Proroute GEM 2M User Manual Download Page 84

Page: 84 / 154

Proroute

GEM

Router

GEM-2M series User Manual

3.2.3.2 IPSec

Internet Protocol Security (IPSec) is a protocol suite for securing Internet Protocol (IP)

communications by authenticating and encrypting each IP packet of a communication

session. IPSec includes protocols for establishing mutual authentication between agents

at the beginning of the session and negotiation of cryptographic keys to be used during

the session.

An IPSec VPN tunnel is established between IPSec client and server. Sometimes, we call

the IPSec VPN client as the initiator and the IPSec VPN server as the responder. There

are two phases to negotiate between the initiator and responder during tunnel

establishment, IKE phase and IPSec phase. At IKE phase, IKE authenticates IPSec peers

and negotiates IKE SAs (Security Association) during this phase, setting up a secure

channel for negotiating IPSec SAs in phase 2. At IPSec phase, IKE negotiates IPSec SA

parameters and sets up matching IPSec SAs in the peers. After these both phases, data is

transferred between IPSec peers based on the IPSec parameters and keys stored in the

SA database.

3.2.3.2.1 IPSec VPN Tunnel Scenarios

There are some common IPSec VPN connection scenarios as follows:



Site to Site

The device establishes IPSec VPN tunnels with security gateway in headquarters

or branch offices. Either local or remote peer gateway which can be recognized by

a static IP address or a FQDN can initiate the establishing of an IPSec VPN tunnel

Two peers of the tunnel have their own Intranets and the secure tunnel serves for

data communication between these two subnets of hosts.



Dynamic

VPN

Business Security Gateway can ignore IP information of clients when using

Dynamic VPN, so it is suitable for users to build VPN tunnels with Business

Security Gateway from a remote mobile host or mobile site. Remote peer is a host

or a site will be indicated in the negotiation packets, including what remote subnet

Summary of Contents for GEM 2M

Page 1: ...User Manual GEM 2M LTE 4G M2M Router www proroute co uk...

Page 2: ...ecting Serial Devices 16 2 1 6 Connecting to the Network or a Host 17 2 2 EASY SETUP BY CONFIGURING WEB UI 18 2 2 1 Wizard 18 2 2 1 1 Configure with the Network Setup Wizard 19 2 2 1 2 Configure with...

Page 3: ...OSPF 57 3 1 5 2 3 BGP 58 3 1 5 3 Routing Information 59 3 1 6 Client Server Proxy 59 3 1 6 1 Dynamic DNS 59 3 1 6 2 DHCP Server 60 3 1 6 2 1 DHCP Server List 60 3 1 6 2 2 DHCP Server Configuration 61...

Page 4: ...iguration 83 3 2 3 2 IPSec 84 3 2 3 2 1 IPSec VPN Tunnel Scenarios 84 3 2 3 2 2 IPSec Configuration 85 3 2 3 2 3 Tunnel List Status 86 3 2 3 2 4 Tunnel Configuration 86 3 2 3 2 5 Local Remote Configur...

Page 5: ...3 2 4 1 VRRP 103 3 2 5 System Management 104 3 2 5 1 TR 069 104 3 2 5 2 SNMP 105 3 2 5 3 Telnet with CLI 107 3 2 5 4 UPnP 108 3 2 6 Certificate 108 3 2 6 1 My Certificates 109 3 2 6 1 1 Root CA 109 3...

Page 6: ...ng 144 3 4 3 2 1 Host Group List 144 3 4 3 2 2 Host Group Configuration 145 3 4 3 3 File Extension Grouping 145 3 4 3 3 1 File Extension Group List 145 3 4 3 3 2 File Extension Group Configuration 145...

Page 7: ...anslated into any language or transmitted in any form or by any means mechanical magnetic electronic optical photocopying manual or otherwise without the prior written permission Trademarks All produc...

Page 8: ...2M series product is loaded with superb security features including VPN firewall NAT port forwarding DHCP server and many other powerful features for complex and demanding business and M2M Machine to...

Page 9: ...ontents Quantity 1 GEM 2M series 4G Router 1pcs 2 Cellular Antenna 2pcs 3 Power Adapter DC 12V 2A 1 1pcs 4 DC Jack Converter 1pcs 5 RJ45 Cable 1pcs 6 Console Cable 1pcs 7 CD Manual 1pcs 8 Mounting Bra...

Page 10: ...3 0 or higher Safari 3 0 or higher CD Installation Wizard Requirements Computer with the following Windows 7 Vista or XP with Service Pack 2 An installed Ethernet adapter CD ROM drive Do not use the...

Page 11: ...ovides user with a quick and easy way to resort the default setting Press the RESET button continuously for 6 seconds and then release it The device will restore to factory default settings Bottom Vie...

Page 12: ...Proroute GEM 2M 4G Router GEM 2M series User Manual 12 Left View Right View 3G LTE Antenna Power Terminal Block Serial Port SD Card DI DO Terminal Block...

Page 13: ...Signal Green Steady ON The signal strength of Cellular is strong Low Cellular Signal Green Steady ON The signal strength of Cellular is weak LAN Green Steady ON Ethernet connection of LAN WAN is esta...

Page 14: ...bracket is not screwed on the product when out of factory Please screw the DIN rail bracket on the product first if necessary 2 1 2 Insert the SIM Card WARNNING BEFORE INSERTING OR CHANGING THE SIM C...

Page 15: ...arity There are a DC converter and a DC12V 2A power adapter5 in the package for you to easily connect DC power adapter to this terminal block 4 If both of power source 1 and power source 2 are connect...

Page 16: ...Trigger Voltage high Logic level 1 5V 30V Normal Voltage low Logic level 0 0V 2 0V Digital Output Voltage Relay Mode Depends on external device maximum voltage is 30V Maximum Current 1A Example of Con...

Page 17: ...nect 10 100Mbps Ethernet It can auto detect the transmission speed on the network and configure itself automatically Connect one Ethernet cable to the RJ45 port LAN of the device on the front panel an...

Page 18: ...ct your language from the Language list The user manual uses English for the illustration of all functions in the device 2 2 1 Wizard Select Wizard for basic network settings and VPN settings in a sim...

Page 19: ...login password time zone WAN interface and Ethernet LAN interface One EXIT button at the upper right corner of each window is provided for you to quit the setup process Press Next to start the wizard...

Page 20: ...se the physical interface and WAN type for Internet connection Because the device provides only 3G 4G physical interface and the only WAN type for the interface is also named as 3G 4G Leave them be wi...

Page 21: ...nue Step 6 Confirm and Apply Check the new settings again If all information is correct please press Apply button to save new settings Then it will take 65 seconds to restart this gateway and take new...

Page 22: ...s of tunnel scenario can be chosen Site to Site is for two offices to create a VPN tunnel Site to Host is for one office to access one specific server via an IPSec tunnel Host to Site is for service a...

Page 23: ...if you want this device to connect to another PPTP server Or choose Server if you want other PPTP clients to connect to it Press Next to continue If choosing PPTP Client please input tunnel name IP FQ...

Page 24: ...to add more users Press Next to continue Step 3 3 L2TP If choosing L2TP there are two options of mode can be chosen Choose Client if you want this device to connect to another L2TP server Or choose S...

Page 25: ...to add more users Press Next to continue Step 3 4 GRE If choosing GRE please input tunnel name IP address of remote GRE peer Key ID and choose default gateway remote subnet Please make sure these set...

Page 26: ...he bottom of this page Connection Diagram 1 3G 4G Icon Indicates if 3G 4G connection is established or not 2 Wired Client Icon Indicates how many Ethernet clients are connected now WAN Interface IPv4...

Page 27: ...ength and network carrier name of 3G 4G connection Internet Traffic Statistics Display number of transmitted packets and received packets of 3G 4G WAN interface Device Time Display current time inform...

Page 28: ...all blocked URLs of firing activated URL blocking rules One Edit button in the URL Blocking caption can let you change its settings Another or button at the upper right corner can unfold or fold the...

Page 29: ...corner can unfold or fold the intrusion events Options Display option settings of firewall 2 2 2 4 VPN Status In VPN Status page you can review lots information of VPN status including IPSec status P...

Page 30: ...its settings L2TP Client Status Display the status of all activated L2TP clients One Edit button in the L2TP Client Status caption can let you change its settings 2 2 2 5 System Management Status In S...

Page 31: ...sic Network setup Advanced Network setup Applications setup or system related setup and operations These task buttons can be easily found in the cover page of the UI User Interface Enter the default p...

Page 32: ...ws the Network Connection Status below You can also check status of connected clients at LAN Client List page and other advanced function status at Firewall Status page VPN Status page and System Mana...

Page 33: ...ace Click on the Edit button for the WAN interface and you can get the detail physical interface settings and then configure the settings as well By default the WAN 1 interface is forced to Always on...

Page 34: ...nding WAN connection Such information will be referred in QoS function to manage the traffic load for each kind of services 4 VLAN Tagging If your ISP required a VLAN tag to be inserted into the WAN p...

Page 35: ...Only or SIM B Only for 3G 4G connection There are two SIM card slots on this gateway and with four kinds of SIM card usage scenarios including SIM A First SIM B First SIM A Only and SIM B Only By defa...

Page 36: ...Type Configuration window All configuration items are the same in SIM A and SIM B configuration Furthermore there is also a common configuration window for 3G 4G connection after 3G 4G WAN Type Config...

Page 37: ...and service provider for manual dial up profile system will show related APN value Change it if it is not correct for you 4 PIN Code Enter PIN code of SIM card if your SIM card needs it to unlock 5 D...

Page 38: ...about this setting 4 NAT By default it is enabled If you disable this option there will be no NAT mechanism between LAN side and WAN side 5 Network Monitoring You can do preferred settings by using th...

Page 39: ...r other host that you need to input IP address manually 6 IGMP Enable or disable multicast traffics from Internet You may enable as auto mode or select by the option list of IGMP v1 IGMP v2 IGMP v3 an...

Page 40: ...ients are allowed in one network or subnet The default subnet mask is 255 255 255 0 24 and it means maximum 254 IP addresses are allowed in this subnet However one of them is occupied by LAN IP addres...

Page 41: ...ilding All client hosts in same department should own common access property and QoS property You can select either one operation mode port based VLAN or tag based VLAN and then configure according to...

Page 42: ...onfigure Lobby segment with VLAN ID 4 The VLAN group includes Port 4 with NAT mode and DHCP 3 server equipped He also configure Lab Servers segment with VLAN ID 3 The VLAN group includes Port 3 with N...

Page 43: ...om Router device and delivers them in the Intranet VLAN membership in a tagged VLAN is determined by VLAN ID information within the packet frames that are received on a port Administrator can further...

Page 44: ...Internet Access Administrator can specify members of one VLAN group to be able to access Internet or not Following is an example that VLAN groups of VID is 1 and 4 can access Internet but the one wit...

Page 45: ...owing diagram VLAN groups of VID is 1 and 3 can access each other but the ones between VID 3 and VID 4 and between VID 1 and VID 4 can t 3 1 2 2 2 Port Based VLAN Since there is only one physical Ethe...

Page 46: ...ly one VLAN group 5 WAN VID The VLAN Tag ID that come from the ISP service For NAT type VLAN no WAN VLAN tag is allowed and the value is forced to 0 For Bridge type VLAN You have to specify the VLAN T...

Page 47: ...the packet will be un tagged before it is forward to Internet and all the packets from Internet will be tagged with the VLAN ID before it is forward to the destination belongs to this configuring VLAN...

Page 48: ...dress auto configuration network renumbering and router announcements when changing Internet connectivity providers This gateway supports two types of IPv6 connection 6to4 6in4 Please ask your ISP of...

Page 49: ...You may set stateless or stateful Dynamic IPv6 3 Router Advertisement Lifetime You can set the time for the period that the router send broadcast its router advertisement Each router periodically mul...

Page 50: ...DNS Please enter IPv6 primary DNS address and secondary DNS address 3 MLD Snooping MLD snooping IPv6 multicast data is selectively forwarded to a list of ports that want to receive the data instead of...

Page 51: ...t may multicast a Router Solicitation to ask for immediate advertisements rather than waiting for the next periodic ones to arrive if and only if no advertisements are forthcoming the host may retrans...

Page 52: ...y enabling the Virtual Server Mapping Press Add button to add new rule for Virtual Server A virtual server is defined as a Public Port and all requests to this port will be redirected to the computer...

Page 53: ...eature can protect Intranet from outside attacks but sometimes also blocks some applications such as SIP VoIP In this situation the NAT gateway needs to do special process ALG for each application Thi...

Page 54: ...lt it is always turned on when the rule is enabled 4 Rule Check this item to enable the Special AP rule 3 1 4 4 DMZ DMZ DeMilitarized Zone Host is a host without the protection of firewall It allows a...

Page 55: ...g path and allow different subnets to communicate with each other 3 1 5 1 Static Routing For static routing you can specify up to 32 routing rules The routing rules allow you to determine which physic...

Page 56: ...termine the best possible route It will go in the direction of the gateway with the lowest metric 5 Rule Check the Enable box to enable this static routing rule 3 1 5 2 Dynamic Routing The feature of...

Page 57: ...erwise please select RIPv1 if you need this protocol 3 1 5 2 2 OSPF OSPF is an interior gateway protocol that routes Internet Protocol IP packets solely within a single routing domain autonomous syste...

Page 58: ...f IP networks or prefixes which designate network reach ability among autonomous systems AS It is described as a path vector protocol BGP does not use traditional Interior Gateway Protocol IGP metrics...

Page 59: ...ccess your server if your WAN IP address changes all the time One way is to register a new domain name and maintain your own DNS server Another simpler way is to apply a domain name to 3 party DDNS se...

Page 60: ...e DDNS provider you registered 5 Password Key Input password or key based on the DDNS provider you select Afterwards click on Save to store your settings or click Undo to give up the changes 3 1 6 2 D...

Page 61: ...erve the DHCP requests from different client hosts 2 LAN IP Address Specify the local IP address of the enabled DHCP Server It s the LAN IP address of this gateway for DHCP 1 server Normally this IP a...

Page 62: ...main Name Optional this information will be passed to the clients 7 Primary DNS Secondary DNS Optional This feature allows you to assign DNS Servers 8 Primary WINS Secondary WINS Optional This feature...

Page 63: ...This device also supports many advanced network features such as Firewall QoS Bandwidth Management VPN Security Redundancy System Management Certificate and Communication Bus You can finish those conf...

Page 64: ...a rule It enables you to control what packets are allowed or blocked to pass the router Outbound filters are applied to all outbound packets However inbound filters are applied to packets that destine...

Page 65: ...st of all packet filter rules You can add one new rule by clicking on the Add command button But also you can modify some existed packet filter rules by clicking corresponding Edit command buttons at...

Page 66: ...esses 6 Destination Port Choose User defined Service to let you specify manually the destination service port of packets that want to be filtered out in the packet filter rule You can define a single...

Page 67: ...o filtering policies for the defined rules in URL Blocking Rule List Allow all to pass except those match the specified rules Black List Deny all to pass except those match the specified rules White L...

Page 68: ...ule 2 URL Domain Name Keyword If any part of the Website s URL matches the pre defined words the connection will be blocked You can enter up to 10 pre defined words in a rule and each URL keyword is s...

Page 69: ...ation 1 Web Content Filters Check the Enable box if you want to enable Web Content Filters function 2 Popular File Extension List Check which extension types Cookie Java ActiveX are to be blocked 3 Lo...

Page 70: ...Rule Name The name of Web Content Filter rule 2 User defined File Extension List You can enter up to 10 file extensions to be blocked in a rule by using to concatenate these file extensions 3 Schedule...

Page 71: ...at system will record MAC control events when control rules are fired 4 Known MAC from LAN PC List You can see all of connected clients from this list and copy their MAC address to the MAC Control Rul...

Page 72: ...he schedule rule you specified and give user more flexibility on access control By default it is always turned on when the rule is enabled For more details please refer to the System Scheduling menu 4...

Page 73: ...lways turned on when Application Filters function is enabled For more details please refer to the System Scheduling menu 3 2 1 7 IPS IPS Intrusion Prevention Systems are network security appliances th...

Page 74: ...g packet to detect if this packet is valid 3 Discard PING from WAN If this feature is enabled this gateway won t reply any ICMP request packet from WAN side It means any remote host can t get response...

Page 75: ...main goal of QoS BWM Quality of Service and Bandwidth Management is prioritizing incoming data and preventing data loss due to factors such as jitter delay and dropping Another important aspect of Qo...

Page 76: ...guarantee fair bandwidth usage for same subscribed condition and flexible bandwidth management in a more flexible approach Integrated with Multi WAN load balance function to maximize the total network...

Page 77: ...andwidth Management Apply flexible bandwidth management on the specific WAN interface by checking the Enable box 3 2 2 2 Rule based QoS This gateway provides lots of flexible rules for you to set QoS...

Page 78: ...g The last resource is Connection Sessions the related control function is limiting connection sessions Individual Group Control One QoS rule can be applied to individual member or whole group in the...

Page 79: ...QoS rule again 3 2 2 2 3 QoS Rule Configuration It supports the adding of one new rule or the editing of one existed rule There are some parameters need to be specified in one QoS rule They are Inter...

Page 80: ...ce gateway supports DSCP tags The DSCP categories that this gateway can detect are as below You need to choose a correct one according to your device s specification When TOS is selected for Service T...

Page 81: ...u want to apply the value of control setting on each selected host in the Group you need to select Individual Control for Sharing Method On the other hand if the value of control setting wants to be a...

Page 82: ...rce Select DiffServ Code Points Control Function Select DSCP Marking with AF Class 2 High Drop QoS Direction Select Inbound for inbound traffic only Sharing Method Select Group Control Schedule Leave...

Page 83: ...to send and receive data across shared or public networks as if it were directly connected to the private network while benefitting from the functionality security and management policies of the priv...

Page 84: ...IPSec SAs in phase 2 At IPSec phase IKE negotiates IPSec SA parameters and sets up matching IPSec SAs in the peers After these both phases data is transferred between IPSec peers based on the IPSec p...

Page 85: ...usiness Security Gateway will goes over the VPN tunnel That is if a user is operating at a PC that is in the Intranet of remote Business Security Gateway all application packets and private data packe...

Page 86: ...ax Tunnels The device supports up to 32 IPSec tunnels but you can specify it with the number of maximum current activated IPSec tunnels that is smaller or equal to 32 5 You can add new edit or delete...

Page 87: ...is Ping IP and other options depend on product models Input the IP address of remote host that exists in the opposite side of the VPN tunnel Ex You can input the LAN IP address of remote Business Sec...

Page 88: ...a the VPN tunnel There are 5 entries for Remote Netmask 6 Remote Gateway Enter the IP address or FQDN of remote Business Security Gateway 3 2 3 2 6 Authentication 1 Key Management Select IKE Pre share...

Page 89: ...mote mobile VPN clients You can not only configure a VPN rule with a pre shared key for all remote users but you can also designate account password for specific users that are permitted to establish...

Page 90: ...nd Group14 18 4 Enable Check this box to enable the IKE Proposal during tunnel establishing 3 2 3 2 9 IPSec Phase 1 Phase 2 Key Life Time The value of life time represents the life time of the key whi...

Page 91: ...e algorithms can be selected DES 3DES AES 128 AES 192 and AES 256 Encryption key is used by the encryption algorithm Its length is 16 in hex format if encryption algorithm is DES or 48 if 3DES However...

Page 92: ...ide security levels and remote access levels comparable with typical VPN products 3 2 3 3 1 PPTP L2TP VPN Tunnel Scenarios There are some common PPTP L2TP VPN connection scenarios as follows PPTP L2TP...

Page 93: ...on 2 Server Virtual IP It is the virtual IP address of PPTP server used in PPTP tunneling This IP address should be different from the gateway one and members of LAN subnet of Business Security Gatewa...

Page 94: ...ct box at the end of each user account list and then clicking on the Delete button 3 Account Check the Enable box to validate the user account 4 Edit You can edit one user account configuration by cli...

Page 95: ...el 1 Add You can add one new PPTP client tunnel by clicking on the Add button 2 Delete Delete selected tunnels by checking the Select box at the end of each tunnel list and then clicking on the Delete...

Page 96: ...ocol as PAP CHAP MS CHAP or MS CHAP v2 The protocol you choose must be supported by remote PPTP server 9 MPPE Encryption Check the Enable box to activate MPPE encryption Please note that MPPE needs to...

Page 97: ...server function 2 L2TP over IPSec L2TP over IPSec VPNs allow you to transport data over the Internet while still maintaining a high level of security to protect data Enter a Pre shared key that syste...

Page 98: ...in L2TP clients by clicking on the Disconnect button 3 2 3 4 3 User Account List You can input up to 10 different user accounts for dialing in L2TP server 1 Add You can add one new user account by cli...

Page 99: ...List Status You can add new up to 22 different L2TP client tunnels by clicking on the Add button and modify each tunnel configuration by clicking on the corresponding Edit button at the end of each ex...

Page 100: ...to own the Default Gateway property However when Peer Subnet is chosen peer subnet parameter needs to be filled and it should be the LAN subnet of remote L2TP server If an Intranet packet wants to go...

Page 101: ...try once system LCP echo fails You also can choose User defined option to define the time interval and the retry times by yourself The last option is Disable 12 Tunnel Check the Enable box to activate...

Page 102: ...nnel configuration by clicking the Edit button at the end of each tunnel list 3 2 3 5 4 GRE rule Configuration 1 Tunnel Enable or disable this GRE tunnel 2 Tunnel Name The name of this GRE tunnel 3 Tu...

Page 103: ...otocol VRRP is a computer networking protocol providing device redundancy It allows a backup router or switch to automatically take over if the primary master router or switch fails This increases the...

Page 104: ...store what you just select or Undo to give up 3 2 5 System Management This device supports many system management protocols such as TR 069 SNMP Telnet with CLI and UPnP You can finish those configura...

Page 105: ...al SNMP uses one or more administrative computers called managers have the task of monitoring or managing a group of hosts or devices on a computer network Each managed system executes at all times a...

Page 106: ...onnected computer can get some information of the device with SNMP protocol 3 SNMP Version Supports SNMP V1 and V2c 4 Get Community The community of GetRequest that this device will respond This is a...

Page 107: ...t by checking the Enable box Afterwards click on Save to store your settings or click Undo to give up the changes 3 2 5 3 Telnet with CLI A command line interface CLI also known as command line user i...

Page 108: ...ocess which is error prone and time consuming This device supports the UPnP Internet Gateway Device IGD feature By default it is disabled 3 2 6 Certificate In cryptography a public key certificate als...

Page 109: ...impersonating a secure website or other server They are also used in other important applications such as email encryption and code signing Here it can be used in IPSec tunneling for user authenticati...

Page 110: ...Organization O The company whom the certificate authority belongs to Organization Unit OU The company department whom the certificate authority belongs to Common Name CN The common name for certifica...

Page 111: ...t Name The Subject Name include seven information Country C The two character country code of the certificate is located State ST The state where the certificate is located Location L The city where t...

Page 112: ...its PEM codes by checking the View button You can download the local certificate file by clicking on the Download button 3 2 6 2 Trusted Certificates Trusted Certificates include Trusted CA Certificat...

Page 113: ...ate of trusted external CA by clicking on the Import button There are two approaches to import it One is from a file and another is copy paste the PEM codes in Web UI and then click on the Apply butto...

Page 114: ...the trusted CA file by clicking on the Download button 3 2 6 2 2 Trusted Client Certificate List This feature can show the list of all certificates information Each Certificate involve field of certi...

Page 115: ...y paste the PEM codes in Web UI and then click on the Apply button You also can delete one trusted client certificate by checking corresponding Select box and clicking on the Delete button You can vie...

Page 116: ...issue the request here and let Root CA sign it There are two approaches to issue it One is from a file and another is copy paste the CSR codes in Web UI and then click on the Sign button After signin...

Page 117: ...e function of Virtual COM or Modbus you need to configure the RJ12 female port first 1 Operation Mode Choose the purpose of serial port It can be Virtual COM or Modbus You can also disable it to preve...

Page 118: ...de In TCP Client mode GEM 2M can actively establish a TCP connection to a pre defined host computer when serial data arrives After the data has been transferred GEM 2M can automatically disconnect fro...

Page 119: ...u can enter IP address or FQDN of remote host TCP server that you want to communicate 6 Remote Port Enter the TCP port that remote host TCP server is listening 7 Definition Check this checkbox to enab...

Page 120: ...if it idles longer than this timeout setting 6 Alive Check Timeout Input the time period of alive check timeout The TCP connection will be terminated if it doesn t receive response of alive check lon...

Page 121: ...nition Check this checkbox to enable this rule RFC2217 Mode In the RFC2217 mode it is a standard driver that provides Virtual COM function RFC2217 defines general COM port control options based on tel...

Page 122: ...nnection will be terminated if it idles longer than this timeout setting 5 Alive Check Timeout Input the time period of alive check timeout The connection will be terminated if it doesn t receive resp...

Page 123: ...Proroute GEM 2M 4G Router GEM 2M series User Manual 123...

Page 124: ...24 TCP Test Tools can be configured the following steps 1 IP Address setting the GEM 2M Gateway address ex 192 168 123 254 2 Port should be same as the listen port of GEM 2M 3 Click the Connect button...

Page 125: ...Proroute GEM 2M 4G Router GEM 2M series User Manual 125 In the Edit Send Data you can try to text some information and then click the Send button Then you can see the same information in the PuTTY...

Page 126: ...ifferent from the original serial based protocols In order to integrate Modbus networks the GEM 2M series including a serial ports that support RS 232 and RS 485 communication interface can automatica...

Page 127: ...hich means error message of the interconnected gateway or no response of the access device When the Modbus slave device does not respond before the timeout has been reached or has a bad response check...

Page 128: ...Application settings This device is equipped with a 3G 4G module as WAN interface and it also provide the SMS USSD Network Scan and SMS based Remote Management Besides there is one I O Management func...

Page 129: ...S message automatically Press Add to add new rule 1 From Phone Number Indicate phone number of sender 2 Alert Approach Decide the way to forward message You can forward this message to another phone n...

Page 130: ...ew message has been sent successfully Read New SMS Message You can read delete reply and forward messages in this inbox section 1 Refresh You can press Refresh button to renew SMS lists 2 Delete Reply...

Page 131: ...esentation 1 Physical Interface Indicate which 3G LTE modem is used for USSD feature And SIM Status indicates which SIM card is used for USSD feature USSD Profile List You can edit USSD profile for so...

Page 132: ...pe Set network type of network scan You can choose 2G Only 3G Only LTE Only or Auto 3 Scan Approach You can choose Auto or Manually If you choose Manually press Scan button to scan cellular network ne...

Page 133: ...ll this gateway can t receive any new SMS 3 Security Key This security key will be used for authentication when this gateway receives SMS command Users need to type this key first and then followed by...

Page 134: ...connect again no matter WAN connection mode is set to auto reconnect 5 Reconnect Enable it and you can send command reconnect to disconnect WAN connection and start WAN connection again immediately 6...

Page 135: ...e phone number must be with the international prefix i e 886939123456 You can also assign specific phone number can send command and or also can receive notifications 3 3 2 IO Management This IO manag...

Page 136: ...In the System section you can check system related information and execute some system operations define some time schedule rules make object grouping define external server objects and configure the...

Page 137: ...objects Active Directory Server objects LDAP Server objects and UAM Server objects About MMI Man Machine Interface it means the Web based GUI User can set the administrator timeout of Web UI surfing...

Page 138: ...password of administrator for future logging in Certainly once the password is changed successfully system will ask you login again with new password 3 New Password Confirmation Re type new password...

Page 139: ...e View command button 3 Email Alert This device can also export system logs via sending emails to specific recipients The items you have to setup include Enable Check it if you want to enable Email al...

Page 140: ...locates b Auto Synchronization Check the Enable checkbox to enable this function Besides you can select a NTP time server to consult UTC time from the available list and by default it is 132 163 4 102...

Page 141: ...ING 3 Ping Test This allows you to specify an IP FQDN and the test interface so system will try to ping the specified device to test whether it is alive after clicking on the Ping button A test result...

Page 142: ...ernet networking standard that allows a computer to be turned on or awakened by a network message You can specify the MAC address of the computer in your LAN network to be remotely turned on by clicki...

Page 143: ...edule rule it collects 8 time periods to organize it You also can specify the rule is to define the enable timing Inactive except the selected days and hours below or disable timing Active except the...

Page 144: ...ut also you can modify some existed host groups by clicking corresponding Edit command buttons at the end of each group record in the Host Group List Besides unnecessary groups can be removed by check...

Page 145: ...le Extension Group List File Extension Group List can show the list of all file extension groups and their member lists and bound services in this window You can add one new grouping rule by clicking...

Page 146: ...plication Grouping 3 4 3 4 1 L7 Application Group List L7 Application Group List can show the list of all file extension groups and their member lists and bound services in this window You can add one...

Page 147: ...he Join button 5 Group Check the Enable box to activate the group definition 3 4 4 External Servers This device supports six types of external server objects to be created They are Email Server object...

Page 148: ...cord in the External Server List Besides unnecessary objects can be removed by checking the Select box for those objects and then clicking on the Delete command button at the External Server List capt...

Page 149: ...Server you can specify primary RADIUS server and secondary RADIUS server for redundancy For each server following parameters need to be specified Shared Key Authentication Protocol CHAP or PAP Session...

Page 150: ...duct includes copyrighted third party software licensed under the terms of the GNU General Public License Please refer to the GNU General Public License below to check the detailed terms of this licen...

Page 151: ...so they know their rights We protect your rights with two steps 1 copyright the software and 2 offer you this license which gives you legal permission to copy distribute and or modify the software Als...

Page 152: ...distribute the same sections as part of a whole which is a work based on the Program the distribution of the whole must be on the terms of this License whose permissions for other licensees extend to...

Page 153: ...all those who receive copies directly or indirectly through you then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program If any portio...

Page 154: ...TIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU SHOULD THE PROGRAM PROVE DEFECTIVE YOU ASSUME THE COST OF ALL...

Search results

Summary of Contents for GEM 2M

Reviews:

Related manuals for GEM 2M

Brands by name

Popular brands

Proroute GEM 2M, User Manual

Search results

Summary of Contents for GEM 2M

Reviews:

Related manuals for GEM 2M

Brands by name

Popular brands