Home
/
M2M
/
PrestoAdvanced AD101
/
User Manual

M2M PrestoAdvanced AD101, User Manual

Share

Page: 36 / 73

M2M PrestoAdvanced AD101 User Manual Download Page 36

USER MANUAL

PrestoAdvancedAD101_AD301_UG_000_UK

Descriptions and non-contractual illustrations in this document are given as an indication only.

M2M Design reserves the right to make any modification

36

OpenVPN

OpenVPN site to site allows connecting two remote networks via point-to-point encrypted tunnel.

OpenVPN implementation offers a cost-effective simply configurable alternative to other VPN technologies.
OpenVPN  allows  peers  to  authenticate  each  other  using  a  pre-shared  secret  key,  certificates,  or
username/password.  When  used  in  a  multiclient-server  configuration,  it  allows  the  server  to  release  an
authentication  certificate  for  every  client,  using  signature  and  Certificate  authority.  It  uses  the  OpenSSL
encryption library extensively, as well as the SSLv3/TLSv1 protocol, and contains many security and control
features. The server and client have almost the same configuration. The difference in the client configuration
is the remote endpoint IP or hostname field. Also the client can set up the keepalive settings. For successful
tunnel  creation  a  static  key  must  be  generated  on  one  side  and  the  same  key  must  be  uploaded  on  the
opposite side.

OpenVPN

Label

Description

IP Filtering

Tunnel Number

Automatically assigned number of the tunnel.

Tunnel Name

This field specifies tunnel name.

Enable

Check this setting in order to enable OpenVPN tunnel.

Allow access from the following devices

Interface Type

There are two modes of OpenVPN tunnel, routed and bridged mode.
For

routed mode select option TUN, and for bridged TAP

Authenticate Mode

Choose one of the following options:
- none (Select this option if you do not want to use any kind of authentication)
- pre-shared secret (Select this option if you want to use PSK as a authentication
method)
- username/password (Select this option if you want to use
username/password along with CA Certificate as a authentication method)
- X.509 cert. (client) (Select this option if you want to use X.509 certificates as a
authentication method in client mode)
- X.509 cert. (server) (Select this option if you want to use X.509 certificates as a
authentication method in server mode)

NOTE

: Depending on the options selected in the previous steps, some of the following options will be

available for configuration.

Protocol

Selection between TCP in server or client mode and UDP protocol in connect or
wait mode.

TCP/UDP port

Depending on the selected protocol, port number should be specified.

LZO Compression

Check the box to enable fast adaptive LZO compression.

NAT Rules

Enables NAT through the tunnel.

Keep Alive

Check the box if you want to use keepalive.

Ping Interval

This field specifies the target IP address for periodical traffic generated using
ping in order to maintain the connection active.

Ping Timeout

This field specifies ping interval for keepalive option.

Pre-shared Secret

Generate or Paste the Pre-shared Secret. You have an additional option to
Export the PSK.

«
...
34
35
36
37
38
...
»

Summary of Contents for PrestoAdvanced AD101

Page 1: ...in this document are given as an indication only M2M Design reserves the right to make any modification 1 PRESTO Advanced AD101 AD301 Reference PrestoAdvancedAD101_AD301_UG_000_UK Revision 000 Date 2...

Page 2: ...22 Port translation 24 Settings Dynamic Routing Protocol 24 Routing Information Protocol RIP 24 RIP routing engine for the PRESTO Advanced Router 26 Settings VPN Settings 28 Generic Routing Encapsulat...

Page 3: ...GRE Tunnel configuration between two PRESTO Advanced Routers 60 GRE Tunnel configuration between PRESTO Advanced Router and third party router 63 IPSec Tunnel configuration between two PRESTO Advanced...

Page 4: ...DNS settings 40 Figure 19 Serial Port Settings initial menu 41 Figure 20 Serial Port configuration page 43 Figure 21 Modbus gateway configuration page 46 Figure 22 SMS remote control configuration 47...

Page 5: ...Settings 22 Table 7 Routing parameters 24 Table 8 RIP parameters 26 Table 9 GRE parameters 29 Table 10 IPSec Summary 31 Table 11 IPSec Parameters 35 Table 12 OpenVPN parameters 37 Table 13 IP filterin...

Page 6: ...r already existing network PRESTO Advanced router series represents a top rated solution There are practically no limits when it comes to possible application of PRESTO Advanced routers Wired infrastr...

Page 7: ...l or half duplex Other interfaces 1 x UART RS 232C 1 x USB Host RF characteristics AD101 GPRS Tri band 900 1800 1900 MHz GPRS multi slot class 10 mobile station class B GPRS DL 85 6Kbps UL 42 8Kbps AD...

Page 8: ...ame service allowing to link dynamic IP addresses to static hostname To start using this feature firstly you should register to DDNS service provider Firewall NAT PAT IP filtering IP address Network f...

Page 9: ...c router functionalities by SMS Remote management and monitoring software Additional software for management and control of large number of remote PRESTO Advanced routers Detailed system log Advanced...

Page 10: ...utton can be used for a warm reset or a reset to factory defaults Warm reset If the PRESTO Advanced Router is having problem connecting to the Internet press and hold the reset button for a second usi...

Page 11: ...e 4 Signal strength LED indicator 107 or less dBm Unacceptable 1 LED 107 to 98 dBm Weak 2 LED 98 to 87 dBm Moderate 3 LED 87 to 76 dBm Good 4 LED 76 or better dBm Excellent 5 LED 0 is not known or not...

Page 12: ...mes to router setup and monitoring Another document deals with CLI commands and instructions Device configuration using web application The PRESTO Advanced Router s web based utility allows you to set...

Page 13: ...lid error message will be displayed To discard changes press the Reload button By clicking Reload previous settings will be loaded in the form Status Information The PRESTO Advanced Router s Status me...

Page 14: ...information about Ethernet port and Ethernet traffic statistics Screenshot of Network Router information is shown in Figure 6 Status WAN Information WAN Information Tab provides information about GPR...

Page 15: ...101_AD301_UG_000_UK Descriptions and non contractual illustrations in this document are given as an indication only M2M Design reserves the right to make any modification 15 Figure 6 Network Informati...

Page 16: ...PRESTO Advanced Router in dotted decimal notation 192 168 1 1 is the factory default IP address Subnet Mask The subnet mask specifies the network number portion of an IP address The PRESTO Advanced Ro...

Page 17: ...else the computers must be manually configured IP Starting Address From This field specifies the first of the contiguous addresses in the IP address pool IP Ending Address To This field specifies last...

Page 18: ...ancedAD101_AD301_UG_000_UK Descriptions and non contractual illustrations in this document are given as an indication only M2M Design reserves the right to make any modification 18 Figure 9 DHCP Serve...

Page 19: ...own list PAP CHAP PAP CHAP Username This field specifies Username for client authentication at GSM UMTS network Mobile provider will assign you specific username for each SIM card Password This field...

Page 20: ...iled packets is exceeded If Switch SIM option is selected router will try to establish the connection using the other SIM card after the maximum number of failed packets is exceeded If Current SIM opt...

Page 21: ...CHAP challenge transmissions Set the maximum number of CHAP challenge transmissions to n default 10 CHAP restart interval sec Set the CHAP restart interval retransmission timeout for challenges to n...

Page 22: ...P password in log When logging the contents of PAP packets this option causes pppd to show the password string in the log message Time to wait before re initiating the link sec Specifies how many seco...

Page 23: ...nation inside the network Routing Settings Label Description Routing Table Enable This check box allows you to activate deactivate this static route Dest Network This parameter specifies the IP networ...

Page 24: ...outer Remove Click Remove to delete selected item from table Reload Click Reload to discard any changes and reload previous settings Save Click Save to save your changes back to the PRESTO Advanced Ro...

Page 25: ...000_UK Descriptions and non contractual illustrations in this document are given as an indication only M2M Design reserves the right to make any modification 25 PRESTO Advanced Router RIP parameters F...

Page 26: ...er Reload Click Reload to discard any changes and reload previous settings Table 8 RIP parameters RIP routing engine for the PRESTO Advanced Router Use telnet to enter in global configuration mode tel...

Page 27: ...ngth of time before a route becomes invalid an other parameters You can adjust these timer to tune routing protocol performance to better suit your internetwork needs Use following command to setup RI...

Page 28: ...t tunneling protocol PPTP actually uses GRE to create VPN tunnels For example if you configure Microsoft VPN tunnels by default you use PPTP which uses GRE Solution where you can use GRE protocol You...

Page 29: ...ers Figure 13 PRESTO Advanced tunnel parameters configuration page GRE Keepalive GRE tunnels can use periodic status messages known as keepalives to verify the integrity of the tunnel from end to end...

Page 30: ...tunnels being defined Maximum number of tunnels This is the maximum number of tunnels which can be defined No This filed indicates the number of the IPSec tunnel Name Field shows the Tunnel Name that...

Page 31: ...is button to add a new Device to Device IPSec tunnel After you have added the tunnel you will see it listed in the Summary table Start This button starts the IPSec negotiations between all defined and...

Page 32: ...he right to make any modification 32 Figure 15 IPSec Settings VPN Settings IPSec Settings Label Description Tunnel Number This number will be generated automatically and it represents the tunnel numbe...

Page 33: ...use it is more secure Make sure both ends of the IPSec tunnel use the same authentication method Phase 1 SA Life Time Configure the length of time IPSec tunnel is active in Phase 1 The default value i...

Page 34: ...tunnel Select the type you want to use IP or Subnet NOTE The Local Security Group Type you select should match the Remote Security Group Type selected on the IPSec device at the other end of the tunne...

Page 35: ...the connection can be re established Specify the interval between HELLO ACK messages how often you want the messages to be sent The default interval is 20 seconds NAT Traversal Both the IPSec initiat...

Page 36: ...tunnel Allow access from the following devices Interface Type There are two modes of OpenVPN tunnel routed and bridged mode For routed mode select option TUN and for bridged TAP Authenticate Mode Choo...

Page 37: ...Certificate Specify the local certificate Local Private Key Specify the local private key DH Group Choose the DH Group from the following 786 bits 1024 bits 1536 bits 2048 bits Remote Host or IP Addr...

Page 38: ...se some applications require multiple TCP IP ports to be open DMZ provides this function by forwarding all the ports to one computer at the same time In the other words this setting allows one local u...

Page 39: ...RESTO Advanced Router Protocol This field specifies protocol of the host allow access to the PRESTO Advanced Router Port This field specifies port of the host allow access to the PRESTO Advanced Route...

Page 40: ...n setup DynDNS parameters is shown in Figure 25 Figure 18 DynDNS settings DynDNS Label Description Enable DynDNS Cilent Enable DynDNS Client Service The type of service that you are using try one of d...

Page 41: ...figuration Figure 19 Serial Port Settings initial menu Serial port over TCP UDP settings The PRESTO Advanced Router provides a way for a user to connect from a network connection to a serial port It p...

Page 42: ...nect to TCP UDP port Number of the TCP UDP port to accept connections from this device Only on client side Type of socket Either raw or telnet Raw enables the port and transfers all data like between...

Page 43: ...ancedAD101_AD301_UG_000_UK Descriptions and non contractual illustrations in this document are given as an indication only M2M Design reserves the right to make any modification 43 Figure 20 Serial Po...

Page 44: ...one is the default Stop bits The stop bit follows the data and parity bits in serial communication It indicates the end of transmission The default is 1 Flow control Flow control manages data flow bet...

Page 45: ...munication It indicates the end of transmission Valid stop bits are 1 and 2 The default is 1 Flow control Flow control manages data flow between devices in a network to ensure it is processed efficien...

Page 46: ...cution of the command 2 In order to disconnect the router from PPP user should send SMS containing following string PPP DISCONNECT After the command is executed router sends a confirmation SMS with OK...

Page 47: ...e user must enable the SMS remote control and specify the list of SIM card numbers that will be used for SMS remote control The SIM card number should be entered in the following format Country Code M...

Page 48: ...Advanced Router Description This field specifies description of the PRESTO Advanced Router Only for information purpose Location This field specifies location of the PRESTO Advanced Router Only for in...

Page 49: ...ord Enter the old password The default is admin when you first power up the PRESTO Advanced Router New Password Enter a new password for PRESTO Advanced Router Your password must have 20 or fewer char...

Page 50: ...ically Time Date This field species Date and Time information You can change date and time by changing parameters Sync Clock With Client Date and time setting on the basis of PC calendar Time Protocol...

Page 51: ...e this feature to upgrade the PRESTO Advanced Router firmware to the latest version If you need to download the latest version of the PRESTO Advanced Router firmware please visit our support site Foll...

Page 52: ...list of available options is presented on the image 35 To use the backup file you need to import the configuration file that you previously exported Figure 28 Export Import the configuration on the r...

Page 53: ...information and restore the PRESTO Advanced Router to its factory default settings Only use this feature if you wish to discard all the settings and preferences that you have configured Click Default...

Page 54: ...s screen Use this screen to configure CLI parameters Figure 32 Command Line Interface Label Description CLI Settings Enable Enable or disable CLI CLI on Telnet SSH Serial View Mode Username Login name...

Page 55: ...d Sarian protocol Bind to Specify the interface TCP port Specify the TCP port Username Specify the username Password Specify the password Save Click Save to save your changes back to the PRESTO Advanc...

Page 56: ...II via any interface and supports a custom MIB for generating trap messages Figure 35 SNMP configuration page SNMP Settings Label Description Enable SNMP SNMP is enabled by default To disable the SNMP...

Page 57: ...used to integrate log data from many different types of systems into a central repository Figure 36 Syslog configuration page The PRESTO Advanced Router supports this protocol and can send its activi...

Page 58: ...Choose which events to be stored You can store System Ipsec events or both of them Enable syslog saver Save logs periodically on filesystem Save log every Set time duration between two saves Reload Cl...

Page 59: ...Configure IP address and Netmask IP address 10 1 1 1 Netmask 255 255 255 0 Press Save to accept the changes Use SIM card with a dynamic static IP address obtained from Mobile Operator Note the default...

Page 60: ...static WAN IP address Destination tunnel address should have static WAN IP address GSM UMTS APN Type For GSM UMTS networks PRESTO Advanced Router connections may require a Custom APN A Custom APN all...

Page 61: ...erface gre_x Optionally configure IP Filtering and TCP service port settings to block any unwanted incoming traffic On the device connected on PRESTO Advanced router 1 setup default gateway 192 168 4...

Page 62: ...none Press ADD to put GRE tunnel rule into GRE table Press Save to accept the changes Configure GRE Route Click Routing on Settings Tab Parameters for this example are Destination Network 192 168 4 0...

Page 63: ...This new tunnel interface is its own network To each of the routers it appears that it has two paths to the remote physical interface and the tunnel interface running through the tunnel This tunnel co...

Page 64: ...5 ip route 10 1 1 0 255 255 255 0 tunnel0 The PRESTO Advanced Router Sample Configuration Click Network Tab to open the LAN NETWORK screen Use this screen to configure LAN TCP IP settings Configure IP...

Page 65: ...in this document are given as an indication only M2M Design reserves the right to make any modification 65 Netmask 255 255 255 0 Optionally configure IP Filtering and TCP service port settings to bloc...

Page 66: ...d Router connections may require a Custom APN A custom APN allows for various IP addressing options particularly static IP addresses which are needed for most VPN connections A custom APN should also...

Page 67: ...anced Negotiation Mode Aggressive Compress Support IP Payload Compression Protocol IPComp false Dead Peer Detection DPD false NAT Traversal true Send Initial Contact true Click Start button on Interne...

Page 68: ...Type SIM card IP Address From SIM 1 WAN connection is established over SIM 1 Local ID Type IP Address Local Security Group Type IP IP Address 192 168 10 1 Remote Group Setup Remote Security Gateway T...

Page 69: ...ess GSM UMTS APN Type For GSM UMTS networks PRESTO Advanced Router connections may require a Custom APN A Custom APN allows for various IP addressing options particularly static IP addresses which are...

Page 70: ...From SIM 1 WAN connection is established over SIM 1 Local ID Type IP Address Local Security Group Type Subnet IP Address 192 168 10 0 Subnet Mask 255 255 255 0 Remote Group Setup Remote Security Gate...

Page 71: ...ey 1234567890 ISAKMP policy crypto isakmp policy 10 encr 3des authentication pre share group 2 lifetime 28800 Profile for LAN to LAN connection that references the wildcard pre shared key and a wildca...

Page 72: ...cess list 23 permit any line con 0 line aux 0 line vty 0 4 access class 23 in privilege level 15 login local transport input telnet ssh line vty 5 15 access class 23 in privilege level 15 login local...

Page 73: ...of a cellular connection Often times just moving the router closer to an exterior window or to another location within the facility can result in optimum reception Another way of increasing throughput...

Reviews:

No comments

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands