manualshive.com logo in svg

NavigateWorx NR500 Series, User Manual, Page: 64 / 79

Share
Download
NavigateWorx NR500 Series User Manual Download Page 64

Industrial Cellular VPN Router NR500 Series                                                                                                                                            User Manual

 

                                                                                                                                                                                          Page 

63

  / 78

 

VPN->IPSec 

 

Enable 

Select Enable will launch the IPSec process. 

 

Description 

Enter a description for this IPSec VPN tunnel.

 

 

Remote Gateway 

Enter the IP address of the remote endpoint of the tunnel.

 

 

IKE Version 

Internet Key Exchange, select from “IKEv1” or “IKEv2”.

 

 

Connection Type 

Select from “Tunnel” 

or 

“Transport”. 

 

Tunnel: In tunnel mode, the entire IP packet is encrypted and authenticated. It is then encapsulated 
into a new IP packet with a new IP header. Tunnel mode is used to create virtual private networks for 
network-to-network communications. 
Transport: In transport mode, only the payload of the IP packet is usually encrypted or authenticated. 
The routing is intact, since the IP header is neither modified nor encrypted. 

 

Negotiation Mode 

Select from “

Main

” 

or 

Aggressive

”. 

 

 

Authentication Method 

Select from “

Pre-shared Key

” 

or 

Pre-shared Key and Xauth

”. 

 

 

Local Subnet 

Ener the IP address with mask if a network beyond the local LAN will be sending packets through the 
tunnel. 

NOTE: 

The Remote subnet and Local subnet addresses must not overlap! 

 

 

Local Pre-shared Key 

Enter the pre-shared key which match the remote endpoint.

 

 

Local ID Type 

The local endpoint's identification. The identifier can be a host name or an IP address. 

 

 

Xauth Identity 

Enter Xauth identity after 

Pre-shared Key and Xauth

 on authentication Method is enabled.

 

 

Xauth Password 

Enter Xauth password 

Pre-shared Key and Xauth

 on authentication Method is enabled.

 

 

Remote Subnet 

Enter an IP address with mask if encrypted packets are also destined for the specified network that is 
beyond the Remote IP Address.   

NOTE: 

The Remote subnet and Local subnet addresses must not overlap!

 

 

Remote ID Type 

The authentication address of the remote endpoint. 

 

Summary of Contents for NR500 Series

Page 1: ...Industrial Cellular VPN Router NR500 Standard User Manual Guangzhou Navigateworx Technologies Co Ltd www navigateworx com...

Page 2: ...his document is subject to change without notice and does not represent a commitment on the part of Navigateworx Technologies Navigateworx Technologies provides this document as is without warranty of...

Page 3: ...nless use has been approved or authorized Do not operate in locations where medical equipment that the device could interfere with may be in use Do not operate in fuel depots chemical plants or blasti...

Page 4: ...2 7 Install Antenna 17 2 8 DIN rail Mounting 18 2 9 Protective Grounding Installation 18 2 10 Power Supply Installation 19 2 11 Power On The Router 19 Chapter 3 Access to Web page 20 3 1 PC Configura...

Page 5: ...Maintenance 66 4 8 1 Upgrade 66 4 8 2 System 67 4 8 3 Configuration 71 4 8 4 Debug Tools 71 Appendix A Glossary 73 Appendix B Q A 74 No Signal 74 Cannot detect SIM card 74 Poor Signal 74 IPSec VPN es...

Page 6: ...RS232 and RS485 interfaces are provided to support Serial to IP communication NR500 series router also support 2 x digital input and 2 x Digital output for alarm applications NR500 series router supp...

Page 7: ...1 8V Wi Fi Interface Optional Standards 802 11b g n 300Mbps 2 x RP SMA male antenna connector Support Wi Fi AP and Client modes Security WEP WPA and WPA2 encryption Encryption AES TKIP WEP64 Ethernet...

Page 8: ...Policy RIPv2 OSPF BGP dynamic route optional Firewall Filter Port forwarding DMZ anti DoS ACL Serial port TCP server and client UDP Management Web SNMP 3rd party platform Power Supply and Consumption...

Page 9: ...Industrial Cellular VPN Router NR500 Series User Manual Page 8 78 1 4 Mechanical Specifications Dimension 104mm x 104mm x 38mm excluding antenna...

Page 10: ...nents NOTE if any of the below items is missing or damaged please contact your sales representative Included equipment 1 x Naviageteworx NR500 series Industrial Cellular VPN router Wi Fi optional NR50...

Page 11: ...er NR500 Series User Manual Page 10 78 1 x Quick Start Guide Optional Accessories sold separately 3G 4G cellular antenna Stubby antenna Magnet antenna RP SMA Wi Fi antenna Stubby antenna Magnet antenn...

Page 12: ...4GHz Wi Fi NR500 S3G A502333 3G Dual SIMs 2 x Eth 1 x RS232 3 PIN 1 x RS485 2 x DI 2 x DO 9 48VDC A512333 3G Dual SIMs 2 x Eth 1 x RS232 3 PIN 1 x RS485 2 x DI 2 x DO 9 48VDC 2 4GHz Wi Fi NR500 P4G A5...

Page 13: ...Page 12 78 Chapter 2 Installation 2 1 Product Overview Front Panel Wi Fi Antenna MAIN Cellular Antenna LED Indicator Serial port DIDO Ethernet port Wi Fi Antenna AUX Cellular Antenna Left Side Panel S...

Page 14: ...Industrial Cellular VPN Router NR500 Series User Manual Page 13 78...

Page 15: ...ty network service depend on Radio e g Radio support LTE as Highest priority network then WCDMA and GPRS is non highest priority network Off Register failed USR SIM Green On Router is trying cellular...

Page 16: ...re are two LED indicators for each Ethernet port Due to the chipset design NR500 router would only light up the green one Link indicator on left side the right LED is Off without meaning 2 4 PIN Defin...

Page 17: ...Reboot Press the RST button within 3s under operation status Factory Reset Press the RST button between 3s to 10s all LED blink few times then reboot automatically 2 6 Insert SIM card Insert Remove S...

Page 18: ...enna to the MAIN and AUX connector on the unit NOTE NR500 router supports dual antennas with MAIN and AUX connectors MAIN connector is for data receiving and transmission AUX connector is for enhancin...

Page 19: ...t the upper lip of the DIN rail into the DIN rail mounting kit 3 Press the router towards the DIN rail until it snaps into place 2 9 Protective Grounding Installation 1 Remove the grounding nut 2 Conn...

Page 20: ...e unit then loosen the screws for the locking flanges as needed 2 Connect the wires of the power supply to the terminals 2 11 Power On The Router 1 Connect one end of the Ethernet cable to the LAN por...

Page 21: ...y Obtain an IP address automatically The process required to do this differs depending on the version of Windows you are using NOTE The following steps are based on Windows 7 select Start Control Pane...

Page 22: ...ult gateway and DNS server is not necessary if PC not routing all traffic go through NR500 router 3 2 Factory Default Settings NR500 router supports Web based configuration interface for management If...

Page 23: ...ser Manual Page 22 78 3 3 Login to Web Page 1 Start a Web browser on your PC Chrome and IE are recommended enter 192 168 5 1 into the address bar of the web browser 2 Then use the default username and...

Page 24: ...n 4 1 Web Interface The NR500 router Web interface is divided into two sections In the left pane is the main navigation menu On the right is the content area for each page NOTE The navigation menu may...

Page 25: ...Page 24 78 Reboot reset the router within power disconnect Logout logout to web authorization page Save save the configuration on current page Apply apply the changes on current page immediately Close...

Page 26: ...he model name of router System Uptime Displays the duration the system has been up in hours minutes and seconds System Time Displays the current date and time RAM Usage Displays the RAM capacity and t...

Page 27: ...ess Displays the IP address assigned to this interface Netmask Displays the subnet mask of this interface Gateway Displays the gateway of this interface This is used for routing packets to remote netw...

Page 28: ...78 4 2 2 Syslog Syslog Information Download Diagnosis Download the Diagnosis file for analysis Download Syslog Download the complete syslog since last reboot Clear Clear the current page syslog print...

Page 29: ...e Click to edit current interface settings Click to delete current interface Connection Manager Status Type Displays the connection interface Status Displays the connection status of this interface IP...

Page 30: ...ary Server Enter the primary IP address that pings will be sent to to detect the link state Recommend entering the IP address of known external reachable server or network e g 8 8 8 8 Secondary Server...

Page 31: ...e duration of each ICMP detection in seconds Retry Interval The interval in seconds between each ping if no packets have been received Timeout Enter timeout for received ping reply to determine the IC...

Page 32: ...ation Displays the registration status of SIM card CSQ Displays the signal strength of the carrier network Operator Displays the wireless network provider Network Type Displays the RF technology curre...

Page 33: ...ription TX Bytes Displays the total bytes transmitted since the time the unit was connected NR500 router would record this data with same SIM card reboot would not erase this data RX Bytes Displays th...

Page 34: ...to unlock the SIM Monthly Data Limitation Enter the data total amount for SIM card SIM card switchover when data reach limitation Monthly Billing Day Enter the date of renew data amount every month Ov...

Page 35: ...the current IP address assigned to DHCP client Ethernet Status Ethernet Port Information Displays the port physical connected states Interface Information Displays the name and MAC address of Ethernet...

Page 36: ...ction Type If you select DHCP Client external DHCP server will assign an IP address to this unit NAT Enable Enable or Disable NAT Network Address Translation MTU Maximum Transmission Unit maximum pack...

Page 37: ...nown this can be left as all zeros Primary DNS IP address of the primary DNS server Secondary DNS IP address of the secondary DNS server Authentication Type Authentication method used by the carrier P...

Page 38: ...Address Enter LAN IP address for this interface Netmask Enter subnet mask for this subnet MTU Maximum Transmission Unit maximum packet size allowed to be transmitted Should be left as default value of...

Page 39: ...rom DHCP server Lease Time The lease time of the IP address obtained by DHCP clients from DHCP server Gateway The gateway address obtained by DHCP clients from DHCP server Primary DNS Primary DNS serv...

Page 40: ...ot both simultaneously Select Wi Fi Access Point from the main navigation menu to Wi Fi default as Access Point page which contains tabs for configuration of the Wi Fi Access Point interface You could...

Page 41: ...ble Broadcast SSID When the checkbox is not checked SSID broadcast is disabled other wireless devices can t not find the SSID and users have to enter the SSID manually to access to the wireless networ...

Page 42: ...2 11n to characterize the communication rate of the WLAN The MCS takes the factors affecting the communication rate as the columns of the table and uses the MCS index as a row to form a rate table TX...

Page 43: ...Industrial Cellular VPN Router NR500 Series User Manual Page 42 78 Wi Fi Client Wi Fi Client settings page as below...

Page 44: ...the primary DNS server will override the automatically obtained DNS Connection Type Select from DHCP Client or Static IP address IP Address Static address for this interface It must be on the same su...

Page 45: ...l IO from the main navigation menu to navigate to this page 4 4 1 Serial You could review the status of serial connection Serial Status Enable Displays status of current serial function Serial Type Di...

Page 46: ...onnection Enable Displays status of current serial function Port Displays the serial type of COM port Baud Rate Displays the serial port baud rate Data Bits Displays the serial port Data Bits Stop Bit...

Page 47: ...m Transmission Unit maximum packet size allowed to be transmitted Should be left as default value of 1024 in most cases Protocol Select the mode for Serial IP communication Supported modes are UDP TCP...

Page 48: ...ect UDP on Protocol Serial Connection Settings Local IP Address Enter the IP Address of the local endpoint Local Port The port number assigned to the serial IP port on which communications will take p...

Page 49: ...ling the slave device by digital signal You could review the status of Digital IO as below Digital IO Status Enable Displays status of current digital IO function Logic Level Displays the electrical l...

Page 50: ...t Low means low electrical level output Pulse will generate a square wave as specified in the pulse mode parameters when triggered Alarm OFF Action Initiates when alarm disappeared Select from High Lo...

Page 51: ...ed traffic transit rules based on the requirement Firewall ACL Default Policy Select the Accept or Drop from the list the packets which are not included in the access control list will be processed by...

Page 52: ...lowing the Destination Address A specific IP address can also be specified or a range of IP addresses via a bitmask the box following the Firewall Port Mapping Description Add a description for this r...

Page 53: ...the DMZ is open to all incoming WAN IP addresses DMZ Host Address The WAN IP address which has all ports exposed except ports defined in the Port Forwarding configuration 4 5 2 Route Static Routing re...

Page 54: ...s of the local gateway Interface Please refer to the Network Route Status interface 4 5 3 VRRP The Virtual Router Redundancy Protocol VRRP is a computer networking protocol that provides automatic ass...

Page 55: ...outer ID User defined Virtual Router ID Range 1 255 Authentication Type Select the authentication type for VRRP Priority Enter the VRRP priority range is 1 254 a bigger number indicates a higher prior...

Page 56: ...namic DNS services DDNS free or for a charge You could review the status of DDNS as below DDNS Enable Check this box to enable the DDNS service DDNS Provider Select the DDNS provider from the list opt...

Page 57: ...ated with the account Hostname Enter the hostname associated with the account Log Level Select the log output level from none Debug Notice Info and Error 4 6 2 Schedule Reboot Schedule reboot allows u...

Page 58: ...curity framework modular network design and cross platform portability You could review all OpenVPN connection as below VPN OpenVPN Status Enable Displays current OpenVPN settings is enable or disable...

Page 59: ...rotocol Select from UDP or TCP Client Connection Type Select from TUN TAP which are two different kinds of device interface for OpenVPN The difference between TUN and TAP device is that a TUN device i...

Page 60: ...nter the remote virtual IP address when select P2P mode Local Netmask Enter the local netmask when select TAP connection type TAP Bridge Select the specified LAN that bridge with OpenVPN tunnel when s...

Page 61: ...ncryption standard used to describe personal identity information Enable X 509 Attribute nsCertType Require that peer certificate was signed with an explicit nsCertType designation of server Enable HM...

Page 62: ...urrent connection index for OpenVPN channel CA Certificate Import CA certificate file Local Certificate File Import Local Certificate file Local Private Key Import Local Private Key file HMAC Firewall...

Page 63: ...be displayed in the Tunnel Table at the bottom of the page All tunnels are create using the ESP Encapsulating Security Payload protocol VPN IPSec Status Enable Displays current IPSec settings is enabl...

Page 64: ...ted Negotiation Mode Select from Main or Aggressive Authentication Method Select from Pre shared Key or Pre shared Key and Xauth Local Subnet Ener the IP address with mask if a network beyond the loca...

Page 65: ...Algorithm ESP Select 3DES AES 128 AES 192 or AES 256 encryption Hash Algorithm ESP Select from MD5 SHA1 SHA2 256 SHA2 384 or SHA2 512 hashing Diffie Hellman Group ESP Negotiate None or use 768 Group 1...

Page 66: ...t provides a channel through which encapsulated data message could be transmitted and encapsulation and decapsulation could be realized at both ends VPN GRE Status Enable Displays current GRE settings...

Page 67: ...box to enable NAT function 4 8 Maintenance 4 8 1 Upgrade When newer versions of NR500 firmware become available the user can manually update the unit by uploading a package to the unit NOTE The unit...

Page 68: ...fined the User LED behavior Time Zone Select the zone where the device is in use Customized Time Zone Customized the zone where the device is in use Enable NTP Client Selected Enabled to utilize the N...

Page 69: ...ent administrator default as admin Old Password Enter the old password of administrator New Password Enter the new password of administrator Confirm Password Confirm the new password of administrator...

Page 70: ...Check this box to enable remote syslog connection Remote Syslog Server Enter the IP address of remote syslog server Remote Syslog Port Enter the port for remote syslog server listening System Web Ser...

Page 71: ...SSH SSH Port Enter the port for SSH access A well known port for HTTP is port 22 Allow Password Authentication Check this box to enable SSH authentication Public Key Enter the public Key SSH authenti...

Page 72: ...ings from the NR500 router to a file you can Import these previously saved configuration settings to the NR500 router as well System Configuration Restore Reset the unit to factory default settings Do...

Page 73: ...Industrial Cellular VPN Router NR500 Series User Manual Page 72 78 Debug Tools Traceroute Host Address Enter a host IP address or domain name for traceroute Max Hops Enter the max hops for traceroute...

Page 74: ...ted Circuit Card Identifier PIN Personal Identification Number PPP Point to Point Protocol RSSI Received Signal Strength Indication SIM Subscriber Identity Module SMS Short Message Service DHCP Dynami...

Page 75: ...em is detected correctly or not Cannot detect SIM card Phenomenon NR500 Router cannot detect SIM card cellular is not failed to connect to base station Possible Reason SIM card damage SIM bad contact...

Page 76: ...terested traffic IPSec second phase ESP settings is not match Solution Check the both subnet settings Check IPSec second phase ESP setting Forget Router Password Phenomenon Forget router login passwor...

Page 77: ...ge Protection 36 VDC 3 Over Current Protection 100mA per channel 25 C Dry Contact Typical Application Switch ON Short to V DI Logic LOW Switch OFF Open DI Logic HIGH Switch1 Switch2 Digital Output Typ...

Page 78: ...mands config Change to the configuration mode exit Exit this CLI session help Display an overview of the CLI syntax ping Ping reboot Reboot system show Show running configuration or running status tel...

Page 79: ...ing and a subsequent repeat of the key will display possible completions enter Auto completes syntax checks then executes a command If there is a syntax error then offending part of the command line w...

Reviews:

No comments