manualshive.com logo in svg

Teltonika RUT950, Manual

Share
Download
Teltonika RUT950 Manual Download Page 77

 

77 

 

 

Field Name 

Sample value  

Explanation 

1. 

Enable SYN flood protection  Enable/Disable 

Makes router more resistant to SYN flood attacks. 

2. 

SYN flood rate 

“25” 

Set  rate  limit  (packets/second)  for  SYN  packets  above 
which the traffic is considered a flood. 

3. 

SYN flood burst 

“50” 

Set burst limit for SYN packets above which the traffic is 
considered a flood if it exceeds the allowed rate. 

4. 

TCP SYN cookies 

Enable/Disable 

Enable  the  use  of  SYN  cookies  (particular  choices  of 
initial TCP sequence numbers by TCP servers). 

 

7.6.6.2

 

Remote ICMP requests 

Attackers  are  using  ICMP  echo  request  packets  directed  to  IP  broadcast  addresses  from  remote  locations  to 

generate denial-of-service attacks. 

 

 

Field Name 

Sample value  

Explanation 

1. 

Enable ICMP requests 

Enable/Disable 

Blocks remote ICMP echo-request type 

2. 

Enable ICMP limit 

Enable/Disable 

Enable ICMP echo-request limit in selected period 

3. 

Limit period 

Second/Minute/Hour/Day 

Select in what period limit ICMP echo-request 

4. 

Limit 

“10” 

Maximum ICMP echo-request during the period 

5. 

Limit burst 

“5” 

Indicating  the  maximum  burst  before  the  above  limit 
kicks in. 

7.6.6.3

 

SSH Attack Prevention 

Prevent  SSH  (Allows  a  user  to  run  commands  on  a machine's  command  prompt  without  them  being  physically 

present near the machine.) attacks by limiting connections in defined period. 

 

 

Field Name 

Sample value  

Explanation 

Summary of Contents for RUT950

Page 1: ...1 USER MANUAL RUT950 LTE Router ...

Page 2: ...notice Other product and company names mentioned herein may be trademarks or trade names of their respective owners Attention Before using the device we strongly recommend reading this user manual first Do not rip open the device Do not touch the device if the device block is broken All wireless devices for data transferring may be susceptible to interference which could affect performance The dev...

Page 3: ...Setting up your router 12 3 1 Installation 12 3 1 1 Front Panel and Back Panel 12 3 1 2 Connection status LED indication 12 3 1 3 Hardware installation 13 3 2 Logging in 13 4 Operation Modes 17 5 Powering Options 17 5 1 Powering the device from higher voltage 18 6 Status 19 6 1 Overview 19 6 2 System Information 20 6 3 Network Information 21 6 4 Device information 30 6 5 Services 30 6 6 Routes 31 ...

Page 4: ...0 6 10 3 Network Events 41 6 10 4 Events Reporting 42 6 10 5 Reporting Configuration 43 7 Network 46 7 1 Mobile 46 7 1 1 General 46 7 1 2 SIM Management 49 7 1 3 Network Operators 50 7 1 4 Mobile Data Limit 51 7 1 5 SIM Idle protection 52 7 2 WAN 53 7 2 1 Operation Mode 53 7 2 2 Common configuration 54 7 3 LAN 60 7 3 1 Configuration 60 7 3 2 DHCP Server 61 7 4 Wireless 63 7 5 VLAN 66 7 5 1 VLAN Ne...

Page 5: ...onfiguration Settings 86 9 1 2 Check Internet connection 87 9 2 TR 069 87 9 2 1 TR 069 Parameters Configuration 87 9 3 Web filter 88 9 3 1 Site blocking 88 9 3 2 Proxy Based Content Blocker 88 9 4 NTP 89 9 5 VPN 90 9 5 1 OpenVPN 90 9 5 2 IPSec 93 9 5 3 GRE Tunnel 96 9 5 4 PPTP 98 9 5 5 L2TP 99 9 6 Dynamic DNS 99 9 7 SMS Utilities 101 9 7 1 SMS Utilities 101 9 7 2 Call Utilities 107 9 7 3 User Grou...

Page 6: ...ngs 125 9 10 3 Logging 125 9 10 4 Landing Page 127 9 10 5 Radius server configuration 128 9 10 6 Statistics 129 9 11 CLI 129 9 12 Auto Reboot 130 9 12 1 Ping Reboot 130 9 12 2 Periodic Reboot 131 9 13 UPNP 131 9 13 1 General Settings 131 9 13 2 Advanced Settings 131 9 13 3 UPnP ACLs 132 9 13 4 Active UPnP Redirects 132 9 14 QoS 132 9 15 MQTT 133 9 16 Modbus TCP interface 138 10 System 139 10 1 Set...

Page 7: ...148 10 4 User scripts 148 10 5 Restore point 149 10 5 1 Restore point create 149 10 5 2 Restore point load 149 10 6 Firmware 150 10 6 1 Firmware 150 10 6 2 FOTA 151 10 7 Reboot 151 11 Device Recovery 152 11 1 Reset button 152 11 2 Bootloader s WebUI 152 12 Glossary 153 13 Changelog 155 ...

Page 8: ... with the requirements of standard EN 60950 1 Do not mount or service the device during a thunderstorm To avoid mechanical damages to the device it is recommended to transport it packed in a damage proof pack Protection in primary circuits of associated PC and PSU LPS against short circuits and earth faults of associated PC shall be provided as part of the building installation To avoid mechanical...

Page 9: ...9 Device connection ...

Page 10: ...IX 2 2 Wi Fi IEEE 802 11b g n WiFi standards 2x2 MIMO AP and STA modes 64 128 bit WEP WPA WPA2 WPA WPA2 encryption methods 2 401 2 495GHz Wi Fi frequency range 20dBm max WiFi TX power SSID stealth mode and access control based on MAC address 2 3 Hardware High performance 560 MHz CPU with 128 Mbytes of DDR2 memory 5 5 2 5mm DC power socket Reset restore to default button 2 x SMA for LTE 2 x RP SMA ...

Page 11: ...11 2 5 Applications ...

Page 12: ...nd Back Panel 1 2 3 LAN Ethernet ports 1 LTE auxiliary antenna connector 4 WAN Ethernet port 2 LTE main antenna connector 5 6 7 LAN LEDs 3 5 Wi Fi antenna connectors 8 WAN LED 4 Reset button 9 Power socket 10 Power LED 11 Connection status LED 12 Signal strength indication LEDs 3 1 2 Connection status LED indication Constant blinking 2Hz router is turning on LED turned off it has no 4G data connec...

Page 13: ...strip 4 Connect to the device wirelessly SSID Teltonika_Router or use Ethernet cable and plug it into any LAN Ethernet port 3 2 Logging in After you re complete with the setting up as described in the section above you are ready to start logging into your router and start configuring it This example shows how to connect on Windows 7 On windows Vista click Start Control Panel Network and Sharing Ce...

Page 14: ...eless Network Connection and has signal bars on its icon 5 Select Internet Protocol Version 4 TCP IPv4 and then click Properties 6 By default the router is going to have DHCP enabled which means that if you select Obtain an IP address automatically and Obtain DNS server address automatically the router should lease you an IP and you should be ready to login ...

Page 15: ...on are valid 192 168 1 0 192 168 1 1 192 168 1 255 192 168 1 699 and so on are not Next we enter the subnet mask this has to be 255 255 255 0 Then we enter the default gateway this has to be 192 168 1 1 Finally we enter primary and secondary DNS server IP s One will suffice though it is good to have a secondary one as well as it will act as a backup if the first should fail The DNS can be your rou...

Page 16: ...rowser and enter the routers IP into the address field Press enter If there are no problems you should be greeted with a login screen such as this Enter the default password which is admin01 into the Password field and then either click Login with your mouse or press the Enter key You have now successfully logged into the RUT950 From here on out you can configure almost any aspect of your router ...

Page 17: ... how to configure your router to work in a desired mode 5 Powering Options The RUT9xx router can be powered from power socket or over Ethernet port Depending on your network architecture you can use LAN 1 port to power the device RUT9xx can be powered from power socket and over Ethernet simultaneously Power socket has higher priority meaning that the device will draw power from power socket as lon...

Page 18: ...Some power supplies can produce voltage peaks significantly higher than the declared output voltage especially during connecting and disconnecting them While the device is designed to accept input voltage of up to 30 VDC peaks from high voltage power supplies can harm the device If you want to use high voltage power supplies it is recommended to also use additional safety equipment to suppress vol...

Page 19: ...ike current IP addresses of various network interfaces the state of the routers memory firmware version DHCP leases associated wireless stations graphs indicating load traffic etc and much more 6 1 Overview Overview section contains various information summaries ...

Page 20: ...5 Kernel Version 3 10 36 The version of the Linux kernel that is currently running on the router 6 Local Time 2016 05 06 05 54 10 Shows the current system time Might differ from your computer because the router synchronizes it s time with an NTP server Format year month day hours minutes seconds 7 Uptime 0d 0h 47m 35s since 2016 05 06 05 06 35 Indicates how long it has been since the router booted...

Page 21: ...6 3 Network Information 6 3 1 1 Mobile Display information about mobile modem connections Mobile information Field Name Sample Value Explanation 1 Data connection state Connected Mobile data connection status 2 IMEI 860461024350889 Modem s IMEI International Mobile Equipment Identity number 3 IMSI 246012101426458 IMSI International Mobile Subscriber Identity is used to identify the user in a cellu...

Page 22: ...ogy 13 Bytes received 39 9 KB 40832 bytes How many bytes were received via mobile data connection 14 Bytes sent 27 0 KB 27674 bytes How many bytes were sent via mobile data connection 6 3 1 2 WAN Display information about WAN connection WAN information Field Name Sample Value Explanation 1 Interface Wired Specifies through what medium the router is connecting to the internet This can either be Wir...

Page 23: ... with DHCP 6 3 1 3 LAN Display information about LAN connections LAN information Field Name Sample Value Explanation 1 Name Lan LAN instance name 2 IP address 192 168 99 218 Address that the router uses on the LAN network 3 Netmask 255 255 255 0 A mask used to define how large the LAN network is 4 Ethernet MAC address 00 1E 42 00 00 00 MAC Media Access Control address used for communication in a E...

Page 24: ...AP or Station STA AP is when the wireless radio is used to create an Access Point that other devices can connect to STA is when the radio is used to connect to an Access Point via WAN 6 3 1 4 1 Station Display information about wireless connection Station mode Client mode information Field Name Sample Value Explanation 1 Channel 1 2 41 GHz The channel that the AP to which the router is connected t...

Page 25: ... handle Keep in mind that this value is cumulative The bit rate will be shared between the router and other possible devices that connect to the local AP 6 3 1 4 2 Access Point Display information about wireless connection Access Point mode Wireless AP information Field Name Sample Value Explanation 1 Channel 11 2 46 GHz The channel which is used to broadcast the SSID and to establish new connecti...

Page 26: ...ther be the information of the Access Point that the router is connecting to in STA mode or a list of all devices that are connecting to the router in AP mode Field Name Sample Value Explanation 1 MAC Address FC C2 DE 91 36 A6 Associated station s MAC Media Access Control address 2 Device Name Android 9aed2b2077a54c74 DHCP client s hostname 3 Signal 54dBm Received Signal Strength Indicator RSSI Si...

Page 27: ...Time 0h 3m 24s For how long the connection has been established 6 3 1 8 Clients information It will show information when router is configured as OpenVPN TLS server 6 3 1 9 VRRP VRRP Virtual Router Redundancy Protocol for LAN Field Name Sample Value Explanation 1 Common Name Test001 Client connection 2 Real Address 212 59 13 225 52638 Client s IP address and port number 3 Virtual Address 10 0 0 6 ...

Page 28: ... Router Redundancy Protocol cluster will act as a master range 1 255 4 Router Master Connection mode Master Exclusive to other Modes with Slave 6 3 1 10 Topology Network scanner allows you to quickly retrieve information about network devices When router is configured to use Mobile as WAN and Connection type is selected PPP then possible to scan only the LAN side 6 3 1 11 Access Display informatio...

Page 29: ...558 12 KB Count of active connections and amount of data transmitted in KB Exclusive to other Modes with Slave 6 3 1 11 1 Last Connections Displays information about local and remote last 3 connections status Field Name Sample Value Explanation 1 Type SSH HTTP HTTPS Type of connection protocol 2 Date 2016 03 03 13 40 59 Date and time of connection 3 IP 192 168 2 10 IP address from which the connec...

Page 30: ...e s manufacturing process 4 Hardware revision 0321 Hardware revision of the device 5 IMEI 860461024164561 Identification number of the internal modem 6 IMSI 246020100070220 Subscriber identification number of the internal modem 6 Ethernet LAN MAC 3E 83 6F 84 E1 A4 MAC address of the Ethernet LAN ports 7 Ethernet WAN MAC AE F4 F3 5B 9D CC MAC address of the Ethernet WAN port 8 Wireless MAC N A MAC ...

Page 31: ... Explanation 1 IP Address 192 168 99 17 Recently cashed IP addresses of every immediate device that was communicating with the router 2 MAC Address 00 25 22 D7 CA A7 Recently cached MAC addresses of every immediate device that was communicating with the router 3 Interface br lan Interface used for connection 6 6 2 Active IP Routes Show the routers routing table The routing table indicates where a ...

Page 32: ...tes Display active IPv6 routes for data packet transition Field Name Sample Value Explanation 1 Network loopback Network interface used 2 Target 0 0 0 0 0 0 0 0 0 Indicates where a TCP IP packet with a specific IP address should be directed 3 IPv6 Gateway 0 0 0 0 0 0 0 0 0 Indicates through which gateway a TCP IP packet should be directed 4 Metric FFFFFFFF Metric number indicating interface priori...

Page 33: ...gth value 3 Average 72 0 dBm Average signal strength value 4 Peak 72 dBm Peak signal strength value 6 7 2 Realtime Load This tri graph illustrates average CPU load values in real time The graph consists out of three color coded graphs each one corresponding to the average CPU load over 1 red 5 orange and 15 yellow most recent minutes ...

Page 34: ...oad value of the time interval 6 7 3 Realtime Traffic This graph illustrates average system inbound and outbound traffic over the course of 3 minutes each new measurement is taken every 3 seconds The graph consists out of two colors coded graphs green graph shows the outbound traffic blue graph shows inbound traffic Although not graphed the page also displays peak loads and average of inbound and ...

Page 35: ...l traffic that passes through both LAN network interfaces 3 WAN Wired Graphs the amount of traffic which passed through the current active WAN connection 4 Mobile Graphs the amount of traffic which passed through the mobile network connection 5 Wi Fi Shows the amount of traffic that has been sent and received through the wireless radio ...

Page 36: ...36 6 7 4 Realtime Wireless Display the wireless radio signal signal noise and theoretical maximum channel permeability Average and peak signal levels are displayed ...

Page 37: ...37 6 7 5 Realtime Connections Displays currently active network connections with the information about network protocol source and destination addresses transfer speed ...

Page 38: ...nality is needed to enable it Field Name Sample Value Explanation 1 Enable Enable Disable Make a functionality active inactive 2 Interval between records sec 60 The interval between logging records minimum 60 sec 6 9 Speed Test Speed test is a tool for measuring your internet connection upload and download speeds You can select servers for manual testing or use auto test ...

Page 39: ...39 6 10 Events Log Event log displays such actions as login reboot firmware flashing and reset 6 10 1 All Events Display all router events their types and time of occurrence ...

Page 40: ...6 10 2 System Events Display all system events their type and time of occurrence Events include authentication or reboot requests incoming and outgoing SMS and calls Mails Configuration changes DHCP events ...

Page 41: ...41 6 10 3 Network Events Display information about recent network events like connection status change lease status change network type or operator change ...

Page 42: ...modify created rules for events reporting 6 10 4 1 Events Reporting Configuration Allow to review created rules details and modify them so after event occurrence messages or emails are sent to specified address or phone numbers with information about the event ...

Page 43: ...Action to perform when an event occurs 6 Enable delivery retry Enable Disable Enables to send SMS again if first try to send SMS was unsuccessful 7 Message text on Event Router name rn Event type et Event text ex Time stamp ts Message text on specific event 8 Get status after reboot Enable Disable Receive router status information after reboot 9 Recipient s phone number 123456789 For whom you want...

Page 44: ...92 168 123 123 FTP File Transfer Protocol host name e g ftp exemple com 192 168 123 123 Allowed characters a z A Z0 9 _ 6 User name Username User name for authentication on SMTP Simple Mail Transfer Protocol or FTP File Transfer Protocol server Allowed characters a z A Z0 9 _ 7 Password password Password for authentication on SMTP Simple Mail Transfer Protocol or FTP File Transfer Protocol server ...

Page 45: ...t 9 Secure connection Enable Disable Enables disables secure connection Use only if server supports SSL or TLS 10 User name User User name for authentication on SMTP Simple Mail Transfer Protocol 11 Password User password for authentication on SMTP Simple Mail Transfer Protocol 12 Sender s email address sendersemail example com An address that will be used to send your email from Allowed character...

Page 46: ...nnection 3 APN APN Access Point Name APN is a configurable network identifier used by a mobile device when connecting to a GSM carrier 4 PIN number 1234 or any number that falls between 0000 and 9999 A personal identification number is a secret numeric password shared between a user and a system that can be used to authenticate the user to the system 5 Dialing number 99 1 Dialling number is used t...

Page 47: ...ard will get blocked To avoid such mishaps it is highly advised to use an unprotected SIM If you happen to insert a protected SIM and the PIN number is incorrect your card won t get blocked immediately although after a couple of reboots OR configuration saves it will 7 1 1 1 1 Passthrough mode Using Passthrough Mode will disable most of the router capabilities DHCP mode Static Enter your computer ...

Page 48: ...rminated if no data is transferred during the timeout period 7 1 1 3 Force LTE network Field name Possible values Explanation 1 Enable Enable Disable Enable disable try to connect to LTE network every x seconds used only if service mode is set to 4G LTE preferred 2 Reregister Enable Disable If this enabled modem will be reregister before try to connect to LTE network 3 Interval sec 180 3600 Time i...

Page 49: ...d 5 On data limit Enable Disable Perform a SIM card switch when mobile data limit for your current SIM card is exceeded 6 On SMS limit Enable Disable Perform a SIM card switch when SMS limit for your current SIM card is exceeded 7 On roaming Enable Disable Perform a SIM card switch when roaming is detected 8 No network Enable Disable Perform a SIM card switch when no operator is detected 9 On netw...

Page 50: ... as primary SIM in SIM Management Note after clicking Scan for operators button You will lose current mobile connection For changing network operator status have to be available There is manual connection to network operator you have to fill numeric name and it s have to be available 7 1 3 2 Operator List This function lets to create white list black list based on operator s code Field Name Sample...

Page 51: ...t of data transferred on WAN interface in order to minimize unwanted traffic costs 7 1 4 1 Data Connection Limit Configuration Your carrier s data usage accounting may differ Teltonika is not liable should any accounting discrepancies occur Field Name Sample value Explanation 1 Enable data connection limit Enable Disable Disables mobile data when a limit for current period is reached 2 Data limit ...

Page 52: ... 31 if Period is Month and Monday Sunday if period is week 4 Hour 1 24 Specifies the hour for SIM idle protection activation 5 Minute 1 60 Specifies the minute for SIM idle protection activation 6 Host to ping 8 8 8 8 Specifies IP address or domain name to send data packages to 7 Ping package size 56 Specifies ping Package size in bytes 8 Ping requests 2 Specifies requests to be sent Field Name Sa...

Page 53: ...ermines how the router will be connecting to the internet Type Explanation 1 Main WAN Switches between Mobile Wired and Wi Fi interface for main WAN 2 Backup WAN Load balancing Let s user to select one or two interfaces for WAN backup 3 Interface Name Displays WAN interface name and changes interface priority the interface at the table top has the highest priority 4 Protocol Displays protocol used...

Page 54: ...sk used to define how large the WAN network is 3 IPv4 gateway 192 168 99 254 Address where the router will send all the outgoing traffic 4 IPv4 broadcast 192 168 99 255 Broadcast address auto generated if not set It is best to leave this blank unless you know what you are doing 5 Use custom DNS servers 8 8 8 8 8 8 6 6 Usually the gateway has some predefined DNS servers As such the router when it n...

Page 55: ... Your username and password that you would use to connect to your carriers network 2 PAP CHAP password your_password A mask used to define how large the WAN network is 3 Access Concentrator auto Specifies the name of access concentrator Leave empty to auto detect 4 Service Name auto Specifies the name of the service Leave empty to auto detect 7 2 2 2 Advanced These are the advanced settings for ea...

Page 56: ... The WAN configuration by default generates a routing table entry With this field you can alter the metric of that entry 7 2 2 2 2 DHCP Field name Sample value Explanation 1 Disable NAT Enable Disable If checked router will not perform NAT masquerade on this interface 2 Use broadcast flag Enable Disable Required for certain ISPs e g Charter with DOCSIS 3 3 Use default gateway Enable Disable If unc...

Page 57: ...2 2 3 PPPoE Field name Sample value Explanation 1 Disable NAT Enable Disable If checked router will not perform NAT masquerade on this interface 2 Use default gateway Enable Disable If unchecked no default route is configured 3 Use gateway metric 0 4 Use DNS servers advertised by peer Enable Disable If unchecked the advertised DNS server addresses are ignored 5 LCP echo failure threshold 0 Presume...

Page 58: ...kup connections selected at the same time in that case when primary connection fails router tries to use backup with higher priority and if that is unavailable or fails too then router tries the backup with lower priority The majority of the options consist of timing and other important parameters that help determine the health of your primary connection Regular health checks are constantly perfor...

Page 59: ...AN connection to be declared DOWN for good 5 Attempts before recovery 1 3 5 10 15 20 How many checks should pass for your WAN connection to be declared UP 7 2 2 3 How do I set up a backup link First we must select a main link and choose one or two backup links in WAN section Then push the Edit button and configure your WAN and Backup Wan settings to your liking Click Save and wait until the settin...

Page 60: ...ork is 3 IP broadcast IP broadcasts are used by BOOTP and DHCP clients to find and send requests to their respective servers 7 3 1 2 Advanced settings Field name Sample value Explanation 1 Accept router advertisements Enable Disable If enabled allows accepting router advertisements Disabled by default 2 Override MTU 1500 MTU Maximum Transmission Unit specifies the largest possible size of a data p...

Page 61: ...r LAN IP is 192 168 2 1 and your subnet mask is 255 255 255 0 that means that in your network a valid IP address has to be in the range of 192 168 2 1 192 168 2 254 192 168 2 0 and 192 168 2 255 are special unavailable addresses If the Start value is set to 100 then the DHCP server will only be able to lease out addresses starting from 192 168 2 100 3 Limit 150 How many addresses the DHCP server g...

Page 62: ...ent in the ethers files are served 2 Force Checked Unchecked Forces DHCP serving even if another DHCP server is detected on the same network segment 3 IP netmask You can override your LAN netmask here to make the DHCP server think it s serving a larger or a smaller network than it actually is 4 DHCP Options Additional options to be added for this DHCP server For example with 26 1470 or option mtu ...

Page 63: ...d a custom DNS server 7 4 Wireless On this page you can configure your wireless settings Depending on whether your WAN mode is set to Wi Fi or not the page will display either the options for configuring an Access Point or options for configuring a connection to some local access point ...

Page 64: ...d always Save before toggling the radio on and off SSID Your wireless networks identification string This is the name of your Wi Fi network When other Wi Fi capable computers or devices scan the area for Wi Fi networks they will see your network with this name Hide SSID Will render your SSID hidden from other devices that try to scan the area Connect to WRP100 automatically let Teltonika WRP100 wi...

Page 65: ...bility of unsuccessful packet transfers thus increasing speed 5 RTS CTS Threshold 2346 Request to send threshold It can help resolve problems arising when several access points are in the same area contending 7 4 1 2 Interface 7 4 1 2 1 Security Encryption there are many modes of encryption a distinctive classis pointed out below First select an encryption method TKIP CCMP TKIP CCMP and auto Note ...

Page 66: ...reless access point that the router is connecting to Changing them can result in an interrupted connection to an AP In addition to standard options you can also click the Scan button to rescan the surrounding area and attempt to connect to a new wireless access point 7 5 VLAN On this page you can configure your Virtual LAN settings either Port based or Tag based 7 5 1 VLAN Networks 7 5 1 1 VLAN Fu...

Page 67: ...ss access points Enabled Disabled Assign selected access point s to selected LAN 4 LAN None Select to which LAN to assign selected LAN ports and wireless access points If VLAN mode Tag based Field Name Sample Value Explanation 1 VLAN ID 2 VLAN Identification number allowed in range 1 4094 3 Wireless access points Enabled Disabled Assign selected access point s to selected LAN 4 LAN None Select to ...

Page 68: ...s new LAN name 2 Interface name eth0 tap0 Specifies LAN interface name 7 6 Firewall In this section we will look over the various firewall features that come with RUT9 7 6 1 General Settings The routers firewall is a standard Linux iptables package which uses routing chains and policies to facilitate control over inbound and outbound traffic Field Name Sample value Explanation 1 Drop Invalid Check...

Page 69: ...hed against all the rules for that specific chain If no rule matches said packet an according Action either Drop or Reject or Accept is performed Accept Packet gets to continue down the next chain Drop Packet is stopped and deleted Reject Packet is stopped deleted and differently from Drop an ICMP packet containing a message of rejection is sent to the source of the dropped packet 7 6 2 DMZ By ena...

Page 70: ...le Used purely to make it easier to manage rules 2 Protocol TCP UDP TCP UDP Other Type of protocol of incoming packet 3 External Port 1 65535 From this port on the WAN network the traffic will be forwarded 4 Internal IP address IP address of some computer on your LAN The IP address of the internal machine that hosts some service that we want to access from the outside 5 Internal port 1 65535 To th...

Page 71: ... host only 8 External IP address any Match incoming traffic directed at the given IP address only 9 External port 22 Match incoming traffic directed at the given destination port or port range on this host only 10 Internal zone LAN VPN WAN Redirect matched incoming traffic to the specified internal zone 11 Internal IP address 127 0 0 1 Redirect matched incoming traffic to the specified internal ho...

Page 72: ...estination Redirect matched traffic to the given IP address and destination port 5 Action Action to be taken for the packet if it matches the rule 6 Enable Self explanatory Uncheck to make the rule inactive The rule will not be deleted but it also will not be loaded into the firewall 7 Sort When a packet arrives it gets checked for a matching rule If there are several rules that match the rule the...

Page 73: ...urce address any Match incoming traffic from this IP or range only 8 Source port any Match incoming traffic originating from the given source port or port range on the client host only 9 Destination zone Device Any zone LAN VPN WAN Match forwarded traffic to the given destination zone only 10 Destination address any Match forwarded traffic to the given destination IP address or IP range only 11 De...

Page 74: ...le Field Name Sample value Explanation 1 Name Forward rule new Used to make rule management easier 2 Source LAN VPN WAN Match incoming traffic from selected address family only 3 Protocol TCP UDP Any ICMP Custom Protocol of the packet that is being matched against traffic rules 7 6 4 3 Source NAT Source NAT is a specific form of masquerading which allows fine grained control over the source IP use...

Page 75: ... make rule management easier 2 Protocol TCP UDP Any ICMP Custom Protocol of the packet that is being matched against traffic rules 3 Source zone LAN VPN WAN Match incoming traffic from this zone only 4 Source MAC address any Match incoming traffic from these MACs only 5 Source address any Match incoming traffic from this IP or range only 6 Source port any Match incoming traffic originating from th...

Page 76: ...bles program Just type them out into the text field ant it will get executed as a Linux shell script If you are unsure of how to use iptables check out the internet for manuals examples and explanations 7 6 6 DDOS Prevention 7 6 6 1 SYN Flood Protection SYN Flood Protection allows you to protect from attack that exploits part of the normal TCP three way handshake to consume resources on the target...

Page 77: ...request packets directed to IP broadcast addresses from remote locations to generate denial of service attacks Field Name Sample value Explanation 1 Enable ICMP requests Enable Disable Blocks remote ICMP echo request type 2 Enable ICMP limit Enable Disable Enable ICMP echo request limit in selected period 3 Limit period Second Minute Hour Day Select in what period limit ICMP echo request 4 Limit 1...

Page 78: ...ct and complete the target server will attempt to obey the Content Length field in the header and wait for the entire body of the message to be transmitted hence slowing it down Field Name Sample value Explanation 1 Enable HTTP limit Enable Disable Limits HTTP connections per period 2 Limit period Second Minute Hour Day Select in what period limit HTTP connections 3 Limit 10 Maximum HTTP connectio...

Page 79: ...t 10 How much port scan before blocked 7 6 7 2 Defending type Field Name Explanation 1 SYN FIN attack Protect from SYN FIN attack 2 SYN RST attack Protect from SYN RST attack 3 X Mas attack Protect from X Mas attack 4 FIN scan Protect from FIN scan 5 NULLflags attack Protect from NULLflags attack 7 7 Routing 7 7 1 Static Routes Static routes specify over which interface and gateway a certain host ...

Page 80: ...d Additional note on Target Netmask You can define a rule that applies to a single IP like this Target some IP Netmask 255 255 255 255 Furthermore you can define a rule that applies to a segment of IPs like this Target some IP that STARTS the segment Netmask Netmask that defines how large the segment is E g 192 168 55 161 255 255 255 255 Only applies to 192 168 55 161 192 168 55 0 255 255 255 0 Ap...

Page 81: ...lity Enable Disable Enables OSPF compatibility with RFC1583 specification 4 Import All None custom Set if the protocol must import routes 5 Export All None custom Set if the protocol must export routes 7 7 2 2 2 OSPF Area The OSPF network can be divided into sub domains called areas Field name Value Explanation 1 Enable Enable Disable Enable dynamic routes 2 Router ID 192 168 1 1 Router s ID ...

Page 82: ...ewly created OSPF area A new page with detailed configuration appears as shown in the picture below Field name Value Explanation 1 Enabled Enable Disable Enable specific OSPF area 2 Stub Enable Disable Enable disable stub 3 Interface br lan A interface that new instance will have 4 New IP Name of the new OSPF network configuration Used for easer configurations management purpose only ...

Page 83: ... routes will be still configured 4 Scan time 20 Time between scans 5 Import All Set if the protocol must import routes 6 Export All Set if the protocol must export routes 7 Enable Enable Disable If checked the protocol will not be configured 8 Scan time 10 Time between scans 7 7 2 3 1 Static Routes Field name Explanation 1 Prefix Protocol prefix of incoming or outgoing packet 2 Type Protocol type ...

Page 84: ...nctionality when you have few routers and would like to change some parameter using single application RMS share some similarities with SSH Secure Shell and indeed one of RMS feature is to allows SSH access to remote router There is no separate chapter about RMS in this manual because the interface of RMS is very intuitive and user friendly You can access RMS by using your browser with supplied us...

Page 85: ...oice The most versatile manner of system monitoring and administration is through SSH The SSH provides complete control of the router The user can execute commands write shell scripts and do many other things In such case the user only needs application to connect router through SSH The most popular application used in Windows type operating systems is called Putty If you try to connect to router ...

Page 86: ...ecial needs he can write shell script and execute it via SSH or use json rpc 9 Services 9 1 VRRP 9 1 1 VRRP LAN Configuration Settings Field name Sample Explanation 1 Enable Enable Disable Enable VRRP Virtual Router Redundancy Protocol for LAN 2 IP address 192 168 1 253 Virtual IP address for LAN s VRRP Virtual Router Redundancy Protocol cluster 3 Virtual ID 1 Routers with same IDs will be grouped...

Page 87: ...6 Ping retry count 100 Failed Ping attempt s count before determining that connection is lost interval 1 9999 9 2 TR 069 TR 069 is a standard developed for automatic configuration and management of remote devices by Auto Configuration Servers ACS 9 2 1 TR 069 Parameters Configuration Field name Sample Explanation 1 Enable Enable Disable Enable TR 069 client 2 Enable Periodic Transmission Enable Di...

Page 88: ...ites blocking 2 Mode Whitelist Blacklist Whitelist allow every site on the list and block everything else Blacklist block every site on the list and allow everything else 3 Enable Enable Disable Check to enable site blocking 4 Host name www yahoo com Block allow site with this hostname 9 3 2 Proxy Based Content Blocker ...

Page 89: ...lacklist block every part of URL on the list and allow everything else 3 URL content example com Block allow any URL containing this string Example com example example com 9 4 NTP NTP configuration lets you setup and synchronize routers time Field name Description 1 Current System time Local time of router 2 Time zone Time zone of your country 3 Enable NTP Enable system s time synchronization with...

Page 90: ... 9 5 VPN 9 5 1 OpenVPN VPN Virtual Private Network is a method for secure data transfer through unsafe public network This section explains how to configure OpenVPN which is implementation of VPN supported by the RUT9 router A picture below demonstrates default OpenVPN configurations list which is empty so you have to define a new configuration to establish any sort of OpenVPN connection To create...

Page 91: ...1 To see at specific configuration settings press edit button located in newly created configuration entry A new page with detailed configuration appears as shown in the picture below TLS client example ...

Page 92: ... is most often used in typical IP level VPN connections however TAP is required to some Ethernet bridging configurations 3 Protocol Defines a transport protocol used by connection You can choose here between TCP and UDP 4 Port Defines TCP or UDP port number make sure that this port allowed by firewall 5 LZO This setting enables LZO compression With LZO compression your VPN connection will generate...

Page 93: ...nd another VPN endpoint 13 Remote network IP netmask Subnet mask of remote network an actual LAN network behind another VPN endpoint 14 Max routes Allow a maximum number of routes to be pulled from an OpenVPN server 15 HMAC authentication algorithm Sets HMAC authentication algorithm 16 Additional HMAC authentication Add an additional layer of HMAC authentication on top of the TLS control channel t...

Page 94: ...ablishment used tunnel Keep Alive feature Field name Value Explanation 1 Enable Enabled Disabled Check box to enable IPSec 2 IKE version IKEv1 or IKEv2 Method of key exchange 3 Mode Main or Aggressive ISAKMP Internet Security Association and Key Management Protocol phase 1 exchange mode 4 My identifier type Address FQDN User FQDN Choose one accordingly to your IPSec configuration 5 My identifier S...

Page 95: ...ust be identical Field name Value Explanation 1 Encryption algorithm DES 3DES AES 128 AES 192 AES256 The encryption algorithm must match with another incoming connection to establish IPSec 2 Authentication MD5 SHA1 SHA256 SHA384 SHA512 The authentication algorithm must match with another incoming connection to establish IPSec 3 Hash algorthm MD5 SHA1 SHA256 SHA384 SHA512 The hash algorithm must ma...

Page 96: ...such as the Internet GRE tunneling does not use encryption it simply encapsulates data and sends it over the WAN In the example network diagram two distant networks LAN1 and LAN2 are connected To create GRE tunnel the user must know the following parameters 1 Source and destination IP addresses 2 Tunnel local IP address 3 Distant network IP address and Subnet mask ...

Page 97: ...sion unit MTU of a communications protocol of a layer in bytes 8 TTL Specify the fixed time to live TTL value on tunneled packets 0 255 The 0 is a special value meaning that packets inherit the TTL value 9 PMTUD Check the box to enable the Path Maximum Transmission Unit Discovery PMTUD status on this tunnel 10 Enable Keep alive It gives the ability for one side to originate and receive keep alive ...

Page 98: ...ines for wide area communication but can securely use the public networks This kind of interconnection is known as a virtual private network VPN Field name Explanation 1 Enable Check the box to enable the PPTP function 2 Local IP IP Address of this device RUT 3 Remote IP range begin IP address leases beginning 4 Remote IP range end IP address leases end 5 Username Username to connect to PPTP this ...

Page 99: ... the L2TP Tunnel function 2 Local IP IP Address of this device RUT 3 Remote IP range begin IP address leases beginning 4 Remote IP range end IP address leases end 5 Username Username to connect to L2TP this server 6 Password Password to connect to L2TP server Client configuration is even simpler which requires only Servers IP Username and Password 9 6 Dynamic DNS Dynamic DNS DDNS is a domain name ...

Page 100: ...DDNS provider is not present from the ones provided please feel free to use custom and add hostname of the update URL 4 Hostname yourhost example org Domain name which will be linked with dynamic IP address 5 Username your_username Name of the user account 6 Password your_password Password of the user account 7 IP Source Public Private Custom This option allows you to select specific RUT interface...

Page 101: ...oups SMS Management Remote Configuration and Statistics 9 7 1 SMS Utilities All configuration options are listed below Reboot Get status Get OpenVPN status Switch WiFi on off Switch mobile data on off Change mobile data settings Get list of profiles Change profile Manage OpenVPN SSh access control Web access control Restore to default Force SIM switch FW upgrade from server Config update from serv...

Page 102: ...s From all numbers from group or from single number Get status via SMS after reboot Check this to recieve connection status via SMS after a reboot If you select this box router will send status once it has rebooted and is operational again This is both separate SMS Rule and an option under SMS Reboot rule Message text Which status information should be included in SMS Data state Operator Connectio...

Page 103: ... 4 Switch WiFi On Off Enable This check box will enable and disable this function Allows Wi Fi control via SMS Action The action to be performed when this rule is met Turn WiFi ON or OFF SMS text SMS text which will turn Wi Fi ON OFF SMS text can contain letters numbers spaces and special symbols Capital letters also matters Authorization method What kind of authorization to use for SIM management...

Page 104: ...ters SMS text can contain letters numbers spaces and special symbols Capital letters also matters Authorization method What kind of authorization to use for SIM management No authorization by serial or by router admin password Allowed users Whitelist of allow users From all numbers from group or from single number Mobile Settings via SMS parameters Parameter Value s Explanation 1 apn e g internet ...

Page 105: ...me Authorization method What kind of authorization to use for SIM management No authorization by serial or by router admin password Allowed users Whitelist of allow users From all numbers from group or from single number 10 SSH access Control Enable This check box will enable and disable this function Allows SSH access control via SMS Action The action to be performed when this rule is met SMS tex...

Page 106: ...se for SIM management No authorization by serial or by router admin password Allowed users Whitelist of allow users From all numbers from group or from single number 13 Force switch SIM Enable This check box will enable and disable this function Allows SIM switch via SMS Action The action to be performed when this rule is met SMS text SMS text which will change active SIM card to another one SMS t...

Page 107: ...MS text can contain letters numbers spaces and special symbols Capital letters also matters Authorization method What kind of authorization to use for SIM management By serial or by router admin password Allowed users Whitelist of allow users From all uers from group or from single number Important Notes 3G settings must be configured correctly If SIM card has PIN number you must enter it at Netwo...

Page 108: ...le Disable If a call is made from number that is not in the active rule list it can be rejected with this option 9 7 3 User Groups Give possibility to group phone numbers for SMS management purposes You can then later use these groups in all related SMS functionalities This option helps if there are several Users who should have same roles when managing router via SMS You can create new user group...

Page 109: ...one number Should be preceded with country code i e 370 2 Message My text Message text special characters are allowed 9 7 4 3 Storage With storage option you can choose for router NOT to delete SMS from SIM card If this option is not used router will automatically delete all incoming messages after they have been read Message status read unread is examined every 60 seconds All read messages are de...

Page 110: ...e sent generate the SMS Text type in the phone number and Serial number of the router that you wish to configure and Send the SMS Total count of SMS is managed automatically You should be aware of possible number of SMS and use this feature at your own responsibility It should not generally be used if you have high cost per SMS This is especially relevant if you will try to send whole OpenVPN conf...

Page 111: ...g and Sending ends must match 2 Allowed users From all numbers From group From single number Gives greater control and security measures Note that for safety reasons Authorization method should be configured before deployment of the router 9 7 5 2 Send configuration This section lets you configure remote RUT950 devices The authorization settings must confirm to those that are set on the receiving ...

Page 112: ...nection creation and management 15 APN internet mnc012 mcc345 gprs APN is the name of a gateway between a GPRS or 3G mobile networks and another computer network frequently the public Internet 16 Dialing number 37060000001 A phone number that will be used to establish a mobile PPP Point to Point Protocol connection 17 Authentication method CHAP PAP None Select an authentication method that will be...

Page 113: ...ill receive the configuration 3 Authorization method No authorization By serial By router admin password What kind of authorization to use for remote configuration 9 7 6 Statistics In statistics page you can review how much SMS was sent and received on both SIM card slots You can also reset the counters 9 8 SNMP SNMP settings window allows you to remotely monitor and send GSM event information to ...

Page 114: ...xample com Trap named sysContact 8 Name Name Trap named sysName Variables OID OID Description 1 1 3 6 1 4 1 99999 1 1 1 Modem IMEI 2 1 3 6 1 4 1 99999 1 1 2 Modem model 3 1 3 6 1 4 1 99999 1 1 3 Modem manufacturer 4 1 3 6 1 4 1 99999 1 1 4 Modem revision 5 1 3 6 1 4 1 99999 1 1 5 Modem serial number 6 1 3 6 1 4 1 99999 1 1 6 SIM status 7 1 3 6 1 4 1 99999 1 1 7 Pin status 8 1 3 6 1 4 1 99999 1 1 8...

Page 115: ...transfer SNMP Simple Network Management Protocol traffic to 3 Port 162 Port for trap s host 4 Community Public Private The SNMP Simple Network Management Protocol Community is an ID that allows access to a router s SNMP data 9 9 SMS Gateway 9 9 1 Post Get Configuration Post Get Configuration allows you to perform actions by writing these requests URI after your device IP address ...

Page 116: ...ure Action POST GET url e g 1 View mobile messages list cgi bin sms_list username admin password admin01 2 Read mobile message cgi bin sms_read username admin password admin01 number 1 3 Send mobile messages cgi bin sms_send username admin password admin01 number 0037060000001 text testmessage 4 View mobile messages total cgi bin sms_total username admin password admin01 5 Delete mobile message cg...

Page 117: ...MS Note Maximum number of characters per SMS is 160 You cannot send longer messages It is suggested to use alphanumeric characters only After every executed command router will respond with return status 9 9 1 4 Possible responses after command execution Response Explanation 1 OK Command executed successfully 2 ERROR An error occurred while executing command 3 TIMEOUT No response from the module r...

Page 118: ...assword using for server authentication 6 Secure connection SLL Enable Disable SSL is a protocol for transmitting private documents via the Internet SSL uses a cryptographic system that uses two keys to encrypt data a public key known to everyone and a private or secret key known only to the recipient of the message 7 Check mail every Minutes Hours Days Mail checking period 9 9 3 Scheduled Message...

Page 119: ...age sending period 9 9 4 Auto Reply Configuration Auto reply allows replying to every message that router receives to everyone or to listed numbers only Field name Values Notes 1 Enable Enable Disable Enable auto reply to every received mobile message 2 Don t save received message Enable Disable If enabled received messages are not going to be saved 3 Mode Everyone Listed numbers Specifies from wh...

Page 120: ...ssages to 4 Number value name sender Name to assign for sender s phone number value in query string 5 Message value name text Name to assign for message text value in query string 6 Extra data pair 1 Var1 17 If you want to transfer some extra information through HTTP query enter variable name on the left field and its value on the right 7 Extra data pair 2 Var2 go If you want to transfer some extr...

Page 121: ... Enable Disable If enabled original senders number will be added at the end of the forwarded message 3 Mode All message From listed numbers Specifies from which senders received messages are going to be forwarded 4 Recipients phone numbers 37060000001 Phone numbers to which message is going to be forwarded to 9 9 5 3 SMS Forwarding to Email This functionality forwards mobile messages from one or s...

Page 122: ...er supports SSL or TLS 7 User name admin Your full email account user name 8 Password Your email account password 9 Sender s email address name surname gmail com Your address that will be used to send emails from 10 Recipient s email address name2 surname2 gmail com Address that you want to forward your messages to 11 Mode All messages from listed numbers Choose which senders messages to forward t...

Page 123: ...nt IP address This will be the address of the router on the hotspot network The router will automatically create a network according to its own IP and the CIDR number that you specify after the slash E g 192 168 2 254 24 means that the router will create a network with the IP address 192 168 182 0 netmask 255 255 255 0 for the express purpose of containing all the wireless clients Such a network w...

Page 124: ...f input octets and output as it related to RADIUS attributes 11 Location name The name of location Authentication mode Internal radius Without radius 1 External landing page Enables the use of external landing page 2 Landing page address The address of external landing page 3 HTTPS redirect Redirects HTTP pages to landing page Authentication mode SMS OTP 9 10 1 2 Session settings Field name Explan...

Page 125: ... 3 1 Configuration Field name Explanation 1 Enable Check this box if you want to enable wireless traffic logging This feature will produce logs which contain data on what websites each client was visiting during the time he was connected to your hotspot 2 Server address The IP address of the FTP server to which you want the logs uploaded ...

Page 126: ...ng to be done at fixed interval 2 Interval Shows up only when Mode is set to Interval Specifies the interval of regular uploads on one specific day E g If you choose 4 hours the uploading will be done on midnight 4 00 8 00 12 00 16 00 and 20 00 3 Days Uploading will be performed on these days only 4 Hours Minutes Shows up only when Mode is set to Fixed Uploading will be done on that specific time ...

Page 127: ...en as landing page title 2 Theme Landing page theme selection 3 Upload login page Allows to upload custom landing page theme 4 Login page file Allows to download and save your landing page file In the sections Terms Of Services Background Configuration Logo Image Configuration Link Configuration Text Configuration you can customize various parameters of landing page components ...

Page 128: ...server configuration An authentication and accounting system used by many Internet Service Providers ISPs When you dial in to the ISP you must enter your username and password This information is passed to a RADIUS server which checks that the information is correct and then authorizes access to the ISP system ...

Page 129: ... 3 Accounting port Port on which to listen for accounting 4 Authentication port Port on which to listen for authentication 9 10 6 Statistics On hotspot statistics page you can review statistical information about hotspot instances 9 11 CLI CLI or Comand Line Interface functionality allows you to enter and execute comands into routers terminal ...

Page 130: ...r of unsuccessful retries No echo reply for sent ICMP Internet Control Message Protocol packet received 3 Interval between pings Time interval in minutes between two Pings Minimum time interval is 5 minutes 4 Ping timeout sec Time after which consider that Ping has failed Range 1 9999 5 Packet size This box allows to modify sent packet size Should be left default unless necessary otherwise 6 Retry...

Page 131: ...iodic reboot feature 2 Days This check box will enable router rebooting at the defined days 3 Hours Minutes Uploading will be done on that specific time of the day 9 13 UPNP 9 13 1 General Settings UPnP allows clients in the local network to automatically configure the router 9 13 2 Advanced Settings ...

Page 132: ...ch may be redirected 3 Internal addresses Internal address to be redirect to 4 Internal ports Internal ports to be redirect to 5 Action Allow or forbid UPNP service to open the specified port 9 13 4 Active UPnP Redirects 9 14 QoS QoS Quality of Service is the idea that transmission rates error rates and other characteristics can be measured improved and to some extent guaranteed in advance QoS is ...

Page 133: ...he maximal number of bytes for connection 9 15 MQTT MQTT also known as MQ Telemetry Transport is an publish subscribe based messaging protocol for use on top of the TCP IP protocol It is designed to send short messages from one client publisher to another subscriber through the brokers which are responsible for message delivery to the end point RUT 9XX routers do support this functionality via ope...

Page 134: ...pports option called Bridge It means that two brokers can be connected to each other and share messages The window of bridge parameters are presented below There are some mandatory parameters like Connection Name Remote Address and Remote Port Although connection name is mandatory it should be set to value what you like and according to mosquitto s user manual this option denotes the client ID whi...

Page 135: ...es the file there users and corresponding passwords are stored This file is used for user authentication This option is related to another option called Allow Anonymous If Allow Anonymous is unchecked only users which exist in password file will be able to connect to the broker More about password file can be read on mosquitto configuration manual The last option is called Persistence it allows to...

Page 136: ... broker to connect Username and password fields are used for authentication If these fields are left empty no authentication is performed The full list of system parameters which can be published are described below Parameter name Parameter description temperature Get temperature of the module in 0 1 degrees Celcium operator Get current operator s name signal Get signal strength in dBm network Get...

Page 137: ...rrently run publisher The client then sends message id to the topic router get The following message is received by the publisher since it is subscribed to that topic Then the publisher sends response with its serial number to the topic router id Now the client knows that publisher with some serial number exist It means that client can send message with parameter name from the list as a message to...

Page 138: ... 2 bytes For simplification the number of registers for storing numbers is 2 while for storing text information the number of registers is 16 Required value Representation Register number Number of registers System uptime 32 bit unsigned integer 1 2 GSM signal strength dBm 32 bit integer 2 2 System temperature in 0 1 degrees Celcium 32 bit integer 3 2 System hostname Text 4 16 GSM operator name Te...

Page 139: ...IM1 SIM2 SIM1 SIM2 and SIM2 SIM1 Allows to change SIM card in use 3 possible options are supported 12 0 1 2 Change APN Allows to change APN 13 APN code Reboot Reboots a router 20 1 10 System 10 1 Setup Wizard The configuration wizard provides a simple way of quickly configuring the device in order to bring it up to basic functionality The wizard is comprised out of 4 steps and they are as follows ...

Page 140: ...iven the chance to configure your LAN and DHCP server options For a detailed explanation see LAN under Network Step 4 Wi Fi The final step allows you to configure your wireless settings in order to set up a rudimentary Access Point ...

Page 141: ...wizard press Save 10 2 Profiles Router can have 5 configuration profiles which you can later apply either via WebUI or via SMS When you add New Profile you save current full configuration of the router Note profile names cannot exceed 10 symbols ...

Page 142: ... well 4 Confirm new password Re enter your new administration password 5 Language Website will be translated into selected language 6 IPv6 support Enable IPv6 support on router 7 Show mobile info at login page Show operator and signal strength at login page 8 Show WAN IP at login page Show WAN IP at login page 9 On Off LEDs If uncheck all routers LEDs are off 10 Restore to default Router will be s...

Page 143: ...information Default setting disabled should be used unless instructed otherwise 5 Include Chat script information Default setting enabled should be used unless instructed otherwise 6 Include network topology information Default setting disabled should be used unless instructed otherwise 7 System Log Provides on screen System logging information It does not however substitute troubleshooting file t...

Page 144: ...hive Download current router settings file to personal computer This file can be loaded to other RUT950 with same Firmware version in order to quickly configure it 2 Restore from backup Select upload and restore router settings file from personal computer ...

Page 145: ...er 5 Enable remote HTTP access Enables remote HTTP access to router 6 Port Port to be used for HTTP communication 7 Enable remote HTTPS access Enables remote HTTPS access to router 8 Port Port to be used for HTTPS communication 9 Enable CLI Enables Command Line Interface 10 Enable remote CLI Enables remote Command Line Interface 11 Port Port to be used for CLI communication Note The router has 2 u...

Page 146: ...Clean after reboot If check box is selected blocked addresses are removed after every reboot 3 Fail count Specifies maximum connection attempts count before access blocking 4 WebUI access secure enable Check box to enable secure WebUI access 10 3 4 Diagnostics Field name Explanation 1 Host Enter server IP address or hostname ...

Page 147: ...ackets across an Internet IP network Log containing route information will be shown after few seconds 4 Nslookup Network administration command line tool for querying the Domain Name System DNS to obtain domain name or IP address mapping or for any other specific DNS record Log containing specified server DNS lookup information will be shown after few seconds 10 3 5 MAC Clone Field name Explanatio...

Page 148: ... Hotspot name Hotspot Check box to show Hotspot instance table in Overview page 11 VRRP Check box to show VRRP table in Overview page 12 Monitoring Check box to show Monitoring table in Overview page 10 3 7 Monitoring Monitoring functionality allows your router to be connected to Remote Monitoring System Also MAC address and router serial numbers are displayed for convenience in this page because ...

Page 149: ...s It should be noted that this is embedded device and sh functionality is not full 10 5 Restore point 10 5 1 Restore point create Allow to create firmware restore points with all custom configurations You can download created restore points to your computer 10 5 2 Restore point load Allow to restore configuration from previously saved restore point You can upload restore point from your computer ...

Page 150: ...ou can choose settings that you wish to keep after the upgrade This function is useful when firmware is being upgraded via Internet remotely and you must not lose connection to the router afterwards FW image router firmware upgrade file Warning Never remove router power supply and do not press reset button during upgrade process This would seriously damage your router and make it inaccessible If y...

Page 151: ...User name for server authorization 3 Password Password name for server authorization 4 Enable auto check Check box to enable automatic checking for new firmware updates 5 Auto check mode Select when to perform auto check function 6 WAN wired Allows to update firmware from server only if routers WAN is wired if box is checked 10 7 Reboot Reboot router by pressing button Reboot ...

Page 152: ...es the elapsed time All 5 lit LEDs means that 5 seconds have passed and reset button can be released Start of the reset to defaults will be indicated by flashing of all 5 signal strength LEDs together with red connection status LED SIM PIN on the main SIM card is the only user parameter that is kept after reset to defaults 11 2 Bootloader s WebUI Bootloader also provides a way to recover the route...

Page 153: ... browse the web provided that you know the IP of the website you are trying to reach ARP Short for Adress Resolution Protocol a network layer protocol used to convert an IP address into a physical address called a DLC address such as an Ethernet address PPPoE Point to Point Protocol over Ethernet PPPoE is a specification for connecting the users on an Ethernet to the internet through a common broa...

Page 154: ...d a direct way to send and receive datagrams over IP network VPN Virtual Private Network a network that is constructed by using public wires usually the Internet to connect to a private network such as a company s internal network VRRP Virtual Router Redundancy Protocol an election protocol that dynamically assigns responsibility for one or more virtual router s to the VRRP router s on a LAN allow...

Page 155: ...155 13 Changelog Nr Date Version Comments 1 2017 02 01 1 34 2 2017 08 03 1 36 Page 2 ...

Reviews:

No comments

Brands by name

Popular brands

Load more brands