B+B SmartWorx V3 Скачать руководство пользователя страница 62

Страница: 62 / 112

4. CONFIGURATION

Continued from previous page

Item

Description

IKE Lifetime

Lifetime key service part of tunnel. The minimum value of this
parameter is 60 s. The maximum value is 86400 s.

Rekey Margin

Specifies how long before connection expiry should attempt to
negotiate a replacement begin. Maximum value must be less
than half of IKE and Key Lifetime parameters.

Rekey Fuzz

Percentage extension of Rekay Margin time

DPD Delay

Time after which the IPsec tunnel functionality is tested

DPD Timeout

The period during which device waits for a response

Authenticate Mode

Using this parameter can be set authentication:

•

Pre-shared key

– sets the shared key for both sides of the

tunnel

•

X.509 Certificate

– allows X.509 authentication in multi-

client mode

Pre-shared Key

Shared key for both sides for Pre-shared key authentication

CA Certificate

Certificate for X.509 authentication

Remote Certificate

Certificate for X.509 authentication

Local Certificate

Certificate for X.509 authentication

Local Private Key

Private key for X.509 authentication

Local Passphrase

Passphrase for X.509 authentication

Extra Options

Use this parameter to define additional parameters of the IPsec
tunnel, for example secure parameters etc.

Table 37: IPsec tunnel configuration

IPsec supports the following types of identifiers (ID) of both tunnel sides (

Remote ID

and

Local ID

items):

•

IP address (e.g. 192.168.1.1)

•

DN (e.g. C=CZ,O=Conel,OU=TP,CN=A)

•

FQDN (e.g. @director.conel.cz) –

in front of FQDN must always be @

•

User FQDN (e.g. [email protected])

The certificates and private keys have to be in PEM format. As certificate it is possible to

use only certificate which has start and stop tag certificate.

Содержание V3

Страница 1: ...Configuration Manual for v3 Routers ...

Страница 2: ...ise in specific cases Information notice information which contains useful advice or special interest Firmware version Actual version of firmware is 5 1 0 March 17 2015 GPL licence Source codes under GPL licence are available free of charge by sending an email to info conel cz Conel s r o Sokolska 71 562 04 Usti nad Orlici Czech Republic Manual Rev 1 released in CZ June 3 2015 i ...

Страница 3: ...16 4 Configuration 18 4 1 LAN Configuration 18 4 2 Mobile WAN Configuration 23 4 2 1 Connection to Mobile Network 23 4 2 2 DNS Address Configuration 24 4 2 3 Check Connection to Mobile Network Configuration 24 4 2 4 Data Limit Configuration 25 4 2 5 Switch Between SIM Cards Configuration 26 4 2 6 PPPoE Bridge Mode Configuration 27 4 3 PPPoE Configuration 30 4 4 WiFi Configuration 31 4 5 WLAN Confi...

Страница 4: ...onfiguration 86 5 Customization 88 5 1 User Modules 88 6 Administration 90 6 1 Change Profile 90 6 2 Change Password 90 6 3 Set Real Time Clock 91 6 4 Set SMS Service Center Address 91 6 5 Unlock SIM Card 91 6 6 Send SMS 92 6 7 Backup Configuration 92 6 8 Restore Configuration 92 6 9 Update Firmware 93 6 10 Reboot 93 7 Configuration in Typ Situations 94 7 1 Access to the Internet from LAN 94 7 2 B...

Страница 5: ...mple 2 Mobile WAN configuration 29 20 Example 3 Mobile WAN configuration 29 21 PPPoE configuration 30 22 WiFi configuration 34 23 WLAN configuration 36 24 Backup Routes 37 25 Firewall configuration 40 26 Topology of example firewall configuration 41 27 Example firewall configuration 41 28 Example 1 Topology of NAT configuration 43 29 Example 1 NAT configuration 44 30 Example 2 topology of NAT conf...

Страница 6: ...figuration 83 60 Startup script 84 61 Example of Startup script 84 62 Up Down script 85 63 Example of Up Down script 85 64 Example of automatic update 1 87 65 Example of automatic update 2 87 66 User modules 88 67 Added user module 88 68 Change profile 90 69 Change password 90 70 Set real time clock 91 71 Set SMS service center address 91 72 Unlock SIM card 91 73 Send SMS 92 74 Restore configurati...

Страница 7: ...Backup Routes configuration 99 86 Secure networks interconnection topology of the example 100 87 Secure networks interconnection OpenVPN configuration 101 88 Serial Gateway topology of the example 102 89 Serial Gateway konfigurace Expansion Port 1 103 vi ...

Страница 8: ...e WAN connection configuration 23 18 Check connection to mobile network configuration 25 19 Data limit configuration 25 20 Default and backup SIM configuration 26 21 Switch between SIM card configurations 27 22 Switch between SIM card configurations 27 23 PPPoE configuration 30 24 WiFi configuration 34 25 WLAN configuration 35 26 Configuration of DHCP server 36 27 Backup Routes 38 28 Filtering of ...

Страница 9: ...configuration 69 53 Send SMS configuration 70 54 Control via SMS configuration 71 55 Control SMS 71 56 Send SMS on serial PORT1 configuration 72 57 Send SMS on serial PORT2 configuration 72 58 Send SMS on ethernet PORT1 configuration 72 59 List of AT commands 73 60 Expansion Port configuration serial interface 77 61 Expansion Port configuration Check TCP connection 77 62 CD signal description 77 6...

Страница 10: ...uch as DHCP NAT NAT T DynDNS NTP VRRP control by SMS backup primary connection and many other Automatic check of PPP connection offering an automatic restart feature in case of connection fail hardware watchdog monitoring the status of the router It s possible to insert Linux scripts for various actions Several different configurations for one LTE wireless router and the option to switch between t...

Страница 11: ...ss of the router into your browser The default IP address of the router is 192 168 1 1 and only access via secured HTTPS protocol is available That im plies the adress of the router has to be in https 192 168 1 1 syntax When accessing for the first time it will be necessary to install a security certificate To prevent the domain disagree ment message of your browser follow the procedure described ...

Страница 12: ...el If RST button pressed configuration would restore to default and the router would reboot green LED would be on 2 1 Preventing the domain disagreement message Since the domain name in the certificate is the given MAC address of the router it is necessary to access the router via this domain name use dash separators instead of colons To enable this add a DNS record in your DNS system Edit etc hos...

Страница 13: ...face flags IP Address IP address of the interface MTU Maximum packet size that the equipment is able to transmit Rx Data Total number of received bytes Rx Packets Received packets Rx Errors Erroneous received packets Rx Dropped Dropped received packets Rx Overruns Lost received packets because of overload Tx Data Total number of sent bytes Tx Packets Sent packets Tx Errors Erroneous sent packets T...

Страница 14: ...between different modes of operation Supply Voltage Supply voltage of the router Temperature Temperature in the router Time Current date and time Uptime Indicates how long the router is used Table 3 System Information 3 2 Mobile WAN Status The Mobile WAN menu item contains current information about connections to the mobile network The first part of this page Mobile Network Information displays ba...

Страница 15: ...anufacturer Model Type of module Revision Revision of module IMEI IMEI International Mobile Equipment Identity number of module ESN ESN Electronic Serial Number number of module for CDMA routers MEID MEID number of module ICCID Integrated Circuit Card Identifier is international and unique serial number of the SIM card Table 4 Mobile Network Information Highlighted in red adjacent cells have a clo...

Страница 16: ...nnection to mobile network is established to the time when the router is turned on After you place your cursor on the maximum or minimum signal strength the last time when the router reached this signal strength is displayed In the middle part of this page is displayed information about transferred data and number of connections for both SIM cards for each period Item Description RX data Total vol...

Страница 17: ...3 STATUS Figure 2 Mobile WAN status 8 ...

Страница 18: ...b in 802 11g BSS connection num_sta_no_short_slot_time Number of stations not supporting the Short Slot Time num_sta_no_short_preamble Number of stations not supporting the Short Preamble Table 8 State Information about Access Point More detailed information is displayed for each connected client Most of them has an internal character let us mention only the following Item Description STA MAC addr...

Страница 19: ... Frequency band of WiFi network kHz beacon interval Period of time synchronization capability List of access point AP properties signal Signal level of access point AP last seen Last response time of access point AP SSID Identifier of access point AP Supported rates Supported rates of access point AP DS Parameter set The channel on which access point AP broadcasts ERP Extended Rate PHY information...

Страница 20: ...3 STATUS Figure 4 WiFi Scan 11 ...

Страница 21: ...interface gre1 GRE tunnel interface lo Local loopback interface Table 11 Description of interface in network status Each of the interfaces shows the following information Item Description HWaddr Hardware unique address of networks interface inet IP address of interface P t P IP address second ends connection Bcast Broadcast address Mask Mask of network MTU Maximum packet size that the equipment is...

Страница 22: ...lisions on physical layer txqueuelen Length of front network device RX bytes Total number of received bytes TX bytes Total number of transmitted bytes Table 12 Description of Information in Network Status It is possible to read status of connection to mobile network from the network information If the connection to the mobile network is active it will be shown in the system information as an usb0 ...

Страница 23: ...mation for each configuration Item Description lease Assigned IP address starts Time of assignation of IP address ends Time of termination IP address validity hardware ethernet Hardware MAC unique address uid Unique ID client hostname Computer name Table 13 DHCP status description In the extreme case the DHCP status can display two records for one IP address That could have been caused by resettin...

Страница 24: ...he IPsec tunnel status display IPsec SA established highlighted in red in IPsec status information Other information has only internal character Figure 7 IPsec Status 3 8 DynDNS status The result of DynDNS record update from the server www dyndns org can be invoked pressing the DynDNS item in the Status menu Figure 8 DynDNS status 15 ...

Страница 25: ...g detailed report generates all information needed by support in one text file in the txt format statistical data routing and process tables system log configuration The default length of the system log is 1000 lines After reaching 1000 lines the new file is created for storing the system log After completion of 1000 lines in the second file the first file is overwritten with the new one Output of...

Страница 26: ...3 STATUS Figure 9 System Log Example of logging into the remote daemon at 192 168 2 115 Figure 10 Example program syslogd start with the parameter r 17 ...

Страница 27: ... address of Subnet Mask Bridged no router is not used as a bridge default yes router is used as a bridge Media type Auto negation The router automatically sets the best speed and duplex mode of communication according to the network s possibilities 100 Mbps Full Duplex The router communicates at 100Mbps in the full duplex mode 100 Mbps Half Duplex The router communicates at 100Mbps in the half dup...

Страница 28: ...preferred DHCP server supports static and dynamic assignment of IP addresses Dynamic DHCP server assigns clients IP addresses from a defined address space Static DHCP assigns IP addresses that correspond to the MAC addresses of connected clients Item Description Enable dynamic DHCP leases If checked dynamic DHCP server enabled IP Pool Start Start of IP addresses allocated to the DHCP clients IP Po...

Страница 29: ...4 CONFIGURATION Figure 11 Example 1 Topology of LAN Configuration Figure 12 Example 1 LAN Configuration 20 ...

Страница 30: ...addresses from 192 168 1 2 to 192 168 1 4 The address is allocated 10 minutes Client with MAC address 01 23 45 67 89 ab has IP address 192 168 1 10 Client with MAC address 01 54 68 18 ba 7e has IP address 192 168 1 11 Figure 13 Example 2 Topology of LAN Configuration Figure 14 Example 2 LAN Configuration 21 ...

Страница 31: ...he network interface with default gateway and DNS server Default gateway IP address is 192 168 1 20 DNS server IP address is 192 168 1 20 Figure 15 Example 3 Topology of LAN Configuration Figure 16 Example 3 LAN Configuration 22 ...

Страница 32: ...n the case IP address was assigned of the operator Phone Number Telephone number to dial GPRS or CSD connection Router as a de fault telephone number used 99 1 Operator This item can be defined PLNM preferred carrier code Network type Automatic selection router automatically selects transmission method according to the availability of transmission technology Furthermore according to the type of ro...

Страница 33: ...ds with two APN s there will be the same PIN for both APN s Otherwise the SIM card can be blocked by false SIM PIN Items marked with an asterisk must be filled in only if this information is required by the operator carrier In case of unsuccessful establishing a connection to mobile network is recommended to check the accuracy of entered data Alternatively try a different authentication method or ...

Страница 34: ...e network If this connection is without traffic longer than the Ping Interval then the router sends ping questions to the Ping IP Address Attention The enabling of Check connection to mobile network is necessary for uninterrupted and lasting operation of the router 4 2 4 Data Limit Configuration Item Description Data limit With this parameter you can set the maximum expected amount of data transmi...

Страница 35: ...d switch the router to off line mode Item Description Switch to other SIM card when connection fails If connection to mobile network fails then this param eter ensures switch to secondary SIM card or sec ondary APN of the SIM card Failure of the connection to mobile network can occur in two ways When I start the router when three fails to establish a connection to mobile network Or if it is checke...

Страница 36: ...in the parameter Subsequent Timeout range is from 1 to 10000 min Additive constants Any further attempt to switch back to the primary SIM card or APN shall be made in time computed as the sum of the previous time trial and time defined in the parameter Additive constants range is 1 10000 minutes Table 22 Switch between SIM card configurations Example If parameter Switch to default SIM card after t...

Страница 37: ...4 CONFIGURATION Figure 17 Mobile WAN configuration 28 ...

Страница 38: ...guration Example 2 The following configuration illustrates the situation in which the router switches to a backup SIM card after exceeding the data limits of 800 MB Warning SMS is sent upon reaching 400 MB The start of accounting period is set to the 18th day of the month Figure 19 Example 2 Mobile WAN configuration Example 3 Primary SIM card is switched to the offline mode after the router detect...

Страница 39: ...Description Username Username for secure access to PPPoE Password Password for secure access to PPPoE Authentication Authentication protocol in GSM network PAP or CHAP authentication method is chosen by router PAP it is used PAP authentication method CHAP it is used CHAP authentication method MRU Maximum Receiving Unit It is the identifier of the maximum size of packet which is possible to recese ...

Страница 40: ...ID Method of broadcasting the unique identifier of SSID network in bea con frame and type of response to a request for sending the beacon frame Enabled SSID is broadcasted in beacon frame Zero length Beacon frame does not include SSID Requests for sending beacon frame are ignored Clear Each SSID character in beacon frame is replaced by 0 However original length is kept Requests for sending beacon ...

Страница 41: ...ntication Provides access control of authorized users in WiFi network Open authentication is not required free access point Shared base authentication using WEP key WPA PSK authentication using better authentication method PSK PSK WPA2 PSK authentication using AES encryption Encryption Type of data encryption in WiFi network None No data encryption WEP Encryption using static WEP keys This encrypt...

Страница 42: ... bit secret ASCII passphrase PSK File WPA PSK Key for WPA PSK authentication This key must be entered accord ing to the selected WPA PSK type as follows 256 bit secret 64 hexadecimal digits ASCII passphrase from 8 to 63 characterswhich are subse quently converted into PSK PSK File absolute path to the file containing the list of pairs PSK key MAC address Access List Determines a manner of Access D...

Страница 43: ...g Verbose debugging the highest level of communicativeness Debugging Informational default level of communicativeness which is used for writing standard events Notification Warning the lowest level of communicativeness Extra options Allows user to define additional parameters Table 24 WiFi configuration Figure 22 WiFi configuration 34 ...

Страница 44: ...om the available access point AP and sends data from cable connection via wifi network DHCP Client Activates deactivates DHCP client IP Address Fixed set IP address of WiFi network interface Subnet Mask Subnet mask of WiFi network interface Bridged Activates bridge mode no Bridged mode is not allowed it s default value WLAN network is not connected with LAN network of the router yes Bridged mode i...

Страница 45: ...escription IP Pool Start Beginning of the range of IP addresses which will be assigned to DHCP clients IP Pool End End of the range of IP addresses which will be assigned to DHCP clients Lease Time Time in seconds for which the client may use the IP address Table 26 Configuration of DHCP server All changes in settings will apply after pressing the Apply button Figure 23 WLAN configuration 36 ...

Страница 46: ... i e Enable backup routes switching for Mobile WAN Enable backup routes switching for PPPoE Enable backup routes switching for WiFi STA Enable backup routes switching for Primary LAN or Enable backup routes switching for Secondary LAN according to explicitly set pri orities and according to status of connection check if it is enabled In addition network interfaces belonging to individual backup ro...

Страница 47: ...t not be enabled DHCP Client for Secondary LAN Item Description Priority Priority for the type of connection Ping IP Address Destination IP address of ping queries to check the connection address can not be specified as a domain name Ping Interval The time intervals between sent ping queries Table 27 Backup Routes All changes in settings will be applied after pressing the Apply button 4 7 Firewall...

Страница 48: ...acket is addressed to another network interface it will forward the packet according the rules defined in this second table If the packet is alowed according to the table it will be sent out according to the routing table If the forwarding rule does not exist packet will be dropped In tables with rules it is possible to allow all traffic within the selected protocol the rule specifies only a proto...

Страница 49: ...h is not in the router comes check box named Enable filtering of locally destinated packets The packet is dropped automatically without any information As a protection against DoS attacks this means attacks during which the target system is flooded with plenty of meaningless requirements is used option named Enable protection against DoS attacks which limits the number of connections to five per s...

Страница 50: ...allowed the following access from address 171 92 5 45 using any protocol from address 10 0 2 123 using TCP protocol on port 1000 from address 142 2 26 54 using ICMP protocol Figure 26 Topology of example firewall configuration Figure 27 Example firewall configuration 41 ...

Страница 51: ...more than sixteen NAT rules insert them into start up script Startup Script item in the Configuration section by typing the following iptables t nat A napt p tcp dport PORT _PUBLIC j DNAT to destination IPADDR PORT1 _PRIVATE Concrete IP address IPADDR and ports numbers PORT_PUBLIC and PORT_PRIVATE are filled up into square bracket The following items are used to set the routing of all incoming tra...

Страница 52: ... access on port This option sets the redirect from HTTP to HTTPS only disabled in default configuration Enable remote HTTPS access on port If this item field and port number is filled in then configuration of the router over web interface is possible disabled in default configuration Enable remote SSH access on port Choice this item and port number makes it pos sible to access over SSH disabled in...

Страница 53: ...o have marked choice of Send all remaining incom ing packets it default server IP address in this case is the address of the device behind the router Connected equipment behind the router must have set Default Gateway on the router Connected device replies while PING on IP address of SIM card 44 ...

Страница 54: ...4 CONFIGURATION Example 2 Configuration with more connected equipment Figure 30 Example 2 topology of NAT configuration Figure 31 Example 2 NAT configuration 45 ...

Страница 55: ...hecked the Enable remote HTTP access on port 80 And since the Send all remaining incoming packets to default server is not enabled the attempt of connection will lead to failure 4 9 OpenVPN Tunnel Configuration OpenVPN tunnel configuration can be called up by option OpenVPN item in the menu OpenVPN tunnel allows protected connection of two networks LAN to the one which looks like one homogenous In...

Страница 56: ...nel Ping Timeout Defines the time interval during which the router waits for a mes sage sent by the opposite side For proper verification of Open VPN tunnel Ping Timeout must be greater than Ping Interval Renegotiate Interval Sets renegotiate period reauthorization of the OpenVPN tun nel This parameter can be set only when Authenticate Mode is set to username password or X 509 certificate After th...

Страница 57: ...te can be used for username password and X 509 Certificate modes DH Parameters Protocol for exchange key DH parameters can be used for X 509 Certificate authentication in server mode Local Certificate This authentication certificate can be used for X 509 Certificate authentication mode Local Private Key It can be used for X 509 Certificate authentication mode Username Authentication using a login ...

Страница 58: ...4 CONFIGURATION The changes in settings will apply after pressing the Apply button Figure 33 OpenVPN tunnel configuration 49 ...

Страница 59: ... 2 10 0 0 1 Remote Subnet 192 168 2 0 192 168 1 0 Remote Subnet Mask 255 255 255 0 255 255 255 0 Local Interface IP Address 19 16 1 0 19 16 2 0 Remote Interface IP Address 19 16 2 0 19 18 1 0 Compression LZO LZO Authenticate mode none none Table 35 Example OpenVPN configuration Examples of different options for configuration and authentication of OpenVPN tunnel can be found in the application note...

Страница 60: ...s IP address of remote side of the tunnel Domain name possible Remote ID Identifier ID of remote side of the tunnel It consists of two parts hostname and domain name more information under the table Remote Subnet IP address of a network behind remote side of the tunnel Remote Subnet Mask Subnet mask of a network behind remote side of the tunnel Remote Protocol Port Specifies Protocol Port of remot...

Страница 61: ...ption and hash alg are selected automatically manual encryption and hash alg are defined by the user IKE Encryption Encryption algorithm 3DES AES128 AES192 AES256 IKE Hash Hash algorithm MD5 SHA1 SHA256 SHA384 or SHA512 IKE DH Group Diffie Hellman groups determine the strength of the key used in the key exchange process Higher group numbers are more se cure but require additional time to compute t...

Страница 62: ...ulti client mode Pre shared Key Shared key for both sides for Pre shared key authentication CA Certificate Certificate for X 509 authentication Remote Certificate Certificate for X 509 authentication Local Certificate Certificate for X 509 authentication Local Private Key Private key for X 509 authentication Local Passphrase Passphrase for X 509 authentication Extra Options Use this parameter to d...

Страница 63: ...range Minimal time 1h 9m 9m 42m Maximal time 1h 9m 0m 51m When setting the times for key exchange is recommended to leave the default setting in which tunnel has guaranteed security When set higher time tunnel has smaller operating costs and smaller the safety Conversely reducing the time tunnel has higher operating costs and higher safety of the tunnel The changes in settings will apply after pre...

Страница 64: ...4 CONFIGURATION Figure 36 IPsec tunnels configuration 55 ...

Страница 65: ...ed key pre shared key Pre shared key test test Table 38 Example IPsec configuration Examples of different options for configuration and authentication of IPsec tunnel can be found in the application note IPsec Tunnel 6 4 11 GRE Tunnels Configuration GRE is an unencrypted protocol To enter the GRE tunnels configuration select the GRE menu item The GRE tunnel is used for connection of two networks t...

Страница 66: ... tunnel Remote Subnet IP address of the network behind the remote side of the tunnel Remote Subnet Mask Mask of the network behind the remote side of the tunnel Multicasts Enables disables multicast disabled multicast disabled enabled multicast enabled Pre shared Key An optional value that defines the 32 bit shared key in numeric format through which the filtered data through the tunnel This key m...

Страница 67: ...guration GRE tunnel configuration Configuration A B Remote IP Address 10 0 0 2 10 0 0 1 Remote Subnet 192 168 2 0 192 168 1 0 Remote Subnet Mask 255 255 255 0 255 255 255 0 Table 41 Example GRE tunnel configuration Examples of different options for configuration of GRE tunnel can be found in the applica tion note GRE Tunnel 7 58 ...

Страница 68: ...ss of the server Server IP Address IP address of server Client Start IP Address Start IP address in range which is offered by server to clients Client End IP Address End IP address in range which is offered by server to clients Local IP Address IP address of the local side of the tunnel Remote IP Address IP address of the remote side of the tunnel Remote Subnet Address of the network behind the re...

Страница 69: ...A B Mode L2TP Server L2TP Client Server IP Address 10 0 0 1 Client Start IP Address 192 168 1 2 Client End IP Address 192 168 1 254 Local IP Address 192 168 1 1 Remote IP Address Remote Subnet 192 168 2 0 192 168 1 0 Remote Subnet Mask 255 255 255 0 255 255 255 0 Username username username Password password password Table 43 Example L2TP tunel configuration 60 ...

Страница 70: ...PTP client in case of client must be defined the IP address of the server Server IP Address IP address of server Local IP Address IP address of the local side of the tunnel Remote IP Address IP address of the remote side of the tunnel Remote Subnet Address of the network behind the remote side of the tunnel Remote Subnet Mask The mask of the network behind the remote side of the tunnel Username Us...

Страница 71: ...on of the PPTP tunnel Configuration A B Mode PPTP Server PPTP Client Server IP Address 10 0 0 1 Local IP Address 192 168 1 1 Remote IP Address Remote Subnet 192 168 2 0 192 168 1 0 Remote Subnet Mask 255 255 255 0 255 255 255 0 Username username username Password password password Table 45 Example PPTP tunel configuration 62 ...

Страница 72: ...ccount information defined in the configuration form Item Description Hostname Third order domain registered on server www dyndns org Username Username for login to DynDNS server Password Password for login to DynDNS server Server If you want to use another DynDNS service than www dyndns org then enter the update server service to this item If this item is left blank it uses the default server mem...

Страница 73: ...t is possible to set the router in mode that it can serve as NTP server for other devices Item Description Primary NTP Server Address IP or domain address primary NTP server Secondary NTP Server Address IP or domain address secondary NTP server Timezone By this parameter it is possible to set the time zone of the router Daylight Saving Time Using this parameter can be defined time shift No time sh...

Страница 74: ...cess item It is also necessary to define a password for access to the SNMP agent Community Standard public is predefined The Enable SNMPv3 access item allows you to enable SNMPv3 Then you must define the following parameters Item Description Username User name Authentication Encryption algorithm on the Authentication Protocol that is used to ensure the identity of users Authentication Password Pas...

Страница 75: ...1 values 0 1 Table 51 Object identifier for binary input and output All SPECTRE v3 routers also provide information about internal temperature of the device OID 1 3 6 1 4 1 30140 3 3 and power voltage OID 1 3 6 1 4 1 30140 3 4 It is important to set the IP address of the SNMP agent router in field Remote SNMP agent After enter the IP address is in a MIB tree part is possible show object identifier...

Страница 76: ...4 CONFIGURATION Figure 47 Example of the MIB browser Figure 48 Example of SNMP configuration 67 ...

Страница 77: ...ddress of the sender Table 52 SMTP client configuration Mobile operator can block other SMTP servers then you can use only the SMTP server of operator Figure 49 Example of the SMTP client configuration E mail can be sent from the Startup script Startup Script item in the Configuration section or via SSH connection The command email is can be used with the following parameters t receiver s E mail a...

Страница 78: ...etwork Send SMS when datalimit exceeded Automatic sending SMS message after datalimit ex ceeded Send SMS when binary input on I O port BIN0 is active Automatic sending SMS message after binary input on I O port BIN0 is active Text of message is in tended parameter BIN0 Add timestamp to SMS Adds time stamp to sent SMS messages This stamp has a fixed format YYYY MM DD hh mm ss Phone Number 1 Telepho...

Страница 79: ...mber While filling up one two or three numbers it is possible to control the router with the help of an SMS sent only from these numbers While filling up sign it is possible to control the router with the help of an SMS sent from any number Control SMS message doesn t change the router s configuration If the router is switched to offline mode by the SMS message the router will be in this mode up t...

Страница 80: ...sending receiving SMS messages will be allowed on Table 58 Send SMS on ethernet PORT1 configuration 4 18 1 Sending SMS After establishing connection with the router via serial interface or Ethernet it is possible to use AT commands for work with SMS messages The following table lists the commands that are supported by Conel routers For other AT commands OK response is always sent There is no suppo...

Страница 81: ...MI Returns the manufacturer specific identity AT GMM Returns the manufacturer specific model identity AT GMR Returns the manufacturer specific model revision identity AT GSN Returns the product serial number ATE Determines whether or not the device echoes characters ATI Transmits the manufacturer specific information about the device Table 59 List of AT commands A detailed description and examples...

Страница 82: ...4 CONFIGURATION Figure 50 Example 1 SMS configuration Example 2 Configuration of sending SMS via serial interface on the PORT1 Figure 51 Example 2 SMS configuration 73 ...

Страница 83: ...figuration of controlling the router via SMS from any phone number Figure 52 Example 3 SMS configuration Example 4 Configuration of controlling the router via SMS from the two phone numbers Figure 53 Example 4 SMS configuration 74 ...

Страница 84: ...ertiary LAN column see chapter 4 1 In the upper part of the configuration window the port can be enabled and type of the connected port is shown in the Port Type item Other items are described in the table Item Description Baudrate Applied communication speed Data Bits Number of data bits Parity Control parity bit none will be sent without parity even will be sent with even parity odd will be sent...

Страница 85: ... connection would be activated Item Description Keepalive Time Time after which it will carry out verification of the connection Keepalive Interval Waiting time on answer Keepalive Probes Number of tests Table 61 Expansion Port configuration Check TCP connection When item Use CD as indicator of the TCP connection selected indication of the TCP connection state using signal CD DTR on the router wou...

Страница 86: ...4 CONFIGURATION Figure 54 Expansion port configuration Examples of the expansion port configuration Figure 55 Example 1 expansion port configuration 77 ...

Страница 87: ...o connect to the router via the serial line router must be fitted with an expansion port RS232 Getty displays the prompt and after entering the username passes it on login program which asks for a password verifies it and runs the shell After logging in it is possible to manage the system as well as a user is connected via SSH 78 ...

Страница 88: ...led and sent the message Protocol Communication protocol TCP communication using a linked protocol TCP UDP communication using a unlinked protocol UDP Mode Mode of connection TCP server router will listen to incoming requests about TCP connection TCP client router will connect to a TCP server on the speci fied IP address and TCP port Server Address In mode TCP client it is necessary to enter the S...

Страница 89: ... the router would be activated CD Description Active TCP connection is on Nonactive TCP connection is off Table 66 CD signal description When item Use DTR as control of TCP connection selected control of the TCP connection using signal CD DTR on the router would be activated DTR Description server Description client Active The router allows a TCP connection Router starts TCP connection Nonactive T...

Страница 90: ...4 CONFIGURATION Figure 57 USB configuration Examples of USB port configuration Figure 58 Example 1 USB port configuration 81 ...

Страница 91: ...4 CONFIGURATION Figure 59 Example 2 USB port configuration 82 ...

Страница 92: ...ly button Figure 60 Startup script Change will take effect after shut down and turn on the router This can be done in the Reboot item in the Administration section or by SMS message see SMS Configuration Example of Startup script When start the router stop syslogd program and start syslogd with remote logging on address 192 168 2 115 and limited to 100 entries listing Figure 61 Example of Startup ...

Страница 93: ... WAN connection In the item Down Script is defined script which begins after lost a PPP WAN connection The changes in settings will apply after pressing the Apply button Figure 62 Up Down script Example of UP Down script After establishing or lost a connection the router sends an email with information about establishing or loss a connection Figure 63 Example of Up Down script 84 ...

Страница 94: ...urrent firmware or configuration from both sources Base URL Enter the base part of the domain or IP address to download the up dates from Specify the communication protocol by the address HTTP HTTPS FTP or FTPS Unit ID Name of configuration name of the file without extension If the Unit ID is not filled the MAC address of the router is used as the filename the delimiter colon is used instead of a ...

Страница 95: ...rmware http router cz SPECTRE v3 LTE bin Configuration file http router cz temelin cfg Figure 64 Example of automatic update 1 The following examples find if there is a new firmware or configuration each day at 1 00 in the morning An example is for the SPECTRE v3 LTE type of router with MAC address 00 11 22 33 44 55 Firmware http router cz SPECTRE v3 LTE bin Configuration file http router cz 00 11...

Страница 96: ...Figure 66 User modules Added module appears in the list of modules on the same page If the module contains index html or index cgi page module name serves as a link to this page The module can be deleted using the Delete button Updating of the module can be done in the same way like adding a new module Module with a higher newer version will replace the existing module The current module configura...

Страница 97: ...protocol PIM SM WMBUS Concentrator Allows to receive messages from WMBUS meters and saves contents of these messages to XML file pduSMS Sends short messages SMS to specified number GPS Allows router to provide location and time information in all weather anywhere on or near the Earth where there is an un obstructed line of sight to four or more GPS satellites Pinger Allows to manually or automatic...

Страница 98: ...tration or by SMS message It is possible to select the standard profile or up to three alternative profiles It is possible to copy actual configuration to selected configuration by selecting Copy settings from current profile to selected profile Figure 68 Change profile 6 2 Change Password To change the access password select the Change Password menu item Type the new password twice and save it by...

Страница 99: ...vailable in cable routers In some cases it is needed to set the phone number of the SMS service centre because of SMS sending This parameter can not be set when the SIM card has set phone number of the SMS service centre The phone number can be formed without international prefix xxx xxx xxx or with international prefix for example 420 xxx xxx xxx Figure 71 Set SMS service center address 6 5 Unloc...

Страница 100: ...m9vdDpyb290 HTTPS request will be sent to TCP connection on router port 443 Router sends an SMS message with text Test SMS is sent to phone number 420712345678 Authorization is in the format user password coded by BASE64 In the example is used for root root 6 7 Backup Configuration The router s configuration can be saved in the Backup Configuration menu item Clicking on this item it is possible to...

Страница 101: ...ent is listed informs about update of the FLASH memory Upload firmware of different device can cause damage of the router During the update of the firmware the permanent power supply has to be maintained Starting with FW 5 1 0 mechanism to prevent multiple startup of firmware update is added Firmware update can cause incompatibility of the user modules It is recommended to update user modules to t...

Страница 102: ...nt to put the SIM card into the SIM1 slot Primary SIM card attach the antenna to the ANT connector and connect the computer or switch and computers to the router s ETH0 interface LAN Wait a moment after turning on the router It will connect to the mobile network and the Internet signalized by LEDs on the front panel of the router WAN and DAT Additional configuration can be done in the LAN and Mobi...

Страница 103: ...top is checked factory default For more details see chapter 4 2 1 Figure 79 Access to the Internet from LAN Mobile WAN configuration To check whether the connection is working properly go to Mobile WAN item in the Sta tus section Information about operator signal strength etc is available At the bottom the message Connection successfully established will be written out In the Network item there is...

Страница 104: ... In the situation on the fig 80 it s necessary to configure all the connections to the Internet in items LAN for Ethernet WLAN and WiFi for WiFi connection and Mobile WAN for mobile connection Then it is possible to configure the priorities of backup routes in the Backup Routes item Figure 81 Backed up access to the Internet LAN configuration 95 ...

Страница 105: ...tton to confirm the changes For details see chapter 4 5 Configure connection to a WiFi network in the WiFi item see fig 83 Here check the Enable WiFi and fill in the data for connection SSID security password and confirm clicking the Apply button For detailed configuration see 4 4 chapter To verify successful WiFi connection see Status section WiFi item There will be wpa_state COMPLETED written ou...

Страница 106: ...7 CONFIGURATION IN TYP SITUATIONS Figure 83 Backed up access to the Internet WiFi configuration Figure 84 Backed up access to the Internet Mobile WAN configuration 97 ...

Страница 107: ...es configuration The router configured this way now serves to computers in LAN for backed up access to the Internet You can verify the configured network interfaces in the Status section in the Network item There you should see active network interfaces eth0 connection to LAN eth1 wired connection to the Internet wlan0 WiFi connection to the Internet and usb0 mobile connection to the Internet IP a...

Страница 108: ...terface of the router see chapter 4 9 or Application Note 5 IPsec it is also configuration item in the web interface of the router see chapter 4 10 or Application Note 6 You can create also non encrypted tunnels GRE PPTP and L2TP with Conel router In combination with IPsec you can use GRE or L2TP tunnel to create VPN There is an example of OpenVPN tunnel in the fig 86 These are the prerequisites f...

Страница 109: ...f the tunnel including the remote subnet and mask not necessary Important items are Local and Remote Interface IP Address where the interfaces of the tunnel s ends has to be filled in In this situation the pre shared secret was know so choose this option in the Authentication Mode item and insert the secret key into the field Confirm the configuration clicking the Apply button For detailed configu...

Страница 110: ...e In this situation the router is equipped with the RS232 interface port Mobile WAN configuration is the same as in the previous situations Just insert the SIM card into the SIM1 slot at the back of the router and attach the antenna to the ANT connector at the front No extra configuration is needed depending on the SIM card used for more details see chapter 4 2 1 Expansion Port 1 configuration The...

Страница 111: ...ial Gateway konfigurace Expansion Port 1 To communicate with the serial device PLC connect from the PC in fig 88 labeled as SCADA as a TCP client to the IP address 10 0 6 238 port 2345 public IP address of the SIM card used in the Conel router corresponding to the usb0 network interface Devices can now communicate To check the connection go to System Log Status section and look for the TCP connect...

Страница 112: ...te 2 Conel SmartCluster Application Note 3 Conel R SeeNet Application Note 4 Conel R SeeNet Admin Application Note 5 Conel OpenVPN Tunnel Application Note 6 Conel IPsec Tunnel Application Note 7 Conel GRE Tunnel Application Note 8 Conel SNMP Object Identifier Application Note 9 Conel AT Commands Application Note 103 ...

Результаты поиска

Содержание V3

Отзывы:

Похожие инструкции для V3

Бренды по названию

Популярные бренды

B+B SmartWorx V3, Руководство по настройке

Результаты поиска

Содержание V3

Отзывы:

Похожие инструкции для V3

Бренды по названию

Популярные бренды