Amit IOG851-W User Manual Download Page 92

Page: 92 / 395

4G PoE IIoT Gateway

by default.

station.

The box is unchecked by default. It means no special limitation on the number of

connected STAs.

Authentication

1. A Must filled setting

2. VAP1:

WPA2-PSK

selected be default;

Others:

Open

selected be default.

For security, there are several authentication methods supported. Client stations

should provide the key when associate with this device.
When

Open

is selected

The check box named

802.1x

shows up next to the dropdown list.



802.1x

(The box is unchecked by default)

When

802.1x

is enabled, it means the client stations will be authenticated by

RADIUS server.

RADIUS Server IP

(The default IP is 0.0.0.0)

RADIUS Server Port

(The default value is 1812)

RADIUS Shared Key

When

Shared

is selected

The pre-shared WEP key should be set for authenticating.
When

Auto

is selected

The device will select

Open

Shared

by requesting of client automatically.

The check box named

802.1x

shows up next to the dropdown list.



802.1x

(The box is unchecked by default)

When

802.1x

is enabled, it means the client stations will be authenticated by

RADIUS server.

RADIUS Server IP

(The default IP is 0.0.0.0)

RADIUS Server Port

(The default value is 1812)

RADIUS Shared Key

When

WPA

WPA2

is selected

They are implementation of IEEE 802.11i.

WPA

only had implemented part of IEEE

802.11i, but owns the better

compatibility

WPA2

had fully implemented 802.11i standard, and owns the highest

security



RADIUS Server

The client stations will be authenticated by RADIUS server.

RADIUS Server IP

(The default IP is 0.0.0.0)

RADIUS Server Port

(The default value is 1812)

RADIUS Shared Key

When

WPA

WPA2

is selected

It owns the same setting as

WPA

WPA2

. The client stations can associate with

this device via

WPA

WPA2

When

WPA-PSK

WPA2-PSK

is selected

It owns the same encryption system as WPA or WPA2. The authentication uses

pre-shared key instead of RADIUS server.
When

WPA-PSK

WPA2-PSK

is selected

It owns the same setting as

WPA-PSK

WPA2-PSK

. The client stations can

associate with this device via

WPA-PSK

WPA2-PSK

Encryption

1. A Must filled setting.

2. VAP1:

AES

selected be default;

Others:

None

selected be default.

Select a suitable encryption method and enter the required key(s).

The available method in the dropdown list depends on the Authentication you

selected.

None

It means that the device is open system without encrypting.

WEP

Up to 4 WEP keys can be set, and you have to select one as current key. The key

type can set to

HEX

ASCII

HEX

is selected, the key should consist of (0 to 9) and (A to F).

ASCII

is selected, the key should consist of ASCII table.

Summary of Contents for IOG851-W

Page 1: ...4G PoE IIoT Gateway IOG851 WT041 User Manual...

Page 2: ...RED Requirements 16 1 6 Hardware Installation 19 1 6 1 Mount the Unit 19 1 6 2 Insert the SIM Card 19 1 6 3 Install the External RF Cable and Antenna 20 1 6 4 Connecting DI DO Devices 21 1 6 5 Connect...

Page 3: ...Computer 113 2 5 3 DMZ Pass Through 119 2 5 4 Special AP ALG not supported 122 2 5 5 IP Translation 123 2 6 Routing 126 2 6 1 Static Routing 127 2 6 2 Dynamic Routing 130 2 6 3 Routing Information 13...

Page 4: ...g 204 4 2 1 Data Logging Configuration 207 4 2 2 Scheme Setup 209 4 2 3 Log File Management 211 Chapter 5 Security 213 5 1 VPN 213 5 1 1 IPSec 214 5 1 2 OpenVPN 223 5 1 3 L2TP 236 5 1 4 PPTP 244 5 1 5...

Page 5: ...318 6 2 6 Reboot Reset 319 6 3 FTP 320 6 3 1 Server Configuration 321 6 3 2 User Account 323 6 4 Diagnostic 324 6 4 1 Diagnostic Tools 324 6 4 2 Packet Analyzer 326 Chapter 7 Service 329 7 1 Cellular...

Page 6: ...71 8 2 4 DDNS Status 374 8 3 Security 375 8 3 1 VPN Status 375 8 3 2 Firewall Status 380 8 4 Administration 384 8 4 1 Configure Manage Status 384 8 4 2 Log Storage Status 386 8 5 Statistics Report 387...

Page 7: ...t security features including VPN firewall NAT port forwarding DHCP server and many other powerful features for outdoor IP surveillance applications The redundancy design in fallback 24 56 VDC power t...

Page 8: ...tents List 1 2 1 Package Contents Standard Package Items Description Contents Quantity 1 IOG851 WT041 4G PoE IIoT Gateway 1pcs 2 8 pin Terminal Block 1pcs 3 4 pin Terminal Block 1pcs 4 RJ45 Cable 1pcs...

Page 9: ...Items Description Contents Comments 1 Power Supply SDR 120 48 INPUT 100 240VAC 1 4A 50 60Hz OUTPUT 48V 2 5A Total Watt 120W 2 Power Supply SDR 240 48 INPUT 100 240VAC 2 6A 50 60Hz OUTPUT 48V 5A Total...

Page 10: ...l restore to factory default settings 3G 4G WiFi Antenna All the 3G 4G and WiFi antennas are optional accessory and not included in the standard package You need to purchase the suitable antennas and...

Page 11: ...4G PoE IIoT Gateway Left View DC Power Terminal Block Earth Ground Screw DI DO Terminal Block 11...

Page 12: ...e or the connected devices SIM A B and Cellular Signal Strength Blue OFF No SIM card is detected Flash Fast Blue The cellular signal is about 0 30 Flash slow Per 1 5 2 second Blue The cellular signal...

Page 13: ...ng Windows Macintosh or Linux based operating system An installed Ethernet adapter Browser Requirements Internet Explorer 6 0 or higher Chrome 2 0 or higher Firefox 3 0 or higher Safari 3 0 or higher...

Page 14: ...ent and receiver Connect the equipment into an outlet on a circuit different from that to which the receiver is connected Consult the dealer or an experienced radio TV technician for help FCC Caution...

Page 15: ...temperature for the metallic enclosure can be very high Especially after operating for a long time installed at a closed cabinet without air conditioning support or in a high ambient temperature space...

Page 16: ...MHz Downlink 925 960 MHz E GSM Uplink 880 915 MHz Downlink 925 960 MHz 33 2 dBm DCS Uplink 1710 1785 MHz Downlink 1805 1880 MHz 30 2 dBm 1 b Frequency Band for Cellular Connection for EC25 E version...

Page 17: ...dBm 1 c Frequency Band for Wi Fi Connection Band Operating Frequency Max Output Power EIRP 2 4G 2 4 2 4835 GHz 100 mW 5G 5 15 5 25 GHz 200 mW 2 5150 5350MHz In Door Use Statements This product equips...

Page 18: ...n is at least 20 cm away from the body of user 6 Unit Mounting Notice The product is suitable for mounting at heights 2m approx 6 ft or in a cabinet Ensure the unit is fixed tightly to reduce the like...

Page 19: ...ket on the product first 1 6 2 Insert the SIM Card WARNING BEFORE INSERTING OR CHANGING THE SIM CARD PLEASE MAKE SURE THAT POWER OF THE DEVICE IS SWITCHED OFF The SIM card slots are located at the fro...

Page 20: ...e horizontal distance between antennas should be greater than 1 4 of its wavelength and there will be best separation at 1 2 of its wavelength 2 If multiple frequency antennas are near each other then...

Page 21: ...Please refer to following specification to connect DI and DO devices Mode Specification Digital Input Trigger Voltage high Logic level 1 5V 30V Normal Voltage low Logic level 0 0V 2V Digital Output V...

Page 22: ...cts provide 4 pin Terminal Block serial port for connecting to your serial device Connect the serial device to the terminal block with the right pin assignments of RS 232 485 are shown as below Pin 1...

Page 23: ...when the primary power fails If the voltage difference between PWR1 and PWR2 is less than 0 5 volt this is the case for using two power supply with the same external spec such as 48V the power control...

Page 24: ...unit may consist of one set or two sets of DC power output contacts You can connect the DC power supply and the terminal block power pins as shown below of the gateway with a power cable AWG 18 power...

Page 25: ...4G PoE IIoT Gateway Finally connect the power plug of the power supply cable to an outlet then the power supply units will turn on and provide DC power to the connected device 25...

Page 26: ...e host PC s Ethernet port for configuring the device 1 6 9 Setup by Configuring WEB UI You can browse web UI to configure the device Type in the IP Address http 192 168 123 254 3 When you see the logi...

Page 27: ...es dial in ISPs and then link to the Internet via different kinds of transmit media So the WAN Connection lets you specify the WAN Physical Interface WAN Internet Setup and WAN Load Balance for Intran...

Page 28: ...Interface Configuration Physical Interface List window shows all the available physical interfaces After clicking on the Edit button for the interface in Physical Interface List window the Interface C...

Page 29: ...on is recovered back with a connection it will take over data traffic again At that time WAN 2 connection will be terminated Seamless Failover In addition there is a Seamless option for Failover opera...

Page 30: ...lover interface The dialing up time of failover connection is saved since it has been connected beforehand VLAN Tagging Sometimes your ISP required a VLAN tag to be inserted into the WAN packets from...

Page 31: ...setting Description Physical Interface 1 A Must fill setting 2 WAN 1 is the primary interface and is factory set to Always on Select one expected interface from the available interface dropdown list...

Page 32: ...ndary WAN interface to switch Failover from Note for WAN 1 only Always on option is available VLAN Tagging Optional setting Check Enable box to enter tag value provided by your ISP Otherwise uncheck t...

Page 33: ...iguration and related configuration windows for each WAN type For the Internet setup of each WAN interface you must specify its WAN type of physical interface first and then its related parameter conf...

Page 34: ...is more expensive but very importat for cooperate requirement Dynamic IP The assigned IP address for the WAN by a DHCP server is different every time It is cheaper and usually for consumer use PPP ove...

Page 35: ...er the host name provided by your Service Provider ISP Registered MAC Address An optional setting Enter the MAC address that you have registered with your service provider Or Click the Clone button to...

Page 36: ...address given by your Service Provider WAN Type PPPoE When you select it PPPoE WAN Type Configuration will appear Items and setting is explained below PPPoE WAN Type Configuration Item Value setting...

Page 37: ...lled setting Enter the WAN subnet mask given by your Service Provider WAN Gateway A Must filled setting Enter the WAN gateway IP address given by your Service Provider When Dynamic IP is selected ther...

Page 38: ...WAN gateway IP address given by your Service Provider When Dynamic IP is selected there are no above settings required Server IP Address Name A Must filled setting Enter the L2TP server name or IP Ad...

Page 39: ...utomatically once it has been booted up and try to reconnect once the connection is down It s recommended to choose this scheme if for mission critical applications to ensure full time Internet connec...

Page 40: ...tor connection status continuous To do it ICMP Check and FQDN Query are used to check When there is trafiic of connection checking packet will waste bandwidth Response time of replied packets may also...

Page 41: ...Unit limit and specify the MTU for the 3G 4G connection MTU refers to Maximum Transmission Unit It specifies the largest packet size permitted for Internet transmission Value Range 1200 1500 MTU Setu...

Page 42: ...nterval as the DNS Query Interval Query Interval defines the transmitting interval between two DNS Query or ICMP checking packets With DNS Query the system checks the connection by sending DNS Query p...

Page 43: ...e the target Other Host enter an IP address to be the target Target 2 1 An Optional filled setting 2 None is selected by default Target1 specifies the second target of sending DNS query ICMP request N...

Page 44: ...AN interface This device has featured by using dual SIM cards for one module with special fail over mechanism It is called Dual SIM Failover This feature is useful for ISP switch over when location is...

Page 45: ...A or SIM B card first And when the connection is broken the gateway will switch to use the other SIM card for an alternate automatically and will not switch back to use original SIM card except curren...

Page 46: ...nection is dialed up not using the main SIM you selected it will failback to the main SIM and try to establish the connection periodically Note_1 For the product with single SIM design only SIM A Only...

Page 47: ...settings Configure SIM A SIM B Card Here you can set configurations for the cellular connection according to your situation or requirement Note_1 Configurations of SIM B Card follows the same rule of...

Page 48: ...on Your ISP always provides such network settings for the subscribers Note_2 If you select Auto detection it is likely to connect to improper network or failed to find a valid APN for your ISP APN 1 A...

Page 49: ...filled in the server address is given by the carrier while dialing up Roaming The box is unchecked by default Check the box to establish the connection even the registration status is roaming not in...

Page 50: ...ll start to dial up with the profile that assigned with the smallest number Value Range 1 16 Profile The box is checked by default Check the box to enable this profile Uncheck the box to disable this...

Page 51: ...check by default Check the Enable box to enable the MTU Maximum Transmission Unit limit and specify the MTU for the 3G 4G connection MTU refers to Maximum Transmission Unit It specifies the largest pa...

Page 52: ...ecking Interval Query Interval defines the transmitting interval between two DNS Query or ICMP checking packets With ICMP Checking the system will check connection by sending ICMP request packets to t...

Page 53: ...select strategy according to application requirement and environment status The strategies are explained as below By Smart Weight If based on By Smart Weight strategy gateway will take the line speed...

Page 54: ...ange Destination port can be a single port or port range You can select one target for one mapping to setup IP address and leave others just left as any All Besides this you can also set protocol as T...

Page 55: ...ng Description Load Balance Unchecked by default Check the Enable box to activate Load Balance function Load Balance Strategy 1 A Must filled setting 2 By Smart Weight is selected by default There are...

Page 56: ...restore what you just configured back to the previous setting When By User Policy is selected a User Policy List screen will appear With properly configured your policy rules system will route traffic...

Page 57: ...for the traffics come to the domain Destination Port 1 A Must filled setting 2 All is selected by default There are four options can be selected All No specific destination port is provided Port Rang...

Page 58: ...guration Static IP If there is at least one WAN interface activated the LAN IP mode is fixed in Static IP mode Dynamic IP If all the available WAN inferfaces are disabled the LAN IP mode can be Dynami...

Page 59: ...additional IP When Add button is applied Additional IP Configuration screen will appear Configuration Item Value setting Description Name 1 An Optional Setting Enter the name for the alias IP address...

Page 60: ...4G PoE IIoT Gateway network Value Range 255 0 0 0 8 255 255 255 255 32 Save NA Click the Save button to save the configuration 60...

Page 61: ...Port based VLAN function can group Ethernet ports Port 1 Port 4 and WiFi Virtual Access Points VAP 1 VAP 8 together for differentiated services like Internet surfing multimedia enjoyment VoIP talking...

Page 62: ...ts VAP 1 VAP 8 together with different VLAN tags for deploying subnets in Intranet All packet flows can carry with different VLAN tags even at the same physical Ethernet port for Intranet These flows...

Page 63: ...s equipped with DHCP 3 server to construct a 192 168 12 x subnet He also configure Meeting Rooms segment with VLAN ID 11 The VLAN group is equipped with DHCP 2 server to construct a 192 168 11 x subne...

Page 64: ...cify members of one VLAN group to be able to access Internet or not Following is an example that VLAN groups of VID is 2 and 3 can access Internet but the one with VID is 1 cannot access Internet That...

Page 65: ...mmunication pair and one VLAN group can join many communication pairs But communication pair doesn t have the transitive property That is A can communicate with B and B can communicate with C it doesn...

Page 66: ...to Tag based VLAN List table System Reserved VLAN ID 1 5 is reserved by default Specify the VLAN ID range that is reserved for the system operation For the Port based Tag based VLAN grouping only use...

Page 67: ...default Select NAT mode or Bridge mode for the rule Port Members These boxes are unchecked by default Select which LAN port s and VAP s that you want to add to the rule Note The available member list...

Page 68: ...Server IP Address field Server Select Server to enable DHCP Server function for the VLAN group and you need to specify the DHCP Server settings Disable Select Disable to disable the DHCP Server funct...

Page 69: ...The Primary DNS of this DHCP Server Secondary DNS IPv4 format The Secondary DNS of this DHCP Server Primary WINS IPv4 format The Primary WINS of this DHCP Server Secondary WINS IPv4 format The Seconda...

Page 70: ...CP Server wants to match IP Address A Must filled setting Define the IP Address that the DHCP Server will assign If there is a request from the MAC Address filled in the above field the DHCP Server wi...

Page 71: ...r When Edit button is applied a screen similar to this will appear Inter VLAN Group Routing Item Value setting Description VALN Group Internet Access Definition All boxes are checked by default By def...

Page 72: ...f your device has a DMZ port you will see DMZ configuration too The router supports up to a maximum of 128 tag based VLAN rule sets When Add button is applied Tag based VLAN Configuration screen will...

Page 73: ...by default Check the box to enable the DHCP Relay function for the VLAN group and you only need to fill the DHCP Server IP Address field WAN Interface WAN 1 is selected by default Select which WAN in...

Page 74: ...ay LAN interface with its default Subnet Mask setting as 255 255 255 0 and its default IP Pool ranges is from 100 to 200 as shown at the DHCP Server List page on gateway s WEB UI User can add more DHC...

Page 75: ...xed IP address to map the specific client MAC address by select them then copy when targets were already existed in the DHCP Client List or to add some other Mapping Rules by manually in advance once...

Page 76: ...o assign IP Addresses to the devices on the local area network LAN Create Edit DHCP Server Policy The gateway allows you to custom your DHCP Server Policy If multiple LAN ports are available you can d...

Page 77: ...Server Primary DNS IPv4 format The Primary DNS of this DHCP Server Secondary DNS IPv4 format The Secondary DNS of this DHCP Server Primary WINS IPv4 format The Primary WINS of this DHCP Server Seconda...

Page 78: ...vious setting Back N A When the Back button is clicked the screen will return to the DHCP Server Configuration page View Copy DHCP Client List When DHCP Client List button is applied DHCP Client List...

Page 79: ...uration Item Value setting Description Option Name 1 String format can be any text 2 A Must filled setting Enter a DHCP Server Option name Enter a name that is easy for you to understand DHCP Server S...

Page 80: ...st 4 URL format 5 A Must filled setting Should conform to Type Type Value 66 Single IP Address IPv4 format Single FQDN FQDN format 72 IP Addresses List separated by IPv4 format separated by 114 Single...

Page 81: ...WAN interface s and L2TP connection Server IP 1 A Must filled setting 2 null by default Assign a DHCP Server IP Address that the gateway will relay the DHCP requests to the assigned DHCP server via sp...

Page 82: ...tput power per cable is 15 4W for IEEE 802 3af PD device and 30W for IEEE802 3at PD device However to make the PoE cellular gateway provide required power through the Ethernet cables you have to prepa...

Page 83: ...have to enter the power budget With specified power budget the PoE gateway can monitor whether the connected PD devices caused power overflow and force the connected PD with lowest priority to be off...

Page 84: ...default Specify the the action to take when the PD Power overflow occurs for a certain port It can be No Action or Power Long Time Off On If the Power overload occurs PD consumes more power than the...

Page 85: ...l bands of operation There are several wireless operation modes provided by this device They are AP Router Mode WDS Only Mode and WDS Hybrid Mode You can choose the expected mode from the wireless ope...

Page 86: ...with the wireless gateway make sure your application scenario for WiFi network and choose the most adequate operation mode AP Router Mode This mode allows you to get your wired and wireless devices co...

Page 87: ...Gateway 1 through WDS Both gateways connected by WDS need to setup the remote AP MAC for each other All client hosts under gateway 2 3 can request IP address from the DHCP server at gateway 1 Besides...

Page 88: ...s As shown in the diagram the clients in VAP 1 and VAP 2 can communicate to each other when VAP Isolation is disabled Wi Fi Security Authentication Encryption Wi Fi security provides complete authenti...

Page 89: ...is integrated into the product However there is some module with selectable band for user to choose according to his network environment Under such situation you can specify which operation band is su...

Page 90: ...enabled AP Router Mode Item Value setting Description Green AP The box is unchecked by default Check the Enable box to activate Green AP function VAP Isolation The box is checked by default Check the...

Page 91: ...For others VAP Configuration Item Value setting Description SS ID 1 String format Any text Enter the SSID for the VAP and decide whether to broadcast the SSID or not The SSID is used for identifying f...

Page 92: ...or WPA2 is selected They are implementation of IEEE 802 11i WPA only had implemented part of IEEE 802 11i but owns the better compatibility WPA2 had fully implemented 802 11i standard and owns the hig...

Page 93: ...x is checked by default Others unchecked by default Check the Enable box to activate this function By default the box is checked it means that stations which associated to the same VAP cannot communic...

Page 94: ...AC List N A Press the Scan button to scan the spatial AP information and then select one from the AP list the MAC of selected AP will be auto filled in the following Remote AP MAC table Remote AP MAC...

Page 95: ...required authentication and Encryption settings Click Edit button in the VAP List screen and a VAP Configuration screen will appear for you to configure the required settings For the detail descripti...

Page 96: ...nnot communicate with each other Time Schedule A Must filled setting Apply a specific Time Schedule to this rule otherwise leave it as 0 Always If the dropdown list is empty ensure Time Schedule is pr...

Page 97: ...ange the security key to a easy to remember one by clicking the Edit button Under WDS Hybrid mode the VAP function is available and you can further specifying the required VAP settings for connecting...

Page 98: ...4G PoE IIoT Gateway For others For the detail description about VAP configuration please refer to the description stated in AP Router section 98...

Page 99: ...Under such situation you can specify which operation band is suitable for the application Multiple AP Names 1 A Must filled setting 2 All is selected by default Specify the VAP to show the associated...

Page 100: ...sensitivity RSSI value for each radio path Signal N A The signal strength between client and this device Interface N A It shows the VAP ID that the client associated with Refresh N A Click the Refres...

Page 101: ...asic Network WiFi Advanced Configuration Tab Select Target WiFi Target Configuration Item Value setting Description Module Select A Must filled setting Select the WiFi module to check the information...

Page 102: ...jitter when transmitting multimedia content over a wireless connection Short GI By default 400ns is selected Short GI Guard Interval is defined to set the sending interval between each packet Note th...

Page 103: ...features not present in IPv4 It simplifies aspects of address assignment stateless address auto configuration network renumbering and router announcements when changing Internet connectivity provider...

Page 104: ...DHCP in IPv6 does the same function as DHCP in IPv4 The DHCP server sends IP address DNS server addresses and other possible data to the DHCP client to configure automatically The server also sends a...

Page 105: ...IP address DNS server addresses and other required parameters to automatically configure the client The diagram above depicts the IPv6 addressing through PPPoE PPPoEv6 server DSLAM on the ISP side pr...

Page 106: ...ection Type to establish the IPv6 connectivity via WAN 1 Interface Select Static IPv6 when your ISP provides you with a set IPv6 addresses Select DHCPv6 when your ISP provides you with DHCPv6 services...

Page 107: ...Enable Disable the MLD Snooping function LAN Configuration LAN Configuration Item Value setting Description Global Address A Must filled setting Enter the LAN IPv6 Address for the router Link local Ad...

Page 108: ...d by default Enter the WAN secondary DNS Server MLD The box is unchecked by default Enable Disable the MLD Snooping function LAN Configuration LAN Configuration Item Value setting Description Global A...

Page 109: ...Value Range 0 45 characters Connection Control Fixed value The value is Auto reconnect Always on MTU A Must filled setting Enter the MTU for setting up PPPoEv6 connection If you want more information...

Page 110: ...IPv6 connectivity Select Stateless to manage the Local Area Network to be SLAAC RDNSS Router Advertisement Lifetime A Must filled setting Enter the Router Advertisement Lifetime in seconds 200 is set...

Page 111: ...d activates the NAT function You also can disable the NAT function in Basic Network WAN Uplink Internet Setup WAN Type Configuration page Usually all local hosts or servers behind corporate gateway ar...

Page 112: ...her side are you in accessing the email server at the LAN side or at the WAN side you don t need to change the IP address of the mail server Configuration Setting Go to Basic Network Port Forwarding C...

Page 113: ...hind office gateway You can set up those servers by using Virtual Server feature After trip if want to access those servers from LAN side by global IP without change original setting NAT Loopback can...

Page 114: ...u to access the WAN global IP address from your inside NAT local network It is useful when you run a server inside your network For example if you set a mail server at LAN side your local devices can...

Page 115: ...activate this port forwarding function Virtual Computer The box is checked by default Check the Enable box to activate this port forwarding function Save N A Click the Save button to save the setting...

Page 116: ...w the access coming from any IP addresses Select Specific IP Address to allow the access coming from an IP address Select IP Range to allow the access coming from a specified range of IP address Proto...

Page 117: ...le Port number Public Port is selected Port Range and specify a port range and Private Port can be selected Single Port or Port Range Value Range 1 65535 for Public Port Private Port When GRE is selec...

Page 118: ...Virtual Computer Rule Configuration screen will appear Virtual Computer Rule Configuration Item Value setting Description Global IP A Must filled setting This field is to specify the IP address of th...

Page 119: ...ot expected to receive by applications in the gateway or by other client hosts in the Intranet Certainly the DMZ host is also protected by the gateway firewall Activate the feature and specify the DMZ...

Page 120: ...Setting Go to Basic Network Port Forwarding DMZ Pass Through tab The DMZ host is a host that is exposed to the Internet cyberspace but still within the protection of firewall by gateway device Enable...

Page 121: ...le The boxes are checked by default Check the box to enable the pass through function for the IPSec PPTP and L2TP With the pass through function enabled the VPN hosts behind the gateway still can conn...

Page 122: ...4G PoE IIoT Gateway 2 5 4 Special AP ALG not supported Not supported feature for the purchased product leave it as blank 122...

Page 123: ...ivate IP address of a local host In addition admin users also map a private IP address range to a public IP address range of equal instances This feature offers another way to make systems behind a fi...

Page 124: ...Configuration screen will appear IP Translation Configuration Item Value setting Description Mapping Source IP Domain Name 1 A Must filled setting 2 IP is selected by default Specify the mapped IP Dom...

Page 125: ...55 255 32 subnet mask or an IP group limited with proper subnet setting Physical Interface 1 A Must filled setting 2 All is selected by default Specify the interface to apply the translation rule The...

Page 126: ...o various network destinations Thus constructing routing tables which are held in the router s memory is very important for efficient routing Most routing algorithms use only one network path at a tim...

Page 127: ...ackets to be transferred via which gateway interface and which peer gateway to their destination It can be carried out by the Static Routing feature Dedicated packet flows from the Intranet will be ro...

Page 128: ...ing Rule Configuration window will appear to let you define a static routing rule Enable Static Routing Just check the Enable box to activate the Static Routing feature Static Routing Item Value setti...

Page 129: ...f this static routing rule Interface Auto is set by default Select the Interface of this static routing rule It can be Auto or the available WAN LAN interfaces Metric 1 Numberic String Format 2 A Must...

Page 130: ...pports dynamic routing protocols including RIPv1 RIPv2 Routing Information Protocol OSPF Open Shortest Path First and BGP Border Gateway Protocol for you to establish routing table automatically The f...

Page 131: ...4G PoE IIoT Gateway 131...

Page 132: ...ing protocol that uses link state routing algorithm It is the most widely used interior gateway protocol IGP in large enterprise networks It gathers link state information from available routers and c...

Page 133: ...within one AS will links with some other border gateways for exchanging routing information It will distribute the collected data in AS to all routers in other AS As shown in the diagram BGP 0 is gate...

Page 134: ...Configuration window can let you activate the OSPF dynamic routing protocol and specify its backbone subnet Moreover the OSPF Area List window lists all defined areas in the OSPF network However the...

Page 135: ...protocol Select Text will enable Text Authentication with entered the Key in this field on OSPF protocol Select MD5 will enable MD5 Authentication with entered the ID and Key in these fields on OSPF p...

Page 136: ...Mask Notation Ex 192 168 1 0 24 2 A Must filled setting The Area Subnet of this router on OSPF Area List Area ID 1 IPv4 Format 2 A Must filled setting The Area ID of this router on OSPF Area List Area...

Page 137: ...ed setting The ASN Number of this router on BGP protocol Value Range 1 4294967295 Router ID 1 IPv4 Format 2 A Must filled setting The Router ID of this router on BGP protocol Create Edit BGP Network R...

Page 138: ...to a maximum of 32 rule sets When Add button is applied BGP Neighbor Configuration screen will appear BGP Neighbor Configuration Item Value setting Description Neighbor IP 1 IPv4 Format 2 A Must fill...

Page 139: ...IPv4 Format Subnet Mask N A Routing record of Subnet Mask IPv4 Format Gateway IP N A Routing record of Gateway IP IPv4 Format Metric N A Routing record of Metric Numeric String Format Interface N A Ro...

Page 140: ...current IP address which changes each time you connect your Internet service provider The Dynamic DNS service allows the gateway to alias a public dynamic IP address to a static domain name allowing...

Page 141: ...Interface IP Address of the gateway Provider DynDNS org Dynamic is set by default Select your DDNS provider of Dynamic DNS It can be DynDNS org Dynamic DynDNS org Custom NO IP com etc Host Name 1 Stri...

Page 142: ...ox to activate this function Save N A Click Save to save the settings Undo N A Click Undo to cancel the settings If you enabled the DNS Redirect function you have to further specify the redirect rules...

Page 143: ...ways or WAN Block Always The DNS redirect function can be applied to matched DNS all the time WAN Block The DNS redirect function can be applied to matched DNS only when the WAN connection is disconne...

Page 144: ...ess It is indeed required that an access gateway satisfies the requirements of latency critical applications minimum access right guarantee fair bandwidth usage for same subscribed condition and flexi...

Page 145: ...an be based on VLAN ID MAC Address IP Address Host Name or Packet Length Differentiated Services Specify the service type in a QoS rule for the target packets to be applied on Differentiated services...

Page 146: ...depends on model Outbound Inbound Control One QoS rule can be applied to the outbound or inbound direction of packet flow even them both This feature depends on model Two QoS rule examples are listed...

Page 147: ...to the code value AF Class2 High Drop he can use the Rule based QoS function to carry out this rule by defining an QoS rule as shown in above configuration Under such configuration all packets from WA...

Page 148: ...ction Configuration Item Value Setting Description QoS Type 1 Software is selected by default 2 The box is unchecked by default Select the QoS Type from the dropdown list and then click Enable box to...

Page 149: ...the following WAN Interface Resource screen will show the related resources for configuration Bandwidth of Upstream Downstream Specify total upload download bandwidth of the selected WAN Value Range...

Page 150: ...ect All WANs or a certain WAN n to filter the packets entering to or leaving from the interface s Group 1 A Must filled setting 2 Src MAC Address is selected by default Specify the Group category for...

Page 151: ...MAXR field Connection Sessions Select Connection Sessions as the resource type for the QoS Rule and you have to assign supported session number in the Control Function Set Session Limitation field Pri...

Page 152: ...ed in the rule Group Control If Group Control is selected all the group hosts share the same QoS service resource Time Schedule 1 A Must filled setting 2 0 Always is selected by default Apply Time Sch...

Page 153: ...iption Item Value setting Description Add N A Click the Add button to configure time schedule rule Delete N A Click the Delete button to delete selected rule s When Add button is applied Time Schedule...

Page 154: ...ct everyday or one of weekday Start Time Time format hh mm Start time in selected weekday End Time Time format hh mm End time in selected weekday Save N A Click Save to save the settings Undo N A Clic...

Page 155: ...4G PoE IIoT Gateway 3 2 User not supported Not supported feature for the purchased product leave it as blank 155...

Page 156: ...Group Configuration screen will appear Host Group Configuration Item Value setting Description Group Name 1 String format can be any text 2 A Must filled setting Enter a group name for the rule It is...

Page 157: ...A This field will indicate the hosts members contained in the group Bound Services The boxes are unchecked by default Binding the services that the host group can be applied If you enable the Firewall...

Page 158: ...Server Go to Object Definition External Server External Server tab The External Server setting allows user to add external server Create External Server When Add button is applied External Server Conf...

Page 159: ...1 The values must be between 1 and 60 Idle Timeout By default 1 The values must be between 1 and 15 Secondary Shared Key String format any text Authentication Protocol By default CHAP is selected Ses...

Page 160: ...xternal server Server Port A Must filled setting Specify the Port used for the external server If you selected a certain server type the default server port number will be set For Email Server 25 will...

Page 161: ...endorsements whom the person examining the certificate might know and trust The device also plays as a CA role Certificates are an important component of Transport Layer Security TLS sometimes called...

Page 162: ...ier in the signature algorithm identifier of certificates Subject Name A Must filled setting This field is to specify the information of certificate Country C is the two letter ISO code for the countr...

Page 163: ...matically re enroll aging certificates The box is unchecked by default When SCEP is activated check the Enable box to activate this function It will be automatically check which certificate is aging I...

Page 164: ...ents In addition since it has the root CA it also can sign Certificate Signing Requests CSR to form corresponding certificates for others These certificates can be used for two remote peers to make su...

Page 165: ...ame Country C TW State ST Taiwan Location L Tainan Organization O AMITHQ Organization Unit OU HQRD Common Name CN HQRootCA E mail hqrootca amit com tw Configuration Path My Certificate Local Certifica...

Page 166: ...ns to complete the whole user scenario Use default value for those parameters that are not mentioned in the tables Configuration Path My Certificate Local Certificate Configuration Name BranchCRT Self...

Page 167: ...terface They both serve as the NAT security gateways Gateway 1 generates the root CA and a local certificate HQCRT that is signed by itself Import the certificates of the root CA and HQCRT into the Tr...

Page 168: ...s or CSRs for representing the gateway The Local Certificate Configuration window can let you fill required information necessary for corresponding certificate to be generated by itself or correspondi...

Page 169: ...on It has to be email address setting only Extra Attributes A Must filled setting This field is to specify the extra information for generating a certificate Challenge Password for the password you ca...

Page 170: ...ply button to import the specified certificate file to the gateway PEM Encoded 1 String format can be any text 2 A Must filled setting This is an alternative approach to import a certificate You can d...

Page 171: ...e used for two remote peers to make sure their identity during establishing a VPN tunnel Scenario Description same as the one described in My Certificate section Gateway 1 generates the root CA and a...

Page 172: ...or the whole user scenario Configuration Path Trusted Certificate Trusted CA Certificate List Command Button Import Configuration Path Trusted Certificate Trusted CA Certificate Import from a File Fil...

Page 173: ...Gateway 1 and the Local Certificate List of the Gateway 2 For more details refer to the Network B operation procedure in My Certificate section of this manual Gateway 2 can establish an IPSec VPN tunn...

Page 174: ...escription Import from a File A Must filled setting Select a CA certificate file from user s computer and click the Apply button to import the specified CA certificate file to the gateway Import from...

Page 175: ...ation could be specified in External Servers Refer to Object Definition External Server External Server You may click Add Object button to generate CA Identifier 1 String format can be any text Fill i...

Page 176: ...ort a certificate You can directly fill in Copy and Paste the PEM encoded certificate string and click the Apply button to import the specified certificate to the gateway Apply N A Click the Apply but...

Page 177: ...ing format can be any text 2 A Must filled setting This is an alternative approach to import a certificate key You can directly fill in Copy and Paste the PEM encoded certificate key string and click...

Page 178: ...cribed in My Certificate section When the enterprise gateway owns the root CA and VPN tunneling function it can generate its own local certificates by being signed by itself Also imports the trusted c...

Page 179: ...ts Intranet is 10 0 76 0 24 It has the IP address of 10 0 76 2 for LAN interface and 203 95 80 22 for WAN 1 interface The Gateway 2 is the gateway of Network B in branch office and the subnet of its I...

Page 180: ...m Value setting Description Certificate Signing Request CSR Import from a File A Must filled setting Select a certificate signing request file you re your computer for importing to the gateway Certifi...

Page 181: ...easily They can be Virtual COM and Modbus 4 1 1 Port Configuration Before using the supported field communication function like Virtual COM or Modbus you need to configure the physical communication...

Page 182: ...ace type for connecting to the access device s with the same interface specification Depending on the purchase model the supported interface type could be RS 232 or RS 485 Baud Rate 9600 is set by def...

Page 183: ...C2217 modes for remote accessing the connected serial device These operation modes are illustrated as below TCP Client Mode When the administrator expects the gateway to actively establish a TCP conne...

Page 184: ...TCP connection will be automatically disconnected from the host computer by using the TCP alive check timeout or idle timeout settings UDP Mode If both the Remote Host Computer and the serial device a...

Page 185: ...it is required to specify the IP address of the host computers to establish connection with Any 3rd party driver supporting RFC2217 can be used to install in the host computer the driver establishes a...

Page 186: ...lso enable full time connection with the TCP server Enable TCP Client Mode Window Item Value setting Description Operation Mode A Must filled setting Select TCP Client Connection Control Always on is...

Page 187: ...interval for transmitting serial data through the port By default it is set to 0 and the timeout function is disabled Value Range 0 1000ms Save N A Click the Save button to save the configuration Spec...

Page 188: ...tain TCP clients Max Connection 1 Max 128 connections 2 1 is set by default Set the maximum number of concurrent TCP connections Up to 128 simultaneous TCP connections can be established Value Range 1...

Page 189: ...ecify TCP Clients Window Item Value setting Description Host A Must filled setting Enter the IP address range of allowed TCP clients Serial Port The box is unchecked by default Check the box to specif...

Page 190: ...unchecked by default Check the Enable box to activate the corresponding serial port in specified operation mode Save N A Click Save to save the settings Undo N A Click Undo to cancel the settings Spec...

Page 191: ...nnect Otherwise choose Specific IP to limit certain clients Connection Idle Timeout 1 0 is set by default 2 Range 0 to 3600 sec Enter the idle timeout in minutes The idle timeout is used to disconnect...

Page 192: ...217 Clients for Access Window Item Value setting Description Host A Must filled setting Enter the IP address range of allowed clients Serial Port The box is unchecked by default Check the box to speci...

Page 193: ...ault Upload Server The box is unchecked by default Check the Enable box and select a pre defined FTP server from the drop down list You can also click the Add Object button to create a new entry for t...

Page 194: ...ruments over RS 485 without additional programming or effort NOTE When Modbus devices are connected to under the same serial port of IoT Modbus Gateway those Modbus devices must use the same protocol...

Page 195: ...tus like Cellular Network Status device DI DO status to remote Modbus Master via Modbus communication With the Slave option enabled the Modbus Master device can request the information or sending cont...

Page 196: ...port It can be Disable Serial as Slave or Serial as Master A serial port can be attached with one Modbus Master or daisy chained a group of Modbus Salve devices Disable Select this to disable the resp...

Page 197: ...t sent If the slave does not response within the specified time data would be discarded This applies to the serially attached Master sent request over to the remote Slave or requests send from the rem...

Page 198: ...the TCP network Item Value setting Description TCP Connection Idle Time 1 300 is set by default 2 Range 1 to 65535 Enter the idle timeout in seconds If the gateway does not receive another TCP request...

Page 199: ...y settings Item Value setting Description Message Buffering 1 Unchecked by default 2 Buffer up to 32 requests Check the Enable box to buffer up to 32 requests from Modbus Master If the Enable box is c...

Page 200: ...setting Description IP A Must fill setting Enter the IP address of the remote Modbus TCP Slave device Port 1 A Must fill setting 2 Range 1 to 65535 Enter the TCP port on which the remote Modbus TCP S...

Page 201: ...nnected 3 Disconnecting 5 Wait for Traffic 6 Diconnected 3 WAN 4 Connection Status R 0 6 0 Disconnected 1 Connecting 2 Connected 3 Disconnecting 5 Wait for Traffic 6 Diconnected 10 3G 4G_SERVICE_TYPE...

Page 202: ...ed 2 Wait for traffic 3 Disconnected 9 Connecting 104 VPN IPSec tunnel 4 status R 1 Connected 2 Wait for traffic 3 Disconnected 9 Connecting 105 VPN IPSec tunnel 5 status R 1 Connected 2 Wait for traf...

Page 203: ...3 RS 485 212 Serial Port 1_Baud Rate R Baud Rate Value 213 Serial Port 1_Data Bits R 7 or 8 214 Serial Port 1_Stop Bits R 1 or 2 215 Serial Port 1_Flow Control R 0 None 2 RTS CTS 3 DTR DSR 216 Serial...

Page 204: ...e collected data in local storage in CSV file format When the network connection recovered admin user can download the data log files manually via FTP or web UI for further reference and maintenance T...

Page 205: ...its data acquisition process and if required the administrator can also get the stored data log files to tell if everything goes well or not Under the Data Logging Proxy mode user has to create some d...

Page 206: ...oxy function and execute the pre defined data acquisition task by itself The Modbus request issued by the Modbus Gateway Data Logging Proxy The response data that sent out from the polled Slave device...

Page 207: ...or Internal depends on the product specification Save NA Click the Save button to save the settings Note 1 If there is no available storage device the Enable checkbox will be grayed and you can t enab...

Page 208: ...ify a certain read function for the Data Logging Proxy to issue and record the responses from device s Start Address 1 A Must filled setting 2 Range 0 to 65535 Specify the Start Address of registers t...

Page 209: ...ers Mode Sniffer is selected by default Select an expected data logging scheme for the data logging rule There are five available schemes Sniffer The Modbus gateway will record all the Modbus transcat...

Page 210: ...specified timeout setting selected proxy rule will be triggered and applied with the data logging rule Note If Off Line proxy scheme is selected the timeout setting will be used to check Otherwise it...

Page 211: ...pplied Log File Configuration screen will appear Log File Configuration Item Value setting Description Name N A The name of corresponding data log rule will be displayed The default log file name will...

Page 212: ...delete the transferred log from the gateway storage or not Check the Enable button to activate the function When Storage Full Remove the Oldest is selected by default Specify the operation to take whe...

Page 213: ...connection through the use of dedicated connections encryption or a combination of the two The tunnel technology supports data confidentiality data origin authentication and data integrity of network...

Page 214: ...or the tunneling IPSec Tunnel Scenarios To build IPSec tunnel you need to fill in remote gateway global IP and optional subnet if the hosts behind IPSec peer can access to remote site or hosts Under s...

Page 215: ...tunnel connection The default value can be different for the purchased model Save N A Click Save to save the settings Undo N A Click Undo to cancel the settings Create Edit IPSec tunnel Ensure that t...

Page 216: ...st to Site or Host to Host If LAN interface is selected only Host to Host scenario is available With Site to Site or Site to Host or Host to Site IPSec operates in tunnel mode The difference among the...

Page 217: ...bnet setting Remote Gateway 1 A Must fill setting 2 Format can be a ipv4 address or FQDN Specify the Remote Gateway Authentication Configuration Window Item Value setting Description Key Management 1...

Page 218: ...cate Select User Name for Remote ID and enter the username The username may include but can t be all numbers Select FQDN for Local ID and enter the FQDN Select User FQDN for Remote ID and enter the Us...

Page 219: ...Note X Auth Client will not be available for Dynamic VPN option selected in Tunnel Scenario Dead Peer Detection DPD 1 Checked by default 2 Default Timeout 180s and Delay 30s Click Enable box to enable...

Page 220: ...DES 3DES AES 128 AES 192 AES 256 Note None is available when Encapsulation Protocol is set as AH Specify the Authentication method It can be None MD5 SHA1 SHA2 256 Note None and SHA2 256 are availabl...

Page 221: ...le box to activate the Dynamic IPSec VPN tunnel Tunnel Name 1 A Must fill setting 2 String format can be any text Enter a tunnel name Enter a name that is easy for you to identify Value Range 1 19 cha...

Page 222: ...N for Local ID and enter the FQDN Select User FQDN for Local ID and enter the User FQDN Select Key ID for Local ID and enter the Key ID English alphabet or number Remote ID An optional setting Specify...

Page 223: ...pports both OpenVPN Server and OpenVPN Client features to meet different application requirements There are two OpenVPN connection scenarios They are the TAP and TUN scenarios The product can create e...

Page 224: ...nd operates with layer 2 packets In bridge mode the VPN client is given an IP address on the same subnet as the LAN resided under the OpenVPN server Under such configuration the OpenVPN client can dir...

Page 225: ...r the gateway to operate Configuration Item Value setting Description OpenVPN The box is unchecked by default Check the Enable box to activate the OpenVPN function Server Client Server Configuration i...

Page 226: ...r when remote OpenVPN clients dial in and the authentication protocol Configuration Item Value setting Description OpenVPN Configuration File 1 An Optional setting 2 The box is unchecked by default Cl...

Page 227: ...atic key pre shared authorization mode and the following items Local Endpoint IP Address Remote Endpoint IP Address and Static Key will be displayed Note Static Key will be available only when TUN is...

Page 228: ...the Enable box to activate the Redirect Default Gateway function Encryption Cipher 1 A Must filled setting 2 By default Blowfish is selected Specify the Encryption Cipher from the dropdown list It can...

Page 229: ...nal setting 2 String format any text Specify the TLS Auth Key Note TLS Auth Key will be available only when TLS is chosen in Authorization Mode Client to Client The box is checked by default Check the...

Page 230: ...tion Note Tunnel UDP MSS Fix will be available only when UDP is chosen in Protocol CCD Dir Default File 1 An Optional setting 2 String format any text Specify the CCD Dir Default File Value Range 0 25...

Page 231: ...another client configuration window OpenVPN Configuration file 1 An Optional setting 2 The box is unchecked by default Click the Enable box to activate the OpenVPN Client configuration via a pre defin...

Page 232: ...ort for the OpenVPN Client to use Value Range 1 65535 Tunnel Scenario 1 A Must filled setting 2 By default TUN is selected Specify the type of Tunnel Scenario for the OpenVPN Client to use It can be T...

Page 233: ...Remote Endpoint IP Address of the peer OpenVPN gateway Value Range The IP format is 10 8 0 x the range of x is 1 254 Note Remote Endpoint IP Address will be available only when Static Key is chosen in...

Page 234: ...Key will be available only when TLS is chosen in Authorization Mode User Name An Optional setting Enter the User account for connecting to an OpenVPN server if the server required it Note User Name w...

Page 235: ...unchecked by default Check the Enable box to activate the nsCerType Verification function Note nsCerType Verification will be available only when TLS is chosen in Authorization Mode TLS Renegotiation...

Page 236: ...ls It also maintains User Account list user name password for client login authentication There is a virtual IP pool to assign virtual IP to each connected L2TP client L2TP Client It can be mobile use...

Page 237: ...sferred based on current routing policy of the gateway at L2TP client peer But if you entered 0 0 0 0 0 in the Remote Subnet field it will be treated as a Default Gateway setting for the L2TP client p...

Page 238: ...hecked by default Click the Enable box to activate L2TP function Client Server A Must filled setting Specify the role of L2TP Select Server or Client role your gateway will take Below are the configur...

Page 239: ...P server ending IP of virtual IP pool It will set as the ending IP which assign to L2TP client Value Range Starting Address and Starting Address 8 or 254 Authentication Protocol A Must filled setting...

Page 240: ...can create and add accounts for remote clients to establish L2TP VPN connection to the gateway device Click Add button to add user account Enter User name and password Then check the enable box to en...

Page 241: ...setting Description L2TP Client The box is unchecked by default Check the Enable box to enable L2TP client role of the gateway Save N A Click Save button to save the settings Undo N A Click Undo butt...

Page 242: ...filled setting Enter the Password for this L2TP tunnel to be authenticated when connect to L2TP server Tunneling Password Optional An Optional filled setting Enter the Tunneling Password for this L2TP...

Page 243: ...ax Failure Time User defined enter the Interval and Max Failure Time The default value for Interval is 30 seconds and Maximum Failure Times is 6 Times Disable disable the LCP Echo Value Range 1 99999...

Page 244: ...TP PPTP Server It must have a static IP or a FQDN for clients to create PPTP tunnels It also maintains User Account list user name password for client login authentication There is a virtual IP pool t...

Page 245: ...sferred based on current routing policy of the gateway at PPTP client peer But if you entered 0 0 0 0 0 in the Remote Subnet field it will be treated as a Default Gateway setting for the PPTP client p...

Page 246: ...to activate PPTP function Client Server A Must fill setting Specify the role of PPTP Select Server or Client role your gateway will take Below are the configuration windows for PPTP Server and for Cl...

Page 247: ...P server s Virtual IP DHCP server User can specify the last IP address for the subnet from which the PPTP client s IP address will be assigned Value Range Starting Address and Starting Address 8 or 25...

Page 248: ...t The selected user account can permanently be deleted by clicking the Delete button Value Range 1 32 characters As a PPTP Client When select Client in Client Server a series PPTP Client Configuration...

Page 249: ...nel to be authenticated when connect to PPTP server Value Range 1 32 characters Password A Must fill setting Enter the Password for this PPTP tunnel to be authenticated when connect to PPTP server Rem...

Page 250: ...ll not be available NAT before Tunneling 1 A Must filled setting 2 Unchecked by default Specify whether NAT is required or not for this PPTP tunnel LCP Echo Type Auto is set by default Specify the LCP...

Page 251: ...l each peer needs to setup its global IP as tunnel IP and fill in the other s global IP as remote IP Besides each peer must further specify the Remote Subnet item It is for the Intranet of GRE server...

Page 252: ...4G PoE IIoT Gateway 252...

Page 253: ...ox to enable GRE function Max Concurrent GRE Tunnels Depends on Product specification The specified value will limit the maximum number of simultaneous GRE tunnel connection The default value can be d...

Page 254: ...the largest packet size permitted for Internet transmission When set to Auto value 0 or blank the router selects the best MTU for best Internet connection performance Value Range 0 1500 Key An Optiona...

Page 255: ...te GRE server peer controls the flow of any packets from the GRE client peer Certainly those packets come through the GRE tunnel Tunnel Unchecked by default Check Enable box to enable this GRE tunnel...

Page 256: ...wall The firewall functions include Packet Filter URL Blocking Content Filter MAC Control Application Filter IPS and some firewall options The supported function can be different for the purchased gat...

Page 257: ...llow those match the following rules and define the rules Rule 1 is to allow HTTP packets to pass and Rule 2 is to allow HTTPS packets to pass Under such configuration the gateway will allow only HTTP...

Page 258: ...ick Save to save the settings Undo N A Click Undo to cancel the settings Create Edit Packet Filter Rules The gateway allows you to customize your packet filtering rules It supports up to a maximum of...

Page 259: ...Must filled setting 2 By default Any is selected This field is to specify the Destination IP address Select Any to filter packets that are entering to any IP addresses Select Specific IP Address to f...

Page 260: ...pecify a port range Then for Destination Port select a predefined port dropdown box when Well known Service is selected otherwise select User defined Service and specify a port range Value Range 1 655...

Page 261: ...ted in the rule list will be blocked if one pattern in the requests matches to one rule Other Web requests can pass through the gateway In contrast when you choose Deny all to pass except those match...

Page 262: ...ain Name Keyword the destination service ports the integrated time schedule rule and the rule activation Enable URL Blocking Configuration Item Value setting Description URL Blocking The box is unchec...

Page 263: ...to filter packets coming from a MAC address entered in this field Select MAC Address based Group to filter packets coming from a pre defined group selected Note group must be pre defined before this...

Page 264: ...ateway Rule The box is unchecked by default Click the Enable box to activate this rule Save NA Click the Save button to save the settings Undo NA Click the X button to cancel the changes and back to l...

Page 265: ...dresses he can use the MAC Control function to reject with the black list configuration MAC Control with Black List Scenario As shown in the diagram enable the MAC control function and specify the MAC...

Page 266: ...t Deny MAC Address Below is set by default When Deny MAC Address Below is selected as the name suggest packets specified in the rules will be blocked black listed In contrast with Allow MAC Address Be...

Page 267: ...rol rule name Enter a name that is easy for you to remember MAC Address Use to Compose 1 MAC Address string Format 2 A Must fill setting Specify the Source MAC Address to filter rule Time Schedule A M...

Page 268: ...4G PoE IIoT Gateway 5 2 4 Content Filter not supported Not supported feature for the purchased product leave it as blank 268...

Page 269: ...4G PoE IIoT Gateway 5 2 5 Application Filter not supported Not supported feature for the purchased product leave it as blank 269...

Page 270: ...out this activity attempt to block stop it and report it You can enable the IPS function and check the listed intrusion activities when needed You can also enable the log alerting so that system will...

Page 271: ...on IPS The box is unchecked by default Check the Enable box to activate IPS function Log Alert The box is unchecked by default Check the Enable box to activate to activate Event Log Save N A Click Sav...

Page 272: ...d in this field ICMP Flood Defense Click Enable box to activate this intrusion prevention rule and enter the traffic threshold in this field Value Range 10 10000 Port Scan Defection 1 A Must filled se...

Page 273: ...lt 3 Traffic threshold is set to 300 by default 4 The value range can be from 10 to 10000 Click Enable box to activate this intrusion prevention rule and enter the traffic threshold in this field Valu...

Page 274: ...rd the packet information like IP address port address ACK SEQ number and so on while they pass through the gateway and the gateway checks every incoming packet to detect if this packet is valid Disca...

Page 275: ...ts but use different source IP to masquerade With the SPI feature been enabled at the gateway it will block such packets from unknown users Discard Ping from WAN Remote Administrator Hosts Scenario Di...

Page 276: ...The box is unchecked by default Check the Enable box to activate the Stealth Mode function SPI The box is checked by default Check the Enable box to activate the SPI function Discard Ping from WAN Th...

Page 277: ...ect Specific IP to allow the remote host coming from a specific subnet An IP address entered in this field and a selected Subnet Mask to compose the subnet Service Port 1 80 for HTTP by default 2 443...

Page 278: ...practice computer systems Centralized management has a time and effort trade off that is related to the size of the company the expertise of the IT staff and the amount of technology being used This d...

Page 279: ...backup the existed command script in a txt file You can specify the script file name in Script Name below Upload Script N A Click the Via Web UI or Via Storage button to Upload the existed command scr...

Page 280: ...command set to configure you can configure them with proprietary command set Configuration Content Key Value setting Description OPENVPN_ENABLED 1 enable 0 disable Enable or disable OpenVPN Client fun...

Page 281: ...ry the system checks the connection by sending DNS Query packets to the destination specified in PPP_PING_IPADDR With ICMP Query the system will check connection by sending ICMP request packets to the...

Page 282: ...lain text system config ex txtConfig enable disable NA Disable plain text system config ex txtConfig disable run_immediately NA Apply the configuration content that has been committed in database ex t...

Page 283: ...th your ISP or the ACS provider for help At the right upper corner of TR 069 Setting screen one Help command let you see the same message about that Scenario Managing deployed gateways through an ACS...

Page 284: ...ation Procedure In above diagram the ACS server can manage multiple gateways in the Internet The Gateway 1 is one of them and has 118 18 81 33 IP address for its WAN 1 interface When all remote gatewa...

Page 285: ...tion to login the ACS server the service port and the account information for connection requesting from the ACS server and the time interval for job inquiry Except the inquiry time there are no activ...

Page 286: ...sk ACS manager provide ACS ConnectionRequest Port and manually set Value Range 0 65535 ConnectionRequest UserName A Must filled setting You can ask ACS manager provide ACS ConnectionRequest Username a...

Page 287: ...m Specify the IP address for the expected STUN Server Server Port 1 An optional setting 2 3478 is set by default Specify the port number for the expected STUN Server Value Range 1 65535 Keep Alive Per...

Page 288: ...ta on the managed systems as variables The protocol also permits active management tasks such as modifying and applying a new configuration through remote modification of these variables The variables...

Page 289: ...ge IP address can manage the devices but other remote NMS can t Parameter Setup Example Following tables list the parameter configuration as an example for the Gateway 1 in above diagram with SNMP ena...

Page 290: ...e manager uses SNMPv3 protocol for configuring the Gateway 1 Only the UserName1 account can let the Gateway 1 accept the configuration from the NMS since the authority of the account is Read Write Onc...

Page 291: ...WAN box it will activate SNMP functions and you can access SNMP from WAN side WAN Interface 1 A Must filled setting 2 ALL WANs is selected by default Specify the WAN interface that a remote SNMP host...

Page 292: ...settings Create Edit Multiple Community The SNMP allows you to custom your access control for version 1 and version 2 user The router supports up to a maximum of 10 community sets When Add button is...

Page 293: ...ust filled setting 2 String format any text Specify the User Name for this version 3 user Value Range 1 32 characters Password 1 String format any text When your Privacy Mode is authNoPriv or authPriv...

Page 294: ...1 The default value is 1 2 A Must filled setting 3 String format any legal OID The OID Filter Prefix restricts access for this version 3 user to the sub tree rooted at the given OID Value Range 1 208...

Page 295: ...g Description Server IP 1 A Must filled setting 2 String format any IPv4 address or FQDN Specify the trap Server IP or FQDN The DUT will send trap to the server IP FQDN Server Port 1 String format any...

Page 296: ...the authNoPriv You must specify the Authentication and Password Selected the authPriv You must specify the Authentication Password Encryption and Privacy Key Authentication 1 A v3 Must filled setting...

Page 297: ...t Specify the location information forMIB 2 system Value Range 0 64 characters Edit SNMP Options If you use some particular private MIB you must fill the enterprise name number and OID Options Item Va...

Page 298: ...g format any legal OID Specify the Enterprise OID for the particular private MIB The range of the each OID number is 1 2080768 The maximum length of the enterprise OID is 31 The seventh number must be...

Page 299: ...supports both Telnet and SSH Secure Shell CLI with default service port 23 and 22 respectively Telnet SSH Scenario Scenario Application Timing When the administrator of the gateway wants to manage it...

Page 300: ...Operation Procedure In above diagram Local Admin or Remote Admin can manage the Gateway in the Intranet or Internet The Gateway is the gateway of Network A and the subnet of its Intranet is 10 0 75 0...

Page 301: ...The LAN Enable box is checked by default 2 By default Service Port is 23 Check the Enable box to activate the Telnet function for connecting from LAN or WAN interfaces You can set which number of Serv...

Page 302: ...cify new password to change root password Note_1 You are highly recommended to change the default telnet password with yours before the device is deployed Note_2 If you have trouble for the default pa...

Page 303: ...n allows network administrator to setup change the host name of the gateway Click the Modify button and provide the new username setting Username Configuration Item Value setting Description Host Name...

Page 304: ...inistrator to change the web based MMI login password to access gateway Password Configuration Item Value setting Description Old Password 1 String any text 2 The default password for web based MMI is...

Page 305: ...ge 30 65535 GUI Access Protocol http https is selected by default Select the protocol that will be used for GUI access It can be http https http only or https only HTTPs Certificate Setup The default...

Page 306: ...4G PoE IIoT Gateway check during the device booting Save N A Click Save button to save the settings Undo N A Click Undo button to cancel the settings 306...

Page 307: ...Device Serial Number N A It displays the serial number of this product Kernel Version N A It displays the Linux kernel version of the product FW Version N A It displays the firmware version of the pr...

Page 308: ...te with time server by NTP Protocol to get system date and time after you click on the Synchronize immediately button The second one is Sync with my PC Select the method and the system will synchroniz...

Page 309: ...r the device otherwise you will just get the UTC Coordinated Universal Time time not the local time for the device Synchronize with Manually Setting System Time Information Item Value Setting Descript...

Page 310: ...method for the system time to let system synchronize its date and time to the time of the administration PC NTP Service 1 It is an optional item 2 Un checked by default Check the Enable button to act...

Page 311: ...h Cellular WAN interface Time Zone 1 A Must filled item 2 GMT 00 00 is selected by default Select a time zone where this device locates NTP Service 1 It is an optional item 2 Un checked by default Che...

Page 312: ...S interface Time Zone 1 A Must filled item 2 GMT 00 00 is selected by default Select a time zone where this device locates NTP Service 1 It is an optional item 2 Un checked by default Check the Enable...

Page 313: ...m Log tab View Email Log History View button is provided for network administrator to view log history on the gateway Email Now button enables administrator to send instant Email for analysis View Ema...

Page 314: ...k N A Click the Back button to return to the previous page Web Log Type Category Web Log Type Category screen allows network administrator to select the type of events to log and be displayed in the W...

Page 315: ...r from the Server dropdown box to send Email If none has been available click the Add Object button to create an outgoing Email server You may also add an outgoing Email server from Object Definition...

Page 316: ...o select the type of events to log and be stored at an internal or an external storage Log to Storage Setting Window Item Value Setting Description Enable Un checked by default Check to enable sending...

Page 317: ...Button Description Item Value setting Description Download log file N A Click the Download log file button to download log files to a log tar file Clear Logs N A Click the Clear logs button to delete...

Page 318: ...o specify the file name of new firmware by using Browse button and then click Upgrade button to start the FW upgrading process on this device If you want to upgrade a firmware which is from GPL policy...

Page 319: ...this device by clicking the Reboot button and reset this device to default settings by clicking the Reset button System Operation Window Item Value Setting Description Reboot Now is selected by defaul...

Page 320: ...chnologically different This gateway embedded FTP SFTP server for administrator to download the log files to his computer or database In the following two sections you can configure the FTP server and...

Page 321: ...d to the storage FTP Port Port 21 is set by default Specify a port number for FTP connection The gateway will listen for incoming FTP connections on the specified port Value Range 1 65535 Timeout 300...

Page 322: ...supported by default FTPS FTP over SSL TLS Optional setting Check the Enable box to activate the support of secure connections via SSL TLS Enable SFTP Server Configuration Item Value setting Descript...

Page 323: ...String non blank string Enter the user account for login to the FTP server Value Range 1 15 characters Password String no blank Enter the user password for login to the FTP server Directory N A Selec...

Page 324: ...hether it is alive after clicking on the Ping button A test result window will appear beneath it Tracert Test Optional setting Trace route tracert command is a network diagnostic tool for displaying t...

Page 325: ...4G PoE IIoT Gateway Save N A Click the Save button to save the configuration 325...

Page 326: ...me is Interface _ Date _ index Enter the file name to save the captured packets in log storage If Split Files option is also enabled the file name will be appended with an index code _ index The exten...

Page 327: ...c Interface s you can further specify some filter rules to capture the packets which matched the rules Capture Fitters Item Value setting Description Filter Optional setting Check Enable box to activa...

Page 328: ...kets which match the rule will be captured Up to 10 MACs are supported but they must be separated with e g AA BB CC DD EE FF 11 22 33 44 55 66 The packets will be captured when match any one MAC in th...

Page 329: ...ting with carrier ISP by USSD command or doing a cellular network scan for diagnostic purpose In Cellular Toolkit section it includes several useful features that are related to cellular configuration...

Page 330: ...to secondary SIM and establish another cellular data connection with secondary SIM automatically If Data Usage feature is enabled all history of cellular data usage can be viewed at Status Statistics...

Page 331: ...interface 3G 4G 1 or 3G 4G 2 and a SIM card bound to the selected cellular interface to configure its data usage profile Note 3G 4G 2 is only available for for the product with dual cellular module C...

Page 332: ...activate the connection restriction function During the specified cycle period if the actual data usage exceeds the allowable data limitation the cellular connection will be forced to disconnect Enab...

Page 333: ...1 or 3G 4G 2 for the following SMS function configuration Note 3G 4G 2 is only available for for the product with dual cellular module SMS The box is checked by default This is the SMS switch If the b...

Page 334: ...is value plus one Sent SMS N A This value record the number of out going SMS When sent one SMS this value plus one Remaining SMS N A This value is SMS capacity minus received SMS When received the new...

Page 335: ...context length Send N A Click the Send button above text message will be sent as a SMS Result N A If SMS has been sent successfully it will show Send OK otherwise Send Failed will be displayed SMS In...

Page 336: ...n read or delete SMS from this screen SMS Sent Folder Item Value setting Description ID N A The number of SMS Receivers N A Receiver list for the sent SMS Timestamp N A What time the SMS is sent SMS T...

Page 337: ...nage PIN code on a SIM card through its web GUI Activate PIN code on SIM Card This gateway device allows you to activate PIN code on SIM card This example shows how to activate PIN code on SIM A for 3...

Page 338: ...4G PoE IIoT Gateway 338...

Page 339: ...e SIM PIN setting for the selected SIM Card Note 3G 4G 2 is only available for for the product with dual cellular module SIM Status N A Indication for the selected SIM card and the SIM card status The...

Page 340: ...case if you still want to change the PIN code you have to enable the SIM Lock function first fill in the PIN code and then click the Save button to enable After that You can click the Change PIN code...

Page 341: ...ed by PUK code after too many trials of failure PIN code In this case the PUK Status will turns to PUK Lock In a normal situation it will display PUK Unlock Remaining times Depend on SIM card Represen...

Page 342: ...phanumeric characters in length Unlike Short Message Service SMS messages USSD messages create a real time connection during an USSD session The connection remains open allowing a two way exchange of...

Page 343: ...n the Send button for the session The responses from the USSD server will be displayed beneath the USSD Command line When commands typed in the USSD Command field are sent received responses will be d...

Page 344: ...ments N A Enter a brief comment for the profile Send USSD Request When send the USSD command the USSD Response screen will appear When click the Clear button the USSD Response will disappear USSD Requ...

Page 345: ...ne after another You can also specify the connection sequence of the targeted generation of mobile system 2G 3G LTE Network Scan Configuration Configuration Item Value setting Description Physical Int...

Page 346: ...when the Manually Scan Approach is selected in the Configuration window By clicking on the Scan button and wait for 1 to 3 minutes the found mobile operator system will be displayed for you to choose...

Page 347: ...fic functionality of the gateway On receiving the managing event the gateway will take action to change the functionality collect the required status for administration and also change the status of a...

Page 348: ...nts Trigger Type Digital Input Power Change Connection Change WAN LAN VLAN WiFi DDNS Administration Modbus and Data Usage Actions Notify the administrator with SMS Syslog SNMP Trap or Email Alert Chan...

Page 349: ...the SMS management function you have to configure some important settings first SMS Configuration Item Value setting Description Message Prefix The box is unchecked by default Click the Enable box to...

Page 350: ...a mobile phone number as the SMS account identifier if required It can be Specific Number or Allow Any If Specific Number is selected you have to specify the phone number as the SMS account identifier...

Page 351: ...configure the Email account Email Service Configuration Item Value setting Description Email Server Option Select an Email Server profile from External Server setting for the email account setting Em...

Page 352: ...Contiune Update Status The box is unchecked by default Click Enable box to activate this function for the DI event with designated update interval setting If the event condition keeps active for a lo...

Page 353: ...the profile DO Source ID1 by default Specify the DO Source It could be ID1 Normal Level Low by default Specify the Normal Level It could be Low or High Total Signal Period 1 Numberic String format 2 A...

Page 354: ...ription for the profile Read Function Read Holding Registers by default Specify the Read Function for Notifying Events Modbus Mode Serial by default Specify the Modbus Mode It could be Serial or TCP I...

Page 355: ...profile setting Save NA Click the Save button to save the configuration Undo NA Click the Undo button to restore what you just configured back to the previous setting Create Edit Modbus Managing Even...

Page 356: ...format 2 A Must filled setting Specify the Device ID of the modbus device Value Range 1 247 Register 1 Numberic String format 2 A Must filled setting Specify the Register number of the modbus device V...

Page 357: ...number for accessing the Remote Host Value Range 1 65535 Prefix Message 1 String format 2 An Optional filled setting Specify the Prefix Message string as pre defined identification for accessing the r...

Page 358: ...Events Tab Enable Managing Events Configuration Item Value setting Description Managing Events The box is unchecked by default Check the Enable box to activate the Managing Events function Create Edit...

Page 359: ...p and fill the message in the textbox to specify SNMP Trap Event Digital Input Select Digital Input and a DI profile you defined to specify a certain Digital Input Event Note The available Event Type...

Page 360: ...lient On Off OpenVPN Client On Off the gateway will change the settings as the action for the event GRE Select GRE Checkbox and the interested sub items GRE Tunnel On Off the gateway will change the s...

Page 361: ...handlers Enable Notifying Events Configuration Item Value setting Description Notifying Events The box is unchecked by default Check the Enable box to activate the Notifying Events function Create Ed...

Page 362: ...dition to specify a certain LAN VLAN Event WiFi Select WiFi and a trigger condition to specify a certain WiFi Event DDNS Select DDNS and a trigger condition to specify a certain DDNS Event Administrat...

Page 363: ...unts as the action for the event Modbus Select Modbus and a Modbus Notifying Event profile you defined as the action for the event Remote Host Select Remote Host checkbox and a Remote Host profile you...

Page 364: ...status for the gateway They are the System Information System Information History and Network Interface Status The display will be refreshed once per second From the menu on the left select Status Da...

Page 365: ...tistic graphs for the CPU and memory Network Interface Status The Network Interface Status screen shows the statistic information for each network interface of the gateway The statistic information in...

Page 366: ...chased it can be Static IP Dynamic IP PPPoE PPTP L2TP 3G 4G Network Type N A It displays the network type for the WAN interface s Depending on the model purchased it can be NAT Routing Bridge or IP Pa...

Page 367: ...Connection Control in WAN Type setting is set to Connect Manually Refer to Edit button in Basic Network WAN Uplink Internet Setup and WAN connection status is connected WAN interface IPv6 Network Sta...

Page 368: ...Address N A It displays the current IPv6 global IP address assigned by your ISP for your Internet connection MAC Address N A It displays the LAN MAC Address of the gateway Action N A This area provid...

Page 369: ...Information Refer to next page for more When the Detail button is pressed 3G 4G modem information windows such as Modem Information SIM Status Service Information Signal Strength Quality and Error Mes...

Page 370: ...ateway LAN Client List Item Value setting Description LAN Interface N A Client record of LAN Interface String Format IP Address N A Client record of IP Address Type and the IP Address Type is String F...

Page 371: ...ays whether the VAP wireless signal is enabled or disabled Op Mode N A The WiFi Operation Mode of VAP Depends of device model modes are AP Router WDS Only and WDS Hybrid Universal Repeater and Client...

Page 372: ...me N A It displays the receiving Probe Request Frame count Disassociation Frame N A It displays the receiving Disassociation Frame count Deauthentication Frame N A It displays the receiving Deauthenti...

Page 373: ...and N A It displays the Wi Fi Operation Band 2 4G or 5G of VAP ID N A It displays the VAP ID Received Packets N A It displays the number of reveived packets Transmitted Packet N A It displays the numb...

Page 374: ...DDNS service provider Provider N A It displays the DDNS server of DDNS service provider Effective IP N A It displays the public IP address of the device updated to the DDNS server Last Update Status...

Page 375: ...IPSec Tunnel Status IPSec Tunnel Status windows show the configuration for establishing IPSec VPN connection and current connection status IPSec Tunnel Status Item Value setting Description Tunnel Na...

Page 376: ...It displays the public IP address the WAN IP address of the connected OpenVPN Client Virtual IP MAC N A It displays the virtual IP MAC address assigned to the connected OpenVPN client Conn Time N A It...

Page 377: ...he TCP UDP Write Bytes of OpenVPN Client Connection Conn Time N A It displays the connection time for the corresponding OpenVPN tunnel Conn Status N A It displays the connection status of the correspo...

Page 378: ...L2TP tab L2TP Client Status Item Value setting Description Client Name N A It displays Name for the L2TP Client specified Interface N A It displays the WAN interface with which the gateway will use t...

Page 379: ...N PPTP tab PPTP Client Status Item Value setting Description Client Name N A It displays Name for the PPTP Client specified Interface N A It displays the WAN interface with which the gateway will use...

Page 380: ...etting Description Activated Filter Rule N A This is the Packet Filter Rule name Detected Contents N A This is the logged packet information including the source IP destination IP protocol and destina...

Page 381: ...format Time N A Logged packet of the Date Time Date time format Month Day Hours Minutes Seconds Note Ensure Web Content Filter Log Alert is enabled Refer to Security Firewall Web Content Filter tab C...

Page 382: ...at Month Day Hours Minutes Seconds Note Ensure Application Filter Log Alert is enabled Refer to Security Firewall Application Filter tab Check Log Alert and save the setting IPS Status IPS Firewall St...

Page 383: ...tatus of Discard Ping from WAN on Firewall Options String Format Disable or Enable Remote Administrator Management N A Enable or Disable setting status of Remote Administrator If Remote Administrator...

Page 384: ...ntication This is only available for SNMP version 3 IP Address N A It displays the IP address of SNMP manager Port N A It displays the port number used to maintain connection with the SNMP manager Com...

Page 385: ...ction status with the TR 068 server TR 069 Status Item Value setting Description Link Status N A It displays the current connection status with the TR 068 server The connection status is either On whe...

Page 386: ...n Log Storage tab The Log Storage Status screen shows the status for selected device storage Log Storage Status Log Storage Status screen shows the status of current the selected device storage The st...

Page 387: ...button you will see the previous page of track list Next N A Click the Next button you will see the next page of track list First N A Click the First button you will see the first page of track list...

Page 388: ...us Statistics Reports Network Traffic tab Network Traffic Statistics screen shows the historical graph for the selected network interface You can change the interface drop list and select the interfac...

Page 389: ...ics Next N A Click the Next button you will see the next page of login statistics First N A Click the First button you will see the first page of login statistics Last N A Click the Last button you wi...

Page 390: ...5 4 Cellular Usage Go to Status Statistics Reports Cellular Usage tab Cellular Usage screen shows data usage statistics for the selected cellular interface The cellular data usage can be accumulated p...

Page 391: ...rg brctl ethernet bridge administration Stephen Hemminger shemminger osdl org Lennert Buytenhek buytenh gnu org version 1 1 GNU GENERAL PUBLIC LICENSE Version 2 June 1991 tc show manipulate traffic co...

Page 392: ...oston MA 02111 1307 USA Everyone is permitted to copy and distribute verbatim copies of this license document but changing it is not allowed https www openswan org Opennhrp Version v0 14 1 OpenNHRP is...

Page 393: ...All software included in this package is Copyright 2002 Roaring Penguin Software Inc You may distribute it under the terms of the GNU General Public License the GPL Version 2 or at your option any la...

Page 394: ...chusetts Institute of Technology and its contributors OpenLDAP a suite of the Lightweight Directory Access Protocol v3 servers clients utilities and development tools Version 2 4 Copyright 1998 2014 T...

Page 395: ...opyright C 1998 2004 WIDE Project BSD License https sourceforge net projects wide dhcpv6 Python version 2 7 12 This Python distribution contains no GNU General Public Licensed GPLed code so it may be...

Search results

Summary of Contents for IOG851-W

Reviews:

Amit IOG851-W, User Manual, Page: 92 / 395

Search results

Summary of Contents for IOG851-W

Reviews: