User Guide V1.03
Contents
1. secure tightly 2 5 Grounding Grounding and cable routing help limit the effects of noise due to electromagnetic interference EMI Run the ground connection from the grounding screw to the grounding point prior to the connection of devices Grounding Screw Note This product is intended to be mounted to a well grounded mounting surface such as a metal panel MULTIMAX USER GUIDE 15 2 6 PIN assignments EEE ms foutnuta s To o daw o v Io ew Note The power supply range is 9 to 60 VDC Be aware of the polarity and refrain from reversing it 16 MULTIMAX USER GUIDE 2 Reset Button Reset Button Function Operation o Press and hold the button for 5 seconds when router is operating Restore to factory When router is operating press and hold the button for 60 seconds until the three default settings LEDs at the left side RUN PPP USR blink 5 times MULTIMAX USER GUIDE 17 Chapter 3 Configuration settings over web browser The router can be configured through your web browser A web browser is included as a standard application in the following operating systems Linux Mac OS Windows 98 NT 2000 XP Vista 7 8 etc The product provides an easy and user friendly interface for configuration There are various ways to connect the router either through an external repeater hub or connect directly to your PC Ensure that your PC has an Ethernet interface properly installed prior2. OFF Disconnected from GND ON Connected to GND Pulse Generates a square wave specified in the pulse mode parameters Alarm Off Action The action that the Digital Output will take when there is an alarm e 50 MULTIMAX USER GUIDE Specify the Digital Output status when power on Selected from OFF ON OFF Disconnected from GND ON Connected to GND Available when Digital Output Alarm On Off Action is enabled Enter the Keep On s time the Digital Output should keep the state after an action is taken Input range from 0 to 255 seconds O keep on until the next action Available when enabling Pulse option in Alarm On Off Action Delay The first pulse will be generated after a Delay Input range from 0 to 3000 in the unit of 10ms O without delay Available when enabling Pulse option in Alarm On Off Action Aye This value specifies the time period of low level connected to GND in the rr square wave form Input range from 1 to 3000 in the unit of 10ms Available when enabling Pulse option in Alarm On Off Action High This value specifies the time period of high level disconnected from GND iG in the square wave form Input range from 1 to 3000 in the unit of 10ms Nul Status When Power On Available when enabling Pulse option in Alarm On Off Action PAIN The value defines the number of pulses that will be generated from Digital utpu i Output Input range from O to
3. Bulk guarantees that the minimum global rate of the router is 1 of Downlink Speed and the maximum rate can be 100 Set the name of the service that requires QoS The Multimax can support up to 20 services with QoS Priority of QoS Service Control is higher than that of both QoS IP control and QoS MAC control Select from TCP UDP and TCP amp UDP TCP 58 MULTIMAX USER GUIDE SS Port Service Enter the port number of the service that requires QoS Control List Select from Exempt Premium Express Normal and Bulk Select the priority of the service s that require QoS Exempt this is the highest priority thatguarantees that the minimum global rate of the router is 50 of Downlink Speed and the maximum rate can be 100 Priority Premium guarantees that the minimum global rate of the router is 25 QoSService of Downlink Speed and the maximum rate can be100 Control List Express guarantees that the minimum global rate of the router is 15 of Downlink Speed and the maximum rate can be 100 Normal guarantees that the minimum global rate of the router is 10 of Downlink Speed and the maximum rate can be 100 Bulk guarantees that the minimum global rate of the router is 1 of Downlink Speed and the maximum rate can be 100 Note If devices or services are in the same priority level the router will automatically start Stochastic
4. Show the list of components that can be tested SD Test USB Description Test Flash Test Memory Test Ethernet Test SIM1 Test SIM2 Test and Module Test router or the router fails to detect Show Detail Show the latest test details of the hardware component Note Please click Apply to start testing Show the current status of the selected hardware component There are 3 status Testing Success and Failure Testing the router is testing the selected hardware component Result Success Correspond hardware component is properly inserted and detected Failure Correspond hardware component is not inserted into the Nui Test Enable Description Result v USB Test E Flash Test z Memory Test v Ethernet Test v SIMI Test Fj SIM2 Test Fl Module Test Detail Show Detail MULTIMAX USER GUIDE 105 3 38 Administration gt Clock This section allows users to set up the Real Time Clock RTC of the router and NTP Service Click to enable NTP client which synchronizes the time from an Enable NTP Client Disabled NTP server Timezone Client Select your local time zone UTC 10 00 l pool ntp or Primary NTP Server Enter the primary NTP Server s IP address or domain name Secondary NTP Enter the secondary NTP Server s IP address or domain name Server Enter the interval in hours which the NTP client will synchronize the time fro
5. TCP server in Mode Enable Protocol Tick to enable protocol advanced settings Disabled Transparent This item will show up when you enable any VPN tunnel in the router it means that serial data can be matched to this local IP Local IP Transparent address and be transmitted or received via VPN tunnel Note when you do not enable any VPN tunnel this item will not show up The serial port will queue the data in the buffer and send the data to the Cellular WAN Ethernet WAN when it reaches the Interval Timeout in the field Interval Timeout sigs Note Data will also be sent as specified by the packet length or Transparent a delimiter settings even when data is not reaching the interval timeout in the field The Packet length setting refers to the maximum amount of data that is allowed to accumulate in the serial port buffer before sending Setting O for packet length means that data in the buffer will be sent as specified by the interval timeout or delimiter Packet Length settings or when the buffer is full When a packet length between 1 ico Transparent and 1024 bytes is specified data in the buffer will be sent as soon it reaches the specified length Note Data will also be sent as specified by the interval timeout or delimiter settings even when data is not reaching the preset packet length When Delimiter 1 is enabled the serial port will queue the data in the buffer and send the data to the Cellular WA
6. Tunnel Tunnel MULTIMAX USER GUIDE 69 3 21 Configuration gt Open VPN This section allows users to set the Open VPN parameters Client Open VPN Client Enable OpenVPN Client the maximum tunnel account is 3 Select from UDP and TCP Client which depends on the Protocol a UDP application Enter the IP address or domain name of the remote OpenVPN Server Address server Enter the listening port of the remote OpenVPN server 1194 Select from tun and tap which are two different types of device interface for OpenVPN Interface The difference between tun and tap device is that a tun tun device is a virtual IP point to point device and a tap device is a virtual Ethernet device Select from four different types of authentication methods Authentication Pre shared Username Password X 509 cert and X 509 cert user Local IP Define the local IP address of the OpenVPN tunnel 10 8 0 2 Remote IP Define the remote IP address of the OpenVPN tunnel 10 8 0 1 Tick to enable NAT Traversal for OpenVPN tunnel This item must Enable NAT Disabled be enabled when the router is under NAT environment Ping Interval Set ping interval in seconds to check if the tunnel is active 20 l Re establish the OpenVPN tunnel if constantly fails for the Ping Restart Es i 120 specified time period in seconds l Select None for no compression or
7. Enable DI Click to Enable digital input DI Filtering Count Trigger Counter Active Counter Start When Power On Triggering Alarm The SMS to send when alarm is triggered 70 ASICII char max Recovering Alarm The SMS to send when alarm is cleared 70 ASICII char max Ph G Specify phone group that will receive alarm SMS one Grou j Each phone group can include up to 10 phone numbers DI DO DI Select from OFF ON EVENT_COUNTER OFF Connect to GND logic 0 When DI is connected to GND Multimax will trigger a DI alarm ON Open from GND logic 1 When DI is disconnected from GND Multimax will trigger a DI alarm EVENT COUNTER DI works in the Event Counter mode Software filtering is used to eliminate the switching noises debouncing Input range from O to 100 in a unit of 100ms Available when DI is in the Event Counter mode Input range from O to 100 O will not trigger alarm The router will trigger alarm when counter reaches the value After alarm is triggered DI will keep counting but not alarm will be triggered again Available when DI is in the Event Counter mode Select from Hi to Lo or Lo to Hi In the Event Counter mode the input accepts limit or proximity switches and counts the number of events according to the state changes defined Available when DI is in the Event Counter mode When enabled the event counting will start counting once the router is powered
8. at sign semi colon pipe sign upper case I Connection Mode Connection Mode Connect On Demand v Redial Interval s 30 Max Retries 3 Inactivity Time s 120 Serial Output Content Hex 30313233 Triggered By Serial Data Triggered By SMS SMS Connect Command CONNECT SMS Disconnect Command DISCONN SMS Connect Reply CON_OK SMS Disconnect Reply DISC_OK Phone Group USER Y Triggered By IO Note use DI_1 L Periodically Connect Time Schedule NULL v Time Range Name SUN MON TUE WED THU FRI SAT Time Rangel Time Range2 Time Range3 schedule 1 4 Ed S WS Ed 08 10 12 00 14 10 20 15 x Add 34 MULTIMAX USER GUIDE Dual SIM Policy Main SIM Card SIM1 Switch To Backup SIM Card When Connection Fails Switch To Backup SIM Card When ICMP Detection Fails Switch To Backup SIM Card When Roaming Is Detected Switch To Backup SIM Card When IO Is Active Switch To Backup SIM Card When Data Limit Is Exceeded Switch Back Main SIM Card After Timeout Advanced Cellular WAN Advanced Settings Set the phone number associated with the SIM card will be shown in Status gt System gt System gt Cellular WAN Phone No Information SIM Phone Number Normally you don t have to enter this number because the router will get it from the SIM card automatically Select from auto or the specific network type that
9. multimax multimaxt HSPA Dual Port M2M Router MA 204 4G Dual Port Router MA 2040 4G Dual Port Dual SIM Industrial Cellular Router 4G User Guide V1 03 Table of Contents CONTACT INFORMATION RF EXPOSURE COMPLIANCE Chapter 1 Product Introduction 1 1 Overview 1 2 Packing List 1 3 Specifications 1 4 Selection and Ordering Information Chapter 2 Installation 2 1 LED Indicators 2 2 Mounting the Router 2 3 Install the SIM Card and Micro SD Card 2 4 Connect the External Antenna SMA Type 2 5 Grounding 2 6 PIN assignment for Router 2 7 Reset Button Chapter 3 Configuration settings over web browser 3 1 Configuring PC in Windows 3 2 Factory Default Settings of Multimax Ethernet Port 3 3 Control Panel 3 4 Status gt System 3 5 Status gt Network 3 6 Status gt Route 3 7 Status gt VPN 3 8 Status gt Services 3 9 Status gt Event Log 3 10 Configuration gt Link Management 3 11 Configuration gt Cellular WAN 3 12 Configuration gt Ethernet 3 13 Configuration gt Serial 3 14 Configuration gt DI DO 3 15 Configuration gt USB 3 16 Configuration gt NAT DMZ 3 17 Configuration gt Firewall 3 18 Configuration gt QoS 3 19 Configuration gt IP Routing 3 20 Configuration gt DynDNS 3 21 Configuration gt IPsec 3 22 Configuration gt Open VPN 3 23 Configuration gt GRE 3 24 Configuration gt L2TP MULTIMAX USER GUIDE 1 Ul O 11 12 13 13 14 14 15 15 16
10. import or export the device configuration and restore the factory default settings XML Configuration Restore to Factory Default Settings Change Profile Profile This item allows users to save different configuration profiles into different positions for easier change over later or to save one configuration profile into different positions just for configuration backup Selected from Standard Alternative 1 Alternative 2 Alternative 3 Import Click Browse to select a saved device configuration file XML file and then click Import to load the file into the router Export Click Export and the device configuration will be shown in a new browser window you can then save it as a XML file The configuration of IPSec and OpenVPN can be loaded and saved separately if needed Click the Restore to Factory Default Settings button to load factory default settings to the router A reboot is required for the settings to take effect Standard Vv L Copy settings from current profile to selected profile All Parameters XML Configuration XML File IPsec XML Configuration IPsec XML File Browse Import Export Browse Import Export OpenVPN XML Configuration OpenVPN XML File Browse Import Export Restore to Factory Default Settings Restore to Factory Default Settinc 100 MULTIMAX USER GUIDE 3 37 Administration gt Tools Five useful too
11. Address NetMask Add Eth1 VLAN Settings O Enable Ethi VLAN DHCP Relay The Router can be a DHCP Relay which will provide a relay tunnel when the DHCP Client and DHCP Server are not in the same subnet This section allows users to configure DHCP Relay settings DhcpRelay Configuration Enable DHCP Server MULTIMAX USER GUIDE 41 3 13 Configuration gt Serial This section allows users to set the serial RS232 RS485 parameters Serial RS232 Select from 300 600 1200 2400 4800 9600 19200 Baud rate 115200 38400 57600 115200 and 230400 Data bit Select from 7 and 8 Select from None Odd and Even None Stop bit Select from 1 and 2 Flow control Select from None Software and Hardware None Select from None Transparent Modbus and AT Over COM None Router will do nothing with the RS232 serial port Transparent Router will transmit the serial data transparently without any protocols Protocol Modbus Router will translate the Modbus RTU data to Modbus TCP data and vice versa AT Over COM select to operate router via RS232 COM port Enter AT commands to router via RS232 COM port Select from TCP Server TCP Client and UDP TCP Client the router works as TCP client initiating a TCP connection None Mode to a TCP server
12. Arrives At Port lt 1 65536 gt or lt 1 65536 gt lt 1 65536 gt MULTIMAX USER GUIDE 53 DMZ DMZ host is a host on the local network that has all ports exposed except those otherwise forwarded NAT DMZ DMZ Enable ue Select to enable the DMZ function Disabled DMZ Host Enter the IP address of the DMZ host on the internal network 0 0 0 0 Source Set the address that can talk to the DMZ host Null means for any addresses ar Address 0 0 0 0 means any IP addresses or Enable DMZ Enable DMZ DMZ Settings DMZ Host Source Address 1 1 1 1 1 1 1 1 24 1 1 1 1 2 2 2 2 0 0 0 0 means any 54 MULTIMAX USER GUIDE 3 17 Configuration gt Firewall This section allows users to set the firewall parameters Basic Settings Firewall Basic Settings Remote Tick to allow users to access the router remotely from the internet using Access Using Enabled HTTP Remote Tick to allow users to access the router remotely from the internet using Access Using Enabled Telnet TELNET HTTP Remote l Tick to allow users to access the router remotely on the internet using Access Using Enabled SNMP SNMP Remote Ping Tick to allow the router reply Ping requests from the internet Enabled eques DoS Deny of Services attack is an attempt to make a machine or network Defend DoS a Neer resource unavailable to its intended users Enabled ac Tick to enable protection from DoS attacks Filter Ba
13. BF CBC DES CBC DES EDE3 CBC AES128 CBC AES192 CBC and AES256 CBC BF CBC Uses the BF algorithm in CBC mode and 128 bit key DES CBC Uses the DES algorithm in CBC mode and 64 bit key DES EDE3 CBC Uses the 3DES algorithm in CBC mode and Authentication l 192 bit key Encryption AES128 CBC Uses the AES algorithm in CBC mode and 128 bit key AES192 CBC Uses the AES algorithm in CBC mode and 192 bit key AES256 CBC Uses the AES algorithm in CBC mode and 256 bit key Maximum Transmission Unit It is the identifier of the maximum MTU size of packet which is possible to transfer in a given environment Set the Maximum Frame Size for transmission 72 MULTIMAX USER GUIDE Default Disabled Tunnel_OpenVPN_O 0 0 0 0 UDP 1194 None 10 8 0 1 10 8 0 2 Disabled 20 c Cc gt 120 LZO BF CBC 1500 1500 Select the log output level which from low to high ERR Verbose Level WARNING NOTICE and DEBUG The higher level will output more log information Users can enter some PPP initialization strings in this field Each Expert Options string can be separated by a space Click Add to add a OpenVPN client including Common l Name Password Client IP Local Static Route and Client Manage 5 as Remote Static Route This field can be configured only when you select Username
14. Enable automatic l l l l l Tick to enable the automatic update of Multimax configuration when l update of l l l E l l l l Disabled inserting a USB storage device containing a valid configuration file configuration Enable automatic Tick to enable the automatic update of Multimax firmware when bisabied isable update of firmware inserting a USB storage device containing a valid firmware file USB Configuration W Enable automatic update of configuration V Enable automatic update of firmware 52 MULTIMAX USER GUIDE 3 16 Configuration gt NAT DMZ This section allows users to set the NAT DMZ parameters NAT Port Forwarding Port forwarding is to manually define rules in the router to send all data received from a range of ports on the WAN side to a port and IP address on the LAN side NAT DMZ Port Forwarding Remote IP Set the remote IP address Null Arrives At ae The port of the internet side that you want to forward to LAN side or Is Forwarded to IP Address Is The device s IP on the LAN side that you want to forward the data to Forwarded The device s port on the LAN side that you want to forward the data to to Port Select from TCP UDP or TCP amp UDP which depends on the application Port Forwarding Remote IP Arrives At Port Is Forwarded to IP Address Is Forwarded to Port Protocol TCP v X Remote IP 1 1 1 1 1 1 1 0 24 1 1 1 1 2 2 2 2 0 0 0 0 means any Add
15. Fairness Queuing SFQ strategy to make a fair bandwidth allocation Enable Quality Of Service QoS ivi Enable QoS Quality of Service Qos Basic Setting Downlink Speed kbps 0 Uplink Speed kbps 0 Optimize for TCP Flags Cl syn LI ack LJ FIN L RST Default Priority Exempt v C Optimize for Serial Data Forwarding C Optimize for ICMP QoS MAC Control List MAC Address Priority QoS IP Control List IP Address Priority QoS Service Control List Service Name Protocol Port Priority MULTIMAX USER GUIDE 59 3 18 Configuration gt IP Routing This section allows users to set the IP routing parameters Static Route To manually add delete or modify static route rules IP Routing Static Route Static Route The table for static routing rule s Table Interface Select from WAN LAN_O or LAN_ 1 WAN Destination Enter the destination host s IP address or destination network NetMask Enter the netmask of the destination or destination network Null o om Enter the gateway s IP address of this static route rule Router will forward all atewa i the data that fits the destination and netmask to this gateway Static Route Table Interface Destination NetMask Gateway WAN Y X Add RIP RIP Routing Information Protocol is a distance vector routing protocol which employs the hop countas a routing metric RIP prevents routing loops by implementing a limit on the number of hops allowe
16. IP Remote UDP Port 514 MULTIMAX USER GUIDE 97 3 34 Configuration gt Event This section allows users to select the events that will be reported via SNMP Trap Click to enable Event feature This feature is used to report Multimax s major running events to Enable Event Disabled SNMP TRAP There are numbers of Event code that can be selected such as BOOT UP 3G UP 3G DOWN etc Event Settings Enable Event Index Event Code SNMP TRAP 1 BOOT UP A 2 3G UP 3 3G DOWN 4 GPRS UP 5 GPRS DOWN 6 OVPN1 UP T OVPN2 UP 3 OVPN3 UP 9 OVPN1 DOWN 10 OVPN2 DOWN 11 OVPN3 DOWN 12 INT1 UP 13 INT2 UP 14 INT1 DOWN 15 INT2 DOWN 16 SMS IN 17 SMS OUT 18 SIM1 ACTIVE 19 SIM2 ACTIVE 20 AREA CHANGE 21 IN1 OPEN 22 IN1 CLOSE 23 IN2 OPEN 98 MULTIMAX USER GUIDE 3 35 Configuration gt USR LED This section allows users to configure how the USR LED is used for display Note Please refer to Status gt System gt LEDs Information gt USR USR LED USR LED Type Select from VPN PPPoE and DynDNS Select from ON Blink Indication For example if USR LED Type is set as VPN and Indication is set as Blink when any VPN tunnel is up USR LED will blink USR LED USR LED USR LED Type VPN y Indication ON v MULTIMAX USER GUIDE 99 3 36 Administration gt Profile This section allows users to set up profiles
17. LZO for using the LZO Compression LZO compression library to compress the data stream Select from BF CBC DES CBC DES EDE3 CBC AES128 CBC AES192 CBC and AES256 CBC BF CBC Uses the BF algorithm in CBC mode and 128 bit key DES CBC Uses the DES algorithm in CBC mode and 64 bit key Encryption DES EDE3 CBC Uses the 3DES algorithm in CBC mode and 192 bit BF CBC key AES128 CBC Uses the AES algorithm in CBC mode and 128 bit key AES192 CBC Uses the AES algorithm in CBC mode and 192 bit key AES256 CBC Uses the AES algorithm in CBC mode and 256 bit key Maximum Transmission Unit It is the identifier of the maximum None MTU 1500 size of packet which is possible to transfer in a given environment Set the Maximum Frame Size for transmission 1500 70 MULTIMAX USER GUIDE Select the log output level which from low to high ERR WARNING NOTICE and DEBUG Higher level will output Verbose Level more log information Users can enter some PPP initialization strings in this field Each Expert Options string can be separated by a space es ee ae Client Tunnel name Description add Enable Open PN Client Enable Protocol Remote IP Address Port 1194 Interface tun Authentication Local IP 10 8 0 2 Remote IP 10 8 0 1 C Enable NAT Ping Interval 20 Ping Restart 120 Compression Encryption MTU 1500
18. Max Frame Size 1500 Verbose Level ERR Expert Options _ xx xx parameter eg config xx config MULTIMAX USER GUIDE 71 Server Open VPN Server Enable OpenVPN Tick to enable OpenVPN server tunnel Server The name of the OpenVPN server The name is generated Tunnel name automatically and not user configurable You can enter the IP address of cellular WAN Ethernet WAN or Listen IP Ethernet LAN Null or 0 0 0 0 stands for using the active WAN link cellular WAN or Ethernet WAN Select from UDP and TCP which depends on the application Set the local listening port Select from tun and tap which are two different types of Interface a device interface for OpenVPN Select from four different types of authentication ways Pre shared Username Password X 509 cert and X 509 cert user Local IP Define the local IP address of OpenVPN tunnel Remote IP Define the remote IP address of OpenVPN tunnel Tick to enable NAT Traversal for OpenVPN This item must be Enable NAT l l enabled when the router is under NAT environment Ping Interval Set ping interval in seconds to check if the tunnel is active l Re establish the OpenVPN tunnel if ping constantly fails for the Ping Restart a specified time period in seconds Select from None and LZO select LZO to use the LZO Compression i compression library to compress the data stream Select from
19. Modbus RTU master router connects to master device that works under Modbus RTU protocol Modbus ASCII master router connects to master device that works under Modbus ASCII protocol Add the Modbus slaves that will be polled by Modbus master This Modbus Slave l l 7 A section will be shown only when you select Modbus RTU master Modbus i E or Modbus ASCII master in Attached serial device type Slave Address Modbus Enter the address of the Modbus slave that is acting as a TCP sever Slave Slave Port Enter the port number of the Modbus slave that is acting as a TCP Modbus Slave sever ID Modbus a Enter the ID number of the Modbus slave ave MULTIMAX USER GUIDE 47 Se Ee Serial Port Settings Baudrate 115200 v Data Bit 8o ov Parity None v Stop Bit 1 v Protocol Settings Protocol None ha When Selecting the Protocol Transparent Protocol Settings Protocol Transparent v Mode TCP server v Local Port 503 Show Protocol Advanced Interval Timeout 1 10ms 10 Packet Length 1360 Enable Delimiter1 Delimiter1 Hex 0 Enable Delimiter2 Delimiter2 Hex 0 Delimiter Process Strip v When Selecting the Protocol Modbus Protocol Settings Protocol Modbus v Local Port 503 Attached serial device type Modbus RTU slave v 48 MULTIMAX USER GUIDE 3 14 Configuration gt DI DO This section allows users to set the Digital IlO parameters
20. Password in Authentication Re Eee ae Enable OpenVPN Server Enable OpenVPN Server VPN Server Tunnel Tunnel name OpenVPN_Tunnel_0 Listen IP Protocol Port 1194 Interface Authentication None i Local IP 10 8 0 1 Remote IP 10 8 0 2 Cl Enable NAT Ping Interval 20 Ping Restart 120 Compression Encryption BF CBC i MTU 1500 Max Frame Size 1500 Verbose Level ERR Expert Options Client Manage xx xx parameter eg config xx config Use Common Name Password Client IP Local Static Route Remote Static Route x Static Route lt 1 1 1 0 24 gt or lt 1 1 1 0 24 2 2 2 2 16 gt Add 3 X 509 MULTIMAX USER GUIDE 73 Open VPN X 509 Select Cert l p 7 Select the OpenVPN client or server to set up the certificates ype Pre Share Static Key Click Browse and then Import for the router to get the appropriate CA file from your PC Click Export to save the CA file to your PC Click Browse and then Import for the router to get the appropriate Public Key file from your PC Click Export to save the Public Key file to your PC Click Browse and then Import for the router to get the appropriate Private Key file from your PC Click Export to save the Private Key file to your PC Click Browse and then Import for the router to get the appropriate DH file from your PC Click Export to save the DH file to
21. USER GUIDE 35 Cellular Advanced Settings SIM Phone Number Network Type Auto v VY i N Band Mode ALL v ALL v Authentication MTU 1500 1500 MRU 1500 1500 Asyncmap Value fit fT Use Peer DNS Primary DNS Server Secondary DNS Server Address Control Compression Protocol Field Compression Expert Options noccp nobsdcomp noccp nobsdcomp ISP Profile This section allow users to preset some ISP profiles which will be shown in the selection list of Configuration gt Cellular WAN gt Network Provider Type Cellular WAN ISP Profiles an Input the ISP s name which will be shown in the selection list of Configuration gt Cellular WAN gt Network Provider Type APN Username Password Dialup All these parameters provided by the ISP No ISP Profile List ISP APN Username Password Dialup No telstra telstra_internet 99 1 x Add 36 MULTIMAX USER GUIDE 3 12 Configuration gt Ethernet This section allows users to set the Ethernet WAN and LAN parameters EthO Eth1 Ethernet EthO Ethernet Interface EthO can work under two different kinds of modes LAN AN Type and WAN Enable to make EthO work under bridge mode with Eth1 EthO and Eth1 will have the same IP address under this Enable mode Enable Bridge LAN Interface IP Address Netmask Set the IP address netmask and MTU of EthO These MTU LAN parameters will be un configu
22. at which the master router sends keep alive packets to nterva backup routers Virtual IP VRRP Settings Enable VRRP Group ID Priority Interval s Virtual IP router 4 100 10 192 168 2 1 A virtual IP address is shared among the routers as the gateway IP in the LAN The router with the same IP as the virtual IP is the master router and the others are backups In case the master fails Ooi the virtual IP address is mapped to a backup router s IP address according to its priority and this backup router becomes the master MULTIMAX USER GUIDE 87 3 27 Configuration gt IP Passthrough This section allows users to set up the IP Pass through parameters In IP Passthrough mode Multimax acts as a PPPoE server and will pass its WAN IP address to PPPoE client directly Packets received from the WAN interface are delivered directly to the LAN interface Similarly packets received for the LAN interface everything except broadcasts multicasts are sent to the WAN interface IP Passthrough Tick to enable IP Passthrough feature Enable IP Note To be able to use this feature Cellular has to be selected as Disabled Passthrough Primary Interface in tab Configuration gt Link Management PPPoE is the only option for mode Set the LAN interface from LAN 0 and LAN_ 1 PPPoE client dials up to Multimax PPPoE server on the LAN interface selected For example when LAN_0O
23. by Modbus master This Modbus Slave section will be shown only when you select Modbus RTU master or Modbus a P l Modbus ASCII master in Attached serial device type Slave Address Enter the address of the Modbus slave that is acting as a TCP sever Modbus Slave Slave Port Enter the port number of the Modbus slave that is acting as a TCP Modbus Slave sever ID Modbus a Enter the ID number of the Modbus slave ave Enable to display all virtual com ports of the cellular inside the router Generally dev ttyUSBO and dev ttyUSB2 are used for cellular network connection Display all com AT Over COM Disabled Note Enabling this function could result in loss of Cellular WAN function l l dev ttyU COM Name Show the available virtual com ports of the cellular module oi RS485 RS232 Serial Port Settings Baudrate 115200 v Data Bit 8 v Parity None v Stop Bit 1 X Flow Control None i Protocol Settings Protocol None v 44 MULTIMAX USER GUIDE When Selecting the Protocol Transparent Protocol Settings Protocol Transparent v Mode TCP server v Local Port 502 W Show Protocol Advanced Interval Timeout 1 10ms 10 Packet Length 1360 W Enable Delimiter1 Delimiter1 Hex 0 W Enable Delimiter2 Delimiter2 Hex 0 Delimiter Process Strip v When Selecting the Protocol Modbus Protocol Settings Protocol Modbus v Local Port 0 Attached
24. com al maxXconnect Port 1883 maXconnect Update Interval s 120 maXconnect Remote Management allows you to manage contro and monitor this device on the maXconnect portal The settings below are used to configure the MQTT protoca to communicate with the Remote Management portal The maXconnect FTP server is needed to perform FOTA via the portal Note FTP server access will be available in future 96 MULTIMAX USER GUIDE 3 33 Configuration gt Syslog This section allows users to set up the parameters for Syslog function Syslog is a standard for computer message logging which allow system and debug information of a device to be saved to a storage media device or sent to a remote syslog server Syslog e Select the save position from None Flash and SD None means Save Position NONE syslog is only saved in RAM and will be cleared after reboot Select form DEBUG INFO NOTICE WARNING ERR CRIT Log Level ALERT and EMERG which from low to high The lower level will DEBUG output more syslog in detail Keep Days Specify the syslog keep Days for router to clear the old syslog Log to Remote Enable to allow router sending syslog to the remote syslog server You Disabled isable System need to enter the IP and Port of the syslog server Syslog Settings Save Position RAM Log Level DEBUG Keep Days 14 V Log to Remote System Remote
25. on Normally users shall enable this option when DI is used for Event Counter Alternatively the router will start counting when a SMS command is received Refer to section 4 1 3 for details Default Disabled OFF Lo to Hi Disabled MULTIMAX USER GUIDE 49 DI_1 Configuration Enable DI Mode OFF v Filtering 1 100ms 1 SMS Alarm Triggering Alarm Recovering Alarm Phone Group DI_ 2 Configuration Enable DI Mode OFF v Filtering 1 100ms 1 SMS Alarm Triggering Alarm Recovering Alarm Phone Group DI DO DO Click to enable Digital Output DO Digital Output will operate based on the alarm sources which can be DI Alarm SMS Control and Call Control More than one source can be selected DI Alarm Digital Output will take the defined action when there is alarm from Digital Input Alarm Source _ SMS Control Digital Output will take the defined action when getting an SMS from a number in the phone book Call Control Digital Output will take the defined action when getting a phone call from a number in the phone book Note Call Control is not supported by the 4G model Selected from OFF ON and Pulse OFF Disconnected from GND ON Connected to GND Pulse Generates a square wave specified in the pulse mode parameters Alarm On Action The action that the Digital Output will take when alarm is cleared Selected from OFF ON Pulse
26. one or a range of IP addresses that are defined Address by Target IP Address or every IP address Default Filter Policy Accept O Drop Add Filter List Action Source IP Source Port Target IP Address Target Port Protocol Accept TCP a X IP 1 1 1 1 1 1 1 0 24 1 1 1 1 2 2 2 2 0 0 0 0 means any Add Port lt 1 65536 gt or lt 1 65536 gt lt 1 65536 gt Mac IP Bounding By MAC IP bounding the defined host MAC on the LAN side can only use the defined IP address to communicate with the router others will be rejected Firewall Mac IP Bounding Deen Default Mac Address Enter the defined host s Mac Address Null IP Address Enter the defined host s IP Address Null MAC IP Bunding List MAC Address IP Address MAC ff ff fF FF FF FF Add 56 MULTIMAX USER GUIDE 3 18 Configuration gt QoS This section allows users to set up the QoS Quality of Service configurations Enable QoS Tick to enable QoS function Downlink Speed kbps uplink Speed kbps Optimize for TCP Flags Default Priority Optimize for Serial Data Forwarding Optimize for ICMP Prescribe downlink speed of router Note Default setting of O means that there is no limitation of downlink speed Prescribe uplink speed of router Note Default setting of 0 means that there is no limitation of uplink speed Users can choose to enable TCP flags SYN ACK FIN RST which m
27. to connecting the router You must configure your PC to obtain an IP address through a DHCP server or a fixed IP address that must be in the same subnet as the router The best and easiest way is to configure the PC to get an IP address automatically from the router using DHCP If you encounter any problems accessing the router web interface it is advisable to disable the firewall on your PC as the firewall can disable access to the router 3 1 Configuring PC in Windows 1 Goto Start Control Panel in Classic View In the Control Panel double click Network Connections E Control Panel meea File Edit view Favorites Tools Help ae O Baci ei Ca Search ey Folders Bab Address Go va Control Panel T Metwgrk Phone and Power Options G Switch to Category View Connections Modem b See Also i Ja CES Printers and Regionaland Scanners and ty Windows Update Faxes Language Cameras a Help and Support p Scheduled Sounds and Speech Tasks Audio Devices 2 Double click Local Area Connection 18 MULTIMAX USER GUIDE 3 Inthe LAN Area Connection Status window click Properties Local Area Connection Status General Support Connection Status Connected Duration 00 05 34 Speed 100 0 Mbps Activity Sent TAN Receved Bytes 1403 1 749 a ee 4 Select Internet Protocol TCP IP and click Properties t Local Area Connection Properties General Authentication Advance
28. water There are no user serviceable parts inside Do not try to disassemble or modify the router Doing so would void the warranty 4 MULTIMAX USER GUIDE m Avoid dropping hitting or shaking the router Please refrain from using the router under extreme vibrating conditions When removing the antenna or power supply cables you must first hold the connection before you do so Connect the router only according to the instruction manual Failure to do so would void the warranty In the event of any problems please contact Maxon Australia Pty Ltd RF EXPOSURE COMPLIANCE The use of this device in any other type of host configuration may not comply with the RF exposure requirements and should be avoided During operation a 20 cm separation distance should be maintained between the antenna whether extended or retracted and the user s bystander s body excluding hands wrists feet and ankles to ensure RF exposure compliance Caution Change or modification without the express consent of Maxon Australia Pty Ltd voids the user s authority to use the device These limits are designed to provide reasonable protection against harmful interference in an appropriate installation The modem is a transmitting device with similar output power to a mobile phone This device can generate use and radiate radio frequency energy if not used in accordance with instructions it can cause harmful radiation to radio communication The device is approved
29. 17 18 18 20 21 22 25 26 26 27 28 29 30 36 41 49 52 52 54 57 60 62 63 69 75 77 3 25 Configuration gt PPTP 3 26 Configuration gt SNMP 3 27 Configuration gt VRRP 3 28 Configuration gt IP Passthrough 3 29 Configuration gt AT over IP 3 30 Configuration gt Phone Book 3 31 Configuration gt SMS 3 32 Configuration gt Reboot 3 33 Configuration gt maXconnect 3 34 Configuration gt Syslog 3 35 Configuration gt Event 3 36 Configuration gt USR LED 3 37 Administration gt Profile 3 38 Administration gt Tools 3 39 Administration gt Clock 3 40 Administration gt Web Server 3 41 Administration gt User Management 3 42 Administration gt SDK Management 3 43 Administration gt Update Firmware Chapter 4 Examples of configuration 4 1 Cellular Dial Up 4 2 NAT Port Forwarding 4 3 L2TP 4 4 PPTP 4 5 IPSEC VPN 4 6 OPENVPN Chapter 5 Introductions for CLI 5 1 What s CLI and hierarchy level Mode 2 MULTIMAX USER GUIDE 80 84 87 87 89 90 92 93 95 97 97 99 99 101 105 106 108 109 110 112 112 116 117 119 121 124 127 127 CONTACT INFORMATION In keeping with Maxon s dedicated customer support policy we encourage you to contact us TECHNICAL Hours of Operation Monday to Friday 8 30am to 5 30pm Telephone 61 2 8707 3000 Facsimile 61 2 8707 3001 Email Support maxon com au Public holidays excluded SALES H
30. 30000 0 for continuous pulse output Available when enabling the SMS Control in Alarm Source SMS Content 5 Input the SMS content to be received by router to trigger an alarm action n 70 ASIC Il char max Available when enabling SMS Control in Alarm Source SMS Content Input the SMS content to be received by router to trigger an alarm cleared action 70 ASIC II char max Off SMS Content Input the SMS content that will be sent out by the router after an alarm On Reply action is taken 70 ASIC II char max SMS Content Input the SMS content that will be sent out by the router after an alarm Off Reply cleared action is taken 70 ASIC II char max Phone Group Click to add phone groups DO Configuration Item Description Diy e Enable false DO 2 Enable false MULTIMAX USER GUIDE 51 DO Configuration iVi Enable Alarm Source Cl DI Alarm Cl Sms Control C call Control DO Action Alarm On Action ON v Alarm Off Action ON v Status When Power On ON v Keep On s 0 3 15 Configuration gt USB This section allows users to configure the USB port Note Users can insert a USB storage device such as a USB flash Disk into the router s USB interface If there is valid configuration file or firmware of Multimax in the USB device the Multimax will automatically update the configuration or firmware Please refer to a separate application note for details on how to do USB automatic updates
31. 40 tftp 172 16 3 3 get rootfsMultimax_V1 01 11 tftptransferring tftp succeeded downloaded MA 2040 write save current configuration Building configuration OK MA 2040 reload Reboot the system yes or no yes reboot the device for the new firmware to take effect Example 3 Set link management MA 2040 gt enable Password pele MA 2040 MA 2040 configure MA 2040 config set link management wan link 1 Cellular Only 2 EthO Only 3 EthO as primary and if fail use Cellular 4 Cellular as primary and if fail user EthO gt please select mode 1 4 1 2 select EthO Only as wan link gt ICMIP detection primary server 8 8 8 8 gt ICMP detection second server 8 8 8 4 gt ICMP detection interval 3 1800 30 gt ICMP detection timeout 1 10 3 130 MULTIMAX USER GUIDE gt ICMP detection retries 1 20 3 gt reset the interface yes or no no This parameter will take effect after reboot Really want to modify yes MA 2040 write save current configuration Building configuration OK MA 2040 reload IReboot the system yes or no yes reboot the device for the new configuration to take effect Example 4 Set IP address Gateway and DNS for EthO MA 2040 gt enable Password eee MA 2040 MA 2040 show link management show the current link management KK K K K K OK OK K OK OK K K K K OK K K K K K K K K K K K K K K K K K K K K K XK XK KK K K K wan link EthO Only EthO O
32. 55 0 LAN mode 192 168 0 1 255 255 255 0 LAN mode Bridged DHCP Server Enabled 20 MULTIMAX USER GUIDE 3 3 Control Panel This section allows users to save configuration reboot router logout and select language Control Panel Save Click to save the current configuration into router s flash ee Click to manually reboot the router This is required after saving the eboo modified configuration for the changes to take full effect Click to return to the login page Note How to modify the device configuration 1 Modify the configurations in the relevant page 2 Click Aiii within the page 3 Repeat steps 1 amp 2 for more modifications in the relevant pages if required Save 4 After completing all modifications Click 5 Click MULTIMAX USER GUIDE 21 3 4 Status gt System This section displays the router system status which shows useful pieces of information such as the LED information Router information Current WAN Link and Cellular Information LED Information For a detailed description please refer to 2 1 LED Indicators Indicating the system status RDN eee Blinking Router is up and running On Router is starting Off Router is power off Indicating the PPP connection status Green On PPP connection is established Off PPP connection has dropped or failed Indicating the status of VPN PPPoE or DynDNS by user selection Green On the selected function is active Off the sel
33. 9 17 14 05 29 17 OK 14 05 29 17 14 05 29 17 OK 14 05 29 17 14 05 29 17 OK 10 41 lt 0 gt router 10 45 lt 3 gt router 10 45 lt 0 gt router 10 46 lt 0 gt router 10 47 lt 0 gt router 10 47 lt O gt router 10 48 lt 0 gt router 10 49 lt 0 gt router 10 49 lt 0 gt router 10 50 lt 0 gt router 10 51 lt 0 gt router 10 51 lt 0 gt router 10 52 lt 0 gt router 10 52 lt 0 gt router ERR CRIT ALERT and EMERG Click Download System Diagnosing Data to download diagnostic file Select from 5 Seconds 10 Seconds 15 Seconds 30 Seconds and 1 Minute User can select these intervals to refresh the log information Please Select DEBUG v Firmware version 1 01 11 May 28 2014 16 57 00 sdk server startup snmpd start up Starting to process data open dev ttyUSB2 successful sent ATEO rcvd ATEO sent AT CPIN rcvd sent AT CFUN 0 this modem don t support auto authentication so to use CHAP sent ATSQCPDPP 1 2 passwd rcvd ERROR sent AT CGDCONT 1 IP telstra extranet rcvd sent AT CFUN 1 rcvd sent ATIENTERCND A7 10 revd sent AT SELRAT 3 rcvd sent ATIBAND 1 rcvd Download System Diagnosing Data Download System Diagnosing Data Manual Refresh 28 MULTIMAX USER GUIDE Clear 3 10 Configuration gt Link Management This section allows users to set the WAN link and t
34. CMP Detection Timeout s 3 ICMP Detection Retries Reset The Interface It is recommended to use an ICMP detection server to keep router always online The ICMP detection increases the reliability and also cost data traffic DNS example Google ONS Server 8 8 8 8 and 8 8 4 4 The change will take effect after clicking the Apply button Configuration gt Cellular WAN gt Basic Cellular Settings Primary SIM Card Secondary SIM Card Network Provider Type Auto Auto APN Username Password Dialup No 9914 99 14 PIN code request Set PIN Code Set PIN Code 112 MULTIMAX USER GUIDE Connection Mode Connection Mode Always online Redial Interval s 30 Max Retries 3 Dual SIM Policy Main SIM Card SIM1 When connection fails L When roaming is detected C When IO is active Monthly data traffic limitation The change will take effect after clicking the Apply button If a customized SIM card is used please select Custom instead of Auto in Network Provider Type and APN username and password will need to be configured accordingly Note Cellular WAN settings page will not be shown if users select EthO Only in Configuration gt Link Management 4 1 2 Connect on Demand Configuration gt Link Management gt Cellular Only Link Management Link Management Settings e Primary Interface Cellular Backu
35. Commands OK 102 MULTIMAX USER GUIDE Traceroute Tool Traceroute Enter the destination IP address or domain name for the trace route Trace Address command Specify the maximum trace hops Router will stop tracing if the trace 2 3 Trace Hops hops has reached the value regardless of whether the destination has 0 been reached or not 1 Timeout Specify the timeout in minutes of Trace route request Ee ond Click this button to launch the Trace route request and the log will be en displayed in the box below es T Sniffer Traceroute Trace Address Trace Hops 30 Timeout s 1 Start Stop MULTIMAX USER GUIDE 103 Sniffer Tools Sniffer Select form all lo imqo imq1 ethO greO and pppO all All the interfaces lo Local Loopback interface imq0 1 virtual interface for QoS which used to limit the download and Interface All upload speed ethO Ethernet interface greO GRE tunnel interface pppo Cellular PPP interface Nul o Al Filter the packets that contain the specify IP address Select from all ip arp tcp and udp All enn Click this button to start the sniffer and the log will be displayed in the ar follow box Ts ee Sniffer Interface all v Host Protocol all v Start Stop 104 MULTIMAX USER GUIDE Test Test Tools Click Enable to select the hardware component to check
36. DE MA 2040 gt enable Password MA 2040 Use to check available commands in priviledged exec mode Debug Exit Export Syslog import load ping reload tracert write tftp show configure end Debug configure information Exit from current mode Export file using tftp Export system log Import file using tftp Load configure information Ping test Halt and perform a cold restart Traceroute test Write running configuration Copy from tftp file system Show running system information Enter configuration mode Exit to normal mode GLOBAL CONFIGURATION MODE MA 2040 configure MA 2040 config Use to check available commands global configuration mode exit Exit from current mode end Exit to normal mode interface Configure an interface set Set system parameters add Add system parameters list modify Modify system parameters list delete Delete system parameters list 128 MULTIMAX USER GUIDE INTERFACE MODE MA 2040 config interface Ethernet O MA 2040 config e0 Use to check available commands in interface mode exit Exit from current mode end Exit to normal mode ip Set the IP address of an interface mtu Set the mtu of an interface 5 2 How to configure the CLI The following is a list of the help and errors that can be encountered in the configuring program n Typing a question mark whenever needed for displaying the help l information eti Pressing the both keys at
37. IENT Lan 192 168 1 1 24 Note In the following diagrams the red coloured numbers mean that these should be matched between server and client and those with the blue coloured numbers mean that they must be set up locally for the tunnel PPTP_SERVER Configuration gt PPTP gt PPTP Server Enable PPTP Server Enable PPTP Server Tick Enable PPTP Server and enter the proper settings PPTP Common Settings Username i Authentication J IP Pool Start 10 0 0 2 IP Pool End Enable MPPE PPTP Server Advanced Show PPTP Server Advanced Route Table List Client IP Remote Subnet Remote Subnet Mask 0 0 0 0 192 168 1 0 255 255 255 0 x 0 0 0 0 means any Add The changes will take effect after doing Apply gt Save gt Reboot MULTIMAX USER GUIDE 119 PPTP_CLIENT Configuration gt PPTP gt PPTP Client PPTP Client Tunnel name Description Add Click Add button and enter the proper settings PPTP Client X Enable C Disable Server Name Username i Password vores 2 Authentication PAP M hz I Remote Subnet 172 16 0 0 Remote Subnet Mask 55 255 0 0 Enable MPPE Show PPTP Client Advanced The changes will take effect after doing Apply gt Save gt Reboot 120 MULTIMAX USER GUIDE 4 5 IPSEC VPN LAN _ LAN IpsecVPN CLIENT PsecVPN SER 10 0 0 0 24 192 168 1 0 24 PC2 PCA Note In the following diagrams the red colou
38. INS Server that the DHCP clients will obtain DHCP Server from DHCP server Static Lease DHCP Define to lease static IP Addresses which conform to Server MAC Address of the connected equipment LAN Interface Enable DHCP Server DHCP Server IP Pool Start IP Pool End DHCP Server Define the primary secondary DNS Server that the DHCP 192 168 0 1 clients will obtain from DHCP server 0 0 0 0 IP Address 192 168 0 1 NetMask 255 255 255 0 MTU 1500 Media Type Auto negotiation v MULTIMAX USER GUIDE 39 tho Dhep Relay LAN Interface IP Address 192 168 1 1 NetMask 255 255 255 0 MTU 1500 Multiple IP Address IP Address NetMask Add DHCP Server Enable DHCP Server IP Pool Start 192 168 0 2 IP Pool End 192 168 0 100 NetMask 255 255 255 0 Lease Time min 60 Primary DNS Server 192 168 0 1 Secondary DNS Server Windows Name Server 192 168 0 1 Static Lease MAC Address IP Address MAC Hitt ft AF VLAN Ethernet VLAN Enable EthO 1 Enable to make router encapsulate and de encapsulate the VLAN VLAN EthO i Disabled ag 1 VLAN j Settings VLAN ID Eth0 1 Set the Tag ID for VLAN VLAN Settings IP Address NetMask Eth0 1 Set the IP address Netmask for VLAN interface VLAN Settings 40 MULTIMAX USER GUIDE Note Virtual LAN is not available when in bridge mode es Dhcp Relay EthO VLAN Settings Y Enable EthO VLAN VLAN ID IP
39. IP and associated Port via the WAN IP with the associated port Internal Serverl LO L 1 1 8880 Gateway Wire Internal Server reless a ngs OD US Fy External Device IP 58 1 1 2 Port 1 9990 Port2 999 Port3 999 Internal Server3 J LO 1 1 3 8882 Configuration gt NAT DMZ gt Port Forwarding Port Forwarding Remote IP Arrives At Port Is Forwarded to IP Address Is Forwarded to Port Protocol 580 1 1 1 9990 10 1 1 1 3000 TCP x 58 1 1 1 9991 10 1 1 2 8881 UDP x 58 1 1 1 9992 10 1 1 3 8882 TCP amp UDP xX Remote IP 1 1 1 1 1 1 1 0 24 1 1 1 1 2 2 2 2 0 0 0 0 means any Add Arrives At Port lt 1 65536 gt or lt 1 65536 gt lt 1 65536 gt Note This section will be hidden if the user selects Cellular as primary and if fail use EthO in Configuration gt Link Management Explanations for above diagram If there are two IP addresses 58 1 1 1 and 59 1 1 1 for the External Devices then the result will be different from the test when the NAT is working at the router 58 1 1 1 access to gt 58 1 1 2 9990 be forwarded to gt 10 1 1 1 8000 TCP 58 1 1 1 access to gt 58 1 1 2 9991 be forwarded to gt 10 1 1 2 8001 UDP 58 1 1 1 access to gt 58 1 1 2 9992 be forwarded to gt 10 1 1 3 8002 TCP amp UDP 116 MULTIMAX USER GUIDE 4 3 L2TP LAN L2TP SERVER Int
40. Key PSK CA Certification Authority XAUTH Extended Authentication to AAA server is triggered if no IPsec protected packets are received from the peer Dead peer detection DPD is a method that network devices use to verify the current existence and availability of other peer devices When the local device is sending out an IPsec packet DPD will DPD Time check the time when the last IPsec packet was received from the 180 Interval peer If the time period exceeds the specified interval DPD will send a DPD notification to the peer If no DPD acknowledgement is received within the DPD packet retransmission interval it will retransmit the DPD hello If still no DPD acknowledgement is received after a maximum number of retransmission attempts DPD will consider the peer as dead and remove the IKE SA and those IPSec SAs based on the IKE SA for that peer DPD Timeout Set the interval in seconds for DPD packet re transmission 60 66 MULTIMAX USER GUIDE Select from None L2TP and GRE VPN Over IPsec L2TP Over IPsec Encrypt theL2TP tunnels using IPsec None e 1 GRE Over IPsec Encrypt the GRE tunnels using IPsec Enable Tick to enable compressing the inner headers of IP packets Disabled Compress Enable ICMP l Click to enable ICMP detection Disabled Detection l Enter the IP address or domain name or remote server Router will ICMP Detection ping this address domain nam
41. N Ethernet WAN Enable when a specific character entered in HEXADECIMAL format is Disabled Delimiter received A second delimiter character may be enabled and specified in the Delimiter 2 field so that both characters act as the delimiter to control when data should be sent m e 46 MULTIMAX USER GUIDE Delimiter Hex oe gs Enter the delimiter in Hex Transparent The Delimiter process field determines how the data is handled Pe when a delimiter is received Delimiter ae None Data in the buffer will be transmitted when the delimiter is l Process ss Strip received the data also includes the delimiter characters Transparent ae ae Strip Data in the buffer is first stripped of the delimiter before being transmitted This item will be configurable when you enable any VPN tunnel in the router it means serial data can be matched to this local IP Local IP Modbus address and be transmitted or received via VPN tunnel Note when you have not enabled any VPN tunnel this item will not be shown Local Port Enter the Local port for Modbus Modbus Select From Modbus RTU slave Modbus ASCII slave Modbus RTU master and Modbus ASCII master Modbus RTU slave router connects to slave device that works under Modbus RTU protocol Attached serial device type Modbus Modbus ASCII slave router connects to slave device that works Modbus RTU under Modbus ASCII protocol slave
42. No Tunnel name Status Local IP Remote IP Connect Time PPTP Server No Tunnel name Status Local IP Remote IP Connect Time a VPN Status No Tunnel name Status 26 MULTIMAX USER GUIDE 3 8 Status gt Services This section displays the router Services status including VRRP DynDNS Serial and DI DO YRREP VRRP is disabled DynDNS DynDNS is disabled RS2327 115200 N 8 1 RS5485 115200 N 3 1 DI No Level Status Start Counter Event Counter Value DO Mo Level Status MULTIMAX USER GUIDE 27 3 9 Status gt Event Log This section displays the router event log information You need to enable the router to output the log and select the log level first then you can view the log information here Select the log messages you want to download Select the Log level in the drop down menu DEBUG INFO NOTICE WARNING Log Level Download System Diagnosing Data Manual Refresh Event Log Event Log Messages Download Log Level 14 05 29 17 14 05 29 17 14 05 29 17 14 05 29 17 14 05 29 17 14 05 29 17 OK 14 05 29 17 14 05 29 17 10 21 lt O gt router 10 21 lt 0 gt router 10 25 lt O gt router 10 39 lt 0 gt router 10 40 lt 0 gt router 10 40 lt 0 gt router 10 41 lt 0 gt router 10 41 lt 0 gt router CPIN READY OK 14 05 29 17 14 05 29 17 14 05 29 17 14 05 29 17 14 05 29 17 14 05 29 17 OK 14 05 29 17 14 05 29 17 OK 14 05 2
43. PPP Echo requests to each other If the client or server receives Link Detection no response from the peer within a specified period of time it will O Interval retransmit the PPP echo If no response from the peer is received after the set number of maximum retries it is considered that the L2TP tunnel is down and the client will try to re establish a tunnel with the peer Link Detection i i i l Specify the maximum retries for L2TP link detection 5 Max Retries You can enter some extra PPP initialization strings in this field Each noccpnob Expert Options string can be separated by a space sdcomp Route Table List Click Add to add a route rule from L2TP server to L2TP client MULTIMAX USER GUIDE 79 Enable L2TP Server C Enable L2TP Server L2TP Common Settings Username Password Authentication Auto iv Enable Tunnel Authentication Tunnel secret Local IP IP Pool Start 10 0 0 2 IP Pool End 10 0 0 100 L2TP Server Advanced Enable L2TP Server Advanced Address Contro l Compression Protocol Field Compression Asyncmap Value fffftff MRU 1500 MTU 41436 Link Detection Interval s 30 Link Detection Max Retries 5 Expert Options noccp nobsdcomp Route Table List Client IP Remote Subnet Remote Subnet Mask 0 0 0 0 means any Add 80 MULTIMAX USER GUIDE 3 24 Configuration gt PPTP This section allows users to set up the L2TP tunnel Server or Client Q
44. Redistribute Static _ Enable Redistribute Ospf Network List Network Address NetMask Add OSPF OSPF Open Shortest Path First is a link state routing protocol for IP network It uses a link state routing algorithm and falls into the group of interior routing protocols operating within an Autonomous System AS IP Routing OSPF Enable Tick to enable OSPF function Disabled OSPFv2 OSPF Protocol Enable OSPFv2 62 MULTIMAX USER GUIDE 3 19 Configuration gt DynDNS This section allows users to set up the dynamic DNS service This service allows you to alias a dynamic IP address to a static hostname allowing users whose Internet Service Provider ISP do not supply them a static IP address This is especially useful for hosting servers via dynamic IP connections so that anyone wishing to connect to the server may use a domain name rather than having to know the IP address which will change from time to time DynDNS Enable Tick to enable dynamic DNS function Disabled DynDNS Select the dynamic DNS service provider Multimax supports DynDNS Service DynDNS Dynamic QDNS 3322 and NOIP with which you have to set up an Type i Dynamic account in advance Hostname Enter the Host name that you get from the service provider Username Enter the user name of your service account Password Enter the password of your service account Force Click to force the router to update the current WAN IP to
45. Server address supports both IP and domain name secie ien Transparent TCP Server the router works as TCP server listening for connection request from TCP client UDP the router works as a UDP client Local Port Enter the local port for TCP or UDP Transparent Click Add button to add multiple servers You need to enter the server s IP and port and enable or disable Send data to serial If you Multiple Server disable Send data to serial router will not transmit the data from Gane Transparent this server to serial port Note This section will not be displayed if you select TCP server in Mode Show Protocol Disabled Advanced Tick to enable protocol advanced setting Transparent This item will show up when you enable any VPN tunnel in the router it means that serial data can be matched to this local IP address and Local IP Transparent be transmitted or received via VPN tunnel Note when you do not enable any VPN tunnel this item will not show up 42 MULTIMAX USER GUIDE The serial port will queue the data in the buffer and send the data to the Cellular WAN Ethernet WAN when it reaches the Interval Timeout Interval Timeout in the field i0 Transparent Note Data will also be sent as specified by the packet length or delimiter settings even when data is not reaching the interval timeout in the field The Packet length setting refers to the maximum amount of data that
46. VACM SNMP VACM Item Description Default Readwrite Select the access rights from Readonly and ReadWrite Readonly Network Define the network from which is allowed to access E g 172 16 0 0 Community Enter the community name Nul MIBview Select from none system and all none E e E SNMPv1 amp v2 User List Readwrite Network Community MIBview Readonly public system mi xX ReadWrite private system X ReadWrite 7 admin all x xX Network 1 1 1 0 24 0 0 0 0 means any mn Trap SNMP Trap Enable SNMP Click to enable SNMP Trap feature Disable rap Version Select from SNMPv1 SNMPv2 and SNMPv3 SNMPv1 Server Address Enter the SNMP trap server s IP address Null Enter SNMP trap server s port number oc TS RS Ee SNMP Trap Settings Enable SNMP Trap Version SNMPv1i Server Address Port 0 Name 86 MULTIMAX USER GUIDE 3 26 Configuration gt VRRP This section allows users to set up the VRRP Virtual Router Redundancy Protocol service VRRP is an Internet protocol that provides a way to have one or more backup routers when using a statically configured router on a local area network LAN VRRP Enable VRRP Tick to enable the VRRP protocol Disabled Group ID Specify which VRRP group of this router belongs to Enter the priority value from 1 to 255 The larger value has higher Priority corit 100 priority ae The interval
47. able it as a Enabled nable Compression default One of the PPTP initialization strings In general you don t need to Asyncmap Value FET FET FE modify this value Maximum Receiving Unit It is the identifier of the maximum size of lt J C 1500 packet which is possible to receive in a given environment Maximum Transmission Unit It is the identifier of the maximum size MTU 1436 of packet which is possible to transfer in a given environment Link Detection Specify the interval between PPTP client and server W MULTIMAX USER GUIDE 81 Interval To check the connectivity of a tunnel the client and server regularly send PPP Echo to each other If the client or server receives no response from the peer within a specified period of time it will retransmit the PPP echo If no response from the peer is received after the set number of maximum retries it is considered that the PPTP tunnel is down and the client will try to re establish a tunnel with the peer Link Detection l l l l l i Specify the maximum retries for PPTP link detection Max Retries l You can enter some extra PPP initialization strings in this field Each noccpnobs Expert Options string can be separated by a space dcomp PPTP Client PPTP Client Tunnel name Description add PPTP Client X Enable Disable Server Name 120 197 59 88 Username cisco Password eecce Authentication MS CHAP v1 Remote Subnet Remo
48. arts Switch IP Address NetMask MTU 1500 Media Type Auto negotiation Multiple IP Address IP Address NetMask Add DHCP Server V Enable DHCP Server IP Pool Start 192 168 0 2 IP Pool End 192 166 0 100 NetMask 255 255 255 0 Lease Time Minute 60 Primary DNS Server 192 168 0 1 Secondary DNS Server Windows Name Server 192 163 0 1 Static Lease Mac Address IP Address MAC aa aa aa aa aa aa Add 38 MULTIMAX USER GUIDE LAN Settings for Eth1 will be common for both Ethernet ports when bridge mode is enabled Ethernet Eth1 192 168 0 2 192 168 0 100 1492 IP Address Netmask Set the IP address netmask MTU and Media Type of MTU LAN Interface Eth1 Set up media type for EthO There are five types in the drop down list to choose from Auto negotiation Media Type LAN 10Mbps Half Duplex Auto negotiation Interface 10Mbps Full Duplex 100Mbps Half Duplex 100Mbps Full Duplex Enable to allow the router to lease IP addresses to DHCP clients that connect to Eth1 Define the beginning IP Pool Start and end IP Pool End 192 168 0 2 of the pool of IP addresses thatwill lease to DHCP clients Netmask DHCP Define the netmask that the DHCP clients will obtain from Server DHCP server Lease Time DHCP Define the time that the client can use the IP address Server min which obtained from DHCP server Primary Secondary DNS Server DHCP Server Windows Name Server Define the W
49. assword that will be used by L2TP client Select from Auto PAP CHAP MS CHAP v1 and MS CHAP v2 CHAP Authentication You need to make sure the same authentication method used by the client Enable Tunnel Tick to enable tunnel authentication and enter the tunnel secret that eee isable Authentication will provide to L2TP client Local IP Set the IP address of L2TP server 10 0 0 1 IP Pool Start Set the IP pool start IP address that will assign to the L2TP clients 10 0 0 2 10 0 0 10 IP Pool End Set the IP pool end IP address that will assign to the L2TP clients D Enable L2TP Server Tick to show the L2TP server advanced setting Disabled Advanced Address Control a e l Used for PPP initialization In general you need to enable it as default Enabled Compression Protocol Field e ete i Used for PPP initialization In general you need to enable it as default Enabled Compression One of the L2TP initialization strings In general you don t need to Asyncmap Value ffffffff modify this value a Maximum Receiving Unit The identifier of the maximum size of packet which is possible to receive in a given environment VU Maximum Transmission Unit The identifier of the maximum size of packet which is possible to transfer in a given environment Specify the interval between L2TP client and server 1500 1436 To check the connectivity of a tunnel the client and server regularly send
50. ateway containing an symbol is required as the Remote ID e g test maxon com Select from Main and Aggressive modes which will be used for IKE negotiation in Phase 1 Negotiation If the IP address at one end of an IPsec tunnel is dynamic the IKE vee Mode negotiation mode must be aggressive In this case SA Security Association can be established once the username and password are correct Select from DES 3DES AES128 AES192 and AES256 to be used in IKE negotiation DES Uses the DES algorithm in CBC mode and 56 bit key 3DES Uses the 3DES algorithm in CBC mode and 168 bit key 3DES AES128 Uses the AES algorithm in CBC mode and 128 bit key AES192 Uses the AES algorithm in CBC mode and 192 bit key AES256 Uses the AES algorithm in CBC mode and 256 bit key eee Select from MD5 and SHA1 to be used in IKE negotiation Authentication MD5 Uses HMAC SHA1 MD5 Algorithm SHA1 Uses HMAC MDS5 Select from MODP768_ 1 MODP1024 2 and MODP1536_5 to be used in IKE negotiation phase 1 MODP768_1 Uses the 768 bit Diffie Hellman group Default Encryption Algorithm DH Group MODP1024 2 MODP1024 2 Uses the 1024 bit Diffie Hellman group MODP1536_5 Uses the 1536 bit Diffie Hellman group MULTIMAX USER GUIDE 65 Select from PSK CA XAUTH Init PSK and XAUTH Init CA to be used in IKE negotiation Enter t
51. atus Registered to home network Signal Level RSSI ail 24 65DB Network Operator 50501 LAC Cell ID Network Service Type 3G UMTS IMEI ESN 356853050030362 IMSI 505013446363626 USB Status Ready 3 5 Status gt Network This section displays the route Network status which includes status of Cellular EthO and Eth1 Cellular WAN Connection Status Connect Time IP Address MTU 1500 Gateway Primary DNS Server Secondary DNS Server 0 0 0 0 LANO IP Address 172 16 4 11 MAC Address OO ff 66 87 65 b2 MTU 1500 NetMask 255 255 0 0 LANI IP Address 192 168 222 1 MAC Address 00 ff 74 46 dc e2 MTU 1500 NetMask 293 222 222 0 Note ETHO WAN information will not be shown if you select Cellular Only in Configuration gt Link Management gt WAN Link MULTIMAX USER GUIDE 25 3 6 Status gt Route This section displays the router s route table Route Table Destination NetMask Gateway Interface Metric 172 16 0 0 255 255 0 0 0 0 0 0 eth0 0 192 168 1 0 255 255 255 0 0 0 0 0 eth1 0 3 Status gt VPN This section displays the router VPN status which includes IPsec L2TP PPTP and OpenVPN IPsec Status No Tunnel name Status Connect Time 1 LINK_DOWN 2 LINK_DOWN 3 LINK_ DOWN IPsec Detail Status Show Detail Status L2TP Client No Tunnel name Status Local IP Remote IP Connect Time L2TP Server No Tunnel name Status Local IP Remote IP Connect Time PPTP Client
52. be oca transmitted or received via VPN tunnel Modbus a Note when you do not enable any VPN tunnel this item will not be shown Local Port Enter the Local port for Modbus Modbus Select From Modbus RTU slave Modbus ASCII slave Modbus RTU master and Modbus ASCII master Modbus RTU slave router connects to a Modbus slave device that Modbus Attached serial device type Modbus works under Modbus RTU protocol RTU slave Modbus ASCII slave router connects to a Modbus slave device that works under Modbus ASCII protocol MULTIMAX USER GUIDE 43 Note When Modbus RTU slave or Modbus ASCII slave protocol is selected the router is acting as a TCP Server so the user needs to enter a local port number in Local Port Modbus field and the router will listen to the port for connection Modbus RTU master router connects to a Modbus master device that works under Modbus RTU protocol Modbus ASCII master router connects to a Modbus master device that works under Modbus ASCII protocol Note When Modbus RTU master or Modbus ASCII master protocol is selected the router is acting as a TCP Client so the user needs to enter slave address and slave port number in Slave Address Modbus Slave and Slave Port Modbus Slave fields The router will then try to connect to the server using the specified address and port Add the Modbus slaves that will be polled
53. boot the cellular module If it still fails to dial up the router will switch to the Max Retries backup SIM card for re connection and the maximum number of retries still applies Once connection is successful the Max Retries counter will be reset Configurable under Connect On Demand mode me This field specifies the idle time in seconds for cellular Inactivity Time s l l l auto disconnection and reverting back to preferred SIM card O means timeless l The content that is sent by the serial device connected to the Serial Output i an router to trigger PPP connection disconnection under Connect onten On Demand mode The content must be in HEX values Tick this checkbox to allow PPP connection or disconnection Triggered by Serial Data when data comes into the serial port and matches the preset Disabled Content Tick this checkbox to allow PPP connection or disconnection Disabled Triggered by Tel when making a voice call to router Note This function is not supported by the 4G model Tick this checkbox to allow PPP connection or disconnection Triggered by SMS E l l Disabled when a specific SMS is received SMS Connect RES Users shall send this specific SMS to trigger PPP connection Command SMS Disconnect n Users shall send this specific SMS to trigger PPP disconnection Command When PPP is connected an SMS specified here will be sent to SMS Connect Reply preset u
54. c Local Protected subnet s mask as Local ID Type Select from Default IP Address FQDN Fully Qualified Default IPsec Protocol ESP Uses the ESP Encapsulating Security Payload protocol ESP AH Uses the AH Authentication Header protocol 64 MULTIMAX USER GUIDE Domain Name and User FQDN in IKE Internet Key Exchange negotiation Default stands for IP Address IP Address Uses IP address as the ID in IKE negotiation FQDN Uses FQDN type as the ID in IKE negotiation With this option a name for the local security gateway with no in between is required as the Local ID e g test maxon com User FQDN Uses a user FQDN type as the ID in IKE negotiation With this option a name for the local security gateway containing an symbol is required as the Local ID e g test maxon com Remote Subnet Enter IPsec Remote Protected subnet s address Remote Subnet Enter IPsec Remote Protected subnet s mask Mask Select from Default IP Address FQDN and User FQDN in IKE negotiation IP Address Uses IP address as the ID in IKE negotiation FQDN Uses FQDN type as the ID in IKE negotiation With this option a name for the remote security gateway with no in Remote ID Type between is required as the Remote ID e g test maxon com User FQDN Uses a user FQDN type as the ID in IKE negotiation With this option a name for the remote security g
55. ck RoHS WEEE EMC EN 61000 4 2 ESD Level 4 EN 61000 4 3 RS Level 4 EN 61000 4 4 EFT Level 4 EN 61000 4 5 Surge Level 3 EN 61000 4 6 CS Level 3 EN 61000 4 8 EN 61000 4 12 1 4 Selection and Ordering Information Please refer to MA 2040 MA 2040 4G Specifications and Packing List above 12 MULTIMAX USER GUIDE Chapter 2 Installation 2 1 LED Indicators O run RSSI rrp NET usr SIM Indicates the system status Blinking Router is up and running On Router is starting Off Router is powered off Indicates the PPP connection status On PPP connection is established Off PPP connection has dropped or failed Indicates the status of VPN PPPoE or DynDNS by user selection On the selected function is active Off the selected function is inactive Green Signal level 21 31 Perfect signal level Yellow Signal level 11 20 Normal signal level Signal level 1 10 Bad signal level Green Operating on 4G 4G model only Yellow Operating on 3G Operating on 2G Not registered to any network SIM 1 inserted On SIM1 works normally Blinking SIM 1 inserted but failing to work e g incorrect PIN code SIM 2 inserted On SIM 2 works normally Blinking SIM 2 inserted but failing to work e g incorrect PIN code No SIM inserted MULTIMAX USER GUIDE 13 2 2 Mounting the Router Use 2 x M3 screw to mount the router on the wall p3 Or mount the router on a DIN rail with optional k
56. ction server which you can set in Configuration gt Link Management ICMP Detection Interval s which can be set in Configuration gt Link Management MULTIMAX USER GUIDE 23 Current WAN Link Current WAN Link Cellular IP Address 10 138 108 79 Gateway 192 168 254 254 NetMask 255 255 255 255 DNS Server 210 21 4 130 221 5 88 88 Keepalive PING IP Address Keepalive PING Interval 30 Cellular Information Unknown Ready Checking AT Need PIN Need PUK Signal level is low No registered Initialize APN failed Status of the modem There are 8 different statuses Modem Status Current network state There are 6 different states 1 2 Network Status 3 4 5 6 Not registered ME is currently not searching for new operator Registered to home network Not registered but ME is currently searching for a new operator Registration denied Registered roaming Unknown Signal Level RSSI Current signal level Mobile Country Code MCC Mobile Network Code MNC e g 46001 Network Operator Also it will show the Location Area Code LAC and Cell ID Network Service Type Current network service type e g UMTS IMEI ESN IMEI ESN number of the radio module IMSI IMSI number of the current SIM USB Status Current status of USB host 24 MULTIMAX USER GUIDE Cellular Information Current SIM SIM1 Phone No SMS Service Center 61418706700 Modem Status Ready Network St
57. d Connect using Eg ASUSTer Broadcom 440 10 700 Integrated Controller This connection uses the following tems El Clent for Microsoft Networks File and Printer Sharing for Microsoft Networks fl O05 Packet Scheduler Internet Protocol TCFIF Install Uninstall Description Transmission Control Protocollnternet Protocol The default wide area network protocol that provides communication across diverse interconnected networks Show icon in notification area when connected MULTIMAX USER GUIDE 19 5 Select the Obtain an IP address automatically and Obtain DNS server address automatically radio buttons Internet Protocol TCP IP Properties General Altemate Configuration ou can get F settings assigned automatically if your network supports this capability Otherwise you need to ask pour network administrator for the appropriate IF settings Obtain an IF address automatically O Use the following IP address Obtain DNS server address automatically Use the following ONS server addresses E k ea 6 Click OK to finish the configuration 3 2 Factory Default Settings of Multimax Ethernet Port Before configuring your router please familiarise yourself with following default settings Item Description Username admin Password admin 192 168 0 1 255 255 2
58. d in a path from the source to a destination IP Routing RIP Enable RIP Protocol Tick to enable RIP function Disabled Setting RIP Protocol Select from RIPv1 and RIPv2 RIPv1 Version If you input this neighbor IP router will only send RIP request message to this l IP instead of broadcast This item only needs to be set in some unicast Neighbor IP 0 0 0 0 network Defines the interval in seconds between routing updates Update times eae Defines the aging time of a route in seconds If no update for a route is 60 MULTIMAX USER GUIDE received the metric of the route will be set to 16 in the routing table after the aging time elapses Defines the Garbage Collect time in seconds from when the metric of a route becomes 16 to when it is deleted from the routing table During the time RIP advertises the route with the routing metric set to 16 If no update is announced for that route after the time period the route will be deleted from the routing table Enable Tick to enable RIP protocol Advanced Settings Disabled Advance Default a l This value is used for redistributed routes 1 Metric The first criterion for a router to determine which routing protocol to use if Distance two protocols provide route information for the same destination 120 Select from None EthO Eth1 and Default This command sets the specified interface to passive mode When the interface is in passive
59. dwidth After being enabled response of PING control will be faster Note if enabling Optimize for TCP Flags Optimize for Serial Data Forwarding and Optimize for ICMP at the same time meaning that these three services are in the same priority level router will automatically start Stochastic Fairness Queuing SFQ strategy to make Normal MULTIMAX USER GUIDE 57 a fair bandwidth allocation to avoid one service occupying all the bandwidth MAC Address QoS MAC Control List Priority QoS MAC Control List IP Address QoS IP Control List Priority QoS IP Control List Service Name QoS Service Control List Protocol QoS Service Control QoS The Multimax can support up to 20 devices with QoS MAC Control Priority of QoS MAC Control is higher than that of QoS IP control Dy t Dy u Select from Exempt Premium Express Normal and Bulk Enter the MAC address of a user device for example a PC that requires o Select the priority of user device s for example a PC which are set with QoS Control Exempt this is the highest priority that guarantees that the minimum global rate of the router is 50 of Downlink Speed and the maximum rate can be 100 Premium guarantees that the minimum global rate of the router is 25 Bpi of Downlink Speed and the maximum rate can be 100 Express guarantees that the minimum global rate of
60. e following specifications Dual SIM redundancy for continuous cellular connection supports 2G 3G 4G Optional diversity antenna for improved fringe performance m Two Ethernet ports can be configured as two LANs or one LAN one WAN supports wireless WAN and wired WAN backup m One RS232 one RS485 one console port two digital inputs two digital outputs one high speed USB host up to 480 Mbps m Six LED indicators provide status and signal strength RSSI m Wide range input voltages from 9 to 60 VDC and wide operating temperature range from 40 to 85 C m The metal enclosure can be mounted on a DIN rail or on the wall with extra ground screw m Network protocols including PPP PPPoE TCP UDP DHCP ICMP NAT DMZ RIP OSPF DDNS VRRP HTTP HTTPs m VPN tunnel IPSec OpenVPN PPTP L2TP client server GRE m Management via Web CLI SNMP m Supports Modbus RTU to Modbus TCP gateway m Auto reboot during a preset time of day m Firmware upgrade via web interface and supports FOTA 1 4G is available with MA2040 4G Model 8 MULTIMAX USER GUIDE 1 2 Packing List Check your package to make certain it contains the following items e Maxon Multimax MA 2040 or MA 2040 4G router x 1 e SMA antenna x 2 S e 3 pin pluggable terminal block with lock for power connector x 1 e 7 pin pluggable terminal block with lock for I O x 1 e Ethernet cable x 1 e CAB 4475 Phoenix Connector to DB9 Cab
61. e to check that if the current erver connectivity is active ICMP Detection Set the local IP address Local IP ICMP Detection oe Set the ping interval time Interval Set the ping timeout Timeout If Router ping the preset address domain name times out ICMP Detection seer continuously for Max Retries time it will try to re establish the VPN etries tunnel Please Add IPsec Click Add to add the defined IPsec Tunnel Tunnel IPsec Tunnel X Enable Disable IPsec Tunnel Enable IPsec Common IPsec Gateway Address 113 10 255 72 IPsec Mode Tunnel v IPsec Protocol ESP Local Subnet 192 168 1 0 Local Subnet Mask 255 255 255 0 Local ID Type FQDN v Local ID Draytek02 Remote Subnet 10 10 1 0 Remote Subnet Mask 255 255 255 0 Remote ID Type IP Address MULTIMAX USER GUIDE 67 IKE Parameter Negotiation Mode Encryption Algorithm Authentication Algorithm DH Group Authentication Secrets Life Time s SA Parameter SA Algorithm PFS Group Life Time s DPD Time Interval s DPD Timeout s IPsec Advanced Enable Compress O Enable ICMP Detection Please Add IPsec Tunnel 68 MULTIMAX USER GUIDE Main v AES256 Y MD5 Y MODP1024 2 7 PSK v 66400 3DES_SHA1 96 v PFS NULL v 3600 60 180 X 509 IPSec X 509 Select Cert Type Select the IPsec tunnel to set up the certificates Click Br
62. eans that data with the above TCP Flags will get the highest priority to occupy the bandwidth After being enabled the router will enhance the response of TCP control in case of data resending frequently Selectable from Exempt Premium Express Normal and Bulk Users Services without other pre priority setting will use this default priority Exempt this is the highest priority that guarantees that the minimum global rate of the router is 50 of the Downlink Speed and the maximum rate can be 100 Premium guarantees that the minimum global rate of the router is 25 of the Downlink Speed and the maximum rate can be 100 Express guarantees that the minimum global rate of the router is 15 of Downlink Speed and the maximum rate can be 100 Normal guarantees that the minimum global rate of the router is 10 of Downlink Speed and the maximum rate can be 100 Bulk guarantees that the minimum global rate of the router is 1 of Downlink Speed and the maximum rate can be 100 Enable to optimize for serial data forwarding meaning that serial data forwarding will get the highest priority to occupy the bandwidth If using this option a local port number for controlling is required Therefore it will need to set up a local port number for the router even if the router is a TCP Client Enable to optimize for ICMP meaning that ICMP will get the highest priority to occupy the ban
63. ecify the interval between L2TP client and server 1500 1436 Link Detection W O To check the connectivity of a tunnel the client and server regularly Interval send PPP Echo to each other If the client or server receives no MULTIMAX USER GUIDE 77 response from the peer within a specified period of time it will retransmit the PPP echo If no response from the peer is received after the set number of maximum retries it is considered that the L2TP tunnel is down and the client will try to re establish a tunnel with the peer Link Detection l l l l l Specify the maximum retries for L2TP link detection 5 Max Retries noccpno Users can enter some extra PPP initialization strings in this field Each Expert Options l bsdcom string can be separated by a space p L2TP Client L 2TP Server L2TP Client Tunnel name Description L2TP Client x Server Name Username Password Authentication Auto y Enable Tunnel Authentication Tunnel secret Remote Subnet Remote Subnet Mask Enable L2TP Client Advanced Local IP Remote IP Address Control Compression Protocol Field Compression Asyncmap Value ALLEI MRU 1500 MTU 1436 Link Detection Interval s 30 Link Detection Max Retries 5 Expert Options noccp nobsdcomp 78 MULTIMAX USER GUIDE Server L2TP Server Enable L2TP Tick to enable L2TP server Disabled Server Set the username that will be used by L2TP client Set the p
64. ected function is inactive Signal level 21 31 Perfect signal level Signal level 11 20 Normal signal level Red o o Signal level 1 10 Bad signal level Green Operating on the 4G network Operating on the 3G network Red o Operating on the 2G network Not registered to any network f SIM 1 inserted Green On SIM1 works normally Blinking SIM 1 inserted but fails to work e g incorrect PIN code SIM 2 inserted Yellow On SIM 2 works normally Blinking SIM 2 inserted but fails to work e g incorrect PIN code No SIM inserted 22 MULTIMAX USER GUIDE Router Information Item Device Model Serial Number Device Name Firmware Version Hardware Version Kernel Version Radio Module Type Radio Firmware Version Uptime CPU Load RAM Total Free System Time Router Information Device Model Serial Number Device Name Firmware Version Hardware Version Kernel Version Radio Module Type Radio Firmware Version Uptime CPU Load RAM Total Free System Time Current WAN Link Item Current WAN Link IP Address Gateway Netmask DNS Server Keeping PING IP Address Keeping PING Interval Current radio module type Current radio firmware version MA 2040 00300913090045 Cellular Router 1 01 11 1 01 02 2 6 39 6 HE910 D 12 00 023 0 day 02 37 01 00 00 123 03MB 7 1 64MB 58 23 2014 05 30 12 07 01 Current primary DNS server and Secondary server Current ICMP dete
65. ection 36VDC Interface 3 5mm terminal block with lock Digital Output Type 2 x DO Sink Over voltage Protection 40VDC Over current Protection 0 5A Isolation 3kKVDC or 2kKVRMS Interface 3 5mm terminal block with lock MULTIMAX USER GUIDE 11 System LED Indicators 6 indicators include RUN PPP USR RSSI NET SIM Built in RTC Watchdog Timer Expansion 1 x USB 2 0 high speed host up to 480Mbps Storage 1 x Micro SD up to 2GB Software Network protocols PPP PPPoE TCP UDP DHCP ICMP NAT DMZ RIP v1 v2 OSPF DDNS VRRP HTTP HTTPs DNS ARP SSH SNTP Telnet LinkGo PPP LCP Echo Reply ICMP to keep always online VPN tunnel IPSec OpenVPN PPTP L2TP GRE Firewall SPI anti DoS Filter Access Control Management Web CLI Telnet SNMP v1 v2 v3 Serial Port TCP client server UDP Virtual COM Power Supply and Consumption Power Supply Interface 5mm terminal block with lock Input Voltage 9 to 60 VDC Power Consumption Idle 180 mA 12 V Data Link 500 to 1000 mA 12 V Physical Characteristics Housing amp Weight Metal 500g Dimension L x W x H 125 x 108 x 45 mm Installation 35mm Din Rail or wall mounting or desktop Environmental Limits m Operating Temperature amp Humidity MA 2040 40 to 85 C 5 to 95 RH MA 2040 4G 40 to 85 C 5 to 95 RH m Storage Temperature 40 to 85 C Regulatory and Type Approvals Approvals amp Directives CE FCC PTCRB A Ti
66. ed Max Data limitation Be ela eens MB Set the monthly data traffic limit in MB Date of Month to Clean Already used Show the amount of data been used Switch back Main SIM card after timeout Initial Timeout min Set the initial timeout in minutes If the router consistently fails to dialup or ping the preset WAN address and exceeds the Max Retries it will switch to the backup SIM card The router will switch to backup SIM card when preferred SIM card is roaming The identifier for the router to check if it is in the home location area or in a roaming area and to decide if it needs to switch back to the preferred SIM card Router will switch to another SIM card if it detects there is a DI alarm Only DI_2 can be used for this function and if selected DI_2 cannot be used for any other purposes If the active SIM card has reached the preset data limit it will switch to the backup SIM card Set the day in a month to reset the data usage Enable to Switch back topreferred SIM card after the Initial timeout SIM1 Enabled Disabled Disabled 100 1 Disabled MULTIMAX USER GUIDE 33 Cellular Settings SIM1 SIM2 Status Ready Not inserted Network Provider Type telstra Y APN telstra_internet Username Password Dialup No is aia 1 PIN Type None None Y Invalid PPP password characters list al double quotation mark i quotation mark question mark bracket
67. ernet L2TP CLIENT wireless ya eo o 10 0 0 0 24 Lan 192 168 1 1 24 PC2 Note In the following diagrams the red coloured numbers mean that these should be matched between server and client and those with the blue coloured numbers mean that they must be set up locally for the tunnel L2TP_SERVER Configuration gt L2TP gt L2TP Server Enable L2TP Server C Enable L2TP Server Tick Enable L2TP Server and enter the proper settings L2TP Common Settings Authentication 3 l Enable Tunnel Authentication Local IP 10 1 2 1 IP Pool Start 10 1 2 2 IP Pool End 10 1 2 254 L2TP Server Advanced Show L2TP Server Advanced Route Table List Client IP Remote Subnet Remote Subnet Mask 0 0 0 0 192 168 1 0 255 255 255 0 x 0 0 0 0 means any Add MULTIMAX USER GUIDE 117 The changes will take effect after doing Apply gt Save gt Reboot L2TP_CLIENT Configuration gt L2TP gt L2TP Client L2TP Client Tunnel name Description Click Add button and enter the proper settings L2TP Client X Enable Disable Server Name Password esse gt E 2 Authentication PAP E pe 3 Enable Tunnel Authentication Remote Subnet 10 0 0 0 Remote Subnet Mask l Show L2TP Client Advanced The changes will take effect after doing Apply gt Save gt Reboot 118 MULTIMAX USER GUIDE Add 4 4 PPTP PC LAN PPTP SERVER Tnternet PPTP CL
68. etection interval 30 seconds ICMP detection timeout 3 seconds ICMP detection retries 3 Reset the interface NO FOGG GGG GGG GGG GG IG A K K K K a K K K K MA 2040 config set cellular 1 set SIM_1 parameters 2 set SIM_2 parameters gt please select mode 1 2 1 SIM 1 parameters Network provider 1 Auto 2 Custom 3 china mobile gt please select mode 1 3 1 gt dial out using numbers 99 1 gt pin code Connection Mode 132 MULTIMAX USER GUIDE 1 Always online 2 Connect on demand gt please select mode 1 2 1 gt redial interval 1 120 30 gt max connect try 1 60 3 MA 2040 config end MA 2040 write Building configuration OK save current configuration MA 2040 show cellular K K OK K K K K K OK K OK K KK KKK K K K KK KKK KKK KKK KKK KKK KKK K K K K K K K K K Cellular enable yes 1 show SIM_1 parameters 2 show SIM_2 parameters gt please select mode 1 2 1 SIM 1 parameters network provider Auto dial numbers 99 1 pin code NULL connection Mode Always online redial interval 30 seconds max connect try 3 main SIM select SIM_1 when connect fail yes when roaming is detected NO month date limitation NO SIM phone number network select Type Auto authentication type Auto mtu value 1500 mru value 1500 asyncmap value Oxffffffff use peer DNS yes primary DNS 0 0 0 0 secondary DNS 0 0 0 0 address control compression yes
69. for use with the antenna ANT SMA Unauthorized antennas modifications or attachments could impair call quality damage the device or result in violation of RF exposure regulations There is no guarantee that interference will not occur in a particular installation If the equipment does cause harmful interference in radio and television reception which can be determined by turning the equipment on and off the user is encouraged to try to correct the interference by one or more of the following measures Re orient or relocate the receiving radio or TV antenna Increase the separation distance between the equipment and the receiver Contact Maxon Australia Technical Support for assistance Notes The user is cautioned that changes or modifications not expressly approved by Maxon Australia could void the warranty iss The product must be used by a limited power source or appropriate power supply provided Otherwise safety will not be ensured MULTIMAX USER GUIDE 5 Potentially Unsafe Areas Posted Facilities Turn off this device in any facility or area where posted notices require you to do so Blasting Areas Turn off your device where blasting is in progress Observe restrictions and follow any regulations or rules Potentially Explosive Atmospheres Turn off your device when you are in any area with a potentially explosive atmosphere Obey all signs and instructions Sparks in such areas could cause an explosion
70. from computers office equipment home appliance or any large obstacles such as concrete walls etc An external antenna must be connected to the router for proper operation Always keep the antenna with minimum safety distance of 26 6 cm or more from the human body Do not put the antenna inside metallic box containers etc Note Some airlines may permit the use of cellular phones while the aircraft is on the ground and the door is open The router may be used at this time Using the router in a vehicle Check for any regulation or law authorising the use of cellular equipment in vehicles in your country territory or state before installing the router The driver or operator of any vehicle must refrain from operating the router while in control of a vehicle Installation of the router should be performed by qualified personnel Consult your vehicle distributor for any possible interference of electronic parts by the router The router should be connected to the vehicle s supply system by using a fuse protected terminal in the vehicle s fuse box Use caution when powering the router by the vehicle s main battery The battery may be drained after an extended period of using the router Protecting your router To ensure error free usage please install and operate your router with care Avoid exposing the router to extreme conditions such as high humidity rain high temperatures direct sunlight caustic harsh chemicals dust or
71. gh IP Passthrough Settings Enable IP Passthrough Mode PPPoE v Ethernet Interface LAN 0 Username Password AC Name Service Name Authentication Auto Link Detection Interval s 30 Link Detection Max Retries 5 MULTIMAX USER GUIDE 89 3 28 Configuration gt AT over IP This section allows users to set up the AT over IP parameters AT over IP Item Description l Tick to enable the AT over IP function for remotely controlling the Enable AT Settings cellular module via AT command Select from TCP server or UDP You can enter the IP address of the cellular WAN Ethernet WAN or Ethernet LAN Null or 0 0 0 0 stands for all these three IP addresses Local Port Enter the local TCP or UDP listening port Local IP AT over IP AT Settings V Enable AT Settings Protocol UDP v Local IP Local Port 8091 90 MULTIMAX USER GUIDE 0 0 0 0 8091 3 29 Configuration gt Phone Book This section allows users to set up the Phone Book Phone Book Phone Book Phone Book Set up a name for corresponding phone No Enter the phone No Phone No Note Please use international format This begins with a followed by the country code and number Phone Book Configuration Description Phone No X Cds 1 Make sure you enter mobile destination number in the international format for instance for SMS to US mobile phone 12342342342 1 is the international code for US use t
72. gt or lt 1 1 1 0 24 2 2 2 2 16 gt Add The changes will take effect after doing Apply gt Save gt Reboot MULTIMAX USER GUIDE 125 OPENVPN_CLIENT Configuration gt OpenVPN gt Client Verbose Level Expert Options 126 MULTIMAX USER GUIDE ERR Client Tunnel name Description Add Click Add button and enter the proper settings Enable OpenVPN Client X Enable Disable Tunnel name OpenVPN_Tunnel_0 Protocol UDP id ee i Server Address Authentication 4 Local IP 6 M Enable NAT 7 Ping Interval 20 0 Ping Restart Compression Encryption BF CBC v iz 9 MTU 10 Max Frame Size Ti route 192 168 2 0 255 255 255 0 _ xx XX pDarameter eg config xx config The modification will take effect after doing Apply gt Save gt Reboot Chapter 5 Introductions for CLI 5 1 What is the CLI and hierarchy level Mode The MA 2040 Command Line Interface CLI is a software interface providing another way to set up the device configurations from the serial console port or through a telnet connection To use the CLI properly it is necessary to understand the four different CLI hierarchy level modes which have different access privileges User exec mode the command prompt gt shows that you are in the user exec mode Under this mode users can only use some simple commands to view the current configuration and the device status or to use the Ping command to check t
73. he Pre shared Key Set the lifetime in seconds for IKE negotiation Life Time IKE Before an SA expires IKE negotiates a new SA Once a new SA is set 86400 Parameter up it takes effect immediately and the old one will be cleared automatically when it expires Select from DES MD5_ 96 DES SHA1 96 3DES MD5_ 96 3DES_ SHA1 96 AES128 MD5_ 96 AES128 SHA1 96 AES192_MD5_ 96 AES192_ SHA1 96 AES256 MD5_ 96 and AES256_SHA1_ 96 when ESP is selected for IPSec protocol SA Algorithm Select from AH _MD5_96 and AH _ SHA1 96 when AH is 3DES_MD5_96 selected for IPSec protocol Note Higher security means more complexity in implementation and slower speed In general DES is enough to meet general requirements Use 3DES when higher security level is required Select from PFS NULL MODP768 1 MODP1024 2 and MODP1536_5 PFS NULL Disable PFS Group PFS Group Lee PFS NULL MODP768_1 Uses the 768 bit Diffie Hellman group MODP1024 2 Uses the 1024 bit Diffie Hellman group MODP1536_5 Uses the 1536 bit Diffie Hellman group Set the IPsec SA lifetime in seconds Life Time SA Note During negotiation of setting up an IPsec SA IKE will use the Ao Parameter smaller value between the locally set lifetime and the one proposed by the peer Set the interval in seconds after which DPD Dead Peer Detection Authentication PSK Pre shared
74. he network connectivity Privileged exec mode when entering the privileged exec mode the command prompt will change to H under which users can use all those allowed in the user exec mode plus the addition commands such as importing and exporting files system logs and debug etc Global configuration mode the global configuration mode is with command prompt lt config gt which allows users to view and change the current device configurations Interface mode the global configuration mode is with command prompt lt config xx gt where xx indicates the particular interface Under this mode users are to set IP address and MTU for this interface The following chart shows how to access or quit among these modes ee ia enable re configure em ee a interface ee ae al a P as gt p aS be m SS f 7 d N 7 4 User exec mode 4 Priviledged exec mode Global configuration mode i Interface mode N Pa Pd Pi at a ee we Ma wae a pa a TAE 7 exit ee exit end a et a 7 exit i N a end USER EXEC MODE MA 2040 Configure Environment Username admin Password MA 2040 gt Use to check available commands in user exec mode Enable Turn on privileged commands Exit Exit from current mode Ping Ping test Reload Halt and perform a cold restart Tracert Traceroute test Show Show running system information MULTIMAX USER GUIDE 127 PRIVILEDGED EXEC MO
75. he related parameters Link Management Primary Interface Backup Interface ICMP Detection Primary Server ICMP Detection Secondary Server ICMP Detection Interval ICMP Detection Timeout ICMP Detection Retries Reset The Interface Selected from Cellular EthO Cellular Select Cellular as the primary WAN link EthO Select EthO as the primary WAN link Selected from None Cellular Eth0O None Do not use backup interface Cellular Select Cellular as the backup WAN link EthO Select EthO as the backup WAN link Note Drop down list will not show the option that is already used for primary interface Router will ping this primary address domain name to check that if the current connectivity is active Router will ping this secondary address domain name to check that if the current connectivity is active Set the ping interval Set the ping timeout If the router pings the preset address domain name time out continuously for Max Retries time it will consider that the connection has been lost Enable to reset the cellular ETHO interface after the max ICMP detection retries Cellular None MULTIMAX USER GUIDE 29 Link Management Link Management Settings Primary Interface Cellular Backup Interface None ICMP Detection Primary Server 8 8 8 8 ICMP Detection Secondary Server 8 8 4 4 ICMP Detection Interval s 30 ICMP Detection Timeout
76. hentication id Secrets 12 Life Time s 36400 122 MULTIMAX USER GUIDE Add SA Parameter SA Algorithm 3DES_MD5 96 gt 13 PFS Group PFS_NULL Life Time s 28800 DPD Time Interval s 180 DPD Timeout s 60 IPsec Advanced VPN Over IPsec Type NONE Enable Compress The changes will take effect after doing Apply gt Save gt Reboot MULTIMAX USER GUIDE 123 4 6 OPENVPN PCI LAN A LAN PC3 OPENVPN SERVER OPENVPN CLIENT e 192 168 2 0 24 PC PC4 192 168 1 0 24 Note In the following diagrams the red coloured numbers mean that these should be matched between server and client and those with the blue coloured numbers mean that they must be set up locally for the tunnel OPENVPN_SERVER Configuration gt OpenVPN gt Server Enable OpenVPN Server L Enable OpenVPN Server Tick Enable OpenVPN Server and enter the proper settings 124 MULTIMAX USER GUIDE VPN Server Tunnel Tunnel name OpenVPN_Tunnel_0 Listen IP Protocol UDP f sis Port 1194 2 Interface tn 3 Authentication lone 4 Local IP 0 8 0 1 5 Remote IP 0 8 0 2 amp 7 Ping Interval RS b b H Ping Restart 0 Compression LZO 8 Encryption BF CBC i 2 Max Frame Size iz Verbose Level ERR v _ xx XX parameter eg config xx config Client Manage Use Common Name Password Client IP Local Static Route Remote Static Route Static Route lt 1 1 1 0 24
77. his and then your normal number without the first zero 2 In some countries only can send receive SMS without international code for the number Phone Group Phone Book Phone Group Phone List Show the phone list in the group Nul Click Add to create a new phone group This box will appear when users click either a phone group or Add button Click right arrow to add a selected phone No to the group or Click left Add or remove the phone No to from group arrow to remove a selected phone No from the group Note Phone group cannot be set up if there are no phone numbers in the phone book Phone Group Configuration Group Name Phone List MULTIMAX USER GUIDE 91 Group No And Description Group Name Add or remove the phone no to from group Not in this group In this group 92 MULTIMAX USER GUIDE 3 30 Configuration gt SMS This section allows users to set the SMS Notification and SMS Controls Send SMS on Enable to send SMS to a specified phone group after the router is asied isable power up powered up Send SMS on E i Enable to send SMS to a specified phone group after PPP is up Disabled PPP connect Send SMS on l Enable to send SMS to a specified phone group after PPP is down Disabled PPP disconnect Phone Group Select the Phone Group who wish to receive the SMS s Null Enable SMS Click to enable SMS remote control feature Disabled Control Password Set the password c
78. ield Compression Asyncmap Value fifTttTf MRU 1500 MTU 1436 Link Detection Interval s 30 Link Detection Max Retries 5 Expert Options noccp nobsdcomp Route Table List Client IP Remote Subnet Remote Subnet Mask 0 0 0 0 means any Add 84 MULTIMAX USER GUIDE 3 25 Configuration gt SNMP This section allows users to set up the SNMP Simple Network Management Protocol parameters Basic SNMP Basic Item Description Default Port UDP port for sending and receiving SNMP requests Agent Mode Select the proper agent mode Version Select from SNMPv1 SNMPv2 and SNMPv3 SNMPv2 Location Info Enter the router s location info that will be sent to an SNMP client support maxon Contact Info Enter the router s contact info that will be sent to an SNMP client com au Enter the router s system name that will be sent to an SNMP client a SNMP Basic Settings Enable SNMP Port 161 Agent Mode Master oa Version SNMPv2 Location Info Australia Contact Info support maxon com au System name router View SNMP View eE Default Enter the View Name View Filter Select from Include and Exclude Include View OID Enter the Object Identifiers OID Nul ___Basic VACM Mib View List View Name View Filter View OID system Include 7 ie a sy x all Include 1 x View OID lt 1 65535 gt lt 1 65535 gt Add MULTIMAX USER GUIDE 85
79. is allowed to accumulate in the serial port buffer before sending Setting O for packet length means that data in the buffer will be sent as specified by the interval timeout or delimiter settings or when the Packet Length buffer is full When a packet length between 1 and 1024 bytes is ce Transparent specified data in the buffer will be sent as soon it reaches the specified length Note Data will also be sent as specified by the interval timeout or delimiter settings even when data is not reaching the preset packet length When Delimiter 1 is enabled the serial port will queue the data in the buffer and send the data to the Cellular WAN Ethernet WAN when a Enable specific character entered in hex format is received A second aeei Delimiter1 2 delimiter character may be enabled and specified in the Delimiter 2 field so that both characters act as the delimiter to control when data should be sent Delimiter1 2 Hex Enter the delimiter in Hex Transparent The Delimiter process field determines how the data is handled when a delimiter is received Delimiter Process None Data in the buffer will be transmitted when the delimiter is Transparent received the data also includes the delimiter characters ae Strip Data in the buffer is first stripped of the delimiter before being transmitted This item will show up when you enable any VPN tunnel in the router eee it means serial data can be matched to this local IP address and
80. is selected and connected to aPPPoE Ethernet client e g a PC the PC will dial up to Multimax PPPoE server through Interface LAN_O Note It doesn t matter whether you select LAN _O or LAN_ 1 If enabling bridge mode in tab Configuration gt Ethernet gt LAN LAN_O Interface Set the username of the PPPoE server Nul Set the password of the PPPoE server Nul Set the AC Access Concentrator name of the PPPoE server Set the service name of the PPPoE server Note the PPPoE client needs to use the same username password AC Service Name a i name and service name of the PPPoE server or it will fail to dial up to the server ee Set up the PPP authentication method by selecting one of the following Authentication Auto Auto PAP and CHAP When the PPPoE client dials up to Multimax PPPoE server the Multimax will send a LCP Echo Request to PPPoE client with this interval The interval can be configured from 3 to 30 seconds Link Detection 30 Interval s If the Multimax does not get response after sending LCP Echo Request it will do retries If still fails to get a response after a maximum retires Link Detection the Multimax will send a LCP Terminal Request packet to disconnect Max Retries i l l the connection between PPPoE server and client The maximum retries can be from 3 to 5 times 88 MULTIMAX USER GUIDE IP Passthrou
81. it 2 3 Installing SIM Card s and Micro SD Card E Inserting SIM Card or Micro SD Card 1 Make sure the power supply is disconnected 2 Unscrew and remove the cover for SIM and Micro SD Card to find the SIM and Micro SD slot 3 Insert the SIM card or Micro SD card and press the card with fingers until you hear a clicking sound 4 Put the cover back on and screw firmly E Removing SIM Card or Micro SD Card 1 Make sure the router is powered off 2 Unscrew and remove the cover for SIM and Micro SD Card 3 Press the card until you hear a clicking sound and the card will pop out for removal from the slot Note 1 Never operate the router without the SIM card cover installed 2 Avoid touching the metal surface of the SIM card to avoid damage or loss of information in the card 3 Avoid bending or scratching your SIM card Keep the card away from any strong electromagnetic fields 4 Make sure to disconnect the power source from your router before inserting or removing SIM or Micro SD cards 14 MULTIMAX USER GUIDE 2 4 Connecting the External Antenna SMA Type Connect this to an external antenna with an SMA male connector Make sure the antenna is for the correct frequencies as specified by your GSM 3G 4G operator and supported by the modem with an impedance of 50 ohms and also that connector is secure and tight Auxiliary antenna connection is optional but recommended SMA male connector of antenna cable
82. le e Wall Mounting Kit e CD with user guide x 1 MULTIMAX USER GUIDE 9 Note Please notify your sales representative if any of the above items are missing or damaged Optional accessories can be purchased separately e 35mm Din Rail mounting kit e AC DC Power Supply Adapter 12VDC 1 5A x 1 AU plug standard EU US UK plugs optional 10 MULTIMAX USER GUIDE 1 3 Specifications Cellular Interface Standards GSM GPRS EDGE UMTS HSPA FDD LTE GSM GPRS EDGE 850 900 1800 1900 MHz HSPA 850 900 1900 2100 MHz DL 7 2 UL 5 76 Mbps fall back to 2G HSPA 850 900 1900 2100 MHz DL 21 UL5 76 Mbps fall back to 2G FDD LTE 800 900 1800 2100 2600 MHz DL 100 UL 50 Mbps fall back to 3G 2G DUAL SIM 2 x 3V amp 1 8V Antenna Interface SMA Female 50 ohms impedance FDD LTE for MA 2040 4G model only Ethernet Interface Ports 2 x 10 100 Mbps can be used as 2x LANs or 1x LAN 1x WAN Magnet Isolation Protection 1 5kV Serial Interface Ports 1 x RS 232 1 x RS 485 ESD Protection 15kV Parameters 8E1 801 8N1 8N2 7E2 702 7N2 7E1 Baud Rate 2000bps to 115200bps Flow Control RTS CTS XON XOFF RS 232 TxD RxD RTS CTS GND RS 485 Data A Data B GND Interface 3 5mm terminal block with lock Digital Input Type 2 x DI Dry Contact Dry Contact On short to GND V Off open Isolation 3kKVDC or 2kKVRMS Digital Filtering Time Interval Software selectable Over voltage Prot
83. loyed to allow authorization and secured transactions Web Server X 509 HTTPS In this tab user can import or export Public Key and Private Key for Certificate HTTPS certificate Basic O X509 O Port Settings HTTP Port 80 HTTPS Port 443 X 509 HTTPS Certificate Public Key Browse Import Export Private Key Browse Import Export MULTIMAX USER GUIDE 107 3 40 Administration gt User Management This section allows users to add and modify user accounts Super User User Management Super Each router has only one super user account With this account the Super Admin user has the highest authority of managing all user accounts User Set Username and Password Management SDN Specify the login timeout in seconds User needs to re login after the Login Timeout 1800 inactive time exceeds the setting User Management Username admin Old Password New Password Confirm Password Login Parameters Login Timeout s 1800 Common User Management Common Each router can have up to 9 common user accounts There are two Common access levels for the common user account ReadWrite and ReadOnly Username Set Username and Password Password Click this button to add a new account Select from ReadWrite and ReadOnly Access Level ReadWrite Users can view and change the configuration of the router ReadOnly Users only can view the configu
84. ls are provided for users to do some debugging Ping AT Debug Traceroute Sniffer and Test Ping Tool Ping Ping IP address Enter the ping destination IP address or domain name Number of l Specify the number of requests requests Timeout Specify timeout of ping request Specify the local IP from cellular WAN Ethernet WAN or Ethernet LAN o Local IP Null stands for selecting the local IP address from these three automatically ark Click this button to start ping request and the log will be displayed in ar the follow box cc Ping Ping IP address 8 8 8 8 Number of requests 5 Timeout s 1 Local IP Start Stop PING 8 8 8 8 8 8 8 8 56 data bytes 64 bytes from 8 8 8 8 seq 0 ttl 55 time 27 804 ms 64 bytes from 8 8 8 8 seq 1 ttl 55 time 24 116 ms 64 bytes from 8 8 8 8 seq 2 ttl1 55 time 135 683 ms 64 bytes from 8 8 8 8 seq 3 ttl 55 time 23 907 ms 64 bytes from 8 8 8 8 seq 4 tt1l 55 time 28 246 ms 8 8 8 8 ping statistics 5 packets transmitted 5 packets received 9 packet loss round trip min avo max 23 907 47 951 135 683 ms MULTIMAX USER GUIDE 101 AT Debug Tool AT Debug Send AT Enter the AT commands which will be sent to the cellular module in this Commands box Send Click this button to send the AT commands Receive AT The router will display the response from the cellular module in this Commands box T E a E Send AT Commands s at Send Receive AT
85. m NTP server Enable NTP Server Click to enable the NTP server service in the router Disabled Update interval h Real Time Clock Settings Real Time Clock 2014 06 02 16 05 51 PC Time 2014 06 02 16 05 34 Synchronize Timezone Setting Timezone UTC 10 00 Sydney Australia Russia Guam v NTP Settings Enable NTP Client Primary NTP Server pool_ntp org Secondary NTP Server Update Interval h 1 Enable NTP Server 106 MULTIMAX USER GUIDE 3 39 Administration gt Web Server This section allows users to modify the parameters of Web Server Web Server Basic Enter the HTTP port number to be used in Multimax s Web Server By default port 80 is the port that the Web server listens to or HTTP Port expects to receive from a Web client using HTTP If you wish to configure the router with another HTTP Port number other than the port 80 just enter the port number in the field Enter the HTTPS port number to be used in Multimax s Web Server By default port 443 is the port that the Web server listens to or expects to receive from a Web client using HTTPS If you wish to configure the router with another HTTPS Port number other than the 443 HTTPS Port port 443 just enter the port number in the field Note HTTPS is more secure than HTTP In many cases clients may be exchanging confidential information with a server which needs to be secured in order to prevent unauthorized access For this reason HTTPS was dep
86. mode all receiving packets are processed as normal and Passive RIP message will not be sent except to the RIP neighbours specified in the Neighbour field The default is to be passive on all interfaces Garbage 120 None Enable Enable to make the router send the default route to other routers within one l Default Disabled a Autonomous System AS using Interior Gateway Protocol IGP Origination Enable Redistribute Redistribute the connected routes into the RIP tables Disabled Connect Enable as a a Enable to redistribute routing information from static route entries into the Redistribute Disabled i RIP tables Static Enable NP BO DON a Enabling to redistribute routing information from OSPF route entries into the l Redistribute Disabled RIP tables OSPF Network List The router will only report the RIP information in this list to its neighbour Network Enter the Network address which EthO or Eth1 is directly connected to Address NetMask Enter the Network s netmask which EthO or Eth1 is directly connected to RIPipv4 Enabled IV Enable RIP Protocol Setting RIP Protocol Version RIPvi RIPv2 MULTIMAX USER GUIDE 61 RIP Protocol common Settings Neighbor IP Update time s 30 Timeout s 130 Garbage s 120 RIP protocol Advance Setting Enable Advance default Metric 1 Distance 120 Passive None v _ Enable Default origination _ Enable Redistribute Connect _ Enable
87. nable PIN lock or PUK lock Input Select when SIM card has enabled with PIN lock or PUK Correct PIN PUK code need to be entered Lock Select when user needs to lock the SIM card with PIN or PUK code PIN Type Unlock Select when user needs to unlock the SIM card with PIN or PUK code Note Please refer to your local ISP to see whether your SIM card requires PIN or not If you wish to change the SIM PIN please click the button to enable it and then input the new PIN You can go to tab Status gt Event Log and search AT CPIN to check the status of SIM card MULTIMAX USER GUIDE 31 Connection Mode Select from Always Online and Connect On Demand Always Online Auto activates PPP and keeps the link up after power on Connect On Demand After selecting this option the user can choose from the following On Demand Connection Rules Always Connection Mode Online Triggered by Serial Data Triggered by SMS Triggered by I O Triggered by Periodically Connect and Triggered by Time Schedule Note If you select multiple on demand rules the router only has to meet one of them to be triggered Router will automatically re connect with this interval in Redial Interval s ert l l l seconds when it fails to communicate with peer via TCP or UDP The maximum number of retries for automatic re connection in case the router fails to dial up After the number is reached the router will re
88. need to Asyncmap Value i l FEF FET FE modify this value vr Maximum Receiving Unit It is the identifier of the maximum size of packet which is possible to receive in a given environment ral Maximum Transmission Unit It is the identifier of the maximum size of packet which is possible to transfer in a given environment Specify the interval between PPTP client and server 1500 1436 To check the connectivity of a tunnel the client and server regularly send PPP Echo to each other If the client or server Link Detection receives no response from the peer within a specified period of Interval time it will retransmit the PPP echo If no response from the peer is received after the set number of maximum retries it is considered that the PPTP tunnel is down and the client will try to re establish a tunnel with the peer Link Detection i Specify the maximum retries for PPTP link detection 5 Max Retries You can enter some extra PPP initialization strings in this field Each noccpnobs Expert Options string can be separated by a space dcomp Route Table List Click Add to add a route rule from PPTP server to PPTP client W MULTIMAX USER GUIDE 83 Enable PPTP Server PPTP Common Settings Username Password Authentication CHAP X Local IP 10 0 0 1 IP Pool Start 10 0 0 2 IP Pool End 10 0 0 100 Enable MPPE PPTP Server Advanced Enable PPTP Server Advanced Address Control Compression Protocol F
89. need to select the correct authentication method based on the Authentication Disabled servers configuration When you select Auto the router will automatically select the correct method based on the server s setting Enable Tunnel Tick to enable tunnel authentication and enter the tunnel secret picsiiad isable Authentication provided by the L2TP server Remote Subnet Enter the L2TPremote protected subnet Remote Subnet Enter the L2TPremote Protected netmask Mask Show L2TP Client Tick to enable the L2TP client advanced setting Disabled Advanced Set the IP address of the L2TP client een Ie You can enter the IP that assigned by L2TP server Null means L2TP client will obtain an IP address automatically from L2TP server s IP pool Remote Enter the peer s private IP address or remote subnet s gateways Remote IP address Used for PPP initialization In general you need to enable it as a eaabied Compression default Protocol Field Used for PPP initialization In general you need to enable it as a Enabled Compression default One of the L2TP initialization strings In general you don t need to Asyncmap Value ffffffff change this value MRU Maximum Receiving Unit The identifier of the maximum size of packet which is possible to receive in a given environment YU Maximum Transmission Unit It is the identifier of the maximum size of packet which is possible to transfer in a given environment Sp
90. nly as the current wan link ICMP primary server 8 8 8 8 ICMP second server 8 8 8 4 ICMP detection interval 30 seconds ICMP detection timeout 3 seconds ICMP detection retries 3 reset the interface no OK OK OK OK OK OK E E OK OK E OK OOK OK E E E OK OK OK OK OK OK OK OK OK OK OK OK OK OK OK KK KK OK OK KK KK KKK MA 2040 configure MA 2040 config set ethO Ethernet interface type WAN Type select 1 Static IP 2 DHCP 3 PPPOE gt please select mode 1 3 1 gt IP address 192 168 0 1 58 1 1 1 set IP address for ethO gt netmask 255 255 255 0 255 0 0 0 gt gateway 192 168 0 254 58 1 1 254 set gateway for ethO gt mtu value 1024 1500 1500 gt input primary DNS 192 168 0 254 58 1 1 254 set dns for ethO gt input secondary DNS 0 0 0 0 This parameter will take effect after reboot MULTIMAX USER GUIDE 131 really want to modify yes MA 2040 config end MA 2040 write save current configuration Building configuration OK MA 2040 reload IReboot the system yes or no yes reboot the device for the new configuration to take effect Example 5 CLI for Cellular dialup MA 2040 gt enable Password TASER MA 2040 MA 2040 show link management KK K K K K OK OK OK K OK K OK K K OK OK OK K K K K K K K K K K K K OK K K K K K K K KK KK K K K wan link Cellular Only Cellular Only as the current wan link ICMP primary server 8 8 8 8 ICMP second server 8 8 8 4 ICMP d
91. ontent Reboot ok Note Only support text format SMS me ee E Daily Reboot V Enable Time Reboot hh mm 24h Reboot Timel Reboot Time2 Reboot Time3 12 00 MTS he lo Call Reboot Configuration Enable Call Reboot Phone Group NULL Click to add PhoneGroup SMS Reply Content 94 MULTIMAX USER GUIDE SMS Reboot Configuration Phone Group NULL v Click to add PhoneGroup Password SMS Reply Content MULTIMAX USER GUIDE 95 3 32 Configuration gt maXconnect This section allows users to configure parameters for maXconnect MaXconnect is Maxon s modem management portal a cloud based M2M management portal which allows you to access monitor and control 3G 4G Maxon devices securely With maXconnect you can access real time data from your devices monitor their status and location Utilise complete functionality by controlling your devices anywhere anytime This one stop portal is an access point to manage your 3G 4G assets securely and remotely Enable maXconnect Click to enable maXconnect feature Disabled Enter the IP address or URL of the maXconnect Server for the device status update Server address When an Internet connection is used please enter portal maxconnect com au When using maXwan please use IP 10 0 0 1 ak eae eae tic ean maXconnect Update The status update interval in seconds 90 Interval s maxXconnect maxXconnect Enable maXconnect maxXconnect URL portal maxconnect
92. ontent for SMS control Content Note Only supports text format For example 123 or ABC123 Phone Group Select the Phone Group who can use SMS control feature Null SMS Notification _ Send SMS on power up 1 Send SMS on PPP connect _ Send SMS on PPP disconnect Phone Group NULL Click to add PhoneGroup SMS Control Enable Password Content Phone Group NULL Click to add PhoneGroup MULTIMAX USER GUIDE 93 3 31 Configuration gt Reboot This section allows users to set up the reboot policies for the router Reboot Time Enable daily reboot Up to three time points can be configured Enable ahh mm 24h l l l Disabled The time has to be inhh mm 24h time format Reboot Time1 Specify time1 when the router will reboot Reboot Time2 Specify time2 when the router will reboot Nul Reboot Time3 Specify time3 when the router will reboot Nul Reboot Call Click to enable call reboot function Enable Call Reboot l l Disabled Note This feature is not supported by 3G or 4G model Set the Phone Group which is allowed to reboot the router by Phone Group call Set up the reply SMS after reboot by call is performed e g SMS Reply Content Reboot ok Note Only support text format SMS Reboot SMS Enable SMS Reboot Click to enable SMS reboot function Disabled Phone Group Set the Phone Group that is allowed to reboot the router by SMS Set up the reply SMS after reboot by SMS is performed e g o SMS Reply C
93. or PPTP Client A Click Add to add a PPTP client A Remote IP Enter the PPTP server s public IP address or domain name Address Username Enter the username that was provided by your PPTP server Password Enter the password that was provided by your PPTP server Select from Auto PAP CHAP MS CHAP v1 and MS CHAP v2 You need to select the correct authentication method based on the Q ok Authentication Auto server s configuration When you select Auto the router will automatically select the correct method based on the server s setting Remote Subnet Enter PPTP remote protected subnet Remote Subnet eee Enter PPTP remote Protected netmask as Tick to enable MPPE Microsoft Point to Point Encryption It s a Enable MPPE Disabled protocol for encrypting data across PPP and VPN links Enable PPTP l l l l Tick to enable the PPTP client advanced setting Disabled Client Advanced Set the IP address of the PPTP client ee You can enter the IP that assigned by PPTP server Null means PPTP oca client will obtain an IP address automatically from PPTP server s IP pool Enter the remote peer s private IP address or remote subnets Remote IP gateways address Address Control Used for PPP initialization In general you need to enable it as a ea nable Compression default Protocol Field Used for PPP initialization In general you need to en
94. or fire resulting in bodily injury or death Areas with a potentially explosive atmosphere are often but not always clearly marked They include Fuelling areas such as gas or petrol stations Below deck on boats Transfer or storage facilities for fuel or chemicals Vehicles using liquefied petroleum gas such as propane or butane Environments that contain chemicals or particles such as grain dust or metal powders Avoid using the router in areas that emit electromagnetic waves or enclosed metallic structures e g lifts or any other area where you would normally be advised to turn off your engine 6 MULTIMAX USER GUIDE Document Version Control Updates between document versions are cumulative Therefore the latest document version contains all updates made to previous versions Product Multimax Industrial Ethernet Router Model MA 2040 MA 2040 4G Document Type PDF Status of the Document Public Release Revision Date July 2014 Total Number of Pages 135 Firmware Release Date Details Version 2013 03 15 Update firmware Add configuration examples 2014 05 19 4G additions changes 1 03 Added new features introduced in new firmware 2014 06 02 Screenshots updated accordingly MULTIMAX USER GUIDE 7 Chapter 1 Product Introduction 1 1 Overview The Maxon Multimax MA 2040 MA 2040 4G is a rugged cellular router offering state of the art mobile connectivity for M2M machine to machine applications It includes th
95. ours of Operation Monday to Friday 8 30am to 5 30pm Telephone 61 2 8707 3000 Facsimile 61 2 8707 3001 Email sales maxon com au Public holidays excluded WEBSITE www maxon com au MULTIMAX USER GUIDE 3 Important Notice Due to the nature of wireless communications transmission and reception of data can never be guaranteed Data may be delayed corrupted i e have errors or be totally lost Although significant delays or losses of data are rare when wireless devices such as the router are used in a normal manner with a well constructed network the router should avoid situations where failure to transmit or receive data could result in damage of any kind to the user or any other party including but not limited to personal injury death or loss of property Maxon accepts no responsibility for damages of any kind resulting from delays or errors in data transmitted or received using the router or for failure of the router to transmit or receive such data Safety Precautions General The router generates radio frequency RF power When using the router care must be taken on safety issues related to RF interference as well as regulations of RF equipment Do not use your router in aircraft hospitals petrol stations or in places where using cellular products is prohibited Ensure that the router does not interfere with nearby equipment For example pacemakers or medical equipment The antenna of the router should be away
96. owse to select the appropriate CA file from your PC and then CA Import to load it to the router Click Export to save the CA file to your PC Click Browse to select the appropriate Remote Public Key file from your Remote l PC and then Import to load it to the router Public Key Click Export to save the Remote Public Key file to your PC Click Browse to select the appropriate Local Private Key file from your Local Private Key PC and then Import to load it to the router Click Export to save the Local Private Key file to your PC Click Browse to select the correct CRL file from your PC and then click CRL Import to load it to the router Click Export to save the CRL file to your PC Authentication o Authentication Manage Click Browse to select the appropriate Local Public Key file from your Local Public Key PC and then Import to load it to the router Click Export to save the Local Public Key file to your PC Select Cert Type Tunnel _1 o CA Choose File No file chosen Import Export Remote Public Key Choose File No file chosen Import Export Local Public Key Choose File No file chosen Import Export Local Private Key Choose File No file chosen Import Export CRL Choose File No file chosen Import Export Authentication Status Cert Type Ca crt Remote crt Local crt Private key Cri pem Tunnel 1 o 3
97. p Interface v l ICMP Detection Primary Server 886 ICMP Detection Secondary Server 8 0 4 4 ICMP Detection Interval s 30 ICMP Detection Timeout s ICMP Detection Retries 3 Reset The Interface It is recommended to use an ICMP detection server to keep router always online The ICMP detection increases the reliability and also cost data traffic DNS example Googie ONS Server 8 8 8 8 and 8 8 4 4 Changes will take effect after clicking the Apply button MULTIMAX USER GUIDE 113 Configuration gt Cellular WAN gt Basic Cellular Settings SIM1 SIM2 Status Ready Not Ready Network Provider Type auto auto APN Username Password Dialup No 99 eee 1H OG eee 1z PIN code request Set PIN Code Set PIN Code Connection Mode Connection Made Redial Interval s 30 Max Retries 3 Inactivity Time s 0 Serial Output Content Y Triggered by Serial Data Y Periodically connect Periodically connect interval s 300 ime schedule schedule_1 Time Range Name SUN MON TUE WED THU FRI SAT Time Rangel Time Range Time Range3 schedule 1 M M M M M M M 08 10 12 00 14 10 20 15 X Add Select the trigger policy required Note If multiple trigger policies are selected the PPP will be triggered with any of them matched 4 1 3 SMS Remote Status Reading The Multimax supports remote status reading via SMS using the commands in the table below to get the status of the route
98. protocol field compression yes expert options noccpnobsdcomp KK K K K K OK K K K K K OK K K OK K K K K K K K K OK K K K OK K K K K K K K XK K K K KK K K K XK MA 2040 reload IReboot the system yes or no yes effect MULTIMAX USER GUIDE 133 reboot the device for the new configuration to take 5 3 Commands reference Import configuration file or update tftp tftp P address get cfg rootfs file name l l firmware via tftp Show current configuration of each function if need to see all the Show Show parameters l l configurations please use show SE running Set parameters All the function parameters are set by commands set and add The difference is that set is for the single parameter Add parameters and add is for the list parameter 134 MULTIMAX USER GUIDE
99. r SMS command syntax Password cmd1 a b c cmd2 d e f cmd3 g h i cmdn j k n SMS command Explanation 1 Password The SMS command password is configurable via Basic gt SMS Control gt Password and it is optional 114 MULTIMAX USER GUIDE a es ee ES a When there is no password the SMS command has the following structure cmd1 cmd2 cmd3 cmdn b When there is a password SMS command has the following structure Password cmd1 cmd2 cmd3 cmdn cmd1 cmd2 cmd3 to Cmdn command identification numbers 0001 0010 a b cto n are command parameters The semicolon character is used to separate more than one command packed in a single SMS E g 1234 0001 in this command password is 1234 0001 is the command to reset the Multimax SMS Commands Save Parameters emg o G wa Save Parameters 0003 cmd and Reset Device Start PPP 0004 cmd Dialup w wa 0005 Stop PPP Switch Sim 0006 Card channel 1 DI_1 0007 Papier OisanIc cmd channel flag DI_2 Event Counter flag 0 disable 1 enable channel Get Event 0008 cmd channel 1 Count Value 2 DI_ 2 channel Clear Event 0009 cmd channel 1 Count 2 DI_ 2 Clear SIM simNumber 0010 Card s Data cmd simNumber 1 Limitation 2 SIM_2 MULTIMAX USER GUIDE 115 4 2 NAT Port Forwarding This section explains how to set up the NAT configuration of the router Remote IP defines if access from the IP is allowed to route to the forwarded
100. rable if you enable Bridge 192 168 0 2 192 168 0 100 1492 Interface mode Set up media type for EthO There are five types in the drop down list to choose from Auto negotiation 10Mbps Half Duplex 10Mbps Full Duplex 100Mbps Half Duplex 100Mbps Full Duplex Multiple IP Address Assign multiple IP addresses for EthO These parameters LAN Interface will be un configurable if you enable Bridge mode Enable to make the router lease IP address to DHCP clients Enable DHCP Server which connect to EthO These parameters will be Enable Media Type LAN Auto negotiation Interface DHCP Server un configurable if you enable Bridge mode Define the beginning IP Pool Start and end IP Pool End IP Pool Start IP Pool l 192 168 0 2 of the pool of IP addresses that will be leased to DHCP End DHCP Server cag 192 168 0 100 clients Netmask DHCP Define the netmask that the DHCP clients will get from 255 255 255 0 Server DHCP server Lease Time DHCP Define how long in minutes the client can use the IP Server min address acquired from DHCP server Primary Secondary Define the primary and secondary DNS Server that the 192 168 0 1 DHCP clients will get from DHCP server 0 0 0 0 DNS Server DHCP Server Server DHCP server Static Lease DHCP Define the IP Addresses that are dedicatedly allocated to MULTIMAX USER GUIDE 37 Ethernet Interface Type LAN O WAN LAN Interface Enable Bridge As 2 P
101. ration of the router 108 MULTIMAX USER GUIDE Super Common User Management Access Level Username Password add 3 41 Administration gt SDK Management This section allows users to set up SDK Management parameters for the router Applications SDK Management APP Firmware Show the current firmware version Version Import Files Click to import application files The list shows which application files have been imported to the router which application files that need to be run as well as the running information Enable Click to enable the application Custom APP Name Shows the name of the application Application List Options Optional setting in which users can configure the startup parameters Memory KB Shows the memory resources allocated for the applications Running Shows whether the applications are running Import Applications Browse Import Custom Application List Enabled APP Name Options Memory KB Running MULTIMAX USER GUIDE 109 Configuration Files SDK Management Files Import Files Click to import configuration files T This list shows which Configuration files that have been imported to Custom File List the router APP Import Files Browse Import File Costom File List Index File Name 110 MULTIMAX USER GUIDE 3 42 Administration gt Update Firmware This section allows users to update the firmware of the router locally or remotely The Multima
102. red numbers mean that these should be matched between server and client and those with the blue coloured numbers mean that they must be set up locally for the tunnel IPsecVPN_SERVER Cisco 2811 cryptoisakmp policy 10 hash md5 authentication pre share roup 2 crypto isakmp key isco jaddress 0 0 0 0 0 0 0 0 12 crypto Ipsec transform set trans esp 3des esp md5 hmac 2 13 crypto dynamic map dyn 10 set transform set trans match address 101 T i fond tng gt crypto map map1 10 ipsec isakmp dynamic dyn interface FastEthernetO 0 crypto map mapl access list 101 permit ip 10 0 0 0 0 0 0 255 any 3S Note Polices 1 4 6 7 are default for Cisco router and are shown here MULTIMAX USER GUIDE 121 IPsecVPN_CLIENT Configuration gt IPsec gt IPsec Basic IPsec Basic Enable NAT Traversal WwW Keepalive Interval s Then click Apply Configuration gt IPsec gt IPsec Tunnel IPsec Tunnel Tunnel name Description Click Add button and enter the proper settings IPsec Common T a m O 4 S m rm s Tunnel name IPsec Gateway Address IPsec Mode i IPsec Protocol 2 Local Subnet 3 Local Subnet Mask 55 255 255 0 Local ID Type 4 Remote Subnet 5 Remote Subnet Mask 55 255 255 0 er Remote ID Type P Address IKE Parameter Negotiation Mode Main JZ Encryption Algorithm AES256 iii E Authentication Algorithm MmMD5 g DH Group 10 Aut
103. s 3 ICMP Detection Retries 3 E Reset The Interface It is recommended to use an ICMP detection server to keep router always online The ICMP detection increases the reliability and also cost data trafic ONS example Google DNS Server 8 8 8 8 and 8 8 4 4 30 MULTIMAX USER GUIDE 3 11 Configuration gt Cellular WAN This section allows users to set the Cellular WAN and the related parameters Note This section will not be displayed if you select EthO as primary interface and no backup in Configuration gt Link Management gt WAN Link Basic Settings Cellular WAN Settings Select from Auto Custom or the ISP name you preset in Configuration gt Cellular WAN gt ISP Profile Auto Router will get the ISP information from the SIM card and Default Network Provider set the APN username and password automatically This option Auto Type only works when the SIM card is from well known ISPs Custom Users need to set the APN username and password manually Access Point Name for cellular dial up connection provided by local ISP Username for cellular dial up connection provided by local ISP Password for cellular dial up connection provided by local ISP Dialup number for cellular dial up connection provided by local Dialup No a 99 1 Select from None Input Lock and Unlock None Select when SIM card does not e
104. serial device type Modbus RTU master iv Modbus Slave Slave Address Slave Port ID ID lt 1 247 gt or lt 1 247 gt lt 1 247 gt When Selecting the Protocol AT Over COM Protocol Settings Protocol AT Over COM v Display all com Note enable this function will disable cellular WAN COM Name fdev ttySl v Serial RS485 Select from 300 600 1200 2400 4800 9600 Baud rate 115200 19200 38400 57600 115200 and 230400 Data bit Select from 7 and 8 Select from None Odd and Even Stop bit Select from 1 and 2 MULTIMAX USER GUIDE 45 Transparent Select from None Transparent and Modbus Transparent Router will transmit the serial data transparently Protocol without any protocols Modbus Router will transmit the serial data with Modbus protocol Mode Ml al d Select from TCP Server TCP Client and UDP TCP Client Transparent Local Port Enter the Local port for TCP or UDP Transparent Click Add button to add multiple servers You need to enter the server s IP and port and enable or disable Send data to serial If Multiple Server you disable Send data to serial router will not transmit the data Transparent from this server to serial port Note This section will not be displayed if you select
105. sers set in the Phone Group SMS Disconnect When PPP is disconnected an SMS specified here will be sent to Reply preset users set in the Phone Group 32 MULTIMAX USER GUIDE W W Phone Group Trigger By IO Periodically Connect Periodically Connect Interval s Time Schedule Time Range Click to add Phone Group to Set specific users Phone Book and which Phone Group they are belonged to Tick this checkbox to allow PPP connection disconnection when there is a DI alarm Only DI_1 can be used for this trigger and if selected DI_ 1 cannot be used for any other purposes Tick this checkbox to allow the router to automatically connect to the cellular network with an interval pre set in Periodical Connect Interval The Interval in seconds for Periodical Connect Select the Time Range to allow the router to automatically connect to cellular network during specified time range Adding the Time Range used for Time Schedule You can set the days in the week and up to three time slots in one day You can also add more than one schedule in the table and name them Dual SIM Policy Disabled Disabled 300 NULL Main SIM Card Set the preferred SIM card from SIM 1 or SIM 2 Switch to backup SIM Card When Connection Fails Switch to backup SIM Card When Roaming is Detected Preferred PLMN Switch to backup SIM card when IO is active Switch to backup SIM card when data limit is exceed
106. sic Settings Remote Access Using HTTP i K Remote Access Using TELNET Remote Access Using SNMP Remote Ping Request Kk amp Defend DoS Attack Filtering Firewall Filtering Select from Accept and Drop Accept Router will only reject the connecting requests from the hosts that match the filter list Drop Router will only accept the connecting requests from the hosts that fit the filter list Add Filter l ey Click Add to add a filter list iS Select from Accept and Drop Default Filter Policy Action Accept Router will accept the connection request that matches the definition in the table MULTIMAX USER GUIDE 55 Drop Router will reject the connection request that matches the definition in the table i Defines if access is allowed from one or a range of IP addresses that are ource defined by Source IP Address or every IP address Defines if access is allowed from one or a range of ports that is defined by Source Port Source Port Defines if access is allowed tone or a range of port that is defined by Target Target Port Port p llo Select from TCP UDP TCP amp UDP ICMP or ALL Protocol If you don t know what kinds of protocol of your application we recommend you select ALL Note You can use to define a range of IP addresses or ports e g 1 1 1 1 2 2 2 2 10000 12000 Target IP Defines if access is allowed to
107. t remote IP Address of the GRE Server Address Local Virtual IP Set local IP Address of the virtual GRE tunnel Remote virtual Set remote IP Address of the virtual GRE tunnel Add a static route to the remote subnet so that the remote network is Remote Subnet known to the local network gt Remote Subnet Set the remote subnet netmask Mask All traffic via this me After enabling this feature all data traffic will be sent via GRE tunnel Disabled interface Tick to enable NAT for GRE The source IP address of the host behind the Multimax will be disguised for accessing the remote GRE server Secrets Set Tunnel Key of GRE Nul o Enable NAT Disabled IP GRE GRE Tunnel name Description GRE V Enable Remote IP Address Local Virtual IP Remote Virtual IP Remote Subnet Remote Subnet Mask All traffic via this interface Enable NAT Secrets 76 MULTIMAX USER GUIDE 3 23 Configuration gt L2TP This section allows users to set up the L2TP tunnel Server or Client Client L2TP Client Click Add to add a L2TP client You can add up to 3 L2TP clients Add L2TP Client Click X to delete an existing L2TP client Enter your L2TP server s public IP or domain name Enter the username that is required by the L2TP server Enter the password that is required by the L2TP server Select from Auto PAP CHAP MS CHAP v1 and MS CHAP v2 You
108. te Subnet Mask Enable MPPE Show PPTP Client Advanced Local IP Remote IP Address Control Compression Protocol Field Compression Asyncmap Value UL MRU 1500 MTU 1436 Link Detection Interval s 30 Link Detection Max Retries a Expert Options noccp 82 MULTIMAX USER GUIDE Server PPTP Server Enable PPTP Tick to enable PPTP server Disabled Server Set the username that will assign to PPTP client Set the password that will assign to PPTP client Select from PAP CHAP MS CHAP v1 and MS CHAP v2 Authentication PPTP client need to select the same authentication method based CHAP on this server s authentication method Local IP Set the IP address of PPTP server 10 0 0 1 IP Pool Start Set the IP pool start IP address that will assign to the PPTP clients 10 0 0 2 IP Pool End Set the IP pool end IP address that will assign to the PPTP clients 10 0 0 100 Tick to enable MPPE Microsoft Point to Point Encryption It s a l Enable MPPE Disabled protocol for encrypting data across PPP and VPN links Enable PPTP Tick to show the PPTP server advanced setting Disabled Server Advanced Address Control Used for PPP initialization In general you need to enable it as aea nable Compression default Protocol Field Used for PPP initialization In general you need to enable it as l Enabled Compression default One of the PPTP initialization strings In general you don t
109. the router is 15 of Downlink Speed and the maximum rate can be 100 Normal guarantees that the minimum global rate of the router is 10 of Downlink Speed and the maximum rate can be 100 Bulk guarantees that the minimum global rate of the router is 1 of Downlink Speed and the maximum rate can be 100 Enter the IP address of a user device for example a PC that requires QoS Multimax can support up to 20 devices with QoS IP Control If requires to set upa network segment users can set IP Address in format of x x x x x or x x x x netmask For example for network 172 16 x x users can use 172 16 0 0 16 or 172 16 0 0 255 255 0 0 in IP Address field Select from Exempt Premium Express Normal and Bulk Select the priority of user device s for example a PC which is set with QoS Control Exempt this is the highest priority that guarantees that the minimum global rate of the router is 50 of Downlink Speed and the maximum rate can be 100 Premium guarantees that the minimum global rate of the router is 25 Exempt of Downlink Speed and the maximum rate can be100 j Express guarantees that the minimum global rate of the router is 15 of Downlink Speed and the maximum rate can be 100 Normal guarantees that the minimum global rate of the router is 10 of Downlink Speed and the maximum rate can be 100
110. the same time to perform a copy function rl c or to exit from a running program One for more parameters are expected for the command entered Incomplete command pone E Please use to find out the proper usage of the command Invalid input detected at The marker indicates the location where is incorrect within the i lid J ox An invalid or unsupported command Please use to find out the nvalid command xxx correct command and its usage marker command entered Note Most of the configurations are able to be set in the Global configuration mode Set and Add commands are very important under this mode If any parameters cannot be found in the Global configuration mode please use Privileged exec mode or Interface mode Important Understanding the CLI modes hierarchy level is essential before doing configuration using the CLI If you are not familiar with it please read Section 5 1 first MULTIMAX USER GUIDE 129 5 2 1 Configuration Examples by using CLI The best and quickest way to make the best use of CLI is to know all the device features from the web interface in advance then to get familiar with the CLI commands and learn to use them by looking at some examples Example 1 Show current version MA 2040 gt show version software version 1 01 00 kernel version v2 6 39 hardware version 1 01 00 Example 2 Update firmware via tftp MA 2040 gt enable Password ee gs MA 2040 MA 20
111. the selected Update dynamic DNS server DynDNS Status Show the current service status DynDNS Settings Enable DynDNS Service Type DynDNS Dynamic w Hostname Username Password Force Update DynDNS Status DynDNS is initializing MULTIMAX USER GUIDE 63 3 20 Configuration gt IPsec This section allows users to set the IPsec Internet Protocol Security parameters IPsec is a protocol for securing Internet Protocol IP communications by authenticating and encrypting each IP packet of a communication session IPsec Basic IPsec Basic Traversal router under NAT environment Interval being removed from NAT mapping IPsec Basic WV Enable NAT Traversal Keepalive Interval s 30 IPsec Tunnel IPsec Tunnel Enable IPsec Tunnel the maximum tunnel account is 3 Nul IPsec Gateway Enter the address of the remote IPsec VPN server Address Select from Tunnel and Transport Tunnel Commonly used between gateways or an end station to a gateway The gateway is acting as a proxy for the hosts behind it IPsec Mode Transport Used between end stations or an end station and a Tunnel gateway If a gateway is acting as a host for example an encrypted Telnet session from a workstation to a router the router is the actual destination Select the security protocols from ESP and AH Local Subnet Enter IPsec Local Protected subnet s address Local Subnet view Enter IPse
112. the wireless Network Type Auto module supports Select from ALL or the specific band which the wireless module m Band Mode supports Authentication Select from Auto PAP and CHAP as the local ISP required Auto Maximum Transmission Unit It is the identifier of the maximum MTU size of packet which can be transferred in certain environments In 1500 most cases you don t need to modify this value Maximum Receiving Unit It is the identifier of the maximum size of MRU packet which can be received in certain environments In most 1500 cases you don t need to modify this value One of the PPP initialization strings In most cases you don t need Asyncmap Value ffffffff to modify this value Use Peer DNS Enable to obtain the DNS server address from the ISP Enabled Primary DNS Set the primary DNS server address This item will be unavailable if Server you enable Use Peer DNS Secondary DNS Set the secondary DNS server address This item will be unavailable Server if you enable Use Peer DNS Address Control Used for PPP initialization In general you need to enable it as enabled nable Compression default Protocol Field Used for PPP initialization In general you need to enable it as Enabled nable Compression default l You can enter some extra PPP initialization strings in this field Each noccpnobsdc Expert Options string can be separated by a space omp MULTIMAX
113. x supports FOTA Firmware Over The Air Update Firmware Show the current firmware version pNull Show the previous firmware version if there is one Click the Apply Firmware Old button to will tell the router to roll back to a previous firmware A Version Reboot will be required for this operation This feature is very useful if something goes wrong after a firmware upgrade Click the Select File button to select the correct firmware in your PC Update firmware and then click the Update button to upload After uploading successfully the router will reboot for the new firmware to take effect Firmware Version Firmware Version 1 01 01 sub 131202 Firmware old Version Firmware old Version 1 01 01 sub 131129 1 Fall back to old version Apply Update Firmware Warning Do not turn off or operate the Router while updating New Firmware Browse Update MULTIMAX USER GUIDE 111 Chapter 4 Examples of configuration 4 1 Cellular Dial Up This section describes how to configure the Cellular Dial up parameters Two different policies Always Online and Connect on Demand are explained 4 1 1 Always Online Configuration gt Link Management gt Cellular Only Link Management Link Management Settings Primary Interface Cellular Backup Interface Cellular l Eth0 ICMP Detection Primary Server 8 8 ICMP Detection Secondary Server 8 6 44 ICMP Detection Interval s 30 I
114. your PC Click Browse and then Import for the router to get the appropriate TA file from your PC Click Export to save the TA file to your PC Click Browse and then Import for the router to get the appropriate CRL file from your PC Click Export to save the CRL file to your PC Click Browse and then Import for the router to get the appropriate Pre Share Static Key file from your PC Click Export to save the Pre Share Static Key file to your PC a Authentication Manage Select Cert Type Server Y CA Choose File No file chosen Import Export Public Key Choose File No file chosen Import Export Private Key Choose File No file chosen Import Export DH Choose File No file chosen Import Export TA Choose File No file chosen Import Export CRL Choose File No file chosen Import Export Pre Share Static Key Choose File No file chosen Import Export 74 MULTIMAX USER GUIDE Authentication Status Cert Type CA Public Key Private Key DH TA CRL PKCS12 Pre Share server Client_l OK OK OK OK Client_2 Client_3 MULTIMAX USER GUIDE 75 3 22 Configuration gt GRE This section allows users to set up the GRE Generic Routing Encapsulation parameters GRE is a protocol that encapsulates packets in order to route other protocols over IPnetworks d Click Add to add a GRE tunnel O Enable Click to enable GRE tunnel Disabled Remote IP Se
Download Pdf Manuals
Related Search