manualshive.com logo in svg

RACOM M!DGE3, User Manual

Share
Download
RACOM M!DGE3 User Manual Download Page 113

SA lifetime [s]

Number {180 – 86400}, default = 14400 s (4 hours)
Time of SA validity. The new key exchange or re-authentication is triggered immediately the
key expires. The true time of expiration is randomly selected within the range of 90-110%, to
prevent collision when the key exchange is triggered from both sides simultaneously.
Unfortunately, the more frequent the key exchange, the higher the network and CPU load.

Note

The M!DGE3 unit load is seriously affected when key exchange is in process.

Phase 2 – IPsec

Certain parameters are shared by all subordinate CHILD SA. IPsec Security Association provides
packet encryption (user traffic encryption)

Encryption algorithm

List box {3DES (legacy); AES128; AES192; AES256}, default = "AES128"
IKE CHILD SA encryption algorithm. The "legacy" marked methods are recognized as unsafe.
Peer configuration must match.

Hash algorithm

List box {MD5 (legacy); SHA1 (legacy); SHA256; SHA384; SHA512}, default = "SHA256"
IKE CHILD SA integrity algorithm. The "legacy" marked methods are recognized as unsafe.
Peer configuration must match.
The same value as selected for the Integrity algorithm, is used for the PRF (Pseudo-Random
Function).

Diffie-Hellman group (PFS)

List box {None (legacy); Group 2 (MODP1024, legacy); Group 5 (MODP1536, legacy);
Group 14 (MODP2048); Group 15 (MODP3072); Group 25 (ECP192); Group 26 (ECP224),
Group 19 (ECP256); Group 20 (ECP384); Group 21 (ECP521); Group 27 (ECP224BP);
Group 28 (ECP256BP); Group 29 (ECP384BP); Group 30 (ECP512BP); Group 31 (X25519);
Group 32 (X448)}, default = "Group 15 (MODP3072)"
The PFS (Perfect Forward Secrecy) feature is performed using the Diffie-Hellman group
method.
PFS increases IKE CHILD SA key exchange security. The "legacy" marked methods are recog-
nized as unsafe. Peer configuration must match.
The higher the Diffie-Hellman group, the higher the security but also the higher the network and
CPU load.

Payload compression

This parameter enables payload compression. This takes place before encryption. Peer config-
uration must match.

113

© RACOM s.r.o. – M!DGE3 Cellular Router

Settings

Summary of Contents for M!DGE3

Page 1: ...User manual M DGE3 Cellular Router fw 2 0 13 0 2022 09 14 version 1 0 www racom eu RACOM s r o Mirova 1283 592 31 Nove Mesto na Morave Czech Republic Tel 420 722 937 522 E mail racom racom eu...

Page 2: ......

Page 3: ...rs 35 6 2 Changes to commit 35 6 3 Notifications 37 6 4 User menu 38 6 5 Remote access 38 6 6 Refresh 40 6 7 Help 40 6 8 Shortcuts 41 7 Settings 42 7 1 Interfaces 42 7 1 1 Ethernet 42 7 1 1 1 Network...

Page 4: ...6 7 2 3 4 Network Areas and interfaces Interfaces 87 7 2 3 5 Network Areas and interfaces Neighbors 88 7 2 3 6 Network Areas and interfaces Networks 89 7 2 3 7 Static rules 89 7 2 3 8 Import filter 90...

Page 5: ...gnostics 146 8 1 Overview 146 8 1 1 Measurements 146 8 1 2 Statistics 147 8 2 Information 147 8 2 1 Interfaces 147 8 2 2 Routing 149 8 2 3 Firewall 150 8 2 3 1 Firewall L2 150 8 2 3 2 Firewall L3 150...

Page 6: ...arranty 173 10 1 Safety instructions 173 10 2 High temperature 174 10 3 Battery disposal 174 10 4 Instructions for Safe Operation of Equipment 174 10 5 SW license 174 10 6 EU Compliance 176 10 6 1 RoH...

Page 7: ...e Due to the nature of wireless communications transmission and reception of data can never be guaranteed Data may be delayed corrupted i e have errors or be totally lost Significant delays or losses...

Page 8: ...adapter External WiFi adapter Part No OTH USB WIFI W2 an optional accessory of the M DGE3 see ETH USB adapter 1 needs to be used Any other adapter will not work correctly when connected to M DGE3 uni...

Page 9: ...sk Note https For security reasons the http protocol with ssl encryption can be used for the commu nication between the PC and M DGE3 The https protocol requires a security certificate You must instal...

Page 10: ...cellular routers are native IP devices with Linux OS that have been designed with attention to detail performance and quality M DGE3 is built into a rugged metal casing that allows for multiple instal...

Page 11: ...2 1 Dimensions Fig 2 1 M DGE3 dimensions 11 RACOM s r o M DGE3 Cellular Router Product...

Page 12: ...2 M DGE3 Edge bracket dimensions Fig 2 3 M DGE3 flat bracket dimensions For more information see Section 4 1 1 DIN rail mounting and Section 4 1 2 Flat mounting M DGE3 Cellular Router RACOM s r o 12 P...

Page 13: ...Antenna connectors An antenna can be connected to M DGE3 via SMA female 50 connect or M DGE3 is equipped with two connect ors The ANT1 connector will be used for common transmitting and receiving sing...

Page 14: ...LEEP INPUT SI 1 pull below 1 1 VDC to activate 1 1 VDC 1 9 VDC threshold hysteresis max 50 VDC HW ALARM INPUT AI 2 pull below 1 1 VDC to activate 1 1 VDC 1 9 VDC threshold hysteresis max 50 VDC GND fo...

Page 15: ...al output POWER The POWER pins labelled and serve to connect a power supply 10 50 VDC The requirements for a power supply are defined in Section 4 6 Power supply and Chapter 9 Technical parameters 15...

Page 16: ...ngeable with maximal power consumption 1 25 W Both fibre optic and metallic Ethernet SFP modules are supported For optical both single and dual mode fibre optics Ethernet modules 2 or 1 fibers can be...

Page 17: ...M RS232 Terminal block In Out Signal In Out Signal Pin Out CTS 1 In RTS 2 In Out line B Out RxD 3 In Out line A In TxD 4 GND GND 5 M DGE3 keeps pin 6 DSR at the level of 0 state ON approx 6 2 V by RS2...

Page 18: ...X 9 Connector Shell Shield Shell The USB interface is designed for the connection to an external ETH USB adapter or a WiFi adapter They are optional accessories to M DGE3 for more details see www ripe...

Page 19: ...tal Outputs Open drain output max 50 VDC 0 2 A Isolated differential digital input Input voltage difference P N 1 9 VDC Logic H Input voltage difference P N 1 1 VDC Logic L Maximum differential voltag...

Page 20: ...cards Two SIM card holders for Micro SIM 3FF are available under the screwed cover on the M DGE3 right side Warning Disconnect M DGE3 unit from a power supply before opening the cover and manipulating...

Page 21: ...for Micro SIM 3FF are available under the screwed cover on the M DGE3 right side 2 4 GPS M DGE3 cellular router shall be equipped by the GPS receiver with time pulse output EXT1 connector is used for...

Page 22: ...signalise signal strength Permanently lit or flashing in 1 sec intervals Yellow Green Yellow Red Flashing Connect ing into the cellular network Colour signalise signal strength When 2 nd cellular used...

Page 23: ...ot Possible values N not used W Expansion cellular module Bands W Part No mPCIe W Bands W 4G 3G 2G Global For frequency bands see details G GPS GNSS module Part No mPCIe GPS C Expansion 2 RS232 Part N...

Page 24: ...code which is printed on Product label on the housing SW keys are not HW dependent and can be ordered later on so they are not printed on Product label Order code the complete product code which is u...

Page 25: ...B adapters ETH WiFi https www racom eu eng products radio modem ripex html accessories_ethusb 4 Demo case https www racom eu eng products radio modem ripex html accessories_democase 1 https www racom...

Page 26: ...sure proper grounding Section 4 4 Grounding 5 Run cables and plug in all connectors except from the SCADA equipment Section 2 2 Connectors 6 Apply power supply to M DGE3 7 Connect configuration PC Rip...

Page 27: ...lar modem is directly mounted to the DIN rail by a holder which comes with the modem Fig 4 1 DIN rail Using this mounting M DGE3 can be mounted in different angles by 90 clockwise counter clockwise 27...

Page 28: ...edged mounting to the DIN rail Edge bracket optional accessory is used Use solely the M4 5 mm screws that are supplied Fig 4 2 Edged mounting to DIN rail M DGE3 Cellular Router RACOM s r o 28 Installa...

Page 29: ...t mounting directly to the support you must use the Flat bracket an optional accessory Use solely the M4 5 mm screws that are supplied Fig 4 3 Flat mounting using Flat bracket 29 RACOM s r o M DGE3 Ce...

Page 30: ...e should be chosen so that its attenuation does not exceed 3 to 6 dB as a rule of thumb Use 50 impedance cables only The shorter the feed line the better If M DGE3 is installed close to antenna the da...

Page 31: ...and other devices Connecting the RTU and other devices to M DGE3 while powered increases the likelihood of damage due to the discharge of difference in electric potentials M DGE3 may be powered from a...

Page 32: ...e a virtual serial interface to such application and converts the serial data to TCP UDP datagrams which are then received by the terminal server in M DGE3 This type of connection between M DGE3 SCADA...

Page 33: ...routing between the source Local M DGE3 and the destination IP Remote M DGE3 needs to be configured properly When in Bridge mode IP address of the Network interface the Radio interface is bridged wit...

Page 34: ...s depicted in this User manual are taken on the desktop type of screen resolution Note A mechanism against brute force attack is implemented When wrong combination of the Account Password is entered y...

Page 35: ...to commit M DGE3 is capable of remembering changes which were done in its configuration and collecting them in a Changes to commit basket All changes of configuration parameters are highlighted by dif...

Page 36: ...tion about their changed values Old value New value From this page it is possible to Return to configuration return to the last changed value Reset changes all changes will be reset back to their prev...

Page 37: ...e the most efficient location Note To access Notification Center it is possible to use shortcut Ctrl Alt N Notifications are mostly triggered by user actions in the interface for example success or fa...

Page 38: ...n of the unit accessing the unit IP address directly from the web browser works fine If the unit should be connected remotely via the radio network the so called Remote access needs to be used to conf...

Page 39: ...tion 7 6 7 Firmware Remote access can be activated via click on the Remote access button The connection to remote radio proceeds The IP address of the actually connected M DGE3 unit is displayed as pa...

Page 40: ...s to remote units 6 6 Refresh Refresh button placed in the right corner of the web page header triggers a feature which assures the user that he is working with current data Triggering the Refresh wil...

Page 41: ...the respective sub chapter of the User manual 6 8 Shortcuts Tab 6 1 Table of shortcuts Access to Shortcut Changes to commit Ctrl Alt C Notification center Ctrl Alt N Remote access Ctrl Alt R 41 RACOM...

Page 42: ...erfaces can be defined Multiple physical Ethernet interfaces can be bridged together by using single Network interface When unit is operating in Bridge mode the default Network interface bridges toget...

Page 43: ...interface Allow unit management Enables disables unit management for the specific Network interface Add IP Subnet Adds defined subnet to the Network interface IP Mask IP address mask of the specific...

Page 44: ...7 1 1 2 Ports Ethernet 1 Ethernet 5 List box enable disable default enable Enables Disables ETH port SW control ETH1 ETH4 speed List box auto auto auto full auto half 1000 Mbps auto 1000 Mbps full 10...

Page 45: ...P frame forwarded to the M DGE3 router module and further processed according to router rules Such UDP frames received by the M DGE3 unit from the M DGE3 network based on the unit IP address and UDP p...

Page 46: ...ent with each data character arranged so that the number of 1 bits in each character including the parity bit is always odd or always even If a byte is received with the wrong number of 1 bits then it...

Page 47: ...ed in order to pause and resume the transmission of data If RX buffer of M DGE3 is full the CTS goes down Note RTS CTS Flow control requires a 5 wire connection to the COM port Buffer flush time ms Nu...

Page 48: ...nto which the serial SCADA packet received from COM is encapsulated Destination UDP port List box Manual COM1 COM3 TS1 TS5 default COM1 The same UDP port will be used for all destination This UDP port...

Page 49: ...the same UDP port is used for all the SCADA units which results in the following limita tions SCADA devices on all sites have to be connected to the same interface only one SCADA device to one COM por...

Page 50: ...arget IP IP address to which the response is sent when TARGET is chosen in the Response target mode 7 1 2 3 1 None The None protocol switches the COM port off All incoming data will be thrown away No...

Page 51: ...4 COMLI COMLI is a serial polling type communication protocol used by Master Slave application When M DGE3 radio network in Router mode is used more COMLI Masters can be employed within one Radio netw...

Page 52: ...00 0 switches this functionality off Timeout for checking of the duplicity of two following frames Used when the very same frame is incoming via COM port within the timeout measured from the moment of...

Page 53: ...col contains the source and destination addresses in its header so there is no difference between Master and Slave in terms of the M DGE3 configuration The DNP3 allows both Master Slave polling as wel...

Page 54: ...s protocol local acknowledgment Typically the default setting shall be used In case a need it is possible to change ACK parameters in ADVANCED Generic com_x_prot Pro tocol_DF1 menu ACK locally List bo...

Page 55: ...A is a full duplex protocol featuring 32bit long addresses error detection based on 16 bit checksum XOR or 16 bit CRC error correction MARS A was widely used by legacy RACOM radio modems in the MORSE...

Page 56: ...legacy MORSE network implementations This parameter does not change protocol behaviour CRC List box On Off default Off Error detection algorithm On CRC algorithm is used Off XOR algorithm is used 7 1...

Page 57: ...imeout parameter controls how long the unit waits for an acknowledgement frame The timeout is started when the original frame received from the Radio channel is transmitted to the connected device ove...

Page 58: ...layer L2 in OSI model hence M DGE3 uses a similar way to read SCADA address as in UNI protocol There is a handshake STX 0x02 DLE Ox10 on the start of communication and DLE ETX DLE on the end This hand...

Page 59: ...ce number of the byte where the Protocol address starts Note 3964 R protocol is using escape sequence control sequence for DLE 0x10 I e when 0x10 is in user data 0x1010 is sent instead When address po...

Page 60: ...er must be set so that one has High priority and the other has Low BCC List box On Off default On BCC Block Check Character is a control byte used for data integrity control it makes the reli ability...

Page 61: ...s mode allows to behave in limited way as a Master and send to other Slave Slave Plus write command read command is not allowed Broadcast List box On Off default On When On the 255 address is treated...

Page 62: ...ster timeout This timeout is reseted after receiving of an answer from Slave or a frame in coming from the connected master Mode of Connected device SLAVE Response timeout ms Number 0 16383 default 30...

Page 63: ...ire COM or Ethernet interface ACK 0x06 frames are transmitted on successful reception and NAK 0x15 on unsuccessful frame reception ACK timeout ms Number 0 16383 default 1000 Note ACK timeout is measur...

Page 64: ...ocol is fully transparent i e all messages are transported and delivered without any modifications Mode of Connected device List box Master Slave default Master Adress mode List box Binary 1B ASCII 2B...

Page 65: ...ept broadcasts List box On Off default On On Broadcast packets received at the radio channel are forwarded to the COM port Off Broadcast packets received at the radio channel are discarded Unicast pac...

Page 66: ...rt with each datagram In such a case set Destination port 0 M DGE3 will then send replies to the port from which the last response was received This feature allows to extend the number of simultaneous...

Page 67: ...bles the cellular MAIN EXT When disabled default the module power is off Note Routing Mode WWAN AUX is added to the Static routing rules definition When this mode is selected the routing Gateway param...

Page 68: ...ning packets will be correctly routed back to its original source internal device Allow unit management List box On Off default On Allows to manage the unit over WWAN interface Link testing List box O...

Page 69: ...ntication We do not recommend to use this option because of security issues the option is provided to offer legacy systems compatibility User name and Password are required CHAP CHAP Challenge Handsha...

Page 70: ...be used Lock to home Only the home network will be used if the SIM supports PLMN reading This option can also be used as a switch off for the roaming Location area identity LAI String 00000 999999 de...

Page 71: ...er 3 3600 default 60 Time period during which is the connection being tested Repeat period s Number 3 3600 default 10 If the test results as failed the connection is tested again after defined time pe...

Page 72: ...succeeds both addresses must pass the test Note If the connection to SIM card fails missing SIM wrong PIN all profiles using that SIM will be blocked If all profiles are blocked the whole Cellular int...

Page 73: ...to first profile List box On Off default On When enabled the module will switch back to its first profile after defined time period Time to return to first profile min Number 5 10080 default 480 Time...

Page 74: ...terface can filter the traffic List box WWAN or AUX HotStandby WWAN is activated only in active mode disabled in passive In passive mode the module is dis connected from the mobile network IPsec Autom...

Page 75: ...according to the Routing table Unlimited number of subnets can be defined on the Network interface They are routed independently The COM ports are treated in the standard way as router devices message...

Page 76: ...hop on the specific route is over the radio channel the Radio IP is used as a Gateway If Base driven protocol is used and the destination Remote is behind a Repeater the destination Remote Radio IP is...

Page 77: ...highly dynamic wireless networks for more information see RFC6126 2 BABEL is also a dynamic routing protocol for Internet Protocol IP networks It is an Interior Gateway Protocol IGP working within one...

Page 78: ...odically and also after their update Routing path decision is based on a metric Metric is set on each interface It reflects a price for the packet reception The higher the metric value the more disadv...

Page 79: ...1 Dynamic rule 192 168 1 0 24 192 168 11 1 metric 32 Packet with DST 192 168 1 42 will be routed to 192 168 11 1 because the dynamic rule has a nar rower mask Example 2 similar situation with addition...

Page 80: ...not travel through 7 2 2 3 Network Interfaces Active List box On Off default Off Enables disables the interface Interface String a z A Z 0 9 max 16 char default empty Interfaces which will be used by...

Page 81: ...ing Hello packets Update interval multiplier Number 2 30 default 4 Interval of sending the routing table update packets to share the network topology information across the BABEL network The update in...

Page 82: ...g routing rule is processed by those Import filters Maximum number of filter rules is 256 Active List box On Off default On Enables disables the filter rule Filter network List box Off Match Not match...

Page 83: ...nce in the routing table to be used when Set preference is enabled The higher the number the better the preference Local preferred source address IP address default 0 0 0 0 Preferred source IP address...

Page 84: ...ernal Inter area External type 1 External type 2 default External type 2 OSPF sources Internal stands for internally generated rule e g interface range Inter area stands for rule generated on the area...

Page 85: ...path metric There are two types of metrics Metric Type 1 path length individual interfaces pass over costs are added Metric Type 2 is setup on the rules which are exported to the OSPF from outside Rul...

Page 86: ...E3 unit acts in the OSPF network as a dynamic router Every router is identified by an ID having the format of IP address This IP address does not have to be real Router ID is shared with the BGP proto...

Page 87: ...LAN 141 VLAN if_ prefix must be used followed by Network interface name dot and VLAN number e g if_LAN 141 29 Radio radio Hot standby hstdby GRE L3 gre_tunX where X is the tunnel number starting from...

Page 88: ...propagation The higher the number the higher the priority 0 states the router cannot be used as a primary or backup router Use broadcast List box On Off default Off Defines if OSPF packets distributio...

Page 89: ...ts two subnets 192 168 1 0 24 and 192 168 2 0 24 Area border router between Area 0 0 0 1 and 0 0 0 0 defines a rule for network aggregation 192 168 0 0 16 As a result of this the area border router an...

Page 90: ...sk from Number 0 32 default 0 Mask to Number 0 32 default 32 Definition of the enabled range of the mask length of the processed routing rule Examples Rule 0 0 0 0 0 0 32 captures all IP ranges Rule 1...

Page 91: ...the source IP address is set according to the outgoing interface Note Informational note 7 2 3 9 Export filter OSPF export filter rules define set of routing rules to be exported from the unit into th...

Page 92: ...e called internal iBGP All BGP routers within given AS must be fully interconnected every router must have connection to all other routers It is possible to define Route reflectors they must be fully...

Page 93: ...534 and 4200000000 4294967294 AS numbers from this range can be safely used by anyone Preference Number 0 2 32 1 default 100 Router preference within the local AS The higher the number the higher the...

Page 94: ...hbor type List box Internal External default External Neighbor router type selection Internal neighbor belongs to the same AS iBGP External belongs to other AS eBGP Neighbor AS Number 0 2 32 1 default...

Page 95: ...lue Incoming packets having lower than expected value expected number of hops are discarded Expected hops Number 2 32 default 2 Number of expected hops between the neighbors Route reflector client Lis...

Page 96: ...d of the routing rule destination range comparison Network IP Network mask IP address default 0 0 0 0 0 IP address and mask defines the network prefix to be compared Mask from Number 0 32 default 0 Ma...

Page 97: ...0 0 0 0 Preferred source IP address for the locally generated packets When disabled default value 0 0 0 0 is used the source IP address is set according to the outgoing interface 7 2 4 6 Export IGP f...

Page 98: ...Filter OSPF tag List box Off Match Not match default Off Selects the way of filtering based on OSPF tag OSPF tag Number 0 2 32 1 default 0 OSPF tag to be compared The tag is added to a rule when inser...

Page 99: ...ighbor the path was received from this AS last on the path Source routing rule originates from this AS first on the path Path AS Number 0 2 32 1 default 65000 The number of the AS searched for Action...

Page 100: ...h default Off Selects the way of filtering based on OSPF tag OSPF tag Number 0 2 32 1 default 0 OSPF tag to be compared The tag is added to a rule when inserted to OSPF Filter BGP path List box Off Is...

Page 101: ...traffic to from other MAC addresses is allowed Whitelist Only the MAC addresses listed in the table are allowed i e only packets to from them are al lowed The traffic to from other MAC addresses is b...

Page 102: ...ule with narrower mask has higher priority The rule s order does not affect priority Source port from Source port to Interval of source ports Input interface List box All Radio All ETH ETH1 ETH5 Other...

Page 103: ...which may affect datagrams to from these ports in L3 Firewall settings Management connection to a remote M DGE3 may be lost when another M DGE3 acts as a router along the management packets route and...

Page 104: ...ocol is set to Other Protocol List box All ICMP UDP TCP GRE ESP Other default All Filters selected protocol If none of the mentioned values suits select Other Protocol number Number 0 255 default 1 Th...

Page 105: ...ess to IP address default Off Off Source address and or port will be replaced by values from parameters Rewrite source IP and Rewrite source port This applies only if those parameters are set they are...

Page 106: ...ace Source port from Source port to Destination port from Destination port to and Protocol number define a filter which is catching specified packets SNAT rule applies for those packets Parameters Sou...

Page 107: ...terfaces radio the name of LAN or VLAN interface the name of GRE tunnel etc This parameter occurs only if parameter Input Interface is set to Other Range mapping List box Off IP address to IP address...

Page 108: ...t Set to IP 10 10 10 1 and port 502 resulting in a range of IPs 10 10 10 1 10 10 10 15 due to Destination ports of received UDP data in a range of 20001 20015 15 ports 15 IP ad dresses A new port is a...

Page 109: ...therefore benefit from the functionality security and management of the private network 7 4 1 IPsec Internet Protocol Security IPsec is a network protocol suite that authenticates and encrypts the pa...

Page 110: ...unnel contains 1 IKE SA and at least 1 CHILD SA Link partner peer secure authentication is assured using Pre Shared Key PSK authentication method Both link partners share the same key password As and...

Page 111: ...IPsec VPN tunnel click the Add VPN configuration button Add Edit IPsec VPN tunnel associations Every item in the table represents one IKE SA There can be a maximum of 8 active IKE SA limited by syste...

Page 112: ...p PFS List box None legacy Group 2 MODP1024 legacy Group 5 MODP1536 legacy Group 14 MODP2048 Group 15 MODP3072 Group 25 ECP192 Group 26 ECP224 Group 19 ECP256 Group 20 ECP384 Group 21 ECP521 Group 27...

Page 113: ...SHA384 SHA512 default SHA256 IKE CHILD SA integrity algorithm The legacy marked methods are recognized as unsafe Peer configuration must match The same value as selected for the Integrity algorithm is...

Page 114: ...elevant peer is identified using it s Peer ID The key must be the same for both local and peer side of the IPsec Mode List box Passphrase Key default Passphrase This parameter occurs only if parameter...

Page 115: ...es Local network address Mask Source IP address and mask of the packets to be captured and forwarded to the encrypted tunnel Remote network address Mask Destination IP address and mask of the packets...

Page 116: ...M DGE3 Cellular Router RACOM s r o 116 Settings...

Page 117: ...packet transmission through tunnel is attempted Restart connection is established immediately 7 4 2 GRE L2 GRE L2 tunnel is interconnected to the bridge LAN interface as one of the bridge s port it c...

Page 118: ...nterfaces Ethernet Network interface Name Key enabled Enables using key identification of the tunnel from to the same peer Key Identification number of the tunnel Number 0 4 294 967 295 default 0 MTU...

Page 119: ...mber 0 4 294 967 295 default 0 MTU MTU of the L2 tunnel Number 70 1476 default 1476 Overhead of the L3 tunnel is 24 B so it should be GRE MTU Path MTU 24 If the MTU is bigger than is allowed along the...

Page 120: ...min Sec tech Tech Guest Write Write Write Read only Ethernet Radio COM Terminal servers Cellular Interfaces SETTINGS Write Write Read only Read only Radio Encryption Write Write Write Read only Static...

Page 121: ...erves as login to the whole network 7 5 1 User access User access serves for enabling disabling and setting of used protocol access It can be used for setting a non standard port for the protocol as w...

Page 122: ...ll users button provides backup of all Local user accounts into a file Import all user button provides restoration of all Local user accounts from a backup file Active session is logged out automatica...

Page 123: ...ADVANCED Generic UserAccess Web inactivity timeout Note It is necessary to install firmware version 1 4 5 0 or higher to assure proper functionality of Local and Remote authentication 7 5 2 2 Setting...

Page 124: ...lly with an authentication server RADIUS client server protocol is used for remote authentication RADIUS accounts can be mapped to one of the four user roles This is either managed by the server itsel...

Page 125: ...hall be set during the server configuration The user access level will be granted according to the integer ranges for individual role levels When the server does not allow setting of Management Privil...

Page 126: ...amper reset and click the Reset tamper button Note The unit must be re assembled before Tamper reset otherwise it returns an error Whole process can take a while and ends by rebooting the unit M DGE3...

Page 127: ...tact Additional SNMP information All the fields above are typically used in the NMS systems to identify the specific unit 7 6 1 2 Service USB The USB service interface primary purpose is to provide un...

Page 128: ...P server This is the IP address to be used when accessing the unit manage ment via this serial interface DHCP pool start Default IP address of the DHCP server 1 DHCP Server assigns addresses to connec...

Page 129: ...tics Unit time can be setup manually or it can be synchronized with an NTP server NTP server synchron ization is recommended The unit itself serves as an NTP server providing the time synchronization...

Page 130: ...y updates the Change device time manually field to minimize the delay between the time input and the moment of time setup NTP client synchronization source Synchronization source of the NTP client The...

Page 131: ...le every time the configuration is changed to be able to restore the configuration into another unit in case of unit maintenance Backup and download button triggers the web browser Download action The...

Page 132: ...on button loads default values of all configuration parameters into the web interface All parameters whose current value differs from the default are marked as changed They are listed in the Changes t...

Page 133: ...ion detector calibration Note Basic data such as Code Region SW keys will always remain in the unit Warning This action can take up to two minutes do not power off the unit until finished 133 RACOM s...

Page 134: ...Tab 7 3 Configuration versions FW version CNF version 2 0 13 0 1 M DGE3 Cellular Router RACOM s r o 134 Settings...

Page 135: ...arm outputs AO DO1 DO2 see Section 2 2 2 Power and Control Events can also generate an SMS notifications which are being sent to a defined phone number see Section 7 6 5 SMS 7 6 4 SNMP SNMP Simple Net...

Page 136: ...ault public Community name used by v1 and v2cWhen mode v1_v2c_v3 is used this parameter is mandatory Version 3 settings Security username String 1 32 char default empty Username for SNMPv3 When v3 pro...

Page 137: ...le 800083130302a92006ef Engine ID String 1 27 char When User defined Engine ID mode is selected the differentiated part of the Engine ID can be entered as ASCII characters or generated e g U3qPrisWoDY...

Page 138: ...of the SMS is depended on the type of module and coding If longer SMS is required only SMS notifications it is divided into a Chained SMS Note This section closely cooperates with Section 7 1 4 Cellul...

Page 139: ...ation Chained SMS are supported Sending SMS notifications can be activated in Section 7 6 3 Events 7 6 5 1 Parameters SMS password String 2 16 ASCII char default public Sets a SMS password which serve...

Page 140: ...ONNECTED Reg RegHome Net 23002 Svc 2G_EDGE Band ARFCN 77 Signal RSSI 48 dBm APN internet IP 100 110 103 173 smsevent param Example public smsevent raise This command is used to turn on off alarms whic...

Page 141: ...serial number Use Choose File dialog to select the file and Install key button to install the key s to unit Differences with the previous generation of M DGE3 SW keys are always installed as a file t...

Page 142: ...are version in all units is the best way to keep the network maintenance simple Upgrading firmware to a newer version is not obligatory unless there are bug security fixes etc The cyber security issue...

Page 143: ...In case of slow connection and file transfer longer than 120 s the web browser will shut down the connection and the action will not finish successfully This action does not update the running unit fi...

Page 144: ...M DGE3 is a very powerful device and it really shows all parameters in the Advanced section When you visit the page for the first time you will see a search field and below a tree of configuration pa...

Page 145: ...Be careful when adjusting settings in Advanced section and review the Changes page in detail before sending changes to the device 145 RACOM s r o M DGE3 Cellular Router Settings...

Page 146: ...re can be disabled in parameters Advanced Interfaces Radio Radio paramet ers Block radio in extreme temperatures Card Voltage provides data about voltage measured on input connector Arrow headed symbo...

Page 147: ...taking 14 mins from history seconds passed from current minute 8 2 Information This section provides more detailed information data extract about settings of RipEX2 unit It provides also a deeper exp...

Page 148: ...TTINGS Interfaces Ether net Network interfaces IP Subnet VLAN eth1 eth2 eth3 eth4 Interface of physical Ethernet ports ETH1 ETH4 BP L2 interface type eth0 Interface of physical port SFP ETH5 BP L2 int...

Page 149: ...nal routing table of dynamic routing service bird master4 Displays data called by linux command birdcl show route all table master4 Babel data extract of status of BABEL protocol Displays data called...

Page 150: ...ed by linux command iptables L 8 2 3 2 Firewall L3 Displays data called by following linux commands iptables nvL line numbers 8 2 3 3 NAT Displays data called by following linux commands iptables disp...

Page 151: ...h given interface This table contains Name of an interface Status and statistics of front disciplines displays data called by linux command tc qdisc show Status and statistics of classes displays data...

Page 152: ...device 8 2 5 1 System information Basic unit information is provided Product code Identifies the unit hardware Serial number Unique unit identification number FW version Currently installed unit firm...

Page 153: ...ble here No limits are applied if the Region ID is empty Region description Detailed description of the Region if active 8 2 6 Diagnostic package This menu serves for collecting data either from local...

Page 154: ...ally clicking the Refresh button it is possible to view the status of the package Once the package is ready it can be downloaded by clicking the Download button After its download the package is delet...

Page 155: ...ehavior Informational item Blue Informational 6 INFO Debug Debug info if set so Grey Debug 7 8 4 Statistics M DGE3 unit permanently monitors various system channels There are several types of those ch...

Page 156: ...re constant Ethernet ports and their counters or do not rise to a high values COM ports Terminal servers and their counters What affects the length of available history the most is the number of radio...

Page 157: ...perience provided by the specialized apps 8 4 2 Serial protocol statistics Serial protocols statistics provides set of data monitoring the COM port s and Terminal server s Only enabled interfaces are...

Page 158: ...s Only enabled interfaces are displayed Only correctly received frames are handled The counters correspond to the specific IP protocol types Rx direction from the physical Ethernet port to the M DGE3...

Page 159: ...ar module Rx direction from the Cellular module to the Router module Cell aux internal interface name All information is displayed for this interface together UDP TCP ICMP ARP Packet count and amount...

Page 160: ...e of networks displayed in of time Note Values are rounded to an integer in 8 4 4 3 Cellular signal statistics Interface Cell aux interface is used for M DGE3 cellular module 2G RSSI 3G RSCP 4G RSRP s...

Page 161: ...tings of the monitored items and outputs Please note that even if both of the outputs are switched off and some interfaces are set to On the monitoring is still running in the background The monitorin...

Page 162: ...ns over the internal interfaces may not be that straightforward please consult above for clarification All List box On Off default On Monitoring output can also be limited by IP protocol type Select O...

Page 163: ...ox On Off default Off When On monitoring shows packets which are dropped e g CRC is not valid buffer overflow ETH interfaces Include management traffic List box On Off default Off Enable disable manag...

Page 164: ...1 hour 3 hours 24 hours Off default 5 min Show time difference List box On Off default Off When On the time difference between subsequent packets is displayed in the monitoring output 8 5 2 File outp...

Page 165: ...ime period approx 1 s some data will not be displayed in the console output A note about the omited data will be inserted to the console output to the position of the non displayed data 8 6 Routing Di...

Page 166: ...tion provides the following details Examined address example 8 8 8 8 Next hop gateway address example via 192 168 141 254 Next hop interface example dev if_bridge Outgoing packet Source address exampl...

Page 167: ...cy 1 Alert 2 Critical 3 Error default Off Off switched off the SYSLOG functionality Only the events with set severity and higher will be send to the Syslog server Severities for indi vidual Events can...

Page 168: ...2 DO 1 difDI not available when Expansion board C COM ports is used Optional interfaces Active antenna 3 3 VDC SMA female EXT1 on bottom Expansion board G GPS GNSS 72 channel u blox M8 engine GPS QZSS...

Page 169: ...uency Division Duplex FDD DL Multi Input Multi Output MIMO 2 2 3G UMTS HSDPA HSUPA 3GPP Release 8 Dual Cell HS Packet Access DC HSPA UMTS Terrestrial Radio Access UTRA Frequency Division Duplex FDD DL...

Page 170: ...l RBAC WPA2 PSK secured WiFi management access optional IPsec GRE VPN IEEE 802 1Q tagging VLAN RADIUS AAA protocol Layer 2 MAC Layer 3 IP Layer 4 TCP UDP Firewall Digitally signed FW Case opening evid...

Page 171: ...2010 Seismic qualification EN 60529 1993 A1 2001 A2 2014 IP rating Tab 9 2 List of connected cables Recommended cable type Shielded Nonshielded Specified length for EN 61850 3 Input Output V03VH H 2 0...

Page 172: ...TE Tx 0 1 W 10BaseT Ethernet 0 12 W 100BaseT 0 5 W 1000BaseT per Eth interface with connected equipment 0 2 W 1st COM 0 15 W GNSS 0 1 W 2 nd COM Rx 0 3 Tx 3 0 W 2 nd LTE 1 0 W SFP module typ M DGE3 Ce...

Page 173: ...nditions Protect the communication module against dust moisture and high tem perature We remind the users of the duty to observe the restrictions concerning the utilization of radio devices at petrol...

Page 174: ...e proper manner The same applies to equipment maintenance In order to prevent damage to the radio modem and other terminal equipment the supply must always be disconnected upon connecting or disconnec...

Page 175: ...plicable machine readable copies of source code of this software under GPL or LGPL li censes on contacts listed on https www racom eu This product also includes software developed by the University of...

Page 176: ...10 6 EU Compliance 10 6 1 RoHS WEEE and WFD Fig 10 1 EU Declaration of Conformity RoHS WEEE M DGE3 Cellular Router RACOM s r o 176 Safety regulations warranty...

Page 177: ...VHC listed on European chemical agency ECHA SCIP database candidate list in concentrations above 0 1 w w 10 6 2 EU Declaration of Conformity RED Fig 10 2 EU Declaration of Conformity RED 10 6 3 Simpli...

Page 178: ...HR RACOM s r o ovime izjavljuje da je radijska oprema tipa M DGE3 u skladu s Direktivom 2014 53 EU IT Il fabbricante RACOM s r o dichiara che il tipo di apparecchiatura radio M DGE3 conforme alla dire...

Page 179: ...unauthorised person nor due to the action of abnormal or extreme environmental conditions such as overvoltage liquid immersion or lightning strike Any equipment subject to repair under warranty must...

Page 180: ...quirements Condition of the accumulator Annually Functionality check power source Overcharging Accumulator damage Annually Full utilization of provided protective coverings Annually Remove any items w...

Page 181: ...n System PC Personal Computer DHCP Dynamic Host Configuration Protocol DNS Domain Name Server PER Packet Error Rate PWR Power DTE Data Terminal Equipment EMC Electro Magnetic Compatibility RF Radio Fr...

Page 182: ...n Control Protocol TS5 Terminal server 5 TX Transmitter UDP User Datagram Protocol VSWR Voltage Standing Wave Ratio WEEE Waste Electrical and Electronic Equipment M DGE3 Cellular Router RACOM s r o 18...

Page 183: ...differ from the actual unit you are working with While every reasonable effort has been made to ensure the accuracy of this publication product improvements may also result in minor differences betwe...

Reviews:

No comments

Brands by name

Popular brands

Load more brands