manualshive.com logo in svg

Amit IOG851-W, Руководство пользователя, Страница: 89 / 395

Поделиться
Скачать
Amit IOG851-W Скачать руководство пользователя страница 89

4G PoE IIoT Gateway

 

 

WiFi Configuration Setting 

The WiFi configuration allows user to configure 2.4GHz or 5GHz WiFi settings. 

 

Go to 

Basic Network > WiFi > WiFi Module One

 Tab. If the gateway is equipped with two WiFi modules, there 

will be another 

WiFi Module Two

. You can do the similar configurations on both WiFi modules. 

Basic Configuration 

 

 

 

Basic Configuration

 

Item 

Value setting 

Description 

Operation Band 

A Must filled setting 

Specify the intended operation band for the WiFi module. 

Basically, this setting is fixed and cannot be changed once the module is integrated 

into the product. However, there is some module with selectable band for user to 

choose according to his network environment. Under such situation, you can specify 

which operation band is suitable for the application. 

 

Configure WiFi Setting 

 

 

 

Configuring Wi-Fi Settings

 

Item 

Value setting 

Description 

WiFi Module 

The box is checked by 

default 

Check the 

Enable

 box to activate Wi-Fi function. 

Channel 

1. A Must filled setting. 

2. 

Auto

 is selected be 

default. 

Select a radio channel for the VAP. Each channel is corresponding to different radio 

band. The permissible channels depend on the 

Regulatory Domain

.  

There are two available options when 

Auto

 is selected: 

 

By AP Numbers

 

The channel will be selected according to AP numbers (The less, the better). 

89 

 

Содержание IOG851-W

Страница 1: ...4G PoE IIoT Gateway IOG851 WT041 User Manual...

Страница 2: ...RED Requirements 16 1 6 Hardware Installation 19 1 6 1 Mount the Unit 19 1 6 2 Insert the SIM Card 19 1 6 3 Install the External RF Cable and Antenna 20 1 6 4 Connecting DI DO Devices 21 1 6 5 Connect...

Страница 3: ...Computer 113 2 5 3 DMZ Pass Through 119 2 5 4 Special AP ALG not supported 122 2 5 5 IP Translation 123 2 6 Routing 126 2 6 1 Static Routing 127 2 6 2 Dynamic Routing 130 2 6 3 Routing Information 13...

Страница 4: ...g 204 4 2 1 Data Logging Configuration 207 4 2 2 Scheme Setup 209 4 2 3 Log File Management 211 Chapter 5 Security 213 5 1 VPN 213 5 1 1 IPSec 214 5 1 2 OpenVPN 223 5 1 3 L2TP 236 5 1 4 PPTP 244 5 1 5...

Страница 5: ...318 6 2 6 Reboot Reset 319 6 3 FTP 320 6 3 1 Server Configuration 321 6 3 2 User Account 323 6 4 Diagnostic 324 6 4 1 Diagnostic Tools 324 6 4 2 Packet Analyzer 326 Chapter 7 Service 329 7 1 Cellular...

Страница 6: ...71 8 2 4 DDNS Status 374 8 3 Security 375 8 3 1 VPN Status 375 8 3 2 Firewall Status 380 8 4 Administration 384 8 4 1 Configure Manage Status 384 8 4 2 Log Storage Status 386 8 5 Statistics Report 387...

Страница 7: ...t security features including VPN firewall NAT port forwarding DHCP server and many other powerful features for outdoor IP surveillance applications The redundancy design in fallback 24 56 VDC power t...

Страница 8: ...tents List 1 2 1 Package Contents Standard Package Items Description Contents Quantity 1 IOG851 WT041 4G PoE IIoT Gateway 1pcs 2 8 pin Terminal Block 1pcs 3 4 pin Terminal Block 1pcs 4 RJ45 Cable 1pcs...

Страница 9: ...Items Description Contents Comments 1 Power Supply SDR 120 48 INPUT 100 240VAC 1 4A 50 60Hz OUTPUT 48V 2 5A Total Watt 120W 2 Power Supply SDR 240 48 INPUT 100 240VAC 2 6A 50 60Hz OUTPUT 48V 5A Total...

Страница 10: ...l restore to factory default settings 3G 4G WiFi Antenna All the 3G 4G and WiFi antennas are optional accessory and not included in the standard package You need to purchase the suitable antennas and...

Страница 11: ...4G PoE IIoT Gateway Left View DC Power Terminal Block Earth Ground Screw DI DO Terminal Block 11...

Страница 12: ...e or the connected devices SIM A B and Cellular Signal Strength Blue OFF No SIM card is detected Flash Fast Blue The cellular signal is about 0 30 Flash slow Per 1 5 2 second Blue The cellular signal...

Страница 13: ...ng Windows Macintosh or Linux based operating system An installed Ethernet adapter Browser Requirements Internet Explorer 6 0 or higher Chrome 2 0 or higher Firefox 3 0 or higher Safari 3 0 or higher...

Страница 14: ...ent and receiver Connect the equipment into an outlet on a circuit different from that to which the receiver is connected Consult the dealer or an experienced radio TV technician for help FCC Caution...

Страница 15: ...temperature for the metallic enclosure can be very high Especially after operating for a long time installed at a closed cabinet without air conditioning support or in a high ambient temperature space...

Страница 16: ...MHz Downlink 925 960 MHz E GSM Uplink 880 915 MHz Downlink 925 960 MHz 33 2 dBm DCS Uplink 1710 1785 MHz Downlink 1805 1880 MHz 30 2 dBm 1 b Frequency Band for Cellular Connection for EC25 E version...

Страница 17: ...dBm 1 c Frequency Band for Wi Fi Connection Band Operating Frequency Max Output Power EIRP 2 4G 2 4 2 4835 GHz 100 mW 5G 5 15 5 25 GHz 200 mW 2 5150 5350MHz In Door Use Statements This product equips...

Страница 18: ...n is at least 20 cm away from the body of user 6 Unit Mounting Notice The product is suitable for mounting at heights 2m approx 6 ft or in a cabinet Ensure the unit is fixed tightly to reduce the like...

Страница 19: ...ket on the product first 1 6 2 Insert the SIM Card WARNING BEFORE INSERTING OR CHANGING THE SIM CARD PLEASE MAKE SURE THAT POWER OF THE DEVICE IS SWITCHED OFF The SIM card slots are located at the fro...

Страница 20: ...e horizontal distance between antennas should be greater than 1 4 of its wavelength and there will be best separation at 1 2 of its wavelength 2 If multiple frequency antennas are near each other then...

Страница 21: ...Please refer to following specification to connect DI and DO devices Mode Specification Digital Input Trigger Voltage high Logic level 1 5V 30V Normal Voltage low Logic level 0 0V 2V Digital Output V...

Страница 22: ...cts provide 4 pin Terminal Block serial port for connecting to your serial device Connect the serial device to the terminal block with the right pin assignments of RS 232 485 are shown as below Pin 1...

Страница 23: ...when the primary power fails If the voltage difference between PWR1 and PWR2 is less than 0 5 volt this is the case for using two power supply with the same external spec such as 48V the power control...

Страница 24: ...unit may consist of one set or two sets of DC power output contacts You can connect the DC power supply and the terminal block power pins as shown below of the gateway with a power cable AWG 18 power...

Страница 25: ...4G PoE IIoT Gateway Finally connect the power plug of the power supply cable to an outlet then the power supply units will turn on and provide DC power to the connected device 25...

Страница 26: ...e host PC s Ethernet port for configuring the device 1 6 9 Setup by Configuring WEB UI You can browse web UI to configure the device Type in the IP Address http 192 168 123 254 3 When you see the logi...

Страница 27: ...es dial in ISPs and then link to the Internet via different kinds of transmit media So the WAN Connection lets you specify the WAN Physical Interface WAN Internet Setup and WAN Load Balance for Intran...

Страница 28: ...Interface Configuration Physical Interface List window shows all the available physical interfaces After clicking on the Edit button for the interface in Physical Interface List window the Interface C...

Страница 29: ...on is recovered back with a connection it will take over data traffic again At that time WAN 2 connection will be terminated Seamless Failover In addition there is a Seamless option for Failover opera...

Страница 30: ...lover interface The dialing up time of failover connection is saved since it has been connected beforehand VLAN Tagging Sometimes your ISP required a VLAN tag to be inserted into the WAN packets from...

Страница 31: ...setting Description Physical Interface 1 A Must fill setting 2 WAN 1 is the primary interface and is factory set to Always on Select one expected interface from the available interface dropdown list...

Страница 32: ...ndary WAN interface to switch Failover from Note for WAN 1 only Always on option is available VLAN Tagging Optional setting Check Enable box to enter tag value provided by your ISP Otherwise uncheck t...

Страница 33: ...iguration and related configuration windows for each WAN type For the Internet setup of each WAN interface you must specify its WAN type of physical interface first and then its related parameter conf...

Страница 34: ...is more expensive but very importat for cooperate requirement Dynamic IP The assigned IP address for the WAN by a DHCP server is different every time It is cheaper and usually for consumer use PPP ove...

Страница 35: ...er the host name provided by your Service Provider ISP Registered MAC Address An optional setting Enter the MAC address that you have registered with your service provider Or Click the Clone button to...

Страница 36: ...address given by your Service Provider WAN Type PPPoE When you select it PPPoE WAN Type Configuration will appear Items and setting is explained below PPPoE WAN Type Configuration Item Value setting...

Страница 37: ...lled setting Enter the WAN subnet mask given by your Service Provider WAN Gateway A Must filled setting Enter the WAN gateway IP address given by your Service Provider When Dynamic IP is selected ther...

Страница 38: ...WAN gateway IP address given by your Service Provider When Dynamic IP is selected there are no above settings required Server IP Address Name A Must filled setting Enter the L2TP server name or IP Ad...

Страница 39: ...utomatically once it has been booted up and try to reconnect once the connection is down It s recommended to choose this scheme if for mission critical applications to ensure full time Internet connec...

Страница 40: ...tor connection status continuous To do it ICMP Check and FQDN Query are used to check When there is trafiic of connection checking packet will waste bandwidth Response time of replied packets may also...

Страница 41: ...Unit limit and specify the MTU for the 3G 4G connection MTU refers to Maximum Transmission Unit It specifies the largest packet size permitted for Internet transmission Value Range 1200 1500 MTU Setu...

Страница 42: ...nterval as the DNS Query Interval Query Interval defines the transmitting interval between two DNS Query or ICMP checking packets With DNS Query the system checks the connection by sending DNS Query p...

Страница 43: ...e the target Other Host enter an IP address to be the target Target 2 1 An Optional filled setting 2 None is selected by default Target1 specifies the second target of sending DNS query ICMP request N...

Страница 44: ...AN interface This device has featured by using dual SIM cards for one module with special fail over mechanism It is called Dual SIM Failover This feature is useful for ISP switch over when location is...

Страница 45: ...A or SIM B card first And when the connection is broken the gateway will switch to use the other SIM card for an alternate automatically and will not switch back to use original SIM card except curren...

Страница 46: ...nection is dialed up not using the main SIM you selected it will failback to the main SIM and try to establish the connection periodically Note_1 For the product with single SIM design only SIM A Only...

Страница 47: ...settings Configure SIM A SIM B Card Here you can set configurations for the cellular connection according to your situation or requirement Note_1 Configurations of SIM B Card follows the same rule of...

Страница 48: ...on Your ISP always provides such network settings for the subscribers Note_2 If you select Auto detection it is likely to connect to improper network or failed to find a valid APN for your ISP APN 1 A...

Страница 49: ...filled in the server address is given by the carrier while dialing up Roaming The box is unchecked by default Check the box to establish the connection even the registration status is roaming not in...

Страница 50: ...ll start to dial up with the profile that assigned with the smallest number Value Range 1 16 Profile The box is checked by default Check the box to enable this profile Uncheck the box to disable this...

Страница 51: ...check by default Check the Enable box to enable the MTU Maximum Transmission Unit limit and specify the MTU for the 3G 4G connection MTU refers to Maximum Transmission Unit It specifies the largest pa...

Страница 52: ...ecking Interval Query Interval defines the transmitting interval between two DNS Query or ICMP checking packets With ICMP Checking the system will check connection by sending ICMP request packets to t...

Страница 53: ...select strategy according to application requirement and environment status The strategies are explained as below By Smart Weight If based on By Smart Weight strategy gateway will take the line speed...

Страница 54: ...ange Destination port can be a single port or port range You can select one target for one mapping to setup IP address and leave others just left as any All Besides this you can also set protocol as T...

Страница 55: ...ng Description Load Balance Unchecked by default Check the Enable box to activate Load Balance function Load Balance Strategy 1 A Must filled setting 2 By Smart Weight is selected by default There are...

Страница 56: ...restore what you just configured back to the previous setting When By User Policy is selected a User Policy List screen will appear With properly configured your policy rules system will route traffic...

Страница 57: ...for the traffics come to the domain Destination Port 1 A Must filled setting 2 All is selected by default There are four options can be selected All No specific destination port is provided Port Rang...

Страница 58: ...guration Static IP If there is at least one WAN interface activated the LAN IP mode is fixed in Static IP mode Dynamic IP If all the available WAN inferfaces are disabled the LAN IP mode can be Dynami...

Страница 59: ...additional IP When Add button is applied Additional IP Configuration screen will appear Configuration Item Value setting Description Name 1 An Optional Setting Enter the name for the alias IP address...

Страница 60: ...4G PoE IIoT Gateway network Value Range 255 0 0 0 8 255 255 255 255 32 Save NA Click the Save button to save the configuration 60...

Страница 61: ...Port based VLAN function can group Ethernet ports Port 1 Port 4 and WiFi Virtual Access Points VAP 1 VAP 8 together for differentiated services like Internet surfing multimedia enjoyment VoIP talking...

Страница 62: ...ts VAP 1 VAP 8 together with different VLAN tags for deploying subnets in Intranet All packet flows can carry with different VLAN tags even at the same physical Ethernet port for Intranet These flows...

Страница 63: ...s equipped with DHCP 3 server to construct a 192 168 12 x subnet He also configure Meeting Rooms segment with VLAN ID 11 The VLAN group is equipped with DHCP 2 server to construct a 192 168 11 x subne...

Страница 64: ...cify members of one VLAN group to be able to access Internet or not Following is an example that VLAN groups of VID is 2 and 3 can access Internet but the one with VID is 1 cannot access Internet That...

Страница 65: ...mmunication pair and one VLAN group can join many communication pairs But communication pair doesn t have the transitive property That is A can communicate with B and B can communicate with C it doesn...

Страница 66: ...to Tag based VLAN List table System Reserved VLAN ID 1 5 is reserved by default Specify the VLAN ID range that is reserved for the system operation For the Port based Tag based VLAN grouping only use...

Страница 67: ...default Select NAT mode or Bridge mode for the rule Port Members These boxes are unchecked by default Select which LAN port s and VAP s that you want to add to the rule Note The available member list...

Страница 68: ...Server IP Address field Server Select Server to enable DHCP Server function for the VLAN group and you need to specify the DHCP Server settings Disable Select Disable to disable the DHCP Server funct...

Страница 69: ...The Primary DNS of this DHCP Server Secondary DNS IPv4 format The Secondary DNS of this DHCP Server Primary WINS IPv4 format The Primary WINS of this DHCP Server Secondary WINS IPv4 format The Seconda...

Страница 70: ...CP Server wants to match IP Address A Must filled setting Define the IP Address that the DHCP Server will assign If there is a request from the MAC Address filled in the above field the DHCP Server wi...

Страница 71: ...r When Edit button is applied a screen similar to this will appear Inter VLAN Group Routing Item Value setting Description VALN Group Internet Access Definition All boxes are checked by default By def...

Страница 72: ...f your device has a DMZ port you will see DMZ configuration too The router supports up to a maximum of 128 tag based VLAN rule sets When Add button is applied Tag based VLAN Configuration screen will...

Страница 73: ...by default Check the box to enable the DHCP Relay function for the VLAN group and you only need to fill the DHCP Server IP Address field WAN Interface WAN 1 is selected by default Select which WAN in...

Страница 74: ...ay LAN interface with its default Subnet Mask setting as 255 255 255 0 and its default IP Pool ranges is from 100 to 200 as shown at the DHCP Server List page on gateway s WEB UI User can add more DHC...

Страница 75: ...xed IP address to map the specific client MAC address by select them then copy when targets were already existed in the DHCP Client List or to add some other Mapping Rules by manually in advance once...

Страница 76: ...o assign IP Addresses to the devices on the local area network LAN Create Edit DHCP Server Policy The gateway allows you to custom your DHCP Server Policy If multiple LAN ports are available you can d...

Страница 77: ...Server Primary DNS IPv4 format The Primary DNS of this DHCP Server Secondary DNS IPv4 format The Secondary DNS of this DHCP Server Primary WINS IPv4 format The Primary WINS of this DHCP Server Seconda...

Страница 78: ...vious setting Back N A When the Back button is clicked the screen will return to the DHCP Server Configuration page View Copy DHCP Client List When DHCP Client List button is applied DHCP Client List...

Страница 79: ...uration Item Value setting Description Option Name 1 String format can be any text 2 A Must filled setting Enter a DHCP Server Option name Enter a name that is easy for you to understand DHCP Server S...

Страница 80: ...st 4 URL format 5 A Must filled setting Should conform to Type Type Value 66 Single IP Address IPv4 format Single FQDN FQDN format 72 IP Addresses List separated by IPv4 format separated by 114 Single...

Страница 81: ...WAN interface s and L2TP connection Server IP 1 A Must filled setting 2 null by default Assign a DHCP Server IP Address that the gateway will relay the DHCP requests to the assigned DHCP server via sp...

Страница 82: ...tput power per cable is 15 4W for IEEE 802 3af PD device and 30W for IEEE802 3at PD device However to make the PoE cellular gateway provide required power through the Ethernet cables you have to prepa...

Страница 83: ...have to enter the power budget With specified power budget the PoE gateway can monitor whether the connected PD devices caused power overflow and force the connected PD with lowest priority to be off...

Страница 84: ...default Specify the the action to take when the PD Power overflow occurs for a certain port It can be No Action or Power Long Time Off On If the Power overload occurs PD consumes more power than the...

Страница 85: ...l bands of operation There are several wireless operation modes provided by this device They are AP Router Mode WDS Only Mode and WDS Hybrid Mode You can choose the expected mode from the wireless ope...

Страница 86: ...with the wireless gateway make sure your application scenario for WiFi network and choose the most adequate operation mode AP Router Mode This mode allows you to get your wired and wireless devices co...

Страница 87: ...Gateway 1 through WDS Both gateways connected by WDS need to setup the remote AP MAC for each other All client hosts under gateway 2 3 can request IP address from the DHCP server at gateway 1 Besides...

Страница 88: ...s As shown in the diagram the clients in VAP 1 and VAP 2 can communicate to each other when VAP Isolation is disabled Wi Fi Security Authentication Encryption Wi Fi security provides complete authenti...

Страница 89: ...is integrated into the product However there is some module with selectable band for user to choose according to his network environment Under such situation you can specify which operation band is su...

Страница 90: ...enabled AP Router Mode Item Value setting Description Green AP The box is unchecked by default Check the Enable box to activate Green AP function VAP Isolation The box is checked by default Check the...

Страница 91: ...For others VAP Configuration Item Value setting Description SS ID 1 String format Any text Enter the SSID for the VAP and decide whether to broadcast the SSID or not The SSID is used for identifying f...

Страница 92: ...or WPA2 is selected They are implementation of IEEE 802 11i WPA only had implemented part of IEEE 802 11i but owns the better compatibility WPA2 had fully implemented 802 11i standard and owns the hig...

Страница 93: ...x is checked by default Others unchecked by default Check the Enable box to activate this function By default the box is checked it means that stations which associated to the same VAP cannot communic...

Страница 94: ...AC List N A Press the Scan button to scan the spatial AP information and then select one from the AP list the MAC of selected AP will be auto filled in the following Remote AP MAC table Remote AP MAC...

Страница 95: ...required authentication and Encryption settings Click Edit button in the VAP List screen and a VAP Configuration screen will appear for you to configure the required settings For the detail descripti...

Страница 96: ...nnot communicate with each other Time Schedule A Must filled setting Apply a specific Time Schedule to this rule otherwise leave it as 0 Always If the dropdown list is empty ensure Time Schedule is pr...

Страница 97: ...ange the security key to a easy to remember one by clicking the Edit button Under WDS Hybrid mode the VAP function is available and you can further specifying the required VAP settings for connecting...

Страница 98: ...4G PoE IIoT Gateway For others For the detail description about VAP configuration please refer to the description stated in AP Router section 98...

Страница 99: ...Under such situation you can specify which operation band is suitable for the application Multiple AP Names 1 A Must filled setting 2 All is selected by default Specify the VAP to show the associated...

Страница 100: ...sensitivity RSSI value for each radio path Signal N A The signal strength between client and this device Interface N A It shows the VAP ID that the client associated with Refresh N A Click the Refres...

Страница 101: ...asic Network WiFi Advanced Configuration Tab Select Target WiFi Target Configuration Item Value setting Description Module Select A Must filled setting Select the WiFi module to check the information...

Страница 102: ...jitter when transmitting multimedia content over a wireless connection Short GI By default 400ns is selected Short GI Guard Interval is defined to set the sending interval between each packet Note th...

Страница 103: ...features not present in IPv4 It simplifies aspects of address assignment stateless address auto configuration network renumbering and router announcements when changing Internet connectivity provider...

Страница 104: ...DHCP in IPv6 does the same function as DHCP in IPv4 The DHCP server sends IP address DNS server addresses and other possible data to the DHCP client to configure automatically The server also sends a...

Страница 105: ...IP address DNS server addresses and other required parameters to automatically configure the client The diagram above depicts the IPv6 addressing through PPPoE PPPoEv6 server DSLAM on the ISP side pr...

Страница 106: ...ection Type to establish the IPv6 connectivity via WAN 1 Interface Select Static IPv6 when your ISP provides you with a set IPv6 addresses Select DHCPv6 when your ISP provides you with DHCPv6 services...

Страница 107: ...Enable Disable the MLD Snooping function LAN Configuration LAN Configuration Item Value setting Description Global Address A Must filled setting Enter the LAN IPv6 Address for the router Link local Ad...

Страница 108: ...d by default Enter the WAN secondary DNS Server MLD The box is unchecked by default Enable Disable the MLD Snooping function LAN Configuration LAN Configuration Item Value setting Description Global A...

Страница 109: ...Value Range 0 45 characters Connection Control Fixed value The value is Auto reconnect Always on MTU A Must filled setting Enter the MTU for setting up PPPoEv6 connection If you want more information...

Страница 110: ...IPv6 connectivity Select Stateless to manage the Local Area Network to be SLAAC RDNSS Router Advertisement Lifetime A Must filled setting Enter the Router Advertisement Lifetime in seconds 200 is set...

Страница 111: ...d activates the NAT function You also can disable the NAT function in Basic Network WAN Uplink Internet Setup WAN Type Configuration page Usually all local hosts or servers behind corporate gateway ar...

Страница 112: ...her side are you in accessing the email server at the LAN side or at the WAN side you don t need to change the IP address of the mail server Configuration Setting Go to Basic Network Port Forwarding C...

Страница 113: ...hind office gateway You can set up those servers by using Virtual Server feature After trip if want to access those servers from LAN side by global IP without change original setting NAT Loopback can...

Страница 114: ...u to access the WAN global IP address from your inside NAT local network It is useful when you run a server inside your network For example if you set a mail server at LAN side your local devices can...

Страница 115: ...activate this port forwarding function Virtual Computer The box is checked by default Check the Enable box to activate this port forwarding function Save N A Click the Save button to save the setting...

Страница 116: ...w the access coming from any IP addresses Select Specific IP Address to allow the access coming from an IP address Select IP Range to allow the access coming from a specified range of IP address Proto...

Страница 117: ...le Port number Public Port is selected Port Range and specify a port range and Private Port can be selected Single Port or Port Range Value Range 1 65535 for Public Port Private Port When GRE is selec...

Страница 118: ...Virtual Computer Rule Configuration screen will appear Virtual Computer Rule Configuration Item Value setting Description Global IP A Must filled setting This field is to specify the IP address of th...

Страница 119: ...ot expected to receive by applications in the gateway or by other client hosts in the Intranet Certainly the DMZ host is also protected by the gateway firewall Activate the feature and specify the DMZ...

Страница 120: ...Setting Go to Basic Network Port Forwarding DMZ Pass Through tab The DMZ host is a host that is exposed to the Internet cyberspace but still within the protection of firewall by gateway device Enable...

Страница 121: ...le The boxes are checked by default Check the box to enable the pass through function for the IPSec PPTP and L2TP With the pass through function enabled the VPN hosts behind the gateway still can conn...

Страница 122: ...4G PoE IIoT Gateway 2 5 4 Special AP ALG not supported Not supported feature for the purchased product leave it as blank 122...

Страница 123: ...ivate IP address of a local host In addition admin users also map a private IP address range to a public IP address range of equal instances This feature offers another way to make systems behind a fi...

Страница 124: ...Configuration screen will appear IP Translation Configuration Item Value setting Description Mapping Source IP Domain Name 1 A Must filled setting 2 IP is selected by default Specify the mapped IP Dom...

Страница 125: ...55 255 32 subnet mask or an IP group limited with proper subnet setting Physical Interface 1 A Must filled setting 2 All is selected by default Specify the interface to apply the translation rule The...

Страница 126: ...o various network destinations Thus constructing routing tables which are held in the router s memory is very important for efficient routing Most routing algorithms use only one network path at a tim...

Страница 127: ...ackets to be transferred via which gateway interface and which peer gateway to their destination It can be carried out by the Static Routing feature Dedicated packet flows from the Intranet will be ro...

Страница 128: ...ing Rule Configuration window will appear to let you define a static routing rule Enable Static Routing Just check the Enable box to activate the Static Routing feature Static Routing Item Value setti...

Страница 129: ...f this static routing rule Interface Auto is set by default Select the Interface of this static routing rule It can be Auto or the available WAN LAN interfaces Metric 1 Numberic String Format 2 A Must...

Страница 130: ...pports dynamic routing protocols including RIPv1 RIPv2 Routing Information Protocol OSPF Open Shortest Path First and BGP Border Gateway Protocol for you to establish routing table automatically The f...

Страница 131: ...4G PoE IIoT Gateway 131...

Страница 132: ...ing protocol that uses link state routing algorithm It is the most widely used interior gateway protocol IGP in large enterprise networks It gathers link state information from available routers and c...

Страница 133: ...within one AS will links with some other border gateways for exchanging routing information It will distribute the collected data in AS to all routers in other AS As shown in the diagram BGP 0 is gate...

Страница 134: ...Configuration window can let you activate the OSPF dynamic routing protocol and specify its backbone subnet Moreover the OSPF Area List window lists all defined areas in the OSPF network However the...

Страница 135: ...protocol Select Text will enable Text Authentication with entered the Key in this field on OSPF protocol Select MD5 will enable MD5 Authentication with entered the ID and Key in these fields on OSPF p...

Страница 136: ...Mask Notation Ex 192 168 1 0 24 2 A Must filled setting The Area Subnet of this router on OSPF Area List Area ID 1 IPv4 Format 2 A Must filled setting The Area ID of this router on OSPF Area List Area...

Страница 137: ...ed setting The ASN Number of this router on BGP protocol Value Range 1 4294967295 Router ID 1 IPv4 Format 2 A Must filled setting The Router ID of this router on BGP protocol Create Edit BGP Network R...

Страница 138: ...to a maximum of 32 rule sets When Add button is applied BGP Neighbor Configuration screen will appear BGP Neighbor Configuration Item Value setting Description Neighbor IP 1 IPv4 Format 2 A Must fill...

Страница 139: ...IPv4 Format Subnet Mask N A Routing record of Subnet Mask IPv4 Format Gateway IP N A Routing record of Gateway IP IPv4 Format Metric N A Routing record of Metric Numeric String Format Interface N A Ro...

Страница 140: ...current IP address which changes each time you connect your Internet service provider The Dynamic DNS service allows the gateway to alias a public dynamic IP address to a static domain name allowing...

Страница 141: ...Interface IP Address of the gateway Provider DynDNS org Dynamic is set by default Select your DDNS provider of Dynamic DNS It can be DynDNS org Dynamic DynDNS org Custom NO IP com etc Host Name 1 Stri...

Страница 142: ...ox to activate this function Save N A Click Save to save the settings Undo N A Click Undo to cancel the settings If you enabled the DNS Redirect function you have to further specify the redirect rules...

Страница 143: ...ways or WAN Block Always The DNS redirect function can be applied to matched DNS all the time WAN Block The DNS redirect function can be applied to matched DNS only when the WAN connection is disconne...

Страница 144: ...ess It is indeed required that an access gateway satisfies the requirements of latency critical applications minimum access right guarantee fair bandwidth usage for same subscribed condition and flexi...

Страница 145: ...an be based on VLAN ID MAC Address IP Address Host Name or Packet Length Differentiated Services Specify the service type in a QoS rule for the target packets to be applied on Differentiated services...

Страница 146: ...depends on model Outbound Inbound Control One QoS rule can be applied to the outbound or inbound direction of packet flow even them both This feature depends on model Two QoS rule examples are listed...

Страница 147: ...to the code value AF Class2 High Drop he can use the Rule based QoS function to carry out this rule by defining an QoS rule as shown in above configuration Under such configuration all packets from WA...

Страница 148: ...ction Configuration Item Value Setting Description QoS Type 1 Software is selected by default 2 The box is unchecked by default Select the QoS Type from the dropdown list and then click Enable box to...

Страница 149: ...the following WAN Interface Resource screen will show the related resources for configuration Bandwidth of Upstream Downstream Specify total upload download bandwidth of the selected WAN Value Range...

Страница 150: ...ect All WANs or a certain WAN n to filter the packets entering to or leaving from the interface s Group 1 A Must filled setting 2 Src MAC Address is selected by default Specify the Group category for...

Страница 151: ...MAXR field Connection Sessions Select Connection Sessions as the resource type for the QoS Rule and you have to assign supported session number in the Control Function Set Session Limitation field Pri...

Страница 152: ...ed in the rule Group Control If Group Control is selected all the group hosts share the same QoS service resource Time Schedule 1 A Must filled setting 2 0 Always is selected by default Apply Time Sch...

Страница 153: ...iption Item Value setting Description Add N A Click the Add button to configure time schedule rule Delete N A Click the Delete button to delete selected rule s When Add button is applied Time Schedule...

Страница 154: ...ct everyday or one of weekday Start Time Time format hh mm Start time in selected weekday End Time Time format hh mm End time in selected weekday Save N A Click Save to save the settings Undo N A Clic...

Страница 155: ...4G PoE IIoT Gateway 3 2 User not supported Not supported feature for the purchased product leave it as blank 155...

Страница 156: ...Group Configuration screen will appear Host Group Configuration Item Value setting Description Group Name 1 String format can be any text 2 A Must filled setting Enter a group name for the rule It is...

Страница 157: ...A This field will indicate the hosts members contained in the group Bound Services The boxes are unchecked by default Binding the services that the host group can be applied If you enable the Firewall...

Страница 158: ...Server Go to Object Definition External Server External Server tab The External Server setting allows user to add external server Create External Server When Add button is applied External Server Conf...

Страница 159: ...1 The values must be between 1 and 60 Idle Timeout By default 1 The values must be between 1 and 15 Secondary Shared Key String format any text Authentication Protocol By default CHAP is selected Ses...

Страница 160: ...xternal server Server Port A Must filled setting Specify the Port used for the external server If you selected a certain server type the default server port number will be set For Email Server 25 will...

Страница 161: ...endorsements whom the person examining the certificate might know and trust The device also plays as a CA role Certificates are an important component of Transport Layer Security TLS sometimes called...

Страница 162: ...ier in the signature algorithm identifier of certificates Subject Name A Must filled setting This field is to specify the information of certificate Country C is the two letter ISO code for the countr...

Страница 163: ...matically re enroll aging certificates The box is unchecked by default When SCEP is activated check the Enable box to activate this function It will be automatically check which certificate is aging I...

Страница 164: ...ents In addition since it has the root CA it also can sign Certificate Signing Requests CSR to form corresponding certificates for others These certificates can be used for two remote peers to make su...

Страница 165: ...ame Country C TW State ST Taiwan Location L Tainan Organization O AMITHQ Organization Unit OU HQRD Common Name CN HQRootCA E mail hqrootca amit com tw Configuration Path My Certificate Local Certifica...

Страница 166: ...ns to complete the whole user scenario Use default value for those parameters that are not mentioned in the tables Configuration Path My Certificate Local Certificate Configuration Name BranchCRT Self...

Страница 167: ...terface They both serve as the NAT security gateways Gateway 1 generates the root CA and a local certificate HQCRT that is signed by itself Import the certificates of the root CA and HQCRT into the Tr...

Страница 168: ...s or CSRs for representing the gateway The Local Certificate Configuration window can let you fill required information necessary for corresponding certificate to be generated by itself or correspondi...

Страница 169: ...on It has to be email address setting only Extra Attributes A Must filled setting This field is to specify the extra information for generating a certificate Challenge Password for the password you ca...

Страница 170: ...ply button to import the specified certificate file to the gateway PEM Encoded 1 String format can be any text 2 A Must filled setting This is an alternative approach to import a certificate You can d...

Страница 171: ...e used for two remote peers to make sure their identity during establishing a VPN tunnel Scenario Description same as the one described in My Certificate section Gateway 1 generates the root CA and a...

Страница 172: ...or the whole user scenario Configuration Path Trusted Certificate Trusted CA Certificate List Command Button Import Configuration Path Trusted Certificate Trusted CA Certificate Import from a File Fil...

Страница 173: ...Gateway 1 and the Local Certificate List of the Gateway 2 For more details refer to the Network B operation procedure in My Certificate section of this manual Gateway 2 can establish an IPSec VPN tunn...

Страница 174: ...escription Import from a File A Must filled setting Select a CA certificate file from user s computer and click the Apply button to import the specified CA certificate file to the gateway Import from...

Страница 175: ...ation could be specified in External Servers Refer to Object Definition External Server External Server You may click Add Object button to generate CA Identifier 1 String format can be any text Fill i...

Страница 176: ...ort a certificate You can directly fill in Copy and Paste the PEM encoded certificate string and click the Apply button to import the specified certificate to the gateway Apply N A Click the Apply but...

Страница 177: ...ing format can be any text 2 A Must filled setting This is an alternative approach to import a certificate key You can directly fill in Copy and Paste the PEM encoded certificate key string and click...

Страница 178: ...cribed in My Certificate section When the enterprise gateway owns the root CA and VPN tunneling function it can generate its own local certificates by being signed by itself Also imports the trusted c...

Страница 179: ...ts Intranet is 10 0 76 0 24 It has the IP address of 10 0 76 2 for LAN interface and 203 95 80 22 for WAN 1 interface The Gateway 2 is the gateway of Network B in branch office and the subnet of its I...

Страница 180: ...m Value setting Description Certificate Signing Request CSR Import from a File A Must filled setting Select a certificate signing request file you re your computer for importing to the gateway Certifi...

Страница 181: ...easily They can be Virtual COM and Modbus 4 1 1 Port Configuration Before using the supported field communication function like Virtual COM or Modbus you need to configure the physical communication...

Страница 182: ...ace type for connecting to the access device s with the same interface specification Depending on the purchase model the supported interface type could be RS 232 or RS 485 Baud Rate 9600 is set by def...

Страница 183: ...C2217 modes for remote accessing the connected serial device These operation modes are illustrated as below TCP Client Mode When the administrator expects the gateway to actively establish a TCP conne...

Страница 184: ...TCP connection will be automatically disconnected from the host computer by using the TCP alive check timeout or idle timeout settings UDP Mode If both the Remote Host Computer and the serial device a...

Страница 185: ...it is required to specify the IP address of the host computers to establish connection with Any 3rd party driver supporting RFC2217 can be used to install in the host computer the driver establishes a...

Страница 186: ...lso enable full time connection with the TCP server Enable TCP Client Mode Window Item Value setting Description Operation Mode A Must filled setting Select TCP Client Connection Control Always on is...

Страница 187: ...interval for transmitting serial data through the port By default it is set to 0 and the timeout function is disabled Value Range 0 1000ms Save N A Click the Save button to save the configuration Spec...

Страница 188: ...tain TCP clients Max Connection 1 Max 128 connections 2 1 is set by default Set the maximum number of concurrent TCP connections Up to 128 simultaneous TCP connections can be established Value Range 1...

Страница 189: ...ecify TCP Clients Window Item Value setting Description Host A Must filled setting Enter the IP address range of allowed TCP clients Serial Port The box is unchecked by default Check the box to specif...

Страница 190: ...unchecked by default Check the Enable box to activate the corresponding serial port in specified operation mode Save N A Click Save to save the settings Undo N A Click Undo to cancel the settings Spec...

Страница 191: ...nnect Otherwise choose Specific IP to limit certain clients Connection Idle Timeout 1 0 is set by default 2 Range 0 to 3600 sec Enter the idle timeout in minutes The idle timeout is used to disconnect...

Страница 192: ...217 Clients for Access Window Item Value setting Description Host A Must filled setting Enter the IP address range of allowed clients Serial Port The box is unchecked by default Check the box to speci...

Страница 193: ...ault Upload Server The box is unchecked by default Check the Enable box and select a pre defined FTP server from the drop down list You can also click the Add Object button to create a new entry for t...

Страница 194: ...ruments over RS 485 without additional programming or effort NOTE When Modbus devices are connected to under the same serial port of IoT Modbus Gateway those Modbus devices must use the same protocol...

Страница 195: ...tus like Cellular Network Status device DI DO status to remote Modbus Master via Modbus communication With the Slave option enabled the Modbus Master device can request the information or sending cont...

Страница 196: ...port It can be Disable Serial as Slave or Serial as Master A serial port can be attached with one Modbus Master or daisy chained a group of Modbus Salve devices Disable Select this to disable the resp...

Страница 197: ...t sent If the slave does not response within the specified time data would be discarded This applies to the serially attached Master sent request over to the remote Slave or requests send from the rem...

Страница 198: ...the TCP network Item Value setting Description TCP Connection Idle Time 1 300 is set by default 2 Range 1 to 65535 Enter the idle timeout in seconds If the gateway does not receive another TCP request...

Страница 199: ...y settings Item Value setting Description Message Buffering 1 Unchecked by default 2 Buffer up to 32 requests Check the Enable box to buffer up to 32 requests from Modbus Master If the Enable box is c...

Страница 200: ...setting Description IP A Must fill setting Enter the IP address of the remote Modbus TCP Slave device Port 1 A Must fill setting 2 Range 1 to 65535 Enter the TCP port on which the remote Modbus TCP S...

Страница 201: ...nnected 3 Disconnecting 5 Wait for Traffic 6 Diconnected 3 WAN 4 Connection Status R 0 6 0 Disconnected 1 Connecting 2 Connected 3 Disconnecting 5 Wait for Traffic 6 Diconnected 10 3G 4G_SERVICE_TYPE...

Страница 202: ...ed 2 Wait for traffic 3 Disconnected 9 Connecting 104 VPN IPSec tunnel 4 status R 1 Connected 2 Wait for traffic 3 Disconnected 9 Connecting 105 VPN IPSec tunnel 5 status R 1 Connected 2 Wait for traf...

Страница 203: ...3 RS 485 212 Serial Port 1_Baud Rate R Baud Rate Value 213 Serial Port 1_Data Bits R 7 or 8 214 Serial Port 1_Stop Bits R 1 or 2 215 Serial Port 1_Flow Control R 0 None 2 RTS CTS 3 DTR DSR 216 Serial...

Страница 204: ...e collected data in local storage in CSV file format When the network connection recovered admin user can download the data log files manually via FTP or web UI for further reference and maintenance T...

Страница 205: ...its data acquisition process and if required the administrator can also get the stored data log files to tell if everything goes well or not Under the Data Logging Proxy mode user has to create some d...

Страница 206: ...oxy function and execute the pre defined data acquisition task by itself The Modbus request issued by the Modbus Gateway Data Logging Proxy The response data that sent out from the polled Slave device...

Страница 207: ...or Internal depends on the product specification Save NA Click the Save button to save the settings Note 1 If there is no available storage device the Enable checkbox will be grayed and you can t enab...

Страница 208: ...ify a certain read function for the Data Logging Proxy to issue and record the responses from device s Start Address 1 A Must filled setting 2 Range 0 to 65535 Specify the Start Address of registers t...

Страница 209: ...ers Mode Sniffer is selected by default Select an expected data logging scheme for the data logging rule There are five available schemes Sniffer The Modbus gateway will record all the Modbus transcat...

Страница 210: ...specified timeout setting selected proxy rule will be triggered and applied with the data logging rule Note If Off Line proxy scheme is selected the timeout setting will be used to check Otherwise it...

Страница 211: ...pplied Log File Configuration screen will appear Log File Configuration Item Value setting Description Name N A The name of corresponding data log rule will be displayed The default log file name will...

Страница 212: ...delete the transferred log from the gateway storage or not Check the Enable button to activate the function When Storage Full Remove the Oldest is selected by default Specify the operation to take whe...

Страница 213: ...connection through the use of dedicated connections encryption or a combination of the two The tunnel technology supports data confidentiality data origin authentication and data integrity of network...

Страница 214: ...or the tunneling IPSec Tunnel Scenarios To build IPSec tunnel you need to fill in remote gateway global IP and optional subnet if the hosts behind IPSec peer can access to remote site or hosts Under s...

Страница 215: ...tunnel connection The default value can be different for the purchased model Save N A Click Save to save the settings Undo N A Click Undo to cancel the settings Create Edit IPSec tunnel Ensure that t...

Страница 216: ...st to Site or Host to Host If LAN interface is selected only Host to Host scenario is available With Site to Site or Site to Host or Host to Site IPSec operates in tunnel mode The difference among the...

Страница 217: ...bnet setting Remote Gateway 1 A Must fill setting 2 Format can be a ipv4 address or FQDN Specify the Remote Gateway Authentication Configuration Window Item Value setting Description Key Management 1...

Страница 218: ...cate Select User Name for Remote ID and enter the username The username may include but can t be all numbers Select FQDN for Local ID and enter the FQDN Select User FQDN for Remote ID and enter the Us...

Страница 219: ...Note X Auth Client will not be available for Dynamic VPN option selected in Tunnel Scenario Dead Peer Detection DPD 1 Checked by default 2 Default Timeout 180s and Delay 30s Click Enable box to enable...

Страница 220: ...DES 3DES AES 128 AES 192 AES 256 Note None is available when Encapsulation Protocol is set as AH Specify the Authentication method It can be None MD5 SHA1 SHA2 256 Note None and SHA2 256 are availabl...

Страница 221: ...le box to activate the Dynamic IPSec VPN tunnel Tunnel Name 1 A Must fill setting 2 String format can be any text Enter a tunnel name Enter a name that is easy for you to identify Value Range 1 19 cha...

Страница 222: ...N for Local ID and enter the FQDN Select User FQDN for Local ID and enter the User FQDN Select Key ID for Local ID and enter the Key ID English alphabet or number Remote ID An optional setting Specify...

Страница 223: ...pports both OpenVPN Server and OpenVPN Client features to meet different application requirements There are two OpenVPN connection scenarios They are the TAP and TUN scenarios The product can create e...

Страница 224: ...nd operates with layer 2 packets In bridge mode the VPN client is given an IP address on the same subnet as the LAN resided under the OpenVPN server Under such configuration the OpenVPN client can dir...

Страница 225: ...r the gateway to operate Configuration Item Value setting Description OpenVPN The box is unchecked by default Check the Enable box to activate the OpenVPN function Server Client Server Configuration i...

Страница 226: ...r when remote OpenVPN clients dial in and the authentication protocol Configuration Item Value setting Description OpenVPN Configuration File 1 An Optional setting 2 The box is unchecked by default Cl...

Страница 227: ...atic key pre shared authorization mode and the following items Local Endpoint IP Address Remote Endpoint IP Address and Static Key will be displayed Note Static Key will be available only when TUN is...

Страница 228: ...the Enable box to activate the Redirect Default Gateway function Encryption Cipher 1 A Must filled setting 2 By default Blowfish is selected Specify the Encryption Cipher from the dropdown list It can...

Страница 229: ...nal setting 2 String format any text Specify the TLS Auth Key Note TLS Auth Key will be available only when TLS is chosen in Authorization Mode Client to Client The box is checked by default Check the...

Страница 230: ...tion Note Tunnel UDP MSS Fix will be available only when UDP is chosen in Protocol CCD Dir Default File 1 An Optional setting 2 String format any text Specify the CCD Dir Default File Value Range 0 25...

Страница 231: ...another client configuration window OpenVPN Configuration file 1 An Optional setting 2 The box is unchecked by default Click the Enable box to activate the OpenVPN Client configuration via a pre defin...

Страница 232: ...ort for the OpenVPN Client to use Value Range 1 65535 Tunnel Scenario 1 A Must filled setting 2 By default TUN is selected Specify the type of Tunnel Scenario for the OpenVPN Client to use It can be T...

Страница 233: ...Remote Endpoint IP Address of the peer OpenVPN gateway Value Range The IP format is 10 8 0 x the range of x is 1 254 Note Remote Endpoint IP Address will be available only when Static Key is chosen in...

Страница 234: ...Key will be available only when TLS is chosen in Authorization Mode User Name An Optional setting Enter the User account for connecting to an OpenVPN server if the server required it Note User Name w...

Страница 235: ...unchecked by default Check the Enable box to activate the nsCerType Verification function Note nsCerType Verification will be available only when TLS is chosen in Authorization Mode TLS Renegotiation...

Страница 236: ...ls It also maintains User Account list user name password for client login authentication There is a virtual IP pool to assign virtual IP to each connected L2TP client L2TP Client It can be mobile use...

Страница 237: ...sferred based on current routing policy of the gateway at L2TP client peer But if you entered 0 0 0 0 0 in the Remote Subnet field it will be treated as a Default Gateway setting for the L2TP client p...

Страница 238: ...hecked by default Click the Enable box to activate L2TP function Client Server A Must filled setting Specify the role of L2TP Select Server or Client role your gateway will take Below are the configur...

Страница 239: ...P server ending IP of virtual IP pool It will set as the ending IP which assign to L2TP client Value Range Starting Address and Starting Address 8 or 254 Authentication Protocol A Must filled setting...

Страница 240: ...can create and add accounts for remote clients to establish L2TP VPN connection to the gateway device Click Add button to add user account Enter User name and password Then check the enable box to en...

Страница 241: ...setting Description L2TP Client The box is unchecked by default Check the Enable box to enable L2TP client role of the gateway Save N A Click Save button to save the settings Undo N A Click Undo butt...

Страница 242: ...filled setting Enter the Password for this L2TP tunnel to be authenticated when connect to L2TP server Tunneling Password Optional An Optional filled setting Enter the Tunneling Password for this L2TP...

Страница 243: ...ax Failure Time User defined enter the Interval and Max Failure Time The default value for Interval is 30 seconds and Maximum Failure Times is 6 Times Disable disable the LCP Echo Value Range 1 99999...

Страница 244: ...TP PPTP Server It must have a static IP or a FQDN for clients to create PPTP tunnels It also maintains User Account list user name password for client login authentication There is a virtual IP pool t...

Страница 245: ...sferred based on current routing policy of the gateway at PPTP client peer But if you entered 0 0 0 0 0 in the Remote Subnet field it will be treated as a Default Gateway setting for the PPTP client p...

Страница 246: ...to activate PPTP function Client Server A Must fill setting Specify the role of PPTP Select Server or Client role your gateway will take Below are the configuration windows for PPTP Server and for Cl...

Страница 247: ...P server s Virtual IP DHCP server User can specify the last IP address for the subnet from which the PPTP client s IP address will be assigned Value Range Starting Address and Starting Address 8 or 25...

Страница 248: ...t The selected user account can permanently be deleted by clicking the Delete button Value Range 1 32 characters As a PPTP Client When select Client in Client Server a series PPTP Client Configuration...

Страница 249: ...nel to be authenticated when connect to PPTP server Value Range 1 32 characters Password A Must fill setting Enter the Password for this PPTP tunnel to be authenticated when connect to PPTP server Rem...

Страница 250: ...ll not be available NAT before Tunneling 1 A Must filled setting 2 Unchecked by default Specify whether NAT is required or not for this PPTP tunnel LCP Echo Type Auto is set by default Specify the LCP...

Страница 251: ...l each peer needs to setup its global IP as tunnel IP and fill in the other s global IP as remote IP Besides each peer must further specify the Remote Subnet item It is for the Intranet of GRE server...

Страница 252: ...4G PoE IIoT Gateway 252...

Страница 253: ...ox to enable GRE function Max Concurrent GRE Tunnels Depends on Product specification The specified value will limit the maximum number of simultaneous GRE tunnel connection The default value can be d...

Страница 254: ...the largest packet size permitted for Internet transmission When set to Auto value 0 or blank the router selects the best MTU for best Internet connection performance Value Range 0 1500 Key An Optiona...

Страница 255: ...te GRE server peer controls the flow of any packets from the GRE client peer Certainly those packets come through the GRE tunnel Tunnel Unchecked by default Check Enable box to enable this GRE tunnel...

Страница 256: ...wall The firewall functions include Packet Filter URL Blocking Content Filter MAC Control Application Filter IPS and some firewall options The supported function can be different for the purchased gat...

Страница 257: ...llow those match the following rules and define the rules Rule 1 is to allow HTTP packets to pass and Rule 2 is to allow HTTPS packets to pass Under such configuration the gateway will allow only HTTP...

Страница 258: ...ick Save to save the settings Undo N A Click Undo to cancel the settings Create Edit Packet Filter Rules The gateway allows you to customize your packet filtering rules It supports up to a maximum of...

Страница 259: ...Must filled setting 2 By default Any is selected This field is to specify the Destination IP address Select Any to filter packets that are entering to any IP addresses Select Specific IP Address to f...

Страница 260: ...pecify a port range Then for Destination Port select a predefined port dropdown box when Well known Service is selected otherwise select User defined Service and specify a port range Value Range 1 655...

Страница 261: ...ted in the rule list will be blocked if one pattern in the requests matches to one rule Other Web requests can pass through the gateway In contrast when you choose Deny all to pass except those match...

Страница 262: ...ain Name Keyword the destination service ports the integrated time schedule rule and the rule activation Enable URL Blocking Configuration Item Value setting Description URL Blocking The box is unchec...

Страница 263: ...to filter packets coming from a MAC address entered in this field Select MAC Address based Group to filter packets coming from a pre defined group selected Note group must be pre defined before this...

Страница 264: ...ateway Rule The box is unchecked by default Click the Enable box to activate this rule Save NA Click the Save button to save the settings Undo NA Click the X button to cancel the changes and back to l...

Страница 265: ...dresses he can use the MAC Control function to reject with the black list configuration MAC Control with Black List Scenario As shown in the diagram enable the MAC control function and specify the MAC...

Страница 266: ...t Deny MAC Address Below is set by default When Deny MAC Address Below is selected as the name suggest packets specified in the rules will be blocked black listed In contrast with Allow MAC Address Be...

Страница 267: ...rol rule name Enter a name that is easy for you to remember MAC Address Use to Compose 1 MAC Address string Format 2 A Must fill setting Specify the Source MAC Address to filter rule Time Schedule A M...

Страница 268: ...4G PoE IIoT Gateway 5 2 4 Content Filter not supported Not supported feature for the purchased product leave it as blank 268...

Страница 269: ...4G PoE IIoT Gateway 5 2 5 Application Filter not supported Not supported feature for the purchased product leave it as blank 269...

Страница 270: ...out this activity attempt to block stop it and report it You can enable the IPS function and check the listed intrusion activities when needed You can also enable the log alerting so that system will...

Страница 271: ...on IPS The box is unchecked by default Check the Enable box to activate IPS function Log Alert The box is unchecked by default Check the Enable box to activate to activate Event Log Save N A Click Sav...

Страница 272: ...d in this field ICMP Flood Defense Click Enable box to activate this intrusion prevention rule and enter the traffic threshold in this field Value Range 10 10000 Port Scan Defection 1 A Must filled se...

Страница 273: ...lt 3 Traffic threshold is set to 300 by default 4 The value range can be from 10 to 10000 Click Enable box to activate this intrusion prevention rule and enter the traffic threshold in this field Valu...

Страница 274: ...rd the packet information like IP address port address ACK SEQ number and so on while they pass through the gateway and the gateway checks every incoming packet to detect if this packet is valid Disca...

Страница 275: ...ts but use different source IP to masquerade With the SPI feature been enabled at the gateway it will block such packets from unknown users Discard Ping from WAN Remote Administrator Hosts Scenario Di...

Страница 276: ...The box is unchecked by default Check the Enable box to activate the Stealth Mode function SPI The box is checked by default Check the Enable box to activate the SPI function Discard Ping from WAN Th...

Страница 277: ...ect Specific IP to allow the remote host coming from a specific subnet An IP address entered in this field and a selected Subnet Mask to compose the subnet Service Port 1 80 for HTTP by default 2 443...

Страница 278: ...practice computer systems Centralized management has a time and effort trade off that is related to the size of the company the expertise of the IT staff and the amount of technology being used This d...

Страница 279: ...backup the existed command script in a txt file You can specify the script file name in Script Name below Upload Script N A Click the Via Web UI or Via Storage button to Upload the existed command scr...

Страница 280: ...command set to configure you can configure them with proprietary command set Configuration Content Key Value setting Description OPENVPN_ENABLED 1 enable 0 disable Enable or disable OpenVPN Client fun...

Страница 281: ...ry the system checks the connection by sending DNS Query packets to the destination specified in PPP_PING_IPADDR With ICMP Query the system will check connection by sending ICMP request packets to the...

Страница 282: ...lain text system config ex txtConfig enable disable NA Disable plain text system config ex txtConfig disable run_immediately NA Apply the configuration content that has been committed in database ex t...

Страница 283: ...th your ISP or the ACS provider for help At the right upper corner of TR 069 Setting screen one Help command let you see the same message about that Scenario Managing deployed gateways through an ACS...

Страница 284: ...ation Procedure In above diagram the ACS server can manage multiple gateways in the Internet The Gateway 1 is one of them and has 118 18 81 33 IP address for its WAN 1 interface When all remote gatewa...

Страница 285: ...tion to login the ACS server the service port and the account information for connection requesting from the ACS server and the time interval for job inquiry Except the inquiry time there are no activ...

Страница 286: ...sk ACS manager provide ACS ConnectionRequest Port and manually set Value Range 0 65535 ConnectionRequest UserName A Must filled setting You can ask ACS manager provide ACS ConnectionRequest Username a...

Страница 287: ...m Specify the IP address for the expected STUN Server Server Port 1 An optional setting 2 3478 is set by default Specify the port number for the expected STUN Server Value Range 1 65535 Keep Alive Per...

Страница 288: ...ta on the managed systems as variables The protocol also permits active management tasks such as modifying and applying a new configuration through remote modification of these variables The variables...

Страница 289: ...ge IP address can manage the devices but other remote NMS can t Parameter Setup Example Following tables list the parameter configuration as an example for the Gateway 1 in above diagram with SNMP ena...

Страница 290: ...e manager uses SNMPv3 protocol for configuring the Gateway 1 Only the UserName1 account can let the Gateway 1 accept the configuration from the NMS since the authority of the account is Read Write Onc...

Страница 291: ...WAN box it will activate SNMP functions and you can access SNMP from WAN side WAN Interface 1 A Must filled setting 2 ALL WANs is selected by default Specify the WAN interface that a remote SNMP host...

Страница 292: ...settings Create Edit Multiple Community The SNMP allows you to custom your access control for version 1 and version 2 user The router supports up to a maximum of 10 community sets When Add button is...

Страница 293: ...ust filled setting 2 String format any text Specify the User Name for this version 3 user Value Range 1 32 characters Password 1 String format any text When your Privacy Mode is authNoPriv or authPriv...

Страница 294: ...1 The default value is 1 2 A Must filled setting 3 String format any legal OID The OID Filter Prefix restricts access for this version 3 user to the sub tree rooted at the given OID Value Range 1 208...

Страница 295: ...g Description Server IP 1 A Must filled setting 2 String format any IPv4 address or FQDN Specify the trap Server IP or FQDN The DUT will send trap to the server IP FQDN Server Port 1 String format any...

Страница 296: ...the authNoPriv You must specify the Authentication and Password Selected the authPriv You must specify the Authentication Password Encryption and Privacy Key Authentication 1 A v3 Must filled setting...

Страница 297: ...t Specify the location information forMIB 2 system Value Range 0 64 characters Edit SNMP Options If you use some particular private MIB you must fill the enterprise name number and OID Options Item Va...

Страница 298: ...g format any legal OID Specify the Enterprise OID for the particular private MIB The range of the each OID number is 1 2080768 The maximum length of the enterprise OID is 31 The seventh number must be...

Страница 299: ...supports both Telnet and SSH Secure Shell CLI with default service port 23 and 22 respectively Telnet SSH Scenario Scenario Application Timing When the administrator of the gateway wants to manage it...

Страница 300: ...Operation Procedure In above diagram Local Admin or Remote Admin can manage the Gateway in the Intranet or Internet The Gateway is the gateway of Network A and the subnet of its Intranet is 10 0 75 0...

Страница 301: ...The LAN Enable box is checked by default 2 By default Service Port is 23 Check the Enable box to activate the Telnet function for connecting from LAN or WAN interfaces You can set which number of Serv...

Страница 302: ...cify new password to change root password Note_1 You are highly recommended to change the default telnet password with yours before the device is deployed Note_2 If you have trouble for the default pa...

Страница 303: ...n allows network administrator to setup change the host name of the gateway Click the Modify button and provide the new username setting Username Configuration Item Value setting Description Host Name...

Страница 304: ...inistrator to change the web based MMI login password to access gateway Password Configuration Item Value setting Description Old Password 1 String any text 2 The default password for web based MMI is...

Страница 305: ...ge 30 65535 GUI Access Protocol http https is selected by default Select the protocol that will be used for GUI access It can be http https http only or https only HTTPs Certificate Setup The default...

Страница 306: ...4G PoE IIoT Gateway check during the device booting Save N A Click Save button to save the settings Undo N A Click Undo button to cancel the settings 306...

Страница 307: ...Device Serial Number N A It displays the serial number of this product Kernel Version N A It displays the Linux kernel version of the product FW Version N A It displays the firmware version of the pr...

Страница 308: ...te with time server by NTP Protocol to get system date and time after you click on the Synchronize immediately button The second one is Sync with my PC Select the method and the system will synchroniz...

Страница 309: ...r the device otherwise you will just get the UTC Coordinated Universal Time time not the local time for the device Synchronize with Manually Setting System Time Information Item Value Setting Descript...

Страница 310: ...method for the system time to let system synchronize its date and time to the time of the administration PC NTP Service 1 It is an optional item 2 Un checked by default Check the Enable button to act...

Страница 311: ...h Cellular WAN interface Time Zone 1 A Must filled item 2 GMT 00 00 is selected by default Select a time zone where this device locates NTP Service 1 It is an optional item 2 Un checked by default Che...

Страница 312: ...S interface Time Zone 1 A Must filled item 2 GMT 00 00 is selected by default Select a time zone where this device locates NTP Service 1 It is an optional item 2 Un checked by default Check the Enable...

Страница 313: ...m Log tab View Email Log History View button is provided for network administrator to view log history on the gateway Email Now button enables administrator to send instant Email for analysis View Ema...

Страница 314: ...k N A Click the Back button to return to the previous page Web Log Type Category Web Log Type Category screen allows network administrator to select the type of events to log and be displayed in the W...

Страница 315: ...r from the Server dropdown box to send Email If none has been available click the Add Object button to create an outgoing Email server You may also add an outgoing Email server from Object Definition...

Страница 316: ...o select the type of events to log and be stored at an internal or an external storage Log to Storage Setting Window Item Value Setting Description Enable Un checked by default Check to enable sending...

Страница 317: ...Button Description Item Value setting Description Download log file N A Click the Download log file button to download log files to a log tar file Clear Logs N A Click the Clear logs button to delete...

Страница 318: ...o specify the file name of new firmware by using Browse button and then click Upgrade button to start the FW upgrading process on this device If you want to upgrade a firmware which is from GPL policy...

Страница 319: ...this device by clicking the Reboot button and reset this device to default settings by clicking the Reset button System Operation Window Item Value Setting Description Reboot Now is selected by defaul...

Страница 320: ...chnologically different This gateway embedded FTP SFTP server for administrator to download the log files to his computer or database In the following two sections you can configure the FTP server and...

Страница 321: ...d to the storage FTP Port Port 21 is set by default Specify a port number for FTP connection The gateway will listen for incoming FTP connections on the specified port Value Range 1 65535 Timeout 300...

Страница 322: ...supported by default FTPS FTP over SSL TLS Optional setting Check the Enable box to activate the support of secure connections via SSL TLS Enable SFTP Server Configuration Item Value setting Descript...

Страница 323: ...String non blank string Enter the user account for login to the FTP server Value Range 1 15 characters Password String no blank Enter the user password for login to the FTP server Directory N A Selec...

Страница 324: ...hether it is alive after clicking on the Ping button A test result window will appear beneath it Tracert Test Optional setting Trace route tracert command is a network diagnostic tool for displaying t...

Страница 325: ...4G PoE IIoT Gateway Save N A Click the Save button to save the configuration 325...

Страница 326: ...me is Interface _ Date _ index Enter the file name to save the captured packets in log storage If Split Files option is also enabled the file name will be appended with an index code _ index The exten...

Страница 327: ...c Interface s you can further specify some filter rules to capture the packets which matched the rules Capture Fitters Item Value setting Description Filter Optional setting Check Enable box to activa...

Страница 328: ...kets which match the rule will be captured Up to 10 MACs are supported but they must be separated with e g AA BB CC DD EE FF 11 22 33 44 55 66 The packets will be captured when match any one MAC in th...

Страница 329: ...ting with carrier ISP by USSD command or doing a cellular network scan for diagnostic purpose In Cellular Toolkit section it includes several useful features that are related to cellular configuration...

Страница 330: ...to secondary SIM and establish another cellular data connection with secondary SIM automatically If Data Usage feature is enabled all history of cellular data usage can be viewed at Status Statistics...

Страница 331: ...interface 3G 4G 1 or 3G 4G 2 and a SIM card bound to the selected cellular interface to configure its data usage profile Note 3G 4G 2 is only available for for the product with dual cellular module C...

Страница 332: ...activate the connection restriction function During the specified cycle period if the actual data usage exceeds the allowable data limitation the cellular connection will be forced to disconnect Enab...

Страница 333: ...1 or 3G 4G 2 for the following SMS function configuration Note 3G 4G 2 is only available for for the product with dual cellular module SMS The box is checked by default This is the SMS switch If the b...

Страница 334: ...is value plus one Sent SMS N A This value record the number of out going SMS When sent one SMS this value plus one Remaining SMS N A This value is SMS capacity minus received SMS When received the new...

Страница 335: ...context length Send N A Click the Send button above text message will be sent as a SMS Result N A If SMS has been sent successfully it will show Send OK otherwise Send Failed will be displayed SMS In...

Страница 336: ...n read or delete SMS from this screen SMS Sent Folder Item Value setting Description ID N A The number of SMS Receivers N A Receiver list for the sent SMS Timestamp N A What time the SMS is sent SMS T...

Страница 337: ...nage PIN code on a SIM card through its web GUI Activate PIN code on SIM Card This gateway device allows you to activate PIN code on SIM card This example shows how to activate PIN code on SIM A for 3...

Страница 338: ...4G PoE IIoT Gateway 338...

Страница 339: ...e SIM PIN setting for the selected SIM Card Note 3G 4G 2 is only available for for the product with dual cellular module SIM Status N A Indication for the selected SIM card and the SIM card status The...

Страница 340: ...case if you still want to change the PIN code you have to enable the SIM Lock function first fill in the PIN code and then click the Save button to enable After that You can click the Change PIN code...

Страница 341: ...ed by PUK code after too many trials of failure PIN code In this case the PUK Status will turns to PUK Lock In a normal situation it will display PUK Unlock Remaining times Depend on SIM card Represen...

Страница 342: ...phanumeric characters in length Unlike Short Message Service SMS messages USSD messages create a real time connection during an USSD session The connection remains open allowing a two way exchange of...

Страница 343: ...n the Send button for the session The responses from the USSD server will be displayed beneath the USSD Command line When commands typed in the USSD Command field are sent received responses will be d...

Страница 344: ...ments N A Enter a brief comment for the profile Send USSD Request When send the USSD command the USSD Response screen will appear When click the Clear button the USSD Response will disappear USSD Requ...

Страница 345: ...ne after another You can also specify the connection sequence of the targeted generation of mobile system 2G 3G LTE Network Scan Configuration Configuration Item Value setting Description Physical Int...

Страница 346: ...when the Manually Scan Approach is selected in the Configuration window By clicking on the Scan button and wait for 1 to 3 minutes the found mobile operator system will be displayed for you to choose...

Страница 347: ...fic functionality of the gateway On receiving the managing event the gateway will take action to change the functionality collect the required status for administration and also change the status of a...

Страница 348: ...nts Trigger Type Digital Input Power Change Connection Change WAN LAN VLAN WiFi DDNS Administration Modbus and Data Usage Actions Notify the administrator with SMS Syslog SNMP Trap or Email Alert Chan...

Страница 349: ...the SMS management function you have to configure some important settings first SMS Configuration Item Value setting Description Message Prefix The box is unchecked by default Click the Enable box to...

Страница 350: ...a mobile phone number as the SMS account identifier if required It can be Specific Number or Allow Any If Specific Number is selected you have to specify the phone number as the SMS account identifier...

Страница 351: ...configure the Email account Email Service Configuration Item Value setting Description Email Server Option Select an Email Server profile from External Server setting for the email account setting Em...

Страница 352: ...Contiune Update Status The box is unchecked by default Click Enable box to activate this function for the DI event with designated update interval setting If the event condition keeps active for a lo...

Страница 353: ...the profile DO Source ID1 by default Specify the DO Source It could be ID1 Normal Level Low by default Specify the Normal Level It could be Low or High Total Signal Period 1 Numberic String format 2 A...

Страница 354: ...ription for the profile Read Function Read Holding Registers by default Specify the Read Function for Notifying Events Modbus Mode Serial by default Specify the Modbus Mode It could be Serial or TCP I...

Страница 355: ...profile setting Save NA Click the Save button to save the configuration Undo NA Click the Undo button to restore what you just configured back to the previous setting Create Edit Modbus Managing Even...

Страница 356: ...format 2 A Must filled setting Specify the Device ID of the modbus device Value Range 1 247 Register 1 Numberic String format 2 A Must filled setting Specify the Register number of the modbus device V...

Страница 357: ...number for accessing the Remote Host Value Range 1 65535 Prefix Message 1 String format 2 An Optional filled setting Specify the Prefix Message string as pre defined identification for accessing the r...

Страница 358: ...Events Tab Enable Managing Events Configuration Item Value setting Description Managing Events The box is unchecked by default Check the Enable box to activate the Managing Events function Create Edit...

Страница 359: ...p and fill the message in the textbox to specify SNMP Trap Event Digital Input Select Digital Input and a DI profile you defined to specify a certain Digital Input Event Note The available Event Type...

Страница 360: ...lient On Off OpenVPN Client On Off the gateway will change the settings as the action for the event GRE Select GRE Checkbox and the interested sub items GRE Tunnel On Off the gateway will change the s...

Страница 361: ...handlers Enable Notifying Events Configuration Item Value setting Description Notifying Events The box is unchecked by default Check the Enable box to activate the Notifying Events function Create Ed...

Страница 362: ...dition to specify a certain LAN VLAN Event WiFi Select WiFi and a trigger condition to specify a certain WiFi Event DDNS Select DDNS and a trigger condition to specify a certain DDNS Event Administrat...

Страница 363: ...unts as the action for the event Modbus Select Modbus and a Modbus Notifying Event profile you defined as the action for the event Remote Host Select Remote Host checkbox and a Remote Host profile you...

Страница 364: ...status for the gateway They are the System Information System Information History and Network Interface Status The display will be refreshed once per second From the menu on the left select Status Da...

Страница 365: ...tistic graphs for the CPU and memory Network Interface Status The Network Interface Status screen shows the statistic information for each network interface of the gateway The statistic information in...

Страница 366: ...chased it can be Static IP Dynamic IP PPPoE PPTP L2TP 3G 4G Network Type N A It displays the network type for the WAN interface s Depending on the model purchased it can be NAT Routing Bridge or IP Pa...

Страница 367: ...Connection Control in WAN Type setting is set to Connect Manually Refer to Edit button in Basic Network WAN Uplink Internet Setup and WAN connection status is connected WAN interface IPv6 Network Sta...

Страница 368: ...Address N A It displays the current IPv6 global IP address assigned by your ISP for your Internet connection MAC Address N A It displays the LAN MAC Address of the gateway Action N A This area provid...

Страница 369: ...Information Refer to next page for more When the Detail button is pressed 3G 4G modem information windows such as Modem Information SIM Status Service Information Signal Strength Quality and Error Mes...

Страница 370: ...ateway LAN Client List Item Value setting Description LAN Interface N A Client record of LAN Interface String Format IP Address N A Client record of IP Address Type and the IP Address Type is String F...

Страница 371: ...ays whether the VAP wireless signal is enabled or disabled Op Mode N A The WiFi Operation Mode of VAP Depends of device model modes are AP Router WDS Only and WDS Hybrid Universal Repeater and Client...

Страница 372: ...me N A It displays the receiving Probe Request Frame count Disassociation Frame N A It displays the receiving Disassociation Frame count Deauthentication Frame N A It displays the receiving Deauthenti...

Страница 373: ...and N A It displays the Wi Fi Operation Band 2 4G or 5G of VAP ID N A It displays the VAP ID Received Packets N A It displays the number of reveived packets Transmitted Packet N A It displays the numb...

Страница 374: ...DDNS service provider Provider N A It displays the DDNS server of DDNS service provider Effective IP N A It displays the public IP address of the device updated to the DDNS server Last Update Status...

Страница 375: ...IPSec Tunnel Status IPSec Tunnel Status windows show the configuration for establishing IPSec VPN connection and current connection status IPSec Tunnel Status Item Value setting Description Tunnel Na...

Страница 376: ...It displays the public IP address the WAN IP address of the connected OpenVPN Client Virtual IP MAC N A It displays the virtual IP MAC address assigned to the connected OpenVPN client Conn Time N A It...

Страница 377: ...he TCP UDP Write Bytes of OpenVPN Client Connection Conn Time N A It displays the connection time for the corresponding OpenVPN tunnel Conn Status N A It displays the connection status of the correspo...

Страница 378: ...L2TP tab L2TP Client Status Item Value setting Description Client Name N A It displays Name for the L2TP Client specified Interface N A It displays the WAN interface with which the gateway will use t...

Страница 379: ...N PPTP tab PPTP Client Status Item Value setting Description Client Name N A It displays Name for the PPTP Client specified Interface N A It displays the WAN interface with which the gateway will use...

Страница 380: ...etting Description Activated Filter Rule N A This is the Packet Filter Rule name Detected Contents N A This is the logged packet information including the source IP destination IP protocol and destina...

Страница 381: ...format Time N A Logged packet of the Date Time Date time format Month Day Hours Minutes Seconds Note Ensure Web Content Filter Log Alert is enabled Refer to Security Firewall Web Content Filter tab C...

Страница 382: ...at Month Day Hours Minutes Seconds Note Ensure Application Filter Log Alert is enabled Refer to Security Firewall Application Filter tab Check Log Alert and save the setting IPS Status IPS Firewall St...

Страница 383: ...tatus of Discard Ping from WAN on Firewall Options String Format Disable or Enable Remote Administrator Management N A Enable or Disable setting status of Remote Administrator If Remote Administrator...

Страница 384: ...ntication This is only available for SNMP version 3 IP Address N A It displays the IP address of SNMP manager Port N A It displays the port number used to maintain connection with the SNMP manager Com...

Страница 385: ...ction status with the TR 068 server TR 069 Status Item Value setting Description Link Status N A It displays the current connection status with the TR 068 server The connection status is either On whe...

Страница 386: ...n Log Storage tab The Log Storage Status screen shows the status for selected device storage Log Storage Status Log Storage Status screen shows the status of current the selected device storage The st...

Страница 387: ...button you will see the previous page of track list Next N A Click the Next button you will see the next page of track list First N A Click the First button you will see the first page of track list...

Страница 388: ...us Statistics Reports Network Traffic tab Network Traffic Statistics screen shows the historical graph for the selected network interface You can change the interface drop list and select the interfac...

Страница 389: ...ics Next N A Click the Next button you will see the next page of login statistics First N A Click the First button you will see the first page of login statistics Last N A Click the Last button you wi...

Страница 390: ...5 4 Cellular Usage Go to Status Statistics Reports Cellular Usage tab Cellular Usage screen shows data usage statistics for the selected cellular interface The cellular data usage can be accumulated p...

Страница 391: ...rg brctl ethernet bridge administration Stephen Hemminger shemminger osdl org Lennert Buytenhek buytenh gnu org version 1 1 GNU GENERAL PUBLIC LICENSE Version 2 June 1991 tc show manipulate traffic co...

Страница 392: ...oston MA 02111 1307 USA Everyone is permitted to copy and distribute verbatim copies of this license document but changing it is not allowed https www openswan org Opennhrp Version v0 14 1 OpenNHRP is...

Страница 393: ...All software included in this package is Copyright 2002 Roaring Penguin Software Inc You may distribute it under the terms of the GNU General Public License the GPL Version 2 or at your option any la...

Страница 394: ...chusetts Institute of Technology and its contributors OpenLDAP a suite of the Lightweight Directory Access Protocol v3 servers clients utilities and development tools Version 2 4 Copyright 1998 2014 T...

Страница 395: ...opyright C 1998 2004 WIDE Project BSD License https sourceforge net projects wide dhcpv6 Python version 2 7 12 This Python distribution contains no GNU General Public Licensed GPLed code so it may be...

Отзывы:

Нет отзывов