EtherWAN EW50 Скачать руководство пользователя страница 161 | Manualshive

Страница: 161 / 320

background image

EW50 Industrial LTE Cellular Gateway

161

5.1.1 IPSec

Internet  Protocol  Security  (IPsec)  is  a  protocol  suite  for  securing  Internet  Protocol  (IP)  communications  by
authenticating  and  encrypting  each  IP  packet  of  a  communication  session.  IPsec  includes  protocols  for
establishing  mutual  authentication  between  agents  at  the  beginning  of  the  session  and  negotiation  of
cryptographic keys to be used during the session.

An IPsec VPN tunnel is established between IPsec client and server. Sometimes, we call the IPsec VPN client
the initiator and the IPsec VPN server the responder. This gateway can be configured as different roles and
establish a number of tunnels with various remote devices. Before going to set up the VPN connections, you
may need to decide on the scenario type for the tunneling.

IPsec Tunnel Scenario

s

To  build  an  IPsec  tunnel,  you  need  to
enter  the  remote  gateway  global  IP,
and optional subnet if the hosts behind
IPsec  peer  can  access  the  remote  site
or  hosts.  Under  such  configuration,
there are four scenarios:

Site to Site:

You need to set up remote

gateway IP and subnet of both
gateways. After the IPsec tunnel is
established,

hosts

behind

both

gateways can communicate with each
other through the tunnel.

Site to Host:

Site to Host is suitable for tunneling between clients in a subnet and an application

«
...
159
160
161
162
163
...
»

Содержание EW50

Страница 1: ...Industrial LTE Cellular Gateway EW50 User Manual...

Страница 2: ...der has moderate hardware computer and Internet skills Document Revision Level This section provides a history of the revision changes to this document Revision Document Version Date Description A Ver...

Страница 3: ...ACE CAUTION 13 1 5 4 Product Information for CE RED Requirements 14 1 6 Hardware Installation 15 1 6 1 Mount the Unit 15 1 6 2 Insert the SIM Card 15 1 6 3 Connecting Power 16 1 6 4 Connecting DI DO D...

Страница 4: ...3 Object Definition 103 3 1 Scheduling 103 3 1 1 Scheduling Configuration 103 3 2 Grouping 105 3 2 1 Host Grouping 105 3 3 External Server 107 3 4 Certificates 110 3 4 1 Configuration 110 3 4 2 My Ce...

Страница 5: ...6 1 Configure Manage 221 6 1 1 Command Script 222 6 1 2 TR 069 225 6 1 3 SNMP 230 6 1 4 Telnet with CLI 241 6 1 5 LLDP 245 6 2 System Operation 246 6 2 1 Password MMI 246 6 2 2 System Information 248...

Страница 6: ...8 Status 298 8 1 Dashboard 298 8 1 1 Device Dashboard 298 8 2 Basic Network 300 8 2 1 WAN Uplink Status 300 8 2 2 LAN VLAN Status 304 8 2 3 DDNS Status 305 8 3 Security 306 8 3 1 VPN Status 306 8 3 2...

Страница 7: ...to respond in real time to events detected by sensors This EW50 is equipped with a host of security features including VPN firewall NAT port forwarding DHCP server and other features for outdoor IP su...

Страница 8: ...Description Contents Quantity 1 EW50 Industry LTE Cellular Gateway 1pcs 2 Cellular Antenna 2pcs 3 Power Adapter DC 12V 2A 1 1pcs 3 2 pin Terminal Block 1pcs 4 4 pin Terminal Block 1pcs 5 6 pin Termina...

Страница 9: ...utton provides a quick and easy way to restore the default settings Press the RESET button continuously for 6 seconds and then release it The device will reset to factory default settings Reset Button...

Страница 10: ...EW50 Industrial LTE Cellular Gateway 10 Bottom View Left View SIM A Slot SIM B Slot 3G 4G Aux Antenna 3G 4G Main Antenna USB Port DI DO Terminal Block MicroSD Slot Power Terminal Block...

Страница 11: ...llular connection successfully established under SIM A B Cellular Signal Blue Steady On Signal Strength is 61 100 Slow Flash per Second Signal Strength is 31 60 Fast Flash per 0 5 second Signal Streng...

Страница 12: ...inux based operating system An installed Ethernet adapter Browser Requirements Internet Explorer 6 0 or higher Chrome 2 0 or higher Firefox 3 0 or higher Safari 3 0 or higher 1 5 2 WARNING Only use th...

Страница 13: ...TION CAUTION The surface temperature for the metallic enclosure can be very high Especially after long periods of operation when installed in a closed cabinet without air conditioning or in a location...

Страница 14: ...2500 2570 MHz Downlink 2620 2690 MHz LTE FDD BAND 8 Uplink 880 915 MHz Downlink 925 960 MHz LTE FDD BAND 20 Uplink 832 862 MHz Downlink 791 821 MHz WCDMA BAND 1 Uplink 1920 1980 MHz Downlink 2110 217...

Страница 15: ...the SIM Card WARNING BEFORE INSERTING OR CHANGING THE SIM CARD PLEASE MAKE SURE THAT DEVICE POWER IS SWITCHED OFF The SIM card slots are located at the bottom side of the housing Unscrew and remove th...

Страница 16: ...right power requirements and polarity There is a DC12V 1A power adapter3 in the package for you to easily connect DC power adapter to this terminal block WARNNING This commercial grade power adapter...

Страница 17: ...r terminal block Refer to the following specification for connection of DI and DO devices Mode Specification Digital Input Trigger Voltage high Logic level 1 5V 30V Normal Voltage low Logic level 0 0V...

Страница 18: ...RS 232 RXD TXD GND GND RXD TXD RS 485 DATA DATA GND GND DATA DATA 1 6 7 Connecting to the Network or a Host The EW50 series provides RJ45 ports to connect 10 100 1000Mbps Ethernet It can auto detect...

Страница 19: ...dress is http 192 168 123 254 4 When you see the login page enter the password admin 5 and then click the Login button 4 The default LAN IP address of this gateway is 192 168 123 254 If you change it...

Страница 20: ...user s devices dial in to ISPs and then link to the Internet via different kinds of media So the WAN Connection lets you specify the WAN Physical Interface WAN Internet Setup and WAN Load Balance for...

Страница 21: ...Physical Interface page In the Physical Interface page there are two configuration windows Physical Interface List and Interface Configuration The Physical Interface List window shows all the availab...

Страница 22: ...rimary That means only when the primary WAN connection is broken the backup connection will be started up to substitute the primary connection As shown in the diagram WAN 2 is backup WAN for WAN 1 WAN...

Страница 23: ...e connected continuously from the time the system boots up The failover WAN interface maintains the connection without transferring data traffic This is to shorten the switch time during failover proc...

Страница 24: ...tab The Physical Interface allows for the setup of the physical WAN interface and adjustment of WAN s behavior Note Number of available WAN Interfaces varies by model When the Edit button is applied...

Страница 25: ...to multiple WAN gateways Operation Mode Required setting Define the operation mode of the interface Select Always on to make this WAN always active Select Disable to disable this WAN interface Select...

Страница 26: ...N Type Configuration and related configuration windows for each WAN type For the Internet setup of each WAN interface you must specify its WAN type of physical interface first and then the related par...

Страница 27: ...s more expensive but important for cooperate requirements Dynamic IP The assigned IP address for the WAN by a DHCP server is different every time This is cheaper and usually for consumer use PPP over...

Страница 28: ...etting Enter the host name provided by your service provider ISP Registered MAC Address Optional setting Enter the MAC address that you have registered with your service provider Or Click the Clone bu...

Страница 29: ...PPoE When selected PPPoE WAN Type Configuration will appear Items and settings are explained below PPPoE WAN Type Configuration Item Value setting Description IPv6 Dual Stack 1 Optional setting 2 Unch...

Страница 30: ...Subnet Mask Required setting Enter the WAN subnet mask given by your service provider WAN Gateway Required setting Enter the WAN gateway IP address given by your service provider When Dynamic IP is se...

Страница 31: ...red setting Enter the WAN gateway IP address given by your service provider When Dynamic IP is selected the above settings are not required Server IP Address Name Required setting Enter the L2TP serve...

Страница 32: ...ce it has been booted up and try to reconnect once the connection is down It is recommended to choose this scheme for mission critical applications to ensure full time Internet connection Connect on d...

Страница 33: ...ously ICMP Check and FQDN Query are used When there is high connection traffic checking packets will waste bandwidth and the response time of replied packets may also increase To prevent Network Monit...

Страница 34: ...When set to Auto value 0 the router selects the best MTU for best Internet connection performance NAT 1 Optional setting 2 NAT is enabled by default Enable NAT Network Address Translation on the WAN c...

Страница 35: ...1 Optional setting 2 Box is checked by default Check the Enable box to activate the network monitoring function Checking Method 1 Optional setting 2 DNS Query is set by default Choose either DNS Quer...

Страница 36: ...fies the second target of sending DNS query ICMP requests None no second target is required DNS1 set the primary DNS to be the target DNS2 set the secondary DNS to be the target Gateway set the Curren...

Страница 37: ...n create only one WAN interface This device features dual SIM cards for one module with special fail over mechanism It is called Dual SIM Failover This feature is useful for ISP switch over when locat...

Страница 38: ...witch to use the other SIM card as an alternate and will not switch back to use original SIM card except when the current SIM connection is also broken That is SIM A and SIM B are used iteratively but...

Страница 39: ...en SIM A only or SIM B only is selected it will try to dial up only using the SIM card you selected When Failback is checked it means if the connection is dialed up not using the main SIM you selected...

Страница 40: ...is likely to connect to an improper network or fail to find a valid APN for your ISP APN 1 Required setting 2 String format any text Enter the APN you want to use to establish the connection This is...

Страница 41: ...profile for the connection or modify the contents of an APN profile you have added It is available only when you select Dial Up Profile as APN Profile List This lists all the APN profiles you created...

Страница 42: ...p 3G 4G Connection Common Configuration Here you can change common configurations for 3G 4G WAN 3G 4G Connection Common Configuration Item Value setting Description Connection Control By default Auto...

Страница 43: ...a non zero value it means only the client with this MAC address can get the WAN IP address Note When the IP Pass through is on NAT and WAN IP Alias will be unavailable until the function is disabled a...

Страница 44: ...ected disconnection times to be the threshold before disconnection is acknowledged Target 1 1 Optional setting 2 DNS1 is selected by default Target1 specifies the first target of sending DNS query ICM...

Страница 45: ...LAN IP mode is fixed in Static IP mode Dynamic IP If all the available WAN inferfaces are disabled the LAN IP mode can be Dynamic IP mode LAN IP Address 1 Required setting 2 192 168 123 254 is set by...

Страница 46: ...iguration Item Value setting Description Name 1 Optional setting Enter the name for the alias IP address Interface 1 Required setting 2 lo is set by default Specify the Interface type It can be lo or...

Страница 47: ...ort based VLAN Port based VLANs can group Ethernet ports Port 1 Port 4 and Wi Fi Virtual Access Points VAP 1 VAP 8 together for differentiated services like Internet surfing multimedia enjoyment VoIP...

Страница 48: ...nd Wi Fi Virtual Access Points VAP 1 VAP 8 together with different VLAN tags for deployment in subnets All packet flows can carry different VLAN tags even at the same physical Ethernet port These flow...

Страница 49: ...equipped with DHCP 3 server to construct a 192 168 12 x subnet He also configures the Meeting Rooms segment with VLAN ID 11 The VLAN group is equipped with DHCP 2 server to construct a 192 168 11 x su...

Страница 50: ...n specify members of one VLAN group to be able to access Internet or not Following is an example that VLAN groups of VID is 2 and 3 can access Internet but the one with VID 1 cannot access Internet Th...

Страница 51: ...is a communication pair and one VLAN group can join many communication pairs But communication pairs do not have a transitive property That is if A can communicate with B and B can communicate with C...

Страница 52: ...d VLAN allows you to add VLAN ID and select members and DHCP Server for this VLAN ID Go to Tag based VLAN List table Save NA Click the Save button to save the configuration Port based VLAN Create Edit...

Страница 53: ...ule It has default text and cannot be modified VLAN ID Required setting Define the VLAN ID number range is 1 4094 VLAN Tagging Disable is selected by default The rule is activated according to VLAN ID...

Страница 54: ...N group DHCP Server IP Address for DHCP Relay only Required setting If you select Relay type of DHCP Server assign a DHCP Server IP Address that the gateway will relay the DHCP requests to the assigne...

Страница 55: ...dress target that the DHCP Server wants to match IP Address Required setting Define the IP Address that the DHCP Server will assign If there is a request from the MAC Address filled in the above field...

Страница 56: ...rs are allowed to access WAN interface If a VLAN ID box is unchecked it means the VLAN ID member can t access the Internet Note VLAN ID 1 is always available it is the default VLAN ID of the LAN Other...

Страница 57: ...ption VALN ID Required setting Define the VLAN ID number range is 6 4094 Internet Access The box is checked by default Click Enable box to allow the members in the VLAN group access to internet Port U...

Страница 58: ...N interface with its default Subnet Mask setting as 255 255 255 0 and its default IP Pool range is from 100 to 200 as shown at the DHCP Server List page on gateway s Web UI More DHCP server configurat...

Страница 59: ...strial LTE Cellular Gateway 59 Fixed Mapping User can assign fixed IP address to a specific client MAC address when targets already exist in the DHCP Client List or add other Mapping Rules manually in...

Страница 60: ...r policies to assign IP Addresses to the devices on the local area network LAN Create Edit DHCP Server Policy The gateway allows you to customize your DHCP Server Policy If multiple LAN ports are avai...

Страница 61: ...rmat The Primary DNS of this DHCP Server Secondary DNS IPv4 format The Secondary DNS of this DHCP Server Primary WINS IPv4 format The Primary WINS of this DHCP Server Secondary WINS IPv4 format The Se...

Страница 62: ...k N A When the Back button is clicked the screen will return to the DHCP Server Configuration page View Copy DHCP Client List When DHCP Client List button is applied DHCP Client List screen will appea...

Страница 63: ...Option Configuration Item Value setting Description Option Name 1 String format any text 2 Required setting Enter a DHCP Server Option name DHCP Server Select Dropdown list of all available DHCP serv...

Страница 64: ...format 3 IP list 4 URL format 5 Required setting Should conform to Type 66 66 72 72 114 114 Enable Unchecked by default Click Enable box to activate this setting Save NA Click the Save button to save...

Страница 65: ...lmost all Internet traffic IPv6 also implements additional features not present in IPv4 It simplifies aspects of address assignment stateless address auto configuration network renumbering and router...

Страница 66: ...esses and IPv6 DNS The above diagram depicts IPv6 IP addressing Use the information provided by your ISP to setup the IPv6 network DHCPv6 DHCP in IPv6 performs the same function as DHCP in IPv4 The DH...

Страница 67: ...oE PPPoEv6 server DSLAM on the ISP side provides IPv6 configuration upon receiving PPPoEv6 client request When PPPoEv6 server gets client request and successfully authenticates it the server sends IP...

Страница 68: ...rnet IPv4 to IPv6 migration 6in4 uses tunneling to encapsulate IPv6 traffic over explicitly configured IPv4 links As defined in RFC 4213 the 6in4 traffic is sent over the IPv4 Internet inside IPv4 pac...

Страница 69: ...nabled 2 Required setting Define the selected IPv6 WAN Connection Type to establish the IPv6 connectivity Select Static IPv6 when your ISP provides you with a set IPv6 addresses Then go to Static IPv6...

Страница 70: ...DNS Server Secondary DNS Optional setting Enter the WAN secondary DNS Server MLD Snooping Unchecked by default Enable Disable the MLD Snooping function LAN Configuration LAN Configuration Item Value s...

Страница 71: ...DNS Cannot be modified by default Enter the WAN secondary DNS Server MLD Unchecked by default Enable Disable the MLD Snooping function LAN Configuration LAN Configuration Item Value setting Descripti...

Страница 72: ...act your ISP Value Range 0 45 characters Connection Control Fixed value The value is Auto reconnect Always on MTU Required setting Enter the MTU for setting up PPPoEv6 connection If you need more info...

Страница 73: ...ry DNS Server MLD Unchecked by default Enable Disable the MLD Snooping function LAN Configuration LAN Configuration Item Value setting Description Global Address Optional setting Enter the LAN IPv6 Ad...

Страница 74: ...Client IPv6 Address from tunnel broker in this field Primary DNS Optional setting Enter the WAN primary DNS Server Secondary DNS Optional setting Enter the WAN secondary DNS Server MLD Unchecked by de...

Страница 75: ...Router Advertisement Lifetime Required setting Enter the Router Advertisement Lifetime in seconds 200 is set by default Value Range 0 65535 Select Stateful to manage the Local Area Network to be Stat...

Страница 76: ...eds and activates the NAT function You also can disable the NAT function in Basic Network WAN Uplink Internet Setup WAN Type Configuration page Usually all local hosts or servers behind corporate gate...

Страница 77: ...pback feature is enabled When accessing the email server from the LAN side or at the WAN side you don t need to change the IP address of the mail server Configuration Setting Go to Basic Network Port...

Страница 78: ...gateway from outside the network Those servers can be set up by using Virtual Server feature NAT Loopback can allow access to servers from the LAN side with a global IP address and no change in settin...

Страница 79: ...ort forwarder for E mail service NAT Loopback allows you to access the WAN global IP address from your inside NAT local network It is useful when you run a server inside your network For example if yo...

Страница 80: ...o activate this port forwarding function Virtual Computer The box is checked by default Check the Enable box to activate this port forwarding function Save N A Click the Save button to save the settin...

Страница 81: ...cheduling setting under Object Definition Check Enable box to enable this rule When TCP is selected the protocol of packet filter rule is TCP Public Port is a predefined port from Well known Service a...

Страница 82: ...packet filter rule is GRE When ESP is selected the protocol of packet filter rule is ESP When SCTP is selected the protocol of packet filter rule is SCTP When User defined is selected the protocol of...

Страница 83: ...er sets When the Add button is applied the Virtual Computer Rule Configuration screen will appear Virtual Computer Rule Configuration Item Value setting Description Global IP Required setting Specify...

Страница 84: ...ackets are not expected to be received by applications in the gateway or by other client hosts in the Intranet The DMZ host is also protected by the gateway firewall Activate the feature and specify t...

Страница 85: ...red setting 2 Default is ALL Check the Enable box to activate the DMZ function Define the selected interface to be the packet entering interface of the gateway and fill in the IP address of Host LAN I...

Страница 86: ...hich maintain a record of the routes to various network destinations Thus constructing routing tables which are held in the router s memory is very important for efficient routing Most routing algorit...

Страница 87: ...pecify what kinds of packets will be transferred via which gateway interface and which peer gateway to their destination It can be carried out by the Static Routing feature Dedicated packet flows from...

Страница 88: ...ow will appear to let you define a static routing rule Enable Static Routing Check the Enable box to activate the Static Routing feature Static Routing Item Value setting Description Static Routing Th...

Страница 89: ...IP of this static routing rule Interface Auto is set by default Select the Interface of this static routing rule It can be Auto or the available WAN LAN interfaces Metric 1 Numeric String Format 2 Re...

Страница 90: ...tions This gateway supports dynamic routing protocols including RIPv1 RIPv2 Routing Information Protocol OSPF Open Shortest Path First and BGP Border Gateway Protocol to establish the routing table au...

Страница 91: ...routing protocol that uses link state routing algorithm It is the most widely used interior gateway protocol IGP in large enterprise networks It gathers link state information from available routers...

Страница 92: ...The major BGP gateway within one AS will link with other border gateways for exchanging routing information It will distribute the collected data in AS to all routers in other AS As shown in the diagr...

Страница 93: ...configured individually The RIP Configuration window lets you choose which version of RIP protocol to be activated or to disable it The OSPF Configuration window lets you activate the OSPF dynamic rou...

Страница 94: ...otocol OSPF Configuration OSPF Configuration Item Value setting Description OSPF Disable is set by default Click Enable box to activate the OSPF protocol Router ID 1 IPv4 Format 2 Required setting The...

Страница 95: ...o a maximum of 32 rule sets When the Add button is applied the OSPF Area Rule Configuration screen will appear OSPF Area Configuration Item Value setting Description Area Subnet 1 Classless Inter Doma...

Страница 96: ...IPv4 Format 2 Required setting The Router ID of this router on BGP protocol Create Edit BGP Network Rules The gateway allows you to customize your BGP Network rules It supports up to a maximum of 32 r...

Страница 97: ...ation screen will appear BGP Neighbor Configuration Item Value setting Description Neighbor IP 1 IPv4 Format 2 Required setting The Neighbor IP of this router on BGP Neighbor List Remote ASN 1 Numeric...

Страница 98: ...estination IP IPv4 Format Subnet Mask N A Routing record of Subnet Mask IPv4 Format Gateway IP N A Routing record of Gateway IP IPv4 Format Metric N A Routing record of Metric Numeric String Format In...

Страница 99: ...address which changes each time you connect your Internet service provider The Dynamic DNS service allows the gateway to alias a public dynamic IP address to a static domain name allowing the gateway...

Страница 100: ...default Select the WAN Interface IP Address of the gateway Provider DynDNS org Dynamic is set by default Select your DDNS provider of Dynamic DNS It can be DynDNS org Dynamic DynDNS org Custom NO IP...

Страница 101: ...DNS Redirect Unchecked by default Check the Enable box to activate this function LAN Interface Unchecked by default Select the expected source Interface that can be applied with this function Save N A...

Страница 102: ...tion 1 Required setting 2 Always is selected by default Specify when the DNS redirect action can be applied It can be Always or WAN Block Always The DNS redirect function can be applied to matching DN...

Страница 103: ...ton description Item Value setting Description Add N A Click the Add button to configure time schedule rule Delete N A Click the Delete button to delete selected rule s When the Add button is applied...

Страница 104: ...from menu Select every day or a weekday Start Time Time format hh mm Start time in selected weekday End Time Time format hh mm End time in selected weekday Save N A Click Save to save the settings Und...

Страница 105: ...service types may differ by product type When the Add button is applied the Host Group Configuration screen will appear Host Group Configuration Item Value setting Description Group Name 1 String for...

Страница 106: ...he Join button to add Only one member can be added at a time Member List NA This field will indicate the hosts members contained in the group Bound Services The boxes are unchecked by default Binding...

Страница 107: ...ternal Server Go to Object Definition External Server External Server tab The External Server setting allows the user to add external server Create External Server When the Add button is applied the E...

Страница 108: ...nd 60 Idle Timeout By default 1 The values must be between 1 and 15 Secondary Shared Key String format any text Authentication Protocol By default CHAP is selected Session Timeout By default 1 The val...

Страница 109: ...ernal server Server Port Required setting Specify the Port used for the external server If you selected a certain server type the default server port number will be set For Email Server 25 will be set...

Страница 110: ...f signed certificate or other users endorsements whom the person examining the certificate might know and trust The device also plays as a CA role Certificates are an important component of Transport...

Страница 111: ...set identifier in the signature algorithm identifier of certificates Subject Name Required setting This field is to specify the information of certificate Country C is the two letter ISO code for the...

Страница 112: ...CEP function Automatically re enroll aging certificates Unchecked by default When SCEP is activated check the Enable box to activate this function It will automatically check for certificate aging If...

Страница 113: ...her CAs and Clients In addition since it has the root CA it also can sign Certificate Signing Requests CSR to form corresponding certificates for others These certificates can be used for two remote p...

Страница 114: ...ts Subject Name Country C TW State ST Taiwan Location L Taipei Organization O EWANHQ Organization Unit OU HQRD Common Name CN HQRootCA E mail hqrootca etherwan com tw Configuration Path My Certificate...

Страница 115: ...owing two sections to complete the whole user scenario Use the default value for parameters that are not mentioned in the tables Configuration Path My Certificate Local Certificate Configuration Name...

Страница 116: ...for WAN 1 interface They both serve as the NAT security gateways Gateway 1 generates the root CA and a local certificate HQCRT that is signed by itself It imports the certificates of the root CA and...

Страница 117: ...ificates or CSRs for representing the gateway The Local Certificate Configuration window lets you enter the required information necessary for corresponding certificate to be generated by itself or co...

Страница 118: ...ess format Extra Attributes Required setting This field is to specify the extra information for generating a certificate Challenge Password for the password you can use to request certificate revocati...

Страница 119: ...coded 1 String format any text 2 Required setting This is an alternative approach to import a certificate You can directly fill in Copy and Paste the PEM encoded certificate string and click the Apply...

Страница 120: ...These certificates can be used for two remote peers to confirm their identity when establishing a VPN tunnel Scenario Description same as described in My Certificate section Gateway 1 generates the ro...

Страница 121: ...mplete the setup for the whole user scenario Configuration Path Trusted Certificate Trusted CA Certificate List Command Button Import Configuration Path Trusted Certificate Trusted CA Certificate Impo...

Страница 122: ...te List of the Gateway 1 and the Local Certificate List of the Gateway 2 For more details refer to the Network B operation procedure in My Certificate section of this manual Gateway 2 can establish an...

Страница 123: ...Apply button to import the specified CA certificate file to the gateway Import from a PEM 1 String format any text 2 Required setting This is an alternative approach to importing a CA certificate You...

Страница 124: ...nerate CA Identifier 1 String format any text Fill in optional CA Identifier to identify which CA could be used for signing certificates Save N A Click Save to save the settings Close N A Click the Cl...

Страница 125: ...ort Trusted Client Key When the Import button is applied the Trusted Client Key Import screen will appear You can import a Trusted Client Key from an existed file or directly paste a PEM encoded strin...

Страница 126: ...ned Certificate Usage Scenario Scenario Application Timing same as described in My Certificate section When the enterprise gateway owns the root CA and VPN tunneling function it can generate its own l...

Страница 127: ...ateway of Network A in headquarters and the subnet of its Intranet is 10 0 76 0 24 It has the IP address of 10 0 76 2 for LAN interface and 203 95 80 22 for WAN 1 interface Gateway 2 is the gateway of...

Страница 128: ...R Import from a File Item Value setting Description Certificate Signing Request CSR Import from a File Required setting Select a certificate signing request file from your computer for importing to th...

Страница 129: ...AN or the Internet They can be Virtual COM and Modbus 4 1 1 Port Configuration Before using the supported field communication function like Virtual COM or Modbus you need to configure the physical com...

Страница 130: ...modes can be Virtual COM Modbus and IEC 60870 5 Interface RS 232 is set by default Select RS 232 or RS 485 physical interface for connecting to the access device s with the same interface specificatio...

Страница 131: ...ver UDP and RFC2217 modes for remote accessing of the connected serial device These operation modes are illustrated below TCP Client Mode When the administrator expects the gateway to actively establi...

Страница 132: ...P connection will be automatically disconnected from the host computer by using the TCP alive check timeout or idle timeout settings UDP Mode If both the Remote Host Computer and the serial device are...

Страница 133: ...is being created it is required to specify the IP address of the host computers to establish connection with Any 3rd party driver supporting RFC 2217 can be installed in the host computer The driver e...

Страница 134: ...e device disconnects from the server when the connection is Idle for a specified period You may also enable full time connection with the TCP server Enable TCP Client Mode Window Item Value setting De...

Страница 135: ...imeout Transmit 1 Optional setting 2 Default value is 0 Enter the data timeout interval for transmitting serial data through the port By default it is set to 0 and the timeout function is disabled Val...

Страница 136: ...TCP connection Value Range 1 65535 Trust Type Allow All is set by default Choose Allow All to allow any TCP clients to connect Otherwise choose Specific IP to limit certain TCP clients Max Connection...

Страница 137: ...default Check the box to specify the rule for selected Serial Port Definition Enable Unchecked by default Check the Enable box to enable the rule Save N A Click Save to save the settings Undo N A Cli...

Страница 138: ...k Undo to cancel the settings Specify Remote UDP Specify Remote UDP hosts Window Item Value setting Description Host Required setting Press Edit button to enter IP address range of remote UDP hosts Re...

Страница 139: ...e listening port of RFC 2217 connection Value Range 1 65535 Trust Type Allow All is set by default Choose Allow All to allow any clients to connect Otherwise choose Specific IP to limit certain client...

Страница 140: ...C 2217 modes Specify RFC 2217 Clients for Access Window Item Value setting Description Host Required setting Enter the IP address range of allowed clients Serial Port Unchecked by default Check the bo...

Страница 141: ...o control instruments over RS 485 without additional programming or effort NOTE When Modbus devices are connected to under the same serial port of IoT Modbus Gateway those Modbus devices must use the...

Страница 142: ...ding device status such as Cellular Network and DI DO status to remote Modbus Master via Modbus communication With the Slave option enabled the Modbus Master device can request the information or send...

Страница 143: ...lected serial port Serial as Slave For when attached serial device s are all Modbus Slave devices Serial as Master When the attached serial device is a Modbus Master device Device Slave Mode Unchecked...

Страница 144: ...equests If a value other than zero is specified the gateway will store the Master request in the buffer and retry sending the request the number of specified times Once the retries are exhausted the g...

Страница 145: ...odbus Master IP Access Allow All is selected by default Specify authorized masters on the TCP network Select Allow All to allow any Modbus Master to reach the attached Slave s Otherwise limit only spe...

Страница 146: ...nfigured to prioritize the request queue to transmit to Slave based on Master s IP address if requests are coming from remote Master or based on remote Slave ID if requests are coming from serially at...

Страница 147: ...IP address of the remote Modbus TCP Slave device Port 1 Required setting 2 Range 1 to 65535 Enter the TCP port on which the remote Modbus TCP Slave device listens to the TCP client session request Val...

Страница 148: ...Wait for Traffic 6 Diconnected 3 WAN 4 Connection Status R 0 6 0 Disconnected 1 Connecting 2 Connected 3 Disconnecting 5 Wait for Traffic 6 Diconnected 10 3G 4G_SERVICE_TYPE R 0 7 0 2G 1 none 2 3G 3...

Страница 149: ...Connecting 104 VPN IPSec tunnel 4 status R 1 Connected 2 Wait for traffic 3 Disconnected 9 Connecting 105 VPN IPSec tunnel 5 status R 1 Connected 2 Wait for traffic 3 Disconnected 9 Connecting 106 VPN...

Страница 150: ...RS 485 212 Serial Port 1_Baud Rate R Baud Rate Value 213 Serial Port 1_Data Bits R 7 or 8 214 Serial Port 1_Stop Bits R 1 or 2 215 Serial Port 1_Flow Control R 0 None 2 RTS CTS 3 DTR DSR 216 Serial P...

Страница 151: ...ng of the collected data in local storage in CSV file format When the network connection is recovered admin user can download the data log files manually via FTP or web UI for further reference and ma...

Страница 152: ...ta log proxy function The remote Modbus server can continue its data acquisition process and if required the administrator can also retrieve the stored data log files Under the Data Logging Proxy mode...

Страница 153: ...teway will activate the data logging proxy function and execute the pre defined data acquisition task by itself The Modbus request issued by the Modbus Gateway Data Logging Proxy The response data sen...

Страница 154: ...can be External or Internal depending on the product specification Save NA Click the Save button to save the settings Note 1 If there is no available storage device the Enable checkbox will be grayed...

Страница 155: ...ted by default Specify a certain read function for the Data Logging Proxy to issue and record the responses from device s Start Address 1 Required setting 2 Range 0 to 65535 Specify the Start Address...

Страница 156: ...data logging rule Value Range 1 16 characters Mode Sniffer is selected by default Select an expected data logging scheme for the data logging rule There are five available schemes Sniffer The Modbus g...

Страница 157: ...the Modbus Master If there is no response from the master within the specified timeout setting the selected proxy rule will be triggered and applied with the data logging rule Note If Off Line proxy...

Страница 158: ...nt settings will be applied if they have not been changed via the Edit button When the Edit button is applied Log File Configuration screen will appear Log File Configuration Item Value setting Descri...

Страница 159: ...to Upload is activated user can further specify whether to delete the transferred log from the gateway storage or not Check the Enable button to activate the function When Storage Full Remove the Olde...

Страница 160: ...nt to point connection through the use of dedicated connections encryption or a combination of the two The tunnel technology supports data confidentiality data origin authentication and data integrity...

Страница 161: ...he responder This gateway can be configured as different roles and establish a number of tunnels with various remote devices Before going to set up the VPN connections you may need to decide on the sc...

Страница 162: ...regular WAN connection If you want all packets from remote site to be routed via this IPsec tunnel including HQ server access and Internet access enable the Full Tunnel setting Site to Site with Hub...

Страница 163: ...of server responder and it must have a Static IP or FQDN It can allow many VPN clients initiators to connect with various tunnel scenarios In short with a simple Dynamic VPN server setting many VPN cl...

Страница 164: ...nnels Depends on Product specification The specified value will limit the maximum number of simultaneous IPsec tunnel connections The default valuea may differ depending on the device model Save N A C...

Страница 165: ...subnets With Host to Host IPsec operates in transport mode Hub and Spoke 1 Optional setting 2 None is set by default Select from the dropdown box to set up your gateway for Hub and Spoke IPsec VPN Dep...

Страница 166: ...by default Click Enable box to activate the Redirect Traffic function Note Redirect Traffic is available only for Host to Site specified in Tunnel Scenario By default it is disabled to prevent unexpec...

Страница 167: ...Manual Key Management section Local ID Optional setting Specify the Local ID for this IPsec tunnel to authenticate Select User Name for Local ID and enter the username The username may include but ca...

Страница 168: ...r this IPsec tunnel Select Server Client or None Selected Server for this gateway will be an X Auth server Click on the X Auth Account button to create a remote X Auth client account Selected Client f...

Страница 169: ...2 28800s is default 3 Max 86400s Specify the Phase2 Key Life Time in seconds Value Range 30 86400 IPSec Proposal Definition Window Item Value setting Description IPSec Proposal Definition Required set...

Страница 170: ...tion Key Management Required setting Select Key Management from the dropdown box for this IPsec tunnel In this section Manually is the option selected Local ID Optional setting Specify the Local ID fo...

Страница 171: ...tting 2 Hexadecimal format Specify the Encryption Method and Encryption key Available encryption methods are DES 3DES AES 128 AES 192 AES 256 The key length for DES is 16 3DES is 48 AES 128 is 32 AES...

Страница 172: ...the Enable box to activate the Dynamic IPsec VPN tunnel Tunnel Name 1 Required setting 2 String format any text Enter a tunnel name Value Range 1 19 characters Interface 1 Required setting 2 WAN 1 is...

Страница 173: ...be all numbers Select FQDN for Local ID and enter the FQDN Select User FQDN for Local ID and enter the User FQDN Select Key ID for Local ID and enter the Key ID letter or number Remote ID Optional set...

Страница 174: ...OpenVPN Client features to meet different application requirements There are two OpenVPN connection scenarios They are the TAP and TUN scenarios The product can create either a layer 3 based IP tunnel...

Страница 175: ...s In bridge mode the VPN client is given an IP address on the same subnet as the LAN resided under the OpenVPN server Under such configuration the OpenVPN client can directly access resources on the L...

Страница 176: ...on either server or client for the gateway to operate Configuration Item Value setting Description OpenVPN Unchecked by default Check the Enable box to activate the OpenVPN function Server Client Serv...

Страница 177: ...Configuration screen will appear OpenVPN Server Configuration window lets you enable the OpenVPN server function and specify the virtual IP address of OpenVPN server when remote OpenVPN clients dial i...

Страница 178: ...be available only when TUN is chosen in Tunnel Scenario Local Endpoint IP Address Required setting Specify the virtual Local Endpoint IP Address of this OpenVPN gateway Value Range The IP format is 1...

Страница 179: ...the Encryption Cipher from the dropdown list Select from Blowfish AES 256 AES 192 AES 128 None Hash Algorithm By default SHA 1 is selected Specify the Hash Algorithm from the dropdown list Select fro...

Страница 180: ...le only when TLS is chosen in Authorization Mode Client to Client The box is checked by default Check the Enable box to enable the traffic among different OpenVPN Clients Note Client to Client will be...

Страница 181: ...Optional setting 2 String format any text Specify the CCD Dir Default File Value Range 0 256 characters Client Connection Script 1 Optional setting 2 String format any text Specify the Client Connecti...

Страница 182: ...tton is applied the OpenVPN Client Configuration screen will appear OpenVPN Client Configuration window lets you specify the required parameters for an OpenVPN VPN client such as OpenVPN Client Name I...

Страница 183: ...default Check the Enable box to activate the Redirect Internet Traffic function NAT 1 Optional setting 2 Unchecked by default Check the Enable box to activate the NAT function Authorization Mode 1 Req...

Страница 184: ...the LZO Compression scheme Select from Adaptive YES NO Default Persis Key 1 Optional setting 2 The box is checked by default Check the Enable box to activate the Persis Key function Persis Tun 1 Optio...

Страница 185: ...S128 SHA TLS DHE DSS AES256 SHA Note TLS Cipher will be available only when TLS is chosen in Authorization Mode TLS Auth Key 1 Optional setting 2 String format any text Specify the TLS Auth Key for co...

Страница 186: ...alue is 1500 by default Specify the value of Tunnel UDP Fragment Value Range 0 1500 Note Tunnel UDP Fragment will be available only when UDP is chosen in Protocol Tunnel UDP MSS Fix Unchecked by defau...

Страница 187: ...FQDN for clients to create L2TP tunnels It also maintains User Account list user name password for client login authentication There is a virtual IP pool to assign virtual IP to each connected L2TP cl...

Страница 188: ...be transferred based on current routing policy of the gateway at L2TP client peer But if 0 0 0 0 0 is entered in the Remote Subnet field it will be treated as a Default Gateway setting for the L2TP c...

Страница 189: ...iption L2TP Unchecked by default Click the Enable box to activate L2TP function Client Server Required setting Specify the role of L2TP Select Server or Client role for the gateway to take Below are t...

Страница 190: ...ocol Required setting Select single or multiple Authentication Protocols for the L2TP server with which to authenticate L2TP clients Available authentication protocols are PAP CHAP MS CHAP MS CHAP v2...

Страница 191: ...Then check the enable box to enable the user Click Save button to save the new user account The selected user account can permanently be deleted by clicking the Delete button Value Range 1 32 charact...

Страница 192: ...of configuration screen will appear You can add up to 8 L2TP Clients L2TP Client Configuration Item Setting Value setting Description Tunnel Name Required setting Enter a tunnel name Value Range 1 32...

Страница 193: ...e Intranet of L2TP VPN server So at L2TP client peer the packets whose destination is in the dedicated subnet will be transferred via the L2TP VPN tunnel Others will be transferred based on current ro...

Страница 194: ...ing with CISCO L2TP Server User defined Enter the service port The default value is 0 Value Range 0 65535 Tunnel Unchecked by default Check the Enable box to enable this L2TP tunnel Save N A Click Sav...

Страница 195: ...rd features of the Windows PPTP stack The security gateway can play either PPTP Server role or PPTP Client role for a PPTP VPN tunnel or both at the same time for different tunnels PPTP tunnel process...

Страница 196: ...PPTP client peer a Remote Subnet item is required It is for the Intranet of PPTP server peer At PPTP client peer the packets whose destination is in the dedicated subnet will be transferred via the PP...

Страница 197: ...ault Click the Enable box to activate PPTP function Client Server Required setting Specify the role of PPTP Select Server or Client role Below are the configuration windows for PPTP Server and for Cli...

Страница 198: ...specify the last IP address for the subnet from which the PPTP client s IP address will be assigned Value Range Starting Address and Starting Address 8 or 254 Authentication Protocol 1 Required settin...

Страница 199: ...Save button to save new user account The selected user account can permanently be deleted by clicking the Delete button Value Range 1 32 characters As a PPTP Client When Client is selected in Client S...

Страница 200: ...t a primary tunnel from which to failover to Note Failover mode is not available for gateways with a single WAN Remote IP FQDN 1 Required setting 2 Format can be a ipv4 address or FQDN Enter the publi...

Страница 201: ...2 MPPE Encryption 1 Unchecked by default 2 Optional setting Specify whether PPTP server supports MPPE Protocol Click the Enable box to enable MPPE Note when MPPE Encryption is enabled the Authenticati...

Страница 202: ...r a server even using the same set of configuration rules GRE Tunnel Scenario To setup a GRE tunnel each peer needs to setup its global IP as tunnel IP and enter the other s global IP as remote IP Eac...

Страница 203: ...g allows user to create and configure GRE tunnels Enable GRE Enable GRE Window Item Value setting Description GRE Tunnel Unchecked by default Click the Enable box to enable GRE function Max Concurrent...

Страница 204: ...over tunnel you need to further select a primary tunnel from which to failover to Note Failover mode is not available for gateways with a single WAN Tunnel IP Optional setting Enter the Tunnel IP addr...

Страница 205: ...erver peer controls the flow of any packets from the GRE client peer DMVPN Spoke Unchecked by default Specify whether the gateway will support DMVPN Spoke for this GRE tunnel Check Enable box to enabl...

Страница 206: ...eway 206 5 2 Firewall The firewall functions include Packet Filter URL Blocking Content Filter MAC Control Application Filter IPS and some firewall options Supported functions vary depending on the ga...

Страница 207: ...pass and Rule 2 is to allow HTTPS packets to pass Under such configuration the gateway will allow only HTTP and HTTPS packets issued from the IP range 192 168 123 200 to 250 which are targeted to TCP...

Страница 208: ...rules It supports up to a maximum of 20 filter rule sets When Add button is applied Packet Filter Rule Configuration screen will appear Packet Filter Rule Configuration Item Name Value setting Descrip...

Страница 209: ...s that are entering to any IP addresses Select Specific IP Address to filter packets entering to an IP address entered in this field Select IP Range to filter packets entering to a specified range of...

Страница 210: ...hen Well known Service is selected otherwise select User defined Service and specify a port range Value Range 1 65535 for Source Port Destination Port For Protocol select GRE to filter GRE packets For...

Страница 211: ...fic MAC addresses the MAC Control function can be used to reject according to the blacklist configuration MAC Control with Blacklist Scenario As shown in the diagram enable the MAC control function an...

Страница 212: ...List White List Deny MAC Address Below is set by default When Deny MAC Address Below is selected as the name suggest packets specified in the rules will be blocked blacklisted In contrast with Allow...

Страница 213: ...ntrol rule name MAC Address Use to Compose 1 MAC Address string Format 2 Required setting Specify the Source MAC Address to filter rule Time Schedule Required setting Apply Time Schedule to this rule...

Страница 214: ...formation about this activity attempt to block stop it and report it You can enable the IPS function and check the listed intrusion activities when needed You can also enable the log alerting so that...

Страница 215: ...em Value setting Description IPS Unchecked by default Check the Enable box to activate IPS function Log Alert Unchecked by default Check the Enable box to activate to activate Event Log Save N A Click...

Страница 216: ...ule and enter the traffic threshold in this field ICMP Flood Defense Click Enable box to activate this intrusion prevention rule and enter the traffic threshold in this field Value Range 10 10000 Port...

Страница 217: ...2 Unchecked by default 3 Traffic threshold is set to 300 by default 4 The value range can be from 10 to 10000 Click Enable box to activate this intrusion prevention rule and enter the traffic threshol...

Страница 218: ...way to record the packet information like IP address port address ACK SEQ number and so on while they pass through the gateway and the gateway checks every incoming packet to detect if the packet is v...

Страница 219: ...t will block such packets from unknown users Discard Ping from WAN Remote Administrator Hosts Scenario Discard Ping from WAN makes any host on the WAN side unable to ping this gateway and receive ICMP...

Страница 220: ...allow access to the router Remote Administrator Host Definition Item Value setting Description Protocol HTTP is set by default Select HTTP or HTTPS method for router access IP Required setting Specifi...

Страница 221: ...nd commonly in practice computer systems Centralized management has a time and effort trade off that is related to the size of the company the expertise of the IT staff and the amount of technology be...

Страница 222: ...tton to back up the existing command script in a txt file You can specify the script file name in Script Name below Upload Script N A Click the Via Web UI or Via Storage button to Upload the existing...

Страница 223: ...D 1 enable 0 disable Enable or disable OpenVPN Client function OPENVPN_DESCRIPTION Required Setting Specify the tunnel name for the OpenVPN Client connection OPENVPN_PROTO udp tcp Define the Protocol...

Страница 224: ...ets STARTUP Script file For the configurations that can be configured with standard Linux commands you can put them in a script file and apply the script file with the STARTUP command For example STAR...

Страница 225: ...th your ISP or the ACS provider for help At the right upper corner of TR 069 Setting screen one Help command let you see the same message about that Scenario Managing deployed gateways through an ACS...

Страница 226: ...hen all remote gateways have booted up they will try to connect to the ACS server Once the connections are established successfully the ACS server can configure upgrade with latest FW and monitor thes...

Страница 227: ...ACS server the account information to login the ACS server the service port and the account information for connection requesting from the ACS server and the time interval for job inquiry Except the...

Страница 228: ...efault 8099 is set You can ask ACS manager provide ACS ConnectionRequest Port and manually set Value Range 0 65535 ConnectionRequest UserName Required setting You can ask ACS manager provide ACS Conne...

Страница 229: ...It is an optional item Specify the IP address for the expected STUN Server Server Port 1 An optional setting 2 3478 is set by default Specify the port number for the expected STUN Server Value Range...

Страница 230: ...nagement tasks such as modifying and applying a new configuration through remote modification of these variables The variables accessible via SNMP are organized in hierarchies These hierarchies and ot...

Страница 231: ...118 18 81 11 WAN Access IP Address 118 18 81 11 Configuration Path SNMP User Privacy Definition ID 1 2 3 User Name UserName1 UserName2 UserName3 Password Password1 Password2 Disable Authentication MD...

Страница 232: ...evice has an urgent event to send the device will issue a trap to the Trap Event Receivers The NMS itself could be one among them If you want to secure the transmitted SNMP commands and responses betw...

Страница 233: ...Ns is selected and there is no limitation for the WAN interface Supported Versions 1 Required setting 2 The boxes are unchecked by default Select the version for the SNMP When v1 box is checked you ca...

Страница 234: ...selected by default 2 Required setting 3 String format any text Specify this version 1 or version v2c user s community that will be allowed Read Only GET and GETNEXT or Read Write GET GETNEXT and SET...

Страница 235: ...Range 1 32 characters Password 1 String format any text When your Privacy Mode is authNoPriv or authPriv specify the Password for this version 3 user Value Range 8 64 characters Authentication 1 None...

Страница 236: ...x restricts access for this version 3 user to the sub tree rooted at the given OID Value Range 1 2080768 Enable 1 The box is checked by default Click Enable to enable this version 3 user Save N A Clic...

Страница 237: ...Trap Event Receiver Rule Configuration Item Value setting Description Server IP 1 Required setting 2 String format any IPv4 address or FQDN Specify the trap Server IP or FQDN Trap will be sent to the...

Страница 238: ...ocols Selected the authNoPriv You must specify the Authentication and Password Selected the authPriv You must specify the Authentication Password Encryption and Privacy Key Authentication 1 v3 Require...

Страница 239: ...cify the location information for MIB 2 system Value Range 0 64 characters Edit SNMP Options If you use some particular private MIB you must enter the enterprise name number and OID Options Item Value...

Страница 240: ...y the Enterprise OID for the particular private MIB The range of the each OID number is 1 2080768 The maximum length of the enterprise OID is 31 The seventh number must be identical with the enterpris...

Страница 241: ...scripting The device supports both Telnet and SSH Secure Shell CLI with default service port 23 and 22 respectively Telnet SSH Scenario Scenario Application Timing When the administrator of the gatewa...

Страница 242: ...ion Type Telnet Service Port 23 Enable SSH Service Port 22 Enable Scenario Operation Procedure In the above diagram Local Admin or Remote Admin can manage the Gateway from the Intranet or Internet The...

Страница 243: ...Telnet with CLI 1 The LAN Enable box is checked by default 2 The WAN Enable box is unchecked by default Check the Enable box to activate the Telnet with CLI function for connecting from WAN LAN inter...

Страница 244: ...blank characters 2 The default password for Telnet is wirelessm2m Type old password and specify new password to change the root password Note It is highly recommended to change the default Telnet pass...

Страница 245: ...ames and the information received from other agents in IEEE defined Management Information Bases MIB modules LLDP significantly aids in the deployment of any network device that supports the protocol...

Страница 246: ...n password Change Password Item Value Setting Description Old Password 1 String any text 2 Default password is admin Enter the current password New Password String any text Enter new password New Pass...

Страница 247: ...e used for GUI access It can be http https http only or https only HTTPs Certificate Setup The default box is selected by default If the https Access Protocol is selected the HTTPs Certificate Setup o...

Страница 248: ...e Serial Number N A Displays the serial number of this product Kernel Version N A Displays the Linux kernel version of the product FW Version N A Displays the firmware version of the product CPU Usage...

Страница 249: ...w the system will communicate with time server by NTP Protocol to get system date and time after you click on the Synchronize immediately button The second one is Sync with my PC Select the method and...

Страница 250: ...time zone for the device otherwise you will just get the UTC Coordinated Universal Time time not the local time for the device Synchronize with Manually Setting System Time Information Item Value Set...

Страница 251: ...ult Select PC as the synchronization method for the system time to let the system synchronize its date and time to the time of the administration PC Synchronize immediately N A Click the Active button...

Страница 252: ...ration System Log tab View Email Log History The View button allows for the viewing of log history The Email Now button enables administrator to send instant Email for analysis View Email Log History...

Страница 253: ...ck the First button to jump to the first page Last N A Click the Last button to jump to the last page Download N A Click the Download button to download log to your PC in tar file format Clear N A Cli...

Страница 254: ...Window Item Value Setting Description Enable Unchecked by default Check Enable box to enable sending event log messages to designated Email account defined in the E mail Addresses blank space Server N...

Страница 255: ...age and Debug Log to Storage Log to Storage screen allows the network administrator to select the type of events to log and be stored at an internal or an external storage device Log to Storage Settin...

Страница 256: ...nd button specify the file name of new firmware by using the Browse button and then click the Upgrade button to start the FW upgrading process If you want to upgrade firmware which is from a GPL polic...

Страница 257: ...you can reboot this device by clicking the Reboot button and reset this device to default settings by clicking the Reset button System Operation Window Item Value Setting Description Reboot Now is sel...

Страница 258: ...instead but is technologically different This gateway has an embedded FTP SFTP server for administrator to download log files to his computer or database In the following two sections you can configur...

Страница 259: ...for log downloading so no write permission is implemented FTP Port Port 21 is set by default Specify a port number for FTP connection The gateway will listen for incoming FTP connections on the specif...

Страница 260: ...d ASCII Transfer Mode Optional setting Check the Enable box to activate the support of ASCII mode data transfers Binary mode is supported by default FTPS FTP over SSL TLS Optional setting Check the En...

Страница 261: ...iguration Item Value setting Description User Name String non blank string Enter the user account name Value Range 1 15 characters Password String no blank Enter the user password Directory N A Select...

Страница 262: ...will appear beneath it Tracert Test Optional setting Trace route tracert command is a network diagnostic tool for displaying the route path and measuring transit delays of packets across an IP network...

Страница 263: ...name will be appended with an index code _ index The file extension is pcap Split Files 1 Optional setting 2 Default value of File Size is 200 KB Check enable box to split file whenever log file reach...

Страница 264: ...match the rule will be captured Up to 10 MACs are supported but they must be separated with e g AA BB CC DD EE FF 11 22 33 44 55 66 The packets will be captured when matching any one MAC in the rule S...

Страница 265: ...any MAC address is matched Destination IPs Optional setting Define the filter rule with Destination IPs which means the destination IP address of packets Packets which match the rule will be captured...

Страница 266: ...th carrier ISP by USSD Unstructured Supplementary Service Data command or perform a cellular network scan for diagnostic purposes The Cellular Toolkit section includes several useful features that are...

Страница 267: ...her cellular data connection automatically If Data Usage feature is enabled the entire history of cellular data usage can be viewed at Status Statistics Reports Cellular Usage tab 3G 4G Data Usage The...

Страница 268: ...ular modules Carrier Name Optional item Fill in the Carrier Name for the selected SIM card for identification Cycle Period Days by default The three types of cycle period are Days Weekly and Monthly D...

Страница 269: ...SMS messages as you usually do on a cellular phone Setup SMS Configuration Configuration Item Value setting Description Physical Interface 3G 4G 1 by default Choose a cellular interface 3G 4G 1 or 3G...

Страница 270: ...s value increases Received SMS N A This value records the number of SMS from SIM card Remaining SMS N A This value is SMS capacity minus received SMS New SMS N A Click New SMS button a New SMS screen...

Страница 271: ...nbox List You can read or delete SMS reply SMS or forward SMS from this screen SMS Inbox List Item Value setting Description ID N A The number of SMS From Phone Number N A From phone number of SMS Tim...

Страница 272: ...age PIN code son a SIM card through the web GUI Activate PIN code on SIM Card This gateway device allows you to activate a PIN code on SIM card This example shows how to activate PIN code on SIM A for...

Страница 273: ...cellular interface 3G 4G 1 or 3G 4G 2 to change the SIM PIN setting for the selected SIM Card Note 3G 4G 2 is only available for products with dual cellular modules SIM Status N A Indication for the...

Страница 274: ...the SIM Lock function is not enabled the Change PIN code button is disabled If you still want to change the PIN code enable the SIM Lock function first fill in the PIN code and then click the Save bu...

Страница 275: ...will be locked by PUK code after too many access attempts with an incorrect PIN code In this case the PUK Status will turns to PUK Lock In a normal situation it will display PUK Unlock Remaining times...

Страница 276: ...up to 182 alphanumeric characters in length Unlike Short Message Service SMS messages USSD messages create a real time connection during an USSD session The connection remains open allowing a two way...

Страница 277: ...in the correct pre command and then click on the Send button for the session The responses from the USSD server will be displayed beneath the USSD Command line When commands typed in the USSD Command...

Страница 278: ...check with your service provider for details Comments N A Enter a brief comment for the profile Send USSD Request When you send the USSD command the USSD Response screen will appear When click the Cl...

Страница 279: ...ction sequence of the targeted generation of mobile system 2G 3G LTE Network Scan Configuration Configuration Item Value setting Description Physical Interface The box is 3G 4G 1 by default Choose a c...

Страница 280: ...nually Scan Approach is selected in the Configuration window By clicking on the Scan button and waiting for 1 to 3 minutes the found mobile operator systems will be displayed for you to choose from Cl...

Страница 281: ...he gateway will take action to change the functionality collect the required status for administration and also change the status of a connected field bus device Notifying events are events in which s...

Страница 282: ...ital Input Power Change Connection Change WAN LAN VLAN Wi Fi DDNS Administration Modbus and Data Usage Actions Notify the administrator with SMS Syslog SNMP Trap or Email Alert Change the status of co...

Страница 283: ...fault Check the Enable box to activate the Event Management function Enable SMS Management To use the SMS management function configure these settings first SMS Configuration Item Value setting Descri...

Страница 284: ...e number format 2 Required setting Select the Phone number policy from the dropdown list and specify a mobile phone number as the SMS account identifier if required It can be Specific Number or Allow...

Страница 285: ...m of 5 accounts You can click the Add Edit button to configure the Email account Email Service Configuration Item Value setting Description Email Server Option Select an Email Server profile from Exte...

Страница 286: ...The number of available DI sources will depend on the product model Normal Level Low by default Specify the Normal Level Low or High Signal Active Time 1 Numeric String format 2 Required setting Spec...

Страница 287: ...ional setting Specify a brief description for the profile DO Source ID1 by default Specify the DO Source Normal Level Low by default Specify the Normal Level Low or High Total Signal Period 1 Numeric...

Страница 288: ...e the profile Modbus Notifying Events Profile Item Value setting Description Modbus Name 1 String format 2 Required setting Specify the Modbus profile name Value Range 1 32 characters Description 1 An...

Страница 289: ...e Modbus device It can be from 1 to 247 Register 1 Numeric String format 2 Required setting Specify the Register number of the Modbus device Value Range 0 65535 Logic Comparator Logic Comparator by de...

Страница 290: ...ofile Item Value setting Description Modbus Name 1 String format 2 Required setting Specify the Modbus profile name Value Range 1 32 characters Description 1 Any text 2 Optional setting Specify a brie...

Страница 291: ...tting Specify the Device ID of the Modbus device Value Range 1 247 Register 1 Numeric String format 2 Required setting Specify the Register number of the Modbus device Value Range 0 65535 Value 1 Nume...

Страница 292: ...ggers handlers and response Go to Service Event Handling Managing Events Tab Enable Managing Events Configuration Item Value setting Description Managing Events Unchecked by default Check the Enable b...

Страница 293: ...lect Digital Input and a DI profile you defined to specify a certain Digital Input Event Note The available Event Types will depend on product model Description String format any text Enter a brief de...

Страница 294: ...levant sub items WAN SSH Service On Off the gateway will change the settings as the action for the event Administration Select Administration Checkbox and the relevant sub items Backup Config Restore...

Страница 295: ...dministrator to define the relationship rule between event trigger and handlers Enable Notifying Events Configuration Item Value setting Description Notifying Events Unchecked by default Check the Ena...

Страница 296: ...ify a certain LAN VLAN Event Wi Fi Select Wi Fi and a trigger condition to specify a certain Wi Fi Event DDNS Select DDNS and a trigger condition to specify a certain DDNS Event Administration Select...

Страница 297: ...e action for the event Modbus Select Modbus and a Modbus Notifying Event profile you defined as the action for the event Note The available Event Types will depend on product model Time Schedule 0 Alw...

Страница 298: ...raph or table format for quickly understanding the operation status of the gateway The display will be refreshed once per second From the menu on the left select Status Dashboard Device Dashboard tab...

Страница 299: ...shows statistical graphs for the CPU and memory Network Interface Status The Network Interface Status screen shows the statistic information for each network interface of the gateway The statistical i...

Страница 300: ...ng on the model purchased it can be Static IP Dynamic IP PPPoE PPTP L2TP 3G 4G Network Type N A Displays the network type for the WAN interface s Depending on the model purchased it can be NAT Routing...

Страница 301: ...en Connection Control in WAN Type setting is set to Connect Manually Refer to Edit button in Basic Network WAN Uplink Internet Setup and WAN connection status is connected WAN interface IPv6 Network S...

Страница 302: ...Displays the current IPv6 global IP address assigned by your ISP for your Internet connection MAC Address N A This area provides functional buttons Edit IPv4 Button when press web based utility will...

Страница 303: ...SIM Status and Service Information Refer to next page for more When the Detail button is pressed 3G 4G modem information windows such as Modem Information SIM Status Service Information and Signal St...

Страница 304: ...ted to this gateway LAN Client List Item Value setting Description LAN Interface N A Client record of LAN Interface String Format IP Address N A Client record of IP Address Type and the IP Address Typ...

Страница 305: ...tered to identify DDNS service provider Provider N A Displays the DDNS server of DDNS service provider Effective IP N A Displays the public IP address of the device updated to the DDNS server Last Upd...

Страница 306: ...Name N A Displays the tunnel name you have entered Tunnel Scenario N A Displays the Tunnel Scenario specified Local Subnets N A Displays the Local Subnets specified Remote IP FQDN N A Displays the Rem...

Страница 307: ...tem Value setting Description OpenVPN Client Name N A Displays the Client name you have entered for identification Interface N A Displays the WAN interface specified for the OpenVPN client connection...

Страница 308: ...cription Client Name N A Displays Name for the L2TP Client specified Interface N A Displays the WAN interface with which the gateway will use to request PPTP tunneling connection to the PPTP server Vi...

Страница 309: ...Security VPN PPTP tab PPTP Client Status Item Value setting Description Client Name N A Displays the Name for the PPTP Client specified Interface N A Displays the WAN interface with which the gateway...

Страница 310: ...figuration page Packet Filter Status Packet Filter Status Item Value setting Description Activated Filter Rule N A The Packet Filter Rule name Detected Contents N A The logged packet information inclu...

Страница 311: ...ime format Month Day Hours Minutes Seconds Note Ensure IPS Log Alert is enabled Refer to Security Firewall IPS tab Check Log Alert and save the setting Firewall Options Status Firewall Options Status...

Страница 312: ...at IP Source IP User Name Login User Name Time Date time Example IP 192 168 127 39 User Name admin Time Mar 3 01 34 13 Note Ensure Firewall Options Log Alert is enabled Refer to Security Firewall Opti...

Страница 313: ...user name for authentication This is only available for SNMP version 3 IP Address N A Displays the IP address of SNMP manager Port N A Displays the port number used to maintain connection with the SNM...

Страница 314: ...ration Log Storage tab The Log Storage Status screen shows the status for selected device storage Log Storage Status Log Storage Status screen shows the status of current the selected device storage T...

Страница 315: ...us N A Click the Previous button to see the previous page of track list Next N A Click the Next button to see the next page of track list First N A Click the First button to see the first page of trac...

Страница 316: ...evious page of login statistics Next N A Click the Next button to see the next page of login statistics First N A Click the First button to see the first page of login statistics Last N A Click the La...

Страница 317: ...teway 317 8 5 4 Cellular Usage Go to Status Statistics Reports Cellular Usage tab Cellular Usage screen shows data usage statistics for the selected cellular interface The cellular data usage can be a...

Страница 318: ...WCDMA 2G GSM EDGE Antenna connectors 2 x SMA Male SIM Slots 2 Ethernet Standard IEEE 802 3 10Base T IEEE802 3u 100BASE TX 100BASE FX IEEE802 3ab 1000BASE T Ports 2 x RJ45 GE Physical Layer 10 100 100...

Страница 319: ...Access VPN IPSec OpenVPN PPTP L2TP GRE Firewall SPI Firewall with Stealth Mode IPS Event Handling Managing Notifying Events DI DO Modbus SMS Syslog SNMP Trap Email Alert Reboot Device Management Solut...

Страница 320: ...AN shall not be held liable to anyone for any indirect special or consequential damages due to omissions or errors The information and specifications in this document are subject to change without not...

Отзывы:

Нет отзывов

Похожие инструкции для EW50

Бренд: Patton Страницы: 181

Бренд: ZyXEL Communications Страницы: 2

Бренд: NetComm Wireless Страницы: 28

Бренд: RTA Страницы: 68

Бренд: FOR-A Страницы: 36

GW1102-2DRS-485-TB-P

Бренд: 3onedata Страницы: 3

Бренд: Ubee Страницы: 99

Бренд: Handlink Technologies Страницы: 60

Ability Cassia X2000

Бренд: ABB Страницы: 29

Бренд: eQ-3 Страницы: 44

Бренд: San Telequip Страницы: 19

Бренд: Omega Страницы: 38

F8926-GW Series

Бренд: Four-Faith Страницы: 78

Бренд: ADT Pulse Страницы: 6

Бренд: iSysmart Страницы: 11

Бренд: ZyXEL Communications Страницы: 2

Optinet FE408005AA

Бренд: Black Box Страницы: 159

Бренд: Agilent Technologies Страницы: 58

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды