manualshive.com logo in svg

Vitriko ER75i v2, Configuration Manual, Page: 61 / 106

Share
Download
Vitriko ER75i v2 Configuration Manual Download Page 61

VITRIKO

Mobile Data Experts 

1. CONFIGURATION OVER WEB BROWSER

Continued from previous page

Item

Description

Encapsulation Mode

IPsec mode (according to the method of encapsulation) – You
can choose

tunnel

(entire IP datagram is encapsulated) or

trans-

port

(only IP header).

NAT traversal

If address translation is used between two end points of the tun-
nel, it needs to enable

NAT Traversal

.

IKE Mode

Defines mode for establishing connection (

main

or

aggressive

).

If the aggressive mode is selected, establishing of IPsec tunnel
will be faster, but encryption will set permanently on 3DES-MD5.

IKE Algorithm

Way of algorithm selection:

auto

– encryption and hash alg. are selected automatically

manual

– encryption and hash alg. are defined by the user

IKE Encryption

Encryption algorithm – 3DES, AES128, AES192, AES256

IKE Hash

Hash algorithm – MD5 nebo SHA1

IKE DH Group

Diffie-Hellman groups determine the strength of the key used in
the key exchange process. Higher group numbers are more se-
cure, but require additional time to compute the key. Group with
higher number provides more security, but requires more pro-
cessing time.

ESP Algorithm

Way of algorithm selection:

auto

– encryption and hash alg. are selected automatically

manual

– encryption and hash alg. are defined by the user

ESP Encryption

Encryption algorithm – DES, 3DES, AES128, AES192, AES256

ESP Hash

Hash algorithm – MD5 nebo SHA1

PFS

Ensures that derived session keys are not compromised if one of
the private keys is compromised in the future

PFS DH Group

Diffie-Hellman group number (see

IKE DH Group

)

Key Lifetime

Lifetime key data part of tunnel. The minimum value of this pa-
rameter is 60 s. The maximum value is 86400 s.

IKE Lifetime

Lifetime key service part of tunnel. The minimum value of this
parameter is 60 s. The maximum value is 86400 s.

Rekey Margin

Specifies how long before connection expiry should attempt to
negotiate a replacement begin. Maximum value must be less
than half of IKE and Key Lifetime parameters.

Continued on next page

53

Contact                                                      www.vitriko.com                                          [email protected]

Summary of Contents for ER75i v2

Page 1: ...ANUAL for v2 routers Contact www vitriko com info vitriko com Anytime Anything Anywhere but always connected Industrial LAN 2G 3G 4G Routers www vitriko com VITRIKO Mobile Data Experts XR5i v2 ER75i v2 UR5i v2 LR77 v2 ...

Page 2: ...irmware version Actual version of firmware is 4 0 1 August 25 2014 GPL licence Source codes under GPL licence are available free of charge by sending an email to info vitriko com Router version Properties and settings of router associated with the GSM connection is not available in indus trial router XR5i v2 PPPoE configuration item is only available on the industrial router XR5i v2 used to set th...

Page 3: ... address configuration 24 1 13 3 Check connection to mobile network configuration 24 1 13 4 Data limit configuration 25 1 13 5 Switch between SIM cards configuration 26 1 13 6 Dial In access configuration 28 1 13 7 PPPoE bridge mode configuration 28 1 14 PPPoE Configuration 31 1 15 WiFi configuration 32 1 16 WLAN configuration 36 1 17 Backup Routes 38 1 18 Firewall configuration 39 1 19 NAT config...

Page 4: ...own script 88 1 34 Automatic update configuration 89 1 35 User modules 91 1 36 Change profile 92 1 37 Change password 93 1 38 Set real time clock 93 1 39 Set SMS service center address 93 1 40 Unlock SIM card 94 1 41 Send SMS 94 1 42 Backup configuration 95 1 43 Restore configuration 95 1 44 Update firmware 95 1 45 Reboot 96 2 Configuration setting over Telnet 97 iii Contact www vitriko com info v...

Page 5: ...guration backup router 22 20 Mobile WAN configuration 29 21 Example of Mobile WAN configuration 1 30 22 Example of Mobile WAN configuration 2 30 23 Example of Mobile WAN configuration 3 30 24 PPPoE configuration 31 25 WiFi konfigurace 35 26 WLAN configuration 37 27 Backup Routes 39 28 Firewall configuration 41 29 Topology of example firewall configuration 42 30 Example firewall configuration 42 31...

Page 6: ...of SMS configuration 3 78 56 Example of SMS configuration 4 79 57 Expansion port configuration 81 58 Example of expansion port configuration 1 82 59 Example of expansion port configuration 2 82 60 USB configuration 85 61 Example of USB port configuration 1 85 62 Example of USB port configuration 2 86 63 Startup script 87 64 Example of Startup script 87 65 Up Down script 88 66 Example of Up Down sc...

Page 7: ...iguration 21 18 Check connection 21 19 Mobile WAN connection configuration 23 20 Check connection to mobile network configuration 25 21 Data limit configuration 25 22 Default and backup SIM configuration 26 23 Switch between SIM card configurations 27 24 Switch between SIM card configurations 27 25 Dial In access configuration 28 26 PPPoE configuration 31 27 WiFi configuration 35 28 WLAN configura...

Page 8: ...nd output 67 56 Object identifier for CNT port 68 57 Object identifier for M BUS port 68 58 SMTP client configuration 71 59 Send SMS configuration 73 60 Control via SMS configuration 73 61 Control SMS 74 62 Send SMS on serial PORT1 configuration 74 63 Send SMS on serial PORT2 configuration 74 64 Send SMS on ethernet PORT1 configuration 74 65 List of AT commands 75 66 Expansion PORT configuration 1...

Page 9: ... IP address of the router is 192 168 1 1 Configuration may be performed only by the user root with initial password root The left part of the web interface contains the menu with pages for monitoring Status Configuration Customization and Administration of the router Name and Location items displays the name and location of the router filled in the SNMP configuration see SNMP Configuration For inc...

Page 10: ...em Editing etc hosts Linux Unix Editing C WINDOWS system32 drivers etc hosts Windows XP Configuring your own DNS server In addition to configuring the router with MAC address 00 11 22 33 44 55 is accessed to secure configuration by typing address https 00 11 22 33 44 55 in the web browser The first approach is the need to install a security certificate When using self signing certificate must uplo...

Page 11: ...ble 1 Mobile connection 1 2 2 Primary LAN Items displayed in this part have the same meaning as items in the previous part Moreover there is information about the MAC address of the router MAC Address item 1 2 3 Peripheral Ports Item Description Expansion Port 1 Expansion port fitted to the position 1 None indicates that this position is equipped with no port Expansion Port 2 Expansion port fitted...

Page 12: ...on about the module which is mounted in the router Item Description Registration State of the network registration Operator Specifies the operator in whose network the router is operated Technology Transmission technology PLMN Code of operator Cell Cell to which the router is connected LAC Location Area Code unique number assigned to each location area Channel Channel on which the router communica...

Page 13: ...day from 0 00 to 23 59 Yesterday Yesterday from 0 00 to 23 59 This week This week from Monday 0 00 to Sunday 23 59 Last week Last week from Monday 0 00 to Sunday 23 59 This period This accounting period Last period Last accounting period Table 5 Description of period Item Description Signal Min Minimal signal strength Signal Avg Average signal strength Signal Max Maximal signal strength Cells Numb...

Page 14: ...tion about transferred data and number of connections for both SIM card for each period Item Description RX data Total volume of received data TX data Total volume of sent data Connections Number of connection to mobile network establishment Table 7 Traffic statistics The last part Mobile Network Connection Log informs about the mobile network connec tion and problems in establishment Figure 2 Mob...

Page 15: ...02 11b in 802 11g BSS connection num_sta_no_short_slot_time Number of stations not supporting the Short Slot Time num_sta_no_short_preamble Number of stations not supporting the Short Preamble Table 8 State information about access point For each connected client are displayed more detailed information Most of them has an internal character so let us mention only the following Item Description STA...

Page 16: ...r freq Frequency band of WiFi network kHz beacon interval Period of time synchronization capability List of access point AP properties signal Signal level of access point AP last seen Last response time of access point AP SSID Identifier of access point AP Supported rates Supported rates of access point AP DS Parameter set The channel on which access point AP broadcasts ERP Extended Rate PHY infor...

Page 17: ...VITRIKO Mobile Data Experts 1 CONFIGURATION OVER WEB BROWSER Figure 4 WiFi Scan 9 Contact www vitriko com info vitriko com ...

Page 18: ...wing information Item Description HWaddr Hardware unique address of networks interface inet IP address of interface P t P IP address second ends connection Bcast Broadcast address Mask Mask of network MTU Maximum packet size that the equipment is able to transmit Metric Number of routers over which packet must go trought RX packets received packets errors number of errors dropped dropped packets o...

Page 19: ...s TX bytes Total number of transmitted bytes Table 12 Description of information in network status It is possible to read status of connection to mobile network from the network information If the connection to mobile network is active then it is in the system information shown as a ppp0 interface For industrial router XR5i v2 interface ppp0 indicates PPPoE connection Figure 5 Network status 11 Co...

Page 20: ...n the DHCP status window displays the following information Item Description lease Assigned IP address starts Time of assignation of IP address ends Time of termination IP address validity hardware ethernet Hardware MAC unique address uid Unique ID client hostname Computer name Table 13 DHCP status description In the extreme case the DHCP status can display two records for one IP address That coul...

Page 21: ... build the IPsec tunnel status display IPsec SA established highlighted in red in IPsec status information Other information is only internal character Figure 7 IPsec status 1 9 DynDNS status The result of updating DynDNS record on the server www dyndns org can be invoked by pressing the DynDNS item in the menu Figure 8 DynDNS status 13 Contact www vitriko com info vitriko com ...

Page 22: ...ave the system log to a connected computer The second button Save Report is used for creating detailed report generates all support needed information in one file The Syslog default size is 1000 lines After reaching 1000 lines create a new file for storing system log After completion of the 1000 lines in the second file the first file is deleted and creates a new one Program syslogd can be started...

Page 23: ...e network configuration select the LAN menu item ETH network set in Primary LAN configuration expansion PORT ETH set in Secondary LAN configuration Item Description DHCP Client disabled The router does not allow automatic allocation IP ad dress from a DHCP server in LAN network enabled The router allows automatic allocation IP address from a DHCP server in LAN network Continued on next page 15 Con...

Page 24: ...ult Gateway and DNS Server items are used only if the DHCP Client item is set to a value disabled and if the Primary or Secondary LAN is selected by Backup routes system as a default route selection algorithm is described in section 1 17 Backup Routes There can be only one active bridge on the router at the moment Only parameters DHCP Client IP address and Subnet Mask can be used to configure brid...

Page 25: ...e static DHCP leases If this option is checked static DHCP server is enable MAC Address MAC address of a DHCP client IP Address Assigned IP address Table 16 Configuration of static DHCP server It is important not to overlap ranges of static allocated IP address with address allocated by the dynamic DHCP Then risk collision of IP addresses and incorrect function of network Example of the network in...

Page 26: ...face with dynamic and static DHCP server The range of allocated addresses from 192 168 1 2 to 192 168 1 4 The address is allocated 10 minutes Client s with MAC address 01 23 45 67 89 ab has IP address 192 168 1 10 Client s with MAC address 01 54 68 18 ba 7e has IP address 192 168 1 11 18 Contact www vitriko com info vitriko com ...

Page 27: ...VITRIKO Mobile Data Experts 1 CONFIGURATION OVER WEB BROWSER Figure 13 Topology of example LAN configuration 2 Figure 14 Example LAN configuration 2 19 Contact www vitriko com info vitriko com ...

Page 28: ...f the network interface with default gateway and DNS server Default gateway IP address is 192 168 1 20 DNS server IP address is 192 168 1 20 Figure 15 Topology of example LAN configuration 3 Figure 16 Example LAN configuration 3 20 Contact www vitriko com info vitriko com ...

Page 29: ...tion It is possible to set Check connection flag in the second part of the window The currently active router main backup will send testing messages to defined Ping IP Address at periodic time intervals Ping Interval with setting time of waiting for answer Ping Timeout The func tion check connection is used as a supplement of VRRP standard with the same final result If there are no answers from re...

Page 30: ...ive line contin ues the same way like in the case of standard testing process after first test message answer drops out Example of the VRRP protocol Figure 17 Topology of example VRRP configuration Figure 18 Example VRRP configuration main router Figure 19 Example VRRP configuration backup router 22 Contact www vitriko com info vitriko com ...

Page 31: ...address was assigned of the operator Phone Number Telephone number to dial GPRS or CSD connection Router as a de fault telephone number used 99 1 Operator This item can be defined PLNM preferred carrier code Network type Automatic selection router automatically selects transmission method according to the availability of transmission technology Furthermore according to the type of router it s also...

Page 32: ...rds with two APN s there will be the same PIN for both APN s Otherwise the SIM card can be blocked by false SIM PIN Items marked with an asterisk must be filled in only if this information is required by the operator carrier In case of unsuccessful establishing a connection to mobile network is recommended to check the accuracy of entered data Alternatively try a different authentication method or...

Page 33: ... watch traffic in connection to mobile network If this connection is without traffic longer than the Ping Interval then the router sends ping questions to the Ping IP Address Attention The feature of check connection to mobile network is necessary for uninterrupted operation 1 13 4 Data limit configuration Item Description Data limit With this parameter you can set the maximum expected amount of d...

Page 34: ...ded switch the router to off line mode Item Description Switch to other SIM card when connection fails If connection to mobile network fails then this param eter ensures switch to secondary SIM card or sec ondary APN of the SIM card Failure of the connection to mobile network can occur in two ways When I start the router when three fails to establish a connection to mobile network Or if it is chec...

Page 35: ...all be made for the time defined in the parameter Initial Time out range of this parameter is from 1 to 10000 minutes Subsequent Timeout In an unsuccessful attempt to switch to default SIM card the router on the second attempt to try for the time defined in the parameter Subsequent Timeout range is from 1 to 10000 min Additive constants Any further attempt to switch back to the primary SIM card or...

Page 36: ... router during this time nobody logs on the router will try again to establish a GPRS connection Item Description Username User name for secured Dial In access Password Password for secured Dial In access Table 25 Dial In access configuration 1 13 7 PPPoE bridge mode configuration If the Enable PPPoE bridge mode option selected it activate the PPPoE bridge protocol PPPoE point to point over ethern...

Page 37: ...VITRIKO Mobile Data Experts 1 CONFIGURATION OVER WEB BROWSER Figure 20 Mobile WAN configuration 29 Contact www vitriko com info vitriko com ...

Page 38: ...configuration 1 he following configuration illustrates the situation in which the router switches to a backup SIM card after exceeding the data limits of 800 MB Warning SMS is sent upon reaching 400 MB The start of accounting period is set to the 18th day of the month Figure 22 Example of Mobile WAN configuration 2 Primary SIM card is switched to the offline mode after the router detects roaming T...

Page 39: ...outer Item Description Username Username for secure access to PPPoE Password Password for secure access to PPPoE Authentication Authentication protocol in GSM network PAP or CHAP authentication method is chosen by router PAP it is used PAP authentication method CHAP it is used CHAP authentication method MRU Maximum Receiving Unit It is the identifier of the maximum size of packet which is possible...

Page 40: ... SSID Method of broadcasting the unique identifier of SSID network in bea con frame and type of response to a request for sending the beacon frame Enabled SSID is broadcasted in beacon frame Zero length Beacon frame does not include SSID Requests for sending beacon frame are ignored Clear Each SSID character in beacon frame is replaced by 0 However original length is kept Requests for sending beac...

Page 41: ...n WiFi network Open authentication is not required free access point Shared base authentication using WEP key WPA PSK authentication using better authentication method PSK PSK WPA2 PSK authentication using AES encryption Encryption Type of data encryption in WiFi network None No data encryption WEP Encryption using static WEP keys This encryption can be used for Shared authentication TKIP Dynamic ...

Page 42: ...56 bit secret ASCII passphrase PSK File WPA PSK Key for WPA PSK authentication This key must be entered accord ing to the selected WPA PSK type as follows 256 bit secret 64 hexadecimal digits ASCII passphrase from 8 to 63 characterswhich are subse quently converted into PSK PSK File absolute path to the file containing the list of pairs PSK key MAC address Access List Determines a manner of Access...

Page 43: ... log Verbose debugging the highest level of communicativeness Debugging Informational default level of communicativeness which is used for writing standard events Notification Warning the lowest level of communicativeness Extra options Allows user to define additional parameters Table 27 WiFi configuration Figure 25 WiFi konfigurace 35 Contact www vitriko com info vitriko com ...

Page 44: ... from the available access point AP and sends data from cable connection via wifi network DHCP Client Activates deactivates DHCP client IP Address Fixed set IP address of WiFi network interface Subnet Mask Subnet mask of WiFi network interface Bridged Activates bridge mode no Bridged mode is not allowed it s default value WLAN network is not connected with LAN network of the router yes Bridged mod...

Page 45: ... Description IP Pool Start Beginning of the range of IP addresses which will be assigned to DHCP clients IP Pool End End of the range of IP addresses which will be assigned to DHCP clients Lease Time Time in seconds for which the client may use the IP address Table 29 Configuration of DHCP server All changes in settings will apply after pressing the Apply button Figure 26 WLAN configuration 37 Con...

Page 46: ...le If Enable backup routes switching option is not checked Backup routes system operates in the so called backward compatibility mode The default route is selected based on implicit priorities according to the status of enabling settings for each of network interface as the case may be enabling services that set these network interfaces Names of backup routes and corresponding network interfaces i...

Page 47: ...motely access the router and the internal network connected behind a router If the Enable filtering of incoming packets item is checked located at the beginning of the configuration form Firewall this element is enabled and accessibility is checked against the table with IP addresses This means that access is permitted only addresses specified in the table It is possible to define up to eight remo...

Page 48: ...ing packet is addressed to another network interface it will go to the FORWARD chain In case that the FORWARD chain accepted this packet there is a rule for its forwarding it will be sent out If the forwarding rule does not exist packet will be dropped Then there is a table for defining the rules It is possible to allow all traffic within the selected protocol rule specifies only protocol or creat...

Page 49: ...ich is not in the router comes check box named Enable filtering of locally destinated packets The packet is dropped automatically without any information As a protection against DoS attacks this means attacks during which the target system is flooded with plenty of meaningless requirements is used option named Enable protection against DoS attacks which limits the number of connections per second ...

Page 50: ...s allowed the following access from address 171 92 5 45 using any protocol from address 10 0 2 123 using TCP protocol on port 1000 from address 142 2 26 54 using ICMP protocol Figure 29 Topology of example firewall configuration Figure 30 Example firewall configuration 42 Contact www vitriko com info vitriko com ...

Page 51: ... necessary set more than sixteen rules for NAT rules then is possible insert into start up script following script iptables t nat A napt p tcp dport PORT _PUBLIC j DNAT to destination IPADDR PORT1 _PRIVATE Concrete IP address IPADDR and ports numbers PORT_PUBLIC and PORT_PRIVATE are filled up into square bracket The following items are used to set the routing of all incoming traffic from the PPP t...

Page 52: ...pos sible to access over FTP disabled in default configuration Enable remote SSH access on port Choice this item and port number makes it pos sible to access over SSH disabled in default configuration Enable remote Telnet access on port Choice this item and port number makes it pos sible to access over Telnet disabled in default configuration Enable remote SNMP access on port Choice this item and ...

Page 53: ... to have marked choice of Send all remaining incom ing packets it default server IP address in this case is the address of the device behind the router Connected equipment behind the router must have set Default Gateway on the router Connected device replies while PING on IP address of SIM card 45 Contact www vitriko com info vitriko com ...

Page 54: ...ts 1 CONFIGURATION OVER WEB BROWSER Example of the configuration with more connected equipment Figure 33 Topology of example NAT configuration 2 Figure 34 Example NAT configuration 2 46 Contact www vitriko com info vitriko com ...

Page 55: ...on Send all remaining incoming packets to default server and Default server IP address then connection requests a failure 1 20 OpenVPN tunnel configuration OpenVPN tunnel configuration can be called up by option OpenVPN item in the menu OpenVPN tunnel allows protected connection of two networks LAN to the one which looks like one homogenous In the OpenVPN Tunnels Configuration window are two rows ...

Page 56: ...unnel Ping Timeout Defines the time interval during which the router waits for a mes sage sent by the opposite side For proper verification of Open VPN tunnel Ping Timeout must be greater than Ping Interval Renegotiate Interval Sets renegotiate period reauthorization of the OpenVPN tun nel This parameter can be set only when Authenticate Mode is set to username password or X 509 certificate After ...

Page 57: ... offered authentication mode CA Certificate Auth using CA Certificate can be used for username password and X 509 Certificate modes DH Parameters Protocol for exchange key DH parameters can be used for X 509 Certificate authentication in server mode Local Certificate This authentication certificate can be used for X 509 Certificate authentication mode Local Private Key It can be used for X 509 Cer...

Page 58: ...IKO Mobile Data Experts 1 CONFIGURATION OVER WEB BROWSER The changes in settings will apply after pressing the Apply button Figure 36 OpenVPN tunnel configuration 50 Contact www vitriko com info vitriko com ...

Page 59: ... 10 0 0 2 10 0 0 1 Remote Subnet 192 168 2 0 192 168 1 0 Remote Subnet Mask 255 255 255 0 255 255 255 0 Local Interface IP Address 19 16 1 0 19 16 2 0 Remote Interface IP Address 19 16 2 0 19 18 1 0 Compression LZO LZO Authenticate mode none none Table 38 Example OpenVPN configuration Examples of different options for configuration and authentication of OpenVPN tunnel can be found in the applicati...

Page 60: ...nels Figure 38 IPsec tunnels configuration Item Description Description Name description of the tunnel Remote IP Address IP address of remote side of the tunnel It is also possible to enter the domain name Remote ID Identifier ID of remote side of the tunnel It consists of two parts hostname and domain name more information can be found un der the table Remote Subnet IP address of a network behind...

Page 61: ...the key exchange process Higher group numbers are more se cure but require additional time to compute the key Group with higher number provides more security but requires more pro cessing time ESP Algorithm Way of algorithm selection auto encryption and hash alg are selected automatically manual encryption and hash alg are defined by the user ESP Encryption Encryption algorithm DES 3DES AES128 AES...

Page 62: ...emote Certificate Certificate for X 509 authentication Local Certificate Certificate for X 509 authentication Local Private Key Private key for X 509 authentication Local Passphrase Passphrase for X 509 authentication Extra Options Use this parameter to define additional parameters of the IPsec tunnel for example secure parameters etc Table 40 IPsec tunnel configuration IPsec supports the followin...

Page 63: ...e range Minimal time 1h 9m 9m 42m Maximal time 1h 9m 0m 51m When setting the times for key exchange is recommended to leave the default setting in which tunnel has guaranteed security When set higher time tunnel has smaller operating costs and smaller the safety Conversely reducing the time tunnel has higher operating costs and higher safety of the tunnel The changes in settings will apply after p...

Page 64: ...VITRIKO Mobile Data Experts 1 CONFIGURATION OVER WEB BROWSER Figure 39 IPsec tunnels configuration 56 Contact www vitriko com info vitriko com ...

Page 65: ...re shared key pre shared key Pre shared key test test Table 41 Example IPsec configuration Examples of different options for configuration and authentication of IPsec tunnel can be found in the application note IPsec 1 22 GRE tunnels configuration GRE is an unencrypted protocol To enter the GRE tunnels configuration select the GRE menu item The GRE tunnel is used for connection of two networks to ...

Page 66: ...he tunnel Remote Subnet IP address of the network behind the remote side of the tunnel Remote Subnet Mask Mask of the network behind the remote side of the tunnel Multicasts Enables disables multicast disabled multicast disabled enabled multicast enabled Pre shared Key An optional value that defines the 32 bit shared key in numeric format through which the filtered data through the tunnel This key...

Page 67: ...Tunnel configuration Figure 43 Topology of GRE tunnel configuration GRE tunnel Configuration Configuration A B Remote IP Address 10 0 0 2 10 0 0 1 Remote Subnet 192 168 2 0 192 168 1 0 Remote Subnet Mask 255 255 255 0 255 255 255 0 Table 44 Example GRE tunnel configuration 59 Contact www vitriko com info vitriko com ...

Page 68: ...ress of the server Server IP Address IP address of server Client Start IP Address Start IP address in range which is offered by server to clients Client End IP Address End IP address in range which is offered by server to clients Local IP Address IP address of the local side of the tunnel Remote IP Address IP address of the remote side of the tunnel Remote Subnet Address of the network behind the ...

Page 69: ...n A B Mode L2TP Server L2TP Client Server IP Address 10 0 0 1 Client Start IP Address 192 168 1 2 Client End IP Address 192 168 1 254 Local IP Address 192 168 1 1 Remote IP Address Remote Subnet 192 168 2 0 192 168 1 0 Remote Subnet Mask 255 255 255 0 255 255 255 0 Username username username Password password password Table 46 Example L2TP tunel configuration 61 Contact www vitriko com info vitrik...

Page 70: ...nt in case of client must be defined the IP address of the server Server IP Address IP address of server Local IP Address IP address of the local side of the tunnel Remote IP Address IP address of the remote side of the tunnel Remote Subnet Address of the network behind the remote side of the tunnel Remote Subnet Mask The mask of the network behind the remote side of the tunnel Username Username f...

Page 71: ...tion of the PPTP tunnel Configuration A B Mode PPTP Server PPTP Client Server IP Address 10 0 0 1 Local IP Address 192 168 1 1 Remote IP Address Remote Subnet 192 168 2 0 192 168 1 0 Remote Subnet Mask 255 255 255 0 255 255 255 0 Username username username Password password password Table 48 Example PPTP tunel configuration 63 Contact www vitriko com info vitriko com ...

Page 72: ...registered on server www dyndns org Username Username for login to DynDNS server Password Password for login to DynDNS server Server If you want to use another DynDNS service than www dyndns org then enter the update server service to this item If this item is left blank it uses the default server members dyndns org Table 49 DynDNS configuration Example of the DynDNS client configuration with doma...

Page 73: ... it is possible to set the router in mode that it can serve as NTP server for other devices Item Description Primary NTP Server Address IP or domain address primary NTP server Secondary NTP Server Address IP or domain address secondary NTP server Timezone By this parameter it is possible to set the time zone of the router Daylight Saving Time Using this parameter can be defined time shift No time ...

Page 74: ...ined The Enable SNMPv3 access item allows you to enable SNMPv3 Then you must define the following parameters Item Description Username User name Authentication Encryption algorithm on the Authentication Protocol that is used to ensure the identity of users Authentication Password Password used to generate the key used for authentication Privacy Encryption algorithm on the Privacy Protocol that is ...

Page 75: ...tical information in minutes Table 54 SNMP configuration R SeeNet Every monitor value is uniquely identified by the help of number identifier OID Object Identifier For binary input and output the following range of OID is used OID Description 1 3 6 1 4 1 30140 2 3 1 0 Binary input BIN0 values 0 1 1 3 6 1 4 1 30140 2 3 2 0 Binary output OUT0 values 0 1 Table 55 Object identifier for binary input an...

Page 76: ...port 1 3 6 1 4 1 30140 2 2 address 6 0 0 VIF value information field 1 3 6 1 4 1 30140 2 2 address 7 0 0 measured value 1 3 6 1 4 1 30140 2 2 address 8 0 1 VIF value information field 1 3 6 1 4 1 30140 2 2 address 9 0 1 measured value 1 3 6 1 4 1 30140 2 2 address 10 0 2 VIF value information field 1 3 6 1 4 1 30140 2 2 address 11 0 2 measured value 1 3 6 1 4 1 30140 2 2 address 12 0 3 VIF value i...

Page 77: ...VITRIKO Mobile Data Experts 1 CONFIGURATION OVER WEB BROWSER Example of SNMP settings and readout Figure 50 Example of SNMP configuration 69 Contact www vitriko com info vitriko com ...

Page 78: ...of the SNMP agent router in field Remote SNMP agent After enter the IP address is in a MIB tree part is possible show object identifier The path to objects is iso org dod internet private enterprises conel protocols The path to information about router is iso org dod internet mgmt mib 2 system 70 Contact www vitriko com info vitriko com ...

Page 79: ... use only the SMTP server of operator Example settings SMTP client Figure 52 SMTP configuration E mail can be send from the Startup script This command is used to email with following parameters t receiver Email address s subject m message a appendix r number of attempts to send email default set 2 attempts Commands and parameters can be entered only in lowercase Example to send email email t name...

Page 80: ...sending SMS message after binary input on I O port BIN0 is active Text of message is in tended parameter BIN0 Send SMS when binary input on expansion port BIN1 BIN4 is active Automatic sending SMS message after binary input on expansion port BIN1 BIN4 is active Text of message is intended parameter BIN1 BIN4 Add timestamp to SMS Adds time stamp to sent SMS messages This stamp has a fixed format YY...

Page 81: ...trol via SMS all incoming SMS are processed and deleted In the default settings this parameter is turned on Table 60 Control via SMS configuration If no phone number is filled in then it is possible to restart the router with the help of SMS in the form of Reboot from any phone number While filling of one two or three numbers it is possible to control the router with the help of an SMS sent only f...

Page 82: ...speed expansion port 1 Table 62 Send SMS on serial PORT1 configuration By choosing Enable AT SMS protocol on expansion port 2 and Baudrate it is possible to send receive an SMS on the serial Port 2 Item Description Baudrate Communication speed expansion port 2 Table 63 Send SMS on serial PORT2 configuration By choosing Enable AT SMS protocol on TCP port and enter the TCP port it is possible to sen...

Page 83: ... storage area AT CMGS Sends a short message from the device to entered tel number AT CMGW Writes a short message to SIM storage AT CMSS Sends a message from SIM storage location value AT COPS Identifies the available mobile networks AT CPIN Is used to query and enter a PIN code AT CPMS Selects SMS memory storage types to be used for short message operations AT CREG Displays network registration st...

Page 84: ...at the mentioned phone number comes SMS in this form Router Unit ID has established connection to mobile network IP address xxx xxx xxx xxx After disconnect to mobile network at the mentioned phone number comes SMS in this form Router Unit ID has lost connection to mobile network IP address xxx xxx xxx xxx Configuration of sending this SMS is following Figure 53 Example of SMS configuration 1 76 C...

Page 85: ...Data Experts 1 CONFIGURATION OVER WEB BROWSER Example of the router configuration for SMS sending via serial interface on the PORT1 Figure 54 Example of SMS configuration 2 77 Contact www vitriko com info vitriko com ...

Page 86: ... Data Experts 1 CONFIGURATION OVER WEB BROWSER Example of the router configuration for controlling via SMS from every phone numbers Figure 55 Example of SMS configuration 3 78 Contact www vitriko com info vitriko com ...

Page 87: ...e Data Experts 1 CONFIGURATION OVER WEB BROWSER Example of the router configuration for controlling via SMS from two phone numbers Figure 56 Example of SMS configuration 4 79 Contact www vitriko com info vitriko com ...

Page 88: ...l TCP communication using a linked protocol TCP UDP communication using a unlinked protocol UDP Mode Mode of connection TCP server router will listen to incoming requests about TCP connection TCP client router will connect to a TCP server on the specified IP address and TCP port Server Address In mode TCP client it is necessary to enter the Server address and final TCP port TCP Port In both modes ...

Page 89: ...ct items Use DTR as control of TCP connection is activated function control TCP connection using signal DTR CD on the router DTR Description server Description client Active The router allows establishing a TCP connection Router starts TCP connection Nonactive The router does not permit establishing a TCP connection Router stops TCP connection Table 69 DTR signal description The changes in setting...

Page 90: ...routers provide a program called getty which allows user to connect to the router via the serial line router must be fitted with an expansion port RS232 Getty displays the prompt and after entering the username passes it on login program which asks for a password verifies it and runs the shell After logging in it is possible to manage the system as well as a user is connected via telnet 82 Contact...

Page 91: ...arameter value in millisec onds Then all of the received data compiled and sent the message Protocol Communication protocol TCP communication using a linked protocol TCP UDP communication using a unlinked protocol UDP Mode Mode of connection TCP server router will listen to incoming requests about TCP connection TCP client router will connect to a TCP server on the speci fied IP address and TCP po...

Page 92: ...CP connection is off Table 72 CD signal description When you select items Use DTR as control of TCP connection is activated function control TCP connection using signal DTR CD on the router DTR Description server Description client Active The router allows establishing a TCP connection Router starts TCP connection Nonactive The router does not permit establishing a TCP connection Router stops TCP ...

Page 93: ...KO Mobile Data Experts 1 CONFIGURATION OVER WEB BROWSER Figure 60 USB configuration Example of USB port configuration Figure 61 Example of USB port configuration 1 85 Contact www vitriko com info vitriko com ...

Page 94: ...VITRIKO Mobile Data Experts 1 CONFIGURATION OVER WEB BROWSER Figure 62 Example of USB port configuration 2 86 Contact www vitriko com info vitriko com ...

Page 95: ...ly after pressing the Apply button Figure 63 Startup script Change take effect after shut down and witch on router by the help of button Reboot in web administration or by SMS message Example of Startup script When start the router stop syslogd program and start syslogd with remote logging on address 192 168 2 115 and limited to 100 entries listing Figure 64 Example of Startup script 87 Contact ww...

Page 96: ...PP WAN connection In the item Down Script is defines script which begins after lost a PPP WAN connection The changes in settings will apply after pressing the Apply button Figure 65 Up Down script Example of UP Down script After establishing or lost a connection the router sends an email with information about establishing or loss a connection Figure 66 Example of Up Down script 88 Contact www vit...

Page 97: ...ile will be downloaded Unit ID Name of configuration If the Unit ID is not filled then as the file name used the MAC address of the router The delimiter is a colon is used instead of a dot Update Hour Use this item to set the hour range 1 24 in which automatic update will be performed every day If the time is not specified automatic update is performed five minutes after turning on the router and ...

Page 98: ... Configuration file http router cz temelin cfg Figure 67 Example of automatic update 1 The following examples find if there is a new firmware or configuration each day at 1 00 in the morning An example is given on the type of router ER75i v2 with MAC address 00 11 22 33 44 55 Firmware http router cz er75i v2 bin Configuration file http router cz 00 11 22 33 44 55 cfg Figure 68 Example of automatic...

Page 99: ... version will replace the existing module The current module configura tion is kept in same state Programming and compiling of modules are described in the programming guide Figure 70 Added user module There are for example these user s modules Module name Description MODBUS TCP2RTU Provides a conversion of MODBUS TCP IP protocol to MDBUS RTU protocol which can be operated on the serial line Easy ...

Page 100: ...ion it is necessary to distinguish for which kernel firewall are intended 1 36 Change profile To open the dialog box for changing profile select the Change Profile menu item Profile switch is making by press the button Apply Change take effect after restarting router by the help of button Reboot in web administration or by SMS message It is possible select the standard profile or up to three alter...

Page 101: ...ce Date and time can be set manually through the Date and Time items Always enter data in a format that is illustrated in the figure below The clock can be also adjusted according to the specified NTP server Finally it is necessary to press the Apply button Figure 73 Set real time clock 1 39 Set SMS service center address For industrial router XR5i v2 is not available Set SMS service center addres...

Page 102: ...r industrial router XR5i v2 is not available Send SMS item Sending SMS messages is possible in menu Send SMS The SMS message will be sent after entering the Phone number and text SMS Message and by pushing button Send Figure 76 Send SMS SMS message sending via HTTP request is in the form GET send_exec cgi phone 2B420712345678 message Test HTTP 1 1 Authorization Basic cm9vdDpyb290 HTTP request will...

Page 103: ... configuration by help Browse button Figure 77 Restore configuration 1 44 Update firmware To view the information about the firmware version and instructions for its update select the Update Firmware menu item New firmware is selected via Browse button and update the following pressing the Update button Figure 78 Update firmware After successful firmware updating the following statement is listed ...

Page 104: ... Mobile Data Experts 1 CONFIGURATION OVER WEB BROWSER 1 45 Reboot To reboot the router select the Reboot menu item and then press the Reboot button Figure 79 Reboot 96 Contact www vitriko com info vitriko com ...

Page 105: ...ommand Description cat file contain write cp copy of file date show change of system time df displaying of informations about file system dmesg displaying of kernel diagnostics messages echo string write email Email send free displaying of informations about memory gsmat sends AT commands cdmaat for routers with CDMA module gsminfo displaying of informations about signal quality gsmsms SMS send hw...

Page 106: ...p of actual directory reboot reboot rm file delete rmdir directory delete route displaying change of route table service start stop of service sleep pause on set seconds number slog displaying of system log tail displaying of file end tcpdump monitoring of network touch file create actualization of file time stamp vi text editor Table 76 Telnet commands 98 Contact www vitriko com info vitriko com ...

Reviews:

No comments