background image

 

 

User Manual 

 

 

 

GWR High Speed Cellular Router Series 

36 

Settings-ADSL Port 

 

Click 

ADSL Port 

Tab, to open the ADSL Settings screen. Use this screen to configure the username 

and password parameters 

(

Error! Reference source not found.

).  

Enable radio button Default route. 

 

 

 

 

Figure 21– ADSL Port Settings 

 

Settings 

– Wireless Settings  

 

Wireless settings for GWR router will give you good performance, reliability and security when using Wi-Fi.

  

 

Содержание GWR

Страница 1: ...GWR High Speed Cellular Router Series USER MANUAL WWW GENEKO RS Document version 1 0 0 Date December 2015 GWR...

Страница 2: ...story Date Description Author Comments 24 12 2015 User Manual Tanja Savi Firmware versions 1 1 2 Document Approval The following report has been accepted and approved by the following Signature Printe...

Страница 3: ...LATION IN TABLES 22 SAVE RELOAD CHANGES 22 STATUS INFORMATION 23 Status General 23 Status LAN Port Information 23 Status DHCP 24 Status WAN Information 24 Status ADSL Information 25 Status Mobile Info...

Страница 4: ...MANAGEMENT COMMAND LINE INTERFACE 76 MANAGEMENT REMOTE MANAGEMENT 77 MANAGEMENT CONNECTION MANAGER 77 Getting started with the Connection Wizard 78 MANAGEMENT SIMPLE MANAGEMENT PROTOCOL SNMP 81 MANAG...

Страница 5: ...e 24 DMZ configuration page 40 Figure 25 RIP configuration page 41 Figure 26 Virtual Router Redundancy Protocol 43 Figure 27 GRE tunnel parameters configuration page 45 Figure 28 IPSec Summary screen...

Страница 6: ...GWR Router 1 96 Figure 81 IPSec configuration page III for GWR Router 1 96 Figure 82 IPSec start stop page for GWR Router 1 97 Figure 83 Network configuration page for GWR Router 2 97 Figure 84 IPSEC...

Страница 7: ...125 Figure 123 OpenVPN GWR settings 127 Figure 124 Starting OpenVPN application 127 Figure 125 OpenVPN status on PC 127 Figure 126 OpenVPN status on GWR 127 Figure 127 Portforwarding example 128 Figur...

Страница 8: ...43 Table 13 GRE parameters 44 Table 14 IPSec Summary 47 Table 15 IPSec Parameters 51 Table 16 OpenVPN parameters 55 Table 17 PPTP parameters 56 Table 18 L2TP parameters 58 Table 19 Firewall parameters...

Страница 9: ...mance backup solution for existing land lines or satellite networks is now a simple task thanks to modern cellular networks Therefore no matter if the goal is to provide primary internet access or bac...

Страница 10: ...central site Vehicle based bank service POS Vending machine Bank office supervision Security Traffic control Video Surveillance Solutions Other Remote Office Solution Remote Access Solution There are...

Страница 11: ...vailable on 4G models LTE 800 850 900 1800 1900 2100 2600 MHz Transfer rate max 100 Mbps down 50 Mbps up UMTS HSPA DC HSPA 850 900 1900 2100 MHz Transfer rate max 42 Mbps down 5 76 Mbps up GSM GPRS ED...

Страница 12: ...T1 413 Issue 2 ITU T G 992 1 G dmt ITU T G 992 2 G lite ITU T G 992 3 G dmt bis ADSL2 ITU T G 992 5 ADSL2plus Connector RJ 11 6P2C Wired Interfaces Ethernet Ports 1 2 or 5 depending on a model Standa...

Страница 13: ...t to factory settings LED s Link Activity LED s on Ethernet connectors Power Input 12 VDC 2A Consumption tbd Connector Barrel connector DC Power Cord Barrel connector to bare wire AC Power Supply 100...

Страница 14: ...orts otherwise forwarded SNMP v1 2c Simple Network Management Protocol is used in network management systems to monitor network attached devices for conditions that warrant administrative attention NT...

Страница 15: ...alternative to other VPN technologies OpenVPN max number of tunnels 15 PPTP The Geneko Router can be used as a PTPP Point to Point Tunneling Protocol client PPTP uses a control channel over TCP and a...

Страница 16: ...P based CLI SSH telnet serial Remote management over SSH Remote management over Telnet Traffic and event log Log tracing Maintenance Diagnostics Ping utility Authentication Used for activating and dea...

Страница 17: ...hernet connector LED ACT yellow on Network traffic detected off when no traffic detected Network Link green LED on Ethernet activity or access point engaged Figure 2 GWR Router front panel Back panel...

Страница 18: ...ettings of the GWR Router hold the RESET button pressed for a few seconds Restoration of the default configuration will be signaled by writing messages on the display and changing network status This...

Страница 19: ...d is by web interface This method provides administrator full set of privileges for configuring and monitoring the router Configuration administration and monitoring of the GWR Router can be performed...

Страница 20: ...r Plug other side of ETHERNET CABLE to Ethernet port on your computer You will see on the screen if SIM card is present cellular network types signal level current firmware version or IP address uptim...

Страница 21: ...menu on the left side of the screen Set IP Address and Subnet Mask and click on SAVE button Add a new network to the interface on your PC Ping new IP address When the GWR router is accessible insert...

Страница 22: ...successfully finished process of authentication of Username Password you can access Main Configuration Menu You can set all parameters of the GWR Router using web application All functionalities and...

Страница 23: ...Information Tab provides general information about device type device firmware version kernel version CPU vendor Uptime since last reboot hardware resources utilization and MAC address of LAN port Sc...

Страница 24: ...IP addresses gained from DHCP server MAC addresses expiration period and lease status Figure 9 DHCP Information Status WAN Information WAN Port Information Tab provides information about WAN port and...

Страница 25: ...us ADSL Information ADSL Port Information Tab provides IP status information about interface WAN address primary DNS address DSL information about upstream speed and downstream speed and Line informat...

Страница 26: ...ovide information about GPRS EDGE HSPA HSPA LTE mobile module manufacturer and model Mobile operator and signal quality Mobile traffic statistics in bytes Screenshot of Mobile information from the rou...

Страница 27: ...ormation Status Firewall Firewall Information Tab provides information about active firewall rules divided in three groups INPUT FORWARD and OUTPUT chain Each of these groups has packet counter which...

Страница 28: ...User Manual GWR High Speed Cellular Router Series 28 Figure 15 Router monitoring 1 Figure 16 Router monitoring 2...

Страница 29: ...1 is the factory default IP address Subnet Mask The subnet mask specifies the network number portion of an IP address The GWR Router support sub netting You must specified subnet mask for your LAN TCP...

Страница 30: ...ary DNS IP address of your primary DNS server Secondary DNS IP address of your secondary DNS server Reload Click Reload to discard any changes and reload previous settings Save Click Save button to sa...

Страница 31: ...ration time Primary DNS Secondary DNS This field specifies IP addresses of DNS Domain Name System server that will be assigned to systems that support DHCP client capability Select None to stop the DH...

Страница 32: ...User Manual GWR High Speed Cellular Router Series 32 Figure 19 DHCP Server configuration page...

Страница 33: ...Authentication This field specifies password authentication protocol Select the appropriate protocol from drop down list PAP CHAP PAP CHAP Username This field specifies Username for client authenticat...

Страница 34: ...s Reboot after n consecutive failed connection attempts Enable SIM1 SIM2 keepalive Make some traffic periodically in order to maintain connection active You can set keepalive interval value in minutes...

Страница 35: ...ry to connect to GSM By selecting AUTO option router will first try to establish UMTS connection and if it fails router will go for GSM connection Mobile status Displays data related to mobile connect...

Страница 36: ...ettings screen Use this screen to configure the username and password parameters Error Reference source not found Enable radio button Default route Figure 21 ADSL Port Settings Settings Wireless Setti...

Страница 37: ...printable characters Channel Select one from list of legally allowed Wireless LAN channels using IEEE 802 11 or Auto for automatic channel selection 802 11 Protocol 802 11b has a maximum raw data rat...

Страница 38: ...ption Routing Table Dest Network This parameter specifies the IP network address of the final destination Routing is always based on network number If you need to specify a route to a single host use...

Страница 39: ...tocol Interface Choose between ppp_0 and br0 interface Select interface where port forwarding is done Port forwarding from outside WAN interface to inside LAN interface is done on PPP and in reverse d...

Страница 40: ...es if DMZ settings is enabled at the Geneko Router IP address from LAN IP address to secure an internal network from external access Reload Click Reload to discard any changes and reload previous sett...

Страница 41: ...e displayed on telnet console of the Routing Information Protocol Manager Password Login password Port to bind at Local port the service will listen to Routing Information Protocol Status Start Start...

Страница 42: ...edistribute static Redistribute routes defined locally in RIP configuration ripd configure router redistribute connected Redistribute directly connected routes Disable RIP update optional ripd configu...

Страница 43: ...1 255 and the router with the highest priority will become the master Password Enter authentification password as hexkey 0 9a fA F Reload Click Reload to discard any changes and reload previous settin...

Страница 44: ...an IP network You need to connect two similar networks connected by a different network with different IP addressing Click VPN Settings Tab to open the VPN configuration screen In the Error Reference...

Страница 45: ...ves are disabled Use the keepalive check box to enable this feature Keepalives do not have to be configured on both ends of the tunnel in order to work a tunnel is not aware of incoming keepalive pack...

Страница 46: ...is is the number of IPSec tunnels being defined Maximum number of tunnels This is the maximum number of tunnels which can be defined Maximum number of tunnels is 15 No This filed indicates the number...

Страница 47: ...in negotiation process Log level Set IPSec log level Add New Tunnel Click on this button to add a new Device to Device IPSec tunnel After you have added the tunnel you will see it listed in the Summa...

Страница 48: ...this box to enable the IPSec tunnel Local Security gateway type When SIM Card is selected the WAN or Internet IP address of the Router automatically appears If the Router is not yet connected to the G...

Страница 49: ...ed Key IKE is an Internet Key Exchange protocol used to negotiate key material for Security Association SA IKE uses the Preshared Key to authenticate the remote IKE peer Both ends of IPSec tunnel must...

Страница 50: ...one way hashing algorithm that produces a 160 bit digest SHA1 is recommended because it is more secure Both ends of the IPSec tunnel must use the same Phase 2 Authentication setting NOTE If you selec...

Страница 51: ...and responder must support the mechanism for detecting the NAT router in the path and changing to a new port as defined in RFC 3947 NOTE If you select this mode the Aggressive mode will be automatical...

Страница 52: ...nfiguration it allows the server to release an authentication certificate for every client using signature and Certificate authority It uses the OpenSSL encryption library extensively as well as the S...

Страница 53: ...l Number Automatically assigned number of the tunnel Tunnel Name Enter a name for the OpenVPN tunnel This allows you to identify multiple tunnels and does not have to match the name used at the other...

Страница 54: ...bad HMAC it will drop the packet HMAC usually adds 16 or 20 bytes per packet Set none to disable authentication NOTE Depending on the options selected in the previous steps some of the following opti...

Страница 55: ...ck Click Back to return on IPSec Summary screen Reload Click Reload to discard any changes and reload previous settings Save Click Save to save your changes back to the GWR Router After that router au...

Страница 56: ...ote netmask Netmask of remote subnet to route Domain Some PPTP servers require domain name for authentication Username Username to authenticate ourselves to remote server Password Password to authenti...

Страница 57: ...d in the tunnel Figure 36 L2TP configuration page L2TP Label Description Enable Select this option to enable L2TP tunnel Tunnel name Unique tunnel identifier Local IP address Set the IP address of the...

Страница 58: ...sion id value being used at the peer Peer Cookie Sets an optional peer cookie value to be assigned to the session This is a 4 or 8 byte value specified as 8 or 16 hex digits e g 014d3636deadbeef The v...

Страница 59: ...redefined or custom defined values Input Interface Select the name of an interface via which a packet was received only for packets entering the INPUT and FORWARD chains Output Interface Select the na...

Страница 60: ...box enables Distributed DOS Maximum average matching rate Maximum average matching rate specified as a number with an optional time unit second minute hour or day the default is 3 hour Maximum initia...

Страница 61: ...e MAC Filter table the packet will dropped MAC Filtering Settings Label Description Enable MAC Filtering This field specifies if MAC Filtering is enabled at the router Enable Enable MAC filtering for...

Страница 62: ...DNS Cilent Enable DynDNS Client Service The type of service that you are using try one of no ip dhs pgpow dyndns dyndns static dyndns custom ods easydns dyns justlinux and zoneedit Custom Server IP or...

Страница 63: ...y default above described features are disabled Selecting one of two possible applications of Serial port opens up additional options available for configuration Figure 41 Serial Port Settings initial...

Страница 64: ...Only on server side Server IP address Specify server IP address Only on client side Connect to TCP UDP port Number of the TCP UDP port to accept connections from this device Only on client side Type o...

Страница 65: ...laves can be directly attached to the unit s serial ports without any external protocol converters Click Serial Port Tab to open the Modbus Gateway configuration screen Choose Modbus Gateway settings...

Страница 66: ...r is 502 Connection timeout When this field is set to a value greater than 0 the serial server will close connections that have had no network receive activity for longer than the specified period Tra...

Страница 67: ...User Manual GWR High Speed Cellular Router Series 67 Figure 43 Modbus gateway configuration page...

Страница 68: ...After the command is executed router sends one of the following status reports to the user CONNECTING CONNECTED WAN_IP WAN IP address or the router DISCONNECTING DISCONNECTED 5 In order to establish...

Страница 69: ...ter entering Phone number and Message and by pushing button Send Figure 45 Send SMS SMS Gateway is used for sending SMS with GET query Command format is following 192 168 1 1 cgi send_exec lua group s...

Страница 70: ...the GWR Router Only for information purpose Location This field specifies location of the GWR Router Only for information purpose Save Click Save button to save your changes back to the GWR Router Rel...

Страница 71: ...sword to confirm it Enable Radius Authentication By this check box you can activate or deactivate function for authentication via remote radius server Enable Enable or disable usage of this radius ser...

Страница 72: ...s of the NTP server Automatically synchronize NTP Setup automatic synchronization with time server Update time every Time interval for automatic synchronization Time Zone Select your time zone Save Cl...

Страница 73: ...o look for the firmware file After selection of new firmware version through Browse button mechanism the process of data transfer from firmware to device itself should be started This is done by Uploa...

Страница 74: ...te configuration file After you select the file click Import This process may take up to a minute Restart the Router in order to changes will take effect Export Configuration File To export the Router...

Страница 75: ...ystem Reboot page Management Display settings Display settings on the GWR Router are done through window Display Settings Figure 54 Display Settings Display Settings Label Description Enable Screen Sa...

Страница 76: ...Interface Label Description CLI Settings Enable telnet service Enable or disable CLI via telnet service Enable ssh service Enable or disable CLI via ssh service View Mode Username Login name for View...

Страница 77: ...changes back to the GWR Router Reload Click Reload to discard any changes and reload previous settings Table 29 Remote Management parameters Management Connection Manager Enabling Connection Manager...

Страница 78: ...et mask GWR router s Ethernet port and GPRS EDGE HSPA HSPA LTE network connection Selecting this option you can configure parameters for LAN and WAN interface Figure 58 Connection Wizard Initial Step...

Страница 79: ...Speed Cellular Router Series 79 Figure 59 Connection Wizard Router Detection When you select one of the routers from the list and click Next you will get to the following screen Figure 60 Connection...

Страница 80: ...t and you will be able to setup WAN interface Figure 61 Connection Wizard WAN Settings After entering the configuration parameters if you mark option Establish connection router will start with connec...

Страница 81: ...2 SNMP configuration page SNMP Settings Label Description Enable SNMP SNMP is enabled by default To disable the SNMP agent click this option to unmark Get Community Create the name for a group or comm...

Страница 82: ...from many different types of systems into a central repository Figure 63 Syslog configuration page The GWR Router supports this protocol and can send its activity logs to an external server Syslog Se...

Страница 83: ...ner of the screen Click this tab to exit the web based utility If you exit the web based utility you will need to re enter your Username and Password to log in and then manage the Router CHROOT A chro...

Страница 84: ...seq unset cd fi lua service until chattr find luac set unzip chmod flock mapfile sh upfirmware clear for md5sum shift uptime cmp free microcom shopt users command ftpd mkdir show usleep compgen funct...

Страница 85: ...accept the changes Use SIM card with a dynamic static IP address obtained from Mobile Operator Note the default gateway may show or change to an address such as 10 0 0 1 this is normal as it is the G...

Страница 86: ...ddress Source tunnel address should have static WAN IP address Destination tunnel address should have static WAN IP address GSM UMTS APN Type For GSM UMTS networks GWR Router connections may require a...

Страница 87: ...M UMTS connection Mobile Settings Tab If disconnected please click Connect button Click VPN Settings GRE to configure GRE tunnel parameters Enable yes Local Tunnel Address 10 10 10 1 Local Tunnel Netm...

Страница 88: ...The GWR Router 2 configuration Click LAN Ports Tab to open the LAN Ports Settings screen Use this screen to configure LAN TCP IP settings Configure IP address and Netmask IP Address 192 168 2 1 Subnet...

Страница 89: ...want to use host name as peer identifier Tunnel Destination 1 10 251 49 2 obtained by the network provider 2 Select HOST from drop down menu if you want to use host name as peer identifier KeepAlive e...

Страница 90: ...h of the routers it appears that it has two paths to the remote physical interface and the tunnel interface running through the tunnel This tunnel could then transmit unroutable traffic such as NetBIO...

Страница 91: ...face Tunnel0 ip address 10 10 10 2 255 255 255 252 tunnel source FastEthernet0 0 tunnel destination 172 29 8 5 ip route 10 1 1 0 255 255 255 0 tunnel0 Command for tunnel status show ip interface brief...

Страница 92: ...epAlive enable no Period none Retries none Press ADD to put GRE tunnel rule into VPN table Press Save to accept the changes Figure 74 GRE configuration page Configure GRE Route Click Static Routes on...

Страница 93: ...and tunnel destination address Dynamic IP WAN address must be mapped to hostname with DynDNS service for synchronization with DynDNS server SIM card must have internet access GSM UMTS APN Type For GSM...

Страница 94: ...changes Figure 77 LAN Port configuration page for GWR Router 1 Use SIM card with a static IP address obtained from Mobile Operator Click Mobile Settings Tab to configure parameters necessary for GSM...

Страница 95: ...sive Phase 1 DH group Group 2 Phase 1 Encryption 3DES Phase 1 Authentication MD5 Phase 1 SA Life Time 28800 Perfect Forward Secrecy true Phase 2 DH group Group 2 Phase 2 Encryption 3DES Phase 2 Authen...

Страница 96: ...on on Internet Protocol Security page to initiate IPSEC tunnel NOTE Firmware version used in this scenario also provides options for Connection mode of IPSec tunnel If connection mode Connect is selec...

Страница 97: ...sk IP Address 192 168 10 1 Subnet Mask 255 255 255 0 Press Save to accept the changes Figure 82 Network configuration page for GWR Router 2 Use SIM card with a static IP address obtained from Mobile O...

Страница 98: ...IP Address 10 0 10 0 Subnet 255 255 255 0 IPSec Setup Keying Mode IKE with Preshared key Mode aggressive Phase 1 DH group Group 2 Phase 1 Encryption 3DES Phase 1 Authentication MD5 Phase 1 SA Life Ti...

Страница 99: ...R High Speed Cellular Router Series 99 Figure 83 IPSEC configuration page I for GWR Router 2 Figure 84 IPSec configuration page II for GWR Router 2 NOTE Options NAT Traversal and Send Initial Contact...

Страница 100: ...ion mode Connect is selected that indicates side of IPSec tunnel which sends requests for establishing of the IPSec tunnel If connection mode Wait is selected that indicates side of IPSec tunnel which...

Страница 101: ...ttings Tab to configure parameters necessary for GSM UMTS LTE connection All parameters necessary for connection configuration should be required from mobile operator Check the status of GSM UMTS LTE...

Страница 102: ...Mask 255 255 255 0 Remote Group Setup Remote Security Gateway Type IP Only IP Address 172 29 8 5 Remote ID Type IP Address Remote Security Group Type IP IP Address 192 168 10 1 Failover Eanble IKE fai...

Страница 103: ...ware version used in this scenario also provides options for Connection mode of IPSec tunnel If connection mode Connect is selected that indicates side of IPSec tunnel which sends requests for establi...

Страница 104: ...68 10 1 Subnet Mask 255 255 255 0 Press Save to accept the changes Figure 92 Network configuration page for GWR Router 2 Use SIM card with a static IP address obtained from Mobile Operator Click Mobil...

Страница 105: ...Security Gateway Type SIM card Local ID Type IP Address IP Address From SIM 1 WAN connection is established over SIM 1 Local Security Group Type IP IP Address 192 168 10 1 Remote Group Setup Remote Se...

Страница 106: ...al GWR High Speed Cellular Router Series 106 Figure 93 IPSEC configuration page I for GWR Router 2 Figure 94 IPSEC configuration page II for GWR Router 2 Figure 95 IPSEC configuration page III for GWR...

Страница 107: ...ch sends requests for establishing of the IPSec tunnel If connection mode Wait is selected that indicates side of IPSec tunnel which listens and responses to IPSec establishing requests from Connect s...

Страница 108: ...namic IP WAN address must be mapped to hostname with DynDNS service for synchronization with DynDNS server SIM card must have internet access GSM UMTS APN Type For GSM UMTS networks GWR Router connect...

Страница 109: ...ype IP Address IP Address From SIM 1 WAN connection is established over SIM 1 Local Security Group Type Subnet IP Address 192 168 10 0 Subnet Mask 255 255 255 0 Remote Group Setup Remote Security Gate...

Страница 110: ...nual GWR High Speed Cellular Router Series 110 Figure 99 IPSEC configuration page I for GWR Router Figure 100 IPSec configuration page II for GWR Router Figure 101 IPSec configuration page III for GWR...

Страница 111: ...e msec service timestamps log datetime msec no service password encryption hostname Cisco Router boot start marker boot end marker username admin password 7 enable secret 5 no aaa new model no ip doma...

Страница 112: ...255 255 255 0 ip nat inside no ip route cache no ip mroute cache duplex auto speed auto ip route 0 0 0 0 0 0 0 0 150 160 170 2 ip http server no ip http secure server ip nat inside source list nat_lis...

Страница 113: ...o Router Idea is to create IPSec tunnel for LAN to LAN site to site connectivity Figure 103 IPSec tunnel between GWR Router and Cisco Router The GWR Routers requirements Static IP WAN address for tunn...

Страница 114: ...Enable true IPSec Setup Keying Mode IKE with Preshared key Mode aggressive Phase 1 DH group Group 2 Phase 1 Encryption 3DES Phase 1 Authentication SHA1 Phase 1 SA Life Time 28800 Perfect Forward Secre...

Страница 115: ...anual GWR High Speed Cellular Router Series 115 NAT Traversal true Press Save to accept the changes Figure 105 IPSEC configuration page I for GWR Router Figure 106 IPSec configuration page II for GWR...

Страница 116: ...Click Start button on Internet Protocol Security page to initiate IPSEC tunnel Click Start button and after that Connect button on Internet Protocol Security page to initiate IPSEC tunnel Figure 108 I...

Страница 117: ...nfiguration Step1 Create New Tunnel Interface Click Interfaces on Network Tab Figure 109 Network Interfaces list Bind New tunnel interface to Untrust interface outside int with public IP addresss Use...

Страница 118: ...Key Advanced tab Figure 111 AutoKey Advanced Gateway Click New button Enter gateway parameters Gateway name TestGWR Security level Custom Remote Gateway type Dynamic IP address because your GWR router...

Страница 119: ...User Defined custom Phase 1 proposal pre g2 3des sha Mode Agressive must be aggressive because of NAT Nat Traversal enabled Click Return and OK Figure 113 Gateway advanced parameters Step 3 Create Aut...

Страница 120: ...te Gateway Predefined Choose VPN Gateway from step 2 Figure 115 AutoKey IKE parameters Click Advanced button Security level User defined custom Phase 2 proposal pre g2 3des sha Bind to Tunnel interfac...

Страница 121: ...21 Figure 116 AutoKey IKE advanced parameters Step 4 Routing Click Destination tab on Routing menu Click New button Routing parameters are IP Address 192 168 10 0 24 Gateway tunnel 3 tunnel interface...

Страница 122: ...om Untrust to trust zone Source Address 192 168 10 0 24 Destination Address 10 10 10 0 24 Services Any Click OK Figure 118 Policies from untrust to trust zone Click Policies in main menu Click New but...

Страница 123: ...User Manual GWR High Speed Cellular Router Series 123 Figure 119 Policies from trust to untrust zone...

Страница 124: ...figuration is the remote endpoint IP or hostname field Also the client can set up the keepalive settings For successful tunnel creation a static key must be generated on one side and the same key must...

Страница 125: ...e will be automatically Saved in Open VPN configuration file directory Configuration file and pre shared key must be in same directory d If you have more remote locations every location has to have it...

Страница 126: ...VPN tunnel e Workstation where OpenVPN server is installed should have ip route to subnet which is on the other end of the OpenVPN tunnel This subnet is reachable over remote OpenVPN interface which i...

Страница 127: ...so you must start it first That accomplishes configuration of the GWR regarding establishing the OpenVPN and routing through it Implementation You start Open VPN tunnel on server side by right click...

Страница 128: ...orwarded to workstation 192 168 1 2 and port 22 Result SSH is accessible from the outside to the first workstation 2 Traffic destined to WAN IP by port 8080 is forwarded to workstation 192 168 1 3 and...

Страница 129: ...ons In the picture below serial communication is achieved over GWR router in client mode on remote location and Virtual COM port application on central side As application is in server mode IP address...

Страница 130: ...ngs Option SERIAL PORT OVER TCP UDP SETTINGS is used for configuration of transparent serial communication Configuration parameters are presented in picture below Figure 130 GWR settings for Serial to...

Страница 131: ...e Keepalive idle time 120 sec Keepalive interval 60 sec Log Settings Log level level 1 When serial port is configured button SAVE should be selected and STATUS of the service should change to started...

Страница 132: ...ICMP error messages 3 DROP traffic is blocked without any error messages connection is retried until the threshold for retransmission is exceeded By default all traffic is PERMITTED To block all the...

Страница 133: ...ppp_0 Allow IPSec protocol 10 Allow IPSec tunnels on ppp_0 protocol 11 Allow IPSec tunnels on ppp_0 IKE 12 Allow IPSec tunnel on ppp_0 IKE_NATt Allow OpenVPN protocol 13 Allow OpenVPN tunnels on ppp_...

Страница 134: ...ALL page Page for firewall configuration is presented in the following picture Figure 134 Initial firewall configuration on GWR Firstly firewall should be enabled that is done by selecting Firewall Ge...

Страница 135: ...ed when policy reject is selected After that SAVE button should be pressed and user is returned to main configuration page 2 ICMP traffic is denied from all IP addresses except 212 62 38 196 New rule...

Страница 136: ...of rule is changed by selecting number in drop down menu In this example number 4 is selected 3 ICMP traffic is allowed from single IP addresses With firewall rule configuration shown above IP address...

Страница 137: ...Sec firewall rules These three rules are enabled in following way Select EDIT of the rule Enable selected SAVE and exit 5 SSH access is allowed from IP range 212 62 38 210 220 New rule should be added...

Страница 138: ...tion page 7 FTP traffic is allowed New rule should be added by selecting ADD NEW RULE button Policy should be configured in following way Rule name Allow FTP Enable selected Chain INPUT Service FTP Pr...

Страница 139: ...xample of traffic filtering in direction from inside to outside New rule should be added by selecting ADD NEW RULE button Policy should be configured in following way Rule name Allow HTTP from LAN Ena...

Страница 140: ...Figure 141 Complete firewall configuration SMS management example GWR routers can be managed over the SMS messages Commands from the SMS are executed on the router with status report sent back to the...

Страница 141: ...rks through two simple steps First step is STANDARD ping proofing This ping periodically checks if link is alive Standard ping has 4 packets which are sent over the link and if all 4 are returned keep...

Страница 142: ...link failure is detected Settings are following SIM1 Ping target 8 8 8 8 Ping interval 120 Advanced ping interval 10 Advanced ping wait for response 5 Maximum number of failed packets 80 Keepalive act...

Страница 143: ...r window or to another location within the facility can result in optimum reception Another way of increasing throughput is by physically placing the device on the roof of the building in an environme...

Страница 144: ...Bul Despota Stefana 59a GENEKO 11000 Belgrade Serbia Phone 381 11 3340 591 3340 178 Fax 381 11 3224 437 e mail gwrsupport geneko rs www geneko rs UM GWR362 462 Rev A Dec 15...

Отзывы: