Home
/
Maxon
/
MULTIMAX MA 2040
/
User Manual

Maxon MULTIMAX MA 2040, User Manual

Share

Page: 47 / 99

Maxon MULTIMAX MA 2040 User Manual Download Page 47

46 MULTIMAX USER GUIDE

CA: Certification Authority.
XAUTH: Extended Authentication to AAA server.

Secrets

Enter the Pre-shared Key.

Null

Life Time @
IKE
Parameter

Set the lifetime in IKE negotiation.
Before an SA expires, IKE negotiates a new SA. As soon as the
new SA is set up, it takes effect immediately and the old one will
be cleared automatically when it expires.

86400

SA Algorithm

Select from “DES_MD5_96”, “DES_SHA1_96”, “3DES_MD5_96”,
“3DES_ SHA1_96”, “AES128_MD5_96”, “AES128_ SHA1_96”,
“AES192_MD5_96”, “AES192_ SHA1_96”, “AES256_MD5_96” and
“AES256_ SHA1_96” when you select “ESP” in “Protocol”;
Select from “AH_MD5_96” and “AH_ SHA1_96” when you select
“AH” in “Protocol”;
Note: Higher security means more complex implementation and
lower speed. DES is enough to meet general requirements. Use
3DES when high confidentiality and security are required.

3DES_MD5_96

PFS Group

Select from “PFS_NULL”, “MODP768_1”, “MODP1024_2” and
“MODP1536_5”.
PFS_NULL: Disable PFS Group
MODP768_1: Uses the 768-bit Diffie-Hellman group.
MODP1024_2: Uses the 1024-bit Diffie-Hellman group.
MODP1536_5: Uses the 1536-bit Diffie-Hellman group.

PFS_NULL

Life Time @
SA
Parameter

Set the IPsec SA lifetime.

Note: When negotiating to set up IPsec SAs, IKE uses the smaller
one between the lifetime set locally and the lifetime proposed by
the peer.

28800

DPD Time
Interval

Set the interval after which DPD is triggered if no IPsec protected
packets is received from the peer.
DPD: Dead peer detection. DPD irregularly detects dead IKE
peers. When the local end sends an IPsec packet, DPD checks
the time the last IPsec packet was received from the peer. If the
time exceeds the DPD interval, it sends a DPD hello to the peer. If
the local end receives no DPD acknowledgement within the DPD
packet retransmission interval, it retransmits the DPD hello. If the
local end still receives no DPD acknowledgement after having
made the maximum number of retransmission attempts, it
considers the peer already dead, and clears the IKE SA and the
IPsec SAs based on the IKE SA.

180

DPD Timeout Set the timeout of DPD packets.

60

VPN Over
IPsec Type

Select from “None”, “L2TP” and “GRE”.
L2TP Over IPsec: Encrypt theL2TP tunnels using IPsec.
GRE Over IPsec: Encrypt the GRE tunnels using IPsec.

None

«
...
45
46
47
48
49
...
»

Summary of Contents for MULTIMAX MA 2040

Page 1: ...Dual Port Dual SIM Industrial Cellular Router User Guide V1 01...

Page 2: ...5 PIN assignment for Router 18 2 6 Grounding the Router 19 2 7 Reset Button 19 Chapter 3 Configuration settings over web browser 20 3 1 Configuring PC in Windows 20 3 2 Factory Default Settings 22 3 3...

Page 3: ...slog 71 3 26 Configuration Phone Book 71 3 27 Administration Profile 72 3 28 Administration Tools 73 3 29 Administration User Management 75 3 30 Administration Clock 76 3 31 Administration Update Firm...

Page 4: ...ation to your applications All questions raised within this portal will be answered Important Notice Due to the nature of wireless communications transmission and reception of data can never be guaran...

Page 5: ...zing the use of GSM in vehicle in your country before installing the router n The driver or operator of any vehicle should not operate the route while in control of a vehicle n Install the router by q...

Page 6: ...ld impair call quality damage the device or result in violation of RF exposure regulations However there is no guarantee that interference will not occur in a particular installation If the equipment...

Page 7: ...hey include fuelling areas such as gas or petrol stations below deck on boats transfer or storage facilities for fuel or chemicals vehicles using liquefied petroleum gas such as propane or butane area...

Page 8: ...Control of Pollution caused by Electronic Information Products ACPEIP the EPUP i e Environmental Protection Use Period of this product is 20 years as per the symbol shown here unless otherwise marked...

Page 9: ...tween document versions are cumulative Therefore the latest document version contains all updates made to previous versions Release Date Firmware Version Details 2013 01 24 1 00 First Release 2013 03...

Page 10: ...32 one RS485 one console port two digital inputs two digital outputs one high speed USB host up to 480 Mbps n Six LED indicators provide status and signal strength RSSI n Wide range input voltages fro...

Page 11: ...k for power connector x 1 7 pin pluggable terminal block with lock for serial port I O and console port x 1 CD with user guide x 1 Note Please notify your sales representative if any of the above item...

Page 12: ...MULTIMAX USER GUIDE 11 Wall Mounting Kit 35mm Din Rail mounting kit AC DC Power Supply Adapter 12VDC 1 5A x 1 EU US UK AU plug optional...

Page 13: ...1 LAN 1 WAN n Magnet Isolation Protection 1 5KV Serial Interface n Number of Ports 1 x RS 232 1 x RS 485 n ESD Protection 15KV n Parameters 8E1 8O1 8N1 8N2 7E2 7O2 7N2 7E1 n Baud Rate 2000bps to 1152...

Page 14: ...ower Supply and Consumption n Power Supply Interface 5mm terminal block with lock n Input Voltage 9 to 60 VDC n Power Consumption Idle 100 mA 12 V Data Link 500 to 1000 mA peak 12 V Physical Character...

Page 15: ...onnection is established Off PPP connection is failed USR Green Indicating the VPN status On VPN tunnel is established Off No VPN tunnel RSSI Green Signal level 21 31 Perfect signal level Yellow Signa...

Page 16: ...AX USER GUIDE 15 2 2 Mounting the Router Use 2 pcs of M3 screw to mount the router on the wall Or to mount the router on a DIN rail you need three pcs of M3 screws 2 3 Install the SIM Card and Micro S...

Page 17: ...moving SIM Card or Micro SD Card 1 Make sure your charger is disconnected and then press and hold down the power key until the router is powered off 2 Press the card until you hear a cracking sound wh...

Page 18: ...ct the External Antenna SMA Type Connect this to an external antenna with SMA male connector Make sure the antenna is for the correct frequency as your GSM 3G 4G operator with impedance of 50ohm and a...

Page 19: ...e take care about the polarity and do not make reverse connection 1 2 3 4 5 6 7 PI N Deb ug RS23 2 Power Digital I O RS485 1 RXD 2 TXD 3 GND GN D 4 TXD 5 RXD 6 RTX 7 CTX 8 Positiv e 9 Negati ve 10 GND...

Page 20: ...connecting devices Note This product is intended to be mounted to a well grounded mounting surface such as a metal panel 2 7 Reset Button Function Operation Reboot Push the button for 5 seconds under...

Page 21: ...has an Ethernet interface properly installed prior to connecting the router You must configure your PC to obtain an IP address through a DHCP server or a fixed IP address that must be in the same subn...

Page 22: ...MULTIMAX USER GUIDE 21 3 In the LAN Area Connection Status window click Properties 4 Select Internet Protocol TCP IP and click Properties...

Page 23: ...lly radio buttons 6 Click OK to finish the configuration 3 2 Factory Default Settings Before configuring your router you need to know the following default settings Item Description Username admin Pas...

Page 24: ...dification taking effect Logout Click to return to the login page Language Select from English and Chinese Help Click to get some help from our website Refresh Click to refresh the status Apply Click...

Page 25: ...l Number Show the serial number of this device Device Name Show the device name to distinguish different devices you have installed Firmware Version Show the current firmware version Hardware Version...

Page 26: ...n set in Configuration Link Management Keeping PING Interval Show the ICMP Detection Interval s which you can set in Configuration Link Management Cellular Information Item Description Current SIM Sho...

Page 27: ...tor Show Mobile Country Code MCC Mobile Network Code MNC e g 46001 Also it will show the Location Area Code LAC and Cell ID Network Service Type Show the current network service type e g GPRS IMEI ESN...

Page 28: ...displays the router s Network status which include status of Eth0 WAN and LAN1 Note ETH0 WAN information will not be shown if you select Cellular Only in Configuration Link Management WAN Link 3 6 Sta...

Page 29: ...28 MULTIMAX USER GUIDE 3 7 Status VPN This section displays the router s VPN status which include IPsec L2TP PPTP and OpenVPN...

Page 30: ...link Eth0 as primary and if fail use cellular Select to make Eth0 as the primary WAN link and cellular as the secondary WAN link Cellular as primary and if fail use Eth0 Select to make cellular as th...

Page 31: ...SIM card and set the APN username and password automatically This option only works when the SIM card is from well known ISP Custom Users need to set the APN username and password manually Auto APN Ac...

Page 32: ...Max Retries counter will be set to 0 3 Inactivity Time You can configure this field after setting router under Connect On Demand mode This field specifies the idle time setting for GPRS 3G auto discon...

Page 33: ...itch back to preferred SIM card Null Monthly Data Traffic Limitation If the SIM card that the router worked with currently has reached the data traffic limitation you preset it will switch to the othe...

Page 34: ...c network type which the wireless module supports auto Band Mode Select from ALL or the specific band which the wireless module supports ALL Authenticatio n Select from Auto PAP and CHAP as the local...

Page 35: ...as default Enable Protocol Field Compression Used for PPP initialization In general you need to enable it as default Enable Expert Options You can enter some other PPP initialization strings in this f...

Page 36: ...rver Enable to make router can lease IP address to DHCP clients which connect to Eth0 Eth1 Enable IP Pool Start IP Pool End DHCP Server Define the beginning IP Pool Start and end IP Pool End of the po...

Page 37: ...DMZ parameters Port Forwarding Port Forwarding NAT DMZ Item Description Defa ult Port Forwarding Manually defining a rule in the router to send all data received on some range of ports on the internet...

Page 38: ...iption Defaul t DMZ DMZ host is a host on the internal network that has all ports exposed except those ports otherwise forwarded Null Enable DMZ Select to enable the DMZ function Enabl e DMZ Host Ente...

Page 39: ...which fit the filter list Drop Router will only accept the connecting requests from the hosts which fit the filter list Accept Add Filter List Click Add to add a filter list Null Action Select from Ac...

Page 40: ...he defined host s Mac Address Null IP Address Enter the defined host s IP Address Null 3 14 Configuration IP Routing This section allows users to set the IP routing parameters Static Route Static Rout...

Page 41: ...in the routing table 180 Garbage Defines the interval from when the metric of a route becomes 16 to when it is deleted from the routing table During the Garbage Collect timer length RIP advertises th...

Page 42: ...atic Redistributes routing information from static route entries into the RIP tables Disable Enable Redistribute OSPF Redistributes routing information from OSPF route entries into the RIP tables Disa...

Page 43: ...ress to use a domain name This is especially useful for hosting servers via your connection so that anyone wishing to connect to you may use your domain name rather than having to use your dynamic IP...

Page 44: ...MULTIMAX USER GUIDE 43...

Page 45: ...e Name the IPsec tunnel IPSEC_TUNNE L_1 IPsec Gateway Address Enter the address of remote side IPsec VPN server Null IPsec Mode Select from Tunnel and Transport Tunnel Commonly used between gateways o...

Page 46: ...name string with an at sign for the local security gateway e g test maxon com Default Negotiation Mode Select from Main and aggressive for the IKE negotiation mode in phase 1 If the IP address of one...

Page 47: ...4 bit Diffie Hellman group MODP1536_5 Uses the 1536 bit Diffie Hellman group PFS_NULL Life Time SA Parameter Set the IPsec SA lifetime Note When negotiating to set up IPsec SAs IKE uses the smaller on...

Page 48: ...MULTIMAX USER GUIDE 47 Enable Compress Tick to enable compressing the inner headers of IP packets Disable Please Add IPsec Tunnel Click Add to add IPsec Tunnel Null...

Page 49: ...from router to your PC Null Local Public Key Click Browse to select the correct Local Public Key file from your PC and then click Import to import it to the router Click Export you can export the Loc...

Page 50: ...ntication ways Pre shared Username Password X 509 cert and X 509 cert user None Local IP Define the local IP address of OpenVPN tunnel 10 8 0 2 Remote IP Define the remote IP address of OpenVPN tunnel...

Page 51: ...vironment 1500 Max Frame Size Set the Max Frame Size for transmission 1500 Verbose Level Select the log output level which from low to high ERR WARNING NOTICE and DEBUG The higher level will output mo...

Page 52: ...and TCP Client which depends on the application UDP Port Set the local listening port 1194 Interface Select from tun and tap which are two different kinds of device interface for OpenVPN The differen...

Page 53: ...S128 CBC Uses the AES algorithm in CBC mode and 128 bit key AES192 CBC Uses the AES algorithm in CBC mode and 192 bit key AES256 CBC Uses the AES algorithm in CBC mode and 256 bit key BF CBC MTU Maxim...

Page 54: ...then click Import to import it to the router Click Export you can export the Public Key A file from router to your PC Null Private Key Click Browse to select the correct Private Key file from your PC...

Page 55: ...Export you can export the Pre Share Static Key file from router to your PC Null 3 18 Configuration L2TP This section allows users to set the L2TP parameters Client L2TP Client L2TP Item Description De...

Page 56: ...n Used for PPP initialization In general you need to enable it as default Enable Asyncmap Value One of the L2TP initialization strings In general you don t need to modify this value ffffffff MRU Maxim...

Page 57: ...1 and MS CHAP v2 L2TP client need to select the same authentication method based on this server s authentication method CHAP Enable Tunnel Authentication Tick to enable tunnel authentication and enter...

Page 58: ...which is possible to transfer in a given environment 1436 Link Detection Interval Specify the interval between L2TP client and server To check the connectivity of a tunnel the client and server regula...

Page 59: ...ed by your PPTP server Null Authentication Select from Auto PAP CHAP MS CHAP v1 and MS CHAP v2 You need to select the corresponding authentication method based on the server s authentication method Wh...

Page 60: ...MTU Maximum Transmission Unit It is the identifier of the maximum size of packet which is possible to transfer in a given environment 1436 Link Detection Interval Specify the interval between PPTP cl...

Page 61: ...to select the same authentication method based on this server s authentication method CHAP Local IP Set the IP address of PPTP server 10 0 0 1 IP Pool Start Set the IP pool start IP address which wil...

Page 62: ...a given environment 1436 Link Detection Interval Specify the interval between PPTP client and server To check the connectivity of a tunnel the client and server regularly send PPP Echo to each other I...

Page 63: ...ing SNMP requests 161 Agent Mode Select the correct agent mode Master Version Select from SNMPv1 SNMPv2 and SNMPv3 SNMPv2 Location Info Enter the router s location info which will send to SNMP client...

Page 64: ...rite Readonly Network Define the network from which is allowed to access E g 172 16 0 0 Null Community Enter the community name Null MIBview Select from none system and all none 3 21 Configuration Ser...

Page 65: ...the Interval Timeout in the field Note Data will also be sent as specified by the packet length or delimiter settings even when data is not reaching the interval timeout in the field 10 Packet Length...

Page 66: ...slave router connects to slave device which works under Modbus RTU protocol Modbus ASC slave router connects to slave device which works under Modbus ASC protocol Modbus RTU master router connects to...

Page 67: ...fault Baudrate Select from 300 600 1200 2400 4800 9600 19200 38400 57600 115200 and 230400 115200 Data bit Select from 7 and 8 8 Parity Select from None Odd and Even None Stop bit Select from 1 and 2...

Page 68: ...t The Packet length setting refers to the maximum amount of data that is allowed to accumulate in the serial port buffer before sending 0 for packet length no maximum amount is specified and data in t...

Page 69: ...odbus RTU master router connects to master device which works under Modbus RTU protocol Modbus ASC master router connects to master device which works under Modbus ASC protocol Attached serial device...

Page 70: ...more backup routers when using a statically configured router on a local area network LAN Using VRRP a virtual IP address can be specified manually Disable Group ID Specify which VRRP group of this r...

Page 71: ...tings Tick to enable AT over IP to control cellular module via AT command remotely Disable Protocol Select from TCP server or UDP UDP Local IP You can enter the IP address of cellular WAN Ethernet WAN...

Page 72: ...l be cleared after reboot NONE Log Level Select form DEBUG INFO NOTICE WARNING ERR CRIT ALERT and EMERG which from low to high The lower level will output more syslog in detail DEBUG Keep Days Specify...

Page 73: ...figuration Import Click Browse to select the XML file in your computer then click Import to import this file into your router Export Click Export and the configuration will be showed in the new popup...

Page 74: ...tination IP address or domain name Null Number of requests Specify the number of requests 5 Timeout Specify timeout of ping request 1 Local IP Specify the local IP from cellular WAN Ethernet WAN or Et...

Page 75: ...d AT Commands Enter the AT commands which you need to send to cellular module in this box Null Send Click this button to send the AT commands Null Receive AT Commands Router will display the AT comman...

Page 76: ...ton to start Traceroute request and the log will be displayed in the follow box Null 3 29 Administration User Management This section allows users to modify or add management user accounts Super Super...

Page 77: ...ers only can view the configuration of router under this level Null Username Password Set Username and Password Null Add Click this button to add a new account Null 3 30 Administration Clock This sect...

Page 78: ...from NTP server 1 Enable NTP Server Click to enable the NTP server function of router Disable Timezone Server Select your local time zone UTC 08 00 3 31 Administration Update Firmware This section all...

Page 79: ...Cellular Dial up which are with two different policies Always Online and Connect on Demand Note This section will be hidden if user selects Eth0 Only in Configuration Link Management 4 1 1 Always Onl...

Page 80: ...ead of Auto in Network Provider Type and some relative settings should be filled in manually 4 1 2 Connect on Demand Configuration Link Management Cellular Only The modifications will take effect afte...

Page 81: ...d Note If you select multiple trigger policies the router will be triggered under anyone of them 4 2 NAT This section shows users how to set the NAT configuration of router Parameter Remote IP defines...

Page 82: ...nations for above diagram If there are two IP addresses 58 1 1 1 and 59 1 1 1 for the External Devices that the result will be different from the test when the NAT is working at MA 2040 58 1 1 1 acces...

Page 83: ...agrams with red color numbers mean these are the matches between server and client and with the blue color number means it must be set locally for the tunnel L2TP_SERVER Configuration L2TP L2TP Server...

Page 84: ...GUIDE 83 The modification will take effect after Apply Save Reboot L2TP_CLIENT Configuration L2TP L2TP Client Click Add button and fill in the blank textbox The modification will take effect after App...

Page 85: ...agrams with red color numbers mean these are the matches between server and client and with the blue color number means it must be set locally for the tunnel PPTP_SERVER Configuration PPTP PPTP Server...

Page 86: ...P PPTP Client Click Add button and fill in the blank textbox The modification will take effect after Apply Save Reboot 4 5 IPSEC VPN Note The following diagrams with red color numbers mean these are t...

Page 87: ...ecVPN_SERVER Cisco 2811 Note Polices 1 4 6 7 are default for Cisco router and do not display at the CMD IPsecVPN_CLIENT Configuration IPsec IPsec Basic Then click Apply Configuration IPsec IPsec Tunne...

Page 88: ...MULTIMAX USER GUIDE 87 The modification will take effect after Apply Save Reboot...

Page 89: ...e following diagrams with red color numbers mean these are the matches between server and client and with the blue color number means it must be set locally for the tunnel OPENVPN_SERVER Configuration...

Page 90: ...MULTIMAX USER GUIDE 89 The modifications will take effect after click Apply Save Reboot...

Page 91: ...90 MULTIMAX USER GUIDE OPENVPN_CLIENT Configuration OpenVPN Client Tick Enable OpenVPN Client1 and fill in the blank textbox The modification will take effect after Apply Save Reboot...

Page 92: ...ileged exec mode When you enter privileged mode the prompt will change to which user can do not only what is allowed in the user exec mode but also the new additions like importing and exporting for f...

Page 93: ...est reload Halt and perform a cold restart tracert Tracer test write Write running configuration tftp Copy from tftp file system show Show running system information configure Enter configuration mode...

Page 94: ...unction but also can be used for break out of the setting program Invalid command xxx Parameters xxx are not supported by the system in this case enter a mark instead of xxx will help to find out the...

Page 95: ...tftp 172 16 3 3 get rootfs R3k 1 01 00 02_130325 Tftp transferring tftp succeeded downloaded MA 2040 write save current configuration Building configuration OK MA 2040 reload Reboot the system yes or...

Page 96: ...ly as wan link ICMP primary server 8 8 8 8 ICMP second server 8 8 8 4 ICMP detection interval 30 seconds ICMP detection timeout 3 seconds ICMP detection retries 3 reset the interface no MA 2040 config...

Page 97: ...ink Cellular Only now Cellular Only as wan link ICMP primary server 8 8 8 8 ICMP second server 8 8 8 4 ICMP detection interval 30 seconds ICMP detection timeout 3 seconds ICMP detection retries 3 rese...

Page 98: ...rovider Auto dial numbers 99 1 pin code NULL connection Mode Always online redial interval 30 seconds max connect try 3 main SIM selete SIM_1 when connect fail yes when roaming is detected no month da...

Page 99: ...oad Load default Restores default values Write Write Save current configuration parameters tftp Tftp IP address get cfg rootfs file name Import configuration file or update firmware via tftp Show Show...

Reviews:

No comments

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands