background image

     

                                                                                                               

CM685VX User Manual

                                                                                                                               

95 

www.comset.com.au 

 

Traffic rule configuration page: This page allows you to change advanced properties of the traffic 
rule entry, such as matched source and destination hosts. 

 

Summary of Contents for CM685VX

Page 1: ...CM685VX User Manual 1 www comset com au Industrial 5G Router CM685VX User Manual Comset 37 125 Highbury Rd Burwood VIC 3125 Australia...

Page 2: ...tware configuration 13 3 1 Overview 13 3 2 How to log into the Router 13 3 3 Router status 16 3 3 1 Status overview 16 3 3 2 Network status 17 3 3 3 Firewall Status 20 3 3 4 Routes 20 3 3 5 System log...

Page 3: ...ta Limitation 75 3 6 4 LAN settings 76 3 6 5 Wired WAN 82 3 6 6 WiFi Settings 83 3 6 6 1 WiFi General Configuration 84 3 6 6 2 WiFi Advanced Configuration 85 3 6 6 3 WiFi Interface Configuration 86 3...

Page 4: ...red holders Specifications are subject to change without notice No part of this manual may be reproduced without the consent of Comset All rights reserved WARNING Keep at least a 20 cm distance betwee...

Page 5: ...ailover between NBN ADSL and mobile 4G or 5G as well as a GPIO with four digital input output ports Other features include VPN IPSEC PPTP Server and Client L2TP and OpenVPN to establish a secure conne...

Page 6: ...iFi N300 802 11 a b g n 2 4Ghz 6 x SMA standard detachable antennas included 4 x cellular antennas and 2 x WiFi antennas Optimised EMC design TR 069 Web management SMS control SSH Telnet Command SNMP...

Page 7: ...ed as Digital Output ports User friendly set up wizard for easy configuration and setup Network traffic real time graphs Network Diagnostic Tools Ping Traceroute and NSLookup Advanced security VPN and...

Page 8: ...CM685VX User Manual 8 www comset com au Chapter 2 2 Hardware Installation 1 Overall Dimensions 2 Accessories 3 Installation 2 1 Overall Dimensions...

Page 9: ...Gigabit Ethernet port RST SYS reset button PWR DC power socket DC5 40V standard DC5 50V optional VCC DC wire positive pole GND DC wire ground GND Serial ground RX Serial receive TX Serial transmit RST...

Page 10: ...antenna WiFi1 for WiFi antenna 1 WiFi2 for WiFi antenna 2 2 3 Powering up the CM685VX Please ensure the SIM card is inserted and the antennas are connected before powering up the router 2 4 SIM UIM c...

Page 11: ...ND Pin 5 Port 4 RX Pin 2 Port 5 TX Pin 3 Note If you do not get a serial connection try to switch Port 4 and Port 5 2 6 Grounding To ensure a safe operation the cabinet where the router is installed s...

Page 12: ...ion Off No Ethernet connection On Ethernet is connected VPN On IPSec VPN tunnel set up Off IPsec VPN tunnel not set up or Down Inactive Cell Solid orange light Cell connection is Up and now you have a...

Page 13: ...re instructions on how to access the web interface and configure the router 3 2 How to log into the Router 3 2 1 Network Configuration The router s default parameters are Default IP 192 168 1 1 Subnet...

Page 14: ...CM685VX User Manual 14 www comset com au 2 DHCP settings Choose Obtain an IP address automatically and Obtain DNS server address automatically Then click the OK button...

Page 15: ...92 168 1 1 into the address field then press Enter Type in the username and password Both username and password are admin Then click on the Login button To configure the router you can skip the follow...

Page 16: ...CM685VX User Manual 16 www comset com au 3 3 Router status 3 3 1 Status overview Click Status in the navigation bar and then click Overview...

Page 17: ...CM685VX User Manual 17 www comset com au 3 3 2 Network status The Network status page consists of three tabs detailing information about Mobile WAN and LAN interfaces status...

Page 18: ...CM685VX User Manual 18 www comset com au Mobile interface page...

Page 19: ...CM685VX User Manual 19 www comset com au WAN status page LAN status page...

Page 20: ...tus The Firewall status page shows the IPv4 and IPv6 rules and counters Here you can reset the counters and restart the firewall functionality 3 3 4 Routes The Routes page shows rules which are curren...

Page 21: ...Manual 21 www comset com au 3 3 5 System log This page shows the system log from system boot up The system log resets when the router is restarted You can export the system log by clicking the button...

Page 22: ...set com au 3 3 6 Kernel log This page shows the kernel log from system boot up This log is not saved when the router is restarted It can be exported by clicking the button Export Log 3 3 7 Reboot log...

Page 23: ...CM685VX User Manual 23 www comset com au 3 3 8 Realtime graphs The Realtime Graphs page shows the system load and interfaces traffic in realtime...

Page 24: ...CM685VX User Manual 24 www comset com au 3 3 9 VPN This page shows the status of VPN IPSec IPSec log OpenVPN PPTP tunnel L2TP tunnel and Openconnect...

Page 25: ...25 www comset com au 3 4 System Configuration 3 4 1 Setup wizard When you login to the router for the first time you will need to configure the Setup Wizard page This page consists of 4 sections Gene...

Page 26: ...com au Fill in parameters as required then click Save Next Note Pressing Save Next will save the configuration and jump to the next page All configurations will be applied after you click the button F...

Page 27: ...ne PAP CHAP Please confirm with your carrier the type of authentication Default is None Username Fill in the related value This can be obtained from your carrier or SIM Card Provider Note If your SIM...

Page 28: ...CM685VX User Manual 28 www comset com au Fill in parameters as required When finished click Save Next Fill in parameters as required then press Finish...

Page 29: ...Local Time This page shows the system time You can sync the time with the browser by clicking the button Sync with browser Hostname It is the router s name The default name is CM685VX Time zone Select...

Page 30: ...r Here you enter the IP address of the external log server You can setup a Linux machine with syslogd run as a log server External system log server port This is the UDP port of the external log serve...

Page 31: ...comset com au Here you can change the administrator s password for accessing the device as well as changing SSH username and password and Guest s username and password Click the eye button to show th...

Page 32: ...is unchecked The router acts as an NTP server NTP sync count This is the NTP running counts after the router is connected to the internet 0 means infinite NTP sync interval min This is the interval t...

Page 33: ...click the button Download Then an archive file will be generated and downloaded to your PC automatically To restore the configuration files click the button Choose File and select an archived configu...

Page 34: ...eset to factory settings We recommend to un check Keep settings to prevent conflicting parameters after the firmware upgrade Click the button Browse and select a compatible firmware then click the but...

Page 35: ...4 7 Reset This button resets all configurations to factory default After clicking the button Reset a message will appear prompting you to confirm By clicking OK the router will reset to factory defaul...

Page 36: ...suggest you enable ICMP check With this feature the router will periodically ping a hostname and automatically restart when a problem is detected Enable Enable ICMP check feature Host1 to ping Host2 t...

Page 37: ...Restart router Restart module will restart the radio module Restart router will restart the whole system including the radio module 3 5 2 VRRP Enable Enable VRRP Virtual Router Redundancy Protocol fo...

Page 38: ...ket to a set of VRRP instances to advertise the device in the MASTER state Password The password for VRRP access Track interface Check if the local interface is up or down Track IP Host The Host or IP...

Page 39: ...CM685VX User Manual 39 www comset com au 3 5 3 Failover link backup...

Page 40: ...checked the router will go back to the selected high priority WAN interface when available The priorities can be set to primary secondary and third priority There are four options to choose from Wire...

Page 41: ...rval between pings The time between two pings in seconds Failover Advanced Cell Standby When the cell is in backup mode you can choose between data connect data disconnect or radio off SMS Alarm This...

Page 42: ...CM685VX User Manual 42 www comset com au Enable Enable DTU feature Send DTU ID Send DTU ID at the front of the packet DTU ID The default DTU ID is the SN of the router You can change it if required...

Page 43: ...none odd or even Serial databits Can be 7 bits or 8 bits Serial stopbit Can be 1 bit or 2 bits Protocol Both TCP and UDP are supported Service mode Client and Server are supported Enable heartbeat The...

Page 44: ...the default value is 161 Get Community The username for SNMP get The default value is public SNMP get is read only Get Host Lan The network range to get the router via SNMP default is 0 0 0 0 0 Set C...

Page 45: ...ck this button to enable GPS Prefix SN No If checked it will add the router s SN to the data packet Only GPRMC If checked it will only send GPRMC data info Longitude Latitude altitude Send interval Se...

Page 46: ...r Manual 46 www comset com au Serial baudrate 9600 19200 38400 57600 115200bps Serial parity none odd even Serial databits 7 8 Serial stopbits 1 2 Serial flow control none hardware software 3 5 7 SMS...

Page 47: ...com au Enable Check it to enable the SMS command feature SMS ACK If checked the router will send the command feedback to the sender s mobile phone number Reboot Router Command Input the command for r...

Page 48: ...Input the command for I O port 0 For SMS feature please keep the default parameters DIO_1 Set Command Input the command for I O port 1 For SMS feature please keep the default parameters DIO_1 Reset C...

Page 49: ...larm is generated and the success counter is greater or equal to the Success Times Threshold this will clear the signal alarm Phone Number Add Phone number Input a name and click the button Add to add...

Page 50: ...CM685VX User Manual 50 www comset com au SMS Log SMS Log SMS send and receive log DIO Mail...

Page 51: ...ation Password Password for SMTP authentication TLS Enable or disable TLS also known as SSL for secured connections StartTLS Choose the TLS variant Start TLS from within the session default is on or t...

Page 52: ...CM685VX User Manual 52 www comset com au The default email title is DIOx changed and content is SN 8600000000 DIOx has changed from value0 to value1 Configure email title and content replace string in...

Page 53: ...t to high 1 and as soon as the device is up this value will be set to high automatically DIO_1 default value DIO default value is low 0 If this value is set to high 1 and as soon as the device is up t...

Page 54: ...gh to turn on functionality or set to low to turn it off If the value is None then no action is taken DIO_2 Function The DIO function can be set to None GPS WiFi1 WiFi2 or Cell The DIO value can be se...

Page 55: ...ready configured IPSec instances and their state Click the Edit button to modify the instance or click the Delete button to delete it The default settings are policy based IPSec If you tick the Enable...

Page 56: ...evel This is for IPSec backup One instance is Main and another instance is Backup If the Main instance is down it will switch to the Backup instance Authentication method Client and Server Client is t...

Page 57: ...no further actions taken hold installs a trap policy which will catch matching traffic and tries to re negotiate the connection on demand restart will immediately trigger an attempt to re negotiate th...

Page 58: ...CM685VX User Manual 58 www comset com au Note All configurations in Phase 1 Proposal and Phase 2 Proposal must match with the remote endpoint to establish an IPSEC connection...

Page 59: ...PPTP This page displays a list of already configured PPTP instances and their state Click the Edit button to modify the instance or click the Delete button to delete it PPTP NAT enable This is to ena...

Page 60: ...CM685VX User Manual 60 www comset com au...

Page 61: ...advertised by peer If unchecked the advertised DNS server addresses are ignored MPPE Encryption Microsoft Point to Point Encryption Debug Adds verbose PPTP log in system log Restart module when PPTP c...

Page 62: ...www comset com au 3 5 8 3 L2TP This page displays a list of already configured L2TP instances and their state Click the Edit button to modify the instance or click the Delete button to delete it L2TP...

Page 63: ...uch as 255 255 255 0 MTU Maximum Transmission Unit Keep Alive Number of unanswered echo requests before considering the peer dead The interval between echo requests is 5 seconds Checkup Interval Numbe...

Page 64: ...Remote LAN netmask The mask of L2TP client IP The default value is 255 255 255 0 ARP Proxy This allows the remote L2TP client to access the local LAN subnet The remote IP range should be included in...

Page 65: ...button to modify the instance or click the Delete button to delete it Click the Start or Stop buttons to start or stop a specific instance Note For OpenVPN configuration help hover the cursor over the...

Page 66: ...CM685VX User Manual 66 www comset com au...

Page 67: ...sion Unit Peer IP address Remote WAN IP address Remote Network IP Remote LAN subnet address that can be accessed via GRE tunnel such as 192 168 10 0 Remote Netmask Remote LAN subnet mask such as 255 2...

Page 68: ...will remain up If the value is receive only and if no GRE keepalive message has been received for peer device this will set the tunnel up If the value is send and receive this will send a keepalive me...

Page 69: ...uitable provider Hostname Domain The Domain name to remotely access the router IP address source Defines the source of the systems IPv4 Address which will be sent to the DDNS provider We recommend the...

Page 70: ...to file Writes detailed messages to the log file File will be truncated automatically Check Interval The minimum check interval is 1 minute 60seconds Force interval The minimum check interval is 1 mi...

Page 71: ...CM685VX User Manual 71 www comset com au Note If you use the DDNS server no ip com please tick the box Use HTTP Secure and input 8 8 8 8 for the DNS Server...

Page 72: ...TU and GPS sent to serial functions Please make sure the other two features are disabled before enabling the Connect Radio Module Otherwise the following error will appear Connect Mode Serial only Mod...

Page 73: ...ireless interface are bridged together and are treated as LAN ports AP Client The wireless apcli interface is treated as a WAN port and the wireless AP interface and the Ethernet ports are treated as...

Page 74: ...99 APN Fill in the related value The default value is telstra internet Authentication method There are three options to choose from None PAP CHAP The common value is None PAP and CHAP modes require a...

Page 75: ...can be used during this period If it is exceeded the router will terminate the cell mobile connection Enable alarm Enable data limitation alarm Phone number The phone number that receives the data lim...

Page 76: ...address is supported for LAN Use custom DNS servers Multiple DNS servers are supported IPv6 assignment length Assign a part of given length of every public IPv6 prefix to LAN interface IPv6 assignment...

Page 77: ...oot up If unchecked the LAN interface will be down Don t uncheck it if not required Use built in IPv6 management The default is checked If IPv6 is not needed it can be unchecked Override MAC address O...

Page 78: ...CM685VX User Manual 78 www comset com au Bridge interfaces LAN bridges wired LAN and WiFi in the same LAN subnet Enable STP Enable Spanning Tree Protocol on LAN The default value is unchecked...

Page 79: ...interface If it is unchecked this will disable DHCP on LAN Start Lowest leased address as offset from the network address Limit Maximum number of leased addresses Leasetime Expiry time of leased addre...

Page 80: ...tatic leases will be served Force Force DHCP on this network even if another server is detected IPv4 Netmask Override the netmask sent to clients Normally it is calculated from the subnet that is serv...

Page 81: ...Service Four options disabled server mode relay mode and hybrid mode DHCPv6 Service Same options as above NDP Proxy Three options disabled relay mode and hybrid mode Always announce default router Ann...

Page 82: ...ent If you need to change it to a different protocol i e PPPoE select the protocol from the drop down menu then click the button Switch protocol Note the Advanced Settings is different for different p...

Page 83: ...f then on AP Client Scan all frequencies to get the WiFi network information Add Add a new wireless network Disable Disable a wireless network Edit Modify settings on the wireless network Remove Delet...

Page 84: ...mset com au 3 6 6 1 WiFi General Configuration Status Shows the WiFi signal strength mode SSID Operating frequency Mode Supports 802 11b g n Band 2 4GHz Channel Channel 1 11 Width 20MHz and 40MHz Tran...

Page 85: ...85 www comset com au 3 6 6 2 WiFi Advanced Configuration Country Code Uses ISO IEC 3166 alpha2 country codes Distance Optimization Distance to furthest network device in meters Fragmentation Threshol...

Page 86: ...omset com au 3 6 6 3 WiFi Interface Configuration ESSID Extended Service Set Identifier It is the broadcast name Mode Supported options are Access Point Client Ad Hoc 802 11s Pseudo Ad Hoc Monitor Acc...

Page 87: ...less interface or fill out the create field to define a new network Hide Extended Service Set Identifier This allows you to hide the SSID so that WiFi cannot be scanned by others WMM Mode Enabled Encr...

Page 88: ...ward Deny list All packets can forward except the MAC address in the list MAC List Here you can add or delete MAC addresses 3 6 6 4 WiFi AP client Steps 1 Click the button AP Client on the wireless ov...

Page 89: ...l replace the old configuration WPA passphrase Specify the secret encryption key here Name of the new network The default value is wwan Please change it if it conflicts with other interfaces Step 4 Cl...

Page 90: ...CM685VX User Manual 90 www comset com au Step 5 Click the button Save Apply to start the AP client...

Page 91: ...CM685VX User Manual 91 www comset com au 3 6 7 Interfaces Overview The Interfaces Overview page shows all Interfaces status including uptime MAC address RX TX and IP address...

Page 92: ...CM685VX User Manual 92 www comset com au 3 6 8 Firewall 3 6 8 1 General Settings 3 6 8 2 Port Forwards This page includes the Port Forwards list and how to add new Port Forwards rules...

Page 93: ...e recommended zone is lan Internal IP address Redirect matched incoming traffic to the specific host Internal port Redirect matched incoming traffic to the given port on the internal host 3 6 8 3 Traf...

Page 94: ...CM685VX User Manual 94 www comset com au Open ports on router and create new forward rules Source NAT list and create source NAT rule...

Page 95: ...CM685VX User Manual 95 www comset com au Traffic rule configuration page This page allows you to change advanced properties of the traffic rule entry such as matched source and destination hosts...

Page 96: ...ce zone It is the zone that the traffic comes from Source MAC address Traffic rule check if the incoming packet s source MAC address is matched Source address Traffic rule check if the incoming packet...

Page 97: ...n t track Extra argument Passes additional argument to the iptable 3 6 8 4 DMZ In computer networking DMZ is a firewall configuration for securing local area networks LANs IP Address Please Enter the...

Page 98: ...CM685VX User Manual 98 www comset com au 3 6 8 5 Security...

Page 99: ...ge Netmask 24 means netmask 255 255 255 0 32 means 255 255 255 255 the value is from 1 to 32 HTTP port Set HTTP port The default is 80 HTTP access from WAN Allow or deny access to the router web manag...

Page 100: ...ter to make routing decisions MTU Maximum transmission unit Table The route table ID The default value is 254 Valid table ID 1 254 Note The Gateway and LAN IP of this router must belong to the same ne...

Page 101: ...port 2 port 3 are LAN ports 2 Untagged means the Ethernet frame transmits from this port without VLAN tag 3 Tagged means the Ethernet frame transmits from this port with VLAN tag 4 Off means this por...

Page 102: ...ever forwarded and are resolved from DHCP or hosts files only Local domain Local domain suffix appended to DHCP names and hosts file entries Log queries Write received DNS requests to syslog DNS forwa...

Page 103: ...CM685VX User Manual 103 www comset com au...

Page 104: ...s NX domain results DNS server port Listening port for inbound DNS queries DNS query port Fixed source port for outbound DNS queries Max DHCP leases Maximum allowed number of active DHCP leases Max ed...

Page 105: ...com au 3 6 13 Loopback Interface The default Loopback interface has IP address 127 0 0 1 You can change it if required 3 6 14 Dynamic Routing Dynamic Routing is implemented by quagga 0 99 22 4 Dynami...

Page 106: ...CM685VX User Manual 106 www comset com au Zebra Zebra is an IP routing manager Telnet port number is 2601 OSPF Open Shortest Path First Telnet port number is 2604...

Page 107: ...tion of the RIP protocol Telnet port number is 2603 BGP Border Gateway Protocol Telnet port number is 2605 Example The router s LAN IP is 192 168 10 1 If we want to configure OSPF we need to set OSPF...

Page 108: ...All the packets share the bucket specified Target The four defaults are priority express normal low Source host Packets matching this source host s single IP or in CIDR notation belong to the bucket...

Reviews: