CTC Union ICR-W401 Скачать руководство пользователя страница 1

Страница: 1 / 147

ICR-W401

Industrial 4G LTE Router

Содержание ICR-W401

Страница 1: ...i ICR W401 Industrial 4G LTE Router ...

Страница 2: ...any other application in which the failure of the product could create a situation where personal injury or death may occur Should the Buyer purchase or use a CTC Union product for any such unintended or unauthorized application the Buyer shall indemnify and hold CTC Union Technologies and its officers employees subsidiaries affiliates and distributors harmless against all claims costs damages exp...

Страница 3: ...ontents are subject to change without prior notice Please check CTC Union s website for any updated manual or contact us by E mail at sales ctcu com Please address any comments for improving this manual or to point out omissions or errors to marketing ctcu com Thank you 2019 CTC Union Technologies Co Ltd All Rights Reserved The contents of this document are subject to change without any prior noti...

Страница 4: ...ia Web Browser 17 3 1 Access the Web Interface 17 3 1 1 Logging in the Router 17 3 1 2 Navigate the Web Configurator 18 3 2 Status 20 3 2 1 Status GPS 24 3 3 System 25 3 3 1 System Time and Date 25 3 3 2 System COM 29 3 3 3 System Logging 30 3 3 3 1 Logging Logging 30 3 3 3 2 Logging Log 31 3 3 4 System Alarm 32 3 3 4 1 Alarm Contacts Create and name the Group 33 3 3 4 2 Alarm Contacts Add User 35...

Страница 5: ...67 3 8 1 IP Static Route 67 3 8 2 IP Routing RIP 70 3 8 3 IP Routing OSPF 72 3 8 4 IP Routing BGP 75 3 9 VPN 78 3 9 1 OpenVPN 78 3 9 1 1 Open VPN Common Setting 78 3 9 1 2 Open VPN Client Setting 79 3 9 1 3 Open VPN Server Setting 81 3 9 1 4 Set up Open VPN Custom 83 3 9 2 IPSec 84 3 9 2 1 Connections 85 3 9 2 2 Authentication IDs 88 3 9 2 3 X 509 Certificates 90 3 9 2 4 CA Certificates 91 3 9 2 5...

Страница 6: ...PnP 133 3 11 7 SMTP 133 3 11 8 IP Alias 134 3 11 9 QOS 135 3 11 9 1 ISP Bandwidth 135 3 11 9 2 QoS 136 3 11 9 3 Status 137 3 12 Management 138 3 12 1 Identification 138 3 11 2 Administration 139 3 12 3 Contacts On Duty 140 3 12 3 1 Contacts 140 3 12 3 2 Duty Schedule 141 3 12 4 SSH 142 3 12 5 WEB 142 3 12 6 Firmware 143 3 12 7 Configuration 143 3 12 8 Load Factory 143 3 12 9 Restart 144 3 12 10 Sc...

Страница 7: ...put voltage range of 9 6 60VDC ICR W401 are ideal devices to be applied in diverse environments for various applications ICR W401 Industrial 4G LTE Cellular Routers are suitable and reliable choices for fast deployment and easy configuration to simplify your complicated solutions and fit your services for industrial networking and smart city 1 1 Features Highly reliable and secure for mission crit...

Страница 8: ...wer Supply Power Consumption 7 Watts Max Power Input 12 24 48VDC 9 6 60VDC Software Network Protocols IPv4 IPv6 IPv4 IPv6 dual stack DHCP server and client PPPoE Static IP SNTP GPS sync time DNS Proxy VRRP OSPF Message Queue Telemetry Transport MQTT Broker BGP Flow Modbus master MQTT client Routing Firewall NAT Virtual Server DMZ MAC Filter URL Filter IP Filter VLAN Static Routing and RIP 1 2 IPS ...

Страница 9: ...TRODUCTION 1 3 Mechanical Dimensions 1 4 Hardware Panel Layout This chapter describes the panel and interface layout of hardware Front Panel View Left Side Panel View Right Side Panel View 3 2 1 4 6 5 8 7 9 11 10 11 ...

Страница 10: ... LAN port 2 Fast Ethernet RJ 45 WAN or LAN port 3 Terminal block for PWR DI DO RS232 4 LED indicators PWR Mobile FN 5 Micro SIM card slot 6 Mobile MAIN connector 7 Mobile AUX connector 8 GPS connector 9 Earth grounding 10 WPS Reset push button 11 SMA antenna connectors ...

Страница 11: ...inking Low signals or reset to default Heart Beat WPS processing Off Error FN Green On VPN connected Slow Blinking Internet connected or reset Fast Blinking System rebooting or reset to default Heart Beat WiFi connected 2 2 Ethernet Port 1 10 100 Mbps Ethernet LAN WAN The LAN and WAN interface are standard RJ45 connectors Pin Description Function 1 WAN TX 10 100 Mbps WAN TX Pin 2 WAN TX 10 100 Mbp...

Страница 12: ...T LED Status Description Green Link ACT Off Connection is down Blink Data is being transmitted On Connection is up 2 3 Grounding the Router To prevent the noise and surge effect please connect the router to the site ground wire by the ground screw before turning on the router 2 4 Pin Assignments Power Input V V DI DO UART RS 232 TXD RXD GND ...

Страница 13: ... ground before connecting any wiring 2 6 Connecting I O Ports 1 Digital Input DI The unit has two terminals on the terminal block for the Digital inputs Pin Description DI Digital Input DI_GND INPUT Low 0 to 5V High 8 to 40V 2 Digital Output DO The unit has 2 terminals on the terminal block for the Alarm Contacts Pin Description DO Digital Output DO_GND Pin Power 9 6 60VDC V Negative V Positive ...

Страница 14: ...14 CHAPTER 2 HARDWARE INSTALLATION 2 7 UART RS 232 The port is a standard RS 232 signal level interface Pin Signal Direction TXD Transmit Data Output RXD Receive Data Input GND Signal Ground ...

Страница 15: ...ved from Cellular Router 2 Insert the SIM card with right direction Push the SIM card in to the slot and lightly press it to lock it in the slot 3 To remove the SIM card lightly press the SIM card and it will pop out 2 9 Reset Button Function Operation WPS Processing Press the button less than 5 seconds Reset Press the button for 5 10 seconds Reset to default setting Press the button for more than...

Страница 16: ...na connectors these are MAIN GPS AUX SMA For ICR W401 there are five antenna connectors two for LTE antennas two for Wi Fi RP SMA antennas and one for GPS antenna Connect the antenna to MAIN when you have only one LTE antenna Please tighten the connecting nut properly to ensure good connection ...

Страница 17: ...the mobile router acts as DHCP server in your network the mobile router will automatically assign IP address for PC or NB in the network 3 1 1 Logging in the Router In this section please fill in the default User Name admin and the blank default Password Then Click Login to enter the device For the system security purposes it is strongly recommended to change Username and Password after the initia...

Страница 18: ...ord into effect Note After changing the User Name and Password we strongly recommend that you save them because another time when you login new User Name and Password have to be used so as to successfully login to the system 3 1 2 Navigate the Web Configurator The main screen is divided into three parts as below A Title Bar B Navigation Panel and C Main Window A B A C ...

Страница 19: ...he three mode of WAN status which is first to use Location Show the position of router from Google Maps Note This function is for GPS spec Google Maps Display Google Map according to location Language Choose your language from the drop down list on the upper right corner of the title bar Login Logout Click to log in or log out of the web configurator Online Manual 2 B Navigation Panel Main Menu an...

Страница 20: ...ace is shown Note After logging in the system you can set up the status of user and divide into three levels for setting user s authority including Super User Administrator and Read Only For Guest this status is without any authority All users log in or log out and they need to have Web UI log records Status Super User Administrator Read Only Guest User name system account root admin only Super Us...

Страница 21: ...atitude information of location Longitude Show the longitude information of location Horizontal Show the horizontal information of location Altitude Show the altitude information of location Date UTC Show the date information of location Satellite Show the satellite information of location ...

Страница 22: ... Status LTE APN1 LTE APN2 Item Description Attribute Attr IPv4 Address Ethernet WAN obtain IPv4 Address IPv4 Mask Ethernet WAN obtain IPv4 Mask Default Gateway Ethernet WAN IPv4 Default Gateway Connected Yes Connected No Disconnected IPv4 Conn Time Ethernet WAN IPv4 Connected Time Uplink Speed Kbps Uplink Speed in Kbps Downlink Speed Kbps Downlink Speed in Kbps Tx Rx KBytes Accumulated TX RX in KB...

Страница 23: ...LAN is assigned IPv4 Address IPv4 Mask LAN is assigned IPv4 Mask IPv6 Address LAN is assigned IPv6 Address IPv6 Conn Time IPv6 Connected Time Uplink Speed Kbps Uplink Speed in Kbps Downlink Speed Kbps Downlink Speed in Kbps Tx Rx KBytes Accumulated TX RX in KBytes TX RX Dropped Packets TX RX Dropped Packets Status Connected VPN Connections Item Description Attribute Open VPN Open VPN connected num...

Страница 24: ... those GPS enabled routers you can see Location on the upper right banner of web interface when connecting your GPS function After clicking Google Maps banner the current information of map according to location of router will be automatically displayed ...

Страница 25: ...ing Get from Time Server and Manual The default mode is Get from Time Server If the router has GPS function you can turn on GPS Time to sync time from GPS server For Time Zone Setup the Daylight Savings Time allows the device to forward backward the amount of time from Ahead of standard time setting automatically when the time is at the Daylight Savings duration that you have set up before I Get f...

Страница 26: ...APTER 3 WEB CONFIGURATIONS II Manual Set up the information of time and date including year month date and hour minute and second Set up your local time zone Click Apply to submit your configuration changes ...

Страница 27: ...ylight Savings as On Set up Ahead of standard time Set up the information of Start Date Time including Month Week Day Hour and Minute Set up the information of End Date Time including Month Week Day Hour and Minute Click Apply to submit your configuration changes ...

Страница 28: ... Time to enter Daylight Savings duration The Month range is 1 12 1 Jan 7 Jul 2 Feb 8 Aug 3 Mar 9 Sep 4 Apr 10 Oct 5 May 11 Nov 6 Jun 12 Dec The Week range is 1 5 1 first week in month 2 second week in month 3 third week in month 4 fourth week in month 5 fifth week in month The Day range is 0 6 0 Sunday The start day of a week 1 Monday 2 Tuesday 3 Wednesday 4 Thursday 5 Friday 6 Saturday The Hour r...

Страница 29: ...me through NTP SNTP protocol System Time Server Item Description Server mode Turn on off the time server Server port The UDP port listened by time server 3 3 2 System COM This section allows users to set up parameters for the COM port Click Edit button to set up parameters for the COM port Then another page like the one below will pop up ...

Страница 30: ... Logging 1 Logging section provides you to control all logging records 2 Users need to select Apply to confirm your settings System Logging Logging Item Description Mode Turn on off the logging configuration Select from Disable or Enable The default is Enable Remote Log The logging messages send to remote log or not Select from Disable or Enable The default is Disable Log Server Address When you c...

Страница 31: ... 3 When you click Refresh the system will update and display the latest data from your cellular router 4 When you click Download Logs the system will download the latest data from your cellular router System Logging Log Item Description Filter Filter the required data quickly Date Show the date of log for each logging data Group Show the group of software functions Module Show the module of group ...

Страница 32: ...tem Alarm Item Description Mode Turn on off the Alarm configuration Select from Disable or Enable The default is Enable Alarm Input Select items from Alarm Input SMS DI 1 DI 2 VPN disconnect WAN disconnect LAN disconnect Reboot as input to trigger alarm SMS It means on duty team members on Contacts On Duty can send SMS to the phone number of using SIM card to trigger alarm DI IO to trigger alarm V...

Страница 33: ... Pulse High and Low continuously Pulse Time Length Pulse time length mini seconds SMS E mail Write your messages and limit 150 English characters for the messages to deliver 3 3 4 1 Alarm Contacts Create and name the Group Click trusted and on duty members for naming and the interface will show the group s name in the Group setting as below Click Add Group button to add a self defined group name ...

Страница 34: ...34 CHAPTER 3 WEB CONFIGURATIONS You can click or button to edit or delete the group ...

Страница 35: ...dd your user s information including Name Phone and E mail After filling in your information for each row chose your naming group and click to submit your settings After submitting your setting the interface returns to Group window setting Now you can see your naming group and the user s information that you have added ...

Страница 36: ...olve unstable throughput under heavy loading Sending 64 Bytes with bandwidth 100M bps traffic to LAN and WAN at the same time the throughput may drop to zero at either side When the system is very busy or buffer is exhausted the flow control packet will be sent out to indicate that the link party has stopped to send the packet to system The flow control packet will be sent out again once the syste...

Страница 37: ...100M Half 10M Full 10M Half and Disable WAN Ethernet MTU is the Maximum Transmission Unit that can be sent over the WAN Ethernet interface It allows users to adjust the MTU size to fit into their existing network environment Flow Control Allow users to control the traffic ingress from Ethernet LAN or WAN WAN LAN2 Port Function Allow users to setup the WAN LAN2 Port function as Auto LAN or WAN ...

Страница 38: ...d their status from the router There are two types one is DHCP Client and the other is Online The default is both types to show all status when the router is on DHCP Client and Online System Client List Item Description List Type DHCP Client List all clients information when it is via DHCP Online List the information when it is online ...

Страница 39: ...et up the priority of WAN The default is Auto WAN Priority Item Description Priority Auto ETH LTE WAN Ethernet is first priority and the second priority is LTE LTE Only The priority is only LTE ETH Only The priority is only WAN Ethernet LTE Net Mode Bridge Only APN1 act as bridge for internet access Router Only APN1 act as router for internet access ...

Страница 40: ...rnet DHCP Client DHCP server assigned IP address netmask gateway and DNS PPPoE Client Your ISP will provide you with a username and password This option is typically used for DSL services Static IPv4 User defined IP address netmask and gateway address When selecting DHCP Client option you can set up DNS Server Configuration For IPv4 DNS Server users can set up three DNS servers Each DNS server ent...

Страница 41: ...efined and None When you select From ISP the IPv4 DNS server IP is obtained from ISP When you select User Defined the IPv4 DNS server IP is input by user When you select PPPoE Client the interface shows the item of configuration to fill in your User Name and Password When you select Static IPv4 the interface shows the information of configuration including IP Address IP Mask and Gateway Address ...

Страница 42: ...em Description Static IPv4 Configuration IP Address Fill in the IP Address IP Mask Fill in the IP Mask Gateway Address Fill in Gateway Address DNS Server Configuration IPv4 DNS Server 1 IPv4 DNS Server 2 IPv4 DNS Server 3 The IPv4 DNS server IP is input by user ...

Страница 43: ...s provided with From ISP User Defined and None to configure WAN IPv6 DNS Item Description DNS Server Configuration IPv6 DNS Server 1 IPv6 DNS Server 2 IPv6 DNS Server 3 Each setting DNS Server has three options including From ISP User Defined and None When you select From ISP the IPv6 DNS server IP is obtained from ISP When you select User Defined the IPv6 DNS server IP is input by user ...

Страница 44: ...e Health Check and the system would switch to LTE connection and switch back whenever Ethernet is able to access internet again WAN Ethernet Ethernet Ping Health Item Description Health Check Select from Disable or Enable The default is Enable Method Select the checking method whether Ping or DNS Lookup Interval The interval is from 1 to 60 seconds IPv4 Host 1 Input the address of IPv4 Host 1 IPv4...

Страница 45: ...up the LTE Configuration and LTE Ping Health LTE LTE Config Item Description LTE Config Auto Automatically connect the possible band 4G Only Connect to 4G network only 3G Only Connect to 3G network only 2G Only Connect to 2G network only MTU MTU is the Maximum Transmission Unit that can be sent over the LTE interface It allows user to adjust the MTU size to fit into their existing network environm...

Страница 46: ...allows you to set up GPS Configuration and connect RS232 from the used router to have more detailed information for your specific purpose You can download software from internet and activate the GPS Configuration to display what information you need from your software ...

Страница 47: ...ver Interval Specify the interval value for reporting to the TCP server IPv4 Address Specify the IPv4 address of the TCP server IPv4 Address Port Specify the port number of the TCP server IPv6 Address Specify the IPv6 address of the TCP server IPv6 Address Port Specify the port number of the TCP server Report Prefix Specify the prefix for the report ...

Страница 48: ...N SIM PIN If you have configured SIM PIN code into SIM card please type SIM PIN code in Dual SIM configuration to make unlock successfully SIM PUK If you have typed wrong SIM PIN code and retried more than 3 times the SIM Card will become the blocked mode In this case you have to type PUK and new SIM code to unlock SIM Card ...

Страница 49: ...g NO Make the connection even the device is in roaming state YES No connection when the device in roaming state SIM Configurations Status Display the status of SIM Card SIM PIN Enable Enable to display SIM PIN setting Disable to hide SIM PIN setting SIM PIN A personal identification number PIN for ordinary use to protect your SIM card Confirmed SIM PIN Double confirm SIM PIN SIM PUK If user input ...

Страница 50: ... will search internally database automatically by SIM card for connection However please notice APN1 and APN2 must be manually configured different setting while concurrently use Username The username can be input by user or the system will search from internal database if the APN setting is empty Password The password can be input by user or the system will search from internal database if the AP...

Страница 51: ...5 LTE APN1 Usage This section shows the status of current SIM card operator IMSI and the charts for Real Time Hourly Daily Weekly and Monthly Real Time Usage It displays accumulated real time Download Upload Total MB for 10 seconds period ...

Страница 52: ...52 CHAPTER 3 WEB CONFIGURATIONS 1 Hourly Usage It displays Download Upload Total MB per hour in one day for current using SIM card and the view window size is 24 hours ...

Страница 53: ...53 CHAPTER 3 WEB CONFIGURATIONS 2 Daily Usage It displays Download Upload Total MB per day in one month for current using SIM card and the view window size is 31 days ...

Страница 54: ...54 CHAPTER 3 WEB CONFIGURATIONS 3 Weekly Usage It displays Download Upload Total MB per day in one week for current using SIM card and the view window size is 7 days ...

Страница 55: ...rent using SIM card and the view window size is 12 months 3 5 6 LTE SMS This section provides two settings one is SMS Action and the other is View SMS 1 When enabling SMS Action it only allows trust phone number which listed in Contacts On Dutyt by sending key words SMS to trigger device setting action query status ...

Страница 56: ...2 View SMS allows you to review the information of SMS that you have received including the state phone and date and time You can click view button to review all messages button to clear all messages and button to reload all messages ...

Страница 57: ...57 CHAPTER 3 WEB CONFIGURATIONS 3 5 7 LTE Serving Cell This section displays all parameters including the following items ...

Страница 58: ...D Cell ID PCI ID Physical Cell ID EARFCN The E UTRA ARFCN of the cell that was scanned UL Bandwidth Up Link Bandwidth DL Bandwidth Down Link Bandwidth RSSI Received Signal Strength Indication 3 5 8 LTE DNS This section allows you to setup LTE specific DNS setting LTE DNS Item Description IPv4 DNS Server 1 IPv4 DNS Server 2 IPv4 DNS Server 3 1 Each setting DNS Server has three options including Fro...

Страница 59: ...e mobile with computers of service providers based on the predefined set of codes and messages Users can use USSD to create sessions so as to exchange data or communicate for a period of time as long as the connection remains open LTE USSD Item Description USSD Input Enter USSD code and then click Send button Response This field shows the response to your USSD code The text will take a minute or t...

Страница 60: ...Item Description AP Enable Turn on off the Wi Fi Network Select from Disable or Enable The default is Enable WPS Button Enable or disable WPS button to quickly set up wireless connection You can choose to use either SSID1 or SSID2 for wireless connection TX Power Enter the transmit power of wireless radio The lower the TX power value the more secure the wireless connection is The unknown or ...

Страница 61: ...d Channels Channel Auto Automatically select the best channel or manually select channel number Name SSID SSID is Wi Fi identification The maximum length is 32 Hidden SSID SSID hiding is the process of hiding the network name from being publicly broadcast Encrypt None WPA PSK AES WPA2 PSK AES Passphrase The legal length is 8 63 The string should belong to 0 9 A F a f Key Update 0 means no update o...

Страница 62: ...ct from Disable The default is Disable MAC Address Fill in your MAC address 3 6 3 WiFi Client List This section allows you to see all the Connected WiFi Client List Item Description MAC Address MAC Address IP Address Client IP Address Connected Time Connected Time in Seconds ...

Страница 63: ...ver Configuration LAN IPv4 Item Description LAN IPv4 IP Address 10 1 1 1 IP Mask 255 255 255 0 Both of them are default you can change them according to your local IP Address and IP Mask DHCP Server Configuration Enable to make router can lease IP address to DHCP clients which connect to LAN IP Address Pool Define the beginning and the end of the pool of IP addresses which will lease to DHCP clien...

Страница 64: ...tatic address when you select the static type DHCP Server Configuration Address Assign Select how you obtain an IPv6 address Stateless The cellular router uses IPv6 stateless auto configuration RADVD Router Advertisement Daemon is enabled to have the cellular router send IPv6 prefix information in router advertisements periodically and in response to router solicitations Stateful The cellular rout...

Страница 65: ... the third party by this IP address and IP mask on this VLAN Note The NET1 can t be removed and fixes in the first row Furthermore the Subnet provides DHCP Server function to allow the third party for the same VLAN to get IP address and IP mask Therefore you do not need to configure manually Note The subnet information window will show from LAN Subnet LAN VLAN 1 port LANs Item Description Mode The...

Страница 66: ...ubnet This section allows you to get information of IP Address and IP Mask and edit for the VLAN Subnets from DHCP Server Configuration This Subnet setting is same as LAN IPv4 setting and follows with Tag Base Mode of VLAN to enable the function ...

Страница 67: ...uting Static Route Settings Item Description Mode The setting is for full network Select from Off or On Settings Mode The setting is for the specific network Select from Off or On Name Set up each name for your running host or network Destination Fill in the destination of a specific subnet or IP from network Gateway Fill in the gateway address of your router Interface Select the interface from LA...

Страница 68: ...ct type for the field 1 Input the invalid format of destination The interface is shown in Apply fail to notice 2 Input the IP address of destination gateway from IPv4 and IPv6 at the same time The interface is shown in Apply fail to notice You should select either IPv4 or IPv6 as the address of destination gateway The status tab shows the information from the settings of static route ...

Страница 69: ...pen to full network Select from Off or On Status Destination Show the status of destination from the setting section Gateway Show the status of gateway from the setting section Interface Show the status of interface from the setting section Protocol Show the status of protocol from the setting section ...

Страница 70: ...outers and allows it to dynamically adjust its routing tables and adapt to changes in the network IP Routing RIP General Item Description General Mode Select from Off or On to open or close RIP function Redistribute local routes Select from Off or On to open or close redistribute local routes Redistribute connected routes Select from Off or On to open or close redistribute connected routes Redistr...

Страница 71: ...erface Select from eth1 WAN Ethernet or LAN Authentication Select from none or md5 to approve authentication Note Please offer Key and Key ID when you select md5 to use HMAC MD5 Key The key used for authentication maxlength 16 Key ID The ID of the key used for authentication 1 255 Passive Select from Off or On to send out or not to send out RIP packets on this interface ...

Страница 72: ...Description Mode Select from Off or On to open or close OSPF function Redistribute local routes Select from Off or On to open or close redistribute local routes Redistribute connected routes Select from Off or On to open or close redistribute connected routes Redistribute RIP routes Select from Off or On to open or close redistribute RIP routes Redistribute BGP routes Select from Off or On to open...

Страница 73: ...Note This interface can be added at maximum is 2 IP Routing OSPF Interfaces Item Description Mode Select from Off or On to use or not to use the OSPF function in the interface Interface Select from eth1 WAN Ethernet or LAN Authentication Select from none or md5 to approve authentication Note Please offer Key and Key ID when you select md5 to use HMAC MD5 Key The key used for authentication maxleng...

Страница 74: ...PF Networks configuration OSPF Networks Summary You can edit and delete the existed OSPF networks OSPF Networks Add Edit This sub configuration is used to configure all the networks the maximum is 2 IP Routing OSPF Networks Item Description Mode Select from Off or On to enable the network setting Prefix Set Prefix of the network Prefix Length Set Length of the prefix Area Routing area to which thi...

Страница 75: ...ction is off On BGP function is on AS Number The number of the autonomous system 1 4294967295 Redistribute local routes Off Not redistribute local routes from the device s own routing table On Redistribute local routes from the device s own routing table Redistribute connected routes Off Not redistribute connected routes to networks which are directly connected to the device On Redistribute connec...

Страница 76: ...ting BGP Neighbors Item Description Mode Select from Off or On to enable the neighbor setting IP Address Set IP address of the peer router AS Number Autonomous system number of the peer router Multihop Allow multiple hops between this router and the peer router Update Source Mode Whether to specify the source address to this neighbor Update Source Address The source address to this neighbor ...

Страница 77: ...l be distributed via BGP in addition to the networks that are redistributed from other sources as defined on the general sub configuration and the maximum neighbors is 16 IP Routing BGP Networks Item Description Mode Select from Off or On to enable the network Prefix Set Prefix of the network Prefix Length Set Length of the prefix ...

Страница 78: ...78 CHAPTER 3 WEB CONFIGURATIONS 3 9 VPN 3 9 1 OpenVPN 3 9 1 1 Open VPN Common Setting 1 Click button to edit Open VPN Connection 2 From Setting tab you can set up the connection of Open VPN ...

Страница 79: ...e the Open VPN advanced options to be compatible with other servers VPN Type Roadwarrior default Bridging Bridging the VPN tunnel and LAN VLAN Status Display the status of Open VPN TLS Mode Select from Disable or Enable for data security The default is Disable Cipher The Open VPN format of data transmission IPv6 Mode Select from Disable or Enable The default is Disable Device Select from TUN or TA...

Страница 80: ...keeping this option blank the OpenVPN will export the LAN network automatically Netmask The local netmask exported by OpenVPN When keeping this option blank the OpenVPN will export the LAN netmask automatically NAT 1 1 NAT Tick to enable NAT Traversal for Open VPN This item must be enabled when the router under NAT environment Select from Off or On When two routers LAN Subnet are same and create O...

Страница 81: ...rver P12 The PKCS 12 file is for Open VPN client which could be downloaded from Open VPN server 3 9 1 3 Open VPN Server Setting Select option Server from VPN Mode and this section allows you to configure the server status of VPN Mode Note When selecting the On option of Route Client Networks the Open VPN server will route the client traffic or not You should fill in the client IP and netmask when ...

Страница 82: ...client IP and netmask when this option is enabled Local Network Network The local network exported by OpenVPN When keeping this option blank the OpenVPN will export the LAN network automatically Netmask The local netmask exported by OpenVPN When keeping this option blank the OpenVPN will export the LAN netmask automatically NAT 1 1 NAT Tick to enable NAT Traversal for Open VPN This item must be en...

Страница 83: ...m of VPN Mode this section helps you use the ovpn configuration file to quickly set up VPN tunnel with third party server or use the Open VPN advance options to be compatible with other servers Note When clicking the button you can import third party Open VPN configuration that find out from Internet and save the document into your server or PC After importing the file the interface will show butt...

Страница 84: ... the settings must cover the four parts VPN Open VPN Custom VPN Mode Item Description Mode Select from Disable or Enable The default is Disable VPN Mode Select from custom mode Custom Config Import Open VPN configuration Username Fill in the username if the imported file has already set up the username Password Fill in the password if the imported file has already set up the password Status Displa...

Страница 85: ... information and Tunnel information In the default setting the list of connections is empty You can create the new connection by click Add Connection button For the edit you can click the and buttons to edit IPsec phase 1 and phase 2 setting respectively For the advanced settings like Dead Peer Detection a k a DPD you can click the button to edit it ...

Страница 86: ... TLS Note The EAP TLS is for IKEv2 only Encryption The encryption algorithm Select from AES128 default AES192 AES256 or 3DES Hash The integrity algorithm Select from MD5 SHA1 default or SHA256 DH Group The Diffie Hellman Group Select from 1 768 bit 2 1024 bit 5 1536 bit default 14 2048 bit 15 3072 bit 16 4096 bit 17 6144 bit or 18 8192 bit Lifetime The length of the keying channel of a connection ...

Страница 87: ...e encryption algorithm Select from AES128 default AES192 AES256 or 3DES Hash The integrity algorithm Select from MD5 SHA1 default or SHA256 DH Group The Diffie Hellman Group Select from 1 768 bit 2 1024 bit 5 1536 bit default 14 2048 bit 15 3072 bit 16 4096 bit 17 6144 bit or 18 8192 bit Lifetime The length of a particular instance of a connection Select from 30 minutes 1 hour 2 hours 3 hours 6 ho...

Страница 88: ...m the Any TCP UDP or L2TP 3 IPsec Advance Setting 3 9 2 2 Authentication IDs This section provides the authentication ID set to authenticate the IPsec connections In the default setting the list of authentication ID is empty You can create the new authentication ID by click Add Authentication ID button Note Please apply the changes before editing the connection settings VPN IPsec Connections Item ...

Страница 89: ...SK The identification for the connection Normally this case will be used to announe the ID of the router 4 test RSA created X 509 The ID field will be omitted and use the common name CN of X 509 as the ID field VPN IPsec Authentication IDs Item Description ID The identification for authentication It only work on PSK type Type Select from PSK or RSA The default is PSK PSK Use the pre shared key to ...

Страница 90: ...ates setting which could be used by IPsec authentication ID Each certificate will show the State and Subject information and provide the controlling buttons to let user import download or edit the certificate key files Note Please apply the changes before editing the Authentication IDs settings ...

Страница 91: ...igned CA generated by the router and it supports the user import the self signed CAs to the router The self signed CA will help the router to verify the self signed X 509 certificate which is imported on X 509 Certificates section Each CA certificate will show the State and Subject information and provide the controlling buttons to let user could download or edit the certificate key files ...

Страница 92: ...e CA certificate 4 Click the Generate Certificate button and Save 5 Click the Apply button to apply the changes To generate the X 509 certificate 1 Make sure the self signed CA certificate generated 2 Navigate to X 509 Certificates tab 3 Add the new X 509 certificate by Add X 509 button If it s not existed 4 Click the Edit button to navigate the Certificate Setting page 5 Fill up the informations ...

Страница 93: ...3 Select the CA certificate file from browser window 4 When the file be selected and everything all right the newly CA certificate will shown the CA certificate list with Imported state To import the X 509 certificate 1 Navigate to X 509 Certificates tab 2 Click the Add X 509 button The list will pop up the balnk X 509 entry 3 Click the Cert Import button 4 Select the X 509 certificate file from b...

Страница 94: ...e Mode from Disable to Enable 2 Navigate to the Authentication IDs tab 3 Add the authentication ID Keep ID as blank Type as PSK and fill the password to Pre shared Key field 4 Apply the changes 5 Navigate to the Connections tab 6 Add IPsec connection 1 Edit the phase 1 setting 2 Change Mode from Disable to Enable 3 Save the changes 4 Edit the phase 2 setting 5 Fill up the Local Subnet and Remote S...

Страница 95: ...95 CHAPTER 3 WEB CONFIGURATIONS ...

Страница 96: ...ared Key field 4 Apply the changes 5 Navigate to the Connections tab 6 Add IPsec connection 1 Edit the phase 1 setting 2 Change Mode from Disable to Enable 3 Fill the IP address of VPN server to Remote Host Field e g Remote Host 10 0 0 1 4 Save the changes 5 Edit the phase 2 setting 6 Fill up the Local Subnet and Remote Subnet e g Local Subnet 192 168 200 0 24 Remote Subnet 192 168 100 0 24 7 Save...

Страница 97: ...97 CHAPTER 3 WEB CONFIGURATIONS ...

Страница 98: ...98 CHAPTER 3 WEB CONFIGURATIONS IPsec Net to Net with Pre shared Key result Server ...

Страница 99: ...A Skip it if the self signed CA is generated 1 Fill the information of the self signed CA 2 Country Name CN 3 Organization Name Company 4 Common Name IPsec ca 5 Click the Generate Certificate button 6 Save the changes 3 The State of self signed CA will be Waiting Apply 4 Apply the changes 5 Waiting for the State of self signed CA become generated 6 Refresh the page ...

Страница 100: ... Organization Name Company 4 Common Name local IPsec 5 Click the Generate Certificate button 6 Save the changes 4 Click the add button to add the X 509 certificate 5 Edit the newly X 509 certificate for the remote router 1 Fill the information of the X 509 certificate 2 Country Name CN 3 Organization Name Company 4 Common Name remote IPsec 5 Click the Generate Certificate button 6 Save the changes...

Страница 101: ...101 CHAPTER 3 WEB CONFIGURATIONS ...

Страница 102: ...02 CHAPTER 3 WEB CONFIGURATIONS Prepare the authentication IDs 1 Navigate to the Authentication IDs tab 2 Add tow authentication IDs Keep first one s ID as blank Type as RSA and select the C CN O Company ...

Страница 103: ...rom Disable to Enable 2 Navigate to the Connections tab 3 Add IPsec connection 1 Edit the phase 1 setting 2 Change Mode from Disable to Enable 3 Change Auth Type from PSK to RSA 4 Change the Local ID and select the local IPsec RSA authentication ID 5 Save the changes 6 Edit the phase 2 setting 7 Fill up the Local Subnet and Remote Subnet e g Local Subnet 192 168 100 0 24 Remote Subnet 192 168 200 ...

Страница 104: ...104 CHAPTER 3 WEB CONFIGURATIONS ...

Страница 105: ... VPN server 2 The X 509 certificate and key for remote router which generated by VPN server These files could be downloaded from VPN server The detail could reference How to download the certificate section of user manual Import the CA certificate and the X 509 certificate Please refer the Certificate Importing section of user manual to import the required files ...

Страница 106: ... changes 5 Navigate to the Connections tab 6 Add IPsec connection 1 Edit the phase 1 setting 2 Change Mode from Disable to Enable 3 Change Auth Type from PSK to RSA 4 Change the Local ID and select the remote IPsec RSA authentication ID 5 Fill the IP address of VPN server to Remote Host field e g Remote Host 10 0 0 1 6 Save the changes 7 Edit the phase 2 setting 8 Fill up the Local Subnet and Remo...

Страница 107: ...107 CHAPTER 3 WEB CONFIGURATIONS 7 Apply the changes ...

Страница 108: ...108 CHAPTER 3 WEB CONFIGURATIONS IPsec Net to Net with RSA authentication result Server Client ...

Страница 109: ...e two endpoints identified by the tunnel source and tunnel destination addresses at each endpoint The GRE Mode is on 3 9 4 PPTP Server This section provides 2 sub configurations including General Configuration and Clients Configuration 1 General Configuration VPN GRE Item Description Mode Select from Off or On to enable GRE Local Address Set local address of the GRE tunnel Remote Address Set remot...

Страница 110: ...elect from Off or On to enable PPTP Server Server Address IP addresses to be used at the local end of the tunneled PPP links between the server and the client Client Address Range A list of IP addresses to assign to remote PPTP clients VPN PPTP Server Clients Item Description Mode Select from Off or On to set the client setting Username The username of this client Password The password of this cli...

Страница 111: ...interface 2 Server Mode Choose the Server mode and the interface will be changed as below VPN L2TP Server Mode Item Description Mode Select from Off or On to set the client setting Auth The authentication method for L2TP connection Available options PAP CHAP MS CHAP MS CHAPv2 Local IP The virtual IP for L2TP server Remote begin IP The begin address of L2TP client s IP pool Remote end IP The end ad...

Страница 112: ... be used to add the newly client or update existed client Password The L2TP client s password Could be used to add the newly client or update existed client Fill in the username and password and click the button you can create the L2TP client and manage them under server mode ...

Страница 113: ...uth The authentication method for L2TP connection Should same as L2TP server s auth type Username The username for L2TP authentication Password The password for L2TP authentication NAT Turn on to translate the LAN subnet IP to L2TP virtual IP Default route Turn on to redirect all traffic to L2TP tunnel Fill in the required parameters and click the button to create the L2TP connection and manage th...

Страница 114: ...114 CHAPTER 3 WEB CONFIGURATIONS Click the button and edit the parameters to update the L2TP connection ...

Страница 115: ...you to configure Basic Rules Port Forwarding DMZ IP Filter MAC Filter URL Filter NAT and IPS 3 10 1 Firewall Basic Rules This section allows you to set the Basic Rules configuration Firewall Basic Rules Item Description WAN Ping Blocking Check IPv4 or IPv6 for blocking ...

Страница 116: ...116 CHAPTER 3 WEB CONFIGURATIONS 3 10 2 Port Forwarding This section allows you to set up Port Forwarding and click edit button to configure ...

Страница 117: ...t from UDP or TCP Client which depends on the application Source Port Begin Fill in the beginning of source port Source Port End Fill in the end of source port Destination IP Fill in the current private destination IP Destination Port Begin Fill in the beginning of private destination port Destination Port End Fill in the end of private destination port Service DMZ Item Description Mode Select fro...

Страница 118: ...configure IP Filter After clicking button you can edit your IP protocol source port and destination port Black List When set as Black List the specific IP address port in rule will be blocked White List When set as White List the specific IP address port in rule will be accepted ...

Страница 119: ... IP address for the administrator to access the Router which is Management IP Address Service Ports For White List only The setting is specified for Router access only The user can set it to allow Router access outside WAN or inside LAN Service For example access outside WAN DNS service It also allows user to access Router service from outside WAN or inside LAN For example access Router Web servic...

Страница 120: ... ICMP TCP or UDP Source IP Fill in your source IP address Source Port Fill in your source port Destination IP Fill in your destination IP address Destination Port Fill in your destination port 3 When selecting Enable Mode the protocol is TCP The source IP has IPv4 and IPv6 setting formats 4 For Source IP there are three types to input your source IP that depends on your requirement including singl...

Страница 121: ...are two types to input your source port that depends on your requirement including single port e g 1234 or giving a range of ports e g 1234 5678 Note Setting up a range of source ports please use colon symbol to mark your ranged ports 3 10 5 MAC Filter This section allows you to set up MAC Filter After clicking button you can edit your MAC address Note Setting up MAC address please use colon symbo...

Страница 122: ...n you can edit the type of filter and information Note Please do not include https or http for the URL address in the Full Filter Firewall URL Filter Item Description Mode Select from Disable or Enable The default is Disable Filter Select from Key or Full The default is Key Key Full Fill in your Key Full information ...

Страница 123: ...on IPS prevents the system from being attacked by the Internet The system allows to limit the max incoming connection number from WAN per source IP address to prevent system resource exhausted Also the system allows to limit the max incoming connection retry number during a specific time period from WAN per source IP address to prevent too many unexpected connections retry event from causing syste...

Страница 124: ... 3 11 1 1 SNMP configuration This section allows you to set the SNMP configuration Service SNMP Community Item Description Mode Select from Disable or Enable to configure SNMP Community Configure community setting with three options including 1 2 and 3 Mode Select from Disable or Enable Name Name each community Access Select from Read Only or Read Write ...

Страница 125: ...onfiguration Service SNMP SNMP v3 User configuration Item Description Mode Select from Disable or Enable to configure SNMP The default is Disable Name Fill in your name Auth Mode Select from Authentication or Privacy Authentication Password Fill in your authentication password Authentication Protocol Select from MD5 or SHA Privacy Password Fill in your privacy password Privacy Protocol Select from...

Страница 126: ...NMP trap function from Alarm output of system for your router With SNMP trap setting you can know the status of remote device Service SNMP SNMP trap configuration Item Description Mode Select from Disable or Enable The default is Disable Community Name Fill in your community name Destination The destination domain name IP of remote SNMP trap server ...

Страница 127: ...E this router when connecting to the ACS Periodic Inform Select from Disable or Enable The default is Disable The CPE reports the status to the ACS when enabling a period of time set Periodic Inform Interval Sec Fill in the periodic time The CPE reports to ACS the status according to your duration in seconds of the interval set Connection Request Username Fill in the connection request username to...

Страница 128: ... Service Provider of Dynamic DNS Host Name Fill in your registered Host Name from Service Provider Token ID Fill in your Token ID from Service Provider Host Secret ID Fill in your Secret ID from Service Provider Username Fill in your registered username from Service Provider Password Fill in your registered password from Service Provider Update Period Time Sec Fill in 0 to mean 30 days IP Address ...

Страница 129: ...ret ID e g e2AMDsLmVF Service Provider www duckdns org Host Name Register hostname e g tester duckdns org Token ID The token ID e g 12345678 de49 4e97 a33c 98b159aead2b Service Provider no ip com Host Name Register hostname e g tester hopto org Username Register username Password Register password Service provider freedns afraid org Host Name Register hostname e g tester mooo com Username Register...

Страница 130: ...Specify which VRRP group of this router belong to 1 255 The default is 1 Priority Enter the priority value from 1 to 254 The larger value has higher priority The default is 100 Virtual IP Each router in the same VRRP group must have the same virtual IP address The default is 0 0 0 0 This virtual IP address must belong to the same address range as the real IP address of the interface ...

Страница 131: ... you need to create the account with username and password for MQTT client in the web UI Service MQTT Item Description Mode Select from Disable or Enable The default is Disable Port Fill in the port number of MQTT application Manage Users Create the users and show all users names Allow each user to delete their name Username Fill in the username of manage user Password Fill in the password of mana...

Страница 132: ... Manage Users section will show all users that you create Moreover each user can use the delete button to delete it For the ACLs control user can specify what topic should be limited In this case we set up the publisher pub1 to write the critical topic Additionally we also allow the subscribers sub1 and sub2 to read the critical topic Thus only the sub1 and sub2 can receive it when pub1 sending th...

Страница 133: ... s WAN IP address and automatically create NAT port maps This means that applications that support UPnP and are used with UPnP enabled cellular router will not need application layer gateway support on the cellular router to work through NAT 3 11 7 SMTP This section provides you to send your email for the server For instance the email will be sent to notify when the Alarm has a nofitication by the...

Страница 134: ...e multiple connections to a network each serving a different purpose IP Alias can be used to provide multiple network addresses on a single physical interface Service IP Alias Item Description Mode Select from Off or On to enable the IP Alias Entries The setting can be edited or deleted the existed entries Add Edit IP Alias Entry Mode select from Off or On to use or not use this entry Interface th...

Страница 135: ... Item Description Mode Enable or disable QoS function APN1 Upstream Specify upstream bandwidth for APN1 APN1 Downstream Specify downstream bandwidth for APN1 WAN Ethernet Upstream Specify upstream bandwidth for WAN Ethernet WAN Ethernet Downstream Specify downstream bandwidth for WAN Ethernet ...

Страница 136: ...n interface to this QoS entry Direction Specify the direction for this QoS entry upstream or downstream IPv6 Address Select the type of IPv6 address and specify the single IPv6 address IPv6 subnet or a range of IPv6 address Protocol Select the protocol type Port Begin For TCP protocol you need to specify the beginning port number Port End For TCP protocol you need to specify the ending port number...

Страница 137: ...escription Update every Specify the update interval Interface Specify an interface for status data Direction Specify the direction for status data upstream or downstream Show details of bandwidth for each IP address Select the checkbox if you want to show details of bandwidth for each IP address Apply Refresh Setting Press this button to refresh settings ...

Страница 138: ...o manage the router set up your administration items and know about the status of current software and firmware Also you can back up and restore the configuration 3 12 1 Identification This section allows you to confirm the profile of router current software firmware version and system uptime ...

Страница 139: ...MCSV Show the software MCSV of the running firmware Hardware MCSV Show the current hardware MCSV of the device Serial Number Show the product serial number Modem Firmware Version Show the modem firmware version of the device IMEI Show the IMEI International Mobile Equipment Identity number Uptime Show the current system uptime 3 11 2 Administration This section allows you to set up the name of the...

Страница 140: ...Phone E Mail Groups Management Contacts On Duty Item Description Add User Click the Add User button to create a new user entry Name Enter the user name Phone Enter the new user s phone number E mail Enter the new user s email address Group Select the group from the drop down menu You must create groups before selecting from the drop down menu ...

Страница 141: ...hedule Please select duty date for every group The trust and responsible groups can control receive alarms and SMS Management Contacts On Duty Item Description Add Group Click the Add Group button to create a new group entry Name Enter the group name ...

Страница 142: ... enabled Server Port By default SSH function uses server port 22 Access Control Specify access control method This could be Allow All or Allow specified IPv4 or v6 address below Management Web Item Description HTTP Port Specify HTTP port number By default HTTP port number is 80 HTTPS Port Specify HTTPS port number HTTPS port number is 443 ...

Страница 143: ...he router will reboot automatically 3 12 7 Configuration This section supports you to export or import the configuration file 1 Click Backup the running configurations button to export your current configurations 2 Click Select the configuration file to restore button to import the configuration file 3 12 8 Load Factory This section supports you to load the factory default configuration and restar...

Страница 144: ...ely 3 12 10 Schedule Reboot Management Schedule Reboot Item Description Mode Enable or disable Scheduled Reboot function Schedule Type Select the reboot type The device can be rebooted automatically in the specified interval on a per day week or month basis Interval Plan Specify the interval value for Scheduled Reboot interval type ...

Страница 145: ... 1 Ping Please assign the Host you want to ping Diagnosis Ping Item Description Host The host name or the host IP address that you want to ping 3 13 2 Traceroute Please assign the Host you want to traceroute The result of the traceroute is as below Diagnosis Ping Item Description Host The host name or the host IP address that you want to traceroute ...

Страница 146: ...ual ver Description 2019 10 21 0 07 0 9b Revise operating temperature Revise specs Revise web configuration add USSD QoS 2019 12 31 0 07 0 9c Remove Virtural COM System COM Ports Edit This page is intentionally left blank ...

Страница 147: ...147 ...

Результаты поиска

Содержание ICR-W401

Отзывы:

Похожие инструкции для ICR-W401

Бренды по названию

Популярные бренды

CTC Union ICR-W401, Руководство пользователя

Результаты поиска

Содержание ICR-W401

Отзывы:

Похожие инструкции для ICR-W401

Бренды по названию

Популярные бренды