Amit IOG851-0T031 Скачать руководство пользователя страница 1

Страница: 1 / 389

Industry Cellular Gateway

IOG851-0T031

IOG851-0T041

User Manual

Содержание IOG851-0T031

Страница 1: ...Industry Cellular Gateway IOG851 0T031 IOG851 0T041 User Manual...

Страница 2: ...Mount the Unit 17 1 6 2 Insert the SIM Card 17 1 6 3 Install the External RF Cable and Antenna 18 1 6 4 Connecting DI DO Devices 19 1 6 5 Connecting Serial Devices 20 1 6 6 Connecting Power 21 1 6 7 P...

Страница 3: ...NS DDNS 130 2 7 1 DNS DDNS Configuration 130 2 8 QoS 134 2 8 1 QoS Configuration 134 2 9 Redundancy 143 2 9 1 VRRP 143 Chapter 3 Object Definition 146 3 1 Scheduling 146 3 1 1 Scheduling Configuration...

Страница 4: ...242 5 1 5 GRE 249 5 2 Firewall 253 5 2 1 Packet Filter 253 5 2 2 URL Blocking 258 5 2 3 MAC Control 262 5 2 4 Content Filter not supported 265 5 2 5 Application Filter not supported 266 5 2 6 IPS 267...

Страница 5: ...7 1 2 SMS 327 7 1 3 SIM PIN 330 7 1 4 USSD 335 7 1 5 Network Scan 339 7 2 Event Handling 341 7 2 1 Configuration 343 7 2 2 Managing Events 352 7 2 3 Notifying Events 355 Chapter 8 Status 358 8 1 Dash...

Страница 6: ...lar Gateway 8 4 2 Log Storage Status 380 8 5 Statistics Report 381 8 5 1 Connection Session 381 8 5 2 Network Traffic 382 8 5 3 Device Administration 383 8 5 4 Cellular Usage 384 Appendix A GPL WRITTE...

Страница 7: ...l NAT port forwarding DHCP server and many other powerful features for outdoor IP surveillance applications The redundancy design in fallback 12 48 VDC power terminal and dual SIM cards make the data...

Страница 8: ...Package Contents Standard Package Items Description Contents Quantity 1 IOG851 0T031 or IOG851 0T041 Industry Cellular Gateway 1pcs 2 8 pin Terminal Block 1pcs 3 4 pin Terminal Block 1pcs 4 RJ45 Cabl...

Страница 9: ...The device will restore to factory default settings 3G 4G WiFi Antenna All the 3G 4G and WiFi antennas are optional accessory and not included in the standard package You need to purchase the suitable...

Страница 10: ...Industry Cellular Gateway Left View DI DO Terminal Block DC Power Terminal Block Earth Ground Screw 10...

Страница 11: ...packet transferred via Cellular interface In Flashing while data packet transferred via Cellular interface LAN 1 LAN 4 WAN Green Steady ON Ethernet connection of LAN or WAN is established Flash Data p...

Страница 12: ...cintosh or Linux based operating system An installed Ethernet adapter Browser Requirements Internet Explorer 6 0 or higher Chrome 2 0 or higher Firefox 3 0 or higher Safari 3 0 or higher 1 5 2 WARNING...

Страница 13: ...ce temperature for the metallic enclosure can be very high Especially after operating for a long time installed at a closed cabinet without air conditioning support or in a high ambient temperature sp...

Страница 14: ...915 MHz Downlink 925 960 MHz E GSM Uplink 880 915 MHz Downlink 925 960 MHz 33 2 dBm DCS Uplink 1710 1785 MHz Downlink 1805 1880 MHz 30 2 dBm 1 b Frequency Band for Cellular Connection for EC25 E versi...

Страница 15: ...9 9 dBm 1 c Frequency Band for Wi Fi Connection Band Operating Frequency Max Output Power EIRP 2 4G 2 4 2 4835 GHz 100 mW 5G 5 15 5 25 GHz 200 mW 2 5150 5350MHz In Door Use Statements This product equ...

Страница 16: ...ation You can get the DoC information of this product from the following URL http www amit com tw products doc 5 RF Exposure Statements The antenna of the product under normal use condition is at leas...

Страница 17: ...ount kits on the product first 1 6 2 Insert the SIM Card WARNING BEFORE INSERTING OR CHANGING THE SIM CARD PLEASE MAKE SURE THAT POWER OF THE DEVICE IS SWITCHED OFF The SIM card slots are located at t...

Страница 18: ...The horizontal distance between antennas should be greater than 1 4 of its wavelength and there will be best separation at 1 2 of its wavelength 2 If multiple frequency antennas are near each other t...

Страница 19: ...ock Please refer to following specification to connect DI and DO devices Mode Specification Digital Input Trigger Voltage high Logic level 1 5V 30V Normal Voltage low Logic level 0 0V 2V Digital Outpu...

Страница 20: ...ducts provide 4 pin Terminal Block serial port for connecting to your serial device Connect the serial device to the terminal block with the right pin assignments of RS 232 485 are shown as below Pin...

Страница 21: ...d as a backup power Normally only the primary power supplys the required power to the gateway and connected PoE devices the backup power supply will supply the power to the gateway and connected PoE d...

Страница 22: ...he power supply unit power requirement is 100 240V AC 50 60Hz with power input lines AWG 18 power cable is recommended The terminal pin number assignment as below Please connect the live line neutral...

Страница 23: ...V connect to PWR and then V connect to GND After that pulg in the terminal block to the socket at the side of the gateway Finally connect the power plug of the power supply cable to an outlet then th...

Страница 24: ...the host PC s Ethernet port for configuring the device 1 6 9 Setup by Configuring WEB UI You can browse web UI to configure the device Type in the IP Address http 192 168 123 254 4 When you see the lo...

Страница 25: ...vices dial in ISPs and then link to the Internet via different kinds of transmit media So the WAN Connection lets you specify the WAN Physical Interface WAN Internet Setup and WAN Load Balance for Int...

Страница 26: ...nd Interface Configuration Physical Interface List window shows all the available physical interfaces After clicking on the Edit button for the interface in Physical Interface List window the Interfac...

Страница 27: ...ction is recovered back with a connection it will take over data traffic again At that time WAN 2 connection will be terminated Seamless Failover In addition there is a Seamless option for Failover op...

Страница 28: ...failover interface The dialing up time of failover connection is saved since it has been connected beforehand VLAN Tagging Sometimes your ISP required a VLAN tag to be inserted into the WAN packets fr...

Страница 29: ...ar WAN 1 interface is used in this example Interface Configuration Interface Configuration Item Value setting Description Physical Interface 1 A Must fill setting 2 WAN 1 is the primary interface and...

Страница 30: ...e primary or the secondary WAN link failed Then select the primary or the existed secondary WAN interface to switch Failover from Note for WAN 1 only Always on option is available VLAN Tagging Optiona...

Страница 31: ...onfiguration and related configuration windows for each WAN type For the Internet setup of each WAN interface you must specify its WAN type of physical interface first and then its related parameter c...

Страница 32: ...ly is more expensive but very importat for cooperate requirement Dynamic IP The assigned IP address for the WAN by a DHCP server is different every time It is cheaper and usually for consumer use PPP...

Страница 33: ...Enter the host name provided by your Service Provider ISP Registered MAC Address An optional setting Enter the MAC address that you have registered with your service provider Or Click the Clone button...

Страница 34: ...IP address given by your Service Provider WAN Type PPPoE When you select it PPPoE WAN Type Configuration will appear Items and setting is explained below PPPoE WAN Type Configuration Item Value setti...

Страница 35: ...filled setting Enter the WAN subnet mask given by your Service Provider WAN Gateway A Must filled setting Enter the WAN gateway IP address given by your Service Provider When Dynamic IP is selected t...

Страница 36: ...the WAN gateway IP address given by your Service Provider When Dynamic IP is selected there are no above settings required Server IP Address Name A Must filled setting Enter the L2TP server name or IP...

Страница 37: ...n automatically once it has been booted up and try to reconnect once the connection is down It s recommended to choose this scheme if for mission critical applications to ensure full time Internet con...

Страница 38: ...onitor connection status continuous To do it ICMP Check and FQDN Query are used to check When there is trafiic of connection checking packet will waste bandwidth Response time of replied packets may a...

Страница 39: ...lled setting 2 Auto value zero is set by default 3 Manual set range 1200 1500 MTU refers to Maximum Transmission Unit It specifies the largest packet size permitted for Internet transmission When set...

Страница 40: ...ay to be the target Other Host enter an IP address to be the target IGMP 1 A Must filled setting 2 Disable is set by default Enable IGMP Internet Group Management Protocol would enable the router to l...

Страница 41: ...e WAN interface This device has featured by using dual SIM cards for one module with special fail over mechanism It is called Dual SIM Failover This feature is useful for ISP switch over when location...

Страница 42: ...IM A or SIM B card first And when the connection is broken the gateway will switch to use the other SIM card for an alternate automatically and will not switch back to use original SIM card except cur...

Страница 43: ...lected it will failback to the main SIM and try to establish the connection periodically Note_1 For the product with single SIM design only SIM A Only option is available Note_2 Failback is available...

Страница 44: ...n Network Type 1 A Must filled setting 2 By default Auto is selected Select Auto to register a network automatically regardless of the network type Select 2G Only to register the 2G network only Selec...

Страница 45: ...provided such settings to you Note These settings are only displayed when Manual configuration is selected Authentication 1 A Must filled setting 2 By default Auto is selected Select PAP Password Auth...

Страница 46: ...this profile APN String format any text Enter the APN you want to use to establish the connection IP Type 1 A Must filled setting 2 By default IPv4 is selected Specify the IP type of the network serve...

Страница 47: ...nnection on all the time whenever the physical link is connected When Connect on demand is selected it means the Internet connection will be established only when detecting data traffic When Connect M...

Страница 48: ...the WAN IP address Note When the IP Pass through is on NAT and WAN IP Alias will be unavailable until the function is disabled again NAT Check by default Uncheck the box to disable NAT Network Address...

Страница 49: ...isconnection is acknowledged Target 1 1 An Optional filled setting 2 DNS1 is selected by default Target1 specifies the first target of sending DNS query ICMP request DNS1 set the primary DNS to be the...

Страница 50: ...n select strategy according to application requirement and environment status The strategies are explained as below By Smart Weight If based on By Smart Weight strategy gateway will take the line spee...

Страница 51: ...P range Destination port can be a single port or port range You can select one target for one mapping to setup IP address and leave others just left as any All Besides this you can also set protocol a...

Страница 52: ...tting Description Load Balance Unchecked by default Check the Enable box to activate Load Balance function Load Balance Strategy 1 A Must filled setting 2 By Smart Weight is selected by default There...

Страница 53: ...t Value Range 1 99 Note The sum of all weights can t be greater than 100 Save NA Click the Save button to save the configuration Undo NA Click the Undo button to restore what you just configured back...

Страница 54: ...IPs Single IP Specify a unique IP Address for the traffics come to the IP Input format is xxx xxx xxx xxx e g 192 168 123 101 Domain Name Specify the domain name for the traffics come to the domain D...

Страница 55: ...AN Port based VLAN function can group Ethernet ports Port 1 Port 4 and WiFi Virtual Access Points VAP 1 VAP 8 together for differentiated services like Internet surfing multimedia enjoyment VoIP talki...

Страница 56: ...oints VAP 1 VAP 8 together with different VLAN tags for deploying subnets in Intranet All packet flows can carry with different VLAN tags even at the same physical Ethernet port for Intranet These flo...

Страница 57: ...p is equipped with DHCP 3 server to construct a 192 168 12 x subnet He also configure Meeting Rooms segment with VLAN ID 11 The VLAN group is equipped with DHCP 2 server to construct a 192 168 11 x su...

Страница 58: ...specify members of one VLAN group to be able to access Internet or not Following is an example that VLAN groups of VID is 2 and 3 can access Internet but the one with VID is 1 cannot access Internet T...

Страница 59: ...communication pair and one VLAN group can join many communication pairs But communication pair doesn t have the transitive property That is A can communicate with B and B can communicate with C it do...

Страница 60: ...based Tag based VLAN allows you to add VLAN ID and select member and DHCP Server for this VLAN ID Go to Tag based VLAN List table Save NA Click the Save button to save the configuration Port based VLA...

Страница 61: ...94 VLAN Tagging Disable is selected by default The rule is activated according to VLAN ID and Port Members configuration when Enable is selected The rule is activated according Port Members configurat...

Страница 62: ...Server IP Address that the gateway will relay the DHCP requests to the assigned DHCP server DHCP Server Name A Must filled setting Define name of the DHCP Server for the specified VLAN group IP Pool...

Страница 63: ...DHCP Server wants to match IP Address A Must filled setting Define the IP Address that the DHCP Server will assign If there is a request from the MAC Address filled in the above field the DHCP Server...

Страница 64: ...erface If uncheck a certain VLAN ID box it means the VLAN ID member can t access Internet anymore Note VLAN ID 1 is available always it is the default VLAN ID of LAN rule The other VLAN IDs are availa...

Страница 65: ...illed setting Define the VLAN ID number range is 6 4094 Internet Access The box is checked by default Click Enable box to allow the members in the VLAN group access to internet Port The box is uncheck...

Страница 66: ...teway LAN interface with its default Subnet Mask setting as 255 255 255 0 and its default IP Pool ranges is from 100 to 200 as shown at the DHCP Server List page on gateway s WEB UI User can add more...

Страница 67: ...fixed IP address to map the specific client MAC address by select them then copy when targets were already existed in the DHCP Client List or to add some other Mapping Rules by manually in advance on...

Страница 68: ...s to assign IP Addresses to the devices on the local area network LAN Create Edit DHCP Server Policy The gateway allows you to custom your DHCP Server Policy If multiple LAN ports are available you ca...

Страница 69: ...CP Server Primary DNS IPv4 format The Primary DNS of this DHCP Server Secondary DNS IPv4 format The Secondary DNS of this DHCP Server Primary WINS IPv4 format The Primary WINS of this DHCP Server Seco...

Страница 70: ...previous setting Back N A When the Back button is clicked the screen will return to the DHCP Server Configuration page View Copy DHCP Client List When DHCP Client List button is applied DHCP Client Li...

Страница 71: ...ue setting Description Option Name 1 String format can be any text 2 A Must filled setting Enter a DHCP Server Option name Enter a name that is easy for you to understand DHCP Server Select Dropdown l...

Страница 72: ...5 A Must filled setting Should conform to Type Type Value 66 Single IP Address IPv4 format Single FQDN FQDN format 72 IP Addresses List separated by IPv4 format separated by 114 Single URL URL format...

Страница 73: ...ce 1 A Must filled setting 2 WAN 1 is selected by default Choose a WAN Interface for the dropdown list to apply with the DHCP Relay function It can be the available WAN interface s and L2TP connection...

Страница 74: ...dual bands of operation There are several wireless operation modes provided by this device They are AP Router Mode WDS Only Mode and WDS Hybrid Mode You can choose the expected mode from the wireless...

Страница 75: ...es with the wireless gateway make sure your application scenario for WiFi network and choose the most adequate operation mode AP Router Mode This mode allows you to get your wired and wireless devices...

Страница 76: ...al Gateway 1 through WDS Both gateways connected by WDS need to setup the remote AP MAC for each other All client hosts under gateway 2 3 can request IP address from the DHCP server at gateway 1 Besid...

Страница 77: ...Industry Cellular Gateway 77...

Страница 78: ...VAPs As shown in the diagram the clients in VAP 1 and VAP 2 can communicate to each other when VAP Isolation is disabled Wi Fi Security Authentication Encryption Wi Fi security provides complete authe...

Страница 79: ...and cannot be changed once the module is integrated into the product However there is some module with selectable band for user to choose according to his network environment Under such situation you...

Страница 80: ...or the AP Router mode the device not only supports stations connection but also the router function The WAN port and the NAT function are enabled AP Router Mode Item Value setting Description Green AP...

Страница 81: ...th the provided key However it is strongly recommanded that you have to change the security key to a easy to remember one by clicking the Edit button Click Add Edit button in the VAP List screen to cr...

Страница 82: ...r Shared by requesting of client automatically The check box named 802 1x shows up next to the dropdown list 802 1x The box is unchecked by default When 802 1x is enabled it means the client stations...

Страница 83: ...t the client stations can associate with this device via TKIP or AES Enter a Pre shared Key for it The length of key is from 8 to 63 characters STA Isolation VAP1 The box is checked by default Others...

Страница 84: ...s MAC List N A Press the Scan button to scan the spatial AP information and then select one from the AP list the MAC of selected AP will be auto filled in the following Remote AP MAC table Remote AP M...

Страница 85: ...the required authentication and Encryption settings Click Edit button in the VAP List screen and a VAP Configuration screen will appear for you to configure the required settings For the detail descri...

Страница 86: ...By default the box is checked it means that stations which associated to different VAPs cannot communicate with each other Time Schedule A Must filled setting Apply a specific Time Schedule to this r...

Страница 87: ...SID Staff_2 4G with the provided key However it is strongly recommanded that you have to change the security key to a easy to remember one by clicking the Edit button Under WDS Hybrid mode the VAP fun...

Страница 88: ...Industry Cellular Gateway For others For the detail description about VAP configuration please refer to the description stated in AP Router section 88...

Страница 89: ...ule with selectable band for user to choose according to his network environment Under such situation you can specify which operation band is suitable for the application Multiple AP Names 1 A Must fi...

Страница 90: ...ows the data rate between client and this device RSSI0 RSSI1 N A It shows the RX sensitivity RSSI value for each radio path Signal N A The signal strength between client and this device Interface N A...

Страница 91: ...o Basic Network WiFi Advanced Configuration Tab Select Target WiFi Target Configuration Item Value setting Description Module Select A Must filled setting Select the WiFi module to check the informati...

Страница 92: ...and jitter when transmitting multimedia content over a wireless connection Short GI By default 400ns is selected Short GI Guard Interval is defined to set the sending interval between each packet Note...

Страница 93: ...Pv4 It simplifies aspects of address assignment stateless address auto configuration network renumbering and router announcements when changing Internet connectivity providers 2 4 1 IPv6 Configuration...

Страница 94: ...addressing type in the information provided by your ISP to setup the IPv6 network DHCPv6 DHCP in IPv6 does the same function as DHCP in IPv4 The DHCP server sends IP address DNS server addresses and...

Страница 95: ...When PPPoEv6 server gets client request and successfully authenticates it the server sends IP address DNS server addresses and other required parameters to automatically configure the client The diag...

Страница 96: ...ted when IPv6 Enable 2 A Must filled setting Define the selected IPv6 WAN Connection Type to establish the IPv6 connectivity Select Static IPv6 when your ISP provides you with a set IPv6 addresses The...

Страница 97: ...An optional setting Enter the WAN secondary DNS Server MLD Snooping The box is unchecked by default Enable Disable the MLD Snooping function LAN Configuration LAN Configuration Item Value setting Des...

Страница 98: ...ified by default Enter the WAN secondary DNS Server MLD The box is unchecked by default Enable Disable the MLD Snooping function LAN Configuration LAN Configuration Item Value setting Description Glob...

Страница 99: ...your ISP Value Range 0 45 characters Connection Control Fixed value The value is Auto reconnect Always on MTU A Must filled setting Enter the MTU for setting up PPPoEv6 connection If you want more inf...

Страница 100: ...ected by default Define the selected IPv6 WAN Connection Type to establish the IPv6 connectivity Select Stateless to manage the Local Area Network to be SLAAC RDNSS Router Advertisement Lifetime A Mus...

Страница 101: ...Industry Cellular Gateway IPv6 Address Lifetime A Must filled setting Enter the DHCPv6 lifetime for your local computers 36000 is set by default Value Range 0 65535 101...

Страница 102: ...and activates the NAT function You also can disable the NAT function in Basic Network WAN Uplink Internet Setup WAN Type Configuration page Usually all local hosts or servers behind corporate gateway...

Страница 103: ...either side are you in accessing the email server at the LAN side or at the WAN side you don t need to change the IP address of the mail server Configuration Setting Go to Basic Network Port Forwardin...

Страница 104: ...behind office gateway You can set up those servers by using Virtual Server feature After trip if want to access those servers from LAN side by global IP without change original setting NAT Loopback c...

Страница 105: ...you to access the WAN global IP address from your inside NAT local network It is useful when you run a server inside your network For example if you set a mail server at LAN side your local devices c...

Страница 106: ...to activate this port forwarding function Virtual Computer The box is checked by default Check the Enable box to activate this port forwarding function Save N A Click the Save button to save the sett...

Страница 107: ...setting When ICMPv4 is selected It means the option Protocol of packet filter rule is ICMPv4 Apply Time Schedule to this rule otherwise leave it as Always refer to Scheduling setting under Object Defi...

Страница 108: ...ected Single Port or Port Range Value Range 1 65535 for Public Port Private Port When GRE is selected It means the option Protocol of packet filter rule is GRE When ESP is selected It means the option...

Страница 109: ...ied Virtual Computer Rule Configuration screen will appear Virtual Computer Rule Configuration Item Value setting Description Global IP A Must filled setting This field is to specify the IP address of...

Страница 110: ...e not expected to receive by applications in the gateway or by other client hosts in the Intranet Certainly the DMZ host is also protected by the gateway firewall Activate the feature and specify the...

Страница 111: ...tivate it DMZ Pass Through Setting Go to Basic Network Port Forwarding DMZ Pass Through tab The DMZ host is a host that is exposed to the Internet cyberspace but still within the protection of firewal...

Страница 112: ...e product Pass Through Enable The boxes are checked by default Check the box to enable the pass through function for the IPSec PPTP and L2TP With the pass through function enabled the VPN hosts behind...

Страница 113: ...SIP RTSP file transfer in IM applications etc In order for these protocols to work through NAT or a firewall either the application has to know about an address port number combination that allows in...

Страница 114: ...ing diagram The NAT Gateway enables the SIP ALG feature so it will monitor the SIP Phone 1 actions open up the required ports and make the address and port translation in a SIP voice communication As...

Страница 115: ...l AP The box is checked by default Check the Enable box to activate the Special AP function ALG Enable The box is checked by default Check the Enable box to activate the SIP ALG function Save N A Clic...

Страница 116: ...nge 1 65535 Incoming Ports 1 A Must filled setting Enter the expected Incoming ports if User defined is selected in the Trigger Port dropdown list If you select other popular application from the drop...

Страница 117: ...s to various network destinations Thus constructing routing tables which are held in the router s memory is very important for efficient routing Most routing algorithms use only one network path at a...

Страница 118: ...f packets to be transferred via which gateway interface and which peer gateway to their destination It can be carried out by the Static Routing feature Dedicated packet flows from the Intranet will be...

Страница 119: ...outing Rule Configuration window will appear to let you define a static routing rule Enable Static Routing Just check the Enable box to activate the Static Routing feature Static Routing Item Value se...

Страница 120: ...P of this static routing rule Interface Auto is set by default Select the Interface of this static routing rule It can be Auto or the available WAN LAN interfaces Metric 1 Numberic String Format 2 A M...

Страница 121: ...supports dynamic routing protocols including RIPv1 RIPv2 Routing Information Protocol OSPF Open Shortest Path First and BGP Border Gateway Protocol for you to establish routing table automatically Th...

Страница 122: ...outing protocol that uses link state routing algorithm It is the most widely used interior gateway protocol IGP in large enterprise networks It gathers link state information from available routers an...

Страница 123: ...ay within one AS will links with some other border gateways for exchanging routing information It will distribute the collected data in AS to all routers in other AS As shown in the diagram BGP 0 is g...

Страница 124: ...SPF Configuration window can let you activate the OSPF dynamic routing protocol and specify its backbone subnet Moreover the OSPF Area List window lists all defined areas in the OSPF network However t...

Страница 125: ...PF protocol Select Text will enable Text Authentication with entered the Key in this field on OSPF protocol Select MD5 will enable MD5 Authentication with entered the ID and Key in these fields on OSP...

Страница 126: ...et Mask Notation Ex 192 168 1 0 24 2 A Must filled setting The Area Subnet of this router on OSPF Area List Area ID 1 IPv4 Format 2 A Must filled setting The Area ID of this router on OSPF Area List A...

Страница 127: ...illed setting The ASN Number of this router on BGP protocol Value Range 1 4294967295 Router ID 1 IPv4 Format 2 A Must filled setting The Router ID of this router on BGP protocol Create Edit BGP Networ...

Страница 128: ...up to a maximum of 32 rule sets When Add button is applied BGP Neighbor Configuration screen will appear BGP Neighbor Configuration Item Value setting Description Neighbor IP 1 IPv4 Format 2 A Must f...

Страница 129: ...IP IPv4 Format Subnet Mask N A Routing record of Subnet Mask IPv4 Format Gateway IP N A Routing record of Gateway IP IPv4 Format Metric N A Routing record of Metric Numeric String Format Interface N A...

Страница 130: ...our current IP address which changes each time you connect your Internet service provider The Dynamic DNS service allows the gateway to alias a public dynamic IP address to a static domain name allowi...

Страница 131: ...AN Interface IP Address of the gateway Provider DynDNS org Dynamic is set by default Select your DDNS provider of Dynamic DNS It can be DynDNS org Dynamic DynDNS org Custom NO IP com etc Host Name 1 S...

Страница 132: ...e box to activate this function Save N A Click Save to save the settings Undo N A Click Undo to cancel the settings If you enabled the DNS Redirect function you have to further specify the redirect ru...

Страница 133: ...Always or WAN Block Always The DNS redirect function can be applied to matched DNS all the time WAN Block The DNS redirect function can be applied to matched DNS only when the WAN connection is disco...

Страница 134: ...access It is indeed required that an access gateway satisfies the requirements of latency critical applications minimum access right guarantee fair bandwidth usage for same subscribed condition and fl...

Страница 135: ...y can be based on VLAN ID MAC Address IP Address Host Name or Packet Length Differentiated Services Specify the service type in a QoS rule for the target packets to be applied on Differentiated servic...

Страница 136: ...ure depends on model Outbound Inbound Control One QoS rule can be applied to the outbound or inbound direction of packet flow even them both This feature depends on model Two QoS rule examples are lis...

Страница 137: ...99 to the code value AF Class2 High Drop he can use the Rule based QoS function to carry out this rule by defining an QoS rule as shown in above configuration Under such configuration all packets from...

Страница 138: ...Function Configuration Item Value Setting Description QoS Type 1 Software is selected by default 2 The box is unchecked by default Select the QoS Type from the dropdown list and then click Enable box...

Страница 139: ...hen the following WAN Interface Resource screen will show the related resources for configuration Bandwidth of Upstream Downstream Specify total upload download bandwidth of the selected WAN Value Ran...

Страница 140: ...Select All WANs or a certain WAN n to filter the packets entering to or leaving from the interface s Group 1 A Must filled setting 2 Src MAC Address is selected by default Specify the Group category f...

Страница 141: ...NR MAXR field Connection Sessions Select Connection Sessions as the resource type for the QoS Rule and you have to assign supported session number in the Control Function Set Session Limitation field...

Страница 142: ...ified in the rule Group Control If Group Control is selected all the group hosts share the same QoS service resource Time Schedule 1 A Must filled setting 2 0 Always is selected by default Apply Time...

Страница 143: ...he protocol achieves this by creation of virtual routers which are an abstract representation of multiple routers i e master and backup routers acting as a group The default gateway of a participating...

Страница 144: ...gateway At first stage all data from the Intranet go through the master gateway that has the highest priority Once the master Internet connection is broken the backup gateway will take over the data t...

Страница 145: ...A Must filled setting Specify the Priority of Virtual Server on VRRP of the gateway Value Range 1 254 and 254 is the highest priority Virtual Server IP Address 1 IPv4 Format 2 A Must filled setting S...

Страница 146: ...scription Item Value setting Description Add N A Click the Add button to configure time schedule rule Delete N A Click the Delete button to delete selected rule s When Add button is applied Time Sched...

Страница 147: ...elect everyday or one of weekday Start Time Time format hh mm Start time in selected weekday End Time Time format hh mm End time in selected weekday Save N A Click Save to save the settings Undo N A C...

Страница 148: ...Industry Cellular Gateway 3 2 User not supported Not supported feature for the purchased product leave it as blank 148...

Страница 149: ...hased product When Add button is applied Host Group Configuration screen will appear Host Group Configuration Item Value setting Description Group Name 1 String format can be any text 2 A Must filled...

Страница 150: ...the members to the group one by one Member List NA This field will indicate the hosts members contained in the group Bound Services The boxes are unchecked by default Binding the services that the ho...

Страница 151: ...al Server Go to Object Definition External Server External Server tab The External Server setting allows user to add external server Create External Server When Add button is applied External Server C...

Страница 152: ...ult 1 The values must be between 1 and 60 Idle Timeout By default 1 The values must be between 1 and 15 Secondary Shared Key String format any text Authentication Protocol By default CHAP is selected...

Страница 153: ...for the external server Server Port A Must filled setting Specify the Port used for the external server If you selected a certain server type the default server port number will be set For Email Serve...

Страница 154: ...rs endorsements whom the person examining the certificate might know and trust The device also plays as a CA role Certificates are an important component of Transport Layer Security TLS sometimes call...

Страница 155: ...tifier in the signature algorithm identifier of certificates Subject Name A Must filled setting This field is to specify the information of certificate Country C is the two letter ISO code for the cou...

Страница 156: ...utomatically re enroll aging certificates The box is unchecked by default When SCEP is activated check the Enable box to activate this function It will be automatically check which certificate is agin...

Страница 157: ...Clients In addition since it has the root CA it also can sign Certificate Signing Requests CSR to form corresponding certificates for others These certificates can be used for two remote peers to make...

Страница 158: ...t Name Country C TW State ST Taiwan Location L Tainan Organization O AMITHQ Organization Unit OU HQRD Common Name CN HQRootCA E mail hqrootca amit com tw Configuration Path My Certificate Local Certif...

Страница 159: ...tions to complete the whole user scenario Use default value for those parameters that are not mentioned in the tables Configuration Path My Certificate Local Certificate Configuration Name BranchCRT S...

Страница 160: ...interface They both serve as the NAT security gateways Gateway 1 generates the root CA and a local certificate HQCRT that is signed by itself Import the certificates of the root CA and HQCRT into the...

Страница 161: ...ates or CSRs for representing the gateway The Local Certificate Configuration window can let you fill required information necessary for corresponding certificate to be generated by itself or correspo...

Страница 162: ...a Attributes A Must filled setting This field is to specify the extra information for generating a certificate Challenge Password for the password you can use to request certificate revocation in the...

Страница 163: ...g format can be any text 2 A Must filled setting This is an alternative approach to import a certificate You can directly fill in Copy and Paste the PEM encoded certificate string and click the Apply...

Страница 164: ...n be used for two remote peers to make sure their identity during establishing a VPN tunnel Scenario Description same as the one described in My Certificate section Gateway 1 generates the root CA and...

Страница 165: ...p for the whole user scenario Configuration Path Trusted Certificate Trusted CA Certificate List Command Button Import Configuration Path Trusted Certificate Trusted CA Certificate Import from a File...

Страница 166: ...he Gateway 1 and the Local Certificate List of the Gateway 2 For more details refer to the Network B operation procedure in My Certificate section of this manual Gateway 2 can establish an IPSec VPN t...

Страница 167: ...import the specified CA certificate file to the gateway Import from a PEM 1 String format can be any text 2 A Must filled setting This is an alternative approach to import a CA certificate You can dir...

Страница 168: ...CA Identifier 1 String format can be any text Fill in optional CA Identifier to identify which CA could be used for signing certificates Save N A Click Save to save the settings Close N A Click the Cl...

Страница 169: ...Client Key When Import button is applied a Trusted Client Key Import screen will appear You can import a Trusted Client Key from an existed file or directly paste a PEM encoded string as the key Trus...

Страница 170: ...Usage Scenario Scenario Application Timing same as the one described in My Certificate section When the enterprise gateway owns the root CA and VPN tunneling function it can generate its own local ce...

Страница 171: ...is the gateway of Network A in headquarters and the subnet of its Intranet is 10 0 76 0 24 It has the IP address of 10 0 76 2 for LAN interface and 203 95 80 22 for WAN 1 interface The Gateway 2 is th...

Страница 172: ...Item Value setting Description Certificate Signing Request CSR Import from a File A Must filled setting Select a certificate signing request file you re your computer for importing to the gateway Cert...

Страница 173: ...ily They can be Virtual COM and Modbus 4 1 1 Port Configuration Before using the supported field communication function like Virtual COM or Modbus you need to configure the physical communication port...

Страница 174: ...odbus and IEC 60870 5 Interface RS 232 is set by default Select RS 232 or RS 485 physical interface for connecting to the access device s with the same interface specification Baud Rate 19200 is set b...

Страница 175: ...RFC2217 modes for remote accessing the connected serial device These operation modes are illustrated as below TCP Client Mode When the administrator expects the gateway to actively establish a TCP co...

Страница 176: ...he TCP connection will be automatically disconnected from the host computer by using the TCP alive check timeout or idle timeout settings UDP Mode If both the Remote Host Computer and the serial devic...

Страница 177: ...ed it is required to specify the IP address of the host computers to establish connection with Any 3rd party driver supporting RFC2217 can be used to install in the host computer the driver establishe...

Страница 178: ...y also enable full time connection with the TCP server Enable TCP Client Mode Window Item Value setting Description Operation Mode A Must filled setting Select TCP Client Connection Control Always on...

Страница 179: ...Industry Cellular Gateway 179...

Страница 180: ...out Transmit 1 An optional filled setting 2 Default value is 0 Enter the data timeout interval for transmitting serial data through the port By default it is set to 0 and the timeout function is disab...

Страница 181: ...Allow All to allow any TCP clients to connect Otherwise choose Specific IP to limit certain TCP clients Max Connection 1 Max 128 connections 2 1 is set by default Set the maximum number of concurrent...

Страница 182: ...t Check the box to specify the rule for selected Serial Port Definition Enable The box is unchecked by default Check the Enable box to enable the rule Save N A Click Save to save the settings Undo N A...

Страница 183: ...cancel the settings Specify Remote UDP Specify Remote UDP hosts Window Item Value setting Description Host A Must filled setting Press Edit button to enter IP address range of remote UDP hosts Remote...

Страница 184: ...connect Otherwise choose Specific IP to limit certain clients Connection Idle Timeout 1 0 is set by default 2 Range 0 to 3600 sec Enter the idle timeout in minutes The idle timeout is used to disconn...

Страница 185: ...C 2217 Clients for Access Window Item Value setting Description Host A Must filled setting Enter the IP address range of allowed clients Serial Port The box is unchecked by default Check the box to sp...

Страница 186: ...nstruments over RS 485 without additional programming or effort NOTE When Modbus devices are connected to under the same serial port of IoT Modbus Gateway those Modbus devices must use the same protoc...

Страница 187: ...status like Cellular Network Status device DI DO status to remote Modbus Master via Modbus communication With the Slave option enabled the Modbus Master device can request the information or sending c...

Страница 188: ...ed serial port It can be Disable Serial as Slave or Serial as Master A serial port can be attached with one Modbus Master or daisy chained a group of Modbus Salve devices Disable Select this to disabl...

Страница 189: ...s is set by default This sets the response timeout of the slave after master request sent If the slave does not response within the specified time data would be discarded This applies to the serially...

Страница 190: ...cess to the Modbus gateway Besides it also allows user to specify authorized masters on the TCP network Item Value setting Description TCP Connection Idle Time 1 300 is set by default 2 Range 1 to 655...

Страница 191: ...ttached Slave s Note group must be pre defined before this selection become available Refer to Object Definition Grouping Host grouping You may also access to create a group by the Add Rule shortcut b...

Страница 192: ...given priority The Modbus Master requests can be buffered to a certain priority queue according to the Master s IP address if requests are coming from remote Master or the remote Slave s device ID if...

Страница 193: ...In addition to specify the Slave IP and Port for accessing those Remote Modbus RTU Salve s located behind another Modbus Gateway user has to specify the Modus ID range of the Modbus RTU Slave s Value...

Страница 194: ...Connected 3 Disconnecting 5 Wait for Traffic 6 Diconnected 3 WAN 4 Connection Status R 0 6 0 Disconnected 1 Connecting 2 Connected 3 Disconnecting 5 Wait for Traffic 6 Diconnected 10 3G 4G_SERVICE_TY...

Страница 195: ...ected 2 Wait for traffic 3 Disconnected 9 Connecting 104 VPN IPSec tunnel 4 status R 1 Connected 2 Wait for traffic 3 Disconnected 9 Connecting 105 VPN IPSec tunnel 5 status R 1 Connected 2 Wait for t...

Страница 196: ...232 3 RS 485 212 Serial Port 1_Baud Rate R Baud Rate Value 213 Serial Port 1_Data Bits R 7 or 8 214 Serial Port 1_Stop Bits R 1 or 2 215 Serial Port 1_Flow Control R 0 None 2 RTS CTS 3 DTR DSR 216 Ser...

Страница 197: ...the collected data in local storage in CSV file format When the network connection recovered admin user can download the data log files manually via FTP or web UI for further reference and maintenanc...

Страница 198: ...ep its data acquisition process and if required the administrator can also get the stored data log files to tell if everything goes well or not Under the Data Logging Proxy mode user has to create som...

Страница 199: ...proxy function and execute the pre defined data acquisition task by itself The Modbus request issued by the Modbus Gateway Data Logging Proxy The response data that sent out from the polled Slave dev...

Страница 200: ...al or Internal depends on the product specification Save NA Click the Save button to save the settings Note 1 If there is no available storage device the Enable checkbox will be grayed and you can t e...

Страница 201: ...pecify a certain read function for the Data Logging Proxy to issue and record the responses from device s Start Address 1 A Must filled setting 2 Range 0 to 65535 Specify the Start Address of register...

Страница 202: ...the data logging rule Value Range 1 16 characters Mode Sniffer is selected by default Select an expected data logging scheme for the data logging rule There are five available schemes Sniffer The Mod...

Страница 203: ...s Master If no response from the master for the specified timeout setting selected proxy rule will be triggered and applied with the data logging rule Note If Off Line proxy scheme is selected the tim...

Страница 204: ...g File list screen The default Log File management settings will be applied if user didn t change it via the Edit button When the Edit button is applied Log File Configuration screen will appear Log F...

Страница 205: ...File After Upload 1 An Optional filled setting 2 The box is unchecked by default If Auto Upload is activated user can further specify whether to delete the transferred log from the gateway storage or...

Страница 206: ...nection through the use of dedicated connections encryption or a combination of the two The tunnel technology supports data confidentiality data origin authentication and data integrity of network inf...

Страница 207: ...r of tunnels with various remote devices Before going to setup the VPN connections you may need to decide the scenario type for the tunneling IPSec Tunnel Scenarios To build IPSec tunnel you need to f...

Страница 208: ...rching data on Internet checking personal emails or HQ server access all traffics will go through the secure IPSec tunnel and route by the Security Gateway in control center Site to Site with Hub and...

Страница 209: ...t can allow many VPN clients initiators to connect to with various tunnel scenarios In short with a simple Dynamic VPN server setting many VPN clients can connect to the server But in comparison to th...

Страница 210: ...on Product specification The specified value will limit the maximum number of simultaneous IPSec tunnel connection The default value can be different for the purchased model Save N A Click Save to sav...

Страница 211: ...them is the number of subnets With Host to Host IPSec operates in transport mode Hub and Spoke 1 An optional setting 2 None is set by default Select from the dropdown box to setup your gateway for Hu...

Страница 212: ...able box to activate the Redirect Traffic function Note Redirect Traffic is available only for Host to Site specified in Tunnel Scenario By default it is disabled so it can prevent the un expected and...

Страница 213: ...anagement section Local ID An optional setting Specify the Local ID for this IPSec tunnel to authenticate Select User Name for Local ID and enter the username The username may include but can t be all...

Страница 214: ...Server Client or None Selected None no X Auth authentication is required Selected Server this gateway will be an X Auth server Click on the X Auth Account button to create remote X Auth client accoun...

Страница 215: ...AES 256 Specify the Authentication method It can be None MD5 SHA1 SHA2 256 Specify the DH Group It can be None Group1 Group2 Group5 Group14 Group15 Group16 Group17 Group18 Check Enable box to enable...

Страница 216: ...hey are not available for AH Encapsulation Specify the PFS Group It can be None Group1 Group2 Group5 Group14 Group15 Group16 Group17 Group18 Click Enable to enable this setting Save N A Click Save to...

Страница 217: ...Configuration Window Item Value setting Description Local Subnet A Must fill setting Specify the Local Subnet IP address and Subnet Mask Local Netmask A Must fill setting Specify the Local Subnet Mas...

Страница 218: ...SHA1 SHA2 256 The key length for MD5 is 32 SHA1 is 40 and SHA2 256 is 64 Note When AH option in Encapsulation Protocol is selected None option in Authentication will not be available Save N A Click Sa...

Страница 219: ...is fixed to Dynamic VPN Operation Mode 1 A Must fill setting 2 Alway on is selected by default The available operation mode is Always On Failover option is not available for the Dynamic IPSec scenari...

Страница 220: ...emote ID An optional setting Specify the Remote ID for this IPSec tunnel to authenticate Select User Name for Remote ID and enter the username The username may include but can t be all numbers Select...

Страница 221: ...features to meet different application requirements There are two OpenVPN connection scenarios They are the TAP and TUN scenarios The product can create either a layer 3 based IP tunnel TUN or a layer...

Страница 222: ...e the VPN client is given an IP address on the same subnet as the LAN resided under the OpenVPN server Under such configuration the OpenVPN client can directly access to the resources in LAN If you wa...

Страница 223: ...for the gateway to operate Configuration Item Value setting Description OpenVPN The box is unchecked by default Check the Enable box to activate the OpenVPN function Server Client Server Configuratio...

Страница 224: ...l appear OpenVPN Server Configuration window can let you enable the OpenVPN server function specify the virtual IP address of OpenVPN server when remote OpenVPN clients dial in and the authentication...

Страница 225: ...cal Endpoint IP Address Remote Endpoint IP Address and Static Key will be displayed Note Static Key will be available only when TUN is chosen in Tunnel Scenario Local Endpoint IP Address A Must filled...

Страница 226: ...ault Gateway function Encryption Cipher 1 A Must filled setting 2 By default Blowfish is selected Specify the Encryption Cipher from the dropdown list It can be Blowfish AES 256 AES 192 AES 128 None H...

Страница 227: ...Note TLS Auth Key will be available only when TLS is chosen in Authorization Mode Client to Client The box is checked by default Check the Enable box to enable the traffics among different OpenVPN Cli...

Страница 228: ...is chosen in Protocol CCD Dir Default File 1 An Optional setting 2 String format any text Specify the CCD Dir Default File Value Range 0 256 characters Client Connection Script 1 An Optional setting 2...

Страница 229: ...applied OpenVPN Client Configuration screen will appear OpenVPN Client Configuration window let you specify the required parameters for an OpenVPN VPN client such as OpenVPN Client Name Interface Pro...

Страница 230: ...Redirect Internet Traffic 1 An Optional setting 2 The box is unchecked by default Check the Enable box to activate the Redirect Internet Traffic function NAT 1 An Optional setting 2 The box is unchec...

Страница 231: ...ult Adaptive is selected Specify the LZO Compression scheme It can be Adaptive YES NO Default Persis Key 1 An Optional setting 2 The box is checked by default Check the Enable box to activate the Pers...

Страница 232: ...DHE DSS AES256 SHA Note TLS Cipher will be available only when TLS is chosen in Authorization Mode TLS Auth Key 1 An Optional setting 2 String format any text Specify the TLS Auth Key for connecting t...

Страница 233: ...is 1500 by default Specify the value of Tunnel UDP Fragment Value Range 0 1500 Note Tunnel UDP Fragment will be available only when UDP is chosen in Protocol Tunnel UDP MSS Fix The box is unchecked b...

Страница 234: ...nnels It also maintains User Account list user name password for client login authentication There is a virtual IP pool to assign virtual IP to each connected L2TP client L2TP Client It can be mobile...

Страница 235: ...ransferred based on current routing policy of the gateway at L2TP client peer But if you entered 0 0 0 0 0 in the Remote Subnet field it will be treated as a Default Gateway setting for the L2TP clien...

Страница 236: ...TP Unchecked by default Click the Enable box to activate L2TP function Client Server A Must filled setting Specify the role of L2TP Select Server or Client role your gateway will take Below are the co...

Страница 237: ...o L2TP client Value Range Starting Address and Starting Address 8 or 254 Authentication Protocol A Must filled setting Select single or multiple Authentication Protocols for the L2TP server with which...

Страница 238: ...e enable box to enable the user Click Save button to save new user account The selected user account can permanently be deleted by clicking the Delete button Value Range 1 32 characters As a L2TP Clie...

Страница 239: ...You can add up to 8 L2TP Clients L2TP Client Configuration Item Setting Value setting Description Tunnel Name A Must filled setting Enter a tunnel name Enter a name that is easy for you to identify Va...

Страница 240: ...ver The Remote Subnet format must be IP address netmask e g 10 0 0 2 24 It is for the Intranet of L2TP VPN server So at L2TP client peer the packets whose destination is in the dedicated subnet will b...

Страница 241: ...system determines the service port 1701 for Cisco The system use port 1701 for connecting with CISCO L2TP Server User defined Enter the service port The default value is 0 Value Range 0 65535 Tunnel...

Страница 242: ...of the Windows PPTP stack The security gateway can play either PPTP Server role or PPTP Client role for a PPTP VPN tunnel or both at the same time for different tunnels PPTP tunnel process is nearly...

Страница 243: ...Remote Subnet item is required It is for the Intranet of PPTP server peer So at PPTP client peer the packets whose destination is in the dedicated subnet will be transferred via the PPTP tunnel Others...

Страница 244: ...box to activate PPTP function Client Server A Must fill setting Specify the role of PPTP Select Server or Client role your gateway will take Below are the configuration windows for PPTP Server and for...

Страница 245: ...e last IP address for the subnet from which the PPTP client s IP address will be assigned Value Range Starting Address and Starting Address 8 or 254 Authentication Protocol 1 A Must fill setting 2 Unc...

Страница 246: ...button to save new user account The selected user account can permanently be deleted by clicking the Delete button Value Range 1 32 characters As a PPTP Client When select Client in Client Server a s...

Страница 247: ...urther select a primary tunnel from which to failover to Note Failover mode is not available for the gateway with single WAN Remote IP FQDN 1 A Must fill setting 2 Format can be a ipv4 address or FQDN...

Страница 248: ...HAP MS CHAP MS CHAP v2 MPPE Encryption 1 Unchecked by default 2 an optional setting Specify whether PPTP server supports MPPE Protocol Click the Enable box to enable MPPE Note when MPPE Encryption is...

Страница 249: ...nt or a server even using the same set of configuration rule GRE Tunnel Scenario To setup a GRE tunnel each peer needs to setup its global IP as tunnel IP and fill in the other s global IP as remote I...

Страница 250: ...E Enable GRE Window Item Value setting Description GRE Tunnel Unchecked by default Click the Enable box to enable GRE function Max Concurrent GRE Tunnels Depends on Product specification The specified...

Страница 251: ...On or Failover If this tunnel is set as a failover tunnel you need to further select a primary tunnel from which to failover to Note Failover mode is not available for the gateway with single WAN Tun...

Страница 252: ...rver peer controls the flow of any packets from the GRE client peer Certainly those packets come through the GRE tunnel DMVPN Spoke Unchecked by default Specify whether the gateway will support DMVPN...

Страница 253: ...irewall The firewall functions include Packet Filter URL Blocking Content Filter MAC Control Application Filter IPS and some firewall options The supported function can be different for the purchased...

Страница 254: ...list Allow those match the following rules and define the rules Rule 1 is to allow HTTP packets to pass and Rule 2 is to allow HTTPS packets to pass Under such configuration the gateway will allow on...

Страница 255: ...Log Alert The box is unchecked by default Check the Enable box to activate Event Log Save N A Click Save to save the settings Undo N A Click Undo to cancel the settings Create Edit Packet Filter Rule...

Страница 256: ...before this option become available Refer to Object Definition Grouping Host grouping You may also access to create a group by the Add Rule shortcut button Destination IP 1 A Must filled setting 2 By...

Страница 257: ...therwise select User defined Service and specify a port range Then for Destination Port select a predefined port dropdown box when Well known Service is selected otherwise select User defined Service...

Страница 258: ...listed in the rule list will be blocked if one pattern in the requests matches to one rule Other Web requests can pass through the gateway In contrast when you choose Deny all to pass except those mat...

Страница 259: ...Domain Name Keyword the destination service ports the integrated time schedule rule and the rule activation Enable URL Blocking Configuration Item Value setting Description URL Blocking The box is unc...

Страница 260: ...group must be pre defined before this option become available Refer to Object Definition Grouping Host grouping Source MAC 1 A Must filled setting 2 Any is set by default This field is to specify the...

Страница 261: ...fic range of Ports entered in this field Time Schedule Rule A Must filled setting Apply a specific Time Schedule to this rule otherwise leave it as 0 Always If the dropdown list is empty ensure Time S...

Страница 262: ...addresses he can use the MAC Control function to reject with the black list configuration MAC Control with Black List Scenario As shown in the diagram enable the MAC control function and specify the...

Страница 263: ...List Deny MAC Address Below is set by default When Deny MAC Address Below is selected as the name suggest packets specified in the rules will be blocked black listed In contrast with Allow MAC Address...

Страница 264: ...is easy for you to remember MAC Address Use to Compose 1 MAC Address string Format 2 A Must fill setting Specify the Source MAC Address to filter rule Time Schedule A Must fill setting Apply Time Sch...

Страница 265: ...Industry Cellular Gateway 5 2 4 Content Filter not supported Not supported feature for the purchased product leave it as blank 265...

Страница 266: ...Industry Cellular Gateway 5 2 5 Application Filter not supported Not supported feature for the purchased product leave it as blank 266...

Страница 267: ...about this activity attempt to block stop it and report it You can enable the IPS function and check the listed intrusion activities when needed You can also enable the log alerting so that system wi...

Страница 268: ...ption IPS The box is unchecked by default Check the Enable box to activate IPS function Log Alert The box is unchecked by default Check the Enable box to activate to activate Event Log Save N A Click...

Страница 269: ...he traffic threshold in this field ICMP Flood Defense Click Enable box to activate this intrusion prevention rule and enter the traffic threshold in this field Value Range 10 10000 Port Scan Defection...

Страница 270: ...unchecked by default 3 Traffic threshold is set to 300 by default 4 The value range can be from 10 to 10000 Click Enable box to activate this intrusion prevention rule and enter the traffic threshold...

Страница 271: ...ecord the packet information like IP address port address ACK SEQ number and so on while they pass through the gateway and the gateway checks every incoming packet to detect if this packet is valid Di...

Страница 272: ...uch packets from unknown users Discard Ping from WAN Remote Administrator Hosts Scenario Discard Ping from WAN makes any host on the WAN side can t ping this gateway reply any ICMP packets Enable the...

Страница 273: ...router allows network administrator to manage router remotely The network administrator can assign specific IP address and service port to allow accessing the router Remote Administrator Host Definiti...

Страница 274: ...is field is to specify a Service Port to HTTP or HTTPS connection Value Range 1 65535 Enabling the rule The box is unchecked by default Click Enable box to activate this rule Save N A Click Enable box...

Страница 275: ...in practice computer systems Centralized management has a time and effort trade off that is related to the size of the company the expertise of the IT staff and the amount of technology being used Thi...

Страница 276: ...o backup the existed command script in a txt file You can specify the script file name in Script Name below Upload Script N A Click the Via Web UI or Via Storage button to Upload the existed command s...

Страница 277: ...ption OPENVPN_ENABLED 1 enable 0 disable Enable or disable OpenVPN Client function OPENVPN_DESCRIPTION A Must filled Setting Specify the tunnel name for the OpenVPN Client connection OPENVPN_PROTO udp...

Страница 278: ...to the destination specified in PPP_PING_IPADDR PPP_PING_IPADDR IP Specify an IP address as the target for sending DNS query ICMP request PPP_PING_INTVL seconds Specify the time interval for between...

Страница 279: ...text system config ex txtConfig disable run_immediately NA Apply the configuration content that has been committed in database ex txtConfig run_immediately run_immediately a existing file Assign a co...

Страница 280: ...SP or the ACS provider for help At the right upper corner of TR 069 Setting screen one Help command let you see the same message about that Scenario Managing deployed gateways through an ACS Server Sc...

Страница 281: ...cedure In above diagram the ACS server can manage multiple gateways in the Internet The Gateway 1 is one of them and has 118 18 81 33 IP address for its WAN 1 interface When all remote gateways have b...

Страница 282: ...rmation to login the ACS server the service port and the account information for connection requesting from the ACS server and the time interval for job inquiry Except the inquiry time there are no ac...

Страница 283: ...n ask ACS manager provide ACS ConnectionRequest Port and manually set Value Range 0 65535 ConnectionRequest UserName A Must filled setting You can ask ACS manager provide ACS ConnectionRequest Usernam...

Страница 284: ...item Specify the IP address for the expected STUN Server Server Port 1 An optional setting 2 3478 is set by default Specify the port number for the expected STUN Server Value Range 1 65535 Keep Alive...

Страница 285: ...data on the managed systems as variables The protocol also permits active management tasks such as modifying and applying a new configuration through remote modification of these variables The variab...

Страница 286: ...s but other remote NMS can t Parameter Setup Example Following tables list the parameter configuration as an example for the Gateway 1 in above diagram with SNMP enabling at LAN and WAN interfaces Use...

Страница 287: ...configuring the Gateway 1 Only the UserName1 account can let the Gateway 1 accept the configuration from the NMS since the authority of the account is Read Write Once a managed device has an urgent ev...

Страница 288: ...host can access to the device By default All WANs is selected and there is no limitation for the WAN inferface Supported Versions 1 A Must filled setting 2 The boxes are unchecked by default Select th...

Страница 289: ...e Community Rule Configuration Item Value setting Description Community 1 Read Only is selected by default 2 A Must filled setting 3 String format any text Specify this version 1 or version v2c user s...

Страница 290: ...ersion 3 user Value Range 1 32 characters Password 1 String format any text When your Privacy Mode is authNoPriv or authPriv you must specify the Password for this version 3 user Value Range 8 64 char...

Страница 291: ...1 2 A Must filled setting 3 String format any legal OID The OID Filter Prefix restricts access for this version 3 user to the sub tree rooted at the given OID Value Range 1 2080768 Enable 1 The box i...

Страница 292: ...Rule Configuration Item Value setting Description Server IP 1 A Must filled setting 2 String format any IPv4 address or FQDN Specify the trap Server IP or FQDN The DUT will send trap to the server IP...

Страница 293: ...and encryption protocols Selected the authNoPriv You must specify the Authentication and Password Selected the authPriv You must specify the Authentication Password Encryption and Privacy Key Authent...

Страница 294: ...ontact 1 An Optional filled setting 2 String format any text Specify the contact information forMIB 2 system Value Range 0 64 characters sysLocation 1 An Optional filled setting 2 String format any te...

Страница 295: ...r Specify the Enterprise Number for the particular private MIB Value Range 1 2080768 Enterprise OID 1 The default value is 1 3 6 1 4 1 12823 4 4 9 Default Enterprise OID 2 A Must filled setting 3 Stri...

Страница 296: ...ice supports both Telnet and SSH Secure Shell CLI with default service port 23 and 22 respectively Telnet SSH Scenario Scenario Application Timing When the administrator of the gateway wants to manage...

Страница 297: ...io Operation Procedure In above diagram Local Admin or Remote Admin can manage the Gateway in the Intranet or Internet The Gateway is the gateway of Network A and the subnet of its Intranet is 10 0 75...

Страница 298: ...1 The LAN Enable box is checked by default 2 By default Service Port is 23 Check the Enable box to activate the Telnet function for connecting from LAN or WAN interfaces You can set which number of S...

Страница 299: ...specify new password to change root password Note_1 You are highly recommended to change the default telnet password with yours before the device is deployed Note_2 If you have trouble for the default...

Страница 300: ...ess gateway Click the Modify button and provide the new username setting Username Configuration Item Value setting Description Username 1 The default Username for web based MMI is admin Display the cu...

Страница 301: ...ssword again to confirm Save N A Click Save button to save the settings Undo N A Click Undo button to cancel the settings Change MMI Setting for Accessing This is the gateway s web based MMI access wh...

Страница 302: ...on will be available for further configuration You can leave it as default or select a expected certificate and key from the drop down list Refer to Object Definition Certificate Section for the Certi...

Страница 303: ...t displays the serial number of this product Kernel Version N A It displays the Linux kernel version of the product FW Version N A It displays the firmware version of the product CPU Usage N A It disp...

Страница 304: ...with time server by NTP Protocol to get system date and time after you click on the Synchronize immediately button The second one is Sync with my PC Select the method and the system will synchronize i...

Страница 305: ...inated Universal Time time not the local time for the device Synchronize with Manually Setting System Time Information Item Value Setting Description Synchronization method 1 A Must filled item 2 Time...

Страница 306: ...onize its date and time to the time of the administration PC NTP Service 1 It is an optional item 2 Un checked by default Check the Enable button to activate the NTP Service function When you enabled...

Страница 307: ...with Cellular WAN interface Time Zone 1 A Must filled item 2 GMT 00 00 is selected by default Select a time zone where this device locates NTP Service 1 It is an optional item 2 Un checked by default...

Страница 308: ...GNSS interface Time Zone 1 A Must filled item 2 GMT 00 00 is selected by default Select a time zone where this device locates NTP Service 1 It is an optional item 2 Un checked by default Check the Ena...

Страница 309: ...stem Log tab View Email Log History View button is provided for network administrator to view log history on the gateway Email Now button enables administrator to send instant Email for analysis View...

Страница 310: ...he First button to jump to the first page Last N A Click the Last button to jump to the last page Download N A Click the Download button to download log to your PC in tar file format Clear N A Click t...

Страница 311: ...rt Setting Window Item Value Setting Description Enable Un checked by default Check Enable box to enable sending event log messages to destined Email account defined in the E mail Addresses blank spac...

Страница 312: ...d Debug Log to Storage Log to Storage screen allows network administrator to select the type of events to log and be stored at an internal or an external storage Log to Storage Setting Window Item Val...

Страница 313: ...d to specify the file name of new firmware by using Browse button and then click Upgrade button to start the FW upgrading process on this device If you want to upgrade a firmware which is from GPL pol...

Страница 314: ...ot this device by clicking the Reboot button and reset this device to default settings by clicking the Reset button System Operation Window Item Value Setting Description Reboot Now is selected by def...

Страница 315: ...technologically different This gateway embedded FTP SFTP server for administrator to download the log files to his computer or database In the following two sections you can configure the FTP server...

Страница 316: ...ng so no any write permission is implemented for user file upload to the storage FTP Port Port 21 is set by default Specify a port number for FTP connection The gateway will listen for incoming FTP co...

Страница 317: ...r Mode Optional setting Check the Enable box to activate the support of ASCII mode data transfers Binary mode is supported by default FTPS FTP over SSL TLS Optional setting Check the Enable box to act...

Страница 318: ...ame String non blank string Enter the user account for login to the FTP server Value Range 1 15 characters Password String no blank Enter the user password for login to the FTP server Directory N A Se...

Страница 319: ...ce to test whether it is alive after clicking on the Ping button A test result window will appear beneath it Tracert Test Optional setting Trace route tracert command is a network diagnostic tool for...

Страница 320: ...ame to save the captured packets in log storage If Split Files option is also enabled the file name will be appended with an index code _ index The extension file name is pcap Split Files 1 An optiona...

Страница 321: ...n specific Interface s you can further specify some filter rules to capture the packets which matched the rules Capture Fitters Item Value setting Description Filter Optional setting Check Enable box...

Страница 322: ...MACs which means the destination MAC address of packets Packets which match the rule will be captured Up to 10 MACs are supported but they must be separated with e g AA BB CC DD EE FF 11 22 33 44 55 6...

Страница 323: ...icating with carrier ISP by USSD command or doing a cellular network scan for diagnostic purpose In Cellular Toolkit section it includes several useful features that are related to cellular configurat...

Страница 324: ...ch to secondary SIM and establish another cellular data connection with secondary SIM automatically If Data Usage feature is enabled all history of cellular data usage can be viewed at Status Statisti...

Страница 325: ...lect 3G 4G 1 and SIM A by default Choose a cellular interface 3G 4G 1 or 3G 4G 2 and a SIM card bound to the selected cellular interface to configure its data usage profile Note 3G 4G 2 is only availa...

Страница 326: ...strict Un Checked by default Check the Enable box to activate the connection restriction function During the specified cycle period if the actual data usage exceeds the allowable data limitation the c...

Страница 327: ...tion Configuration Item Value setting Description Physical Interface The box is 3G 4G 1 by default Choose a cellular interface 3G 4G 1 or 3G 4G 2 for the following SMS function configuration Note 3G 4...

Страница 328: ...ceived the new SMS this value plus one Remaining SMS N A This value is SMS capacity minus received SMS When received the new SMS this value minus one New SMS N A Click New SMS button a New SMS screen...

Страница 329: ...box List You can read or delete SMS reply SMS or forward SMS from this screen SMS Inbox List Item Value setting Description ID N A The number or SMS From Phone Number N A What the phone number from SM...

Страница 330: ...manage PIN code on a SIM card through its web GUI Activate PIN code on SIM Card This gateway device allows you to activate PIN code on SIM card This example shows how to activate PIN code on SIM A fo...

Страница 331: ...Industry Cellular Gateway 331...

Страница 332: ...the SIM PIN setting for the selected SIM Card Note 3G 4G 2 is only available for for the product with dual cellular module SIM Status N A Indication for the selected SIM card and the SIM card status...

Страница 333: ...the Change PIN code button is disabled In the case if you still want to change the PIN code you have to enable the SIM Lock function first fill in the PIN code and then click the Save button to enable...

Страница 334: ...As mentioned earlier the SIM card will be locked by PUK code after too many trials of failure PIN code In this case the PUK Status will turns to PUK Lock In a normal situation it will display PUK Unlo...

Страница 335: ...alphanumeric characters in length Unlike Short Message Service SMS messages USSD messages create a real time connection during an USSD session The connection remains open allowing a two way exchange...

Страница 336: ...Industry Cellular Gateway 336...

Страница 337: ...the correct pre command and then click on the Send button for the session The responses from the USSD server will be displayed beneath the USSD Command line When commands typed in the USSD Command fie...

Страница 338: ...ur service provider for the details Comments N A Enter a brief comment for the profile Send USSD Request When send the USSD command the USSD Response screen will appear When click the Clear button the...

Страница 339: ...g one after another You can also specify the connection sequence of the targeted generation of mobile system 2G 3G LTE Network Scan Configuration Configuration Item Value setting Description Physical...

Страница 340: ...ars when the Manually Scan Approach is selected in the Configuration window By clicking on the Scan button and wait for 1 to 3 minutes the found mobile operator system will be displayed for you to cho...

Страница 341: ...ecific functionality of the gateway On receiving the managing event the gateway will take action to change the functionality collect the required status for administration and also change the status o...

Страница 342: ...nected Modbus devices Notifying Events Trigger Type Digital Input Power Change Connection Change WAN LAN VLAN WiFi DDNS Administration Modbus and Data Usage Actions Notify the administrator with SMS S...

Страница 343: ...ox to activate the Event Management function Enable SMS Management To use the SMS management function you have to configure some important settings first SMS Configuration Item Value setting Descripti...

Страница 344: ...t Configuration Item Value setting Description Phone Number 1 Mobile phone number format 2 A Must filled setting Select the Phone number policy from the drop list and specify a mobile phone number as...

Страница 345: ...count for event notification It supports up to a maximum of 5 accounts You can click the Add Edit button to configure the Email account Email Service Configuration Item Value setting Description Email...

Страница 346: ...purchased product Normal Level Low by default Specify the Normal Level It could be Low or High Signal Active Time 1 Numberic String format 2 A Must filled setting Specify the Signal Active Time It cou...

Страница 347: ...tion for the profile DO Source ID1 by default Specify the DO Source It could be ID1 Normal Level Low by default Specify the Normal Level It could be Low or High Total Signal Period 1 Numberic String f...

Страница 348: ...dbus Notifying Events Profile Item Value setting Description Modbus Name 1 String format 2 A Must filled setting Specify the Modbus profile name Value Range 1 32 characters Description 1 Any text 2 An...

Страница 349: ...It could be from 1 to 247 Register 1 Numberic String format 2 A Must filled setting Specify the Register number of the modbus device Value Range 0 65535 Logic Comparator Logic Comparator by default S...

Страница 350: ...ting Description Modbus Name 1 String format 2 A Must filled setting Specify the Modbus profile name Value Range 1 32 characters Description 1 Any text 2 An Optional setting Specify a brief descriptio...

Страница 351: ...the modbus device Value Range 1 247 Register 1 Numberic String format 2 A Must filled setting Specify the Register number of the modbus device Value Range 0 65535 Value 1 Numberic String format 2 A Mu...

Страница 352: ...d response Go to Service Event Handling Managing Events Tab Enable Managing Events Configuration Item Value setting Description Managing Events The box is unchecked by default Check the Enable box to...

Страница 353: ...profile you defined to specify a certain Digital Input Event Note The available Event Type could be different for the purchased product Description String format any text Enter a brief description fo...

Страница 354: ...9 On Off the gateway will change the settings as the action for the event Administration Select Administration Checkbox and the interested sub items Backup Config Restore Config Reboot Save Current Se...

Страница 355: ...ne the relationship rule between event trigger and handlers Enable Notifying Events Configuration Item Value setting Description Notifying Events The box is unchecked by default Check the Enable box t...

Страница 356: ...er condition to specify a certain LAN VLAN Event WiFi Select WiFi and a trigger condition to specify a certain WiFi Event DDNS Select DDNS and a trigger condition to specify a certain DDNS Event Admin...

Страница 357: ...action for the event Modbus Select Modbus and a Modbus Notifying Event profile you defined as the action for the event Note The available Event Type could be different for the purchased product Time S...

Страница 358: ...ion status for the gateway They are the System Information System Information History and Network Interface Status The display will be refreshed once per second From the menu on the left select Status...

Страница 359: ...statistic graphs for the CPU and memory Network Interface Status The Network Interface Status screen shows the statistic information for each network interface of the gateway The statistic information...

Страница 360: ...purchased it can be Static IP Dynamic IP PPPoE PPTP L2TP 3G 4G Network Type N A It displays the network type for the WAN interface s Depending on the model purchased it can be NAT Routing Bridge or IP...

Страница 361: ...Note Connect button is available when Connection Control in WAN Type setting is set to Connect Manually Refer to Edit button in Basic Network WAN Uplink Internet Setup and WAN connection status is co...

Страница 362: ...is also the IPv6 IP Address user use to access Router s Web based Utility IPv6 Global Address N A It displays the current IPv6 global IP address assigned by your ISP for your Internet connection Acti...

Страница 363: ...ion SIM Status and Service Information Refer to next page for more When the Detail button is pressed 3G 4G modem information windows such as Modem Information SIM Status Service Information and Signal...

Страница 364: ...s gateway LAN Client List Item Value setting Description LAN Interface N A Client record of LAN Interface String Format IP Address N A Client record of IP Address Type and the IP Address Type is Strin...

Страница 365: ...ther the VAP wireless signal is enabled or disabled Op Mode N A The Wi Fi Operation Mode of VAP Depends of device model modes are AP Router WDS Only and WDS Hybrid Universal Repeater and Client SSID N...

Страница 366: ...stic shows all the received and transmitted packets on WiFi network WiFi IDS Status Item Value setting Description Authentication Frame N A It displays the receiving Authentication Frame count Associa...

Страница 367: ...on WiFi network WiFi Traffic Statistic Item Value setting Description Op Band N A It displays the Wi Fi Operation Band 2 4G or 5G of VAP ID N A It displays the VAP ID Received Packets N A It displays...

Страница 368: ...ify DDNS service provider Provider N A It displays the DDNS server of DDNS service provider Effective IP N A It displays the public IP address of the device updated to the DDNS server Last Update Stat...

Страница 369: ...s Item Value setting Description Tunnel Name N A It displays the tunnel name you have entered to identify Tunnel Scenario N A It displays the Tunnel Scenario specified Local Subnets N A It displays th...

Страница 370: ...the corresponding OpenVPN tunnel The status can be Connected or Disconnected OpenVPN Client Status OpenVPN Client Status Item Value setting Description OpenVPN Client Name N A It displays the Client n...

Страница 371: ...Industry Cellular Gateway 371...

Страница 372: ...VPN L2TP tab L2TP Client Status Item Value setting Description Client Name N A It displays Name for the L2TP Client specified Interface N A It displays the WAN interface with which the gateway will us...

Страница 373: ...VPN PPTP tab PPTP Client Status Item Value setting Description Client Name N A It displays Name for the PPTP Client specified Interface N A It displays the WAN interface with which the gateway will u...

Страница 374: ...Packet Filter Status Packet Filter Status Item Value setting Description Activated Filter Rule N A This is the Packet Filter Rule name Detected Contents N A This is the logged packet information inclu...

Страница 375: ...lert and save the setting Web Content Filter Status Web Content Filter Status Item Value setting Description Activated Filter Rule N A Logged packet of the rule name String format Detected Contents N...

Страница 376: ...led Refer to Security Firewall MAC Control tab Check Log Alert and save the setting Application Filters Status Application Filters Status Item Value setting Description Filtered Application Category N...

Страница 377: ...Firewall Options String Format Disable or Enable SPI N A Enable or Disable setting status of SPI on Firewall Options String Format Disable or Enable Discard Ping from WAN N A Enable or Disable settin...

Страница 378: ...thentication This is only available for SNMP version 3 IP Address N A It displays the IP address of SNMP manager Port N A It displays the port number used to maintain connection with the SNMP manager...

Страница 379: ...nnection status with the TR 068 server TR 069 Status Item Value setting Description Link Status N A It displays the current connection status with the TR 068 server The connection status is either On...

Страница 380: ...g Storage tab The Log Storage Status screen shows the status for selected device storage Log Storage Status Log Storage Status screen shows the status of current the selected device storage The status...

Страница 381: ...ous button you will see the previous page of track list Next N A Click the Next button you will see the next page of track list First N A Click the First button you will see the first page of track li...

Страница 382: ...affic Go to Status Statistics Reports Network Traffic tab Network Traffic Statistics screen shows the historical graph for the selected network interface You can change the interface drop list and sel...

Страница 383: ...ogin statistics Next N A Click the Next button you will see the next page of login statistics First N A Click the First button you will see the first page of login statistics Last N A Click the Last b...

Страница 384: ...8 5 4 Cellular Usage Go to Status Statistics Reports Cellular Usage tab Cellular Usage screen shows data usage statistics for the selected cellular interface The cellular data usage can be accumulate...

Страница 385: ...en Hemminger shemminger osdl org Lennert Buytenhek buytenh gnu org version 1 1 GNU GENERAL PUBLIC LICENSE Version 2 June 1991 tc show manipulate traffic control settings Stephen Hemminger shemminger o...

Страница 386: ...ent but changing it is not allowed https www openswan org Opennhrp Version v0 14 1 OpenNHRP is an NHRP implementation for Linux It has most of the RFC2332 and Cisco IOS extensions Project homepage htt...

Страница 387: ...ringpenguin com L2TPServ Version v 1 3 1 GNU GENERAL PUBLIC LICENSEVersion 2 June 1991 Copyright C 1989 1991 Free Software Foundation Inc 59 Temple Place Suite 330 Boston MA 02111 1307 USA Everyone is...

Страница 388: ...nt an NTP RFC 1305 RFC 4330 client for unix alike computers Version 2007_365 Copyright 1997 1999 2000 2003 2006 2007 Larry Doolittle exFAT FUSE based exFAT implementation Version 0 9 8 Copyright C 201...

Страница 389: ...Industry Cellular Gateway Version 20080615 Copyright C 1998 2004 WIDE Project BSD License https sourceforge net projects wide dhcpv6 389...

Результаты поиска

Содержание IOG851-0T031

Отзывы:

Amit IOG851-0T031, Руководство пользователя, Страница: 1 / 389

Результаты поиска

Содержание IOG851-0T031

Отзывы: