background image

1)  Restrict to Address Family 

You can choose IPv4, IPv6, or Pv4/IPv6. 

2)  Protocol 

To choose the protocol you want for access control, it can TCP, UDP or TCP/UDP. 

3)  Source MAC Address 

To choose the source MAC address of data packet. 

4)  Source Address 

To choose the source IP address of data packet. 

5)  Source Port 

To choose the source port of data packet. 

6)  Destination Address 

To choose the destination IP address of data packet. 

7)  Destination Port 

To choose the destination port of data packet. 

8)  Action 

If the above-mentioned conditions matched, then you can choose below actions. 

 

Accept 

Allow data packet to go through. 

 

Drop 

Drop data packet 

 

Reject 

Drop data packet, and return an unachievable data packet. 

 

Don’t Track 

No action. 

3.3.4 Custom Settings 

Users  can  also  customize  some  firewall  rules  themselves,  as  those  rules  is  consist  of 

iptable, we suggest users that are familiar with iptables command to do this. When you 

add rules, please add them at the bottom of 

existing rules, and don’t delete them. 

3.4 VPN 

VPN is used to establish a virtual private channel, and all the data in this channel will be 

encrypted to ensure that data security during transmission. 

TG452 support VPN: PPTP, L2TP, OpenVPN and IPSec. PPTP/L2TP are layer 2 VPN, and 

OpenVPN  is  VPN  based  on  SSL,  while  IPSec  layer  3  VPN.  PPTP/L2TP  are  more 

convenient  to  use,  while OpenVPN  and  IPSec  is  more  complex,  as  they  need  complex 

certification management, meanwhile, they offer more secured encrypted data. 

 

Содержание TG452 Series

Страница 1: ... Industrial Cellular Edge Gateway TG452 Series User Guide ...

Страница 2: ...y notice and BIVOCOM reserves the right to improve and change this user guide at any time Users should take full responsibility for their application of products and Xiamen Bivocom Technologies Co Ltd disclaims all warranties and liability for the accurateness completeness of the information published Global Technical Sales Support Xiamen Bivocom Technologies Co Ltd Addr Unit 1504 No A1 Building 3...

Страница 3: ... Edge Gateway TG452 Series Please thoroughly read this user guide before you configure and install the device This manual is compatible with below models Model Description TG452 LF Industrial Edge Gateway with 4G LTE Cat 4 Cat 6 TG452 W Industrial Edge Gateway with 3G ...

Страница 4: ...nnection 8 2 2 3 Power Supply 10 2 2 4 Cellular Antenna 10 2 3 LED Indicators 10 3 Configuration and Management 11 3 1 View 12 3 1 1 System 12 3 1 2 Network 13 3 1 3 Routing Tables 14 3 1 4 System Log 14 3 1 5 VPN Status 15 3 2 Setup 15 3 2 1 WAN 15 3 2 2 LAN 17 3 2 3 Wireless Option 18 3 2 4 Online Detection 20 3 2 5 Diagnostics 22 3 3 Security 23 3 3 1 DMZ Host 23 3 2 2 Port Forwarding 24 3 3 3 ...

Страница 5: ... Basic Setting 35 3 6 2 Interface Setting 36 3 6 3 Modbus Rules Setting 37 3 6 4 IO Setting 38 3 6 5 Server Setting 41 3 7 Administrate 42 3 7 1 System 42 3 7 2 Password 42 3 7 3 Time Setting 43 3 7 4 Log Settings 44 3 7 5 Backup and Reset 45 3 7 6 Firmware Upgrade 46 3 7 7 Remote Management 47 3 7 8 Manual Reboot 49 3 7 9 Schedule Reboot 49 ...

Страница 6: ...thernet ports RS232 RS485 digital inputs analog inputs relay outputs CAN power output GPS WIFI etc The TG452 Edge Gateways allow users to integrate legacy systems with modern sensors With high performance 32 bit ARM based CPU Modbus RTU TCP MQTT TCP IP and customized protocols as well as up to 1G flash and 32G micro SD local data storage enables users to collect store and process data at IoT edge ...

Страница 7: ...d 2 1 Package Checklist The following components are included in your TG452 package Check the list before installation If you find anything missing Please feel free to contact Bivocom 1 x TG452 Gateway 1 x Power Adapter DC 12V 1 5A EU US UK AU plug optio 2 x Mag mount Cellular Antenna SMA Male 1 meter 5dBi 1 x RS232 Cable DB9 Female 1 meter 1 x Ethernet Cable 1 meter 2 x 13 Pin Terminal Block 1 x ...

Страница 8: ...M card to card holder with chipset upside insert it to router and make sure it s tightly matched Warning Never install SIM UIM card when router is powered on 2 2 2 Interfaces connection TG452 support a RS232_1 serial port as console port which can be used for firmware upgrade system log checking debug etc TG452 include 2 RS232 RS232_1 RS232_2 and 3 RS485 RS485_1 RS485_2 RS485_3 1x CAN optional 2x ...

Страница 9: ...D 3 GND RS485 Cable RS485_1 RS485_2 Relay Interface Relay1 Relay2 Relay Feature Control the external switch load capacity Maximun Voltage switch 30VDC 220VAC Maximun Current switch 5A DI Interface DI1 DI2 DI Feature Detect the slave device status Input Range Logic 0 wet contact 0 3VDC or dry contact close Logic 1 wet contact 5 30VDC or dry contact open ADC Interface ADC1 ADC2 ADC Feature acquire t...

Страница 10: ...ale port make sure it is screwed tightly to ensure the strength of signal 2 3 LED Indicators TG452 Series Gateway provides 8 LED indicators as following Indicator Status Content Power On Powered On Off Powered Off Signal Strength 1 Lights Signal weak 2 Lights Signal Middium 3 Lights Signal Strong System Blink System works perfect Off System doesn t work Online On Router accesses to Internet Off Ro...

Страница 11: ...connect to WIFI hotspot Bivocom of TG452 login with password admin123 normally your laptop will get an IP address from TG452 DHCP as 192 168 1 xx otherwise please manually configure your laptop IP to 192 168 1 100 Open browser enter 192 168 1 1 to enter into to login page enter username admin and password admin to go to configuration page ...

Страница 12: ...3 1 View To check the following system information 3 1 1 System Display system related information ...

Страница 13: ...3 1 2 Network Display WAN LAN WiFi DHCP network information ...

Страница 14: ...3 1 3 Routing Tables Display routing tables 3 1 4 System Log Display system log ...

Страница 15: ...is page includes WAN LAN Wireless Online Detection Diagnostics 3 2 1 WAN WAN supports DHCP Static IP PPPoE 3G LTE connection mode Choose the mode you need then click Switch Connection Mode and configure the related parameters then you can connect to the internet ...

Страница 16: ... Only for private network SIM card if you re using public network SIM card just keep it as null 6 Call Center No When you re using SIM card different carrier may have different call center Number please ask your carrier for this info if you have questions 7 Authentication Type If there have username and password you need to choose authentication type PAP Plaintext Authentication CHAP Handshake aut...

Страница 17: ...ly for configuring IP address of router enabling DHCP server and assign the IP address The meaning of the parameters are as follows 1 IPv4 Address To configure IP address of LAN port 2 IPv4 Netmask The netmask of LAN port IP address ...

Страница 18: ...ddress starts from 192 168 1 100 Limit Assignable number of IP address to ensure numbers of IP address of start and limit not exceed 250 Lease time Time of assigning the IP address 3 2 3 Wireless Option Menu of wireless are mainly for configuring the SSID work mode password etc Note WiFi is not be included in standard TG452 please ask Bivocom representative when place the order ...

Страница 19: ...ame 3 Channel Support 1 13 channels default value is auto channel can be changed automatically 4 Mode Support 802 11b 802 11g 802 11bgn 802 11b up to 11Mbps 802 11g up to 54Mbps and 802 11n up to 300Mbps 5 Encryption You can only choose below types if the mode is set as 802 11b or 802 11g ...

Страница 20: ...ID is invisible and user need to enter the SSID to share the WIFI 3 2 4 Online Detection Online detection will auto check the internet connection status of the router if there has issue of connection router will auto reconnect If it fails to reconnect after times of trial router will reboot to ensure getting online The meaning of the parameters are as follows ...

Страница 21: ...st dataflow of SIM card while DNS is faster but as it has cache it may shows the router is online even it is offline 2 Primary Detection Server It can be an IP address or a Domain Name 3 Second Detection Server If primary detection server fails then router will auto switch to second detection server 4 Retry Times You can set up retry time in case detection fails 5 Retry Interval The interval time ...

Страница 22: ...ng and traceroute can be a Domain Name or an IP address used for checking if router is online or not While nslookup is to analytic domain 1 Ping Click ping then you can check if there is response from an IP address as bellow 2 Traceroute Click traceroute then you can see similar reponse as below ...

Страница 23: ... the firewall to ensure the security of accessing to internet and implement the port forwarding access control data packet filtering and other functions 3 3 1 DMZ Host DMZ can forward the port of WAN to a host of LAN all packet from WAN will be forwarded to specified host of LAN 1 DMZ You can enable or disable the DMZ ...

Страница 24: ...ess The Host IP address to forward 5 Internal Port The destination port after port forwarding Normally external port and internal port are the same but also can be different After configured above mentioned click Add then a new rule will be added and click Save Apply to have the rule take effect 3 3 3 Traffic Rules Traffic rules is used for opening some router ports such as remote access the confi...

Страница 25: ... some access control rules it can be from LAN to WAN or WAN to LAN 1 Name You can name the rule yourself 2 Source Zone You can choose where to start the data packet 3 Destination Zone You can choose where to forward the data packet Click Add and Edit then you can get more detailed matching condition ...

Страница 26: ...packet Reject Drop data packet and return an unachievable data packet Don t Track No action 3 3 4 Custom Settings Users can also customize some firewall rules themselves as those rules is consist of iptable we suggest users that are familiar with iptables command to do this When you add rules please add them at the bottom of existing rules and don t delete them 3 4 VPN VPN is used to establish a v...

Страница 27: ... Name and Password To enter the user name and password provided by server 4 Remote Subnet To enter the remote subnet for example if LAN of PPTP server is 192 168 2 1 then you can enter remote subnet 192 168 2 0 5 Remote Subnet Mark To enter the remote subnet mask normally it is 255 255 255 0 6 NAT If click NAT all packets come from ppp0 and the source IP of the packets will be replaced as IP of pp...

Страница 28: ...al IP address 3 IP Address Range Type the range of assigned IP address 4 Enable MPPE Encryption You can enable MPPE encryption here 5 DNS1 DNS2 To enter the assigned DNS address 6 WIN1 WIN2 To enter the WIN address 7 CHAP Secrets To create an username and password under CHAP Secrets format as below Username space space password space For example if you want to create a username test password test ...

Страница 29: ...ovided by server 4 Remote Subnet To enter the remote subnet for example if LAN of L2TP server is 192 168 2 1 then you can enter remote subnet 192 168 2 0 5 Remote Subnet Mark To enter the remote subnet mask normally it is 255 255 255 0 6 NAT If click NAT all packets come from ppp0 and the source IP of the packets will be replaced as IP of ppp0 7 Enable MPPE Encryption You can enable MPPE encryptio...

Страница 30: ...IP Address Range Type the range of assigned IP address 4 Enable MPPE Encryption You can enable MPPE encryption here 5 CHAP Secrets To create an username and password under CHAP Secrets format as below Username space space password space For example if you want to create a username test password test it is as below Test test ...

Страница 31: ...ulti devices will be connected to one server 3 Role When topology is subnet you need to choose you want it be a server or client 4 Protocol Choose the protocol it can be UDP or TCP default is UDP 5 Port Enter the port you want to assign to OpenVPN default port is 1194 6 Device Type Choose device type there are 2 types to choose TUN and TAP TUN is layer 3 data encapsulation while TAP is layer 2 dat...

Страница 32: ...ology is subnet authentication type is certification If it is point to point you can choose none certificate or static secret 9 TLS Role When topology is point to point and authentication type is certification you need to choose if it is server or client 3 4 4 IPSec On IPSEC page system will display the IPSEC connection and status ...

Страница 33: ...5 Peer Subnet Peer subnet and mask like 192 168 20 0 24 6 IKE Encryption Algorithm IKE phase encryption method 7 IKE Lifetime To set up IKE lifttime 8 Local Identifier Local identifier of channel can be an IP address or domain name 9 Peer Identifier Peer identifier of channel can be an IP address or domain name 10 ESP Encryption Algorithm The encryption method of ESP 3 5 Advanced You can set up so...

Страница 34: ... static routing 3 5 2 Net Flow The traffic meter function of TG452 is for traffic statistics from WAN port meanwhile it has traffic overflow alarm function Even if the router is powered off the traffic statistics will be saved and when you power on the router the traffic will be counted based on your last time traffic 3 5 3 GPS Location GPS location will report GPRMV information regularly saying l...

Страница 35: ...neral DHCP and DNS settings base on Dnsmasq tool on TG452 Please refer to Dnsmasq for more information 3 6 Data Collect Data Collect settings is for TG452 acquiring data from slave devices in serial ports Ethernet ports IO ports with Modbus protocol and other customized protocols Also support customize data display on LCD only for TG452S 3 6 1 Basic Setting Enable or Disable the data collect featu...

Страница 36: ...d Set the Period of data report to server 4 Enable Cache Enable or Disable history data cache feature 5 Related data cache setting if enable the cache feature 3 6 2 Interface Setting Switch the hardware interfaces for data acquisition from kinds of slave devices Including Serial ports COM2 COM7 Modbus TCP base on Ethernet LAN I2C ports ...

Страница 37: ...quire data from slave devices base on Modbus protocol You can configure unlimited Modbus rules on it TG452 provide the options of definable factor name device ID function code register address and count register number please following the slave device datasheet to get those information ...

Страница 38: ...3 6 4 IO Setting IO Setting menu is for setting ADC ports DI ports and Relay ports 1 ADC ports setting ...

Страница 39: ...2 DI ports setting ...

Страница 40: ...3 Relay Setting ...

Страница 41: ...ith multiple protocols the standard TG452 support TCP UDP HTTP MQTT and Modbus TCP For the data format TG452 support different Encapsulation type include Transparent Json and HJ212 special for some Environment SCADA Also TG452 accept customize specific protocols for your data center ...

Страница 42: ... system default time zone is GMT8 3 Language Change the language of configuration interface default language is English 4 Enable Telnet Access To enable the telnet server the default function is enable 5 Enable SSH Access To enable the SSH server the default function is disable 3 7 2 Password To revise the password of router ...

Страница 43: ...ils to revise the password After password revised router will return to login page then you can enter your username and password 3 7 3 Time Setting System time type includes RTC Real Time Clock and NTP Network Time Protocol RTC will save time even router is powered off while for NTP router will connect to NTP server which requires internet connection time won t be saved once powered off But NTP wi...

Страница 44: ... Month Day or you will fail to update it RTC Time Format must be xx xx xx Hour Min Second or you will fail to update it NTP NTP Time Server You can select the NTP time server through drop down menu or you can customize it yourself Port NTP time server port default port is 123 Update Interval How long to sync the time with NTP server default time is 600 seconds 3 7 4 Log Settings Log settings is fo...

Страница 45: ...is 64KB 3 Log Server Set up the IP address of log server 4 Log Server Port Set up the port of log server default value is 514 5 Output Level There are several levels supported including Debug Info Notice Warning Error and level increased in sequence the higher level the less output log 3 7 5 Backup and Reset User can either backup the configuration of router or reset to factory defaults ...

Страница 46: ...u can also upload the saved configuration file to router to recover the previous configuration Click upload archive select and upload the backup configuration file and a pop up confirmation box with Really Restore will display then click OK to recover the configuration 3 7 6 Firmware Upgrade Before you upgrade the firmware for router make sure the firmware you re planning to upload is correct If e...

Страница 47: ...Checksum MD5 checksum value of firmware Size The size of firmware Proceed Click proceed to start the firmware upgrade or click cancel to stop the firmware upgrade 3 7 7 Remote Management Remote Management feature allows TG452 work with Bivocom Device Management Platform for remote management like firmware upgrade configuration change etc You can configure the IP address and port of remote DMP serv...

Страница 48: ...te mange the router it can be either an IP address or Domain Name 3 Server Port The specified login server port 4 Heartbeat Interval The heartbeat time interval Unit second 5 Device Number Device ID of router 6 Device Phone Number The phone number of SIM card insert in router 7 Device Type Type of the device default is router You can also remote upgrade the firmware for router as below ...

Страница 49: ...t Type the server port for remote upgrade 11 Firmware Version Type the firmware version that you want to upgrade remotely 3 7 8 Manual Reboot Click Perform Reboot and a pop up confirmation box with Really Reboot will display then click OK to reboot the router 3 7 9 Schedule Reboot Schedule Reboot allows user configure the period or dedicate time for device reboot ...

Отзывы: