no data traffic on the remote interface This feature is especially important for connections where you are charged for the total connection time no matter the data tr
201. d IKE Encryption IKE Key Life ipseci PPPOE l28Kbits e Transport e Initialize PSK Y 3des md5 e Group2 e 85400 5 CONFIGURATION Aggressive Mode ESP Encryption ESP Hash SP Key Life DeadPeerDetection Interval DeadPeerDetection Timeout eadPeerDetection Action Restart e ocal Endpoint IP Address Local Next Hop ocal Subnet Local Subnet Netmask Local ID Remote Endpoint IP Address Remote Next Hop Remote Subnet Remote Subnet Netmask Remote ID Figure 5 68 Define or modify the Specific IPSEC settings See the embedded Help IPSec for further information After you finished defining the individual settings for each IPSEC tunnel you must configure the authentication keys for RSA PSK and Configure Authentication Keys upload the X 509 certificate files Click the link Configure Authentication Keys shown here IPSEC STATUS PE ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 134 of 272 The fields shown in red indicate that you need to enter or generate a key DT E EE E EEN Remate RBA Key 22520098 080936 har Da rurar aara Sy Se Nur aa Nurt e Sat RSA key Genwat uem PX Key Or Enter The Remote Generated Pre Shared Key Sette FS ger LE CmtAateAuPont Fe E sesezisll Seen j Sem Ja Local Roues Certificate Fie ExiSmvesibyttonO m Browse Same Ja Leg Router Private Key Pe ExGavesboyttonSunszq Bess See Jk Certhcate Rewocaten List Pie Efeses ze Brower Seve e
202. d LANO WANO assignment Topex Location LAN gt IP Settings mb Remote User superuser HOME LAN IP Settings IP Address 10 0 0 1 DHCP Server EE Netmask 255 255 255 0 WiFi Settings IP Settings for LAN Bridge VLAN 802 1X Loopback Eth Port MTU Aditional IP SW LAN1LANZ F WAN F TUNNELS LANOWWANG ROUTING t SYSTEM SERVICES k SIM Please use the COMMIT button to activate your changes dizit Figure 5 18 LAN configuration page IP Settings Settings for the LAN of the Bytton ICR 3G router are the standard ones IP Address and Netmask These settings control how the Rohde amp Schwarz Topex S A equipment connects into your local wired Ethernet computer network The default address value is 192 168 1 1 and the associated net mask is 255 255 255 0 But you may change these default settings if the configuration of your network requires this for instance 172 168 1 1 as shown in the image above See below other examples IP Address 191 168 1 1 Metmask 255 255 255 0 P Address honn IP Address 172 27 168 94 IP Address 10 0 58 1 Netmask 255 255 255 0 Netmask 255 255 0 0 Netmask 255 255 255 0 Figure 5 19 Changing the default IP address of Bytton on the LAN several examples yttonICR fulli genericUsermanual_sw303FAS_revG_en doc Page 48 of 272 Bytton ICR 5 CONFIGURATION Ee Use the Save button to save the settings then Commit down on the column to
203. d of Auto you are selecting a certain channel make sure all 04 2427MHz 05 2432MHz devices are broadcasting on the same channel 06 2437MHz 07 2442MHz This setting may be left on default and changed only when 08 244 MHz experiencing interference with other devices Figure 5 35 Select the Radio Channels of the WiFi Access Point EE LL eee SO 1 a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 71 of 272 Bytton ICR 5 CONFIGURATION EE WEP Security Enables or disables WEP Wired Equivalent Privacy encryption WEP encryption is used to protect data transmitted from one end point to another The encryption level 64 bit or 128 bit is given by the length Operating Mode Access Point ofthe WEP Key you enter l Connection Mode Infrastructure If you enable WEP these fields become active as shown here Radio Channel Auto WEP Key 1 e Ai The data keys used for WEP Security Enabled l encryption decryption There are up to four keys their values WEP Kev 1 must be the same on the BYTTON Access Point and on the 4 wireless stations connected to it When using a 64 bit WEP WEP Key 2 encryption key the password must be 5 characters long and WEP Key 3 when using 128 bit WEP encryption key the password must be WEP Key 4 10 characters long g WEP Key Index WEP Key 2 Figure 5 36 Select and set up the WEP Security features WEP
204. dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 0 0 0 B TX bytes 0 0 0 B gretl Link encap UNSPEC HWaddr 0A 00 3A 25 00 00 00 00 00 00 00 00 00 00 00 00 inet addr 10 0 58 27 P t P 10 0 58 27 Mask 255 255 255 254 UP POINTOPOINT RUNNING NOARP MULTICAST MTU 1410 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 0 0 0 B TX bytes 0 0 0 B lanO Link encap Ethernet HWaddr 00 50 C2 F5 23 27 inet addr 192 168 148 148 Bcast 192 168 148 151 Mask 255 255 255 252 UP BROADCAST MULTICAST MTU 1472 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 1 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 0 0 0 B TX bytes 46 46 0 B Base address 0x2000 PPP1 Link encap Point to Point Protocol inet addr 93 122 148 36 P t P 10 64 64 65 Mask 255 255 255 255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU 1500 Metric 1 RX packets 673 errors 0 dropped 0 overruns 0 frame 0 TX packets 562 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 3 RX bytes 489621 478 1 KiB TX bytes 78692 76 8 KiB wan Link encap Ethernet HWaddr 00 50 C2 F5 23 29 inet addr 192 168 1 148 Bcast 192 168 255 255 Mask 255 255 0 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 50840 errors 13 dropped 0 overruns 0 frame 0 TX packets 49 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000
205. e Network Test Trace IP NS www topex ro Network Test Bytton ICR Network test 5 CONFIGURATION EE You can issue PING commands to different addresses trace the route to a specified IP or send other network commands The results are always shown in the upper pane called Test For instance you may PING different destination IP addresses the default 127 0 0 1 is the es loopback specifying the number of 4 test packets 5 in this example and es the size of their data payload in 63 bytes bytes bytes bytes bytes from from from from from 10 830 50 146 10 830 50 146 10 830 5090 146 10 80 50 146 10 830 50 146 PING 10 80 50 146 10 330 50 1468 aeg seg 1l seg z Se aeg 55 data bytes ttl 64 ttl e4 ttl e4 ttl 54 ttl e4 time 0 581 time 0 4 00 time 0 3597 time 0 401 time 0 352 III bytes 55 data bytes in this example 10 80 50 146 ping statistics 5 packets transmitted 5 packets received 0 packet loas round trip min avg max 0 392 0 434 0 581 ma When you choose the value zero for the payload the packets will by instead eight bytes long PING 127 0 0 1 127 0 0 1 O0 data bytes 8 bytes from 127 0 0 1 seq 0 ttl1 64 8 bytes from 127 0 0 1 seq 1 ttl 64 8 bytes from 127 0 0 1 seq 2 ttl 64 8 bytes from 127 0 0 1 seq 3 ttl 64 127 0 0 1 ping statistics 4 packets transmitted 4 packets received 0 packet l
206. e The EN 50022 rail is also called Top hat rail since it has a hat shaped cross section The external width of the Omega rail is 35 mm the internal width is 25 mm while the depth of the hat is 7 5 mm The DIN rail is made of zinc bichromate plated steel in pre punched lengths The length and pre punched cut out dimensions are not always standardized See below an example of often used elongated pre punched holes pattern Attaching the Bytton ICR box to the DIN rail is done with the help of a mechanical adapter mounting kit supplied by the manufacturer This mounting kit includes a mechanical adapter and two mounting screws The adapter is a bracket with hooks and clamps that allows easy clipping unclipping of the Bytton case to the Omega DIN rail r ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 257 of 272 Bytton ICR 11 Annex 2 Antennas for ByttonICR EE 11 Annex 2 Antennas for ByttonICR Different types and numbers of Mobile antennas are supplied in the package for wireless Bytton ICR router Mainly there are two standard Omni directional types according to the technology and frequency bands of the mobile module either for GSM 3G or for 4G LTE Small stick antenna for 2G 3G up to 3G HSPA networks Figure 11 1 Drawing of the Mobile Antenna for 2G 3G with magnetic base and connection cable The embedded multiband modem of 3G Bytton units covers almost all of the
207. e M e D se A SuportProceduresl C Other bookmarks 7 Do you want Iron to save your password Never for this site X Topex H Location LAN gt DHCP Settings IHE SUIS Remote User superuser HOME LAN IP Settings DHCP Server WiFi Settings Bridge VLAN 802 1X Eth Port MTU WAN TUNNELS ROUTING SYSTEM SERVICES SIM Stuff DHCP Settings DHCP Server Enabled Start IP End IP Forward to Ess8 IF Embeded Modem Le DND Servers Automatic Le Mameserver 1 192 168 1 Mameserver 2 4 4 4 4 Filter List MAC Please use the COMMIT button to activate your changes Figure 5 24 LAN webpage DHCP Server DHCP Server Enabled Disabled or Forward to DHCP Server Enabled By default it is Enabled thus the Bytton ICR router acts as a DHCP server Start Ip Disabled for the local network it will dynamically assign IP addresses to clients on Enabled the internal network The Bytton ICR Wireless Router supports up to 254 IP addresses for your wireless network When set to DISABLED the IP addresses must be manually assigned by the network administrator The option Forward to means the local requests for DHCP will be handled by a remote server instead of Bytton Warning f you enable the DHCP feature of Bytton ICR make sure that there is no other DHCP server in your local network Start IP Starting IP Address The DHCP server allocates IP addresses in a user specified range a pool of add
208. e and Ad Hoc Connection Made Infrastructure Radia Channel Ad Hoc umm Infrastructure Infrastructure default operation mode Several Wi Fi clients can connect to the Bytton ICR equipment which is acting as server The Infrastructure mode takes full advantage of the AP s ability to cover wide areas Ad Hoc two wireless clients interconnect directly without the need for an AP In this connection mode the Bytton links directly to a computer with Wi Fi or an AP that is set to work in Ad Hoc mode The Ad Hoc Mode is easier to set up thus recommended for a very small or temporary network This setting is related to the previous one usually the Ad Hoc connection is used when Operating Mode is set to Station Operating Mode Station e A When you set Operating Mode to Station instead of the default Access Check AP Point an additional link show up below this fields Check AP Obviously MS since Bytton is now a WiFi client it must see the WiFi base stations that are active in the area Click the link Check AP l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 69 of 272 Bytton ICR 5 CONFIGURATION EE A pop up window titled Check AP appears showing the active WiFi Access Points that can be detected 1 Connect testlz34 J Cuna Baud Each AP name has a corresponding 3 Connect Connectify Cra Connect link click it to connect to the 4 Connect BYT T respective WiFi base station 5 Connect
209. e case of the industrial router Modem Version a code such as SWI9200X_03 00 08 02AP or K2 O0 7 43AP describing the version of the embedded firmware of the mobile modem of the Bytton ICR equipment it is very useful for debugging N ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 239 of 272 Bytton ICR 5 5 ROUTING Security the state of the SIM card Normally it should be unlocked if it is Locked by PIN it means you must enter the correct PIN code in order to unlock it IMSI International Mobile Subscriber Identity identity of the subscriber respectively of the SIM card used IMEI International Mobile Equipment Identifier 15 digit number that uniquely identifies an individual mobile terminal wireless device such as the 3G 4G modem of Bytton ICR Signal Level displayed with four figures separated by a bar The two digits indicate the level of the RF signal for the GSM GPRS EDGE UMTS HSPA network on a scale from zero to 30 The higher the value the better signal you have 17 30 is better than 14 30 Network the name of the mobile network where the equipment is registered as transmitted by the mobile carrier may be a name such as RO MobileCarrierA Provider B of just a code like 22601 Registration status shows if the SIM card of the equipment is registered to the mobile network online or not Of course if the SIM is not present not activated or Firmware Version topex 3
210. e routes being virtual will not show up in the ROUTING gt Routes page Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10 64 64 65 0 0 0 0 255 255 255 255 UH 0 0 0 pppl 10 0 0 0 0 0 0 0 255 255 255 0 U 0 0 0 brO 192 168 148 0 0 0 0 0 255 255 255 0 U 0 0 0 wan 172 27 0 0 0 0 0 0 255 255 0 0 U 0 0 O0 Lan 192 168 0 0 0 0 0 0 255 255 0 0 U 0 0 0 wan 0 0 0 0 10 64 64 65 0 0 0 0 UG 0 0 0 pppl VT Status Shows the detailed state of the Virtual Routing Tables A few examples are shown below When no virtual Routes have been yet defined on Bytton Virtual RT status Show Rule 0 from all lookup local 32766 from all lookup main 32767 from all lookup default ECL 11111 115 111 1 51 1 1 1 1 151 111 5 a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 165 of 272 Bytton ICR 5 5 ROUTING E Show Route target gateway source proto scope dev tbl 10 64 64 65 10 81 121 148 kernel link PPP1 172 168 1 0 24 172 168 1 1 kernel link brO default 10 64 64 65 PPP1 127 255 255 255 broadcast 127 0 0 1 kernel link lo local 10 81 121 148 local 10 81 121 148 kernel host pppl local 172 168 1 0 broadcast 172 168 1 1 kernel link brO local 172 168 1 1 local 172 168 1 1 kernel host brO local 172 168 1 255 broadcast 172 168 1 1 kernel link brO local 127 0 0 0 broadcast 127 0 0 1 kernel link lo local 127 0 0 1 local 127 0 0 1 kernel host lo local 127 0 0 0 8
211. e settings 3 static gt Route How it will be defined statically by the kernel operating system or Static dynamically by the Quagga routing program IP Address of the remote network or host to which you want to assign a static route Netmask the subnet mask determines which portion of the destination IP address is the network part and which is the host part Router the gateway to be used enter here the IP address of the router which allows for contact between Bytton and the remote host or network If you specify a gateway here it will send the route to the next router This specified Router must be reachable first If the Router is off then you need to set up an interface Interface the interface to be used for the respective route Interface T This setting forces the route to be associated with the specified device ovw maen e You may select one of the following available options BRO for local network Router WIFI and LAN Ethernet ports WAN Ethernet port PPP embedded HSPA GRET1 modem PPPoE PPP link over the Ethernet or Router BRO Figure 5 86 Routes Selecting Interface for Static Routes When you choose for interface Router of course you will need to set a Router IP ES Router l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 154 of 272 Bytton ICR 5 5 ROUTING E Intertace Here also besides the physical Je 18 Le interfaces shown above the
212. eature of Bytton ICR consist of a table by default empty and several useful links beneath it These clickable links include Bridge Help displaying the State of the bridges defined Add New Bridge Help BR Status displaying advanced info about all the Interfaces of the equipment To create new bridge Netmask 255 255 0 0 Embeded _Modem WAN Bridge Help BR Status Interface Status Interface Status IF4 Embeded Modem Off In the table enter an IP address and net mask for the new bridge br2 in the above example and choose from the IF drop list the up to four interfaces IF1 to IF4 that will be joined in the bridge After reboot these bridges br1 br2 br3 will be active IF1 Netmask Embeded Modem 255 255 0 0 255 255 255 0 BRO 255 255 255 254 Embeded Modem Ed Modem WAN OVPN_TAFO Note that the drop list displays all the interfaces available not just the physical ones BRO WAN and Embedded Modem as can be seen in the fist example When you have defined several bridges virtual LANs GRE or IPSEC tunnels Open VPN TAPs etc then all those interfaces will be present in the drop list Interface as illustrated in the second example ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 78 of 272 Bytton ICR You can define as many bridges as you need BR IP Add New Bridge Help BR Status Interface Status Once you de
213. ed over the 3G mobile communications network TUNNELS IPSEC OVPN PPTP Int Remote Endpoint Local Endpoint Ip tunnel Metmask gret1 83 22 65 43 10 0 58 57 10 0 58 27 255 225 2535 234 ROUTING SYSTEM Add New SERVICES Mad Gre Help Save and Reload Figure 5 62 Aspect of GRE section of the TUNNELS Web page Setting GRE tunnels At fist the table for GRE tunnels is empty nt Remote Endpoint Local Endpoint Ip tunnel Netmask Key Add New Use Add New to add new records into the table then Edit to enter the required parameters Int Remote SHENNE Local Endpoint Ip tunnel Metmask 255 255 255 250 Figure 5 63 Add New and Edit an entry in the GRE table of the TUNNELS Web page Save each entry with the button to the right of the respective row nk Remote Endpoint Local Endpoint Ip tunnel Netmack Key 0 0 0 0 0 0 0 Sch 205 0 off Edit 192 168 235 17 0 0 0 0 255 255 0 0 aff Edit gebonn hann ooo Bsszmmzss2s2 Jo O Sav Em Figure 5 64 Saving a complete entry into the GRE table And finally use the Save and Reload button at the bottom of the screen Int jt lists the name of the GRE tunnel interface that will be configured gret1 2 3 and so on Remote Endpoint IP of the Remote device that will host the distant endpoint of the GRE tunnel Local Endpoint IP Local of the interface that will host local endpoint of the GRE tunnel If this is set to 0 0
214. efault Ethernet switch and assigned independent IP addresses IP Settings SW SW LAN1LAM2 LAN LANZ e LAN1 IP Address LAN LAN ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 86 of 272 Bytton ICR 5 CONFIGURATION Ee SW LAN1LANZ LANi LAND e LAN1IP Address 10 0 58 119 LANA Netmask 255 255 0 0 LAN2 IP Address 172 168 27 245 LAN2 Netmask 255 255 255 254 the default bridge BRO contains now only the WiFi interface wlanO since the four ETH ports are now all individually assigned bridge name bridge id STP enabled interfaces bro 8000 00197049 3d7 no wlanO this can also be clearly seen in Ethernet Port gt Port Status where each of the four Eth ports is present and active shows link detected yes STATUS wan Speed 100Mb s Duplex Full Auto negotiation on Link detected yes STATUS lanO0 Speed 100Mb s Duplex Full Auto negotiation on Link detected yes STATUS lanl Speed 100Mb s Duplex Full Auto negotiationi on Link detected yes STATUS lanz Speed 100Mb s Duplex Full Auto negotiation on Link detected yes the corresponding additional ports LAN1 and LAN2 show up in Interface Status lan Link encap Ethernet HWaddr 00 50 C2 F5 23 2A UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 76 errors 0 dropped 0 overruns 0 frame 0 TX packets 1 errors 1 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 11149 10 8 KiB TX bytes 46 46 0 B
215. el of the Bytton ICR device and the other end into the Ethernet port of the DSL Cable modem or other equipment that achieves a connection to the external network The leftmost ETH connector is always the WAN port But you may set from the Web configuration pages the WANO LANO connector also as WAN port and then connect the WAN cable accordingly Bytton ICR 4 INSTALLATION Connecting the serial cable s In case of R amp S Topex equipments fitted with serial interfaces you may connect legacy devices fitted with serial interfaces to the Bytton router using special serial cables Serial connectors Bytton features on the front panel one or two RJ 45 connectors for the serial GE er AE interfaces These connector don t have embedded LED indicators and the metallic casing is tied to the electrical ground This is why special connection cables must be used which feature a RJ 45 hikes FEAA SM SIM 2 male connector towards the Bytton ICR and a DB 9 female or DB 25 male or female connector towards the legacy equipment tyoe DTE or DCE Software configuration You can establish from the Web configuration interface how your data packet will be is sent over the serial interfaces with 7 or 8 bit words with or without start stop and parity bits what kind of flow control shall be used X On X Off none or hardware and of course the transfer speed But you cannot select from the Web interface if the serial link is RS 232
216. elect Manual or Automatic for DSN Servers M ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 65 of 272 Bytton ICR 5 CONFIGURATION As can be seen from the examples above the servers for DNS may be either in the local network or over the Internet or WAN Filter List MAC Filter List MAC Save Using it you can selectively accept or reject access form specific physical addresses Click the blue link to reach this feature It is an additional security feature for the whole Bytton ICR equipment Add New Help Set MAC Save and Reload Figure 5 310 Click the link Filter List MAC to use this feature An additional security feature for the whole grues equipment you can ae allow LAN traffic only form the MAC addresses that you specify here or m sid you can deny traffic for e ake 89 225 36 41 certain MAC addresses You can also block the respective user to a certain IP address Add New By default the table is empty you must Add new entries then Edit and Save them Help Set MAC Please use the COMMIT button to activate your changes Figure 5 32 Adding and editing entries in the table Filter List MAC By default it is Disabled meaning this MAC filtering feature is inactive To activate it fist select either Allow or Deny then define the addresses which will be permitted respectively rejected AC Deny Allow Disabled You can add as many
217. elp with examples In the Routes web page you have the following columns No Route IP Netmask Router Interface Metric No Number of the route Route Type of the route Static will add a static route Quagga will send the route to Dynamic route Daemon IP Ip that you like to add a route Netmask Netmask for IP Ex route to IP 10 10 10 1 netmask 255 255 255 255 will add a host route route to IP 10 10 10 1 netmask 255 255 255 0 will fail to be add netmask ip conflict route to a network 10 10 10 0 netmask 255 255 255 0 New EX Route add to host from 10 216 240 225 to 10 216 240 230 If a route to a network is needed you will set IP Network IP not a Host IP For this example the corect connfig is IP 10 216 240 224 Netmask 255 255 255 248 Address 10 216 240 225 00001010 11011000 11110000 11100 001 Netmask 255 255 255 248 29 11111111 11111111 11111111 11111 000 Wildcard 0 0 0 7 00000000 00000000 00000000 00000 111 gt Network 10 216 240 224 29 00001010 11011000 11110000 11100 000 HostMin 10 216 240 225 00001010 11011000 11110000 11100 001 HostMax 10 216 240 230 00001010 11011000 11110000 11100 110 Broadcast 10 216 240 231 00001010 11011000 11110000 11100 111 Hosts Net 6 Class A Private Internet Router or gateway Will send the route to the next router The specified Router must be reachable first If Router is off you need to set a interface Interface Will add the route to interface Fo
218. els ve Interface setting defined in each Specific Tunnel Configuration This means that when you define an individual GRE tunnel ne i the filed Interface will not be editable it will show Default Description SS Route since it is the same for all GRE tunnels of Bytton ICR But if you select NO instead for usage of the default route interface for al tunnels then Interface setting can must be cis defined in each Specific Tunnel Configuration Use Default Route Interface for all Tunnels UM v Now the field Interface shows a drop list allowing you to choose for each tunnel one of the physical Tunnel interfaces of the Bytton ICR equipment Description Interface WAN Ethernet e Max Bandwidth WAN Ethernet Internal Modem Tunnel Type PPPOE l ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 132 of 272 Bytton ICR 5 CONFIGURATION p MH H H X Specific IPSEC Tunnel Settings Here are set the parameters that are specific for each tunnel which are located at the bottom of the page Global IPSEC Settings Use Default Route Interface for all Tunnels NAT Traversal router behind NAT Firewall Define Specific IPSEC Tunnel Settings py ES e Local Local Subnet vU Remote Remote Subnet Description Tunnel Interface Local IP Subnet Neimak Local ID IP Neimak Tarataresti ipsec
219. en doc Page 18 of 272 Bytton ICR 4 INSTALLATION Then the dual hook part of the adapter bracket must be towards the left as shown in the image below then attach the Bytton ICR equipment to the DIN Rail as indicated in the schematic drawing only the adapter is figured Figure 4 4 Attach the equipment to the DIN rail by means of the adapter To attach it clips the assembly Bytton bracket mounted on it onto the upper side of the DIN rail with the two upper hooks The lower clamp is not yet attached to the rail as shown in the next photo You can slide the Bytton assembly on the DIN rail up to the position you want When Bytton is at the right location press it towards the back so that the lower clamps also fastens to the DIN rail and the Bytton ICR equipment is locked into place Figure 4 5 View from the back after complete attachment to the rail the final drawing shows the Bytton ICR attached to the DIN Rail H Figure 4 5 Bytton ICR with serial interfaces fastened to the DIN rail No matter how it is mounted always take care to ensure adequate cooling of the Bytton ICR terminal ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 19 of 272 Bytton ICR 4 INSTALLATION 4 3 Identification of connectors Rohde amp Schwarz Topex S A Bytton ICR features several external connectors and indicators as described next labeled AUX and respectively MAIN ne Figure
220. en link 12 2 2 2 24 vim 12 2 2 1 dev brl peste rtrtic matriz 15 1T7T2 27 2 2 15 dar lend proba ztzrti c Soen link 120 0 58 B amp 30 xtetic Link Er 12 0 0 220 30 xtetic Link Exru in 0 0 0 24 ztetic Link Exru in0 0 0 0 24 110 0 0 1 imbic Exru 1TZ z1 0 0 16 2SEStie Link Amm ZH 41 1Z25 T5 51 der lmn probao meetis cam link matric 15 lTZ XT 0 0 1B dar Lean prota meetis mopa link in u 0 0 1B rim l10 0 1 der F proba stetic metric 15 trrzzwt ELE E proba Toop der 1 30 41 175 757 51 xtetisc Link ale l1Tz zxT d 0 16 xtetisc Link ei i1d d 0 d0 1B l 1 imEdi I ard I1TZ XT 0 0 1B gar Lean proto zxtmbi scope link 17T2 27 0 0 16 ztmzEic Link ale 1ERI lBHE 1 Z23B5 z2 der brl proto zentis scope link metriz 10 10 0 0 0 Z24 amp der bhri presto stetic scopes link I1TZ ZXT 0 0 1B dar Lean proto ztetic scope link 1HI lB55 1 zzB x2 2SEStie Link Exru 1u0 d 0 0 z4 xtetisc Link arid l1Tz zT d 0 15 xtetisc Link ali i feo SLL laskop lo nl 1011 fee eli 232 bri loskop FIL LEES fee oll i11 lend loadku VIZ l1u0531 feo wll i117 Lei laadkzm VIZ l1041 feo oll i117 bri looks VIA Fd 1 fee mll Isak mein ce 1gz lB55 1 zzB 30 zeeti Link aed FIs 1u0 0 0 0 z4 xtetis Link ard WIA lTz z1 20 20 16 zesti Link Imm VIA ZB amp 1 1Z25 T7T5E 51 reetic Link Amnd WIE lTZ z7 2 2 16 qimEdi Link lmnd Vit 1dg d 0 0 1B l1 1 ztEbi bri Vit 1d0 d 0 0 Z4 120 0 0 1 keel Link ard 127 165 165 0 25 l1RI l1B5 1455 4
221. er shipped in the equipment package Using of other kinds of power supplies may cause damage to the equipment To avoid accidents or damage to the equipment follow the steps described earlier First connect the antenna and then the power supply adapter You should avoid connecting or removing the antennas while the Bytton ICR equipment is powered shut it down before handling the antennas Bytton ICR 4 INSTALLATION 4 5 Configuring and installing the SIM card s Your Bytton equipment may feature a single slot of two slots dual SIM version for SIM cards In order for the Bytton ICR router to work it must have at least one valid SIM card with subscription to the GSM GPRS EDGE UMTS HSPA or LTE mobile data carrier where you want to connect to Configuring the SIM card The SIM card s that is used must be active Each SIM card must be configured before it is inserted into the slot of Bytton ICR J For configuring the SIM card you may use an ordinary GSM cell phone The required configurations are PIN CODE REQUEST if you disable from the menu of the mobile phone P N CODE REQUEST security option then you will not be asked to enter it Alternatively the PIN code can be enabled and you may enter it form the Web page used for configuration n this case take care to enter the correct PIN code before inserting the SIM card to avoid PUK locking Disable GSM services Mobile operators offers you different s
222. ersion for Bytton Note that there are two distinct successive phases of updating the firmware image in the first one while the message Updating firmware is blinking the equipment just checks the program image to be loaded against its checksum if the result is OK the Bytton ICR device goes to the second phase it really loads the new firmware into its Flash memory In this phase the progress indicator is colored in red and additional messages are show Install Partition Write bytes Free space bytes etc and the red indicator bar can be seen as it grows toward the right Firmware Update Updating firmware please wait mmm 8 1 10 jJ Install Partition Figure 5 112 Red progress bar indicating actual upload of firmware Bytton ICR 5 5 ROUTING Warning Do not update the firmware unless you have problems with the Bytton ICH mobile router or the new firmware has a feature that you need Hemember to backup your current configuration first Be careful when you load an update file If you select a wrong file or if for different reasons firmware upgrading fails the equipment may no longer operate correctly You will need to perform an update using the kernel mode To avoid this follow carefully the rules indicated here don t turn off the Bytton ICR equipment or the computer while the firmware is being overwritten Equipment does not work while firmware update is in progress af
223. eruser HOME LAN Le Please select your firmware update file below enter the control surr TUNNELS button ROUTING Ce ss Status Control Sum Ir O OE Logs Firmware Update Password Update Defaults Save CFG Load CEG Organize New folder SERVICES sr Favorite Mame Date modified SIM EE Stuff La Desktop I e ICR 7 18 2012 12 11 PM Figure 5 105 Search for the image file to update into Bytton ICR Bytton ICR 5 5 ROUTING The update firmware image files are called company 1 2 3 x y z M trx where 1 2 3 is the version number for instance 2 7 5 or 3 0 3 xyz refers to the mobile data network and equipping of Bytton ICR or detail th hardware model such as topex 3 0 3 a F A S vodafone 3 0 0 FA V or MobileCarrierB 3 0 0 FA O QU A k Computer FALSI 1 C Updates ICR File Edit View Tools Help Organize 5 Open e Burn New folder A Saves ii Name Date modified Type Size 1 SCANNING See E topex 3 D 3 a FA S trx 7 19 2012 1 22PM TRX File 15 928 KB n System Volume Ii p SCH ES topex 3 0 3 a FA S bc 7 19 2012 1 29 PM Text Document 1 KE p s Lj tepex 3 0 2 FA S txt 7 19 2012 11 33 AM Text Document 1 KB Jpdates h F topex 3 0 2 FA 5 trx 7 19 2012 11 33 AM TRX File 15 912 KB 7 topex 3 0 2 FA 5 md5 7 19 2012 11 33 AM MD5 File 1 KE 1 Bytton VoIP S Rep l m NE p ene 7 topex 3 0 1 FA 5 trx 7 13 2012 11 15 AM
224. ervices it is enough to change the inbound mapping with the new inside local address at the router to reflect the new host When the Internet provider that you connect to performs the masquerading at its location you do not need to do NAT anymore you should leave this option Disabled This is why the NAT table of Bytton ICR does allow selective masquerading you can select to enable or not NAT for each of the interfaces ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 113 of 272 Bytton ICR 5 CONFIGURATION NAT 1 WAN Masquerade Edit Del Embeded Modem Masquerade OVPN_TAPO Masquerade Off BRO LANO WANO Embeded_Modem Add New WAN lan0 4 MAT Help OVPN TAPO Save each individual entry then use the button Save and Reload Save and Reload Please use the COMMIT button to activate your changes The Firewall of Bytton ICR will automatically generate the corresponding NAT rules in the example below for enabling masquerading over ppp1 and respectively wan interfaces Firewall view rule Generated by iptables save v1 4 10 on Mon Jul 16 11 00 02 2012 mangle z PREROUTING ACCEPT 4353 1447583 INPUT ACCEPT 2401 215516 FORWARD ACCEPT 1856 12205905 OUIPUT ACCEPT 17659 260613 POSIBOUTING ACCEPT 3626 1481855 COMMIT SZ Completed on Mon Jul 16 11 00 02 2012 Generated by iptables save v1 4 10 on Mon Jul 16 11 00 02 2012 nat z PREROUTING ACCEPT 544 68449 OUTPUT ACC
225. ess 0x2000 lanl Link encap Ethernet HWaddr 00 50 C2 F5 23 2A UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 5 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 0 0 0 B TX bytes 250 250 0 B lan2 Link encap Ethernet HWaddr 00 50 C2 F5 23 2A UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 5 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 0 0 0 B TX bytes 250 250 0 B mon wlanO0 Link encap UNSPEC HWaddr 00 19 70 49 F3 D7 10 07 00 00 00 00 00 00 00 00 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 70 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 6113 5 9 KiB TX bytes 0 0 0 B wan Link encap Ethernet HWaddr 00 50 C2 F5 23 29 inet addr 192 168 1 148 Bcast 192 168 255 255 Mask 255 255 0 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 12495 errors 0 dropped 0 overruns 0 frame 0 TX packets 233 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 785556 767 1 KiB TX bytes 69700 68 0 KiB Base address 0x3000 ECL eee SSS Sai ByttonICR fulli genericUsermanual_sw303FAS_revG_en doc Page 56 of 272 Bytton ICR 5 CONFIGURATION um MM MH a wlanO Link encap Ethernet HWaddr 00 19 70 49
226. et filtering cannot stop DOS attacks But SPI closes ports until legitimate users request them opened so it prevents certain kinds of Denial of Service attacks Since SPI firewalls compare packets to previous packets the packets that violate the rules can be dropped TCP IP Acronym for Transmission Control Protocol Internet Protocol It was established by the Defense Department of the USA for communications between computers It has been at first incorporated in Unix operating system but has become the de facto standard for data transmission via networks including for Internet Currently TCP IP is the basic communication language or protocol of the Internet but it can also be used as a communications protocol in private network TCP IP uses the client server model of communication in which a computer user a client requests and is provided a service such as sending a Web page by another computer a server in the network TCP IP is a two layer program The higher layer Transmission Control Protocol manages the assembling of a message or file into smaller packets that are transmitted over the Internet and received by a TCP layer that reassembles the packets into the original message The lower layer Internet Protocol handles the address part of each packet so that it gets to the right destination For details see the definitions of those protocols that Access LAN supports TCP Acronym for Transmission Control Protocol In TCP IP the TCP
227. etfilter org OUTPUT ACCEPT 0 0 A INPUT ilo j ACCEPT A INPUT i br p icmp j ACCEPT A INPUT m state state RELATED ESTABLISHED j ACCEPT INPUT i br p tcp m tep dport 22 j ACCEPT INPUT i br p tcp m tep dport 80 j ACCEPT A INPUT i br p tcp m tep dport 443 j ACCEPT A INPUT i br p tcp m tep dport 3128 j ACCEPT A INPUT i br p tcp m tep dport 3129 j ACCEPT A INPUT i br p tcp m tep dport 1110 j ACCEPT A INPUT i br p tcp m tep dport 1025 j ACCEPT INPUT i br p udp m udp dport 67 68 j ACCEPT A INPUT i br p udp m udp dport 53 j ACCEPT A INPUT i ppp0 p udp m udp sport 53 j ACCEPT FORWARD i br o br j ACCEPT FORWARD i br o ppp j ACCEPT FORWARD i br o vlani j ACCEPT FORWARD m state sFabe RELATED ESTABLISHED j ACCEPT FORWARD p tcp m tep Eep Flags SYM RST SYM j TCPMSS clamp mss to prmtu COMMIT Warning Please remember that if you change the default values you may compromise your network security by allowing entrusted access These configuration options need an advanced level of knowledge regarding network security and Linux kernel packet handling Note As you may see the visible settings of the NAT firewall configuration page are quite few This happens because the basic rules for address translation and packet filtering are already defined and they are not directly accessible to the
228. ets 2177060 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 53567762 51 0 MiB TX bytes 3226717991 3 0 GiB lan Link encap Ethernet HWaddr 00 50 C2 F5 23 2A UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 939249 errors 90 dropped 0 overruns 0 frame 0 TX packets 2177088 errors 1 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 66719815 63 6 MiB TX bytes 3226719279 3 0 GiB Base address 0x2200 EE LL 111 11 55111 1 SSS a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 82 of 272 Bytton ICR 5 CONFIGURATION EE mon wlanO Link encap UNSPEC HWaddr 00 198 70 49 F3 D7 00 00 00 00 00 00 00 00 00 00 wan UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 5813 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 493200 481 6 KiB TX bytes 0 0 0 B Link encap Ethernet HWaddr 00 50 C2 F5 23 29 inet addrp 192 10698 1 145 BOaStIl92 1690 14255 Ma ski255 255424255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 2285694 errors 114 dropped 0 overruns 0 frame 0 TX packets 937458 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 3233247828 3 0 GiB TX bytes 60998194 58 1 MiB Base address 0x3000 In this instance the connection to the Internet is done via the Ethernet WAN port Large downloads were
229. ettings FIP Enabled e Complete the address of the FTP server to be used Path File the path towards the file to be used for testing and i the port rm Authentication parameters user name and Password password may also be filled in Port 21 Figure 5 182 Bandwidth Testing using FTP Now click the link BW Status located to the left at the bottom of the page to start the bandwidth measurement Please use the COMMIT button to activate your settings Figure 5 183 Start the Bandwidth Test using FTP A new window pops up showing the phases and results of the test Client connecting to server TCP port used time interval required for transfer computed bandwidth Client connecting to 192 168 143 100 TCP port 5001 TCP window size 16 0 KByte default Client connecting to 192 168 143 100 TCP port 5001 TCP window size 16 0 KByte default 3 local 192 168 1 148 port 60667 connected with 192 168 143 100 port 5001 ID Interval Transfer Bandwidth 3 0 0 1340025303 5 sec 128 MBytes 0 80 bits sec ID Interval Transfer Bandwidth 3 2O0 0 101 3 sec 248 MBytes 20 6 Mbits sec Client connecting to 192 168 143 100 TCP port 5001 TCP window size 16 0 KByte default 3 local 192 168 1 148 port 60694 connected with 192 168 143 100 port 5001 Figure 5 148 Actual result of BW Testing transfer speed measurement using Bytton ICR ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 231 of 272
230. euroweb ro 81 24 28 213 55 610 ma 71 256 ma 47 697 ma webhosting euroweb ro 193 226 61 45 51 511 ma 47 434 ma 51 593 ma D 1 D a C KI traceroute to www topex ro 193 226 61 45 30 hops max 38 byte packets kkk 172 20 175 201 172 20 175 201 64 266 ms 59 407 ms 47 852 ms 172 20 182 46 172 20 182 46 71 693 ms 59 468 ms 47 834 ms MobileCarrierB RoNIX Ro 217 156 113 33 63 496 ms 51 125 ms 47 809 ms EuroWEB RoNIX Ro 217 156 113 6 71 198 ms 47 609 ms 51 548 ms ewro crlil qrli2 buh ew ro 81 24 28 198 59 608 ms 47 121 ms 51 730 ms ip4 81 24 28 213 euroweb ro 81 24 28 213 67 992 ms 71 139 ms 48 347 ms webhosting euroweb ro 193 226 61 45 67 754 ms 51 118 ms 47 859 ms ONnNU i LAM And respectively traceroute to k ro 194 102 255 23 30 hops max 38 byte packets 46 108 17 161 46 108 17 161 2 827 ms 3 334 ms 2 638 ms basarabia 20ge adnettelecom ro 46 108 3 165 3 056 ms 2 532 ms 2 764 ms cr rbas 40gbps adnettelecom ro 46 108 4 217 2 982 ms 2 950ms 3 019 ms cr cr2 40gbps adnettelecom ro 46 108 4 221 2 893 ms 3 282 ms 2 900 ms 95 77 112 137 95 77 112 137 2 785 ms 3 276 ms 3 157 ms ro buhOla rdl te 1 2 v519 upcnet ro 95 77 36 249 3 667 ms ro buhO1la rd1l vi796 upcnet ro 95 77 36 61 3 811 ms ro buhOla rdl te 1 1 v518 upcnet ro 95 77 36 245 3 157 ms 7 ro buhOla ral v1324 astralnet ro 95 77 36 122 3 644 ms 3 034 ms 3 221 ms 8 www k ro 194 102 255 23 3 397 ms 3 547 ms 3 295 ms OU i CO NH Using the air 3G
231. f 272 Bytton ICR 5 CONFIGURATION You may receive the warning You have requested an encrypted page or You are about Address Le https 192 168 1 1 to view pages over a Lone Soe NAT secure connection File Edit ue i Aia X ey Internet Explorer 6 Downloads Microsoft Internet Explorer You are about to view pages over a secure connection This is normal it shows that you are connected to Bytton ICR over a secure AY Wind encrypted link Any information you exchange with this site cannot be viewed by anyone else on the Web T Inthe future do not show this warming More Info Figure 5 10 Security Alert from Internet Explorer about the secure connection encrypted page Internet Explore Internet Explore The secure connection is confirmed by the padlock symbol that shows up in 55L Secured 128 Bit the status bar at the bottom of the screen indicating a secure encrypted 1 T4 Internet connection Bytton ICR uses 128 bit SSL encryption to prevent hackers from capturing passwords and sensitive data The same security is used by banks and the military Internet Explorer shows the padlock icon only when everything on the entire webpage is encrypted But even when the browser doesn t show a padlock the https address means your data is still encrypted 5 1 6 Log in to Bytton ICR From the fist configuration screen you E OT ECH S EE Ini E sr Es may select ei
232. f Bytton may be either for GSM 3G networks or for 4G LTE This choice dictates the number and type of mobile antennas used 1 GSM HSPA For 2G 3G modules a single antenna is used The small multi band stick antenna for 2G 3G is provided in the package The cable for this antenna must be threaded into the circular connector of Bytton ICR labeled MOB located to the left of the metallic case the first connector to the left as shown in the illustration sm SIM 1 SIM 2 mul P C Li ae A Figure 4 15 Inserting the connector of the GSM 3G Mobile Antenna ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 29 of 272 Bytton ICR 4 INSTALLATION umm MM MM H LDP 2 LTE The 4G networks use a different type of antenna and generally two antennas are required to achieve the higher bandwidth specific to LTE The one or two antennas for LTE must be threaded to the corresponding Mobile connectors located to the left of the front panel and labeled AUX and respectively MAIN Figure 4 16 Inserting the connectors for the LTE Mobile Antennas one or two pcs Note In case of dual MOB connectors for diversity antennas don t forget to connect first the antenna for Main and then the second antenna for the Aux connector If only the Main antenna is connected diversity will not operate the performances will be lower but if you connect only the Aux antenna the system may not
233. featuring three or four antenna connectors cannot have also connectors for serial connections under these the one or two slot tray holder for the SIM card s each with its small yellow pushbutton labeled respectively SIM1 and SIM2 near the center three optical indicators LEDs for RF Signal Data and respectively WiFi access point labeled SGN DATA WiFi Note for equipments that are not fitted with the 802 11 b g module both the WiFi connector and the associated WiFi indicator will be missing A group of four female metallic RJ45 connectors for Ethernet network connections with different assignments The first rightmost female metallic RJ45 connector labeled WAN is for the external network The two leftmost ones labeled LAN1 LAN2 are always in a physical switch and logically they are in a bridge with the wireless local network WiFi These two ports can be assigned individual IP addresses The middle connector labeled respectively WAN O LAN 0 may be configured from the Web configuration pages according to your requirements As its name suggests the either to a second external Wide Area Network or to the switch for the local network LAN ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 20 of 272 Bytton ICR 4 INSTALLATION All four ETH connectors include yellow and green indicator LEDs the black Reset button recessed labeled RST below it the Power LED of green color Towards t
234. fine a bridge br1 bri 10 0 58 39 br2 193 205 91 87 255 255 255 0 br3 172 168 27 115 255 255 255 254 Netmask 255 255 0 0 corresponding routes for them IF1 br2 br3 in these examples 5 CONFIGURATION the program automatically inserts the Routes Kernel IP routing table Destination Gateway Zenmask Flags Metric Ref Use Iface 10 64 64 65 0 0 0 0 255 255 255 255 UH g 0 J pppl 172 168 27 114 0 0 0 0 255 255 255 254 U 0 5 D brs 192 168 144 254 0 0 0 0 255 255 255 254 U O wan z 10 0 58 8 0 0 0 0 255 255 255 254 U g g 0 greti 192 168 148 148 0 0 0 0 255 255 255 257 U 0 0 OU land 10 0 0 0 0 0 0 0 255 255 255 0 U g 0 0 bro 192 168 1 0 0 0 0 0 255 255 255 0 U j wan 19592 168 148 0 0 0 0 0 Zb 255 255 U g 0 OD Leni A 193 205 21 0 0 0 0 0 255 255 255 U g 0 0 br 10 0 0 0 0 0 0 0 255 255 0 0 U g 5 D bri 0 0 0 0 10 64 64 65 0 0 0 0 Uc J 0 pppl And it also adjusts the Linux firewall to permit the packets to flow freely over the newly created interfaces Generated by iptables save v1 4 10 on Mon Jun 18 15 30 55 2012 mangle PREROUTING ACCEPT 1514 152581 INPUT ACCEPT 1150 97818 FORWARD ACCEPT 228 37350 OUTPUT ACCEPT 1084 190069 POSTROUTING ACCEPT 1312 227419 COMMIT Completed on Mon Jun 18 15 30 55 2012 Generated by iptables save v1 4 10 on Mon Jun 18 15 30 55 2012 nat PREROUTING ACCEPT 308 29631 OUTPUT ACCEPT 128 9157 POSTROUTING ACCEPT 70 4730 A P
235. fitted with serial interfaces is becomes a machine to machine device that provides high data transfer rates to remote equipments located out in the filed over 3G mobile networks In addition to the advanced VPN and secured software features of the SOHO version Bytton ICR provides industrial grade characteristics such as rugged metal case extended temperature range for operation and storage and DIN Rail mounting for installation in an equipment rack This rugged compact size wireless router is a suitable solution for field specific applications such as telemetry or back up data transfers since it includes a wide range of communication interfaces and protocols supervised by advanced mechanisms such as backward capability including cross 3G networks coverage WAN WiFi and USB connections Using this features it can talk to several machines or measuring instruments out in the field not just PC s but also POS or ATM from filling stations and shops telemetry equipments located at remote oil wells or pumping stations etc All these remote machines may be connected via VIPN tunnels over the high speed HSPA networks to remote offices and to the headquarters of a big company with distributed presence as illustrated below edad Network hi ey ee we Figure 8 2 Illustration of distributed and field applications for Bytton ICR PE ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 246 of 272 The availability of se
236. for admin When you log in as superuser you will see and thus be able to configure additional sub pages as shown in the full menu to the right These supplementary items are respectively LAN Bridge LAN VLAN LAN 802 1X LAN Eth Port LAN MTU TUNNELS gt IPSEC TUNNELS gt OVPN TUNNELS gt PPTP ROUTING gt Dynamic ROUTING gt Virtual RT ROUTING gt QOS SYSTEM gt Update SYSTEM Defaults SYSTEM Save CFG SYSTEM Load CFG SERVICES gt VRRP Stuff gt Email Stuff gt Auto cfg Stuff gt BW test The menu items WAN and SIM have Not been detailed here since they remain identical in both cases they provide the same features for both kinds of users So for these sub pages the menu elements remain the same no matter how you log in to the Web configuration interface of Bytton ICR HOME LAN IP Settings DHCP Server WiFi Settings Bridge VLAM 802 1X Eth Port MTU F WAN TUNNELS GRE IPSEC OVPN PPTP ROUTING Firewall Routes Dynamic Virtual R T OOS SYSTEM Status Logs Password Update Defaults Save CFG Load CFG F SERVICES F SIM Stuff Email Auto cfg BW Test Figure 5 16b Web configuration page listing all sub menu items for superuser Bytton ICR 5 CONFIGURATION RR RII These menu items sub pages for configuration allow you to modify the settings for HOME this home page for configuration of the equipment
237. frequency bands of the world dual band for UMTS HSPA and tri band or quad band for GSM GPRS EDGE Thus the corresponding Mobile antenna must be compatible with all these frequency rages The standard stick antenna for GSM 3M is small only 7 cm high compact rugged suited for indoors or outdoors usage It is fitted with a with magnetic base and has a 2 5m long cable Figure 11 2 Photo of the Mobile Antenna for 2G 3G with magnetic base and connection cable The table below shows the main characteristics of the multi band stick antenna currently supplied with the Bytton ICR package for 3G variants Frequency bands GSM 890 960 MHz PCN 1710 1880 MHz PCS 1850 1990 MHz UMTS HSDPA 1920 2170 MHz 2 dBi Vertical Height Total 73 mm Base Magnetic bottom heavy Type RG174 length 2 5 m Nipple male ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 258 of 272 Bytton ICR 11 Annex 2 Antennas for ByttonICR Yagi GSM Antennas In case of locations with a low level of RF you cannot use the full potential of 3G or HSPA networks For such cases you must use Yagi antennas high gain directive for the respective GSM HSPA frequency bands instead of the usual stick antenna The high gain antenna must be installed in a place with good reception on the roof of the building Figure 11 3 High Gain Yagi Antennas and Cables for GSM HSPA Such directive antennas feature from 5 up to 14 elements provide 1
238. g 2 2012 wan settings html rWXr Xr x l root root 556 Aug 2 2012 wsh Listing of files 8 0k test net html 8 0k wan ovpn html 4 0k sim settings html 8 0k services serial html 80k qos marking html 4 0k wan ipsec html 4 0k Voice settings Lltml 12 0k Jautopr html 4 0k 8980215 html 8 0k lan dhcp html 4 0k vrrp html 4 0k voice learn html 4 0k ovpn key html 8 0k wan control html 8 0k wan pppadv2 html EE LL 1 1 111 151 111 1 11 11 11 511 11151 111 111 9 U ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 264 of 272 Bytton ICR Netstat a e Detailed Network statistics for all interfaces or Bytton ICR Active Internet connections servers and established Proto Recv Q Send Q Local Address Foreign Address State tcp 0 0 0 0 0 0 7878 0 0 0 0 LISTEN tcp 0 0 0 0 0 0 5001 0 0 0 0 LISTEN tcp 0 0 0 0 0 0 2601 0 0 0 0 LISTEN tcp 0 0 0 0 0 0 2604 0 0 0 0 LISTEN tcp 0 0 0 0 0 0 2222 0 0 0 0 LISTEN tcp 0 0 0 0 0 0 domain 0 0 0 0 LISTEN tcp 0 0 0 0 0 0 443 0 0 0 0 LISTEN tcp 0 0 0 0 0 0 33308 0 0 0 0 LISTEN tcp 0 0 localhost 7878 localhost 42616 TIME WAIT tcp 0 1420 192 168 1 148 443 192 168 144 49 54783 ESTABLISHED tcp 0 0 localhost 7878 localhost 42621 TIME WAIT tcp 0 0 localhost 7878 localhost 42622 TIME WAIT tcp 0 0 localhost 7878 localhost 42623 TIME WAIT tcp 0 0 localhost 7878 localhost 42618 TIME WAIT tcp 0 0 localhost
239. g ospf packet hello dd Is request Is update Is ack all send recv detail debug ospf zebra dump bgp all PATH dump bgp all PATH INTERVAL dump bgp routes mrt PATH dump bgp routes mrt PATH INTERVAL dump bgp updates PATH dump bgp updates PATH INTERVAL enable password 8 WORD enable password LINE end exit hostname WORD interface IFNAME ip as path access list WORD deny permit LINE ip community list 1 99 deny permit ip community list 1 99 deny permit AA NN ip community list 100 500 deny permit LINE ip community list expanded WORD deny permit LINE ip community list standard WORD deny permit ip community list standard WORD deny permit AA NN ip extcommunity list 1 99 deny permit ip extcommunity list 1 99 deny permit AA NN ip extcommunity list 100 500 deny permit LINE ip extcommunity list expanded WORD deny permit LINE ip extcommunity list standard WORD deny permit ip extcommunity list standard WORD deny permit AA NN ip forwarding ip prefix list WORD deny permit A B C D Mlany ip prefix list WORD deny permit A B C D M ge 0 32 ip prefix list WORD deny permit A B C D M ge 0 32 le 0 32 ip prefix list WORD deny permit A B C D M le 0 32 ip prefix list WORD deny permit A B C D M le 0 32 ge 0 32 ip prefix list WORD description LINE ip prefix list WORD seq lt 1 4294967295 gt deny permit A B C D M any ip prefix list sequence
240. g use of data and mobile users wanting download speeds that were comparable with fixed broadband lines Many other applications were also starting to need much faster data transfer rates and lower levels of latency These are addressed by the use of HSPA Theoretically HSPA provides HSPA data rates up to 84 Megabits per second Mbit s on the downlink and 22 Mbit s on the uplink through the use of a multiple antenna technique MIMO Bytton ICR was designed to be abele to use dual antennas for speed diversity both for WiFi and for Mobile HSPA These figures represent theoretical peak sector speeds The actual speed for a user will be lower At cell edge and even at half the distance to the cell edge there may only be slight increase compared with 14 4 Mbit s HSDPA unless a wider channel than 5 MHz is used Future revisions of HSPA support up to 168 Mbit s using multiple carriers and up to 672Mbps is proposed for 3GPP Release 11 using advanced antenna techniques Bytton ICR may be fitted with a HSPA module currently ensuring transfer speeds up to 42 Mbps for download and 5 76 Mbps for upload Further deployment of LTE mobile networks will increase this data rate up to 100 Mbps using antenna diversity IP Address Short from Internet Protocol address The numerical address of a network device or resource as expressed in the format specified in the Internet Protocol IP In the current addressing format IP version 4 the IP address is a 32 bit
241. ge area of the router First use Add New to add a record by default the table is empty then Edit to change the parameters Fort Forward No Interface Protocol IPD Port 5 SameP NewP Port D 1 BRO TCP 193 756 244 115 21 NP 47 2 GRET1 UDP e 172 168 27 41 SP e Figure 5 76 Port Forward section of the Firewall web page It forwards a port from a Interface with public IP WAN to a interface LAN with a private IP Example how to forward port 80 TCP from SIM data connection to LAN interface IP 192 168 1 10 over the same port No Interface Protocol IPD PortS SameP NewP Port D 1 PPP Embeded TCP 192 168 1 10 80 SP 0 Port Forward No Interface Protocol IPD Port 5 SameP NewP Port D mm This will generate to firewall View Active Rule after Save Commit the next rules The following rules will be generated in nat section A PREROUTING i ppp1 p tcp m tcp dport 80 j DNAT to destination 192 168 1 10 80 and respectively in the filter section A FORWARD d 192 168 1 10 p tcp m tcp dport 80 j ACCEPT To forward port 8080 TCP from SIM data connection to LAN interface IP 192 168 1 11 over port 80 No Interface Protocol IPD PortS SameP NewP Port D 1 PPP Embedded TCP 192 168 1 11 8080 NP 80 This will generate also to the firewall the next rules In nat section A PREROUTING i ppp1 p tcp m tcp dport 8080 j DNAT to destination 192 168 1 11 80 and in the filter section A FORWARD ed
242. gly There are two kinds of settings for the IPSEC tunnels global and specific to each tunnel IPSEC Global IPSEC Settings Use Default Route Interface for all Tunnels NAT Traversal router behind NAT Firewall Define Specific IPSEC Tunnel Settings f _ Local Local Subnet e Remote Remote Subnet Description Tunnel Interface Local IP Smet rans LocalID Remote IP Subnet Mole Remate ID IMiclia ipseci ee 10 0 0 5210 0 0 0 255 255 0 0 10 0 0 53 178 25 144 39 0 0 0 0 0 0 0 0 178 25 144 16 Edit Delet Add New The Global IPSEC settings include using the default route interface for all tunnels and respectively using NAT for traversing the routes through a firewall l ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 131 of 272 Bytton ICR 5 CONFIGURATION They are located in the upper part of the page Location Tunnels gt IPSEC Remote User superuser IPSEC Global IPSEC Settings Use Default Route Interface for all Tunnels NAT Traversal router behind NAT Firewall Specific IPSEC Tunnel Settings Wi ae a eee Local Local Subnet oe Remote Remote Subnet Description Tunnel Interface Local IP c et Netmask LocalID Remote IP Subnet Neimask Figure 5 66 Global IPSEC settings Or each option select Yes of No then press Save When you choose YES for usage of the default route interface this is the default setting this will override any other U5 Default Route Interface for all Tunn
243. gs to factory defaults When you select Defaults a confirmation window shows up asking you Are you sure Topex Location System gt Defaults NENNEN et Empowering Communications Remote User superuser HOME LAN WAN Are you sure you want to load default settings TUNNELS ROUTING SYSTEM Status Logs Load default settings Password Update Defaults save CFG Figure 5 116 Defaults loading the factory default settings If you want to proceed click the YES button and the equipment will revert to the factory default settings Following a reset it will start operating with the factory default values for all parameters Bytton ICR 5 5 ROUTING E During the process you will see on screen the blinking message Updating settings please wait and a red progress bar as shown below Topex Location System gt Defaults Saas tt EE E ia Remote User superuser inis eee HOME F LAN F WAN Updating settings please wait F TUNNELS gt ROUTING EE 31 SYSTEM Status rasing 128 Kibyte 0 0 complete Erasing 128 Kibyte 20000 6 complete Erasing 128 Kbyte 40000 12 complete Erasing 128 Kbyte 60000 18 complete Erasing 128 Kibyte 80000 25 complete Erasing 128 Kibyte a0000 31 complete Erasing Bal 128 Kibyte c0000 37 complete Erasing 128 Kibyte e0000 43 complete Erasing 128 Kibyte 100000 50 complete Password rasing 128
244. guration by importing a cfg file from a specified address and bandwidth testing by timing file transfers Depending upon the actual firmware version running on your Bytton 3G router you may or may not have access to all these configuration sections Also the number of accessible sub sections depends upon the level of authorization for instance for the same firmware when you log in as a simple user or as admin you will see fewer sub pages as one who authenticates to the system as superuser Only the WAN and SIM configuration sub page is always the Be WAN same no matter if you are a simple user Admin or super user Status Settings This happens since the configuration of mode of connecting to the SE WAN Port PPPoE P D D SMS Read SMS Send remote network and information about the state of the SIM card and mobile module its settings and sending and receiving text messages are features available for all the users of Bytton ICH no matter what level of authorization they have The Menu bar is located to the left and features the button Commit at its bottom On top of the web page after the Rohde amp Schwarz Topex S A Topex incatnn LAN gt IP Settings logo you will see a Location indication which reminds you jum l where you are on the Web interface In this example the section is LAN and the subsection IP Settings kii for LAN LAN IP Settings Under the Location information you can see Rem
245. he Dynamic Routing Disabled the default setting Dynamic R autini OSPF or to use either RIP OSPF or BGP algorithm for dynamic routing saat Disabled RIP In the Dynamic mode of routing you need not specify fixed routes Instead the router adjusts automatically to physical changes in the layout of the network and it exchanges routing tables with other routers The available options for dynamic routes are RIP Routing Information Protocol It was the first routing protocol implemented for dynamic routing and hence it is widely used HIP is a distance vector routing protocol The route of the data packets is determined in such way as to have the fewest possible number of hops between the source and the destination OSPF Open Shortest Path First This is a link state routing protocol as opposed to distance vector protocol RIP It is an Internet standard IGP defined in RFCs 1583 1793 and RFC 2328 OSPF Runs directly over IP and interfaces with SNMP for configuration and control purposes As a link state routing protocol OSPF contrasts with RIP and IGRP which are distance vector routing protocols The SPF shortest path first algorithm used by OSPF has the advantage is that it results in smaller more frequent updates everywhere thus it makes for a stable network Its disadvantage is that it is intensive it requires for processing more CPU power and memory BGP Border Gateway Protocol It is a protocol for exchanging
246. he IP address of the computer from the coverage area of the Bytton in the case when in the Direction field is set Forward When it is set the Input option the IP address will not be filled Port the number of source port which will be open D A Accept or Drop the respective rule ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 146 of 272 Bytton ICR 5 5 ROUTING E Use the link Advanced lptables Add to go directly Add New to the IP tables window and set up additional rules Forward Help Figure 5 78 The link Advanced lptables Add Advanced Iptables Add View Active Rule You can define firewall rules in this table expert use only Firewall Settings k Fnat PREROUTING ACCEPT 0 0 POSTROUTING ACCEPT 0 0 OUTPUT ACCEPT 0 0 COMMIT merde PREROUTING ACCEPT 0 0 INPUT ACCEPT 0 0 FORWARD ACCEPT 0 0 OUTPUT ACCEPT 0 0 POSTROUTING ACCEPT 0 0 COMMIT filter INPUT ACCEPT 0 0 FORWARD ACCEPT 0 0 OUTPUT ACCEPT 0 0 m COMMIT Please use the COMMIT button to activate your changes Figure 5 79 Directly writing firewall rules settings in iptables General info The firewall has several sections for pre routing post routing input output and forwarding of data packets This refers to the moment of time for the data packets PREROUTING before effective routing as soon as the packets are received by an interface POSTROUTING after the local r
247. he bottom is the table where you define the routes Boute List Virtual Table VTl target gateway source proto scope dev tbl 10 0 59 64 30 static link br in 0 0 0 24 static link bro 10 0 0 0 24 10 0 0 1 static br 172 27 0 0 16 static link land Route List Virtual Table VIZ target gateway source Proto scope dew tbl 192 168 148 148 31 192 168 1 8 atatic wan 172 27 0 0 16 static link land in 0 0 0 16 10 0 0 1 atatic bro Route List Virtual Table VI3 target gateway source proto scope dev tbl 172 27 0 0 16 static link land 73 0 0 0 8 atatic link lan Route List Virtual Table VI4 target gateway source proto scope dev tbl 192 168 1 236 30 static link br i0 0 0 0 24 atatic link br 172 27 0 0 16 static link lan IP 10 0 0 239 10 0 59 67 10 0 58 115 127 27 45 88 192 168 144 254 192 168 1 239 172 168 56 99 81 246 245 93 192 168 143 149 73 224 88 180 75 152 73 254 127 27 39 205 List of current routes for each VT Route List Virtual Table VT1 Netmask 255 255 255 0 255 255 255 252 255 255 0 0 255 255 255 254 255 255 255 254 255 255 255 252 255 255 255 0 255 255 255 252 ZA CH Z 255 0 0 0 255255 0 0 255 255 255 254 Router Interface 10 0 0 1 Router off BRO 10 0 0 1 off 192 163 1 2 off 192 163 1 8 off 132 168 1 8 off 73 224 88 2 192 168 143 247 Metric 15 20 15 12 20 10 10 15 12 10 off 15 target gateway source proto scope dev tbl 10 0 59 64
248. he bottom of PPP Advanced Setings the PPP web page This advanced section controls the parameters of the Point to PPP Check Data Link Point Protocol for the internal data terminal in this case the embedded GSM HSPA or LTE modem Empowering Communications Top ex Location WAN gt PPP Remote User superuser HOME l LAN WAN Settings WAN Port PPPoE F TUNNELS ROUTING F SYSTEM SERVICES SIM Stuff PPP settings for the internal data terminal AT Init Command 1 AT CGDCONT 1 IP la AT Init Command 2 AT Init Command 3 AT Init Command 4 AT Init Command 5 AT Timeout AT Dial Command ATD 99 12 Authentication Username username Password password MTU 1500 Idle Time Defaultroute Enabled IP Address 0 0 0 0 Gateway 0 0 0 0 BACK Please use the COMMIT button to activate your changes Figure 5 53 Advanced PPP Settings for the embedded modem of Bytton ICR You need to change these advanced settings when you go to a region with different settings if you use a different network operator or when you replace the embedded HSPA modem with another external 3G modem that requires special parameters AT Commands Here you can enter commands to be sent to the modem that connects to the mobile carrier AT Init Command 1 2 3 Enter the character strings for the AT commands used to initialize the modem such as AT CGDCONT 1 IP lant Depending on the specificatio
249. he bottom of the screen you should see the link icon blinking and a message will show up Bytton ICR is now connected ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 36 of 272 Bytton ICR 5 CONFIGURATION pm s Internet Protocol Version 4 TCP TPw4 Properties An alternate example of manual settings when the IP General address of Bytton ICR is 10 0 0 1 You can get IP settings assigned automatically if your network s C E ric DNE cuff 4 this capability Otherwise you need to ask your network admini De d k i tio Keen Wer Realtek RIL81239 218x for the appropriate IP settings IC p EE circ do Pe Physical Address a a a a 4 8 H6 4F 82 15 82 x T e DHCP Enabled a Hn Obtain an IP address automatically Autoconfiguration Enabled Mes EE EE TEE IPu4 Address 1H H H 12 amp Preferred a Use the following IP address Cubnet ask a a a aoao a 2 955 255 255 f IP address w o 0 12 POTE 4 4 4 4 Subnet mask 255 255 255 E Default gateway 10 0 Q0 amp Use the following DNS server addresses Preferred DNS server 10 Alternate DNS server 4 Validate settings upon exit Note When you use for your local network a Proxy Server you must set an exception for the Rohde amp Schwarz Topex S A wireless router because otherwise you won t be able to a
250. he logical aspects this configuration page refers to the physical parameters for each Ethernet port of the equipment ETH Ports For each of these four ports you can establish precisely the network operating parameters Duplex Speed Autonegotiation WAN Full 10 100Mb s Enabled WAN Edit ag Half v uge ED Disabled Lan Eu EL 100 Mb d Enabled LAN1 Edit mane cl lees c Sen TN Hespectively Duplex mode Speed Auto negotiation and local name LAN1 Half e 10 100 Mb s e Disabled e LAN15 LAN2 Ful ei 10 100Mbjs nablec LAN2 Edit Disabled Duplex Mode you may let the default Full duplex or choose Half duplex instead Speed You may choose 1 10 Mbps instead of the default 10 100 Mps Auto negotiation by default it is Enabled Why disable the Auto negotiation The automatic negotiation is an optional function of the IEEE 802 3u Fast Ethernet standard that enables Ethernet adapters to exchange automatically information over a link about speed and duplex abilities By default the ETH ports of Bytton ICR are set to auto negotiation since different users may connect to it ByttonICR fulli _genericUsermanual_sw303FAS_revG_en doc Page 100 of 272 Bytton ICR 5 CONFIGURATION having several types of network adapters The users may have eithe
251. he right edge the round connector for the power supply jack labeled PWR 12Vpc Antenna Diversity Variants The versions of Bytton ICR equipment for antenna diversity or MIMO multiple input output feature two antenna connectors labeled MAIN and respectively AUX for the Mobile network and or for the WiFi access point JO 9L bd oO WAN WAN O LAN 0 LAN 2 CC PWR Lamm SIM DATA WiFi As can be seen these multiple antenna variants have no room on the front panel for SER USB or FXS connectors 4 4 Connecting the data cables To ensure a proper functioning of the Bytton ICR unit you must make the right cable connections as described below Figure 4 8 Reg ali the cables and accessories to Bytton T ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 21 of 272 Bytton ICR 4 INSTALLATION pz H H M M M Mf For local network connection Use standard UTP network cables CUT 5 fitted with RJ45 connectors at both ends The cables can be either straight through or crossover since the three port switch of Bytton ICR is auto crossover Rae Mobile network j e gU gi Figure 4 9 Connecting the LAN cables One short length of RJ 45 cable is supplied with the BYTTON Router You may use either 10Base T or 100Base T connection and both types of Ethernet connections maybe used on the same time The network cables a
252. he second WAN port want LANO WANO WAND IP Address 192 168 148 143 Netmask 255 255 255 252 This new address will be visible in Ifaces as lanO bro Link encap Ethernet HWaddr 00 19 70 49 F3 D7 inet addr 172 168 1 1 Bcast 172 168 1 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 142 errors 0 dropped 0 overruns 0 frame 0 TX packets 60 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 22825 22 2 KiB TX bytes 11603 11 3 KiB lan Link encap Ethernet HWaddr 00 50 C2 F5 23 2A UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 204 errors 0 dropped 0 overruns 0 frame 0 TX packets 63 errors 1 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 39576 38 6 KiB TX bytes 11741 11 4 KiB Base address 0x2200 lanO Link encap Ethernet HWaddr 00 50 C2 F5 23 27 inet addr 192 168 148 148 Bcast 192 168 148 151 Mask 255 255 255 252 UP BROADCAST MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 1 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 0 0 0 B TX bytes 46 46 0 B Base address 0x2000 The second WAN IP shows up and also in the Routing Table Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192 168 148 148 0 0 0 0 255 255 255 252 U 0 0 O0 lanO 172 168 1 0 0 0 0 0 255 255 255 0 U 0 0 0 brO 192 168 0 0 0 0 0 0 255 255 0 0 U 0 0 0 wan 0 0 0 0 192
253. help of a mechanical adapter mounting kit This mounting kit includes a mechanical adapter a bracket with hooks and clamps that allows easy clipping unclipping of the Bytton case to the Omega DIN rail The steps required to mount Bytton ICR on the standard omega DIN Rail are described next first attach the mechanical adapter bracket to the back of the metallic case of Bytton The fastening is done by means of a pair of M3 mechanical screws use two M3 x 8 screws Figure 4 3 Attach the mechanical adapter to the back of the case of Bytton ICR Bytton ICR 4 INSTALLATION LLL LLL nny Correct position for the adapter The upper part of the adapter the one with two hooks must be towards the left of the Bytton case the edge opposed to the side with the power jack This is illustrated by the attached pictures which show the metallic case of Bytton ICR in upright position When you use the manufacturer s label on the belly of the Bytton case as a reference Rohde amp Schwarz Topex eer ED Description Router 3G LTE LTE 800 900 1800 2100 2600 MHz WCDMA 93900 2100 MHz Product BYTTON ICR Rating 12 Vdc 2A Weight max 400 g ROMANIA 2012 ITT IMB 353567040364557 UI WH UI MAC LAND 0050C2F52971 UU HIRTT MAC LAN TI 0050C2F52972 III III UI MAC WAN 0050C2F52973 COMPLIANT ZU DEEL CODE BYT 3G F2B 2 SM ByttonICR fulli genericUsermanual sw308FAS revG
254. his associated text file may be viewed opened for instance with the Notepad text editor of Windows F E CN i S i k ES topex 3 0 3 a FA S txt Notepad File Edit Format View Help Firmware topex 3 0 3 a FA 5 trxcheck sum Iracli vasileBuild Date Thu Jul 12 10 26 12 EEST 2012 c id ut bor Figure 5 109 Opening in Notepad the associated file with Check Sum ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 193 of 272 Copy the value of Control Sum from this file and paste it in the web page in the field named Control Sum Topex Location System gt Update Remote User superuser Empowering Communications HOME irmware te LAN Firmware Update WAN Please select your firmware update file below enter the control sum and click the SEND TUNNELS button ROUTING SYSTEM Status Logs Password Update Defaults Save CFG Figure 5 110 Firmware Update window with the control sum filled in Now click the Send button to perform the update A Firmware Update window shows up you can see a progress indicator under the message Firmware is updating please wait Opex Location System gt Update OPEP Empowering Communications Remote User superuser 3 HOME LAN WAN TUNNELS ROUTING SYSTEM Status Firmware Update Updating firmware please wait Figure 5 111 The Firmware Update window with progress bar that shows uploading of a new firmware v
255. his is your best MTU value for the respective interface and provider Bytton ICH lets you specify the optimal MTU value for each of the physical or logical interfaces of the equipment Mo Interface The drop list lets you choose from all the available interfaces of the equipment Interface MTU 1410 Edit 1500 Edit Edit 1500 LANO WANO Embeded_Modem Select the corresponding MTU value save the individual entry then use the button Save and Reload at the bottom of the page and the option Commit to make the changes permanent Note that the VLAN table also allows you to set the MTU value for each of the VLANs you create Mo Interface vlan IP Metmask MTU V Int 1 Bo D 2 10 0 58 19 255 255 255 0 1500 br 2 Edit Del 2 Embeded Moder 3 10 81 90 1 255 255 7535 754 749 ppp1 3 Edit Del 3 Dr 2 4 172 168 254 197 255 2535 2535 757 1473 br0 2 4 Edit Del 4 VPI T 10 6 192 168 148 237 255 255 255 0 1500 tun 6 Edit Del 5 Embeded Modem e 7 93 122 228 1 255 255 0 0 735 ppp1 7 Edit Del ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 109 of 272 Bytton ICR 5 CONFIGURATION EE The corresponding values set up for MTU over different interfaces can be seen in lface Status bri Link encap Ethernet HWaddr 00 50 C2 F5 23 27 inet addr 10 0 58 39 Bcast 10 0 255 255 Mask 255 255 0 0 UP BROADCAST RUNNING MULTICAST MTU 1472 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0
256. hroughput between the two ends either unidirectionally or bi directionally A typical Iperf output contains a time stamped report of the amount of data transferred and the throughput measured ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 233 of 272 Bytton ICR 5 5 ROUTING FE To configure IPERF on Bytton in the field IPERF Cen choose Client instead of the default Disabled IPERF Server iig Complete the correct IP address in the filed Test Test server Disablec server Schedule in min SE Specify the scheduling time interval in minutes in the field Schedule the default value is one minute 5 8 4 Actual Speed Test Results The values determined by means of the BW Test web page are more accurate but you may also use different freely available Internet Speed Test sites The results from some of these sites are shown here Verizon 3G ERIZON 3G RESULTS est results for Verizon s 3G network TOTAL TESTS AVG DOWNLOAD AVG UPLOAD AVG PING O3 8 w On s Y are e Refresh Speed Wave Figure 5 151 Speed test using Verizon 3G site My 3G speed download and upload Download test results Upload test results 3 17 mbps 3176 kbps 397 kBps 0 71 mbps 712 kbps 89 kBps Latency 506 ms Latency 247 ms Test Time 21 49 secs Test Time 11 78 secs Test Device Windows NT Test Deuce Windows NT Figure 5 152 Download and Upload speed tests My 3G speed
257. hus it provides access rates up to the maximum possible for each mobile voice data network This way you may talk download files or surf the Web without cabled connections almost anywhere at any time When you are out of the coverage of high speed networks such as LTE or HSPA UMTS you can still get services on the wireless Internet with alternative access via GPRS EDGE GSM network in your area The embedded multiband modem covers almost all of the frequency bands of the world dual band for UMTS HSPA and tri band or quad band for GSM GPRS EDGE Serial interface s For connection to legacy devices Bytton ICR can feature one or two configurable RS 232 or RS 485 ports By means of the Web configuration menu you may control the serial interface RS232 of Bytton ICR and its associated IP services SER Z gt L o SIM 1 SIM 2 SGN Figure 1 1 Bytton ICR featuring one or two RS 232 ports SER1 SER2 Available variants Bytton is a versatile equipment it features inside one motherboard that can get several types of plug in daughter boards according to the functions requested by the customer several types of mobile modules for 2G or 3G networks UMTS HSDPA HSPA and even LTE for 100 Mbps peak download rate or for different frequency bands 850 900 1800 1900 MHz for GSM GPRS EDGE 2100 MHz for HSDPA or HSPA 800 900 1800 2100 2600 MHz for LTE and so on The external aspect of the equipment remains the same for a
258. i i SIM Stuff Netmask Router Interface Metric 192 168 148 140 255 255 0 0 off b2 30 0 0 0 0 Routes Help Interface Status Reload Please use the COMMIT button to activate your changes Figure 5 83 Routes display and definition of static routes Bytton ICR 5 5 ROUTING po M Note that the Static Routes configuration screen also has two distinct parts the upper pane displays the current routing table such as Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10 64 64 65 0 0 0 0 255 255 255 255 UH 0 0 0 pppl 194 102 255 23 192 168 1 8 255 255 255 255 UGH 0 0 0 wan 195 74 234 12 0 0 0 0 255 255 255 254 U 0 0 0 br2 10 0 0 0 0 0 0 0 255 255 255 252 U 0 0 0 bro 192 168 144 0 0 0 0 0 255 255 255 0 U 0 0 0 wan 3 10 0 0 0 0 0 0 0 255 255 255 0 U 0 0 0 bro 192 168 148 0 0 0 0 0 255 255 255 0 U 0 0 0 wan 192 168 0 0 0 0 0 0 255 255 0 0 U 0 0 0 wan 10 0 0 0 0 0 0 0 255 0 0 0 U 0 0 0 bri Or Location System gt Logs Remote User superuser Empowering Ca Kernel IP routing table Destination Gateway CGenmaak Flaga Metric Hef Uae Iface 10 64 64 65 2 0 0 0 205 255 255 255 UH d d 0 pppl 195 74 234 12 0 0 0 0 255 255 255 254 U d d 0 bre 10 0 58 44 0 0 0 0 255b 255 255 252 U d d 0 br3 10 0 0 0 0 0 0 0 2BBR 255b 255 252 U d d 0 bro 192 168 148 148 0 0 0 0 259 299 255 252 U d 0 0 land 192 168 1
259. i wan 10 0 155 28 10 0 0 0 255 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Gaiesti ipsec2 pppi 172 34 168 233 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Add New Figure 5 67 Specific IPSEC settings At fist the table is empty as shown above so you must use Add new to define each IPSEC tunnel Specific IPSEC Tunnel Settings Description Tunnel Interface Local IF Local Subnet Local Subnet Netmask Local ID Remote IP Remote Subnet Remote Subnet Metmask Remote ID abramkow tz ipsecl defaultroute 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Edit Delete ipsec2 odefaultroute 192 1678 234 19 0 0 0 0 0 0 0 0 0 0 00 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Edit Delete Use Del to erase an existing tunnel definition or Edit to open up the large window for defining the parameters for each IPSEC tunnel Specific IPSEC Tunnel Settings Local Local subnet Remote Remote Subnet Description Tunnel Interface Local IP Subnet Neimazk Local ID Remote IP Subnet Neimak Remote ID Service conlipseci p Gairoule 10 0 58 27 10 0 0 0 255 255 0 0 10 0 58 31 193 87 185 214193 87 0 0 255 255 0 0 193 87 185 229 Edit Delete Alternate ipsec2 E siint 10 0 58 105 10 0 58 0 10 0 58 112 10 0 58 110 96 207 89 35 96 207 0 0 255 255 255 254 96 207 89 203 Edit Delete Add New EIL 1 eee Ss SS ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 133 of 272 Bytton ICR Max Bandwidth Tunnel Type Initialize Authentication Metho
260. ice according to your requirements For instance you can use addresses in the range https 172 27 168 xxx or https 10 0 58 1 as shown in this example IP Address 10 0 58 Metmask 255 255 255 0 Figure 5 7 Changing the default IP address of Bytton ICR Aditional IP 5 1 5 Secure Connection HTTPS Security Alert E X Information you exchange with this site cannot be viewed or iv changed by others However there is a problem with the site s security certificate Note that Bytton ICR uses a secure web connection https so ou ma et several warnin The security certificate Was issued by a company you have y y lik g thi g not chosen to trust View the certificate to determine whether messages Ke thIs One you want to trust the certifying authority RA The security certificate has expired or is not yet valid Figure 5 8 Security Alert for the https connection EE The name on the security certificate is invalid or does not match the name of the site Do you want to proceed Yes View Certificate or similar warnings mentioning Website Certified by an Unknown Authority You should click Yes OR or Accept to go on Type OK to accept the certificate for the Bytton ICR website Other Security Error messages may warn you about Domain Name Mismatch referring to the security certificate Again click OK to continue ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 38 o
261. ignal Level 15 30 Signal Level 16 30 RSCP 84 dBm Network 0 0 COSMOTE 0 2G Signal Ec Io Tot Ec To 3 5 dB CELL d 1 1862 42 Network 0 0 RO Digi Mobil 3 3G l l m l CELL 2 1 02BC 02BC7912 2 Registration online Registration online Figure 5 155 SIM Status examples for different Romanian carriers The examples above refers to SIM cards from different carriers with the level of RF signal is lower or higher having access to both 2G and 3G technologies One Sim card has a higher signal level but is not properly registered it provides just limited service thus it is offline Security unlocked Security unlocked Security unlocked Modem Version K2 0 7 43AP Modem Version K2 0 7 43AP Modem Version K2 0 7 43AP IMSI 226102100414755 IMSI 226102100414755 IMSI 226102100414755 IMEI 355060025698866 IMEI 355060025698866 IMEI 355060025698866 Signal Level no signal Signal Level 14 30 RSCP 85 dBm Signal Level 14 30 RSCP 84 dBm Signal Ec lo Signal Ec lo Tot Ec lo 4 0 dB Signal Ec lo Tot Ec lo 4 5 dB Network O error Network 0 0 RO Network 0 0 RO MobileCarrierB 2 CELL 2 0 MOBILECARRIERB error 1 UMTS HSDPA HSUPA Registration offline CELL 2 1 03F2 00102CE3 2 CELL 2 1 03F2 00102CE3 2 Registration online Registration online Figure 5 156 Several examples of SIM Status for the Mobile Carrier B provider In the series of three examples above the same Bytt
262. ihais iPod 01 60 fb 42 359 48 86 Please Reload ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 186 of 272 Bytton ICR 5 5 ROUTING pr LLL Start Stop PPP This feature allows you to manually start and stop the PPP link When PPP link status is online the button will display Stop since it now allows you to stop the PPP link break the connection After you have stopped the PPP connection the same button changes its name to Start PPP obliviously if the connection is stopped you may want to start it again See below a few examples Bes Te H sei H PPP link offline nee T PPP link stopped PPP link starting PPPOE link offline Stop PPP 11 08 58 up 38 min load average Please Reload Figure 5 98 Examples of state of the PPP link and Start Stop button The shutting down or restarting of the PPP mobile data link may be seen in the system logs Jun 26 10 01 49 bytton daemon info pppd 5747 CHAP authentication succeeded Jun 26 10 01 49 bytton daemon notice pppd 5747 CHAP authentication succeeded Jun 26 10 01 49 bytton daemon debug pppd 5747 sent CCP ConfReq id 0x1 Jun 26 10 01 49 bytton daemon debug pppd 5747 sent IPCP ConfReq id 0x1 Jun 26 10 01 49 bytton daemon debug pppd 5747 rcvd LCP ProtRej id 0x2 80 fd 01 01 00 Of la 04 78 00 18 04 78 00 15 Jun 26 10 01 53 bytton defaulting to 10 64 64 01 01 01 01 01 01 01 01 02 Jun Jun Jun Jun Jun Jun
263. ility of conflict with IP addresses used by other companies or organizations Bytton allows you to selectively enable NAT or Masquerading for each of its interfaces NTP Acronym for Network Time Protocol Internet standard protocol used to update the real time clock in a computer It assures accurate synchronization to the millisecond of computer clock times in a network of computers NTP is very useful in packet switched variable latency data networks In case of Bytton ICR when you want to measure the performances of the network you need accurate universal time stamps for the data packets NTP runs as a continuous background client program on a computer and it sends periodic time requests to servers obtaining server time stamps and using them to adjust the client s clock NTP uses UDP port 123 as its transport layer It is designed particularly to resist the effects of variable latency There are numerous primary and secondary servers in the Internet that are synchronized to the Coordinated Universal Time UTC via radio satellite or modem For more information visit www ntp org l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 251 of 272 Bytton ICR 9 Glossary ee PPP Acronym for Point to Point Protocol Network protocol widely used to connect computers to the Internet Works on the data link layer of the OSI model PPP sends the TCP IP packets of the gateway to a server that puts them onto the Internet It is more stable
264. ink online IP 172 23 5 1861 embedded modem of the Bytton equipment It may be in one of these states online active offline or PPPOE link stopped Stopped means it is Disabled while Offline may indicate temporary connection hang up Ethernet link up but it activates when Bytton sends receives data PPP link starting PPP link online IP 93 122 148 36 traffic If the PPP link is online the IP allotted by your provider will also be shown State of the PPPOE data link which uses the WAN Ethernet port for the PPP connection PPPOE link PPPOE link offline PPP link online IP 93 122 148 36 EE LL 551 151 5 151 1 5 1 51 1 1 1 1111 a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 185 of 272 Bytton ICR 5 5 ROUTING pem M u M System uptime time since the last restart of the Topex Bytton ICR equipment both in full format hours minutes seconds and short format up 1 minute System uptime 11 41 59 up 4 50 Load average 0 06 0 04 0 01 or load average 1 50 1 67 1 71 info about system loading maximum value average value number of active processes DHCP Leases temporary assigned IP addresses and their corresponding MAC host name validity period etc DHCP Leases 1340747490 00 1d e0 5e c2 ab 10 0 0 16 DL 1340747274 6c 0 49 76 24 4b 10 0 0 15 VO000073 01
265. invaliid id string 1 00 00 22 bysten user Ze kernel Serial 2250 16650 driver 4 perta IRQ sharing disabled 1 00 90 23 byzion user info kernel serial 250 0 z7y80 az MMIO Ome0004500 irq 16 im 16660A 1 03 02 22 bytton user info kernel sconecle ttyS5 enabled boctccaescle cisshied 1 50 00 22 bytton user info kernal serielezs0 0 stySi as MMIO OxaoD04600 irg 16 s a LEBECA 1 90 00 33 byston user info kernel brd module losded Figure 5 99 Aspect of the System Log of Bytton ICR The log is a place where all the applications running on the Bytton ICR equipment store their output messages status reports confirmation or error messages activity and so on It is a plain text thus easy to interpret record of actions taken by the software as it runs on Bytton ICR changes made devices and drivers detected files added or deleted communication with the modem network settings and so on See below some samples of this LOG file Jan 1 00 00 35 bytton user info kernel sierra 1 1 1 3 device disconnected Jan 1 00 00 35 bytton user info kernel sierra ttyUSB4 Sierra USB modem converter now disconnected from ttyUSB4 Jan 1 00 00 35 bytton user info kernel sierra 1 1 1 4 device disconnected Jan 1 00 00 35 bytton user info kernel sierra ttyUSB5 Sierra USB modem converter now disconnected from ttyUSB5 Jan 1 00 00 35 bytton user info kernel sierra 1 1 1 5 device disconnected Jan 1 00 00 35 bytton user info kernel sie
266. ions including remote control and monitoring of the fleet of Bytton while located out in the field features one or two serial ports for connection to legacy equipments adapter device for mounting on industrial standard DIN Rail to be placed in watertight enclosures for outdoors usage e High Security stateful packet inspection firewall for Internet connection 128 bits encryption for wireless clients WEP and WPA with TKIP or AES encryption secure HTTP HTTPS access to configuration pages secure SSH remote management embedded VPN tunnels GRE IPSec PPTP MAC filtering and 802 1x certificates authentication e Ease of Use web based configuration interface embedded server for dynamic IP configuration of the clients DHCP e Advanced Internet Connection Management automatic connection establishment on traffic detection automatic disconnection on lack of traffic complete network address translation NAT support e VPN and IP tunneling versatile settings for IP tunneling embedded support for GRE IPSec OVPN PPTP you can define up to 20 IPSEC tunnels allow easy building of secure virtual private networks other kinds of secure tunnels available upon request e Bridge capability you may define several bridges between up to four interfaces of the equipment each bridge may be considered a kind of software switch that can be used to connect multiple Ethernet interfaces either physical o
267. irtual Routing Tables QOS by means of packet marking and classifying GRE IPSEC PTTTP and Open VPN for IP tunneling Quagga with RIP BGP or OSPF for dynamic routing Wired Network ETH interfaces Integrated four port Router that includes a three LAN port Switch with Management and Layer2 for Ethernet 10 100 base T QoS according to 802 1p 802 1q Supports both static and dynamic IP address One dedicated WAN port All ports are fully configurable via Web interface assignement IP address and netmask speed mode of operation Connector type female RJ45 Serial One or Two SER port for RS 232 RS 485 serial links over RJ 45 connectors Selection between RS 232 and 485 is done at the factory by mounting different hardware according to the customer s order RS 232 interface is type 5 wire RX TX GND RTS CTS RS 485 interface is full duplex two wire pairs one for TX and one for RX SPECIAL Optional one USB 2 0 Slot on request Optional one FXS telephone interface on request Depending upon the type of module selected for equipping Data service based on packet switched PS mode Supporting SMS service based on GSM GPRS EDGE or UMTS supporting group transmission of messages GPRS Multi slot Class 12 EDGE Multislot class 12 Link Adaptation and Incremental Redundancy WCDMA 3GPP Release 5 MC7710 modules available for LTE up to 100 Mbps download featuring antenna diversity MIMO support two antennas may be used One pha
268. is used Other fields refer to the Metric routing cost the number of references to this route etc Finally Iface is the name of the network interface used for this route For Ethernet interfaces the names will be Jon lant lan2 and so on for the PPP interfaces the names will be ppp1 ppp2 for WAN you have wan and want for the GRE tunnels gret1 gret2 and so on while the default bridge is brO and the VLAN is br0 2 Static Route Definition Such a static route is a possible path from a device to its destination or to another host You must insert predefined rules of routing for BYTTON in case you append one or several network equipments such as routers behind the Bytton ICR device to share the same connection to the mobile Internet This way the Bytton router will be able to know where it may deliver the data packets coming from the Internet with different destination IP addresses At first the routing table is empty so you must use Add New to create a new entry Route IP Netmask Router Interface Metric Add New l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 153 of 272 Bytton ICR 5 5 ROUTING EH then Edit to modify it and finally the Save button to individually save the respective rule No Route IP Netmask Router Interface Metric 1 s5tatic 192 168 148 149 Add Mew WAN wan 3 Routes Help bri Figure 5 85 Routes Definition of Static Routes For each route shown as above you may perform thes
269. ity AA NN local AS no advertise no export AA NN local show bgp community AA NN local AS no advertise no export exact match show bgp community list lt 1 500 gt WORD show bgp community list lt 1 500 gt WORD exact match show bgp filter list WORD show bgp ipv4 unicast multicast show bgp ipv4 unicast multicast rsclient A B C D X X X X A B C D M show bgp ipv4 unicast multicast rsclient summary show bgp ipv4 unicast multicast summary show bgp ipv6 show bgp ipv6 unicast multicast Figure 13 2 Partial list of Quagga commands visible in VTY Shell Figure 13 1 Examples of actual results of Quagga commands running over Bytton ICR Other examples of outputs of Quagga commands bytton show ip route Codes K kernel route C connected S static R RIP O OSPF I ISIS B BGP gt selected route FIB route K gt 0 0 0 0 0 via 10 64 64 65 pppl C 10 0 0 0 24 is directly connected brO C gt 10 64 64 65 32 is directly connected pppl C gt 127 0 0 0 8 is directly connected lo C gt 172 27 0 0 16 is directly connected lanO C gt 192 168 0 0 16 is directly connected wan C gt 192 168 148 0 24 is directly connected wan bytton quit bytton show memory Memory statistics for zebra System allocator statistics Total heap allocated 264 KiB Holding block headers 0 bytes Used small blocks 0 bytes Used ordinary blocks 230 KiB Free small blocks 16 bytes Free
270. ive data network Figure 3 1 Connecting the local clients to Internet via broadband mobile data network eee wm wm mm mm vm mot Figure 3 2 General field applications of the Bytton ICR wireless router Figure 3 3 Bytton ICR acts as a router for wired and wireless local networks ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 13 of 272 Bytton ICR 3 What 1s Bytton ICR INTERNET allowed request non allowed request Figure 3 4 Firewall function of Bytton ICR All computers on the wired local networks can access the Internet or remote VPN networks through the 3G Router from Rohde amp Schwarz Topex S A using only a single external IP address One can rest assured that the local area network connected to our product is safe because we have implemented a very powerful firewall and intrusion detection system The Bytton ICR Router makes usage of NAT Network Address Translation and SPI firewall to ensure protection for your local wired networks The features of the firewall are identical to those available to Linux servers throughout the world which are well renowned for their safety This firewall is fully configurable but it is also easy to use for beginning users The software of Bytton ICR assures Router assures secure communication over the public networks through embedded VPN tunnels GRE
271. jie ten ata Periodic reset data connection bo Reboot it performs a full reboot restart of Bytton ICR Reset Data Connection only the data connection is resetted the equipment does not stop operating Reset to Factory Defaults after full reboot Bytton ICR settings are restored to factory defaults Periodic reset data connection after the specified number of seconds the data connection will reset Reset Button Acton Reboot Periodic reset data connection ewi Save Figure 5 152 Entering time value for Periodical reset of the data connection The default value is 0 zero which means that the connection will never be restarted ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 214 of 272 5 7 SIM Here are the configuration pages related not only to the SIM card but also to the mobile module of the equipment You can see the current state and change the parameters Top ex Location SIM Remote User superuser Empowering Communicatons HOME F LAN F WAN Configuration sections F TUNNELS ROUTING SIM Service View SIM status signal level network registration ere Setup SIM parameters PIN SCN volume level SYSTEM SMS Read Read 5M5 messages F SERVICES SMS Send Send SMS messages SIM Status When you are done please use the COMMIT button to activate your settings settings SM5 Read SMS Send Stuff Commit Figure 5 153 General web page for the SIM Services Also fro
272. kere Link EC 1TZ zT d u 1B l1TZ XT lB5 T1 keel link Iai 1RI lB5 2 20 16 LEZ 168 1 145 keel Link mn Salen 142 165 1 8 ED 1TZz zT d u 1B ziEmEi link lmnd FIS 10 0 50 B8 50 xtetisc link aed WII 10 0 0 220 30 2StStie Link ard Vil 1u0 0 d0 0 z4 ZztmEbi Link Sard Fil ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 168 of 272 Bytton ICR 5 5 ROUTING E an upper part showing each of the four VT tables and rules lists Virtual Table VT1 10 0 59 64 30 dev brO proto static scope link metric 20 10 0 0 220 30 dev brO proto static scope link metric 12 10 0 0 0 24 dev brO proto static scope link 10 0 0 0 24 via 10 0 0 1 dev brO proto static metric 15 172 27 0 0 16 dev lanO proto static scope link Route List Virtual Table VT1 target gateway source proto scope dev tbl 10 0 59 64 30 static link br0 10 0 0 220 30 static link br0 10 0 0 0 24 static link br0 10 0 0 0 24 10 0 0 1 static br0 172 27 0 0 16 static link lanO Virtual Table VT2 39 41 125 78 31 dev lanO proto static scope link metric 15 172 27 0 0 16 dev lanO proto static scope link 10 0 0 0 16 via 10 0 0 1 dev brO proto static metric 15 Route List Virtual Table VT2 target gateway source proto scope dev tbl 39 41 125 78 31 static link lanO 172 27 0 0 16 static link lanO 10 0 0 0 16 10 0 0 1 static bro Virtual Table VT3 192 168 148 208 30 dev wan proto static scope link metric 20 192 168 0 0 16 dev wan proto static scope link Route Li
273. l temperature range and respectively from 25 up to 80 C in case of units built using h components in the industrial temperature range relative humidity from 5 to 95 non condensing The extended temperature range version can operate form 30 C up to 80 C ambient temperature but the case is not waterproof for outdoors usage you must ensure its protection against rain spay or saline mist You should avoid dust and prolonged exposure to sun radiation In addition Bytton ICR must NOT be used in a flammable or explosive environment or in locations where toxic or flammable gases may accumulate The equipment must be handled with care to avoid mechanical shocks and blows Bytton ICR should not be used in an environment with high level of EMI electromagnetic interferences that is in close proximity to high power equipment such as electric motors or heaters In addition it should not be placed near copiers PC monitors TV sets or other audio video appliances In order to ensure adequate working temperature the Bytton ICR interface must not be used too near heat sources or in direct sunshine Also it must not be overcrowded you must leave free space around below and above the Bytton ICR router This is needed both for connecting phones data antennas cables and also for ventilation natural air cooling to dissipate the heat generated during operation Remember when allowed operating temperature is exceeded this may n
274. ld be necessary to install a separate parallel collection of network cables and equipment which are kept separate from the primary network Compared to this hardware approach when you use VLANs a new logical subgroup within a local area network may be simply created via software fast and with low costs instead of manually moving Ethernet cables in the network switches Since Virtual LANs are location independent the VLAN of a certain department may be all over the building Users can move to another office or another building while remaining in the same LAN One of the greatest advantages of VLANs is precisely this when a computer is physically moved to another location it can remain logically in the same VLAN without any need for hardware reconfiguration Management LAN membership is easily defined by the network manager All modifications to the network are easier to perform since all the architecture can be changed by simple parametering of the switches via the Web configuration interface of Bytton VLAN membership can be configured through software instead of physically relocating devices or connections Costs Any software implementation is cheaper than its hardware counterpart Segmenting a large VLAN to smaller VLANs costs less than creating a routed network with routers because normally routers are more expensive than simple switches Also since traffic between different LANs is routed it is better to keep all traffic in a single L
275. ll variants of modules but the capabilities and price are different Some type of modules feature antenna diversity MIMO capabilities connection of two antennas for diversity reception or for achieving higher data rates Thus special Bytton equipments may feature four antenna connectors two for the MOB mobile data network HSPA LTE and two for the embedded WiFi module no voice capabilities and no WiFi with two data SIMs not concurrently for higher availability and with serial interface s for legacy devices It has holders for two data SIMs the device may be used with one or two SIM cards It may feature one serial interface SER2 Stil no voice capabilities but with WiFi for wireless local connection a single data SIM The four Ethernet connectors are present In this case the connector for WiFi antenna is present located near the center of the front panel together with the corresponding indicator LED for WiFi No serial interface with voice capability one FXS interface located to the left and also with WiFi one voice data SIM card The connector for WiFi antenna is present together with the corresponding LED for WiFi oince there are not two mobile modules it cannot perform LCR for two mobile carriers the variants with telephone port always use a single SIM card l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 9 of 272 Bytton ICR 1 INTRODUCTION CREE variant with one serial interfaces la
276. llows you to select two options SP when this option is selected the source port typed in the Port S field will be forwarded on the same port to the computer with the IP address from the IP D field If you select the SP option the Port D field will be filled only with the O value NP if you select this option you will have to fill the Port D area with the number of the new port to which you want to forward the port from the Port S field Port D the destination port This area is filled when the NP option is selected in the Same P New P section It represents the number of port where the source port is forwarded IP tables rules For each interface you can select depending upon direction protocol IP address and port number if the respective data packets will be accepted or deleted DROP Direction Protocol IP Port Accept Drop 10 64 65 65 344 Edit De Input e TCP 10 0 0 42 DROP Figure 5 77 IP tables accept reject rules section of the Firewall web page No the number of the rule for the iptables 1 2 and so on Interface select the type of the used interface in order to communicate with the Bytton equipment The available options are the same as for the Port forward section Direction select Input to open a communication link or Output to get out from the Bytton equipment Protocol select the communication protocol used The options are TCP UDP or ICMP IP t
277. lt it is disabled but you can set the Bytton equipment to restart the PPP data connection when it detects a broken link In the System Log you can see this feature in operation look for the messages which say Link is Up or respectively Link is Down Jan 1 00 01 11 bytton daemon info dnsmasq 1243 read etc hosts 1 addresses Jan 1 00 01 34 bytton daemon debug pppd 2163 Script etc ppp ip up finished pid 2192 status 0x0 Jan 1 00 01 35 bytton user notice root RESTART SERVICES Jan 1 00 01 35 bytton user info kernel br0 port l wlan0O0 entering disabled state Jan 1 00 01 36 bytton user info kernel br0 port 1 wlan0 entering learning state Jan 1 00 01 51 bytton user info kernel br port l wlan0 entering forwarding State Jan i 00702701L bytton cron err crond l994 USER root pid 2420 cmd net moni Jul 16 12 11 39 bytton user info kernel PHY mdio e0102120 05 Link is Down Jul 16 12 11 52 bytton user info kernel PHY mdio e0102120 05 Link is Up 100 Full Jul 16 12 12 01 bytton cron err crond 1864 time disparity of 22374010 minutes detected Jul 16 12 12 17 bytton user info pbx sms len 2085 Jul 16 12 12 37 bytton user notice root SAVE CONFIG DONE Jud 16 12 15 01 Dytton cron err Crond 16604 USER root pid 3203 cmd net moni Jul 16 12 13 20 bytton user info kernel PHY mdio e0102120 05 Link is Down Jul 16 12 13 32 bytton user info kernel PHY mdio e0102120 05 Link is Up 100 Full Jul 16 12 114 0LI Dytto
278. lue max 10g SAR GSM 0 153W Kg OCS 1800 0 615 W Kg UMTS 0 305 W Kg WLAN 0 057 W Kg Product has applied the conformity mark CE 0682 Supplementary information Notify Body involved CETECOM ICT Services GmbH is 0682 Technical file held by The technical documentation relevant to the BYTTON product is held at Rohde amp Schwarz Topex Company at the address mentioned above Place and date of issue of this DoGy egember 2011 Bucharest Romania Signature cai President Mr ADAMESCU Dan Q A Director Mrs PAUNOIU Carmen C Rotuse amp Schwarz opes SA weder muraged company SAN EUN ROS SADE COSY 15500714120 SAN USD 3C 7B8RDE S OSI Sito 1410 lude Bouni eg se 43021 09 004 Foca Imgismiboe come AO 5027 4 Capitae Srare 24000 SOR Bytton ICR Dear Client WEEE Directive Compliance This symbol applied on your product or on its packaging means that this product fulfils the WEEE Directive The product shall not be recycled as household waste it will be disposed separately as sorted waste Regarding to WEEE Directive the recycling EE equipments must be accomplish separately in purpose of natural resources preserving and to avoid the occurring negative effects about human health and environment The acquired product shall not be treated like household waste at the end of its life and will be returned to ROHDE amp SCHWARZ TOPEX S A Company at the address ROMANIA Bucharest Feleacu Street no 10
279. m here you may send or receive SMS messages from your PC using the mobile module of Bytton ICR 5 7 1 SIM Status This page shows you the current state of the active SIM card and of the GSM GPRS EDGE UMTS or HSPA module of Bytton ICR Topex Location SIM gt Status Remote User superuser Empowering Communications lemote User superuse S HOME LAN F WAN SIM Status Security unlocked TUNNELS Modem Version K2_0_7_43AP ROUTING IMSI 226102100414755 t cERVICES Signal Level 12 30 RSCP 86 dBm Signal Ec Io Tot Ec Io 5 0 dB Network 0 0 RO EEEF 1 UMTS HSDPA HSUPA CELL 2 1 03F2 00102CE3 2 Registration online Fo l SMS Send Stuff Figure 5 154 Example of SIM Status display for Bytton ICR in HSPA mode Bytton ICR 5 5 ROUTING EE Other actual SIM Status examples follow Security unlocked Security unlocked odem Version K2 0 7 43AP Jodem Version SWIS200X 03 00 08 02AP IMSI 226102410043179 IMSI 226018055132007 IMEI 3550600256988356 IMEI 358178040059414 Signal Level 12 30 RSCP 89 dBm Signal Level 8 30 RSCP RSCP dBm Signal Ec Io Tot Ec Io 5 5 dB Network 0 0 R0 Vodafone RO 2 3G Network 0 0 Limited Service 0 erro CELL 2 1 7D21 0C838945 2 CELL 2 3 Registration online Registration offline Security unlocked Security unlocked Modem Version HCGMR Modem Version K2 0 7 43AP IMSI 226030300590107 IMSI 226050001213062 IMEL 359769030366071 IMEI 355060025698866 S
280. ministrator admin has more rights access to additional settings which a normal user does not require advanced routing configurations and settings for drivers c 401 Unauthorized Microsoft Internet E If you type a different user name or if you enter an incorrect password more than three times in a row you will get the error message La Fie Edit View Favorites Tools Hel Q Back C3 x Ia Sei Searct Address JE https 192 1681 1 admin Connect again and be careful to enter the correct name and password 401 Unauthorized Figure 5 14 Login error message Unauthorized 401 Unauthorized Authorization required ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 40 of 272 5 1 7 Multiple Log in to the Web interface of Bytton Generally a complex system has several log in types different username and passwords allowing correspondingly more or les management rights These various users are allowed access to different sets of configurable parameters When someone logs in as user administrator or super user he will have accordingly different management rights access to some functions only or to all of the functions of the system For Bytton ICH two types of log in are currently implemented as Admin and respectively as Super User Admin The username is admin and the corresponding default password that you should replace afterwards with one of your own is 99admin11 as illustra
281. n of the equipment bro br1 lan lanO Link encap Ethernet HWaddr 00 19 70 49 F3 D7 inet addr 172 168 1 1 Bcast 172 168 1 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 383 errors 0 dropped 0 overruns 0 frame 0 TX packets 365 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 57956 56 5 KiB TX bytes 124681 121 7 KiB Link encap Ethernet HWaddr 00 50 C2 F5 23 27 inet addr 10 0 58 27 Bcast 10 0 58 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 0 0 0 B TX bytes 0 0 0 B Link encap Ethernet HWaddr 00 50 C2 F5 23 2A UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 410 errors 0 dropped 0 overruns 0 frame 0 TX packets 368 errors 1 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 73340 71 6 KiB TX bytes 124819 121 8 KiB Base address 0x2200 Link encap Ethernet HWaddr 00 50 C2 F5 23 27 inet addr 192 168 148 148 Bcast 192 168 148 151 Mask 255 255 255 252 UP BROADCAST MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 1 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 0 0 0 B TX bytes 46 46 0 B Base address 0x2000 l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 81 of 272
282. n Cron erri crond 195964 USER root pid 3449 cmd net moni Jul 16 12 14 02 bytton user info pbx NO NETWORK Jul 16 12 14 02 bytton user info pbx receveid offline Jul 16 12 14 02 bytton user info pbx voice stopped Jul 16 12 14 14 bytton user info pbx ONLINE Jul 16 12 14 14 bytton user info pbx clips active Jul l6 12 14 15 bytton userinfo pbx voice running Jul 16 12 14 46 bytton user info kernel PHY mdio e0102120 05 Link is Down Jul 16 12 14 47 bytton user info kernel PHY mdio e0102120 04 Link is Up 100 Full Jul 16 12 14 47 bytton user info kernel bri port l lan0 entering learning Stale Jul 16 12 14 51 bytton user info kernel PHY mdio e0102120 04 Link is Down Jul 16 12 14 51 bytton user info kernel bri port l lan0 entering disabled Slate Jul 16 12371970L DyGton Cron eri crond lso94 s USER foor pid 2709 cmd net moni Jul 16 12 15 38 bytton user info kernel PHY mdio e0102120 05 Link is Up 100 Full Examples Check link Enabled Interval 3600 No of pack 3 IP 1412587106 SRC IP 0 0 0 0 default Action Reset data link Figure 5 59 Example with values of settings for the PPP Check Data Link feature l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 126 of 272 Bytton ICR 5 CONFIGURATION With the above settings Bytton will send every hour 3600 seconds a number of three ping packets to the remote IP address 74 125 87 106 with IP source the IP of the SIM connection When Bytto
283. n ICR such as VRRP SNMP Telnet configuration and activation of serial ports control via SMS Dynamic DNS Client for NTP and finally the function of the RST button a topex Router Configuration gt Location SERVICES Remote User superuser Empowering Communicatons emoi User superuser HOME LAN WAN Configuration sections SERVICES Configuration Pages Settings Configure the Dynamic DNS dient WAN Port Configure the Network Time Protocol cient PPPoE ebcarr Configure the webcam settings PPP Lese Configure the reset button F TUNNELS ROUTING SYSTEM Y SERVICES SNMP When you are done please use the COMMIT button to activate your settings Figure 5 127 SERVICES configuration web page for services Depending upon different factors all of the services features may be available to you or only the most basic ones which are to be found in any software version such as SNMP DDNS NTP and Reset SERVICES SNMP SNMP VRRP SERVICES SNMP VRRP VRRP SERIAL ES Telnet SERVICES SMS SMS UE SERIAL DDNS T CES SMS DONS Figure 5 128 Illustation of different menus for SERVICES These factors include the actual firmware version or variant which may contain a lower or higher number of features the hardware equipping of your Bytton device SERIAL is available only if it is fitted with one or two serial interfaces Webcam makes sense only when the device has an active US
284. n ICR does no longer receive a reply to the PING issued it will restart reset the SIM data connection Warning The number of ping packets must not be excessively large and the checking interval must not be too small because this could generate a heavy traffic over the data link See below calculations of the traffic load for different settings Traffic load calculation 60 bytes for one ping packet 3 packets 180 bytes for one hour 180 24 4320 bytes for one day 4320 31 2 133920 bytes per months 133920 12 1607040 bytes per year 1607040 1024 1569 37 KB per year 1569 375 1024 1 53 MB per year ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 127 of 272 5 4 TUNNELS Settings for the IP tunneling which allow building of secure virtual private networks over public data networks Top ex Location TUNNELS Empowering Communications Remote User superuser HOME F LAN F WAN Configuration sections TUNNELS E Enabling and configure the GRE IPSEC PPTP Ld 3RE Configure the GRE IP tunnels settings IPSEC IPSEC Configure the IPSEC tunnels settings OVPN PPTP When you are done please use the COMMIT button to activate your settings Tunnels Configuration Pages ROUTING t SYSTEM SERVICES SIM Figure 5 60 Aspect of the TUNNELS web configuration page These Tunnels Configuration Pages has several sections according to the type of tunnels you want to use GRE IPSEC PP
285. n tents nnne 267 14 Annex 4 System upload examples n 271 E ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 7 of 272 Bytton ICR Dear Client RECORD OF CHANGES MADE BY DATE NUMBER OF A TITLE OR BRIEF PARAGRAPH M DESCRIPTION D May 2012 A M D First draft MobileCarrierB 3 0 0 C Malide FA O b A M D A M D A M D A M D A M D A M D June All Revision MobileCarrierB 3 0 0 C Malide New labels MIMO FA O enabled variant four antennas Eth x interfaces renamed July All Revision MobileCarrierB 3 0 0 C Malide ETH ports Alias FA Bridge VRT QOS July All Updating GENERIC topex 3 0 1 FA S C Malide version form ORANGE variant and 3 0 1FAS firmware id b 19 July Updating firmware topex 3 0 3 FA S C Malide form 3 0 1FAS to 3 0 3 31 July C Corrections and Same firmware C Malide Feedback from Q A No software update Same firmware Malide just Feedback and Corrections EE LL 1 11 1 1 1 1 151 1 1 111 1 1 1 1 ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 8 of 272 Bytton ICR 1 INTRODUCTION E 1 INTRODUCTION Embedded Modem The embedded modem of Bytton ICR is a 4G LTE or 3 5G HSPA UMTS engine multi mode device downwards compatible with GPRS EDGE GSM networks It measures in real time the RF signal level strength of the mobile network and lets the user to freely choose the 2G or 3G network T
286. n user notice kernel SCSI subsystem initialized Jan 1 00 00 22 bytton user info kernel usbcore registered new interface driver usbfs Jan 1 00 00 22 bytton user info kernel usbcore registered new interface driver hub Jan 1 00 00 22 bytton user info kernel usbcore registered new device driver usb Jan 1 00 00 22 bytton user info kernel Freescale Elo Elo Plus DMA driver Jan 1 00 00 22 bytton user info kernel Sangoma WANPIPE Router v1 1 c 1995 2000 Sangoma Technologies Inc Jan 1 00 00 22 bytton user info kernel cfg80211 Calling CRDA to update world regulatory domain Jan 1 00 00 22 bytton user info kernel Switching to clocksource timebase Jan 1 00 00 22 bytton user info kernel NET Registered protocol family 2 Jan 1 00 00 22 bytton user info kernel IP route cache hash table entries 2048 order 1 8192 bytes Jan 1 00 00 22 bytton user info kernel TCP established hash table entries 8192 order 4 65536 bytes Jan 1 00 00 22 bytton user info kernel TCP bind hash table entries 8192 order 3 32768 bytes Jan 1 00 00 22 bytton user info kernel TCP Hash tables configured established 8192 bind 8192 Jan 1 00 00 22 bytton user info kernel TCP reno registered Jan 1 00 00 22 bytton user info kernel UDP hash table entries 256 order 0 4096 bytes Jan 1 00 00 22 bytton user info kernel UDP Lite hash table entries 256 order 0 4096 bytes Jan 1 00 00 22 bytton user info kernel NET Registered protocol family 1 Jan 1 00 00
287. nary authentication is requested by means of an Username and corresponding Password The most secure option is STARTTLS advanced ESMTP authentication feature ESMTP over secure TLS SSL connection This is standardized in RFC3207 SMTP Service Extension for Secure SMTP over Transport Layer Security It is used to increase the security of mail server transactions A few examples of names IP addresses of mail servers and ports used by these Mail adelphia net or 75 180 132 91 pop3 live com or pop juno com the well known Gmail service uses for POP the port number 995 and the connection must be secure TLS SSL required Yahoo uses Incoming Mail POP3 Server pop mail yahoo com needs SSL port 995 and Outgoing Mail SMTP Server smtp mail yahoo com also use SSL port 465 need authentication Standard ports for mail are POP3 port 110 SMTP port 25 Secure SMTP SSMTP port 465 Secure POP3 SSL POP port 995 Many ISPs do block the standard port for outgoing email port 25 so you may have to change the smtp ports to 587 or 26 The meaning or usage of other fields is quite obvious Authentication User Pass e Username Username Password From mail amp example com To mail example com Subject Bytton report Figure 174 Configure the other parameters for E mail reporting of Bytton To is the real destination e mail address while From is a dummy field you must complete it so the recipient does kn
288. nel LED turns off ESSID EyttonHsPA To indicate inactivity all the following fields will be colored in gray ESSID Visibility Show ESSID showing you that this section is inactive you cannot perform Operating Mode Access Point changes here ESSID name of the Wireless LAN FSSID nternetCaffe ANTARES ESSID is a unique name of length up to 32 keyboard characters which identifies the embedded wireless Access Point of BYTTON in the wireless LAN All devices in the wireless network must have the same ESSID We strongly recommend changing the default which is ByttonHSPA ESSID Visibility Shows or hides the ID making your router ESSID visibility Show ESSID i visible invisible to others By default an ESSID is visible meaning it Operating Mode BESSE is being broadcasted to all Wi Fi devices placed in its area thus Hide ESSID making the network prone intruders Operating Mode Access Point standard mode of operation Bytton ICR acts as a a base station for several Wi Fi clients Operating Mode EAccess Point i Station BYTTON acts as a Wi Fi client instead it connects to N A an existing Access Point Station Radio Channel Bridge Bridge performs transparent bridging between two remote Access Points also known as Wireless Distribution System WDS that allows connecting to several APs It is most commonly as a Wi Fi repeater located midway between two APs Connection Mode It has two options Infrastructur
289. ng is enabled however the router performs an additional verification over the physical address EE LL 2511 5 2511 1 11 11 eee cS SS sss aaa ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 250 of 272 Bytton ICR 9 Glossary ee MIMO Multiple input multiple output technique has been established for mobile data communications as early as 1996 In the beginning the MIMO applications were targeted towards useage with WiFi and WiMAX local networks since it was much easier to integrate MIMO into emerging devices than into the 3G market where the standards were already established But in the meantime the expanding standard 3G LTE long term evolution has adopted MIMO and is on the rise This is why MIMO or dual antenna technique can be used both on the WLAN and WWAN sides of Bytton ICH Generally in radio communications diversity space or frequency reception has been used for a long time to solve the problem of multipath fading variable propagation The MIMO technique supports enhanced data throughput even under conditions of interference signal fading and multipath MIMO technology antenna systems is currently used in high bandwidth wireless communication meaning both LTE mobile data networks and advanced WiFi local wireless connections The corresponding standards are 3GPP LTE IEEE 802 11n and respectively WiMAX MIMO Advantages in modern digital communications MIMO technology add space diversity
290. ng messages you must delete some of the older SMS After deletion click SMS Read to collect your new messages from the server The new message will be displayed at first at the bottom of the list with the status UNREAD 17 REC READ 40754043064 12 07 18 11 41 094 12 AT CREG 18 REC READ 40754043064 12 07 18 18 11 524 12 rx note is 490380483039148901234890 19 REC READ 40753779863 12 07 06 12 33 43 12 Info 20 REC READ 40754043064 12 07 18 18 12 094 12 AT CGSN 22 REC READ 40753779863 12 07 06 12 48 01 12 Load 30 REC READ 440754043064 12 07 06 13 05 01 12 AT CREG 31 REC READ 440754043064 12 07 06 13 05 26 12 AT CREG 32 REC READ 440754043064 12 07 06 13 05 35 12 AT CGSN 21 REC UNREAD 40732056277 12 07 18 18 49 24 12 Datt jge mjh m Delete message with index Figure 5 167 Displaying a new message at the bottom of the list SMS Read and following the next Read command it will be sorted upon the ID field and placed in its proper chronological position Also its status is now RECeived and READ ID STATUS FROM DATE TEX 1 REC READ 440732056277 17 06 28 10 30 50 177 janet will arrive tomorrow A 2dr 2 REC READ 4 407540435064 12 06 28 11 11 11 12 never forget to comply with safety instructions 3 RECREAD 40754043064 12 07 06 15 42 38412 first page will be overwritten now 4 REC READ 44073 1040784
291. ng state Jan 1 00 00 52 bytton user info pbx modem port opened Jan 1 00 00 53 bytton user notice root Start Quagga Sep 26 12 18 04 bytton user notice root NTP SYNC to CROND Sep 26 12 18 07 bytton user notice root Configuring the OPENVPN Tunnel Sep 26 12 18 07 bytton user info kernel tun Universal TUN TAP device driver 1 6 Sep 26 12 18 07 bytton user info kernel tun C 1999 2004 Max Krasnyansky Sep 26 12 18 08 bytton user notice root OVPN INT tund Sep 26 12 18 08 bytton daemon notice openvpn 2951 OpenVPN 2 2 2 powerpc linux SSL LZ2O2 EPOLL eurephia built on Mar 20 2012 Sep 26 12 18 08 bytton daemon warn openvpn 2951 NOTE OpenVEN 2 1 requires script security 2 or higher to call user defined scripts or executables Sep 26 12 18 08 bytton daemon warn openvpn 2951 WARNING file etc openvpn client key is group or others accessible Sep 26 12 18 08 bytton daemon notice openvpn 2951 Exiting Sep 26 12 18 13 bytton user notice root Selected SIMO Sep 26 12 18 13 bytton user info pbx clips active Sep 26 12 18 13 bytton user info kernel USB Serial support registered for p12303 Sep 26 12 18 13 bytton user info kernel usbcore registered new interface driver p12303 Sep 26 12 18 13 bytton user info kernel pl2303 Prolific PL2303 USB to serial adaptor driver Sep 26 I2 18 13 bytton user notice root CK for USB Serial Sep 26 12 18 14 bytton user notice root Have USB Serial port dev ttyS1 Figure 5 150 Time j
292. nly to the nodes in the respective virtual LAN Membership is not dependent upon physical location or hardware but instead is defined by the Manager of the network hence the name virtual LAN Why use VLANs to minimize the broadcast domain Broadcasts are required for the normal function of a network Many protocols and applications depend on broadcast communication to function properly But certain network devices will send out large amounts of broadcast traffic that can really slow down the network especially when it reaches a certain size usually 600 devices or more A layer 2 switched network is in a single broadcast domain and the broadcasts can reach the network segments which are so far where a particular broadcast has no scope and consume available network bandwidth A layer 3 device typically a router is used to segment a broadcast domain VLANs may be used to segment a network thus limiting the amount of broadcast by segmenting a large LAN to smaller VLANs the broadcast traffic will can be reduced as each broadcast will be sent on to the relevant VLAN only With VLAN there will be less ARP messages and broadcasts for Security VLANs can be used as a security device to prevent specific hosts from seeing other hosts The VLAN technique may help to restrict sensitive traffic originating from an enterprise department within M ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 96 of 272 Bytton ICR 5 CONFIGURATI
293. ns of the mobile module and of your 3G provider you may need only one AT command or several There are five AT Init Command fields if there is no need to use all of them fill the remaining with AT You should not leave empty fields in this section ES ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 123 of 272 Bytton ICR 5 CONFIGURATION CH AT Dial Command Dial String the AT command used to dial to the ISP which includes the mobile phone number to be dialed The AT command for dialing is ATD and the telephone number for most mobile data operators is a short one such as 99 or 99 1 This is a formal number the command tells the modem to dial the data carrier When using up to date modems this phone number is no longer required the intelligent modem already knows which number to dial for the data connection Connection settings Here you may set up the parameters for the PPP E rz Username username connection to the mobile Internet provider Figure 5 54 PPP Advanced settings parameters for the MTU wireless Data Link f Idle Time Authentication allows you to select the method of authentication Authentication SIMO PAP since the two SIM cards may be for different carriers you can select MONTEM authentication method separately for SIMO and SIM1 Authentication SIMI CHAP v Authentication E Default 2 Default means it will authenticate upon request from the server it accepts
294. null 7878 null 41263 TIME WAIT w o servers State Active UNIX domain sockets Proto RefCnt Flags Type I Node Path EE LL 11 5 1 11 1 111 1 1 111 111 1 1 1 a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 265 of 272 Bytton ICR pe d unix Q org kernel udev udevd unix unix unix unix unix unix unix 2 9 NO NM NN ND ND r Pe Pe Pe Pe Pe kel kel kel RE kel d DGRAM DGRAM DGRAM DGRAM DGRAM DGRAM DGRAM DGRAM 480 726 3962 1614 1544 1539 1022 757 dev log now the Internet connection has been re established hence the mention servers and established and most of the links are listening or established Active Internet connections servers and established Proto Recv Q Send Q tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp tcp udp udp udp udp udp 0 OO OO OO OO OO OO OO OO OO O O 0 OO OO OO OO OO OO OO OO OO O O null null null null null null null null null null null null null null null null null null null null Local Address 7878 2222 2223 domain 184 443 7878 7878 7878 443 7878 7878 7878 7878 7878 domain bootps snmp 1967 37331 Foreign Address null
295. number ip protocol PROTO route map ROUTE MAP ip route A B C D A B C D A B C D INTERFACE reject blackhole ip route A B C D A B C D A B C D INTERFACE reject blackhole 1 255 ip route A B C D M reject blackhole 1 255 ipv6 access list WORD denylpermit X X X X M key chain WORD line vty list log facility kern user mail daemon auth syslog Ipr news uucp cron local0 local1 local2 local3 local4 local5 local6 local7 log file FILENAME log file FILENAME emergencies alerts critical errors warnings notifications informational debugging log monitor log syslog emergencies alerts critical errors warnings notifications informational debugging log timestamp precision lt 0 6 gt EE LL 5 1511 1 1 51511 111 111 111 a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 268 of 272 Bytton ICR 13 Annex 4 Quagga Commands p no access list lt 1 99 gt lt 100 199 gt lt 1300 1999 gt lt 2000 2699 gt WORD no access list lt 100 199 gt lt 2000 2699 gt deny permit ip host A B C D host A B C D enable exit list ping WORD ping ip WORD ping ipv6 WORD quit show bgp show bgp X X X X show bgp X X X X M show bgp X X X X M longer prefixes show bgp community show bgp community AA NN local AS no advertise no export show bgp community AA NN local AS no advertise no export AA NN local AS no advertise no export show bgp commun
296. of mobile modems available for different frequency bands mobile technologies and data rates HSPA with speeds of 42 Mbps modules for LTE 4G connections with antenna diversity allowing download speeds of 42 Mbps are available can connect to mobile networks in the 850 900 1800 1900 MHz ranges for GSM GPRS and respectively 850 900 1900 2100 MHz ranges for WCDMA respectively 2600 MHz for LTE backward compatibility form HSPA down to GPRS and GSM ES ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 3 of 272 Conformity e ROHDE amp SCHWARZ Rohde amp Schwarz Topex S A Declaration of Conformity We designer and manufacturer Rohde amp Schwarz Topex Feleacu 10 17 District Bucharest 014186 ROMANIA www topex rohde schwarz com Declare under our sole responsibility that the product Product Name BYTTON Product Description 3G Router with WIFI to which this declaration relates is in conformity with the essential requirements and other relevant requirements of the R amp TTE Directive 1999 5 EC The product is in conformity with the following standards and or other normative documents Health amp Safety Art 3 1 a EN 60950 1 2006 IEC 60950 1 2005 EMC Art 3 1 b EN 301489 1 V 1 6 1 EN 301489 7 V 1 3 1 EN 301 489 17 V 1 2 1 EN 301 489 24 V 1 4 1 Spectrum Art 3 2 EN 301511 V9 0 2 EN 301 908 1 V2 2 1 EN 301 908 2 V2 1 1 300328 V1 7 1 SAR EN 50392 2004 2 Va
297. ogy 4G Fourth generation wireless the next stage of broadband mobile communications According to the ITU specifications es a 4G network requires a mobile device to be able to exchange data at 100 Mbit sec A 3G network on the other hand can offer data speeds as slow as 3 84 Mbit sec Several technolgies are used for 4G data networks such as using Long Term Evolution LTE or Worldwide Interoperability for Microwave Access WiMAX Generally OFDM is used a type of digital modulation in which a signal is split into several narrowband channels at different frequencies This is more efficient than TDMA employed in 2G which divides channels into time slots and has multiple users take turns transmitting bursts or WCDMA uesd by 3G which simultaneously transmits multiple signals on the same channel 4G does not mean only higher data rates but also other enhancements simultaneous connections to multiple high speed networks that provide seamless handoffs throughout a geographical area and better coverage using femtocells and picocells Broadband A type of data transmission in which a single medium radio cable or fiber optics carries several channels of data at once Broadband is also associated with high transfer speed at least 300 Kbps UMTS technology qualifies for mobile broadband connection and HSPA or LTE are even better Device name Also known as DHCP client ID or network name Some ISP provide the customers with such device name
298. om Smtp server port Authentication User Pass el After setting the E mail feature to uu Enabled the filelds become editable Smtp server port ls 1 you must configure the parameters Authentication STARTILS e Figure 5 172 Enabling and configuring the SMTP service for reporting Bytton ICR 5 5 ROUTING pem M H M Smtp server address the name or address of the SMTP port used for mail Enter here the mail server that will be used to handle outgoing messages Simple Mail Transfer Protocol is as its name indicates a simple Internet standard for electronic mail defined first in 1982 and last updated by RFC 5321 name or address means that you can type either the human form name of the server such as Mail4 topex eu or smtp gmail com or the machine form that is the IP address of the respective servers such as 77 238 184 86 or 213 165 64 42 Smtp server port By default SMTP uses TCP port 25 or port 587 for submission but other ports 465 may also be used You can enable or disable the ICMP redirect feature for receiving and Authentication l i or respectively sending out data packets over the local network Username Password Figure 173 Enable or disable and configure the Authentication feature You can leave it to None meaning no authentication at all is required or choose either User Pass when ordi
299. on or no registration Blinking show activity when the signal is stronger the blinking becomes faster For instance when you insert a wrong SIM at startup the indicator will blink since the equipment tries to register to the mobile network but then it will turn off when the equipment finds out that registration is not possible Note n case of Bytton ICR devices that are not equipped with Mobile modules the SGN led will be also missing DATA green LED Indicates active connection to the mobile data network and its type If it lights up steadily the network is 2G technology when it blinks it means the network is 3G WiFi green LED lights up to indicate that the WiFi function is active enabled Note 1 When the Bytton device is not equipped with WiFi mobile Access Point the corresponding indicator will also be missing 2 When the WiFi of Bytton is set to Station instead of the default Access Point function the green indicator LED will be turned OFF even if the wireless module is active it acts as a client not as server Power LED under the recessed Reset button PWR Green LED Off 2 no power On indicates that Bytton ICR is powered Of course if the power supply voltage is off no indicator LED will light RST Reset button Pair of yellow green rectangular LEDs embedded into each ETH connector WAN Green LED Off no cable connected to the WAN On physical connection to Ethernet network
300. on equipment fitted with the same 3G module and with the same mobile data subscription from the MobileCarrierB wireless voice data operator is shown in three situations from left to the right no signal at all external Mobile antenna not connected thus online and no signal or cell indication with good signal and registration but data net in error and finally with data connection active it show not just the network but the 3G technologies actually available The status of the Sim card and mobile module is automatically read every five seconds The following information items are displayed Security Unlocked or OK means the SIM is active Locked by PIN means the SIM card is asking the PIN code to perform unlock As an additional security measure the SIM card is also provided with a PUK code requested after three wrong PIN codes Modem Version it is read from the 3G module displays a string such as 2 0 3 1 P or K2 0 7 35AP which is very useful as information for debugging or when you need to replace the equipment IMSI International Mobile Subscriber Identity subscriber s identity SIM card identity This is a unique 15 digits code number that identifies a mobile subscriber to the network When the Topex Bytton ICR s mobile module detects an active SIM card it will query and display the IMSI code Since the IMSI code is related to the SIM when you change the SIM card or when a dual SIM equipment selects the second SIM
301. opped 0 overruns 0 frame 0 TX packets 417 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 923597 901 9 KiB TX bytes 141158 137 8 KiB Base address 0x3000 The Routing table in this case will be Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 172 168 1 12 0 0 0 0 255 255 255 252 U 0 0 0 lanl 172 168 1 0 0 0 0 0 255 255 255 0 U 0 0 0 brO 192 168 0 0 0 0 0 0 255 255 0 0 U 0 0 0 wan 0 0 0 0 192 168 1 8 0 0 0 0 UG 0 0 0 wan Second WAN To configure the second Eth Wan port of Bytton IC click the other SW LANL LAN blue link LANO WANO located at the bottom of IP Settings for LAN configuration page LANOYWANO to enter the configuration sub page for the LANO WANO ETH interface of Bytton as shown IP Settings LANO WANO LANO WANO LAND Le IP Address 0 0 0 0 Netmask D 0 0 0 Thus when you leave it to the default LANO the port labeled LANO WANO ethO will remain bridged in the LAN switch together with the other two interfaces that are unconditionally for LAN bridge name bridge id STP enabled interfaces br agoog g01957049f3d7 no lan lan wlan The bridge also includes the WiFi embedded access point wlan0O ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 58 of 272 Bytton ICR 5 CONFIGURATION But should you set it to WANO instead of the default LANO without IP it will be taken out of the LAN switch LA
302. or EIA 485 this is established at the factory Type of serial link When you order the Bytton ICR equipment with serial interfaces you must specify whether the serial interface shall be RS 232 or RS 485 The selection is done in the manufacturing process the type cannot be changed via Web interface for configuration or by means of jumpers This choice determines the voltage level and the pin assignment on the RJ 45 connectors RS 232 RS 232 connection in not of the minimal 3 wire type consisting only of transmit data receive data and ground but includes also hardware flow control it also uses the RTS and CTS lines 5 wire version RTS is Request To Send issued from the DTE towards the DCE telling it to be prepared while CTS is Clear To Send issued by the DCE to show that it is ready to accept data RS 485 When you specify the variant with serial interfaces implementing the EIA 485 standard you get an interface with multi drop capability which may be used effectively over long distances and in electrically noisy environments The RS 485 variant is often used in industrial environments and similar field applications Bytton ICR implements the full duplex four wires mode of operation The signal ground is also available on the connector although it is not absolutely required The connector has a termination resistor connected across the two wires of each pair to eliminate reflections and two powered resistors to bias
303. ordinary blocks 34 KiB Ordinary blocks 4 Small blocks 1 see system documentation for mallinfo for meaning Temporary memory 19 String vector 3929 Vector f 2057 l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 269 of 272 Bytton ICR 13 Annex 4 Quagga Commands pi Vector index 2057 Link List 42 Link Node 33 Thread 6 Thread stats 6 Thread function name 12 VTY 2 Interface 14 Connected 6 Route node 16 Command desc 1972 Logging 1 Work queue 2 Host config 4 VRF 1 VRF name 1 Nexthop 7 RIB 7 Memory statistics for ripd System allocator statistics Total heap allocated 264 KiB Used ordinary blocks 248 KiB Free small blocks 16 bytes Free ordinary blocks 16 KiB Ordinary blocks 3 Small blocks 1 Temporary memory 1 String vector 4122 RIP structure 1 RIP route info 3 RIP interface 13 l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 270 of 272 14 Annex 4 System upload examples Another example of firmware updating Before update the version of firmware running on Bytton ICR is is 3 0 1 FA S Topex HOME LAN F TUNNELS ROUTING SYSTEM Status Logs Password Update Defaults save CFG Load CFG GM SERVICES Stuff This procedure will update the firmware to the most recent version 3 0 3 FA S Search ICR LL d uA LE y ie NOOSE S SUE EE ME c OX NG dreit s Er LL jiet
304. oss The longer the data packets sent the higher propagation delay you will see PING 127 0 0 1 127 0 0 1 14000 data bytes 14008 bytes from 127 0 0 1 seq 0 ttl 64 time 1 731 ms 14008 bytes from 127 0 0 1 seq 1 ttl 64 time 1 293 ms 14008 bytes from 127 0 0 1 seq 2 ttl1 264 time 1 245 ms 14008 bytes from 127 0 0 1 seq 3 ttl 64 time 1 343 ms 14008 bytes from 127 0 0 1 seq 4 ttl 64 time 1 248 ms 127 0 0 1 ping statistics 5 packets transmitted 5 packets received 0 packet loss round trip min avg max 1 245 1 372 1 731 ms PING 127 0 0 1 127 0 0 1 48008 bytes from 127 0 0 1 48008 bytes from 127 0 0 1 seq 1 48008 bytes from 127 0 0 1 seq 2 127 0 0 1 ping statistics 3 packets transmitted 3 packets received 0 packet loss round trip min avg max 4 125 5 995 8 758 ms 48000 seq 0 data bytes ttl 64 time 5 103 ms ttl 64 time 4 125 ms ttl 64 time 8 758 ms When both addresses are in the local networ the time of waiting for the answer is short PING 127 0401 L27 0 0 1 from 192 1095 1 1490 31 data bytes 39 bytes from 127 0 0 1 seq 0 ttl 64 time 0 572 ms 39 bytes from 127 0 0 1 seq 1 ttl 64 time 0 374 ms 39 bytes from 127 0 0 1 seq 2 ttl 64 time 0 374 ms gt gt D SE E ping statistics e 3 packets transmitted 3 packets received 0 packet loss round trip min avg max 0 374 0 440 0 572 ms The results are displayed in the upper panel in the example below for four packets of 455 data bytes each
305. ot have an immediate visible effect on the BYTTON unit but it can result in unreliable operation accelerated ageing and hence diminishing of lifetime When selecting the location for installing Bytton ICR and its external antennas you must remember the recommendations described in the chapter about mounting the equipment Bytton ICR equipment does not include materials or components that are harmful to the environment When the life cycle of this equipment is finished and it cannot be repaired or re used anymore you should dispose of it in accordance with laws and legal regulations that are valid in your area EE LL 1 2511 1 1 1 11 111 111 1 1 111 195 a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 244 of 272 Bytton ICR 8 APPLICATIONS 8 APPLICATIONS 8 1 Wireless gateway firewall router using the 3G networks The Bytton family was designed primary for wireless use where it connects several computer one or more cabled and on wireless local networks or peripheral devices by means of its embedded 3G modem The radio modem can connect to a wide range of LTE UMTS HSPA or GSM GPRS mobile voice and data networks Bytton ICR acts as a powerful residential gateway being a compact all in one box NAT PAT router firewall connected to Internet via mobile broadband HSPA or LTE technology You may connect to the Bytton ICR equipment several wireless and wired Ethernet clients that is notebooks
306. ote User which shows you the name that was used for log in Admin or respectively Superuser as shown in the above example Remote User superuser Note After you change the settings in any page if you want to use the new settings don t forget to press the Save button if you want to keep these settings Otherwise if you click any other link you will reach another configuration page and the new settings will be lost l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 46 of 272 SIM Status Settings SMS Read SMS Send Stutt Commit To make these new parameter permanent i e available even after restarting or resetting the equipment you need to use the Commit button located at the bottom of the Menu list This will save the new settings into the permanent memory of the Bytton ICR router Additional menu items available for Superuser LAN IP Settings DHCP Server WiFi Settings Bridge VLAN 802 1X Eth Port MTU F WAN TUNNELS GRE IPSEC OVPN PPIP ROUTING Firewall Routes Dynamic Virtual R T QUOS SYSTEM Status Logs Fassword SYSTEM Status Logs Password Update Defaults save CFG Load CFG Y SERVICES SNMP VRRP SERIAL SMS DONS SIM Status Settings SMS Read SMS Send Stuff Email Auto cfg BW Test Commit As you can see the sub pages are the same but several of them now include more items than in case of logging in as Admin
307. ou may perform several settings related to the mobile module and to the SIM card s Top X J Location SIM gt Settings ut Remote User superuser HOME FLAN TUNNELS l T Service Center Number 40749999000 ROUTING oto TEM SERVICES DIN SIM1 0000 SIM Service Center Number Simi 40752004000 Status Settings Audio Rx Level GE Audio Tx Level SMS Send m Network Mode Automatic kel n GZ SIM Settings k d k d Network Order Automatic Search m Please use the COMMIT button to activate your changes Figure 5 159 SIM Settings for the dual SIM Bytton ICH PIN SIMO SIM Settings for the Dual SIM Bytton ICR E In case of equipments that have dual SIM capability the first two fields PIN and SCN will be doubled since one PIN SIM1 is needed for each SIM Thus you will hahe two pairs PIN Cenir Coke Mass Gel SECH SCNO and respectively PIN SIM1 SCN1 as Audio Rx Level n PIN SIMO enter PIN code for the first SIM card Service Center Number full telephone number for the first SIM In order for the SMS facility to operate you must set the correct number This is the SMS center of the first GSM operator Enter here the full phone number of the GSM carrier between quotes like 40744946000 in this example PIN SIM Service Center Number 40744946000 Figure 5 160 PIN for SIMO 1 and corresponding SC Numbers PIN SIM1 enter PIN code for the respective SIM card 1234 is
308. outing is performed but before eaving an interface INPUT Right before they are sent a local process the rules apply to external packets that are sent to the equipment OUTPUT Right after they are generated by a local process rules apply to packets that et out of the BYTTON router FORWARD transfer operations the data packets are coming in through one interface and getting out via another interface All these sections may be seen and changed or supplemented in the Firewall Settings Don t forget to use the Save button at the bottom l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 147 of 272 View Active Rules When you click this link a web page opens up allowing you to see the active rules View Active Rule for the firewall rules that you have set in the previous section Note that at the beginning on top of the page you can see a line that says generated by iptables on Date Time where the timestamp indicates the real moment when the new rules have been saved into the Bytton ICR equipment Examples of such timestamps f Generated by iptables save vl 3 3 on Mon Feb z lz 16 45 009 pb Firewall view rule Generated by iptables save v1 4 10 on Tue Jul 17 10 56 55 2012 mangle z PREROUTING ACCEPT 80114 7739815 L OMM L L E Completed on Wed Jul 4 10 52 05 z 1z Generated by iptables save v1 4 10 on opm CUM EU mangle z PREROUTING ACCEPT 3529 374475 Bytton ICR 5 5 R
309. ow that the message comes from Bytton ICR but it is not a real e mail address it cannot be used for receiving messages The Subject field set by default to Bytton report can also be changed to the words or phrase that you want to use Finally Schedule in hours as its name suggests is the time interval following which the status report will be sent out With the default settings the Bytton report shall be sent by e mail every 24 hours N ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 226 of 272 5 8 2 Auto configuration The Auto provisioning section may contain settings to several means by which Bytton imports by itself the configuration file required to operate Topex Location Autoprovisioning Remote User superuser Empowering Communicatons Lemot User superuse HOME LAN WAN TUNNELS ROUTING SYSTEM SERVICES SIM Stuff Email Auto cfq BW Test Autoprovisioning Autoprovisioning SEs Sf e HTTP Disabled e FIP Disabled v Address Path Username Password Port Address Path Port Please use the COMMIT button to activate your settings Figure 5 175 Autoprovisioning settings for automatic retrieval of configuration file First of all to use it you must Enable the Autoprovisioning feature by default it is disabled so all fields below it are colored in gray showing they are not editable When you Enable the Auto provisioning feature the following fields
310. owid 12 1 match 00060000 00ff0000 at 8 match 05000000 0f00ffcO at O ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 173 of 272 Bytton ICR 5 5 ROUTING pemm M M M match 00100000 00ff0000 at 32 filter protocol ip pref 20 u32 filter protocol rp pref 20 u22 fh 8027 ht divisor i1 filter protocol ip pref 20 u32 fh 802 800 order 2048 key ht 802 bkt 0 flowid L2213 match 00000000 00000000 at 12 ilta peetecel ip praf 20 u32 fh 802 ht divimor 1 Tiltas G t ip pzaf 20 232 Zh 80222800 Sens 2048 kay ht 802 bkt 0 flowid 12 13 match DO00D0000 00000000 at 12 Tit m mun OR be ee Fun ee ee um cm a occa QoS Details On top of the QOS page you can see the QDISC listing qdisc pfifo fast 0 dev wlanO root refcnt 2 bands 3 priomap 1222120011111111 qdisc prio 1 dev lan0 root refcnt 2 bands 2 priomap 1111111111111111 qdisc pfifo 11 dev lan0 parent 1 1 limit 1000p qdisc htb 12 dev lanO parent 1 2 r2q 3 default 0 direct packets stat 0 qdisc sfq 1211 dev lanO parent 12 11 limit 127p quantum 1514b perturb 10sec qdisc sfq 1212 dev lanO parent 12 12 limit 127p quantum 1514b perturb 10sec qdisc sfq 1213 dev lanO parent 12 13 limit 127p quantum 1514b perturb 10sec qdisc ingress ffff dev lanO parent ffff fffl qdisc prio 1 dev wan root refcnt 2 bands 2 priomap 1111111111111111 qdisc pfifo 11 dev wan parent 1 1 limit 1000p qdisc htb 1
311. p SCHWARZ TOPEX S A router please have in mind these considerations If you use wired connections the length of the Ethernet cables that connects the Bytton routers the network must not exceed 100 meters Bytton ICR should be placed on a flat sturdy surface located as far from the ground as possible A high location on the wall or on top of a desk or a shelf is best both for the GPRS or HSPA connection Also Bytton ICR should be kept clear of obstructions and away from heat sources direct sunlight and heavy duty electrical equipment To ensure good coverage to all of the wireless mobile devices in your area Bytton ICR should be installed in a central place in the building Normally the antennas should be in vertical position but if reflections occur you may get better results by changing their orientation For power supply use only the adapter shipped with Bytton ICR The jacks of different power supplies may fit but the polarity current voltage or regulation factor may not be compatible While the device is in operation the antennas of the Bytton ICR unit should be at least 30 centimeters away from any human being EE LL 11 1 eee SS Ss a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 15 of 272 Bytton ICR 4 INSTALLATION E 4 2 Mounting hardware installation The Rohde amp Schwarz Topex S A Bytton ICR router can be mounted horizontally by means simply placing it on a flat surface or into a rack at
312. performed you can see that the 3 GiB of data enters via WAN and gets out via LAN See also the corresponding routing table Destination Gateway Cenmask Flags Metric Ret Use Iface 192 168 148 148 0 0 0 0 255 255 255 252 U g g 0 land 109 0 0 0 0 0 0 0 255 255 255 U g g 0 bro 197 168 1 0 0 0 0 0 255 255 Zb 0 U g i 0 wan 0 0 0 0 197 168 1 8 0 0 0 0 UG g g 0 wan When the connection is achieved via 3G 4G mobile network instead or cabled Ethernet Iface Status reflects the changes data comes in via ppp1 and gets out through lan The wan traffic is nil while the WiFi interface wlanO is active but not used for data transfers bro lan mon wlanO PPP1 wan Link encap Ethernet HWaddr 00 19 70 49 F3 D7 inet addr 10 0 0 1 Bceast 10 0 0 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 79688 errors 0 dropped 0 overruns 0 frame 0 TX packets 147260 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 6811273 6 4 MiB TX bytes 200265195 190 9 MiB Link encap Ethernet HWaddr 00 50 C2 F5 23 2A UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 79737 errors 4 dropped 0 overruns 0 frame 0 TX packets 147300 errors 1 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 7931397 7 5 MiB TX bytes 200267035 190 9 MiB Base address 0x2200 Link encap UNSPEC HWaddr 00 19 70 49 F3 D7 00 00 00 00 00 00 00 00 00 00 UP BROADCAST RUNNING MULTICAST MTU 1500 Me
313. quipment as many alternate IP addresses as you wish for each of the interfaces of the Bytton equipment ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 49 of 272 Note that in this case also the Interface drop list will show besides the usual physical interfaces BRO WAN Embedded Modem WiFi station when WiFi is set to Station and Ad Hoc instead of access point it will show also as options the logical interfaces bridges Virtual LANs GRE IPSEC or OPEN VPN tunnels and SO on Use individual Save buttons to the right to save the settings for each supplementary IP addresses then the big Save and Reload button at the bottom of the page When you want to go back to the IP Settings page click the link BACK Examples When Bytton has a single IP in the local network and a fixed IP for the Ethernet WAN the Interfaces will be bro Link encap Ethernet HWaddr 00 19 70 49 F3 D7 inet addr 172 168 1 1 Bcast 172 168 1 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 15090 Metric 1 RX packets 21776 errors 0 dropped 0 overruns 0 frame 0 IX packets 21089 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 12460982 11 8 MiB TX bytes 12305738 11 7 MiB lan Link encap Ethernet HWaddr 00 50 C2 F5 23 2A UP BROADCAST RUNNING MULTICAST MIU 1500 Metric 1 RX packets 21835 errors 21 dropped 0 overruns 0 frame 0 TX packets 20894 errors 1 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000
314. r you will see detailed messages about the progress of the operation from Erasing 128 Kbyte 0 0 complete up to Erasing 128 Kbyte 1e0000 93 complete The connection to Bytton ICR stops for a short time D https 192 168 1 1 admin 4 S Internet Explorer cannot dis X C Internet Explorer cannot display the webpage What you can try Diagnose Connection Problems Figure 5 125 The Web interface is unavailable while Bytton restarts with the new configuration and after reboot Bytton ICR begins operating with the set of parameters Configuration that you have loaded C fi Xp5p5 192168 1 1 admin iv e Re BD sz A SuportProceduresi C Other bookmarks Location System gt Logs Empowering Communications Remote User superuser guide ae eee HOME F LAN Kernel IP routing table k TUNNELS Destination Gateway Genmask Flags Metric Ref Use Iface e ROUTING 10 112 112 113 0 0 0 0 255 255 255 255 UH d d 0 pppl 192 168 148 4 0 0 0 0 255 255 255 252 U D D D br Firewall 152 168 1 0 0 0 0 0 255 255 255 0 U D d D bro Routes 127 16B 0 0 0 0 0 255 255 0 0 U d d D br0 2 0 0 0 0 10 112 112 113 6 0 0 0 UG D D 0 pppl Dynamic Virtual H T r Q 05 Mo Route IP Wetmask Router Interface Metric k SYSTEM Figure 5 126 Bytton ICR begins operation with the loaded configuration 5 6 SERVICES Here you may configure settings for the services provided by Bytto
315. r PC with the correct IP address DNS and Gateway In this case in Internet Protocol Properties you should check the boxes Internet Protocol TCP IP Properties Obtain an IP address General Alternate Configuration automatically and respectively Obtain DNS You can get IP settings assigned automatically if your network su server address automatically this capability Otherwise you need to ask your network administr the appropriate IP settings Reset reboot your PC to be sure these network settings become valid Obtain an IP address automatically mle Vay od ODE Nave M NOI C Use the following IP address anymore about your settings the Bytton ICR g equipment will take care of providing your IF address l l l computer with adequate IP address and DNS Subnet mask Figure 5 4 Setting automatically IP for the Default gateway l connection to Bytton Obtain ONS server address automatically In the status bar at the bottom of oo z the screen you should see the en ByttonICR j Sytton icon of the Bytton link blinking A y AL Identifying l Identifying m S PEST and a first message will show up S 2 Realtek RTL8139 810x Family AT Realtek RTL8139 Bytton ICR acquiring network address or Identifying while the network adapter gets a local IP address from the DHCP server of the Bytton equipment 5 1 3 Manual IP Settings As an alternative you can set the network parameter
316. r a 10 Mb a 100 Mb Ethernet or a 10 100 Mb card in their notebooks so the switch of Bytton must be able to negotiate their speed and duplex mode The manual fine tuning of these ports is provided to solve possible problems which could happen for instance when one port on the link operates at half duplex while the other port operates at full duplex This could occur when one or both ports on a link are reset and the auto negotiation process does not result in both link partners having the same configuration Both sides of a link should have auto negotiation on or both sides should have it off Thus if the user s notebook cannot fully configure its Ethernet adapter then Bytton must be able to adjust its network adapter accordingly Interface name You can also edit change the default names that Bytton assigns to its four Eth interfaces wan lanO lant lan2 but this name will be valid only in this table Port Duplex Speed Autonegotiation WAN WAN Edit LANO Ful v 10 100Mb s e Enabled Autonegotiation WANO LAN1 LAN The central pane Port Status shows the current state of the Ethernet ports of Bytton In the example below the WAN port is with the default settings auto negotiation full duplex and is active for a 100Mps connection while lanO was set to half duplex speed of 10 Mbps and is not in use no link actually detected STATUS wan Speed l100Mb a Duplex Full Auto negotiation on Link detected
317. r more IPSec tunnels Up to 20 IPSec tunnels Encryption protocols of peers Non symmetrical Public RSA key algorithms Security of keys PFS Perfect Forward Secrecy Diffie Hellman algorithm IKE mechanism Network features Routing Static Dynamic Unix based Quagga software RIPv1 RIPv2 OSPF BGP Firewall IP Tables MAC Address Filtering for all interfaces ACL Access Control List SPI Stateful Packet Inspection DHCP DHCP server with forwarding option DNS DNS Server forwarding DNS requests Dynamic DNS Dual SIM capability not synchronuosly AT Commands Authentication PAP CHAP Verification of data link and failover PPPoE VRRP NTP Q J m Z ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 242 of 272 Bytton ICR TECHNICAL SPECIFICATIONS for Bytton ICR WiFi Access Point Supported standards IEEE 802 11 b g Optionally also wireless N 802 11n available with support for dual antennas Operation Modes Connection Modes Wireless security WEP 64 or 128 bits WPA WPA2 PSK or PSK 2 crypto MAC Filtering TKIP AES Mobile antenna External multi band antenna with magnetic base and cable Two different types are shipped one for GSM 3G and another for LTE 4G modules In care of 4G modules which feature antenna diversity MIMO two LTE antennas may be used WiFi antenna Stick antenna with 90 bending N type has MIMO support connectors for two wireless antennas
318. r virtual while sharing a single IP subnet bridging a physical eth network interface of Bytton with an Open VPN driven network tap interface at two separate locations both distant Ethernet networks are merged as if they were a single Ethernet subnet E ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 2 of 272 Bytton ICR Dear Client p MM M U UU UI e OVPN capability in addition to other kinds of versatile advanced tunneling that may be for VPN Bytton provides support for the Open VPN Client OpenVPN is simple very easy to install and configure it can be installed on nearly any platform the configuration principle remains the same on any platform TAP TUN interface options are available so you can choose to build either Ethernet Bridged or IP Routed VPNs with the embedded OVPN software e Virtual Routing Tables the Virtual RT feature acts like a logical router using a single routing table for each instance provides a way to configure multiple routing instances on a single hardware router e Easy Firmware Updating automatic update process using the web configuration interface locally or remote e Low Power Consumption less than 10 Watts the low power consumption means reduced heat dissipation hence no cooling fans required no moving parts means you get higher reliability and no noise Serial Interfaces variant with one or two programmable serial RS 232 interfaces available
319. rabia 20ge adnettelecom ro 46 108 3 165 2 186 ms 2 115 ms 2 150 ms cr rbas 40gbps adnettelecom ro 46 108 4 217 2 485 ms 2 311 ms 2 186 ms 72 14 213 18 72 14 213 18 37 016 ms 32 275 ms 31 882 ms 72 14 238 44 72 14 238 44 32 337 ms 32 057 ms 32 083 ms 72 14 236 68 72 14 236 68 32 768 ms 35 371 ms 35 273 ms 209 85 241 213 209 85 241 213 47 464 ms 47 781 ms 58 493 ms 72 14 234 251 72 14 234 251 47 933 ms 50 867 ms 48 061 ms bud01s10 in 23 1e100 net 173 194 39 87 47 493 ms 47 361 ms 47 254 ms WO 0 JO OD i AM ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 93 of 272 Bytton ICR 5 CONFIGURATION Ee Commands Finally the field Command allows access to the BusyBox utility This is a a single small executable that combines tiny versions of many common UNIX utilities Command ype adv commands herel Exec These utilities generally have fewer options than their full featured GNU counterparts but still the included optionstprovide the expected functionality and behave very much like the complete versions BusyBox is designed to minimize size and to work with limited resources thus is well fitted for embedded operating systems such as Bytton ICR See below a few examples Linux bytton 2 6 34 66 Tue Jun 12 17 31 38 EEST 2012 ppc unknown rwxr xr x root root 4074 Jun 13 11 13 8021x awk rwxr xr x root root 4041 Jun 13 11 13 8021x html rwxr xr x root root 583 Jun 13 11 13 AT html rwxr xr x root root 35
320. rce the route to be associated with the specified device If interface is Router you need to set a Router IP Metric set the metric field in the routing table Figure 5 87 Routes Embedded help for defining static routes EE LL 11 11 1 1511 1 1 1 1 1 11 o_o o SSS U ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 156 of 272 Bytton ICR 5 5 ROUTING M M M M M M Mail Interface Status When you click the link Interface Status it will show the state of all network REN interfaces of the Bytton ICR device external or internal physical or virtual Routes Help Interface Status has been explained in the chapter about LAN but it is used also here since it shows the logical interfaces created over the Bytton equipment interface Status brO Link encap Ethernet HWaddr 00 19 70 49 F3 D7 inet addr l0 0 0 1 Beast 10 0 0 255 M sks255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1488 Metric 1 RX packets 455237 errors 0 dropped 0 overruns 0 frame 0 TX packets 1189164 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 30974697 29 5 MiB TX bytes 1754139440 1 6 GiB brl Link encap Ethernet HWaddr 16 7A CD 4F F3 83 inet addr 94 243 164 98 Bcast 94 255 255 255 Mask 255 255 255 254 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packet
321. re to be inserted with one end into the RJ 45 sockets of the Bytton ICR equipment labeled LAN1 or LAN2 also LANO when it is confiqured as local port Also when each LAN ports gets an individual IP address the connections must be performed accordingly The opposite end of the UTP cable can be inserted in switches or hubs or directly into PCs or specific equipment with the respective IP configured The corresponding LED indicators embedded into each of the connectors on the front panel should light up showing at first physical connection the green LED then also data traffic on the respective Ethernet interface the yellow LED WANO LANO connection Take care when the configurable ETH connector labeled WANO LANO is set to secondary WAN instead of LAN By default all three LAN ports are connected in the same switch so it does not matter at all which of the LAN ports you use for connection LAN1 2 3 are all the same fe BEL DEES v nn Um i Var ee d P HR eU But when you set an IP for WANO LANO it will be taken off from the switch and treated as a WAN port leaving only the two rightmost ETH connectors in a switch for the Local cabled network pu ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 22 of 272 In this case you must take care where you connect the LAN cable s and where the WAN cable For WAN connection Plug one end of the cable into the RJ45 port labeled WAN on the front pan
322. records as you like in this table but bear in mind that the rule you choose either Accept them or Deny these MACs will apply for al physical addresses and IP addresses in the list EIL 1 1 5 51 1 1 11 1111 5511 11 1 1 a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 66 of 272 Bytton ICR 5 CONFIGURATION p H M M M 9 Mo MAC IP 1 0 2 e5 47 a3 90 3b f4 10 0 0 17 Add New Figure 5 33 Defining MAC entries in the table Filter List MAC IP it establishes a fixed IP address for the respective MAC source When you choose Allow and type a value in the field IP the client with the respective MAC will get the corresponding IP address like the 10 0 0 17 as shown the example above Instead of a dynamic address assigned by DHCP he will always have the same address that you establish here Notes 1 A similar feature called MAC Security is also available in the Web page WiFi Settings see the next chapter 2 MAC Security for WiFi lets you specify up to five physical addresses whose access will be selective allowed or denied But the respective feature applied only to the wireless clients connected to Bytton ICH while Filter List MAC described previously applies to all local connections no matter if they are cabled Ethernet or WiFi
323. refonb 2 bands 3 priomap 1 2 2 2 1 2 0 DO EL ft tht ft at a CLASS class prio 1 1 parent 1 leaf 11 class prio 1 2 parent 1 leaf 12 class htb 12 11 parent 12 1 leaf 1211 prio 1 rate 600000bit ceil 1200Kbit burst ND course ZKD class htb 12 1 root rate 1200Kbit ceil 1200Kbit burst 2Kb cburst 2Kb class htb 12 13 parent 12 1 leaf 1213 prio 3 rate 240000bit ceil 1200Kbit burst 2K50 cburst EI class htb 12 12 parent 12 1 leaf 1212 prio 2 rate 360000bit ceil 1200Kbit Durst 2ko QDUTSL KD FILTER filter protocol ip pref l u32 filter protocol ap pref 1 u32 rh 800 ht divisor 1 filter protocol ip pref 1 u32 fh 800 800 order 2048 key ht 800 bkt 0 flowid Ee match 00380000 00380000 at O0 filter protocol ip pref 3 u32 filter protocol ip pref 3 u32 fh 801 ht divisor 1 filter protocol ip pref 3 u32 fh 801 800 order 2048 key ht 801 bkt O flowid LIE match 00000000 00000000 at 12 filter protocol ip pref Il u32 filter protocol ip pret 1l u32 th 601 ht divisor 1 filter protocol ip pref 11 u32 fh 801 800 order 2048 key ht 801 bkt O flowid a match 00400000 00400000 at O filter protocol ip pref 11 u32 fh 801 801 order 2049 key ht 801 bkt O flowid EH match 00010000 00ff0000 at 8 filter protocol ip pref 12 u32 filter protocol ip pref 12 u32 fh 800 ht divisor 1 filter protocol ip pref 12 u32 fh 800 800 order 2048 key ht 800 bkt O flowid 12 712 match 00480000 00480000 at O filter protocol ip pref 12 u32 fh 800 801 order 2049 key ht 800 bkt O fl
324. resses The Start option sets the first IP address in the pool End IP End IP Address The End option sets the end IP address the last address in the pool to be assigned by the DHCP server in your local network Note 1 if the DHCP server is disabled the fields below it Start IP and End IP GHEP Server Disabled will be displayed in grey color This shows you that the respective parameters C oos are disabled End IP 10 0 0 40 Note 2 Hemember that the default IP address of Bytton ICH is 192 168 1 1 so the Start IP must be 192 168 1 2 or greater but smaller than 192 168 1 254 You should set an adequate IP range for DHCP usage for instance form 10 to 20 for a small network or from 20 to 50 in case of a larger network ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 63 of 272 Bytton ICR 5 CONFIGURATION EH Note 3 Of course the DHCP setting must be correlated with the IP address of Rohde amp Schwarz Topex S A Bytton ICR For instance if the requirements Of sep server Enabled gt your network compel you to use an IP such as 10 0 0 1 instead of the default IP address 192 168 1 1 the DHCP server must be also set for the same Start IP 10 0 0 10 range of IP addresses respectively from 10 0 0 xxx where xxx is from 10 up to End IP hong zg 20 Alternately when the primary IP of the Bytton ICR box has been set to DHCP Server Enabled 172 168 1 1 instead of the default IP address
325. resses and accounting RADIUS authentication server auth server addr 127 0 0 1 auth server port 1812 auth server shared secret secret RADIUS accounting server acct server addr 127 0 0 1 acct server port 1813 8OCL Server shared Seocret 5ecret Figure 5 40 Embedded Help for the parameters concerning 802 1x authentication for EAPOL EIL ee 251 1 1 11 111 1 1 511 1 1 5 111 a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 76 of 272 Bytton ICR 5 CONFIGURATION EE Log examples of 802 11 authentication Jun 25 10 58 31 bytton daemon info hostapd wlan0 STA 58 1f aa dd e2 f5 IEEE 802 11 authenticated Jun 25 10 58 31 bytton daemon info hostapd wlan0 STA 58 1f aa dd e2 f5 IEEE 802 11 associated aid 2 Jun 25 10 58 31 bytton daemon info hostapd wlan0 STA 58 1f aa dd e2 f5 RADIUS starting accounting session 00000023 00000001 Jun 25 10 58 31 bytton daemon info dnsmasq 1230 DHCPREQUEST br0 10 0 0 14 58 1f aa dd e2 5 Jun 25 10 58 31 bytton daemon info dnsmasq 1230 DHCPACK brO 10 0 0 14 58 1f aa dd e2 5 cPhone 4 Jun 25 11 30 46 bytton daemon info hostapd wlan0 STA 58 1f aa dd e2 f5 IEEE 802 11 disassociated 5 2 7 Bridge This page lets you define and configure bridges between different physical or virtual interfaces of the Bytton ICR equipment Bridging is a technique for creating a virtual wide area Ethernet LAN running on a single subnet
326. reverse order of search Network Order 36 first GSM later Automatic Search GSM first 3G later 3G first GSM later Network Order asm First 3G later Automatic Search GSM First 3 later Figure 1 164 SIM Settings for the order of Mobile Network selection The SMS options that follow let you send or receive SMS messages from your computer to any GSM or 3G mobile terminal user through the GSM HSPA or LTE module of the Bytton ICH equipment a l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 220 of 272 5 7 3 SMS Read Displays a list of received text messages Topex Location SIM gt SMS Read Remote User superuser Empowering Communications VEIIIHLE UE al Li HOME LAN WAN TUNNELS ROUTING SYSTEM SERVICES SIM Status SMS Read STATUS FROM No Messages Delete message with index SMS Read Figure 5 165 SIM SMS Read window empty This list for displaying received SMS messages has the following columns ID reference number 1 2 and so on up to 14 STATUS REC Received READ or UNREAD FROM sender s phone number such as 40741664986 DATE date and time when the message was received after the sign the tenths of seconds TEXT the actual content of the message Topex Location SIM gt SM5 Read Empowering Communications Remote User superuser ES HOME F LAN F WAN TUNNELS F ROUTING SYSTEM Status
327. rial ports means that older legacy equipments measurement and control units meters POS card readers ATMs which feature only serial ports RS 232 or RS 485 may also be connected to the Bytton ICR mobile router by means of its one or two SER ports as shown in the illustration Serial Devices Domains of applications for the industrial grade cellular router may include Oil amp Gas Industries Processing Plants Property Estate Agencies Logistics Recruitment Travel amp Hospitality Healthcare Media amp Broadcasting Insurance amp Finance Bytton ICR 9 Glossary ee 9 Glossary 3G Third generation mobile networks specially designed for high speed data services The classic definition of wireless networks that following the 2G systems GSM and they offer high speed data services in addition to the basic voice capability These 3G mobile communications systems provide an enhanced range of multimedia services high speed Internet access video streaming etc The high data transfer speed specific to the third generation communications network leads to an increased efficiency of information transmission while the real time access to data and information means important savings of time and money UMTS is the best known but not the only one of the 3G networks while HSPA is considered to be 3 5 G or 3G Bytton ICH can be also equipped with modules for LTE which is a 4G Fourth Generation cellular technol
328. ricUsermanual sw308FAS revG en doc Page 228 of 272 Bytton ICR 5 5 ROUTING pe M f TFTP As its name says Trivial File Transfer Protocol is a very simple protocol for transferring files derived from the full FTP Generally used exactly for this kind of tasks automated transfer of configuration or boot files between machines in a local environment This is because it has no security it does not even provide authentication Its advantages are simplicity of design and very low usage of memory it has been implemented on top of the UDP using port number 69 it does not require TCP This makes it is ideal for simple machines such as routers with limited data storage TFTP Enabled e Address Path Pot a TFTP is currently defined by RFC 1350 It is seldom used interactively like the FTP by human users instead it is excellent for machines simpler than a computer networked devices that do not have the capabilities of true computers but still need to be able to do file transfers Due to the lack of security it is dangerous to use it over the Internet Thus TFTP is generally only used on private local networks After enabling the TFTP section you simply enter the address where the configuration file is stored then the full TFTP Enabled e path and finally the port number to be used Address la8 225 47 86 By default the standard port for TFTP is
329. ridge id SIP enabled interfaces br ag00 00157049f 3d7 no lanl lanz wlan Also you can see now that the default bridge br joins together besides wlanO three wired ETH ports lanO lan1 and lan2 which after being individually configured are now distinct ports as shown l ByttonICR fulli genericUsermanual_sw303FAS_revG_en doc Page 55 of 272 Bytton ICR 5 CONFIGURATION ee Bridge Status bridge name bridge id STP enabled interfaces br ag00 001570459 3d7 no land lanl lanz wlang This arrangement shows up also in Iface status bro Link encap Ethernet HWaddr 00 19 70 49 F3 D7 inet addr 172 168 1 1 Bcast 172 168 1 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 0 0 0 B TX bytes 0 0 0 B lan Link encap Ethernet HWaddr 00 50 C2 F5 23 2A UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 11 errors 3 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 0 0 0 B TX bytes 546 546 0 B Base address 0x2200 lanO Link encap Ethernet HWaddr 00 50 C2 F5 23 27 UP BROADCAST MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 1 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 0 0 0 B TX bytes 46 46 0 B Base addr
330. rk where Bytton ICR is now connected via its WANO interface Pinging 192 168 148 148 with 32 bytes of data Reply from 192 168 148 148 bytes 32 time 2ms TTL 64 Reply from 192 168 148 148 bytes 32 time lt ims TTL 64 Reply from 192 168 1488 148 bytes 32 timetims TTL 64 Reply from 192 168 1488 148 bytes 32 timetims TTL 64 Ping statistics For 192 168 148 148 Packets Sent 4 Received 4 Lost Approximate round trip times in milli second Hinimum Bms Maximum 2ms Average Hx loss ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 61 of 272 Bytton ICR 5 CONFIGURATION _ 5 2 3 Commit The Commit option described here is not specific to LAN section but rather it is a general option for the Bytton ICR equipment HOME AT If you performed configuration changes using the Save button is not enough since it EWAN saves the modifications only into the temporary memory aieiai You should always press the Commit button if you want to make these changes Gate permanent IPSEC This button is located at the bottom of the Menu list to the left side of the OVPN screen PPTP You will see a Commit Settings message and underneath it a red progress bar over ROUTING black background which says Saving changes please wait Commit Remote User superuser Firewall Empowering Communications Routes Dynamic Virtual R T OOS t SYSTEM Y SERVICES SNMP Figure 5 23 Commit Settings command
331. rnet applications such as VoIP video streaming and other consumer services Since some core networking technologies such as Ethernet were not designed to support prioritized traffic or guaranteed performance levels the equipment must have the means of implementing QoS solutions across the Internet In order to partition network traffic into multiple priority levels or classes of service Packet Marking and Classification features are used For example by using the three precedence bits in the Type of service ToS field of the IP packet header the data packets can be categorized into a limited set of up to six traffic classes In Bytton s QOS this is done by QOS Marking and respectively QOS Class Following classification of the packets other QoS features may be utilized to assign the appropriate traffic handling policies including allocation of bandwidth congestion management etc for each of the classes of traffic that were defined EE 1 1511 1 1 1 1 1 1 111 5 1 a ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 171 of 272 At the bottom left of the QOS Web page there are three links to oos Marking corresponding sub pages QOS Marking QOS Class QOS Class Marking Help Marking Help QoS marking At first this table is empty use Add New to add a new entry n n Con tep bri 152 1EB 14B 20B 3n HHH D n tep ept 81 TOS mat DnxzB DUxff n n Tog ip bhel og 1n
332. rofit The manufacturer is not liable for any damage whether direct indirect special incidental or consequential as a result of using Rohde amp Schwarz Topex S A Bytton ICR equipment No part of this manual may be reproduced stored in a retrieval system or transmitted in any form or by any means electronic mechanical recording or otherwise without the prior written permission of the company ROHDE amp SCHWARZ TOPEX S A It is certified hereby that the Rohde amp Schwarz Topex S A Bytton ICR unit is manufactured in concordance with the legal provisions concerning responsibility towards the quality of delivered products fulfills the quality parameters specified in its User s manual and is fit for the purpose for which it has been designed It also warrants that the equipment will perform substantially in accordance with the accompanying documentation Any comments suggestions and proposals of yours concerning our products are welcome and we are gladly waiting for your feedback Rohde amp Schwarz TOPEX S A Feleacu street no 10 sector 1 Bucharest 014186 ROMANIA Tel 4021 408 39 00 Fax 4021 408 39 09 E mail topex topex ro Web www topex rohde schwarz com l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 255 of 272 Bytton ICR 10 Annex 1 DIN Rail n 10 Annex 1 DIN Rail Gener
333. routing information between gateway hosts each with its own router in a network of autonomous systems AS For this it maintains a table of IP networks or prefixes which designate network reach ability among autonomous systems BGP does not use traditional Interior Gateway Protocol IGP metrics like RIP or OSPF but instead makes routing decisions based on path network policies and or rule sets BGP has been created to replace the Exterior Gateway Protocol EGP protocol to allow fully decentralized routing in order to transition from the core network model to a decentralized system that is more like the present day Internet Since 1994 version four of the BGP has been in use on the Internet All previous versions are now obsolete And since January 2006 version 4 is codified in RFC 4271 which went through more than 20 drafts based on the earlier RFC 1771 version 4 EE LL 111 1 1 1 1 1 1 1 SSS Sn ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 159 of 272 Bytton ICR 5 5 ROUTING E Why BGP Obviously most Internet users do not employ BGP directly But almost every Internet service providers have to use BGP in order to establish routing between one another especially if they are multihomed Thus even if less well known BGP is one of the most important protocols of the Internet And very large private IP networks use BGP internally allowing the joining of a number of large
334. rra ttyUSB6 Sierra USB modem converter now disconnected from ttyUSB6 Jan 1 00 00 35 bytton user info kernel sierra 1 1 1 6 device disconnected Jan 1 00 00 35 bytton user info pbx CONFIG FILE tmp pbx Jan 1 00 00 35 bytton user info pbx wrong number of parameters request 7 act ring 0 Jan 1 00 00 35 bytton user info pbx pbx 0 2 3 started Jan 1 00 00 35 bytton user info pbx rmote run Jan 1 00 00 35 bytton user info pbx voice run Jan 1 00 00 35 bytton user info pbx modem run Jan 1 00 00 35 bytton user info pbx voice port opened Jan 1 00 00 36 bytton user notice root Selected sim O0 Jan 1 00 00 37 bytton user info kernel br0 port 2 lan entering forwarding state Jan 1 00 00 37 bytton user info pbx clips active Jan 1 00 00 40 bytton user notice root GSM MONI to CROND Jan 1 00 00 42 bytton user notice root Start Quagga n nm etc EN ByttonICR fulli genericUsermanual_sw303FAS_revG_en doc Page 188 of 272 Bytton ICR EE 5 5 ROUTING At startup the system log records how the Bytton ICR machine begins operation so the first messages are those generated bu the kernel operationg system Also the NTP client or other timekeeping ressources are not yet running so the time stamps are always Jan 1 00 00 xx Jan 1 00 00 22 bytton syslog info syslogd started BusyBox v1 11 2 Jan 1 00 00 22 bytton user warn kernel bio create slab at 0 Jan 1 00 00 22 bytton user info kernel vgaarb loaded Jan 1 00 00 22 bytto
335. s Figure 5 69 IPSEC Web page for managing RSA and PSK keys and x 509 certificates Generate the local keys or enter the remote keys mend to generate a RSA key for authenticating your tummets 112111111111111111100000000900000000000000000000111111111 138 Reino Pe Figure 5 70 Generate local RSA key and set or generate remote PSK key Bytton ICR 5 CONFIGURATION Setting the X 509 Certificates For secure connections the web browsers use SSL authentication with X 509 certificates This Digital Certificate Standard was issued by ITU T for the secure management and distribution of digitally signed certificates across secure Internet networks The strong authentication goes beyond a simple password to verify user identity using instead advanced credentials which are created by cryptographic means Upload the certificate files for X 509 Configure PSK Authentication Key Generate New FSK Key Or Enter The Remote Generated Pre Shared Key BACK Upload X 509 Certificate Files Certificate Authority File C Program Files 86 C Edit Local Router Certificate File Edit Remote Router Certificate File Edit Local Router Private Key File Certificate Revocation List File BACK Figure 5 71 Upload the certificate files for X 509 Finally the link IPSEC STATUS displays the current state of the IPSEC tunnels Top ex IPsec gt Status User superuser
336. s of your computer select the one which is connected via Ethernet cable to the Bytton equipment In this example it is the network board type Realtek RTL8139 810x Family Check the box Internet Protocol TCP IP and click the button Properties to configure your PC You may configure the connection to Topex Bytton ICR either manually or automatically Figure 5 3 Setting the network properties for the ETH connection to Bytton J P aT ByttonICR fulli genericUsermanual sw303FAS revG en doc iH ByttonICR Properties Connect using This connection uses the following items O bs Client for Microsoft Networks daos Packet Scheduler O Bn and Printer Sharing for Microsoft Networks amp Reliable Multicast Protocol Intemet Protocol Version 6 TCP IPv amp Intemet Protocol Version A TCP IPv4 C A Link Layer Topology Discovery Mapper 1 0 Driver CO A Link Layer Topology Discovery Responder Transmission Control Protacol Intemet Protocol The Gegen wide area network protocol that provides communica across diverse interconnected networks Page 35 of 272 Bytton ICR 5 CONFIGURATION EE 5 1 2 Automatic IP Address The simplest way is to set your network adapter to get its IP address automatically from Bytton ICR The Rohde amp Schwarz Topex S A mobile router features a DHCP server so it can provide you
337. s when using DHCP to assign addresses DHCP Dynamic Host Configuration Protocol This protocol allows a computer or many computers on your network to be automatically assigned a single IP address from a DHCP server DHCP is available on Bytton ICR both for LAN cabled or wireless and WAN DNS Acronym for Domain Name System or Service an Internet service that translates domain names into IP addresses This allows the Internet hosts to use both addresses type domain name such as topex ro or linux org and addresses type IP numbers for instance 192 17 3 4 The domain name addresses are intended for human users and are automatically converted into IP numeric addresses Because domain names are alphabetic they are much easier to remember The Internet however is really based on IP addresses Every time you use a domain name therefore a DNS service must translate the name into the corresponding IP address DNS Server computer able to answer to the interrogations in a DNS system The DNS server maintains a database that includes the host computers with their domain names and the corresponding IP addresses For instance if you ask the DNS server for the domain name apex com it will return the IP address of the hypothetical company called Apex DNS servers are linked in their network so if one DNS server doesn t know how to translate a particular domain name it asks another one and so on until the correct IP address is found When a
338. s 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 0 0 0 B TX bytes 0 0 0 B lan Link encap Ethernet HWaddr 00 50 C2 F5 23 2A UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 454877 errors 174 dropped 0 overruns 0 frame 0 TX packets 1189543 errors 1 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 37377143 35 6 MiB TX bytes 1754266004 1 6 GiB Base address 0x2200 lanO Link encap Ethernet HWaddr 00 50 C2 F5 23 27 UP BROADCAST RUNNING MULTICAST MTU 1488 Metric 1 RX packets 1179 errors 0 dropped 0 overruns 0 frame 0 TX packets 2224 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 260820 254 7 KiB TX bytes 409600 400 0 KiB Base address 0x2000 lo Link encap Local Loopback inet acarelZ 7 0 0 1 Masks255 0 0 20 UP LOOPBACK RUNNING MTU 16436 Metric 1 RX packets 15664 errors 0 dropped 0 overruns 0 frame 0 TX packets 15664 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 877964 857 3 KiB TX bytes 877964 857 3 KiB mon wlanO Link enCap UNSPEC Hwaddr 00 19 70 49 F3 DT7 10 07200 00 00 00 00 00 00 00 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 7450 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX DyLtes 050277 635 0 KiB TX bytes 0 0 0 B wan Link encap Ethernet HWaddr 00 50 C2 F5 23 29 inet addre192 169 14 145 Beaste loz 16
339. s Connection status example 192 168 1 12 inside the range 10 20 that you have specified di Address Type Assigned by DHCP You can also verify that the default IP Address 192162112 gateway is 192 168 1 1 the Bytton ICR device and the Subnet Mask is Subnet Mask 255 255 255 0 299 299 299 0 Default Gateway 192 168 1 1 Figure 5 27 The Details tab of the connection to Bytton ICR shows its IP address ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 64 of 272 Bytton ICR 5 CONFIGURATION EE Forward to You may select the third option Forward to to pass the DHCP DHCP Server Enabled requests to a remote server instead of the local Bytton ICR Start 1p Disabled equipment Enabled End IP mre DONNE Forward to 192 158 148 144 In this case you must complete the IP address of that server such as IF LANOWANO v 192 168 144 88 in this example and select the interface IF over which the DHCP requests will be forwarded BR for wired LAN or Wi Fi WAN port PPP link of embedded modem or LANO WANO configurable port BRO DNS Servers Embeded Modem Nameserver 1 WAN Figure 5 28 Using the Forward to option for DHCP Server in LAN configuration webpage As you may notice in addition to the real physical IF br2 interfaces mentioned above the drop list for IF will also list all the virtual logical interfaces that are defined on your Bytton ICR equipment IF lan0 5 LANS WA
340. s Metric Ref Use Iface 10 64 64 65 0 0 0 0 255 295 255 255 UH 0 0 0 pppl 10 0 0 0 0 0 0 0 255 255 255 0 U 0 0 0 brO 192 168 148 0 0 0 0 0 299 255 2590 U 0 0 0 wan 172 27 0 0 0 0 0 0 255 255 0 0 U 0 0 0 lanO 192 168 0 0 0 0 0 0 255 255 0 0 U 0 0 0 wan 0 0 0 0 10 64 64 65 0 0 0 0 UG 0 0 0 pppl Generated by iptables save v1 4 10 on Wed Jul 4 10 52 05 2012 xfilter INPUT ACCEPT 846 97780 FORWARD ACCEPT 0 0 OUTPUT ACCEPT 2395 407854 A INPUT i lo ACCEPT A INPUT 1 ott J ACCEPT A INPUT p gre ACCEPT A INPUT m State srtate RELATED ESTABLISHED J ACCEPT A INPUT i tap0 j ACCEPT A FORWARD 1 br J ACCEPI A FORWARD p gre j ACCEPT A FORWARD m State state RELATED ESTABLISHED J ACCEPT A FORWARD p tep m top Lop rflags SYN RST SYN 3j TCPMSS clamp mss to pmtctu A FORWARD i tap0 j ACCEPT A OUTPUT p top m top top rlags SYN RST SYN J TCPMSS oclamp mss to pmtu COMMIT Completed on Wed Jul 4 10 52 05 2012 Generated by iptables save v1 4 10 on Wed Jul 4 10 52 05 2012 l ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 142 of 272 Bytton ICR 5 5 ROUTING EE Or Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10 64 64 65 0 0 0 0 255 255 255 255 UH 0 0 0 pppl 195 74 234 12 0 0 0 0 255 255 255 254 U 0 0 0 br2 10 0 58 44 0 0 0 0 255 255 255 252 U 0 0 0 br3 192 168 148 148 0 0 0 0 255 255 255 252 U 0 0 0 lanO 192 168 144 0 0 0
341. s from the VTY Console in the Web configuration pages Examples of Quagga commands run on Bytton ICR bytton disable bytton gt show version Quagga 0 99 20 EE Copyright 1996 2005 Kunihiro Ishiguro et al Hello this is Quagga version 0 99 20 Copyright 1996 2005 Kunihiro Ishiguro et al bytton gt show ip rip Codes FR RIP C connected S Static O OSPF B BGP Sub codes n normal s static d default r redistribute i interface Network Next Hop Metric From Tag Time C i 10 0 0 0 24 0 0 0 0 1 self 0 C i 10 0 0 0 30 0 0 0 0 1 self 0 C i 192 168 0 0 16 0 0 0 0 1 self 0 C i 192 168 148 0 24 0 0 0 0 1 self 0 bytton quit Figure 13 1 Examples of actual results of Quagga commands running over Bytton ICR See below a partial list of Quagga commands available in Bytton implementation bytton gt list bytton configure terminal bytton config list access list lt 1 99 gt lt 100 199 gt lt 1300 1999 gt lt 2000 2699 gt WORD remark LINE access list lt 1 99 gt lt 1300 1999 gt deny permit A B C D access list lt 1 99 gt lt 1300 1999 gt deny permit A B C D A B C D access list lt 1 99 gt lt 1300 1999 gt deny permit any access list lt 1 99 gt lt 1300 1999 gt deny permit host A B C D access list lt 100 199 gt lt 2000 2699 gt deny permit ip A B C D A B C D A B C D A B C D access list lt 100 199 gt lt 2000 2699 gt deny permit ip A B C D A B C
342. s manually By default Bytton ICR has the IP address 192 168 1 1 and the standard Netmask 255 255 255 0 and these settings are used in the example below However it does not make sense to use manual settings for the default configuration rather you should use manual settings if your local network has some special requirements which the automatic configuration cannot satisfy In case of manual settings in Internet Protocol General Properties you must fill in the corresponding l E You can get IP settings assigned automatically iF your network supr values this capability Othernvise you need to ask your network administrat the IP address could be from 192 168 1 2 up the appropriate IP settings to 192 168 1 254 to be sure you don t fall over the address of another device of your LAN a value of 11 is suggested instead of 2 which is the absolute minimum available value C Obtain an IP address automatically Ce Use the following IP address the Subnet mask must be the standard one IP address 192 168 1 11 255 255 255 0 the Default gateway must be 192 168 1 1 SE 255 255 255 0 the same address 192 168 1 1 is to be used for Default gateway 192 158 1 1 the Preferred DNS server C Obtain DHS server address automatically Figure 5 5 Manually establishing IP parameters Use the following DNS server addresses for the connection to Bytton Prefered ONS server 194 766 1 1 In the status bar at t
343. s running SNMP belong to It helps define where information is sent The community name is used to identify the group A SNMP device or agent may belong to more than one SNMP community It will not respond to requests from management stations that do not belong to one of its communities SNMP default communities are either private read write or public read only choose the adequate setting for each community you define ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 204 of 272 Bytton ICR 5 5 ROUTING pem M M M You can Edit the two predefined communities on Bytton ICR then create define additional ones by using the Add Community link as shown below COMM IP Netmask public 193 245 89 67 private 10 0 8 119 ReadOnly e Add Comm Figure 5 132 Define and configure SNMP Communities For each community you must enter the IP address such as 193 74 245 106 for a public network or 10 0 58 7 for a local non routable network and then select the corresponding net mask from the drop list values are 0 8 16 24 30 and respectively 32 Figure 5 133 Set up IP and netmask for a SNMP Community Edit Del CR Please use the COMMIT button to activate your settings Figure 5 134 Using local and global Save buttons for the SNMP Communities created ByttonICR fulli genericUsermanual sw308
344. s sensitive to radio interference microwave ovens copiers TV sets PC displays and multimedia systems For best results try to find for the WiFi and respectively HSPA or LTE antennas a place of maximum signal reception In addition the antenna must NOT be located near heavy duty equipment that may generate electromagnetic interferences such as electric motors or heaters 4 7 Power Up Power up Bytton ICR by simply inserting the adapter into the wall outlet The Rohde amp Schwarz Topex S A router will start working You should see the green PWR indicator LED lighting up 6 LXX s amp B WAR WAMOLAN LANI LAN 3 a pp Sh DATA Wifi 230 V ac Remember that the adapter is the disconnection device there is no POWER switch on Bytton ICR so the 230 Vac socket outlet shall be installed near the equipment and must be easily accessible M ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 32 of 272 Bytton ICR 4 INSTALLATION 4 8 Status indicators Bytton ICR has several optical indicators different color LEDs that shows the status of the device These indicators may light up continuously or flash to show activation type of network signal strength or data traffic WAR CWAN TANT 1AN 1 Hw Ue W I 5 Sl o ation of indicator LEDs Group of indicators in the center SGN Red LED shows for the intensity of the RF signal Off indicates no mobile network connecti
345. s string will be converted to ASCII O nul This can be used to separate network info comma separated list of attribute value pairs see f 6 0g draft adrangr eap network discovery 0T7 txEb eap message hello eap message hello Onetworkid netw nasid foo portid 0 NAIRealms example com t WEP rekeying disabled if key lengths are not set or are set to 0 Key lengths for default broadcast and individual unicast keys 5 40 bit WEP also known as 64 bit WEP with 40 secret bits 13 104 bit WEP also known as 128 bit WEP with 104 secret bits wep key len broadcast 5 wep key len unicast 5 Rekeying period in seconds 0 do not rekey i e set keys only once wep rekey period 300 EAPOL Key index workaround set bit7 for WinXP Supplicant needed only if only broadcast keys are used eapol key index workaround 0 EAP reauthentication period in seconds default 3600 seconds 0 disable reauthentication eap reauth period 3600 Use PAE group address 01 80 c2 00 00 03 instead of individual target address when sending EAPOL frames with driver wired This is the most common mechanism used in wired authentication but it also requires that the port is only used by one station use pae group addr 1 pit RADIUS client configuration FFEFEEE EE EH HHH TEE HE FE HE EH HHH EE EH HH EE EH HE for IEEE 802 1X with external Authentication Server IEEE 802 11 authentication with external ACL for MAC add
346. sabled and respectively Enabled FTP The standard File Transfer Protocol very much used with a large array of features and options FTP also observes the client server model in this case a client runs on Bytton and connects to a remote FTP server FTP itself uses the TCP transport protocol exclusively it never uses UDP for its transport needs Also FTP uses two ports to accomplish its task by default port 21 is used for control to listen to commands while port 20 is employed for the actual data transfers An interactive FTP session uses two operating modes FIF a e ER respectively active and passive mode These two modes Address are initiated by the FTP client and then acted upon by the Path FTP server But in this case you do not have to bother Username with modes Password anonymus amp Figure 5 177 Retreieving the Auto configuration file by Port d using FTP After enabling the configuration download via FTP you must FTP Enabled fill in the address of the FTP server the path towards the g location where the configuration file is stored the user name Address 186 224 39 155 and password for authentication by default it tries Path torc upconfig anonymous log in and the port used for commands TENET noe nea ECTS Password ip password238 Port Figure 5 178 Fill in the required fields for FTP transfer of the Autoprovisioning information ByttonICR fulli gene
347. sav Date modified 5 2 2012 5 34 PM 4 27 2012 12 50 PM 5 12 2011 11 14 AM 1 25 2012 2 05 PM 3 19 2012 1 17 PM 5 3 2012 12 52 PM 5 2 2012 4 44 PM 5 2 2012 4 48 PM 5 2 2012 4 48 PM 4 17 2012 2 05 PM 6 26 2012 3 26 PM 6 26 2012 3 41 PM 5 28 2012 3 26 PM 7 18 2012 1 44 PM Type File folder File folder File folder File folder File folder Microsoft O CFG File CFG File CFG File CFG 1 File Firefox HTM Firefox HTM SAV File SAV File 7 18 201211 33 AM SAV File E CN e Size 1 KB 15 KB 15 KB 15 KB 1 KB 49 KB 49 KB 43 KB 37 KB 52 KB v AN Files M Figure 5 122 Choose File to Upload navigating for the configuration file you want Press Open then click Send to send the file to the Bytton ICR equipment Load saved settings Please select your conf tar file below and click the SEND button Figure 5 123 Press Send to load the saved settings form the configuration file you have selected P A red progress bar will be displayed and above it you will see the blinking message Updating settings please wait Location System Load powering Communications Remote User superuser Empowering Communication Load saved settings Updating settings please wait WW 7 f 8 Figure 5 124 System Load progress bar while loading a file holding the saved settings Here also beneath the Load saved settings window with its red progress ba
348. se and two phase access for GPRS and EDGE Max transmitter i GSM 850 900MHz 2W power DCS1800 1W High speed wireless modem UMTS HSPA 900 2100MHz 0 25W Data services Depending upon the type of mobile module selected for equipping LTE In MIMO configuration antenna diversity peak downlink speeds up to 100 Mbps and peak uplink speeds up to 50Mbps with MC7710 HSPA Max 42 Mbps download and 5 76 Mbps upload with Sierra Wireless MC7710 HSPA Max 21 Mbps download and 5 76 Mbps upload with Sierra Wireless MC8705 HSDPA HSUPA Max 7 2 Mbps download and 5 76 Mbps upload with Sierra Wireless MC8792V 8795V e ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 241 of 272 Bytton ICR TECHNICAL SPECIFICATIONS for Bytton ICR HSDPA Max 3 6 Mbps download and 384 Kbps upload with Simcom 5216 EDGE max 236 8Kbps download max 118Kbps upload GPRS max 85 6Kbps download max 42 8Kbps upload CSD GSM data rate 14 4 Kbps The choice of radio module also affects the maximum temperature range for functioning and storage Note the values specified by the manufacturer are the uppermost limits of the respective 3G technology under laboratory conditions you may not reach these speeds on your premises SMS Supporting SMS based on CS domain of GSM or UMTS Supporting SMS based on PS domain of UMTS VPN amp Security PPTP OpenVPN IPSEC Host to host network to network or Road Warrior IPSec Termination of two o
349. site ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 234 of 272 Bytton ICR 5 5 ROUTING For a different file size 3MB The speed is double compared to fast 3G but lower than 4Gt Mobile Speed Test com Thanks for using Mobile Speed test your results are below Your speed 1946 472 Kbps Your latency 0 438 seconds Transferred 3000 KB in 12 33 seconds Share your results with everyone Help us out v Donate E v EE 28 8 kbps dial up 33 6 kbps dial up 40 kbps GPRS 56 kbps dial up 128 kbps ISDN 144 kbps 1xRTT 236 8 kbps EDGE 384 kbps Low DSL E 400 kbps 3G EVDO HSDPA See 768 kbps Broadband ee 1000 kbps Fast 3G Y 1500 kbps Basic DSL 1946 kbps YOU 2500 kbps 4G WimaxHSPA Se We recommend you try the 500KB or the 1MB test to accurately test your connection Figure 5 153 Speed test for large files using Mobile Speed test com site Another set of internet speed test for this Bytton ICR equipment Firmware version topex 3 0 3 a FA S Ethernet link up PPP link online IP 93 122 148 36 PPPOE link offline System uptime 12 51 12 up 37 min load average 0 00 0 00 0 00 DHCP Leases 1342745334 d8 9e 3f 06 25 99 191 168 1 11 radus 01 d8 9e 3f 06 25 99 1342743331 00 13 02 6d 73 da 191 168 1 12 Irina Dell 01 00 13 02 6d 73 da 1342743261 00 06 4f 02 15 82 191 168 1 13 VO000073 01 00 06 4f 02 15 82 first when using
350. ss point may feature dual connectors for WiFi to achieve better coverage and higher bandwidth Thus you shall thread two stick antennas for WiFi Here also you must observe the main and Aux indications written under the antenna connectors Figure 4 18 Attachment of the two WiFi Antenna for N type wireless AP Note that the connector for the Mobile network is female while the connector for the WiFi antenna is male there is no risk of inserting the incorrect antenna Warning Don t use excessive force when threading the antennas Make sure the antennas are securely screwed into the respective RF connectors but do NOT use a spanner or screw key which could damage the antenna connector Tighten the flange lightly by hand T ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 31 of 272 Bytton ICR 4 INSTALLATION pu M MM Ma M M M M j The different types of stick antennas are omnidirectional and have vertical polarization they should be placed in vertical or horizontal position depending of the local RF field condition for the respective frequencies bands In case of antenna diversity MIMO versions of the Bytton equipment the dual antennas shall be connected in the same way only taking into account that there are two of them Notice The Bytton ICR unit and its antennas should be placed such as to be as far as possible from appliances or office equipment that i
351. st Virtual Table VT3 target gateway source proto scope dev tbl 192 168 148 208 30 static link wan 192 168 0 0 16 static link wan Virtual Table VT4 192 168 1 236 30 dev brO proto static scope link metric 10 10 0 0 0 24 dev brO proto static scope link 172 27 0 0 16 dev lanO proto static scope link Route List Virtual Table VT4 target gateway source proto scope dev tbl 192 168 1 236 30 static link br0 10 0 0 0 24 static link br0 172 27 0 0 16 static link lanO l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 169 of 272 Bytton ICR 5 5 ROUTING pom M M B a middle pane Show Rule Show Rule 0 from all lookup local 1011 from all iif brO lookup VT1 1012 from all iif lan0O lookup VT1 1023 from all iif lanO lookup VT2 1024 from all iif pppl lookup VT2 1031 from all iif wan lookup VT3 1032 from all iif pppl lookup VT3 1041 from all iif brO lookup VT4 1042 from all iif lanO lookup VT4 1043 from all iif tap0O lookup VT4 32766 from all lookup main 32767 from all lookup default and a main part Show Route located at the bottom where each route is shown Show Route target gateway source proto scope dev tbl 192 168 1 236 30 static link brO VT4 10 0 0 0 24 static link brO VT4 172 27 0 0 16 static link lanO vT4 192 168 148 148 31 192 168 1 8 static wan VT2 172 27 0 0 16 static link lanO VT2 10 0 0 0 16 10 0 0 1 static brO VT2 10 64 64 65 93
352. state Jun 26 10 36 17 bytton user info kernel br0 port 1 wlan0O entering learning state Jun 26 10 36 32 bytton user info kernel br0 port 1 wlan0O entering forwarding state Jun 26 10 37 01 bytton cron err crond 2174 USER root pid 4076 cmd net moni Jun 26 10 38 57 bytton user notice root Stop PPP user Jun 26 10 38 57 bytton daemon info pppd 3604 Terminating on signal 2 Jun 26 10 38 57 bytton daemon info pppd 3604 Connect time 3 2 minutes Jun 26 10 38 57 bytton daemon info pppd 3604 Sent 319574 bytes received 7986431 bytes Jun 26 10 39 38 bytton user notice root Selected SIMO Jun 26 10 39 38 bytton user info pbx clips active Jun 26 10 39 39 bytton daemon notice pppd 4912 pppd 2 4 4 started by root uid 0 Jun 26 10 39 40 bytton user notice root DATA START Jun 26 10 39 40 bytton local2 info chat 4918 timeout set to 20 seconds Jun 26 10 39 40 bytton local2 info chat 4918 send AT CGDCONT 1 IP lant M Jun 26 10 39 40 bytton local2 info chat 4918 expect OK Jun 26 10 39 40 bytton local2 info chat 4918 M Jun 26 10 39 40 bytton local2 info chat 4918 OK Jun 26 10 39 40 bytton local2 info chat 4918 got it EE 111 1 1511 111 111 111 1 1 1 1 1 1 1 1 a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 189 of 272 Bytton ICR 5 5 ROUTING _ EH The log is very helpful when troubleshooting It may be saved on your PC simply use Save As option
353. t SERVICE SMS Enabled e Phone No Sms Text this word Time to read Figure 5 140 Establishing parameters for the SMS managemnt service SMS text enter here a word that will act as password Time to read time period in seconds for Bytton ICR to check for SMS messages Bytton ICR 5 5 ROUTING p Y In the SE you will see the testing for received SMS messages upon corresponding intervals Jul 0 07 01 bytton cron err crond 3442 USER root pid 5971 cmd net moni Jul E 1007 05 bytton user info pbx test AT OK NOK Jul 6 10 07 06 bytton user info pbx sms len 2401 Jul 6 10 07 14 bytton user info pbx test AT OK NOK Jul 6 10 07 15 bytton user info pbx sms len 2334 Jul 6 10 07 21 bytton user info pbx test AT OK NOK Jul 6 10 07 22 bytton user info pbx sms len 2267 Jul 6 10 07 29 bytton user info pbx test AT OK NOK Jul 6 10 07 29 bytton user info pbx sms len 2200 SAVE CONFIG button located at the bottom of the screen that saves the current configuration of Bytton ICR in a special partition of the Flash memory of the equipment This way it can perform a sort of backup for all the settings Jul 28 14 02 12 bytton syslog info HABE Jul 29 l4 22 12 bytton syslog into MAPE Jul z8 14 32 13 bytton user notice root SAVE CONFIG DONE Jul z8 ld4 33 34 bytton user notice root SAVE CONFIG DONE Or Jul 6 10 14 01 bytton cron err crond 34
354. t Protocol inet gddr 93 122 149426 JBet eB 10 54 641 05 Maski255 25542555295 UP POINTOPOINT RUNNING NOARP MULTICAST MTU 1500 Metric 1 RX packets 415307 errors 0 dropped 0 overruns 0 frame 0 TX packets 251562 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 3 RX bytes 549364190 523 9 MiB TX bytes 24488482 23 3 MiB Actual speed test results 9 DOWNLOAD SPEED 6 Q UPLOAD SPEED 4 42 Mbps 35 Mbps Broadband Speed Test Results Test run on 19 07 2012 10 55 PM Mirror Internode Data 3 MB Test Time 28 94 secs Your line speed is 846 kbps 0 85 Mbps Your download speed is 106 KB s 0 1 MB s 263 pts Orange Romana S amp DER rbd Liplowd Latenc Browser Figure 5 155 Speed test for the same equipment while PPP1 wireless link is used for WAN PE ByttonICR fulli genericUsermanual sw303FAS rev en doc Page 237 of 272 5 9 Status Page The Bytton ICR router features a status page accessible for any user without need for administrative password You can select it form the first connection screen of Bytton ICR Status Page Administration Pages topex Figure 5 147 Accessing the Status page link Or you can enter in your browser directly the URL for the page https 192 168 1 1 status or https 192 168 1 1 status index html Modem connection online IP 293 122 148 36 PPPOE connection offline Firmware Version topex 3 0 1 FA 5 Modem Version KZ D
355. t is online it also shows the current IP on the WAN side such as 172 20 36 180 or 93 122 148 30 in these examples You may have as in this example a SIM registered online the mobile network is available for voice calls but the modem connection is offline you cannot connect to Internet via HSPA modem You can see also info about the Ethernet link or PPP link PPPOE connection offline Modem connection online IP 93 122 148 36 Firmware Version topex 3 0 1 FA S Modem Version K2 0 7 43AP Security unlocked IMSI 226102100414755 IMEI 355060025698866 Signal Level 12 30 Network 0 0 RO MOBILECARRIERB 2 Registration online Figure 5 150 Another two examples of Status page for Bytton ICR PPPoE connection information about the data link using PPP over Ethernet In the above example the status for the PPPoE connection is not yet available so you see this error message Firmware version version of the firmware running on BYTTON you may see topex 3 0 1 FA S or MobileCarrierB 3 0 0 FA O b in the above examplse and so on The three digits following the name of the company show the version of the application program running such as 2 7 2 or 3 0 1 while the final letters such as FA S detail the platform the modem type and the version standard dedicated for a certain carrier with hard disk drive etc Finally the last letter may indicate the type of the case P for plastic or M for metal in th
356. tached to a DIN rail using the supplied mechanical adapter 4 2 1 Horizontal Mounting This kind of mounting is the simplest you just place the metallic case of Bytton on a flat surface The respective surface must be level and strong enough to hold the weight of Bytton ICR together with its cables power supply antennas wired LAN or WAN connections serial and so on Figure 4 1 Horizontal mounting of ICR A desk table or shelf is good place for the installation of Bytton ICR Generally the best location for Bytton ICR is in the middle of the place where you want to have wireless coverage Installing Bytton ICR on a shelf higher up with no obstructions around ensures the best performance for the mobile modem Take care to avoid obstructions in order to ensure adequate cooling of the equipment ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 16 of 272 4 2 2 Rail Mounting For good environmental protection and outdoors usage the Topex router must be placed inside a waterproof and dust enclosure To this purpose Bytton ICR was designed to be easily mountable on a standard DIN rail omega rail 35 mm wide by means of a mechanical adapter The adapter bracket is attached to the corresponding holes at back of the Bytton unit as shown in the following drawing Figure 4 2 Schematic of Bytton ICR attached to a DIN Rail Mounting of the equipment Attaching the Bytton box to the rail is done with the
357. te Endpoint IP Address 192 168 143 142 Remote Port Protocol UDP Interface TUN e Retry Masquerade Disabled e Please use the COMMIT button to activate your changes SYSTEM F SERVICES SIM dh Commit Ca cert Edit Client Crt Edit Client Key Edit Why Open VPN OVPN is a recent addition to the range of secure IP tunnels supported by Bytton for the purpose of securely tunnel the data through a single TCP UDP port over an unsecured network such as mobile Internet and thus establish VPNs OVPN is simple easy to set up and use and still powerful GRE and IPSec have been implemented previously but now you can use OpenVPN too on the Bytton ICR equipments While other VPN solutions often use proprietary or non standard mechanisms OpenVPN has a modular concept both for underlying security and for networking OPN does not suffer from the complexity that characterizes other VPN implementations like the market leader IPSec However it is versatile and powerful it provides features which that go beyond the scope of every other VPN implementations For instance OpenVPN offers two different basic modes which run either as Layer 2 or Layer 3 VPN Thus OpenVPN tunnels on Layer 2 can also transport Ethernet frames IPX packets and Windows Network Browsing packets NETBIOS all of which are problems in most other VPN solutions It extends the protection of the central firewall in the company s main office to all users out
358. ted below Wi Le 2j SM Fre Status Page Administration Pages orange ps4 Ort eer wed Ka Pym i m P AL Las Y The server 192 168 1 1 at admin requires a username and password Remember my credentials Figure 5 15 Log in as admin Following a successful log in you will see the Menu available for the user admin elei A topex Router Configuration gt ocaton Home r E em panera ae Empowering Communications Remote User BEIS HOME LAN FONAN Configuration sections F TUNNELS ROUTING Welcome to topex Router Configuration pages Wireless LAN Access Point and LAN Ethernet Switch settings pon WAN interface settings SYSTEM l TUNNELS settings SERVICES CG Firewall and routing settings iiti SYS Operating System settings Configure additional services SIM Operations Configure the VOICE ports Commit Superuser The privileged user authenticates as Status Page superuser with corresponding default password of 98superuser12 Here also one should change as soon as possible this generic password with a specific one known only by him and authorized persons superuser C Remember my credentials Figure 5 15 Log in as superuser Following successful log in as superuser the corresponding main page Menu for the Rohde amp Schwarz Topex S A Bytton ICR router should be shown on screen topex Router Config
359. ter either directly or through a switch by means of the wired Ethernet connection Prior to using this Bytton ICR equipment you should check the basic settings to guarantee it will work in your environment for instance it may be required to change the default IP address 5 1 Using the Web Interface The default address of the webpage of the Bytton ICR device from Rohde amp Schwarz Topex S A is 192 168 1 1 It is recommended that you use this address provided that the configuration of your local network allows this And of course if there is a single Bytton device in that network When you install several Bytton ICR in the same LAN you must change their respective IP addresses 5 1 1 Set up a connection First you should establish an Ethernet connection to the Bytton ICR unit you want to configure l Go to Network Connections on C ee Control fung v Sp Sesh Commis your computer and define a Fe Edt View Took Help connection to be used for the Bytton ICR router Adjust your computer s setting For instance under Windows 7 ser Account Professional In Control Panel you NI NR must choose Network and EE RAT TREE Internet Internet in the Control Panel a un Lei c EECHER Figure 5 1 Go to network and Hardware ani und inguage and negion Ke You should use for the ETH connection a significant name such as Bytton ICR or Bytton4G See below examples of configuration on a computer with two network adap
360. ter successful updating verify the upgraded firmware remember that updating the firmware on the Bytton ICR equipment could cause some or all of the configuration settings to be lost depending on the degree of change in the firmware Therefore it is highly recommended that you save your current configuration before updating then you restore it To backup your settings perform a Save update the firmware and then Load the saved settings after you have the equipment operating with the updated firmware To compare look at the information displayed in the System gt Status page before the firmware update ocation System gt Status emote User admin Empowering Communications Firmware version topex 3 0 0 FA 5 PPP link online IP210 81 75 104 PPPOE link offline System uptime 10 19 28 up 4 min load average 0 60 0 31 0 13 DHCP Leases 1342649930 00 06 4f 02 15 82 192 168 1 15 vVO000073 01 00 06 4 02 15 82 Figure 5 113 System Status showing firmware version prior to the upload of firmware And respectively after loading the latest firmware version Al Location System gt Status BEES op ex d E j Empowering Communications Remote User admin HOME LAN WAN TUNNELS ROUTING PPP link online IP 10 80 69 94 SYSTEM System Status Firmware version topex 3 0 1 FA 5 PPPOE link offline Logs System uptime 00 01 35 up 1 min load average 0 23 0 11 0 03 Password SERVICES SIM DHCP Leases 432
361. terfaces wlanO and lan when WANO LANO was removed form the local switch and was assigned an IP address to be used for WAN Bridge Status bridge name bridge id SIP enabled interfaces br agogog o0015704595f3d7 no wland lan Reload And it joins Ian wlanO and lan whenever WANO LANO is still connected in the three port LAN switch and does not have an IP for WAN the default situation Bridge Status bridge name bridge id STP enabled interfaces br aggg o0197049r3d 7 no lan lan wlan ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 80 of 272 Bytton ICR 5 CONFIGURATION um M X a 5 2 8 Interface Status and Test Net features These are auxiliary features not items of the main menu but they deserve a special chapter for their description since they are both useful and complex each of them opens up a Web page with several parameters and fields Interface Status T BROADCAST RZNEING MULTICAST MIU i605 This link is present at the bottom of several of the LAN configuration pages of the Web interface for Bytton ICR as shown MTU Bridge Add New Link enczap Zrherret Add New Add New Bridge Help A cruel ILAN Help R Interface Status Interface Status Interface Status When you click this link it brings up a page that shows info about the state of all the current network interfaces real and virtual physical and logical bridges and so o
362. ters the PICe GBE Controller being used for the connection to the company s network while Realtek RTL8139 is used for connection to the Bytton router QU Vs Network and Internet Network Connections gt File Edit View Tools Advanced Help Organize Disable this network device Diagnose this connection A vds A Gerbe LAN letwork 13 Unidentified network Network cable unplugged i T ee RTLS 1139 810x Family Fast X GEF Realtek PCle GBE Fam ily Controller ByttonICR fulli genericUsermanual_sw303FAS_revG_en doc Page 34 of 272 Bytton ICR Or QU E Network and Internet Network Connections 5 CONFIGURATION File Edit View Tools Advanced Help Organize e K Button topex ro CT Realtek RTL8139 810x Family Fast 3 ByttondG Status Network Connection Details Disable this network device Diagnose this connection F IL CompanyLAN Disabled dE Realtek PCle GBE Fa mily z Network Connection Details Property Value Connection specific DIM Description Realtek RTL8139 810x Family Fast Ether Physical Address INN AE 02 15 82 DHCP Enabled Yes IPv4 Address 10 0 0 13 IPv4 Subnet Mask 255 255 255 D Lease Obtained Friday July 13 2012 12 38 05 PM Lease Expires Saturday July 14 2012 12 38 09 AM IPv4 Default Gateway 10 0 0 1 Figure 5 2 Go to Network and Internet to create a network connection for Bytton ICR From the network adapters network card
363. th corresponding decreasing priorities 0 1 2 3 4 and rates out of the 100 total You can see that VoIP traffic is placed above the other classes it does not have a rate specified but instead fifo first in first out scheduling it cannot be edited it has no Edit link to the right like the other classes You may edit each of the other classes changing the priorities rates and burst assignment in addition to the respective percent assigned or add up additional classes Burst zkbit 2kbit 3kbit 2kbit D Skbit QOS Class Entries In the beginning the bottom QOS Class table is empty Marking Help Interface Upload Download CLASS Add New BACK so you must use Add New to create new entries in the table a LL 111 1 1 1 1 1 11 151 111 a ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 179 of 272 Marking Help Interface Upload Download TOS to CLASS BRO 2000 2000 var 0x00 Disabled Interactive Edit Del WAN 1200 2000 0x38 vd Min Delay vd Interactive 0x00 vd Disabled vd Edit Del LANO WANO 1000 3000 pM 000 Mu And then edit the respective entries you have added Define QoS classes by setting limits and value marking for each interface For each entry you select an Interface from the drop list then assign to it Upload and Download limits in K bps
364. than the older SLIP protocol and provides error checking features PPP is the Internet standard for dial up modem connections no matter if they are phone line modems of high speed UMTS wireless devices such as the embedded HSPA or LTE modem of Bytton ICR PPPoE Acronym for Point to Point Protocol over Ethernet A method of secure data transmission PPPoE using Ethernet to connect to an ISP The PPP traffic is sent over Ethernet to the Internet through a common broadband medium The users have the appearance of dialing the Internet but their computers are in fact always connected PPPoE supports a broad range of existing applications and services from authentication accounting and secure access to configuration management Bytton ICR supports on the WAN side either PPP or PPPoE connection RIP Acronym for Routing Information Protocol RIP for IP is a distance vector routing protocol which is the main dynamic routing protocol used in small or medium sized IP internetworks For dynamic routing Bytton ICR supports protocols RIP v2 and OSPF Routing The process of determining and prescribing the path or method to be used for establishing connections and forwarding data packets In a network a routing switch is a device that combines the functions of a switch which forwards data by looking at a physical device address and a router which forwards packets by locating a next hop address Each host with a router in the network uses the routing
365. the Ethernet port for connection Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10 64 64 65 0 0 0 0 255 255 255 255 UH 0 0 0 pppl 191 168 1 0 0 0 0 0 255 255 255 0 U 0 0 0 bro 192 168 0 0 0 0 0 0 255 255 0 0 U 0 0 0 wan 0 0 0 0 10 64 64 65 0 0 0 0 UG 0 0 0 pppl ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 235 of 272 Bytton ICR 5 5 ROUTING a A ceux bro Link encap Ethernet HWaddr 00 19 70 49 F3 D7 inet addr 191 168 1 1 Bcast 191 168 1 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 12652 errors 0 dropped 0 overruns 0 frame 0 TX packets 15194 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 2761304 2 6 MiB TX bytes 13951601 13 3 MiB lan Link encap Ethernet HWaddr 00 50 C2 F5 23 2A UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 11281 errors 4 dropped 0 overruns 0 frame 0 TX packets 15471 errors 1 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 2823991 2 6 MiB TX bytes 13901997 13 2 MiB Base address 0x2200 pppl Link encap Point to Point Protocol inet addr 93 122 148 36 P t P 10 64 64 65 Mask 255 255 255 255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU 1500 Metric 1 RX packets 13467 errors 0 dropped 0 overruns 0 frame 0 TX packets 10297 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 3 RX bytes 13045215 12 4 MiB TX bytes 2485850 2 3 MiB wan Link encap Ethernet
366. the default value which does NOT mean that the code is really 1234 instead it means no PIN is required Thus when the SIM has set a Pin code of 0000 you must use this value in the PIN SIM field otherwise the SIM card will be locked l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 218 of 272 Service Center Number Sim1 full telephone number for the second carrier In order for the SMS facility to operate you must set the correct number This is the SMS center of the respective mobile operator Enter the full phone number of the GSM carrier between quotes like 407402004000 or 40744946000 in these examples settings SIM Settings for the Single SIM Bytton ICR PIN SIM In case of equipments that a single slot for Servi Center Number SN cards there is just one PIN and SCN entry Audio Rx Level Audio Tx Level Network Mode Automatic Metwork Order 3G first GSM later e Empowering Communications Top ex Location SIM gt Settings Remote User superuser HOME LAN SIM Settings F WAN s F TUNNELS PIN SIM ROUTING Service Center Number SYSTEM H SERVICES Audio Rx Level SIM Audio Tx Level Status Network Mode Automatic settings Network Order AutomaticSearch SMS Read SMS Send Stuff Please use the COMMIT button to activate your changes 5ave Figure 5 161 SIM Settings for the single SIM Bytton ICR Bytton ICR 5 5 ROUTING E Audio Settings The settings at
367. the holder with the cut notched corner orientated upwards and the side with contacts toward you Bytton ICR 4 INSTALLATION 4 Push the holder with the SIM card back into the slot and push to close Be careful not to drop the SIM out of the tray and to insert the holder properly into the slot Figure 4 14 Illustration of the four steps sequence of inserting the SIM card into Bytton ICR This procedure must also be followed when you replace the SIM card of the Bytton ICR equipment 4 6 Connecting the external antennas To ensure a good quality of transmission and reduce radio interference always use the antennas shipped in the Bytton ICR package These antennas are specially designed for the respective frequency bands multiband for the GSM GPRS EDGE in the 2100 MHz range for UMTS HSPA networks 2600 MHz for LTE and respectively 2100 MHz for Wi Fi The antennas must be connected to Bytton ICR via the respective RF circular connector s located on the front panel of the metallic case starting from the left There are some differences according to the type of mobile module and wireless access point that is fitted in your Bytton ICR different types of antennas shall be used corresponding to the respective frequency bands and one or two antennas may be required there are dual connectors for the antenna diversity enabled modules Mobile There are two possible cases the mobile module o
368. the settings ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 199 of 272 5 5 7 Load CFG Load a configuration file that has been previously saved or restores a backup Topex HOME LAN WAN TUNNELS ROUTING SYSTEM Status Use 75 Organize C 1 Logs Password Update Defaults Save CFG Load CFG Figure 5 121 The Load command selecting the file with the settings previously saved Browse E Em A M EO VP PLEASE CUP TUR E T Map H OG Upload Location System gt Load Remote User superuser Load saved settings Empowering Communications Please select your conf tar file below and click the SEND button desse to navigate to the location where you saved the configuration file ile o n E Sm nm gt Computer FALSI 1 C Saves gt Search Saves DN New folder 4 MSOCache d My Documents 1 ocstemp d PerfLogs d Program Files do Program Files x d Program FilesCfi d ProgramData E 4 PROGRAME LUC d Recovery 1 Saves J CAPTURES group CSV LOG 4 RMTCDE 1 saved SMS M Name 1 CAPTURES do group CSV 4 LOG A RMTCDE 4s saved SMS BL 120305 124213 012 csv F 1412340 2 cfg 7 1412340 3 cfg 3 1412340 cfg BogdanVoIP 17 cfg 1 Button orange html Bytton PPP html bytton prelant sav bytton301_initial sav _ byttonGEN qosl sav File name byttonGEN qosl
369. then define for each TOS value into which of the above defined Classes it will be sorted VOIP Min Delay Interactive etc or leave it to the default Disabled Disabled Edit Del Embeded Modem 4000 OxB3 e VOP T LANO WANO SEN Embeded Modem xCO e Interactive e spiel Ox00 e Disabled e 1500 2000 oxeo el vor 7 1 Download CLASS x2 VOIP Min_Delay Interactive Disabled Do this for each of the interfaces where you need to shape the traffic CLASS Interactive WIFI sta Min_Delay Disabled VOIP Min_Delay ec sablei d lec T ed e n Dela w in De d w Wee E ER EI EIE E Add New Bytton ICR 5 5 ROUTING po M M Qf Finally the QOS Class table shall look somehow like this Upload Download CLASS 1800 2500 0x2 The Bytton firmware automatically generates the corresponding firewall rules labeled TOS mangle PREROUTING ACCEPT 2201 158170 INPUT ACCEPT 2157 154543 FORWARD ACCEPT 0 0 OUTPUT ACCEPT 2143 801413 POSTROUTING ACCEPT 2143 801413 A PREROUTING d 192 168 148 208 30 i wan p tcp m tcp dport 81 j TOS set tos 0x28 0xff A PREROUTING s 10 0 0 220 30 i bri p udp m udp sport 48006 m tos tos 0x32 0xff j TOS set tos 0x70 0xff A PREROUTING s 39 41 125 78 31 i lan0 p udp m udp sport 31022 m tos tos 0x28 0xff j
370. ther S IC l J Back x 2 i gt Search Favorites status display IE Es 2 19 iJ zr configuration pages L igesl irereine e Rohde amp Schwarz Topex S A Fie Edit View Favorites Tools Help webpage Click the link of interest to you Status Page Figure 5 11 Connecting to the Administration Pages configuration Web page of Bytton ICR Topex Now you will be asked to enter a user name and a password to access the configuration page of Rohde amp Schwarz Topex S A Bytton ICR equipment 2 x For the administrator of the system network the default user name is admin and the password is 99admin11 Later you may change this password using the web configuration page as described in the paragraph about Password admin For security reasons it is Strongly recommended to change as soon as possible User name admin the default password with one of your own Password eeeeeeeeel choice Also you should NOT mark in your WEE browser the checkbox Remember my password Figure 5 12 Authentication required enter user name Cancel admin and password ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 39 of 272 Bytton ICR 5 CONFIGURATION SQ ccn The log in name is shown in the Remote User field below the Location information TEN Location ROUTING Figure 5 13 Indication of remote user and location LOVE V ROUTING Configuration Pages button The Ad
371. there is always an optimal range of MTU values that you should try to observe Optimal values Most Ethernet networks have an MTU of 1500 which is the default MTU setting for Windows 95 and later On the other hand the link via point to point protocol has a negotiated MTU which is usually between 500 and 2000 bytes In practice the MTU of many PPP connections is 576 so when you connect to the Internet via PPP1 link using the embedded modem you should your Bytton s MTU value to 576 too ATM asynchronous transfer mode has a fixed MTU of 48 bytes only Other types of high speed networks feature a much higher MTU value for instance Token Ring uses 4096 and the fiber optics networks FDDI employs a value of 4352 You should always bear in mind that the MTU is the maximum physical value Thus in many instances the net payload logical size must be smaller For example when you use tunnels they add up specific headers to the packets so you must reduce the MTU to achieve an overall length no greater that 1500 The same holds true for PPP over Ethernet you must take into account the extra encapsulation the actual length must be smaller in order not to exceed the 1500 bytes limit EIL eee Ss aan ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 107 of 272 Bytton ICR 5 CONFIGURATION The real MTU depends upon the actual carrier that you use to connect to Internet for instance several ADSL providers have a MTU larger th
372. to the equipments so they can increase robustness of systems For instance when the transmitter sends one symbol from two different antennas should the first channel between TX and RX in a bad condition a single antenna system is more probable to fail while in a MIMO system that symbol fails in the first channel but is still received in another channel so the MIMO equipment is more robust Robustness means that when the mobile module or WiFi access point uses two or three channels antennas even if one is destroyed the remaining ones allow the system to continue transmission Thus MIMO may be used to increase either robustness availability or speed but not both at the same time For this you would need not dual antennas but dual modules with two antennas each Drawbacks there are also a few inconvenients MIMO technique does increase the complexity power consumption and size of the equipment These disadvantages are especially important in mobile systems which must be lightweight and very low power but the don not affect the operation of the Bytton ICR wireless router MTU Acronym for Maximum Transmission Unit Generally the size of the largest datagram that can be passed by a layer of a communications protocol that can be transmitted or received through a logical interface All messages larger than the MTU will be divided into smaller packets before being sent In our case MTU is the largest physical packet size measured in bytes
373. tric 1 RX packets 9621 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 831943 812 4 KiB TX bytes 0 0 0 B Link encap Point to Point Protocol inet addr 93 122 148 36 P t P 10 64 64 65 Mask 255 255 255 255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU 1500 Metric 1 RX packets 145818 errors 0 dropped 0 overruns 0 frame 0 TX packets 77754 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 3 RX bytes 197537140 188 3 MiB TX bytes 6328242 6 0 MiB Link encap Ethernet HWaddr 00 50 C2 F5 23 29 l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 83 of 272 Bytton ICR 5 CONFIGURATION CH inet addr 192 168 1 148 Bcast 192 168 1 255 Mask 255 255 255 0 UP BROADCAST MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 0 0 0 B TX bytes 0 0 0 B Base address 0x3000 wlanO Link encap Ethernet HWaddr 00 19 70 49 F3 D7 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 1136 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 0 0 0 B TX bytes 157850 154 1 KiB And the corresponding routing table putes Kernel IP routing table Destination Gateway Cenmask Flags Metric Ret Use Itace 10 64 64 65 0 0 0 0 255 255 255 255 U
374. ttonICR fulli genericUsermanual sw308FAS revG en doc Page 121 of 272 Bytton ICR 5 CONFIGURATION Idle Time Bytton ICR can disable the dial up connection when there is Idle Time boo no more data traffic If no data packet is sent through the mobile data link the Internet connection will be broken You can specify this time interval in seconds If you set the time interval to O zero the dial up connection will remain always on even if there is no data traffic on the remote interface When it detects outgoing data traffic Bytton ICR automatically performs dial up in order to connect to the Internet This feature is especially useful in case of mobile date networks where you must pay for the connection time so the bill goes up while the PPP link is on even if there is no data traffic over it When you need to set or modify the detailed modem related parameters PPP Advanced Setings click the link PPP Advanced Settings located towards the bottom of the PPP settings page PPP Check Data Link The second link located right at the bottom of the PPP settings page is PPP Check Data Link which establishes how the verification of the PPP data link works The sub pages for these links are explained next PPP Check Data Link l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 122 of 272 Bytton ICR 5 CONFIGURATION 5 3 6 PPP Advanced Settings Click the link PPP Advanced Settings located at t
375. ump when NTP service become active as seen in the system logs ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 213 of 272 Bytton ICR 5 5 ROUTING _ EE 5 6 8 Reset Here you can change the assignment of the Reset button located on the front panel Topex Location SERVICES gt Reset Empowering Communications Remote User superuser HOME FLAN Reset Button Settings E war WAN Reset Button Action Reset to Factory Defaults e TUNNELS F ROUTING Periodic reset data connection t SYSTEM SERVICES SNMP VRRP SERIAL SMS DDNS NTP Please use the COMMIT button to activate your settings Figure 5 151 Settings for Reset button Reset Button Settings you choose the option you want The function of the Reset RST button located on the back panel among the connectors can be changed according to Do Nothing your needs Reboot Reset Data Connection y Reset to Factory Defaults Do nothing yes this do nothing action may quite be useful It may happen that the Reset button is touched by accident when you plug a cable into Topex Bytton ICH so that Bytton ICR equipment reboots and reverts to the factory default values loosing your particular settings If you want to avoid this select Do nothing Now even if you accidentally press Reset nothing happens If you want you can still perform Reset via software Reset Button Settings Reset Button Action
376. uns 0 frame 0 TX packets 28 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 12119 11 8 KiB TX bytes 2112 2 0 KiB Base address 0x2000 PPP1 Link encap Point to Point Protocol inet addr 93 122 148 36 P t P 10 64 64 65 Mask 255 255 255 255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU 1500 Metric 1 RX packets 299890 errors 0 dropped 0 overruns 0 frame 0 TX packets 161518 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 3 RX bytes 408205520 389 2 MiB TX bytes 11469615 10 9 MiB EE 255 eee Oe SS SSS a ByttonICR fulli genericUsermanual_sw303FAS_revG_en doc Page 84 of 272 Bytton ICR 5 CONFIGURATION um M M Hn f wan Link encap Ethernet HWaddr 00 50 C2 F5 23 29 inet addr 192 168 1 148 Bcast 192 168 1 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 73692 errors 16 dropped 0 overruns 0 frame 0 TX packets 178 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 5698342 5 4 MiB TX bytes 7516 7 3 KiB Base address 0x3000 And the corresponding routing table Destination Gateway Cenmask Flags Metric Bef Use Iface 10 64 64 65 0 0 0 0 255 255 255 255 UH g J pppl 172 168 144 17 0 0 0 0 255 255 255 252 U g OU bri 19 0 0 090 0 0 0 0 255 255 255 0 U g bro 192 158 1 0 D OD 0 J2ELR Ab 255 U g O wan 0 0 0 0 109 64 64 65 3 0
377. upplementary services for calls When you use the Bytton ICR mobile data interface is recommended that these options to be disable because they are available only with additional costs Inserting the SIM card s The SIM card s must be inserted into the special slot s of the Bytton ICR equipment from ROHDE amp SCHWARZ TOPEX S A as is presented further CIC O CO Oe e SM 1 SIM 2 SEN DATA The slots for SIM card are located on the front panel the one with the indicators and connectors to the left of the one or two MOB antennas towards the bottom under the SER connectors if these are present en In case of dual SIM equipments the A two slots for SIM trays are side by side i as shown in the illustration For inserting or extracting the SIM card use the mobile holder removable tray for the respective SIM card To actuate the holder press the little yellow button that is located to the right of each SIM slot Handle with care when inserting or extracting SIM caras Figure 4 13 Location of the one or two slots for SIM cards When inserting or changing the SIM card the equipment must be powered off ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 27 of 272 For inserting the SIM card s follow the next steps 1 Push the little yellow button to eject the SIM carrier 2 Pull out the holder tray for the SIM card 3 Insert the SIM card into
378. urati woe i s E E C Other bookmarks Location Home Empowering Communications Remote User superuser H g HOME LAN WAN Configuration sections TUNNELS ROUTING Welcome to topex Router Configuration pages Wireless LAN Access Point and LAN Ethernet Switch settings WAN interface settings SYSTEM UNNELS TUNNELS settings SERVICES 3OUTIN Firewall and routing settings SIM SYSTEM Operating System settings Stuff SERVICES Configure additional services SIM Operations Configure the VOICE ports Ld Ld Ld Ld Ld k Ld Ld Commit As can be seen the superuser has access to at least one additional item ERT of Menu in this case than last menu element called Stuff which holds sub pages for configuration of advanced features such as Email reporting Auto configuration and Bandwidth testing Auto ctg BW Test Email Also some of the sub pages that both admin and superuser can see are more populated have several features accessible when you log in as super user instead of administrator This will be detailed further on with actual examples After the configuration page of interest to you is loaded BW test in the example below you can change any setting you need and then click the Save button at the bottom of the screen to save it in the current page Topex Location Autoprovisioning Remote User superuser Empowering Communicator HOME F LAN d ll F k TUNNELS k RO
379. ure 5 44 Output route via cabled Ethernet connection wan When the Ethernet link is broken the PPP link goes up online automatically PPP link online IP 293 122 148 36 PPPOE link offline System uptime 15 20 40 up 8 min load average 1 17 and the access to Internet is performed through the HSPA modem the ppp1 interface via generic 10 64 64 65 gateway Routes Kernel IP routing table Destination Gateway Zenmask Flags Metric Ret Use Itace 10 64 64 65 0 0 0 0 255 255 255 255 UH g 0 0 pppl 10 0 0 0 0 0 0 0 255 255 Zb 0 U g g 0 bro 197 168 0 0 0 0 0 0 255 255 0 0 U g i 0 wan 0 0 0 0 10 64 64 65 2 0 0 0 Uc 0 0 pppl Figure 5 45 Output route via wireless connection ppp1 The Traceroute utility shows mobile connection to MobileCarrierB provider traceroute to topex ro 193 226 61 45 30 hops max 38 byte packets kkk 172 20 175 201 172 20 175 201 516 496 ms 211 253 ms 259 951 ms 172 20 182 46 172 20 182 46 227 587 ms 250 843 ms 239 680 ms MobileCarrierB RONIX Ro 217 156 113 33 239 418 ms 206 806 ms 220 147 ms EuroWEB RoNIX Ro 217 156 113 6 171 422 ms 211 237 ms 247 920 ms ewro crlil qrli2 buh ew ro 81 24 28 198 179 884 ms 211 249 ms 179 924 ms ip4 81 24 28 213 euroweb ro 81 24 28 213 187 525 ms 199 069 ms 187 046 ms webhosting euroweb ro 193 226 61 45 219 948 ms 179 375 ms 187 124 ms ce JO Um i CON HS ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 115 of 272 Bytton ICR 5 CONFIGURATION
380. urrent SIM card works with APN lant The carrier MobileCarrierB may have as APN internet with the user guest and pass also guest while Vodafone provider has as APN of internet vodafone ro with user name internet vodafone and password vodafone l ByttonICR fulli genericUsermanual sw303FAS revG en doc Page 120 of 272 Bytton ICR For the dual SIM variant of the equipment as shown in the illustration to the left there are two identical groups of settings corresponding to the two SIM card labeled SimO and respectively 5 CONFIGURATION APN Sim0 Username Simo username Password Sim Sim1 and also parameters related to the switching form one mobile data carrier to another provider the Second Sim group Second Sim Disabled e Check link interval Send pack number 10 Switch SIM if reply less Probe Destination IP 127 0 0 1 AFN Simi internet Username Simi username Password Sim1 Idle Time PPP Advanced Setings PPP Check Data Link For single SIM equipments or for dual SIM devices where only one SIM is used the settings explained previously are enough Second Sim Disabled Deeg Second Sim Enabled e Check link interval Send pack number Switch SIM if reply less Probe Destination IP 127 0 0 1 But when you have two SIM cards and want to use both you must Enable the usage of the second SIM then you must also fill in the conditions for switching how Bytton decides th
381. user Since they can t be changed they are not visible What you see are the additional rules the ones that you are allowed to modify to supplement or delete The firmware of Bytton ICR automatically installs the basic rules that are required For instance if you enable the Webcam feature the firmware opens the port 2000 for TCP traffic if you enable the NTP service it opens port 123 for UDP traffic and so on a l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 150 of 272 5 4 2 Static Routes Routing means determining and prescribing the path or method used for forwarding data packets This option page is concerned with fixed static routes It shows the current routing table for Bytton ICR and allows you to define several static routes Top eX Location System gt Logs Empowering Communications Remote User superuser HOME F LAN WAN TUNNELS ROUTING Firewall Routes Kernel IP routing table Destination Gateway Cenmask Flags Metric Ret Use 10 64 64 65 0 0 0 0 255 255 255 255 195 74 234 12 255 255 255 254 10 0 58 44 255 255 255 252 A0 0 00 255 255 255 252 192 168 148 148 255 255 255 252 192 168 144 0 255 255 255 n 10 0 0 n 25b 255 255 152 168 148 0 255 255 255 0 105 73 221 0 255 255 255 152 168 0 0 JB55 255 D 255 0 0 0 Routes Dynamic Virtual R T LOS deed SERVICES k k Ep Ep pp E OO OOOOOOOOO g aseooeooeooe ee oe e i oo O eo O O O O 0 OH i i i i i i i i
382. ution Protocol ARP is a computer networking protocol for determining a network host s link layer or hardware address when only its Internet Layer IP or Network Layer address is known This function is critical in local area networking as well as for routing internetworking traffic across gateways routers based on IP addresses when the next hop router must be determined ARP was defined as early as 1982 by RFC 826 Each computer from a network maintains its own table of the mapping from Layer 3 addresses IP addresses such as 10 0 0 12 to Layer 2 addresses physical Ethernet addresses or MACs such as 31 f 01 90 e5 c7 In a modern computer this is maintained almost entirely by ARP packets on the local network and it thus often called the ARP table cache as opposed to table for Layer 2 addresses Interface 1H H H 12 Hxa Internet Address Physical Address MR HH 19 7H 49 f3 d 160 808 868 255 E f ff ff Ff Fff 224 H BH 2 HI He Hp HH 224 868 0822 HI He Hp static Interface 172 168 1 1 Hxh Internet Address Physical Address 172 168 1 13 Iw KT ke ET ke ET ke ET be HB invalid 172 168 255 255 Ef ff ff ff ff Fft static SREL KR Nk ET kk ET ke LI kg DC static 224 8H H 251 m m n 5 h static Interface 191 168 1 13 BWxh Internet Address Physical Address Type 191 168 1 1 HA 19 7H 49 f3 d7 dynamic 191 168 1 255 ff ff fft ft ff fft static 224 0 0 2 kb VT kal CC kal 1 ka GI ka CR static 224 H8 8 22
383. vec tuir eU eS aS m IE DUE EUR MR UNE NENM US CU SIUE 159 5 4 4 Virtual Routing RR E el 162 5 4 5 Quality of ele 171 SE H H E 183 SEN EC 184 SEPA LOOS E ee ae 188 SEET IER SE e te WEE 196 ss sd B 2 0 e ee Em 196 sl OAC e E m P 200 I0 Je AE 202 S 203 I NIIP 204 S E E WEEN 206 sho emi A E 206 ef LE 208 Snap Pl 210 et INU 212 aee MS MR E 214 SES 215 SN E eir TEE m 215 ore INM SEUN mE T E 218 DAS ON S RCI erae a E T E E E E E 221 ETE ES Eo ue DE 22 o EE 224 FO E UE 225 EE E e ee e Ee E 221 EE TO dean aie 230 5 8 4 Actual Speed Test RHesults eese eee ttt nate thea o aras ead 234 EE M adco gt E 238 6 TECHNICAL SPECIFICATIONS for Bytton ICH 241 Te OPERATING EIN OIE IN UR 244 S APPEICATIONG aert eere E E E 245 8 1 Wireless gateway firewall router using the 3G networks secsec 245 S E OR FGO ADDICION esses E E E E E E EEEE 246 SEE le SE TEE 248 TO ANO T DIN RA EE 256 11 Annex 2 Antennas for DBvttonlC H 258 Ta AUT Busy BOX COMmMMaNGS oeer teri spei bran rtu an E pto EEE ETEA 263 13 Annex 4 Quagga Commande sse ener enn
384. vice The drop down list Server dhs includes the major Dynamic DNS service providers Domain quan seas The default is gnudip dyndns custom Sa dyns Figure 5 144 Drop list for selecting the name of Dynamic DNS Service Ga OMMIT butt essweche easydns partner justlinux hn zoneedit heip tb Username amp Password User name and password for authenticating to the DDNS Server Full name of the Dynamic DNS server used to store your host and domain name information Domain The domain name for DDNS You must have membership to one of the DDNS services providers Warning These factory default settings may not work in your area you should change the DDNS parameters according to the specifications of your Internet provider l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 211 of 272 Bytton ICR 5 5 ROUTING S 5 6 7 NTP The Network Time Protocol is used to update the real time clock in a computer over Internet For this it uses a dedicated Time server on the Internet that accurately synchronizes the system date and time Top ex Location SERVICES gt NTP E EEE Empowering Communications Remote User superuser HOME FLAN NTP Settings WAN E TUNNE E b aes Server pool ntp org t SYSTEM SERVICES SNMP VRRP NTF Service Enabled e Current time is Wed Jul 18 14 40 04 UTC 2012 SERIAL Please use the COMMIT button to activate your settings SMS DDNS NTF Figure 5 148
385. w308FAS revG en doc Page 52 of 272 Location LAN gt Loopback Remote User superuser Empowering Communications Loopback IP Settings Loopback IP 155 0 0 1 Save Please use the COMMIT button to activate your changes Figure 5 22 LAN configuration page set IP for the Loopback test link Here you can set up the IP address to be used for loopback Or Loopback IF Settings Loopback IP 127 168 1 2 Save Please use the COMMIT button to activate your changes Or Click the button Save to save the new value then the link BACK to go back to the LAN gt IP settings to configure other parameters After reboot the Loopback IP answers to PING at the respective address PING L217 16985142 l2T7T 169 1 2 56 data bytes 64 bytes from 127 168 1 2 seq 0 ttl 64 time 0 595 ms 64 bytes from 127 168 1 2 seq 1 ttl 64 time 0 394 ms 64 bytes from 127 168 1 2 seq 2 ttl 64 time 0 460 ms 64 bytes from 127 168 1 2 seq 3 ttl 64 time 0 466 ms 64 bytes from 127 168 1 2 seq 4 ttl 64 time 0 395 ms 64 bytes from 127 168 1 2 seq 5 ttl 64 time 0 395 ms 64 bytes from 127 168 1 2 seq 6 ttl 64 time 0 397 ms 64 bytes from 127 168 1 2 seq 7 ttl 64 time 0 391 ms 64 bytes from 127 168 1 2 seq 8 ttl 64 time 0 397 ms 64 bytes from 127 168 1 2 seq 9 ttl 64 time 0 395 ms Bytton ICR 5 CONFIGURATION _ SSS SSS SS eee 5 2 2 Software configuration of the ETH switch This is a feature of LAN gt IP settings but it allo
386. will be periodically pinged If it does not answer Rohde amp Schwarz Topex S A Bytton will decide whether the primary interface for the Internet is unavailable and it will switch to the secondary interface Ping Interval the time period for pinging the respective address for example ten seconds If the interval is too small even a momentary interruption will cause the unneeded switching from the primary WAN interface to the alternate one If period is too long for some time there will be no Internet connection available the primary WAN interface has failed but the secondary one has not yet been put in use Masquerade Enable or Disable masquerading MASQUERADE Click the link located at the bottom above the Save button to go to the secondary page with settings for NAT masquerade The NAT table is by default empty or contains just the most used outgoing interfaces WAN and PPP so in the beginning you should use Add New if you need new entries Interface Add New You can define as many Masquerading rules as you need l ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 112 of 272 Bytton ICR 5 CONFIGURATION NAT Masquerade Masquerade Masquerade After applying a Commit you can see the new masquerading rules as active in the automated Firewall of Bytton ICR Generated by iptables save v1 4 10 on Mon Jul 16 10 50 29 2012 nat PREROUTING ACCEPT 241 27242 OUTPUT ACCEPT 64 4149 P
387. work at all Figure 4 17 Bytton ICR with four antenna connectors two for LTE 4G Mobile and two for N type WiFi access point Warning When your site has low level of Mobile signal it may not be possible to use the full UMTS HSPA or LTE technology without a special high gain antenna type Yagi high directivity You should get such an antenna and install it in a higher position the roof of the building directed towards the base station of the mobile network carrier in order to get best results For further information about the different Mobile antennas available for Bytton ICH please see Annex 2 ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 30 of 272 Bytton ICR 4 INSTALLATION 2 B9 M WiFi The antennas for the WiFi Access Point of Bytton ICR are stick type with an articulation near the connector In case of Bytton ICR units equipped with WiFi b g module a single WiFi stick antenna must be inserted Use the sleeve of the 90 degree bent to thread the stick o antenna into the circular male connector on the front panel 1 marked WiFi which is located in the middle above the 9 three indicator LEDs as shown in the following drawing Y Figure 4 17 Attachment of a single WiFi Stick Antenna Win wi eo e mua LAN 3 LAN 2 LAN 1 d SEN DATA WH Dual WiFi connectors Bytton ICR equipments fitted with N type acce
388. ws versatile detailed configuration thus it is described in a full sub chapter SW LAN1 LAN The four port switch router of Bytton ICR is fully configurable via software through the Web interface You can leave three ETH ports in the LAN switch LANOWVANO or set configuration for each one For this purpose there are two clickable links located at the bottom of the page ve IP Settings for LAN as shown Structure or Ethernet Ports Bytton features a bank of four ETH connectors which may be finely configured via software KE The two leftmost ones LAN1 and LANe are in a LER d 1 3 physical switch while the other two are r a connected to a hardware router so they may De po5 8 Pv individually configured a e HANN nt TINH ITT The hardware switch is also configurable via Web interface Thus each of the four Ethernet ports can be finely tuned individually or joined together with other ports according to the actual requirements The leftmost ETH connectors LAN1 and LANZ are in a switch for the local LAN while the rightmost ETH 4 connector WAN is for the remote network But the WANO LANO connector as its name suggests is configurable you can assign it either to the switch of the WAN AARGANG ANTI LAN 2 local network or to the wide area network SW LAN1 LAN2 Click the blue link SW CANT LAN2 located at the bottom LANG WV AN to enter the configuration sub page for the dual
389. wxr xr x l root root 1516 Aug 2 2012 system logs html rwxr xr x 1 root root 1588 Aug 2 2012 system passwd html rwxr xr x l root root 554 Aug 2 2012 system save html rwxr xr x l root root 2328 Aug 2 2012 system status html rwxr xr x 1 root root 4812 Aug 2 2012 system update html rwxr xr x l root root 8408 Aug 2 2012 test install html rwxr xr x l root root 4399 Aug 2 2012 test net html rwWXr Xxr x 1 root root 1441 Aug 2 2012 test wifi html rwWXr Xxr x l root root 3848 Aug 2 2012 vlan html rwWXr Xxr x l root root 1111 Aug 2 2012 voice learn html rwxr xr x l root root 3039 Aug 2 2012 voice settings html rwxr xr x l root root 913 Aug 2 2012 voice status html rwWXr Xxr x l root root 3629 Aug 2 2012 vrrp html rwxr xr x l root root 1595 Aug 2 2012 vt status html rwxr xr x l root root 5728 Aug 2 2012 vtable html rwWXr Xxr x l root root 4197 Aug 2 2012 wan control html rwxr xr x l root root 3408 Aug 2 2012 wan ethernet html rwxr xr x l root root 3944 Aug 2 2012 wan ipsec html rwXr Xxr x 1 root root 7964 Aug 2 2012 wan keygen html rWXr Xxr x l root root 5849 Aug 2 2012 wan ovpn html rwWXr Xxr x l root root 3404 Aug 2 2012 wan ppp html rwWXr Xxr x 1 root root 6784 Aug 2 2012 wan ppp2 html rwWXr Xxr x 1 root root 5727 Aug 2 2012 wan pppadv html rwXr Xxr x l root root 6259 Aug 2 2012 wan pppadv2 html rWXr Xxr x l root root 2375 Aug 2 2012 wan pppe html rwWXr Xxr x 1 root root 7360 Aug 2 2012 wan pppx html rwWXr xr x l root root 3274 Au
390. xcessive force when threading the antennas Make sure the antennas are securely screwed into the respective RF connectors but do NOT use a spanner or screw key which could damage the antenna connector Tighten the flange lightly by hand The stick antennas has vertical polarization they should be placed in vertical or horizontal position depending of the local RF field condition for the respective frequencies bands In case of antenna diversity MIMO versions the antennas shall be connected in the same way only there are two of them Figure 11 6 Photo of diversity enabled Bytton with two stick antennas for WiFI and two connectors for the 4G Mobile antennas ByttonICR fulli genericUsermanual sw308FAS revG en doc Page 261 of 272 Bytton ICR 11 Annex 2 Antennas for ByttonICR Warning For the multiple antenna variants of the equipment the indications MAIN and AUX must be always observed even when you use two identical antennas This holds true both for the Mobile and WiFi antennas O 0O oO SIM SIM SGN DATA Wifi Figure 11 7 Schematic of the AUX and MAIN markings of antenna connectors both for Mobile LTE network and for WiFi type N This rule means that when you connect a single antenna to a diversity enabled equipment always use the MAIN connector With just one antenna it will not be able to operate in diversity mode still it will work correctly But if you connect just a single antenn
391. y source prota scope dew tbl 10 0 59 64 30 static link br Virtual Tables that you have 10 0 0 0 24 static link br H 10 0 0 0 24 10_0_0_1 static bet defined over Bytton ICR 172 27 0 0 16 static link land Route List Virtual Table VTZ target gateway source prota scope dew tbl 192 168 148 148 31 1952 168 1 8 static wan 172 27 0 0 16 static link land in0 0 0 0 16 10 0 0 1 static bro Route List Virtual Table VI3 target gateway source Proto scope dev tbl 172 27 0 0 16 static link land 73 0 0 0 8 static link land Route List Virtual Table VT4 target gateway source prota scope dev tbl 192 168 1 236 30 static link bro 10 0 0 0 24 static link br 172 27 0 0 16 static link lan No Route IFP Metmask Router Interface Metric i VTi 10 0 0 239 255 255 255 0 10001 Router i5 EditDel 2 Wi sl 10 0 53 67 255 255 255 252 off BRO 20 EditDel 3 VT2 10 0 58 115 255 255 0 0 10 0 0 1 Router 15 EditDel 4 VT3 7 127 27 45 88 255 255 255 2540ff Embeded Modem 113 EditDel 5 VT4 7 192 168 144 254 255 255 255 254 192 168 1 2 BRO 20 EditDel ByttonICR fulli _genericUsermanual_sw303FAS_revG_en doc Page 162 of 272 Bytton ICR 5 5 ROUTING E In the beginning the Virtual table is empty Add New So you must first define
392. yttonLTEsimplu sav 9 28 2012 11 16 AM SAV File 47 KB A Program FilesCfg TN _ byttonICR ovpn sav 9 26 2012 5 28 PM SAV File 61 KB A ProgramData EE _ byttonLTE2 sav 9 25 2012 5 15 PM SAV File 59 KB PROGRAME LUCRU ed Ges _ byttonDIGIL sav 8 23 2012 1 22 PM SAV File 47 KB E di Recovery x GES di Sov _ bytton303MACfilter sav 7 20 2012 2 07 PM SAV File 58 KB Es byttonGEN qosl sav 7 18 2012 11 39 AM SAV File 52 KB CAPTURES 3 SCH byttonO qosFull sav 71 12 2012 5 17 PM SAV File 52 KB J group CSV ES SE I Los 3 byttonO oos sau 7 11 2012 1 52 PM SAV File 52 KB 3 RMTCDE byttonOsimplSTAT sav 7 9 2012 12 06 PM SAV File 41 KB p Ges _ byttonO_QOS1 sav 7 6 2012 12 16 PM SAV File 50 KB saved SM _ byttonO eth sav 6 29 2012 11 09 AM SAV File 50 KB SCANNING ERN Se _ byttonPPP1 sav 6 26 2012 3 43 PM SAV File 49 KB di System Volume Inforn S T p __ byttonO multiple sav 5 26 2012 10 52 AM SAV File 52 KB Js Upd _ byttonO300FA3 sav 6 22 2012 1 36 PM SAV File 50 KB Updates c io X bvttonO300FA2 sav 6 22 2012 1 22 PM SAV File 50 KB m File name bytton303M sav Save as type SAV File sav Figure 5 119 Saving the configuration file with the option Save As Hide Folders Instead of simply clicking Save it is highly recommended to use Save File or Save it to disk This way you may choose both the name of the configuration file to be saved and the location on the
Download Pdf Manuals
Related Search