Geneko GWR High Speed Router Series User Manual Download Page 127

Page: 127 / 133

User Manual

Geneko GWR High Speed Router Series

127

Establishing of IPSec tunnel is allowed

Firewall has to allow IKE and ESP protocol for IPSec tunnel establishment. If NAT traversal is used one additional

port has to be allowed. All these rules are predefined and they have priorities 10, 11 and 12 in default firewall
configuration (they are named as

Allow IPSec tunnels on ppp_0 –protocol, IKE and NATt

). As these rules are already

configured it is enough just to enable them to have IPSec passed through firewall.

Figure 134 – IPSec firewall rules

These three rules are enabled in following way:

Select EDIT of the rule

Enable: selected

SAVE and exit

SSH access is allowed from IP range 212.62.38.210-220

New rule should be added by selecting ADD NEW RULE button. Policy should be configured in following way:

Rule name: Allow SSH

Enable: selected

Chain: INPUT

Service: Custom

Protocol: TCP

Port: Custom; 22

Input interface: ppp_0

Source address: Range ; 212.62.38.210 : 212.62.38.220

Destination address: Any

Packet state: NEW

Policy: ACCEPT

After configuration is finished SAVE button should be selected and user is returned to main configuration page.

Priority of rule

is changed by selecting number in drop-down menu. In this example number 6 is selected.

WEB access is allowed from 212.62.38.210 IP address

In default firewall configuration rule for allowing WEB traffic is predefined (rule with priority 4, named

Allow

HTTP on ppp_0

) This rule can be used in example with additional restriction in source IP address to 212.62.38.210.

Policy should be configured in following way:

Enable: selected

Source address: Single IP; 212.62.38.210

All other settings should remain the same like in the picture below

Summary of Contents for GWR High Speed Router Series

Page 1: ...GWR High Speed Cellular Router Series User Manual version 1 1 Date June 2014...

Page 2: ...Status Router Monitoring 23 SETTINGS NETWORK 24 SETTINGS DHCP SERVER 25 SETTINGS WAN SETTING 27 SETTINGS WIRELESS 31 SETTINGS ROUTING 33 Port translation 34 SETTINGS DYNAMIC ROUTING PROTOCOL 35 Routi...

Page 3: ...GOUT 78 CONFIGURATION EXAMPLES 79 GWR HS ROUTER AS INTERNET ROUTER 79 GRE TUNNEL CONFIGURATION BETWEEN TWO GWR HS ROUTERS 80 GRE TUNNEL CONFIGURATION BETWEEN GWR HS ROUTER AND THIRD PARTY ROUTER 84 IP...

Page 4: ...on page 40 Figure 24 IPSec Summary screen 41 Figure 25 IPSec Settings 42 Figure 26 OpenVPN example 46 Figure 27 OpenVPN Summary screen 46 Figure 28 OpenVPN configuration page 49 Figure 29 OpenVPN netw...

Page 5: ...re 80 IPSec configuration page III for GWR HS Router 2 92 Figure 81 IPSec start stop page for GWR HS Router 2 93 Figure 82 Network configuration page for GWR HS Router 1 94 Figure 83 IPSEC configurati...

Page 6: ...2 Portforwarding example 119 Figure 123 GWR HS portforwarding configuration 119 Figure 124 Transparent serial connection 120 Figure 125 GWR HS Serial port settings 120 Figure 126 GWR HS settings for S...

Page 7: ...meters 40 Table 12 IPSec Summary 42 Table 13 IPSec Parameters 45 Table 14 OpenVPN parameters 48 Table 15 PPTP parameters 51 Table 16 L2TP parameters 52 Table 17 Firewall parameters 54 Table 18 MAC fil...

Page 8: ...ormance backup solution for existing land lines or satellite networks is now a simple task thanks to modern cellular networks Therefore no matter if the goal is to provide primary internet access or b...

Page 9: ...tral site Vehicle based bank service POS Vending machine Bank office supervision Security Traffic control Video Surveillance Solutions Other Remote Office Solution Remote Access Solution There are num...

Page 10: ...UART RS 232C 1 x USB Host RF characteristics GWR402 GPRS EDGE UMTS HSPA LTE LTE 800 900 1800 2100 2600 MHz UMTS HSDPA HSUPA 900 2100MHz GSM GPRS EDGE Quad band 850 900 1800 1900MHz GPRS EDGE multi sl...

Page 11: ...p www justlinux com http www dhs org http www dyndns org http www ods org http www dyn ca http www tzo com http www easydns com http www dyns cx http www zoneedit com http www no ip com Firewall NAT P...

Page 12: ...kets PPTP max number of tunnels 5 L2TP L2TP is suitable for Layer 2 tunneling L2TP max number of tunnels 5 GSM UMTS features Dual SIM support For operator backup SIM card detection Status of active SI...

Page 13: ...et or a reset to factory defaults Warm reset If the GWR HS Router is having problem connecting to the Internet press and hold the reset button for a second using the tip of a pen Reset to Factory Defa...

Page 14: ...Fi supported Figure 4 GWR HSW Router back panel WiFi supported Top Panel There is a sequence of 8 LED indicators on the top of this device by which the indication of the system current state WiFi stat...

Page 15: ...er is in initializing state 4 Signal strength LED indicator 107 or less dBm Unacceptable 1 LED 107 to 98 dBm Weak 2 LED 98 to 87 dBm Moderate 3 LED 87 to 76 dBm Good 4 LED 76 or better dBm Excellent 5...

Page 16: ...needed for the operation GSM antenna Ethernet cable and SIM card must be inserted And finally device should have powered up using power supply adaptor Power consumption of GWR HS router is 2W in stan...

Page 17: ...User Manual Geneko GWR High Speed Router Series 17 Declaration of conformity Figure 7 Declaration of conformity...

Page 18: ...and instructions Device configuration using web application The GWR HS Router s web based utility allows you to set up the Router and perform advanced configuration and troubleshooting This chapter w...

Page 19: ...elds click Add link To Update the row in the table Change data directly in fields you want to change To Remove the row from the table Click Remove link to remove selected row from the table Save Reloa...

Page 20: ...n CPU vendor Up Time since last reboot hardware resources utilization and MAC address of LAN port Screenshot of General Router information is shown at Figure 9 Data in Status menu are read only and ca...

Page 21: ...se status Figure 11 DHCP Information Status WAN Information WAN Information Tab provides information about GPRS EDGE HSPA HSPA LTE connection and traffic statistics WAN information menu has three subm...

Page 22: ...uter If Local DNS is configured it has priority to those DNS servers Status Firewall Firewall Information Tab provides information about active firewall and MAC filtering rules divided in three groups...

Page 23: ...y active routes on the router The same information can be previewed on Routing page in first routing table Figure 14 Information about active routes Status Router Monitoring Router Monitoring Tab prov...

Page 24: ...r portion of an IP address The GWR HS Router support sub netting You must specified subnet mask for your LAN TCP IP settings Primary Local DNS IP address of your primary local DNS server Secondary loc...

Page 25: ...ld specifies the first of the contiguous addresses in the IP address pool IP Ending Address To This field specifies last of the contiguous addresses in the IP address pool Lease Duration This field sp...

Page 26: ...User Manual Geneko GWR High Speed Router Series 26 Figure 17 DHCP Server configuration page...

Page 27: ...pecifies Username for client authentication at GSM UMTS network Mobile provider will assign you specific username for each SIM card Password This field specifies Password for client authentication at...

Page 28: ...alive option Advanced ping interval This field specifies the time interval of advanced ping proofing Advanced ping wait for a response This field specifies the timeout for advanced ping proofing Maxim...

Page 29: ...onnection Status line show real time status connected disconnected If your SIM Card credit is too low the GWR HS Router will performed periodically connect disconnect actions WAN Settings advanced Lab...

Page 30: ...is option should only be required if the peer is buggy and gets confused by requests from pppd for CCP negotiation Magic Number negotiation Disable magic number negotiation With this option pppd canno...

Page 31: ...in Station mode where router is connected as wireless client to other router In following figure are represented wireless settings Figure 19 Wireless configuration page Each field is described in the...

Page 32: ...is always in 802 11 power save mode Auto restores control of Power Save mode to the factory default Beacon Interval This is the time interval between beacon transmissions DTIM This value determines t...

Page 33: ...t route Port translation Reroute TCP and UPD packets to desired destination inside the network Routing Settings Label Description Routing Table Enable This check box allows you to activate deactivate...

Page 34: ...N interface is done on PPP and in reverse direction on br0 interface Destination IP This field specifies IP address of the incoming traffic Destination Netmask This field specifies netmask for the pre...

Page 35: ...as the possible routes change Routing Information Protocol RIP The Routing Information Protocol RIP is a dynamic routing protocol used in local and wide area networks As such it is classified as an in...

Page 36: ...nter in global configuration mode telnet 192 168 1 1 2602 telnet to eth0 at TCP port 2602 To enable RIP use the following commands beginning in global configuration mode router router rip To associate...

Page 37: ...timer router timers basic UPDATE INTERVAL INVALID TIMEOUT GARBAGE COLLECT router no timers basic Configure interface for RIP protocol router interface greX router ip rip send version VERSION router i...

Page 38: ...routers for virtual router with this ID in the network Priority Routers have a priority of between 1 255 and the router with the highest priority will become the master Password Enter authentication...

Page 39: ...use PPTP which uses GRE Solution where you can use GRE protocol You need to encrypt multicast traffic GRE tunnels can carry multicast packets just like real network interfaces as opposed to using IPSe...

Page 40: ...rify the integrity of the tunnel from end to end By default GRE tunnel keepalives are disabled Use the keepalive check box to enable this feature Keepalives do not have to be configured on both ends o...

Page 41: ...bled or disabled After clicking on Start button only enabled tunnels will be started Status Field indicates status of the IPSec tunnel Click on Refresh button to see current status of defined IPSec tu...

Page 42: ...Restart button Stop This button will stop all IPSec started negotiations Refresh Click on this button to refresh the Status field in the Summary table Table 12 IPSec Summary To create a tunnel click...

Page 43: ...ostname behind the Router at the other end that can use this IPSec tunnel Select the type you want to use IP Only or hostname NOTE The Remote Security Group Type you select should match the Local Secu...

Page 44: ...t Phase 2 Authentication method cannot be NULL and vice versa Phase 2 Authentication Select a method of authentication NULL MD5 or SHA1 The authentication method determines how the ESP packets are val...

Page 45: ...ault interval is 20 seconds NAT Traversal Both the IPSec initiator and responder must support the mechanism for detecting the NAT router in the path and changing to a new port as defined in RFC 3947 N...

Page 46: ...SSLv3 TLSv1 protocol and contains many security and control features The server and client have almost the same configuration The difference in the client configuration is the remote endpoint IP or ho...

Page 47: ...advantages of being fast very secure and allowing key sizes of up to 448 bits Blowfish is designed to be used in situations where keys are changed infrequently OpenVPN supports the CBC cipher mode Ha...

Page 48: ...local private key DH Group Choose the DH Group from the following 786 bits 1024 bits 1536 bits 2048 bits Remote Host or IP Address Specify server IP address or hostname Redirect Gateway This option a...

Page 49: ...User Manual Geneko GWR High Speed Router Series 49 Figure 28 OpenVPN configuration page Figure 29 OpenVPN network topology...

Page 50: ...PTP server Remote network After the tunnel is established route to this network will be added Remote netmask Netmask of remote subnet to route Domain Some PPTP servers require domain name for authenti...

Page 51: ...sion id and its parent tunnel s tunnel id A tunnel must be created before a session can be created in the tunnel Figure 31 L2TP configuration page VPN Settings L2TP Tunneling Parameters Label Descript...

Page 52: ...ch the session ID value being used at the peer Peer Cookie Optional peer cookie value is assigned to the session This is a 4 or 8 byte value specified as 8 or 16 hex digits e g 014d3636deadbeef The va...

Page 53: ...orts and Custom option for user defined services Protocol Type of protocol TCP UDP UDPLITE AH SCTP ESP ICMP Custom Port Number of port Four options are available FULL UNDEF all port numbers RANGE for...

Page 54: ...is number the default is 5 Action Back Click Back to return on firewall home page Reload Click Reload to discard any changes and reload previous settings Save Click Save to save your changes back to t...

Page 55: ...changes back to the GWR HS router Table 18 MAC filtering parameters Figure 33 MAC filtering configuration page DMZ Host Demilitarized Zone DMZ allows one IP Address to be exposed to the Internet Becau...

Page 56: ...rvice The type of service that you are using try one of no ip dhs pgpow dyndns dyndns static dyndns custom ods easydns dyns justlinux and zoneedit Custom Server IP The server IP to connect to Custom S...

Page 57: ...nt of time to wait on I O network problem Period Time between update retry attempts default value is 1800 Reload Click Reload to discard any changes and reload previous settings Save Click Save to sav...

Page 58: ...meters Serial Port over TCP UDP Settings Label Description Bits per second The unit and attached serial device such as a modem must agree on a speed or baud rate to use for the serial connection Valid...

Page 59: ...ty port is closed default is 1 hour Check TCP connection Enable connection checking Kepalive idle time Set keepalive idle time in seconds Kepalive interval Set time period between checking Log level S...

Page 60: ...stop bits are 1 and 2 The default is 1 Flow control Flow control manages data flow between devices in a network to ensure it is processed efficiently Too much data arriving before a device is prepared...

Page 61: ...User Manual Geneko GWR High Speed Router Series 61 Figure 38 Modbus gateway configuration page...

Page 62: ...After the command is executed router sends one of the following status reports to the user CONNECTING CONNECTED WAN_IP WAN IP address or the router DISCONNECTING DISCONNECTED 5 In order to establish...

Page 63: ...nd SMS SMS Gateway is used for sending SMS with GET query Command format is following 192 168 1 1 cgi send_exec lua group sms phone 2B38164112233 message hello world auth YWRtaW46YWRtaW4 Field marked...

Page 64: ...HS Router Only for information purpose Location This field specifies location of the GWR HS Router Only for information purpose Save Click Save button to save your changes back to the GWR HS Router R...

Page 65: ...cters and cannot contain any space Confirm Password Re enter the new password to confirm it EnableRADIUS Authentication Activation or deactivation of function for authentication via remote RADIUS serv...

Page 66: ...work Time Protocol NTP automatically Time Date This field species Date and Time information You can change date and time by changing parameters Sync Clock With Client Date and time setting on the basi...

Page 67: ...on If you need to download the latest version of the GWR HS Router firmware please visit Geneko support site Follow the on screen instructions to access the download page for the GWR HS Router If you...

Page 68: ...on on the router Import Configuration File To import a configuration file first specify where your backup configuration file is located Click Browse and then select the appropriate configuration file...

Page 69: ...red Click Default Setting to have the GWR HS Router with default parameters Keep network settings check box allows user to keep all network settings after factory default reset System will be reset af...

Page 70: ...screen to configure CLI parameters Figure 50 Command Line Interface Figure 50 Command Line Interface Command Line Interface Label Description CLI Settings CLI service on serial port This option is con...

Page 71: ...routers More information about this utility can be found in other document Remote_Management pdf In order to use this utility user has to enable Remote Management on the router Figure 51 Figure 51 Re...

Page 72: ...some basic functions of the router Connection Manager is enabled by default on the router and if you do not want to use it you can simply disable it Figure 52 Figure 52 Connection Manager Getting sta...

Page 73: ...er Connection Wizard inspects the network whole broadcast domain you ll see a list of routers present in the network with following information Serial number Model Ethernet IP Firmware version Pingabl...

Page 74: ...ction When you select one of the routers from the list and click Next you will get to the following screen Figure 55 Connection Wizard LAN Settings If you selected to configure LAN and WAN interface c...

Page 75: ...d WAN Settings After entering the configuration parameters if you mark option Establish connection router will start with connection establishment immediately when you press Finish button If not you h...

Page 76: ...SNMP configuration page SNMP Settings Label Description Enable SNMP SNMP is enabled by default To disable the SNMP agent click this option to unmark Get Community Create the name for a group or commu...

Page 77: ...tral repository Figure 58 Syslog configuration page The GWR HS Router supports this protocol and can send its activity logs to an external server Syslog Settings Label Description Disable Mark this op...

Page 78: ...be stored You can store System Ipsec events or both of them Enable syslog saver Save logs periodically on filesystem Save log every Set time duration between two saves Reload Click Reload to discard a...

Page 79: ...he changes Use SIM card with a dynamic static IP address obtained from Mobile Operator Note the default gateway may show or change to an address such as 10 0 0 1 this is normal as it is the GSM UMTS p...

Page 80: ...or GSM UMTS networks GWR HS Router connections may require a Custom APN A Custom APN allows for various IP addressing options particularly static IP addresses which are needed for most VPN connections...

Page 81: ...u if you want to use host name as peer identifier KeepAlive enable no Period none Retries none Press ADD to put GRE tunnel rule into GRE table Press Save to accept the changes Figure 62 GRE configurat...

Page 82: ...ab If disconnected please click Connect button Click VPN Settings GRE to configure GRE tunnel parameters Enable yes Local Tunnel Address 10 10 10 2 Local Tunnel Netmask 255 255 255 252 Unchangeable al...

Page 83: ...ies 83 Figure 66 Routing configuration page for GWR HS Router 2 Optionally configure IP Filtering and TCP service port settings to block any unwanted incoming traffic On the device connected on GWR HS...

Page 84: ...s it appears that it has two paths to the remote physical interface and the tunnel interface running through the tunnel This tunnel could then transmit unroutable traffic such as NetBIOS or AppleTalk...

Page 85: ...rce FastEthernet0 0 tunnel destination 172 29 8 5 ip route 10 1 1 0 255 255 255 0 tunnel0 The GWR HS Router Sample Configuration Click Network Tab to open the LAN NETWORK screen Use this screen to con...

Page 86: ...ress Save to accept the changes Figure 69 GRE configuration page Configure GRE Route Click Routing on Settings Tab Parameters for this example are Destination Network 10 2 2 0 Netmask 255 255 255 0 Fi...

Page 87: ...el destination address Dynamic IP WAN address must be mapped to hostname with DynDNS service for synchronization with DynDNS server SIM card must have internet access GSM UMTS APN Type For GSM UMTS ne...

Page 88: ...N Settings Tab to configure parameters necessary for GSM UMTS connection All parameters necessary for connection configuration should be required from mobile operator Check the status of GSM UMTS conn...

Page 89: ...2 Authentication MD5 Phase 2 SA Life Time 3600 Preshared Key 1234567890 Failover Enable Tunnel Failover false Advanced Compress Support IP Payload Compression Protocol IPComp false Dead Peer Detection...

Page 90: ...onnection mode Wait is selected that indicates side of IPSec tunnel which listens and responses to IPSec establishing requests from Connect side Figure 76 IPSec start stop page for GWR HS Router 1 Cli...

Page 91: ...eway Type SIM card Local ID Type IP Address IP Address From SIM 1 WAN connection is established over SIM 1 Local Security Group Type IP IP Address 192 168 10 1 Remote Group Setup Remote Security Gatew...

Page 92: ...s 92 Figure 78 IPSEC configuration page I for GWR HS Router 2 Figure 79 IPSec configuration page II for GWR HS Router 2 NOTE Options NAT Traversal and Send Initial Contact are predefined Figure 80 IPS...

Page 93: ...indicates side of IPSec tunnel which sends requests for establishing of the IPSec tunnel If connection mode Wait is selected that indicates side of IPSec tunnel which listens and responses to IPSec e...

Page 94: ...configuration should be required from mobile operator Check the status of GSM UMTS connection WAN Settings Tab If disconnected please click Connect button Click VPN Settings IPSEC to configure IPSEC...

Page 95: ...Address Remote Security Group Type IP IP Address 192 168 10 1 Failover Eanble IKE failover false Enable Tunnel Failover false Advanced Compress Support IP Payload Compression Protocol IPComp false Dea...

Page 96: ...IPSec tunnel If connection mode Connect is selected that indicates side of IPSec tunnel which sends requests for establishing of the IPSec tunnel If connection mode Wait is selected that indicates si...

Page 97: ...disconnected please click Connect button Click VPN Settings IPSEC to configure IPSEC tunnel parameters Click Add New Tunnel button to create new IPSec tunnel Tunnel parameters are Add New Tunnel Tunn...

Page 98: ...false Advanced Compress Support IP Payload Compression Protocol IPComp false Dead Peer Detection DPD false NAT Traversal true Send Initial Contact true Press Save to accept the changes Figure 88 IPSEC...

Page 99: ...side of IPSec tunnel which sends requests for establishing of the IPSec tunnel If connection mode Wait is selected that indicates side of IPSec tunnel which listens and responses to IPSec establishin...

Page 100: ...WAN address must be mapped to hostname with DynDNS service for synchronization with DynDNS server SIM card must have internet access GSM UMTS APN Type For GSM UMTS networks GWR HS Router connections m...

Page 101: ...M 1 WAN connection is established over SIM 1 Local Security Group Type Subnet IP Address 192 168 10 0 Subnet Mask 255 255 255 0 Remote Group Setup Remote Security Gateway Type IP Only IP Address 150 1...

Page 102: ...User Manual Geneko GWR High Speed Router Series 102 Figure 94 IPSEC configuration page I for GWR HS Router Figure 95 IPSec configuration page II for GWR HS Router...

Page 103: ...rvice timestamps debug datetime msec service timestamps log datetime msec no service password encryption hostname Cisco Router boot start marker boot end marker username admin password 7 enable secret...

Page 104: ...1 255 255 255 0 ip nat inside no ip route cache no ip mroute cache duplex auto speed auto ip route 0 0 0 0 0 0 0 0 150 160 170 2 ip http server no ip http secure server ip nat inside source list nat_l...

Page 105: ...uter Idea is to create IPSec tunnel for LAN to LAN site to site connectivity Figure 98 IPSec tunnel between GWR HS Router and Cisco Router The GWR HS Routers requirements Static IP WAN address for tun...

Page 106: ...ying Mode IKE with Preshared key Mode aggressive Phase 1 DH group Group 2 Phase 1 Encryption 3DES Phase 1 Authentication SHA1 Phase 1 SA Life Time 28800 Perfect Forward Secrecy true Phase 2 DH group G...

Page 107: ...Geneko GWR High Speed Router Series 107 Figure 100 IPSEC configuration page I for GWR HS Router Figure 101 IPSec configuration page II for GWR HS Router Figure 102 IPSec configuration page III for GW...

Page 108: ...Protocol Security page to initiate IPSEC tunnel Click Start button and after that Connect button on Internet Protocol Security page to initiate IPSEC tunnel Figure 103 IPSec start stop page for GWR HS...

Page 109: ...figuration Step1 Create New Tunnel Interface Click Interfaces on Network Tab Figure 104 Network Interfaces list Bind New tunnel interface to Untrust interface outside int with public IP addresss Use u...

Page 110: ...way Click New button Enter gateway parameters Gateway name TestGWR HS Security level Custom Remote Gateway type Dynamic IP address because your GWR HS router are hidden behind Mobile operator router s...

Page 111: ...aversal enabled Click Return and OK Figure 108 Gateway advanced parameters Step 3 Create AutoKey IKE Click VPNs in main menu Click AutoKey IKE Click New button Figure 109 AutoKey IKE AutoKey IKE param...

Page 112: ...ecurity level User defined custom Phase 2 proposal pre g2 3des sha Bind to Tunnel interface tunnel 3 from step 1 Proxy ID Enabled LocalIP netmask 10 10 10 0 24 RemoteIP netmask 192 168 10 0 24 Click R...

Page 113: ...0 24 Gateway tunnel 3 tunnel interface from step 1 Click OK Figure 112 Routing parameters Step 5 Policies Click Policies in main menu Click New button from Untrust to trust zone Source Address 192 16...

Page 114: ...peed Router Series 114 Click Policies in main menu Click New button from trust to untrust zone Source Address 10 10 10 0 24 Destination Address 192 168 10 0 24 Services Any Click OK Figure 114 Policie...

Page 115: ...t configuration is the remote endpoint IP or hostname field Also the client can set up the keepalive settings For successful tunnel creation a static key must be generated on one side and the same key...

Page 116: ...ation file directory Configuration file and pre shared key must be in same directory d If you have more remote locations every location has to have its own configuration file with different remote int...

Page 117: ...OpenVPN interface which is in this case 2 2 2 2 Enter following command in the command prompt route p add 192 168 11 0 mask 255 255 255 0 2 2 2 2 first remote location route p add 192 168 12 0 mask 2...

Page 118: ...PN status on PC On the GWR HS side status of the OpenVPN tunnel should be established Figure 121 OpenVPN status on GWR HS Portforwarding example Portforwarding feature enables access to workstations b...

Page 119: ...from port range 300 400 is forwarded to workstation 192 168 1 4 to port 12345 4 WEB traffic from the workstation 192 168 1 5 is forwarded to one outside IP address 212 62 49 109 for example If Source...

Page 120: ...ort application on central side As application is in server mode IP address of the workstation has to be accessible from the router In this example that is IP address GWR HS routers supports both serv...

Page 121: ...CP UDP Settings Protocol TCP Mode client Server IP address 96 34 56 2 IP address of server Connect to TCP port 1234 Type of socket raw Enable local echo Disabled Enable timeout 3600 sec Keepalive Sett...

Page 122: ...only should be enabled Figure 127 Virtual COM port application In Virtual Serial Port tab settings should be following Figure 128 Settings for virtual COM port IP address not used in server mode Port...

Page 123: ...rface 2 Allow already established traffic For inbound TCP only Allows TCP traffic to pass if the packet is a response to an outbound initiated session 3 Allow TELNET on ppp_0 Accepts telnet connection...

Page 124: ...nder firewall rules In the picture presented with green are marked permitted packets and with red blocked Figure 129 Firewall example Firewall is enabled in SETTINGS FIREWALL page Page for firewall co...

Page 125: ...be changed from ACCEPT to REJECT ICMP error message type can be selected when policy reject is selected After that SAVE button should be pressed and user is returned to main configuration page 2 ICMP...

Page 126: ...firewall rule configuration shown above IP address stated in Source address field is excluded from REJECT policy but in order to allow ping from that IP address it has to be matched with another rule...

Page 127: ...DD NEW RULE button Policy should be configured in following way Rule name Allow SSH Enable selected Chain INPUT Service Custom Protocol TCP Port Custom 22 Input interface ppp_0 Source address Range 21...

Page 128: ...uration page Priority of rule is changed by selecting number in drop down menu In this example number 8 is selected 8 Access from LAN to router is allowed This is first rule in predefined firewall set...

Page 129: ...selected and user is returned to main configuration page Priority of rule is changed by selecting number in drop down menu In this example number 9 is selected Additionally to these 11 rules two more...

Page 130: ...anual Geneko GWR High Speed Router Series 130 Figure 137 Complete firewall configuration SMS management example GWR HS routers can be managed over the SMS messages Commands from the SMS are executed o...

Page 131: ...is one of four possible states CONNECTING CONNECTED WAN_IP WAN IP address DISCONNECTING DISCONNECTED 5 SWITCH SIM for changing SIM slot 6 REBOOT for router reboot After every SMS sent to the router r...

Page 132: ...on switch SIM SIM2 Ping target 212 62 32 1 Ping interval 120 Advanced ping interval 10 Advanced ping wait for response 5 Maximum number of failed packets 40 more restrictive condition compared to SIM1...

Page 133: ...HS Router outside the building and run an RJ 45 Ethernet cable to your switch located in the building Keep antenna cable away from interferers AC wiring Antenna Options Once optimum placement is achi...

Search results

Summary of Contents for GWR High Speed Router Series

Reviews:

Related manuals for GWR High Speed Router Series

Brands by name

Popular brands

Geneko GWR High Speed Router Series, User Manual

Search results

Summary of Contents for GWR High Speed Router Series

Reviews:

Related manuals for GWR High Speed Router Series

Brands by name

Popular brands