Microhard Systems IPn3Gii Operating Manual Download Page 181 | Manualshive

Page: 181 / 186

background image

© Microhard Systems Inc.

181

Appendix E: Firewall Example (Page 1 of 2)

By completing the Quick Start process, a user should have been able to log in and set up the IPnXGii to
work with their cellular carrier. By completing this, the modem is ready to be used to access the internet
and provide mobile connectivity. However, one of the main applications of the IPnXGii is to access
connected devices remotely. Security plays an important role in M2M deployments as in most cases the
modem is publically available on the internet. Limiting access to the IPnXGii is paramount for a secure
deployment. The firewall features of the IPnXGii allow a user to limit access to the IPnXGii and the devices
connected to it by the following means

- Customizable Rules

- MAC and/or IP List

- ACL (Access Control List) or Blacklist using the above tools.

Consider the following example. An IPn3Gii is deployed at a remote site to collect data from an end device
such as a PLC or RTU connected to the serial DATA port (Port 20001 on the WAN. It is required that only
a specific host (Host A) have access to the deployed IPn3Gii and attached device, including the remote
management features.

Step 1

Log into the IPn3Gii (Refer to Quick Start). Navigate to the Firewall > General tab as shown below and block all Carrier
traffic by setting the

Carrier Request

to Block, and disable

Carrier Remote Management

. Be sure to Apply the

settings. At this point it should be impossible to access the IPn3Gii from the Cellular Connection.

IPn3Gii

WAN IP: 74.198.186.193

Local Device on TCP

Port 20001

Host A:

184.71.46.126

Host B:

84.53.23.12

Host C:

186.41.57.101

Firewall

«
...
179
180
181
182
183
...
»

Summary of Contents for IPn3Gii

Page 1: ... IPn3Gii 3G HSPA Dual Ethernet Serial USB Gateway Document IPn3Gii IPn4Gii Operating Manual v1 3 pdf FW v1 2 0 Build 1038 Operating Manual May 2015 150 Country Hills Landing NW Calgary Alberta Canada T3K 5P3 Phone 403 248 0028 Fax 403 248 2762 www microhardcorp com ...

Page 2: ...TED NO FUNCTIONAL WARRANTY Indemnification The Purchaser shall indemnify Microhard Systems Inc and its respective directors officers employees suc cessors and assigns including any subsidiaries related corporations or affiliates shall be released and dis charged from any and all manner of action causes of action liability losses damages suits dues sums of money expenses including legal fees genera...

Page 3: ...y illustrations that further elaborate on the accompanying text but also several symbols which you should be attentive to Caution or Warning Usually advises against some action which could result in undesired or detrimental consequences Point to Remember Highlights a key feature point or step which is noteworthy Keeping these in mind will simplify or enhance device usage Tip An idea or suggestion ...

Page 4: ...tion de 23cm ou plus doit être maintenue entre l antenne de cet appareil et les personnes au cours de fonctionnement du dispositif Pour assurer le respect les opérations de plus près que cette distance n est pas recommandée L antenne utilisée pour ce transmetteur ne doit pas être co localisés en conjonction avec toute autre antenne ou transmetteur Réglementation de la FCC permettra à 36dBm Puissan...

Page 5: ...e 1 Division 2 est disponible uniquement sur les unités particulièrement marquées Si marqué cette Classe 1 Division 2 alors ce produit est disponible pour une utilisation en Classe 1 Division 2 dans les groupes indiqués sur le produit Dans un tel cas la suivante doit être remplie L émetteur récepteur n est pas acceptable comme une unité autonome pour une utilisation dans des endroits dangereux L é...

Page 6: ...pt 2014 1 2 Updated to align with firmware version 1 2 0 Build 1016 Added Mul tiWAN updated Carrier Dual SIM Added TAIP Added Websocket Updated I O Updated screenshots throughout misc corrections PEH Sept 2014 1 21 Updated to notify users must configure firewall and or appropriate rules to use IP Passthrough PEH Oct 2014 1 22 Removed AT CMGS Not currently Supported Added Current Con sumption PEH F...

Page 7: ...ront 21 3 1 2 2 Rear 22 4 0 Configuration 23 4 0 Web User Interface 23 4 0 1 Logon Window 24 4 1 System 25 4 1 1 Summary 25 4 1 2 Settings 26 Host Name 26 Console Timeout 26 Date Time 27 NTP Server Settings 28 4 1 3 Services 29 SSH 29 Telnet 29 HTTP HTTPS 29 4 1 4 Keepalive 30 4 1 5 Maintenance 32 Firmware Upgrade 32 Reset to Default 32 Backup Restore Configurations 33 4 1 6 Reboot 34 4 2 Network ...

Page 8: ...teway 69 4 5 3 Client to Gateway L2TP Client 74 4 5 4 GRE 76 4 5 5 L2TP Users 79 4 5 6 Certificates 80 4 6 MultiWAN 81 4 6 1 Status 81 4 6 2 Settings 82 4 7 Serial 84 4 7 1 Summary 84 4 7 2 RS232 Console RS485 Settings 85 Data Baud Rate 86 IP Protocol Config 89 TCP Client 89 TCP Server 89 TCP Client Server 90 UDP Point to Point 90 UDP Point to Multipoint P 90 UDP Point to Multipoint MP 91 UDP Mult...

Page 9: ...essage Payload 120 4 11 5 Websocket 122 4 11 6 Diagnostics 124 Network Ping 124 Network Trace Route 124 4 12 Admin 125 4 12 1 Users 125 4 12 2 Authentication RADIUS 127 4 12 3 NMS 128 4 12 4 SNMP 132 4 12 5 Discovery 135 4 12 6 Power Saving Modes 136 4 12 7 Logout 137 5 0 AT Command Line Interface 138 5 1 AT Command Overview 138 5 1 1 Serial Port 138 5 1 2 Telnet 139 5 2 AT Command Syntax 140 5 3 ...

Page 10: ...functionality as well gateway service for most equipment types which employ an RS232 RS422 or RS485 interface the IPnXGii can be used in a limitless types of applications such as 1 1 Performance Features Key performance features of the IPnXGii include High speed backbone IP video surveillance Voice over IP VoIP Facilitating internetwork wireless communications Legacy network device migration SCADA...

Page 11: ... Power Class Power Class 4 33 dBm for GSM E GSM bands Power Class 1 30 dBm for DCS PCS bands EDGE Power Class Power Class E2 27 dBm for GSM E GSM bands Power Class E2 26 dBm for DCS PCS bands IPn4Gii IPn4Gii Supported Bands LTE FDD Bands 1 5 7 8 13 17 18 19 20 UMTS DC HSPA Bands 1 2 4 5 8 GSM GPRS EDGE Bands 2 3 5 8 3GPP Protocol Stack Release 9 IPn4Gii Data Features LTE DL 100 Mbps UL 50 Mbps HSP...

Page 12: ...45 dBm Tracking Sensitivity 158 dBm 50 valid fixes Position Accuracy Tracking L1 CA code 12 Channels Max update rate 1 Hz Error calculated location less than 11 6 meters 67 of the time and less than 24 2 meters 95 of the time Environmental Operation Temperature 40o F 40o C to 185o F 85o C Humidity 5 to 95 non condensing Mechanical Dimensions 2 21 56mm X 3 85 97mm X 1 46 37mm Weight Approx 245 gram...

Page 13: ... Downlink 2110 2155 Module receive UMTS 1900 band II Uplink 1850 1910 Module transmit Downlink 1930 1990 Module receive Uplink 1920 1980 Module transmit UMTS 2100 band 1 Downlink 2110 2170 Module receive Table 1 1 IPn3Gii Operating RF Frequency Bands Receiver Input Sensitivity Min dBm Typ dBm Max dBm Remarks GSM 850 E GSM 900 102 0 110 0 Downlink RF level BER Class II 2 4 DCS 1800 PCS 1900 102 0 1...

Page 14: ... burst RF power for GPRS 2 slot TCH at Gamma 3 28 7 Uplink burst RF power for GPRS 3 slot TCH at Gamma 3 27 5 Uplink burst RF power for GPRS 4 slot TCH at Gamma 3 26 0 Uplink burst RF power for EDGE 8PSK 1 slot TCH at PCL 2 or Gamma 5 26 0 Uplink burst RF power for EDGE 8PSK 2 slot TCH at Gamma 5 25 2 Uplink burst RF power for EDGE 8PSK 3 slot TCH at Gamma 5 24 0 Uplink burst RF power for EDGE 8PS...

Page 15: ... network a valid SIM Card for your Wireless Carrier must be installed Insert the SIM Card into the slot as shown the top SIM slot is for SIM1 2 2 Getting Started with Cellular Connect the Antenna s to the applicable ANTENNA jack s of the IPnXGii Connect the power connector to the power adapter and apply power to the unit the CPU LED will flash during boot up once on solid proceed to the next step ...

Page 16: ...and enter the IP address 192 168 168 1 into the address bar The IPnXGii will then ask for a Username and Password Enter the factory defaults listed below 192 168 168 1 The factory default network settings IP 192 168 168 1 Subnet 255 255 255 0 Gateway 192 168 168 1 The Factory default login User name admin Password admin The factory default login User name admin Subnet admin It is always a good ide...

Page 17: ...the APN click on the Carrier Settings tab and enter the APN supplied by your carrier in the APN field Some carriers may also require a Username and Password Once the APN and any other required information is entered to connect to your carrier click on Submit Verizon Models do not require a APN and will Auto Connect if a valid SIM card is inserted 2 0 Quick Start Auto APN The IPnXGii will attempt t...

Page 18: ...t access Congratulations Your IPnXGii is successfully connected to your Cellular Carrier To access devices connected to IPnXGii remotely one or more of the following must be configured IP Passthrough Port Forwarding DMZ Another option would be to set up a VPN Ensure that all default passwords are changed to limit access to the modem For best practices and to limit data charges it is critical to pr...

Page 19: ...Pin MATE N LOK Type Connector for Power I O 1 2 6 Pin MATE N LOK Type Connector for RS485 Data 10 Pin MATE N LOK Type Connector for RS232 Console I O 3 8 Cellular Antenna SMA Female Antenna Connection x2 ANT3 Antenna RP SMA Female Antenna Connection Future Status Diagnostic LED s for RSSI x3 Tx Rx CELL CPU Dual SIM standard size Card Slots CFG Button for factory default firmware recovery operation...

Page 20: ...p View Dimensions Drawing 3 2 IPnXGii Front View Dimensions Drawing 3 3 IPnXGii Rear View Dimensions Note All dimension units Millimeter 119 50 9 75 37 00 100 01 2 50 9 75 100 01 108 50 119 50 32 04 13 48 10 48 5 50 4 25 14 50 47 00 20 16 36 58 56 00 71 10 R3 50 Ø7 00 100 01 9 75 37 00 2 50 119 50 ...

Page 21: ...flash Drawing 3 4 IPnXGii Front View Table 3 1 RS232 Pin Assignment Signal Level dBm RSSI1 Left RSSI2 Mid RSSI3 Right 85 0 ON ON ON 90 85 ON ON FLASH 95 90 ON ON OFF 100 95 ON FLASH OFF 105 100 ON OFF OFF 109 105 FLASH OFF OFF Other SCANNING SCANNING SCANNING Table 3 2 RSSI LED s Name Data Port Input or Output DCD 1 O RXD 2 O TXD 3 I DTR 4 I SG 5 DSR 6 O RTS 7 I CTS 8 O RING 9 O CELL LED Indicates...

Page 22: ...o be powered using Passive PoE on the Ethernet Port WAN via a PoE injector 3 1 2 Connectors and Indicators 3 1 2 2 Rear On the back of the IPnXGii is the Console port RS232 Rx Tx RS485 422 interface Programmable I O Dual Ethernet Ports WAN LAN as well as the power connections The unit also has the SMA F connectors for the Main TX RX the Diversity RX antenna s and a RP SMA Female connector for ANT3...

Page 23: ...sing an Ethernet cable apply power to the IPnXGii and wait approximately 60 seconds for the system to load open a web browser and enter the factory default IP address 192 168 168 1 of the unit logon window appears log on using default Username admin Password admin use the web browser based user interface to configure the IPnXGii as required refer to Section 2 0 Quick Start for step by step instruc...

Page 24: ...d the password appears as dots as shown in the image below This display format prohibits others from viewing the password The Remember my password checkbox may be selected for purposes of convenience however it is recommended to ensure it is deselected particularly once the unit is deployed in the field for one primary reason security Image 4 0 2 Logon Window For security do not allow the web brow...

Page 25: ...em Time Date Services Enable Disable and configure port numbers for SSH Telnet HTTP and HTTPS services Keepalive Configure System keep alive to ensure network internet access Maintenance Remote firmware Upgrades reset to defaults configuration backup and restore Reboot Remotely reboot the system 4 1 1 System Summary The System Summary screen is displayed immediately after initial login showing a s...

Page 26: ...address This name appears when logged into a telnet session or when the unit is reporting into Microhard NMS System Host Name Values characters IPnXGii varies up to 30 characters Console Timeout s This value determines when a console connection made via Console Port or Telnet will timeout after becoming inactive Values seconds 60 0 65535 CFG Reset to Default Button Enabled by default when the CFG ...

Page 27: ...rrent setting of the Date and Time Setting Mode as seen below Image 4 1 3 System Settings Time Settings Network Time Protocol NTP can be used to synchronize the time and date or computer systems with a centralized referenced server This can help ensure all systems on a network have the same time and date Date and Time Setting Mode Select the Date and Time Setting Mode required If set for Use Local...

Page 28: ...s the POSIX TZ String used by the unit as determined by the timezone setting Values read only varies NTP Server Enter the IP Address or domain name of the desired NTP time server Values address pool ntp org NTP Port Enter the IP Address or domain name of the desired NTP time server Values port 123 Timezone NTP Client Interval By default the modem only synchronizes the time and date during system b...

Page 29: ...e SSH service can also be modified The default is 22 22 Values port Telnet Using the Telnet Service Enable Disable function you can disable the Telnet service from running on the modem The port used by the Telnet service can also be modified The default is 23 23 Values port Web UI The default web server port for the web based configuration tools used in the modem is port 80 http and port 443 HTTPS...

Page 30: ...tion Enable Disable Monitors traffic on the Cell interface as well as the WAN interface if the WAN port is configured as independent in the Network Settings If the Bullet detects that there is no activity on the above interfaces it will attempt a ICMP HTTP or DNS Lookup as configured below to determine if service has been lost Traffic Check Values Selection Enable Disable Monitors the activity of ...

Page 31: ...to 200 Keepalive Retry Values number 10 Specify a IP Address or Domain that is used to test the modems connection The modem will send out the connection requests to the specified Host Host Name Values IP or Domain 8 8 8 8 Once the connection is lost the modem will send one of the requests to the remote host to determine the connection status If the modem fails to get the response it will re send t...

Page 32: ...nt Configuration Values check box unchecked Firmware Image Use the Browse button to find the firmware file supplied by Microhard Systems Select Upgrade Firmware to start the upgrade process This can take several minutes no default Values file Firmware Upgrade Occasional firmware updates may be released by Microhard Systems which may include fixes and or new features The firmware can be updated wir...

Page 33: ...file that needs to be restored to the unit Use the Check Restore File button to verify that the file is valid and then the option to restore the configuration is displayed as seen above Backup Restore Configuration The configuration of the IPnXGii can be backed up to a file at any time using the Backup Configuration feature The file can the be restored using the Restore Configuration feature It is...

Page 34: ...tion 4 1 6 System Reboot The IPnXGii can be remotely rebooted using the System Reboot menu As seen below a button OK reboot now is provided Once pressed the unit immediately reboots and starts its boot up procedure Image 4 1 9 System Reboot ...

Page 35: ...k 4 2 1 Network Summary The Network Summary display gives a overview of the currently configured network interfaces including the Connection Type Static DHCP IP Address Net Mask Default Gateway DNS and IPv4 Routing Table Image 4 2 1 Network Network Status ...

Page 36: ...The address of a particular device is not known and is also subject to change STATIC addresses must be tracked to avoid duplicate use yet they may be permanently assigned to a device This selection determines if the IPnXGii will obtain an IP address from a DHCP server on the attached network or if a static IP address will be entered If a Static IP Address is chosen the fields that follow must also...

Page 37: ...a device has a packet of data is does not know where to send send it to the gateway If necessary and applicable the gateway can forward the packet onwards to another network A GATEWAY is a point within a network that acts as an entrance to another network In typical networks a router acts as a gateway LAN DHCP A IPnXGii may be configured to provide dynamic host control protocol DHCP service to all...

Page 38: ...me Service is an Internet service that translates easily remembered domain names into their not so easily remembered IP addresses Being that the Internet is based on IP addresses without DNS if one entered the domain name www microhardcorp com for example into the URL line of a web browser the website could not be found Specify an alternate gateway for DHCP assigned devices if the default gateway ...

Page 39: ...wn and is also subject to change STATIC addresses must be tracked to avoid duplicate use yet they may be permanently assigned to a device Image 4 2 4 Network WAN Configuration If Static Connection Type is selected a valid IPv4 Address for the network being used must be entered in the field If DHCP is chosen this field will not appear and it will be populated automatically from the DHCP server IP A...

Page 40: ...vious page is selected to be DHCP the DHCP server will populate this field with the appropriate gateway address Default Gateway Values IP Address no default DNS Domain Name Service Servers are used to resolve domain names into IP addresses If set to auto and the Connection Type is set for DHCP the DHCP server will populate this field and the value set can be viewed on the Network Status page To ad...

Page 41: ...en to specific devices e g Port Forwarding To configure the actual DHCP server and to assign the valid IP Address ranges use the configuration tools under the LAN menu For future reference purposes you must name the MAC binding rules NAME Values no default Enter the physical MAC address of the device or interface that will be assigned the specified IP Address if it requests a DHCP address MAC Addr...

Page 42: ...r the IPnXGii DDNS Status Values Selection Enable Disable This is a list of supported Dynamic DNS service providers Free and premium services are offered contact the specific providers for more information Service Values selection changeip dyndns eurodyndns hn noip Enter a valid user name for the DDNS service selected above User Name Values characters none ods ovh regfish tzo zoneedit Enter a vali...

Page 43: ...the IPnXGii where to send data Image 4 2 7 Network Routes Routes can be names for easy reference or to describe the route being added Name Values characters no default Enter the network IP address for the destination Destination Values IP Address 192 168 168 0 Specify the Gateway used to reach the network specified above Gateway Values IP Address 192 168 168 1 Enter the Netmask for the destination...

Page 44: ...None Image 4 2 9 Network Device List 4 2 8 Network Device List The Network Device List shows the current ARP table for the local network adapter The MAC address and IP address are shown however not only DHCP assigned devices are listed in the device list any devices even those statically assigned that are connected through the local network interface RJ45 are displayed including those connected th...

Page 45: ...ariety of information can be found here such as Activity Status Network Name of Wireless Carrier connected Data Service Type WCDMA HSPA HSPA LTE etc Frequency band Phone Number etc Not all statistics parameters displayed are applicable The Received and Transmitted bytes and packets indicate the respective amount of data which has been moved through the radio The Error counts reflect those having o...

Page 46: ...ier Status Values Selection Enable Disable IP pass through allows the WAN IP address to be assigned to the device connected to the LAN or WAN ports In this mode the Bullet is for the most part transparent and forwards all traffic to the device connected to the selected Ethernet port except that listed below The WebUI port Default Port TCP 80 this port is retained for remote management of the Bulle...

Page 47: ...Slot Values Selection SIM Card 1 SIM Card 2 Start Over allows the IPnXGii to use the secondary slot to establish a connection with the cellular carrier in the case that the primary card is not installed or is otherwise not functioning Start Over Values Selection Enable Disable If enabled this feature allows the IPnXGii to switch from the currently connected SIM Carrier to the alternate after it ha...

Page 48: ...k the carrier automatically Data roaming is permitted SIM based will only allow the unit to connect to the network indicated by the SIM card used in the unit Manual will scan for available carriers and allow a user to select from the available carriers It takes 2 to 3 minutes to complete a scan Fixed allows a user to enter the carrier code numerical directly and then the unit will only connect to ...

Page 49: ...election Dial Number 3G Sets the number to be dialed Carrier dependant the default number is 99 1 99 1 Values String Dialing Max Retries 3G The maximum amount of attempts to dial and establish a connection The default is 0 which means that there is no maximum and the modem will keep trying indefinitely 0 100 Values Idle Time Out 3G The maximum amount of time to pass before modem will timeout The d...

Page 50: ...ad from the SIM card and this field should be left at the default value IP Address Values IP Address none Sets the modems connect string if required by the carrier Not usually required to be modified in North America Connect String 3G Values string CONNECT When enabled DNS Passthrough will pass on the WAN assigned DNS information to the end device DNS Passthrough Values Selection Enable Disable Wh...

Page 51: ...Carrier SMS SMS Command History The SMS menu allows a user to view the SMS Command History and view the SMS messages on the SIM Card Image 4 3 4 SMS SMS Send Send SMS Message The SMS messages can be sent directly from the IPnXGii WebUI interface Also the SMS message history can be viewed ...

Page 52: ...numbers can be added Set Phone Filter Values Selection Enable Disable MSC REBOOT Reboot system MSC NMS Send NMS UDP Report MSC WEB Send web client inquiry MSC MIOP1 open I O ouput1 MSC MIOP2 open I O ouput2 MSC MIOP3 open I O ouput3 MSC MIOP4 open I O ouput4 MSC MIOP5 open I O ouput5 MSC MIOP6 open I O ouput6 MSC MIOP7 open I O ouput7 MSC MIOP8 open I O ouput8 MSC MIOC1 close I O ouput1 MSC MIOC2 ...

Page 53: ...one numbers listed Status Values Selection Enable Disable SMS Alerts can be sent to up to 6 different phone numbers that are listed here Received Phone Numbers Values Selection no default SMS alerts when active will be sent out at the frequency defined here Time Interval s Values Seconds 300 Enable or disable the RSSI alerts RSSI Check Values Selection Disable RSSI check Enable RSSI check ...

Page 54: ...device Ethernet Link Status Values Selection Changed In no link Changed or in no link Changed to no link SMS Alerts can be sent based on the state changes of the Digital I O lines I O Status Values Selection Disable IO Check Enable INPUT Changed Enable Output Changed Enable INPUT or OUTPUT Changed Set the threshold for RSSI alerts RSSI Check Values dBm 99 Enable or disable SMS Alerts for Roaming S...

Page 55: ...etting daily and or monthly limits Notifications can be sent using SMS or Email allowing a early warning if configurable limits are about to be exceeded The usage data reported by the Data Usage Monitor may not match the data reported by the carrier but it gives the users an idea of the bandwidth consumed by the IPnXGii Status Values selection If enabled the IPnXGii will track the amount of cellul...

Page 56: ...1 31 For Monthly tracking select the day the billing data cycles begins On this day each month the IPnXGii will reset the data usage monitor numbers 1 Day of Month Phone Number Values phone If SMS is selected as the notification method enter the phone number to send any SMS messages generated when the data usage exceeds the configured limits 1403 Monthly Daily Over Limit Values selection Select th...

Page 57: ... the account used to send the Email notifications Domain or IP address with the associated port as shown smtp gmail com 465 Username Values username If Email is selected as the notification method enter the username of the Email account used to send Emails gmail com Password Values string If Email is selected as the notification method enter the password of the Email account used to send Emails Mo...

Page 58: ...4 4 1 Firewall Status 4 4 Firewall 4 4 1 Firewall Summary The Firewall Summary allows a user to see detailed information about how the firewall is operating The All Filter Nat Raw and Mangle options can be used to view different aspects of the firewall ...

Page 59: ...le Carrier Remote Management Allow remote management of the IPnXGii from the Cellular side of using the WebUI on port 80 HTTP and 443 HTTPS If disabled the configuration can only be accessed from the LAN or WAN if enabled Values Enable Disable For best practices and to control data usage it is critical that the firewall be configured properly It is recommended to block all incoming Cellular traffi...

Page 60: ...face WAN Cellular of the firewall that examines the source address of all packets crossing that interface coming from outside If the address belongs to the internal network or the firewall itself the packet is dropped Values Enable Disable Packet Normalization Packet Normalization is the normalization of packets so there are no ambiguities in interpretation by the ultimate destination of the packe...

Page 61: ...Port forwarding to be in effect If the WAN Request is blocked on the General Tab additional rules and or IP Lists must be set up to allow the port forwarding traffic to pass through the firewall IP Passthrough Carrier Settings is another option for passing traffic through the IPnXGii in this case all traffic is passed to a single device connected to the RJ45 port of the IPnXGii The device must be ...

Page 62: ...of the internal server on the LAN IP entered above Values Port 3000 Exception Port Enter a exception port number that will NOT be forwarded to the DMZ server IP Usually a configuration or remote management port that is excluded to retain external control of the IPnXGii Values Port 0 DMZ Server IP Enter the IP address of the device on the LAN side of the IPnXGii where all the traffic will be forwar...

Page 63: ...allowing connections based on the IP Address Subnet MAC IP List can be used alone or in combination with LAN to WAN 4G Access Control to provide secure access to the physical ports of the IPnXGii Firewall MAC List Configuration Rule Name The Rule Name field is required to give the rule a convenient name for reference Each rule must have a unique name up to 10 characters in length Values 10 chars M...

Page 64: ...asks example 192 168 1 0 to 192 168 1 255 represents all IP Addresses in the 192 168 1 0 24 network Put same IP in both boxes for a single IP match Values IP Address 192 168 0 0 Action The Action is used to define how the rule handles the connection request ACCEPT will allow a connection while REJECT error and DROP quietly dropped will refuse connections Values selection ACCEPT DROP REJECT Destina...

Page 65: ...e cellular carrier Rule Name The rule name is used to identify the created rule Each rule must have a unique name and up to 10 characters can be used Values 10 Chars characters Action The Action is used to define how the rule handles the connection request ACCEPT will allow a connection while REJECT error and DROP quietly dropped will refuse connections This is configured based on how the WAN Carr...

Page 66: ...r and the LAN LAN1 USB refers to local connections on the IPnXGii Values selection LAN LAN1 Cell WAN USB None Destination IPs Match incoming traffic from the specified destination IP range Boxes accept single IP Addresses without network masks example 192 168 1 0 to 192 168 1 255 represents all IP Addresses in the 192 168 1 0 24 network Put same IP in both boxes for a single IP match Values IP Add...

Page 67: ...Configuration Image 4 4 7 Firewall Firewall Default 4 4 6 Firewall Firewall Default The Firewall Default option allows a user to return the modems firewall setting back to the default values without having to reset the entire modem ...

Page 68: ...el between the IPnXGii and a remote network The IPnXGii supports VPN IPsec Gateway to Gateway site to site tunneling meaning you are using the IPnXGii to create a tunnel to a network with VPN capabilities Another IPnXGii or VPN capable device The IPnXGii can also operate as a L2TP Server allowing users to VPN into the unit from a remote PC and a L2TP Client ...

Page 69: ...a tunnel between two VPN devices such as an IPnXGii and another device another IPnXGii or Cisco VPN Router or another vendor The local and remote group settings will need to be configured below to mirror those set on the other VPN device Tunnel Name Enter a name for the VPN Tunnel Up to 16 different tunnels can be created each requiring a unique name Values chars tunnel1 ...

Page 70: ...s automatically For the Remote Security Gateway Type an extra field appears If you know the IP address of the remote VPN router choose IP Address and then enter the address IP Server ID Choose this option if this router has a static WAN IP address and a server id The WAN IP address appears automatically For the Remote Security Gateway Type an extra field appears If you know the IP address of the r...

Page 71: ...fy the method for identifying the router to establish the VPN tunnel The Local Security Gateway is on this router the Remote Security Gateway is on the other router At least one of the routers must have either a static IP address or a dynamic IP with server id to make a connection See Local Group Setup for details Values selection IP Only IP Server ID Dynamic IP Server ID Server ID This option app...

Page 72: ...r Values selection md5 sha1 Phase 1 Encryption Select value to match the Phase 1 Encryption type used by the remote VPN router Values selection 3des aes aes128 aes256 IPsec Setup Phase 1 DH Group Select value to match the values required by the remote VPN router Values selection modp1024 modp1536 modp2048 Phase 2 DH Group Select value to match the values required by the remote VPN router Values se...

Page 73: ...ote VPN router Values 3600 Preshared Key Set the Preshared Key required to authenticate with the remote VPN router Values characters password DPD Delay s Dead Peer Detection is used to detect if there is a dead peer Set the DPD Delay seconds as required Values seconds 32 DPD Timeout s Set the DPD Dead Peer Detection Timeout seconds as required Values seconds 122 DPD Action Set the DPD action hold ...

Page 74: ...PnXGii can operate as a L2TP Client allowing a VPN connection to be made with a L2TP Server Tunnel Name Enter a name for the VPN Tunnel Up to 16 different tunnels can be created each requiring a unique name Values chars tunnel1 Enable Used to enable checked is disable unchecked the VPN tunnel Values checkbox Enable Checked ...

Page 75: ... Subnet IP In order to communicate with the devices on the other side of the tunnel the IPnXGii must know which data to pass through the tunnel to do this enter the Remote Subnet network IP address here Values IP Address none Remote Subnet Mask Enter the Remote Subnet Mask Values IP Address none Idle time before hanging up Enter the Idle time in seconds to wait before giving up the PPP connection ...

Page 76: ...ayer protocols not supported by traditional VPN This allows IP packets to travel from one side of a GRE tunnel to the other without being parsed or treated like IP packets Each GRE tunnel must have a unique name Up to 10 GRE tunnels are supported by the IPnXGii Name Values Chars 32 gre Image 4 5 4 Network Edit Add GRE Tunnel Enable Enable Disable the GRE Tunnel Values selection Disable Enable ...

Page 77: ...e WAN IP Address of the IPnXGii this field should be populated with the current WAN IP address Values IP Address varies Tunnel IP Address This is the IP Address of the local tunnel Values IP Address varies Key Enter a key is required key must be the same for each end of the GRE tunnel Values chars none Netmask Enter the subnet mask of the local tunnel IP address Values IP Address varies Local Setu...

Page 78: ...th at the remote end Values IP Address varies Subnet Mask The subnet mask for the local network subnet Values IP Address varies Remote Setup The remote setup tells the IPnXGii about the remote end the IP address to create the tunnel to and the subnet that is accessible on the remote side of the tunnel Subnet Mask The is the subnet mask for the remote network subnet Values IP Address varies IPsec S...

Page 79: ...vide a username and password Use L2TP Users menu to set up the required users Username Enter a username for the user being set up Values characters no default New Password Enter a password for the use Values characters no default Confirm New Password Enter the password again the IPnXGii will ensure that the password match Values IP Address no default ...

Page 80: ...ent When using the VPN features of the IPnXGii it is possible to select X 509 for the Authentication Type If that is the case the IPnXGii must use the required x 509 certificates in order to establish a secure tunnel between other devices Certificate Management allows the user a place to manage these certificates ...

Page 81: ...ser to define how traffic uses these WAN s The main purpose of the MultiWan feature is to use one network for a primary connection such as a local wired ISP for broadband access and if that connection fails or is offline the modem can automatically switch to an alternate network connection such as the Cellular connection The Status menu gives an overview of both WAN connections and their configura...

Page 82: ...wired must be configured as independent in the Network WAN settings and a DHCP or Static IP Address set Values selection Enable Disable Primary Connection Define which connection is the primary network internet connection for the modem Normally this is the wired WAN connection to an ISP Values selection WAN Carrier Load Balancer Fast Balancer Health Monitor Interval This is the frequency at which ...

Page 83: ...0 15 20 Attempts Before WAN Carrier Recovery The IPnXGii will continue to monitor the failed interface even after failover has occurred This defines the number of successful attempts required before recovering the failed interface Values selection 1 3 5 10 15 20 Failover Traffic Destination Select the interface to use once failover has occurred Values selection Carrier or WAN Disable Load Balancer...

Page 84: ...n Image 4 7 1 Serial Summary 4 7 Serial 4 7 1 Serial Summary The Status window gives a summary of the serial ports on the IPnXGii The Status window shows if the com port has been enabled how it is configured Connect As and the connection status ...

Page 85: ...ith 3 Serial Communication Ports as described below RS232 The primary RS232 data port for end devices It is located on the front panel of the IPnXGii The COM1 RS232 port supports full handshaking Console By default this port is configured as a console port and is used for diagnostics and configuration using a AT Command set It is located on the back of the IPnXGii and only supports asynchronous TX...

Page 86: ...2400 1200 600 300 This setting determines the format of the data on the serial port The default is 8 data bits No parity and 1 Stop bit Data Format Values selection 8N1 8N2 8E1 8O1 7N1 7N2 7E1 7O1 7E2 7O2 Flow control may be used to enhance the reliability of serial data communications particularly at higher baud rates If the attached device does not support hardware handshaking leave this setting...

Page 87: ...r Timeout Values characters 24 The serial server also uses this parameter to determine the time gap inserted between frames It is measured in characters and related to baud rate Example If the baud rate is 9600bps it takes approximately 1ms to move one character With the Character Timeout set to 4 the timeout period is 4ms When the calculated time is less than 3 5ms the serial server will set the ...

Page 88: ... This option will enable or disable the MODBUS decoding and encoding features MODBUS TCP Status Values selection Disable Enable MODBUS encryption key used for the MODBUS TCP Protection Status feature MODBUS TCP Protection Key Values string 1234 ...

Page 89: ...rt data is communicated from the Client to the Server Default 20001 Outgoing Connection Timeout This parameter determines when the IPnXGii will terminate the TCP connection if the connection is in an idle state i e no data traffic on the serial port Default 60 seconds TCP Server In this mode the IPnXGii Series will not INITIATE a session rather it will wait for a Client to request a session of it ...

Page 90: ... unit uses to send multicast UDP packets upon receiving data from the serial port The default value is a good example of a valid multicast address Default 224 1 1 1 Multicast Port A UDP port that this IP Series will send UDP packets to The Multipoint MP see the UDP Point to Multipoint MP description stations should be configured to listen to this point in order to receive multicast packets from th...

Page 91: ...DP port that this unit will use along with the Multicast IP Address detailed above to receive the multicast UDP packets sent by the UDP Point to Multipoint P unit Default 20001 UDP Multipoint to Multipoint Multicast IP Address A valid multicast address the unit will use to send multicast UDP packets upon receiving them at its serial port Default 224 1 1 1 Multicast Port UDP port that the packets a...

Page 92: ...e Hex Code Default Text PPP COM1 can be configured as a PPP server for a serial connection with a PC or other device The attached PC could then use a dedicated serial WindowsXP dialup modem type PPP connection to access the network resources of the IPnXGii Note Console if configured as data port does not support this mode PPP Mode Can be set for Active or Passive If set for Active the PPP server w...

Page 93: ...ry n seconds Normally the peer should respond to the echo request by sending an echo reply This option can be used with the LCP echo failure option to detect that the peer is no longer connected Default 0 PPP Local IP Enter the local PPP IP Address the IP Address of the IPn4G COM0 Port Default 192 168 0 1 PPP Host IP Enter the PPP Host IP here This is the IP of the PC or attached device Default 19...

Page 94: ...y function NDIS Status Displays the statistics of the NDIS Ethernet Interface The other displayed parameters are not all applicable Of most use are the transmitted and received bytes packets these will indicate if data is coming into and out of the USB port To use the Serial or NDIS function of the IPnXGii you must first attaint and install the USB drivers Windows Drivers are available from the Su...

Page 95: ...s Disabled by default If USB Data Mode is selected and there is a desire to switch it back to Disabled console mode via the USB to Serial connection to it the escape sequence of may be entered at the Data Baud Rate for which the port is configured For more information about any of the Data Port field parameters refer to RS232 Configuration Image 4 8 2 USB Configuration Data Port ...

Page 96: ...tings as the rear Ethernet port Bridge Standalone Values selection Local IP Address This is the IP Address of the USB NDIS adapter on the IPnXGii The IPnXGii acts as a DHCP server on this port and assigns an IP address to connecting devices i e your PC 192 168 111 1 Values Subnet Mask This will be the Subnet Mask automatically assigned to the device PC connected to the USB port of the IPnXGii 255 ...

Page 97: ... be operated in the WebUI Alerts can be setup to send SMS Messages if I O Status changes as well SMS control messages can be sent to the device to trigger events SNMP and or Modbus can be used to poll for the status or set controls See the appropriate sections of the manual for more information Settings The Settings menu is used to configure a I O as either a Input or an Output If configured as an...

Page 98: ...H 1 5 3 3 30 V Input leakage current 3 3 VDC IN IIN 58 µA Typical application input source is a dry switch contact to ground Pin includes an internal 56KΩ resistor pull up to 3 3 VDC I O 1 8 Output Open drain drive to ground Idc 100 110 mA Maximum open circuit voltage applied Voc 3 3 30 V Typical application is to drive a relay coil to ground Table 4 9 1 Digital I O Specifications ...

Page 99: ...cessful will use the Cell ID location reported by the Cellular Carrier Image 4 10 1 GPS Location Map The maps can be viewed with either Bing or Google maps by using the option located at the bottom right hand corner near the refresh option If the unit had a GPS signal GPS Module enabled and antenna attached it will report the specific GPS coordinates of the modem otherwise only the estimated coord...

Page 100: ...en below are not available on your unit you do not have a GPS enabled model Image 4 10 2 GPS Settings GPS Status Enable or disable the GPS polling function of the IPnXGii Values Disable Enable GPS Source The IPnXGii contains an standalone GPS module built into the unit To use the GPS features of the IPnXGii a cellular antenna must be connected to the GPS Antenna Port Values Standalone GPS TCP Port...

Page 101: ...or Email Reporting Image 4 10 3 GPS GPS Report Report Define Enable UDP and or Email or disable GPS Reporting Up to 4 reports can be set up and configured independently Values selection Disable UDP Report Email Report Time Interval The interval timer specifies the frequency at which the GPS data is reported in seconds Values seconds 600 ...

Page 102: ... before an update is sent Values selection Only Timer Timer AND Distance Timer OR Distance Distance Set The distance parameter allows the GPS data to only be sent when a specified distance has been traveled since the last report Values meters 1000 UDP Remote IP Port This is the IP Address and port of the remote host in which the UDP packets are to be sent Values Address Port 0 0 0 0 20175 Mail Sub...

Page 103: ... The IPnXGii and GpsGate software will communicate via TCP IP however if a connection is not available it will attempt to use SMS messaging Values selection Disable Enable Tracker Mode Enable TCP Send Mode Server Command Channel By default IPnXGii and GpsGate will use TCP and SMS to ensure communication between each other It is also possible to specify TCP or SMS communication only Initial setup i...

Page 104: ...ction Disable Enable Motion Trigger When GPS Invalid Sending Data Specify what happens when the GPS data is invalid either use the last valid position or do not use the last valid position Values selection Not Use Last Valid Position Use Last Valid Position GpsGate TCP Mode Send IO Status When enabled the IPnXGii will send the current status of the Digital I O inputs and or outputs to the GpsGate ...

Page 105: ...erver running the GpsGate application Values Port 30175 Server Interval Define the interval at which the IPnXGii will send data to the GpsGate Server Values seconds 60 Motion Distance Set the motion threshold in which the IPnXGii will be triggered to send location data Values meters 100 When GPS Invalid Sending Data Specify what happens when the GPS data is invalid either use the last valid positi...

Page 106: ...IPnXGii The total number of records that can be recorded varies between 16 000 and 36 000 depending on the number of GPS parameters that are recorded Values selection Disable Enable GPS Recorder Time Interval Define the interval at which the IPnXGii will record GPS data If there is no valid data available at the specified time i e no connected satellites the unit will wait until the next time vali...

Page 107: ...record the current orientation when a GPS entry is recorded Degree to North Values selection Record Don t Record Orientation Changed Record a GPS regardless of the time interval if the orientation of the unit changes 5 180 180 Disable Values 5 180 60 Carrier RSSI Level Select Record to record the current 3G Cellular RSSI level when a GPS entry is recorded dB Values selection Record Don t Record Al...

Page 108: ...r sent to a remote server in various formats The data recorded can also be viewed directly by selecting View Data and the data can be traced on a map internet access required by selecting Trace Map or Quick Trace The screenshots below show the raw data that can be viewed and the Trace Map Quick Trace output Image 4 10 7 GPS GPS Load Record ...

Page 109: ...ta format protocol type for the data to be sent Values selection NMEA via UDP NMEA via TCP GpsGate via UDP GpsGate via TCP Plain Text via UDP Plain Text via TCP Server Address IP Enter the address or IP address of the remote server to which the data is to be sent Values IP nms microhardcorp com Server Port Enter the UDP TCP port number of the remote server to which the data is to be sent Values Po...

Page 110: ... status Enable or disable TAIP service on the modem The unit can report TAIP to up to 4 different hosts Values selection Enable Disable Remote TAIP Server Enter the IP Address of the Remote TAIP Server Values IP Address 0 0 0 0 Socket Type Select the socket type that is used by the Remote TAIP server Select TCP or UDP this will define how the connection TCP or data is sent UDP to the server Values...

Page 111: ...ion Velocity RLN Long Navigation Message Values selection RPV RLN Interval Set the frequency at which TAIP messages are reported to the remote server The unit used is seconds and the default value is 60 seconds Values seconds 60 Vehicle ID Set the Vehicle ID using 4 alpha numeric characters Values chars 0000 ...

Page 112: ... configured to operate as a TCP IP or Serial COM Modbus slave and respond to Modbus requests and report various information as shown in the Data Map Status Disable or enable the Modbus service on the IPnXGii Values selection Disable Service Enable Service TCP Mode Status Disable or enable the Modbus TCP Connection Service on the IPnXGii Values selection Disable Enable ...

Page 113: ...s Host System Values value 1 Coils Address Offset Enter the Coils Address offset as required by the Master Values value 0 Input Address Offset Enter the Input Address offset as required by the Master Values value 0 Register Address Offset Enter the Register Address offset as required by the Master Values value 0 Master IP Filter Set It is possible to only accept connections from specific Modbus Ma...

Page 114: ... RTU Mode Data Mode Determines which rear of unit serial interface shall be used to connect to external devices RS232 RS485 or RS422 This option applies only to COM1 When an interface other than RS232 is selected the DE9 port will be inactive Values selection RS232 RS485 RS422 Baud Rate The serial baud rate is the rate at which the modem is to communicate with the attached local serial device Valu...

Page 115: ... Microhard Systems Inc 115 4 0 Configuration 4 10 1 3 Modbus Modbus Data Map Image 4 11 3 Applications Modbus Data Map ...

Page 116: ...to understand data needs Standard Netflow Filters can be applied to narrow down results and target specific data requirements Status Enable Disable Netflow Reporting Values selection Disable Enable Interface Select between LAN WAN and Carrier interfaces or capture data from all interfaces Values selection LAN WAN Carrier ALL Source Address The Source Address is the IP Address of which data is to b...

Page 117: ...ed If no expression is given all packets will be captured Otherwise only packets for which expression is true will be captured Example tcp port 80 The tcpdump manual available on the internet provides detailed expression syntax Values chars no default Remote IP The Remote IP is the IP Address of the NetFlow collector where the flow reports are be sent Values IP Address 0 0 0 0 ...

Page 118: ...If auto detect is selected the IPnXGii will detect and monitor DHCP assigned IP address Status Enable or disable the local device monitoring service Disable Enable Values selection Fixed local IP Auto Detected IP Values selection Local IP Setting This field is only shown if Fixed Local IP is selected for the IP Mode Enter the static IP to be monitored in this field 0 0 0 0 Values IP Status Timeout...

Page 119: ...c carrier info such as signal strength RSSI phone number RF Band or about the WAN such as if the assigned IP Address changes All events are reported in binary Event Type This box allows the selection of the type of event to be reported The default is disabled If Modem_event is selected additional options appear to the right and allow for customization of the event reported via Messages If Manageme...

Page 120: ...ure Modem_event message structure fixed header fixed size 20 bytes Modem ID uint64_t 8 bytes Message type mask uint8_t 1 byte reserved packet length uint16_t 2 bytes Note packet length length of fixed header length of message payload Message type mask Modem info 2 bits 00 no 01 yes 0x1 Carrier info 2 bits 00 no 01 yes 0x4 WAN Info 2 bits 00 no 01 yes 0x10 sdp_event message structure spd_cmd 1 byte...

Page 121: ...Phone number STRING 1 30 Bytes WAN Info Content length 2 BYTES UINT16_T IP address 4 BYTES UINT32_T DNS1 4 BYTES UINT32_T DNS2 4 BYTES UINT32_T Message Order Messages will be ordered by message type number For example If message type mask 0x15 the eurd package will be equipped by header modem information carrier information wanip information If message type mask 0x4 the eurd package will be equipp...

Page 122: ... two purposes refreshing page information without refreshing the entire page to reduce network stream to integrate internet applications with xml to get required information in real time Currently we provide four types of information as configured GPS Coordinate Information GPS NMEA Data Carrier Information Comport Data Status Enable or disable the web socket service in the modem Values selection ...

Page 123: ...en once started enabled The default is 60 mins a value of zero means the service with continue to run indefinitely Values minutes 60 GPS Coordinate If enabled the modem will report GPS coordinate data to the websocket Values selection Disable Enable GPS NMEA Data If enabled the modem will report GPS NMEA data to the websocket Values selection Disable Enable Carrier Information If enabled the modem...

Page 124: ... command by entering the IP address or host name of a destination device in the Ping Host Name field use Count for the number of ping messages to send and the Packet Size to modify the size of the packets sent Network Tools Trace Route The Trace Route command can be used to provide connectivity data by providing information about the number of hops routers and the path taken to reach a particular ...

Page 125: ...s can be defined and deleted as required as seen in the Users menu below Image 4 12 1 Users Password Change Enter a new password for the admin user It must be at least 5 characters in length The default password for admin is admin New Password Values characters admin Confirm Password The exact password must be entered to confirm the password change if there is a mistake all changes will be discard...

Page 126: ... Control Users Enter the desired username Minimum or 5 character and maximum of 32 character Changes will not take effect until the system has been restarted Username Values characters no default Min 5 characters Max 32 characters Password Confirm Password Passwords must be a minimum of 5 characters The Password must be re entered exactly in the Confirm Password box as well no default min 5 charac...

Page 127: ...er Service An authentication authorization and accounting protocol which may be used in network access applications A RADIUS server is used to verifying that information is correct Remote Server IP Address In this field the IP address of the RADIUS server is to be entered if RADIUS Local has been selected as the Authorization Mode Values Local Local RADIUS Values Valid RADIUS server IP address 0 0...

Page 128: ...an monitor online offline units retrieve usage data perform backups and centralized upgrades etc The following section describes how to get started with NMS and how to configure the IPnXGii to report to NMS To get started with NMS browse to the Microhard NMS website nms microhardcorp com click on the register button in the top right corner to register for a Domain profile and set up a Domain Admin...

Page 129: ...NOT by the NMS subscription page Domain Password This password is used to prevent misuse of the domain This needs to be entered into each 3G or 4G device for it to report to right zone Email Address The email address entered here will be the login username During the registration stage a confirmation email will be sent by the NMS system for verification and confirmation to activate your account On...

Page 130: ... Carrier Location Enable or Disable location estimation via carrier connection When enabled the IPnXGii will consume some data to retrieve location information from the internet Values chars Disable Enable Remote Port This is the port to which the UDP packets are sent and the NMS system is listening on Ensure this matches what is configured on NMS The default is 20200 Values UDP Port 20200 Network...

Page 131: ...d or disabled This service is used to remotely control the IPnXGii It can be used to schedule reboots firmware upgrade and backup tasks etc Values chars Disable Enable Server Port This is the port where the service is installed and listening This port should be open on any installed firewalls Values Port 9998 Webclient Setting Server Type Select between HTTPS secure or HTTP server type Values char...

Page 132: ... and processing of the information sent by a device either responses to queries or device sourced traps The MIB in the device relates subroutine addresses to objects in order to read data from or write data to variables in the device An SNMPv1 agent accepts commands to retrieve an object retrieve the next object set and object to a specified value send a value in response to a received command and...

Page 133: ...cate SNMP queries Being part of the community allows the SNMP agent to process SNMPv1 and SNMPv2c requests This community name has only READ priority Read Only Community Name Values string public Also a plain text password mechanism used to weakly authenticate SNMP queries Being part of the community allows the SNMP agent to process SNMPv1 and SNMPv2c requests This community name has only READ WRI...

Page 134: ...hentication Level set to AuthNoPriv or AuthPriv V3 User Authentication Password Values string 00000000 SNMPv3 user s encryption password Only valid when V3 User Authentication Level set to AuthPriv see above V3 User Privacy Password Values string 00000000 Select which version of trap will be sent should a failure or alarm condition occur SNMP Trap Version Values string V1 Traps V2 Traps V3 Traps V...

Page 135: ...io employ a discovery service that can be used to detect other Microhard Radio s on a network This can be done using a stand alone utility from Microhard System s called IP Discovery or from the Admin Discovery menu The discovery service will report the MAC Address IP Address Description Product Name Firmware Version Operating Mode and the SSID Specify the port running the discovery service on the...

Page 136: ...eep the unit cannot be reached remotely using the WAN IP address Supply Voltage Mode The Bullet will go into power saving mode when the voltage supplied to the Bullet drops below a specified value The unit will return to normal operation once the recovery threshold is crossed Timer Schedule The Bullet can go into power saving modes at specific time intervals on hourly intervals Sniff Mode The Bull...

Page 137: ... Microhard Systems Inc 137 4 0 Configuration 4 12 7 System Logout The logout function allows a user to end the current configuration session and prompt for a login screen Image 4 12 9 System logout ...

Page 138: ...erterminal Tera Term ProComm Putty etc can then be used to communicate with the IPnXGii The port settings of this port can be modified by changing the settings of the Console Port in the Serial configuration menus Image 5 1 Console Port Settings Default Settings Baud rate 115200 Data bits 8 Parity None Stop Bits 1 Flow Control None Once communication is established a login is required to access th...

Page 139: ...lishing a Telnet Session A session can be made to the WAN IP Address if allowed in the firewall settings for remote configuration or to the local RJ45 interface Once a session is established a login is required to continue As seen in the Serial port setup the default login is admin and the password is admin Once verified the AT Command Line Interface menu is shown and AT Commands can now be issued...

Page 140: ...can be used to query and set values AT command_name parameter1 parameter2 Sets Values AT command_name Queries the setting Query Syntax AT MLEIP Enter MLEIP Command Syntax AT MLEIP IP Address Netmask Gateway OK Setting a value AT MLEIP 192 168 168 1 255 255 255 0 192 168 168 1 Enter OK Query a setting AT MLEIP Enter MLEIP 192 168 168 1 255 255 255 0 192 168 168 1 OK A screen capture of the above co...

Page 141: ...e Input AT enter Response OK AT TEST Command Syntax Echo TEST AT TEST enter Description Example Input AT TEST enter Response AT ECHO TEST 0 ATE0 Command Syntax Disables Local Echo ATE0 enter Description Example Input ATE0 enter Response OK ATE1 Command Syntax Enables Local Echo ATE1 enter Description Example Input ATE1 enter Response OK ...

Page 142: ... enter Response AT Command history 1 ATH 2 ATL 3 ATH AT R Command Syntax Read modem profile to editable profile Reserved AT R enter Description Example Input AT R enter Response OK AT V Command Syntax Read modem active profile AT V enter Description Example Input AT V enter Response V hostname Bullet timezone MST7MDT M3 2 0 M11 1 0 systemmode gateway OK ...

Page 143: ...enter Description Example Input AT MREB enter Response OK Rebooting AT W Command Syntax Reserved AT W enter Description Example Input AT W enter Response OK ATA Command Syntax Quit Exits AT Command session and returns you to login prompt ATA enter Description Example Input ATA enter Response OK Bullet Login ...

Page 144: ... you to login prompt ATO enter Description Example Input ATA enter Response OK Bullet Login AT CMGS Command Syntax Send SMS message To send message CTRL Z must be entered to exit ESC AT CMGS Phone Number CR text is entered CTRL Z ESC Description Example Input AT CMGS 4035553776 enter 4035553776 Test ctrl z Response OK ...

Page 145: ... String format yy MM dd hh mm ss zz year 00 99 month 01 12 Day 01 31 Hour Min Second and TimeZone quarters of an hour data SMS User Data in Text Mode String type AT CMGL Command Syntax This command allows the application to read stored messages by indicating the type of the message to read The messages are read from the SIM card memory AT CMGL status Status 0 Lists all unread messages 1 Lists all ...

Page 146: ...ages 4 Deletes all messages Description Example Input AT CMGD 0 4 enter Response index 0 dflag 4 OK AT GMR Command Syntax Modem Record Information AT GMR enter Description Example Input AT GMR enter Response GMR Hardware Version v1 0 0 Software Version v1 1 0 build 1060 Copyright 2012 Microhard Systems Inc System Time Mon Dec 2 16 03 51 2013 OK AT GMI Command Syntax Get Manufacturer Identification...

Page 147: ...UM enter Response CNUM 15875558645 OK AT CIMI Command Syntax Check modem s IMEI and IMSI numbers AT CIMI enter Description Example Input AT CIMI enter Response CIMI IMEI 012773002108403 IMSI 302720406982933 OK AT CCID Command Syntax Check modem s SIM card number AT CCID enter Description Example Input AT CCID enter Response CCID 89302720401025355531 OK ...

Page 148: ...rt MAC 00 0F 92 00 D4 BB IP 192 168 168 1 MASK 255 255 255 0 Wan MAC 00 0F 92 00 D4 BB Wan IP 0 0 0 0 Wan MASK 0 0 0 0 System Device Bullet Product Bullet Image Bullet Hardware Rev A Software v1 2 0 build 1007 Copyright 2013 2014 Microhard Systems Inc Time Thu Jul 10 09 48 28 2014 AT MMNAME Command Syntax Modem Name Radio Description 30 chars AT MMNAME modem_name Description Example Input To set v...

Page 149: ...192 168 168 1 enter Response OK AT MDHCP Command Syntax Enable Disable the DHCP server running of the local Ethernet interface AT MDHCP action 0 Disable 1 Enable Description Example Input AT MDHCP 1 enter Response OK AT MDHCPA Command Syntax Define the Starting and Ending IP Address range assignable by DHCP on the local Ethernet interface AT MDHCPA Start IP End IP Description Example Input AT MDHC...

Page 150: ...le Input AT MEMAC enter Response MEMAC 00 0F 92 00 40 9A OK AT MSIP Command Syntax Set LAN static IP AT MSIP static IP address enter Description Example Input AT MSIP 192 168 168 1 enter Response MSIP setting and restarting network OK AT MSCT Command Syntax Set LAN Connection Type AT MSCT Mode Mode 0 DHCP 1 Static IP Description Example Input AT MSCT 1 enter Response OK ...

Page 151: ...tp org enter Response OK AT MPIPP Command Syntax Enable Disable IP Passthrough AT MPIPP Mode Mode 0 Disable 1 Ethernet Description Example Input AT MPIPP 1 enter Response OK AT MCNTO Command Syntax Sets the timeout value for the serial and telnet consoles Once expired user will be return to login prompt AT MCNTO Timeout_s 0 Disabled 0 65535 seconds Description Example Input AT MCNTO 300 enter Resp...

Page 152: ...F action Action 0 pre set action 1 confirm action OK Description Example Input AT MRTF 1 enter Response OK AT MSCMD Command Syntax Enable Disable SMS Commands and if configured the phone filter list AT MSCMD Mode Filter Mode Phone No 1 Phone No 6 Mode 0 Disable 1 Enable SMS Command Filter Mode 0 Disable 1 Enable Phone Filter OK Description Example Input AT MSCMD 1 1 403556767 4057890909 enter Resp...

Page 153: ...ample Input AT MPWD admin admin enter Response OK AT MDISS Command Syntax Configure discovery mode service used by Bullet and utilities such as IP Discovery AT MDISS Mode Mode 0 Disable 1 Discoverable Description Example Input AT MDISS 1 enter Response OK AT MIKACE Command Syntax Enable or Disable IMCP ICMP keep alive check AT MIKACE Mode Mode 0 Disable 1 Enable Description Example Input AT MIKACE...

Page 154: ...d Syntax Enable Disable DDNS AT MDDNSE Mode Mode 0 Disable 1 Enable Description Example Input AT MDDNSE 0 enter Response OK AT MDDNS Command Syntax Select DDNS service provider and login credentials as required for DDNS services AT MDDNS service type host user name password service type 0 changeip 1 dyndns 2 eurodyndns 3 hn 4 noip 5 ods 6 ovh 7 regfish 8 tzo 9 zoneedit Description Example Input AT...

Page 155: ...Input AT MIKAC www google com 600 10 enter Response OK AT MNMSR Command Syntax Define NMS Report AT MNMSR Mode Remote Port Interval Time_s Mode 0 Disable 1 Enable NMS Report Description Example Input AT MNMSR 1 20200 300 enter Response OK AT MGPSR1 AT MGPSR2 AT MGPSR3 AT MGPSR4 Command Syntax Define GPS Report No 1 2 3 4 AT MGPSR1 Mode Remote IP Remote Port Interval Ti me_s Mode 0 Disable 1 Enable...

Page 156: ...1 Mode Mode 0 Disable 1 Enable Description Example Input AT MCTPS1 0 enter Response OK AT MCTBR1 Command Syntax Set Comport baud rate AT MCTBR1 Baud Rate Baud Rate 0 300 1 600 2 1200 3 2400 4 3600 5 4800 6 7200 7 9600 8 14400 9 19200 10 28800 11 38400 12 57600 13 115200 Description Example Input AT MCTBR1 13 enter Response OK ...

Page 157: ... 7N2 6 7E1 7 7O1 8 7E2 9 7O2 Description Example Input AT MCTDF1 0 enter Response OK AT MCTDM1 Command Syntax Set Comport data mode AT MCTDM1 Data Mode Data Mode 0 Seamless 1 Transparent Description Example Input AT MCTDM1 1 enter Response OK AT MCTCT1 Command Syntax Set Comport character timeout AT MCTCT1 timeout_s Description Example Input AT MCTCT1 0 enter Response OK ...

Page 158: ...MPS1 1024 enter Response OK AT MCTP1 Command Syntax Set Comport port priority AT MCTP1 Mode Mode 0 Normal 1 Medium 2 High Description Example Input AT MCTP1 0 enter Response OK AT MCTNCDI1 Command Syntax Enable Disable Comport port no connection data intake AT MCTNCDI1 Mode Mode 0 Disable 1 Enable Description Example Input AT MCTNCDI1 1 enter Response OK ...

Page 159: ...otocol Mode AT MCTIPM1 Mode Mode 0 TCP Client 1 TCP Server 2 TCP Client Server 3 UDP Point to Point 4 UDP Point to Multipoint P 5 UDP Point to Multipoint MP 6 UDP Multipoint to Multipoint 7 SMTP Client 9 SMS Transparent Mode 11 GPS Transparent Mode Description Example Input AT MCTIPM1 1 enter Response OK AT MCTTC1 Command Syntax Set Comport TCP Client parameters when IP Protocol Mode is set to TCP...

Page 160: ... parameters when IP Protocol is set to TCP Client Server mode AT MCTTCS1 Remote Server IP Remote Server Port Outgoing timeout_s Polling Mode Polling timeout_s Local Listener Port Connection timeout_s Polling Mode 0 Monitor 1 Multi polling Description Example Input AT MCTCS1 0 0 0 0 20002 60 0 100 20002 300 en ter Response OK AT MCTUPP1 Command Syntax Set UDP Point to Point parameters when IP Proto...

Page 161: ... UDP Point to Multipoint as MP parameters when IP Protocol Mode is set to UDP Point to Multipoint MP AT MCTUPMM1 Remote IP Remote Port Multicast IP Multicast Port Description Example Input AT MCTUPMM1 0 0 0 0 20012 224 1 1 2 20002 enter Response OK AT MCTUMPMP1 Command Syntax Set UDP Multipoint to Multipoint parameters when IP Protocol is set to UDP Multipoint to Multipoint mode AT MCTUMPMP1 Multi...

Page 162: ...2 Mode Mode 0 Disable 1 Enable Description Example Input AT MCTPS2 0 enter Response OK AT MCTBR2 Command Syntax Set Comport baud rate AT MCTBR2 Baud Rate Baud Rate 0 300 1 600 2 1200 3 2400 4 3600 5 4800 6 7200 7 9600 8 14400 9 19200 10 28800 11 38400 12 57600 13 115200 Description Example Input AT MCTBR2 13 enter Response OK ...

Page 163: ... 7N2 6 7E1 7 7O1 8 7E2 9 7O2 Description Example Input AT MCTDF2 0 enter Response OK AT MCTDM2 Command Syntax Set Comport data mode AT MCTDM2 Data Mode Data Mode 0 Seamless 1 Transparent Description Example Input AT MCTDM2 1 enter Response OK AT MCTCT2 Command Syntax Set Comport character timeout AT MCTCT2 timeout_s Description Example Input AT MCTCT2 0 enter Response OK ...

Page 164: ...MPS2 1024 enter Response OK AT MCTP2 Command Syntax Set Comport port priority AT MCTP2 Mode Mode 0 Normal 1 Medium 2 High Description Example Input AT MCTP2 0 enter Response OK AT MCTNCDI2 Command Syntax Enable Disable Comport port no connection data intake AT MCTNCDI2 Mode Mode 0 Disable 1 Enable Description Example Input AT MCTNCDI2 1 enter Response OK ...

Page 165: ...otocol Mode AT MCTIPM2 Mode Mode 0 TCP Client 1 TCP Server 2 TCP Client Server 3 UDP Point to Point 4 UDP Point to Multipoint P 5 UDP Point to Multipoint MP 6 UDP Multipoint to Multipoint 7 SMTP Client 9 SMS Transparent Mode 11 GPS Transparent Mode Description Example Input AT MCTIPM2 1 enter Response OK AT MCTTC2 Command Syntax Set Comport TCP Client parameters when IP Protocol Mode is set to TCP...

Page 166: ... parameters when IP Protocol is set to TCP Client Server mode AT MCTTCS2 Remote Server IP Remote Server Port Outgoing timeout_s Polling Mode Polling timeout_s Local Listener Port Connection timeout_s Polling Mode 0 Monitor 1 Multi polling Description Example Input AT MCTCS2 0 0 0 0 20002 60 0 100 20002 300 en ter Response OK AT MCTUPP2 Command Syntax Set UDP Point to Point parameters when IP Proto...

Page 167: ... UDP Point to Multipoint as MP parameters when IP Protocol Mode is set to UDP Point to Multipoint MP AT MCTUPMM2 Remote IP Remote Port Multicast IP Multicast Port Description Example Input AT MCTUPMM2 0 0 0 0 20012 224 1 1 2 20002 enter Response OK AT MCTUMPMP2 Command Syntax Set UDP Multipoint to Multipoint parameters when IP Protocol is set to UDP Multipoint to Multipoint mode AT MCTUMPMP2 Multi...

Page 168: ...mple Input AT MIOMODE 1 0 enter Response OK Input AT MIOMODE Response MIOMODE IO port mode Mode1 0 Input Mode2 0 Input OK AT MIOOC Command Syntax Get Set output control AT MIOOC Index Output Control Index The index of IO port 1 to 2 Output Control 0 Open 1 Close Description Example Input AT MIOOC 1 1 enter Response OK Input AT MIOOC Response MIOOC IO Output Control OutputCtrl1 1 Close OutputCtrl2 ...

Page 169: ... Response MIOSTATUS IO status iodigiinval1 Fault iodigiinval2 High OK AT MIOMETER Command Syntax Get IO meter V AT MIOMETER enter Description Example Input AT MIOMETER enter Response MIOMETER IO meter V iovolts1 12 25 iovolts2 2 74 OK AT IMEI Command Syntax Get Modem s IMEI AT IMEI enter Description Example Input AT IMEI enter Response IMEI 352237050103870 OK ...

Page 170: ...ption Example Input AT IMSI enter Response IMSI 302610012606734 OK AT IMSI Command Syntax Get Modem s IMSI AT IMSI enter Description Example Input AT IMSI enter Response IMSI 302610012606734 OK AT NETRSSI Command Syntax Get Modem s RSSI AT NETRSSI enter Description Example Input AT NETRSSI enter Response NETRSSI 65 OK ...

Page 171: ... Example Input AT POWERIN enter Response POWERIN 11 77 OK AT BOARDTEMP Command Syntax Get Modem s Board Temperature C AT BOARDTEMP enter Description Example Input AT BOARDTEMP enter Response BOARDTEMP 44 79 OK AT WANIP Command Syntax Get Modem s WAN IP AT WANIP enter Description Example Input AT WANIP enter Response WANIP 74 186 198 97 OK ...

Page 172: ...of IP addresses to be assigned by the DHCP server AT MEMAC Query the MAC address of local Etheret interface AT MSIP Set LAN static IP AT MSCT Set LAN Connection Type AT MNTP Define NTP server AT MPIPP Enable or disable IP Passthrough AT MCNTO Set console timeout AT MRTF Reset the modem to the factory default settings of from non volatile NV memory AT MTWT Enable or disable traffic watchdog timer u...

Page 173: ...sable com2 port AT MCTBR2 Set com2 port baud rate AT MCTDF2 Set com2 port data format AT MCTDM2 Set com2 port data mode AT MCTCT2 Set com2 port character timeout AT MCTMPS2 Set com2 port maximum packet size AT MCTP2 Set com2 port priority AT MCTNCDI2 Enable or disable com2 port no connection data intake AT MCTMTC2 Set com2 port modbus tcp configuration AT MCTIPM2 Set com2 port IP protocol mode AT ...

Page 174: ... hardware handshaking is used the RTS signal indicates to the DCE that the host can receive data CTS Clear to Send Output from Module A handshaking signal which is asserted by the DCE TTL low when it has enabled communications and transmission from the DTE can commence When hardware handshaking is used the CTS signal indicates to the host that the DCE can receive data Notes It is typical to refer ...

Page 175: ...serial ports the GPS features VPN and much more The advantage of IP Passthrough is that the configuration is very simple In the example below we have a IPn3Gii connected to a PC PC2 The application requires that PC1 be able to access several services on PC2 Using Port Forwarding this would require a new rule created for each port and some applications or services may require several ports so this ...

Page 176: ...ent IP address In the screenshot to the right we can see that the Laptop connected to the IPn3Gii has a IP Address of 74 198 186 193 which is the IP address assign by the cellular carrier for the modem Step 5 Optional IP Passthrough operation can also be verified in the IPn3Gii Once IP Passthrough is enabled you can access the IPn3Gii WebUI by one of the following methods Remotely on the WAN side ...

Page 177: ...ing traffic is destined for a single device It is also popular to use DMZ in cases where a single device is connected but several ports are forwarded and other features of the IPnXGii are required since in passthrough mode all of these features are lost Consider the following example A user has a remote location that has several devices that need to be accessed remotely The User at PC1 can only se...

Page 178: ...rule for each of the lines above A rules does not need to be created for the first line as that was listed simply to show that the external port 80 was already used by default by the IPnXGii itself To create port forwarding rules Navigate to the Firewall Port Forwarding menu When creating rules each rules requires a unique name this is only for reference and can be anything desired by the user Cli...

Page 179: ...ilable when using a VPN tunnel A VPN tunnel can be created by using two IPnXGii devices each with a public IP address At least one of the modems require a static IP address VPN tunnels can also be created using the IPnXGii to existing VPN capable devices such as Cisco or Firebox Example IPnXGii to IPnXGii Site to Site Step 1 Log into each of the IPnXGiis Refer to Quick Start and ensure that the Fi...

Page 180: ...PN Gateway to Gateway tunnel on each IPnXGii Step 4 Submit changes to both units It should be possible to ping and reach devices on either end of the VPN tunnel if both devices have been configured correctly and have network connectivity Site A Site B A B C D E F G H Must Match ...

Page 181: ...the following means Customizable Rules MAC and or IP List ACL Access Control List or Blacklist using the above tools Consider the following example An IPn3Gii is deployed at a remote site to collect data from an end device such as a PLC or RTU connected to the serial DATA port Port 20001 on the WAN It is required that only a specific host Host A have access to the deployed IPn3Gii and attached dev...

Page 182: ... ADD Rule button once both rules are created select the Submit button to write the rules to the IPn3Gii The Firewall Rules Summary should look like what is shown below Step 3 Test the connections The IPn3Gii should only allow connections to the port specified from the Host A An alternate means to limit connections to the IPn3Gii to a specific IP would have been to use the MAC IP List Tool By using...

Page 183: ...to set up the IPnXGii Answer The APN is required to configure the IPnXGii to communicate with a wireless carrier Some carriers also require a username and password The APN username and password are only available from your wireless carrier Newer units may support an AUTO APN feature which will attempt to determine the APN from a preconfigured list of carriers and commonly used APN s This is design...

Page 184: ...to allow traffic _________________________________________________________________ Question I m using IP Passthrough but the serial ports won t work Answer When using IP Passthrough the Carrier IP is assigned to the device connected to the Ethernet port all traffic is passed through to that device As a result serials port will not work The only port not being passed through is the remote managemen...

Page 185: ...resolve any issues 1 Keepalive Attempts to contact a configured host on a defined basis Will reboot modem if host is unreachable Enabled by default to attempt to ping 8 8 8 8 May need to disable on private networks or provide a reachable address to check Access via Carrier Keepalive 3 Local Device Monitor The IPnXGii will monitor a local device if that device is not present the IPnXGii may reboot ...

Page 186: ... Microhard Systems Inc 186 150 Country Hills Landing NW Calgary Alberta Canada T3K 5P3 Phone 403 248 0028 Fax 403 248 2762 www microhardcorp com ...

Reviews:

No comments

Related manuals for IPn3Gii

Brand: 2Wire Pages: 30

Brand: Zennio Pages: 38

FieldServer ProtoNode

Brand: SMC Sierra Monitor Pages: 4

Brand: McQuay Pages: 52

WELLGATE 26 Series

Brand: WELLTECH Pages: 94

MultiVOIP MVP130BG

Brand: Bogen Pages: 2

Brand: Cisco Pages: 10

Brand: Cisco Pages: 7

Brand: Cisco Pages: 19

Network Device MGX 8240

Brand: Cisco Pages: 2

Physical Access CIAC-GW-K9

Brand: Cisco Pages: 26

Brand: Cisco Pages: 60

Brand: Cisco Pages: 58

Brand: Cisco Pages: 29

Brand: Cisco Pages: 94

Brand: Cisco Pages: 5

Brand: Cisco Pages: 10

Brand: Cisco Pages: 12

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands