NetModule NB3720 Скачать руководство пользователя страница 178 | Manualshive

Страница: 178 / 202

NetModule NB3720 Скачать руководство пользователя страница 178

NB3720
User Manual for NRSW version 4.4

When enrolling certificates, the CA certificate will be initially fetched from the specified SCEP URL
using the

getca

operation. It will be shown on the configuration page and it has to be verified that it

belongs to the correct authority. Otherwise, the CA must be rejected. This part is essential when using
SCEP as it builds up the chain of trust.

If a certificate enrollment request times out, it is possible to re-trigger the interrupted enrollment request
and it will be resumed using the previously generated key. In case a request has been rejected, you
are required to erase the certificate first and then start the enrollment process all over again.

Authorities

For SSL client connections (as used by SDK functions or when downloading configuration/software
images) you might upload a list of CA certificates which are considered trusted.

To obtain the CA certificate from a particular site with Mozilla Firefox, the following steps will be re-
quired:

– Point the browser to the relevant HTTPS website

– Click the padlock in the address bar

– Click the

More Information

and the

View Certificate

button

– Select the

Details

tab press the

Export

button

– Choose a path for the file (e.g. website.pem)

Certificates from self-signed authoritites can also be retrieved by running:

echo quit | \

openssl s_client -showcerts -connect <host>:443 | \

sed -ne ’/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p’ > other.crt

The PEM-encoded X.509 certificate files can be edited and concatenated using a simple editor (if
required) and then uploaded to the box. Once installed, an SSL client connection will terminate if
verification with any of those CA certificates fails.

178

«
...
176
177
178
179
180
...
»

Содержание NB3720

Страница 1: ...NetModule Router NB3720 User Manual for Software Version 4 4 Manual Version 1 13 NetModule AG Switzerland July 4 2021...

Страница 2: ...n of it may not be copied in any form or by any means stored in a retrieval system adopted or transmitted in any form or by any means electronic mechanical photographic graphic optic or otherwise or t...

Страница 3: ...9 Ethernet Connectors 19 3 3 10 Power Supply 20 3 3 11 Digital Inputs and Outputs 21 3 3 12 CAN Port 23 3 3 13 IBIS Port 23 4 Installation 25 4 1 Installation of the Mini SIM Card 25 4 2 Installation...

Страница 4: ...112 5 6 6 Dial In 113 5 7 SERVICES 115 5 7 1 SDK 115 5 7 2 DHCP Server 124 5 7 3 DNS Server 126 5 7 4 NTP Server 129 5 7 5 Dynamic DNS 130 5 7 6 E Mail 132 5 7 7 Events 134 5 7 8 SMS 135 5 7 9 SSH Tel...

Страница 5: ...ion 181 6 7 Scanning Networks 182 6 8 Sending E Mail or SMS 182 6 9 Updating System Facilities 182 6 10 Manage keys and certificates 183 6 11 Restarting Services 183 6 12 Debug System 184 6 13 Resetti...

Страница 6: ...ts 72 5 20 Static Routing 77 5 21 Extended Routing 79 5 22 Multipath Routes 80 5 23 Mobile IP 83 5 24 Firewall Groups 90 5 25 Firewall Rules 91 5 26 Masquerading 93 5 27 Inbound NAPT 94 5 28 OpenVPN A...

Страница 7: ...System 155 5 51 Regional settings 157 5 52 User Accounts 159 5 53 Remote Authentication 161 5 54 Manual File Configuration 165 5 55 Automatic File Configuration 166 5 56 Factory Configuration 167 5 5...

Страница 8: ...ents of RJ45 Gigabit Ethernet Connectors 20 3 17 Power Input Specifications 21 3 18 Pin Assignments of Power Connector 21 3 19 Common Digital I O Specification 21 3 20 Isolated Digital Outputs Specifi...

Страница 9: ...an introduction to the router and its features The following chapters describe any aspects of commissioning the device installation procedure and provide helpful information towards configuration and...

Страница 10: ...able national and international laws and with any special restrictions regulating the utilization of the communication module in prescribed applications and environments Information about the accessor...

Страница 11: ...fied specialized personnel A misconfiguration will lead to loss of the approval Cellular antennas attached to the router must have an antenna gain of equal or less than 2 5 dBi The user is responsible...

Страница 12: ...quirements of the Council Directive 2012 19 EU regard ing Waste Electrical and Electronic Equipment WEEE you are urged to ensure that this product will be segregated from other waste at end of life an...

Страница 13: ...open source codes covered by these licenses please contact our techni cal support at router support netmodule com Acknowledgements This product includes PHP freely available from http www php net Sof...

Страница 14: ...mentary VOICE V or GNSS G option This model has the following functionality Galvanically isolated power supply LTE Dual WLAN IEEE 802 11ac GNSS IBIS Wagenbus slave CAN 8 Ethernet 2 Gigabit Ethernet 6...

Страница 15: ...C 15 5 Operating Temperature Range 40 C to 70 C Class TX according to EN 50155 Storage Temperature Range 40 C to 85 C Humidity 0 to 95 non condensing Altitude up to 4000m Over Voltage Category I Pollu...

Страница 16: ...an be assigned dynamically to any modem by configuration 4 USB USB 2 0 host port with connector type A can be used for software config uration updates 5 Digital I O Galvanically isolated digital I O M...

Страница 17: ...Table 3 3 NB3720 Interfaces 3 3 2 LED Indicators Status LEDs The following table describes the NB3720 status indicators Label Color State Function Status l blinking The device is busy due to startup...

Страница 18: ...sed m off Normally open output port 1 is open DO2 l on Normally closed output port 2 is closed m off Normally closed output port 2 is open DI1 l on Input port 1 is set m off Input port 1 is not set DI...

Страница 19: ...y reset The start of the factory reset is confirmed by all LEDs lighting up for a second 3 3 4 Mobile Standard Bands Data rate 4G LTE FDD B1 2100 B2 1900 B3 1800 B5 850 B7 2600 B8 900 B20 800 Downlink...

Страница 20: ...he following specification Feature Specification Max allowed cable length 30 m Max allowed antenna gain including cable attenuation 3 0 dBi1 Min distance between collocated ra dio transmitter antennas...

Страница 21: ...ng specification Feature Specification Max allowed cable length 30 m Max allowed antenna gain 3 0 dBi Min distance between collocated ra dio transmitter antennas 20 cm Connector type TNC Table 3 10 GN...

Страница 22: ...Assignment USB The five pins are enumerated in clockwise direction The first pins is on the upper right Pin Signal Pinning 1 VBUS 2 GND 3 D 4 D 5 Table 3 13 Pin Assignments of M8 USB Connector 3 3 9 E...

Страница 23: ...tors Pin Assignment on Gigabit Ethernet Each of the 4 pairs is used for bidirectional data transmission The eight pins are enumerated from right to left when looking at the front of the device Pin Sig...

Страница 24: ...ctor type M12 4 poles A coded male Table 3 17 Power Input Specifications Pin Assignment M12 4 poles A coded male Pin Signal Pinning 1 V 12 60 VDC 2 Not connected 3 VGND 4 Not connected Table 3 18 Pin...

Страница 25: ...ve the following specification Feature Specification Number of inputs 2 Maximum input voltage 40 VDC Minimum voltage for level 1 set 7 2 VDC Maximum voltage for level 0 not set 5 0 VDC Table 3 21 Isol...

Страница 26: ...ort Specification Pin Assignment CAN The eight pins are enumerated from right to left when looking at the front of the device Pin Signal Pinning 1 CAN_H 2 CAN_L 3 CAN_GND 4 5 6 7 CAN_GND 8 Table 3 24...

Страница 27: ...our pins are enumerated in anticlockwise direction The first pin is on the upper left when looking at the front of the device Pin Signal Pinning 1 WBSD RX 2 WBMS RX 3 WBME TX 4 WBED TX Table 3 26 Pin...

Страница 28: ...ned flexibly to any modem in the system It is also possible to switch a SIM to a different modem during operation for instance if you want to use another provider upon a certain condition However a SI...

Страница 29: ...s Attention Following points must be observed when installing the antennas A minimum clearance of at least 40 cm between people and the antennas must always be ensured If one mobile inerface transmit...

Страница 30: ...ntion Following points must be observed when installing the antennas A minimum clearance of at least 40 cm between people and the antennas must always be ensured If one WLAN inerface transmit simultan...

Страница 31: ...10 100 Mbps and two 10 100 1000 Mbps Ethernet devices can be directly connected to the router further devices can be attached via an addtional Ethernet switch Please ensure that the connector has bee...

Страница 32: ...tallation of the Audio Interface The audio interface line out is available on the PTT Option Ap and the Audio Option A extension Attention Risk of hearing damage Avoid the use of earphones or Headphon...

Страница 33: ...IP address of Ethernet1 is 192 168 1 1 and the Dynamic Host Configuration Protocol DHCP is activated on the interface by default The following steps need to be taken to establish your first Web Manage...

Страница 34: ...s the device via the serial console telnet SSH or to enter the bootloader You may also configure additional users which will only be granted to access the summary page or retrieve status information b...

Страница 35: ...covery image on demand which can be loaded into RAM via TFTP and executed It offers a minimal system image for running a software update or doing other modifications You will be provided with two file...

Страница 36: ...PN SERVICES SYSTEM LOGOUT Figure 5 2 Home Summary This page offers a short summary about the administrative and operational status of the router s inter faces WAN This page offers details about any en...

Страница 37: ...nterfaces DHCP This page offers details about any activated DHCP service including a list of issued DHCP leases OpenVPN This page provides information about the OpenVPN tunnel status IPSec This page p...

Страница 38: ...ting protocol DynDNS This page provides information about Dynamic DNS System Status The system status page displays various details of your NB3720 router including system details information about mou...

Страница 39: ...Supervision Settings Ethernet Port Setup VLAN Management IP Settings Mobile Modems SIMs Interfaces WLAN Administration Configuration IP Settings Bridges USB Serial Digital I O GNSS WAN Link Management...

Страница 40: ...2nd priority The first fallback link it can be enabled permanently or being dialed as soon as Link 1 goes down 3rd priority The second fallback link it can be enabled permanently or being di aled as...

Страница 41: ...be dialled if previous links failed distributed Link is member of a load distribution group Parameter WAN Link Settings Operation mode The operation mode of the link Weight The weight ratio of a distr...

Страница 42: ...ulator Hostname NB1600 Software Version 4 4 0 103 2004 2020 NetModule AG WAN Link Management Supervision Settings Ethernet Port Setup VLAN Management IP Settings Mobile Modems SIMs Interfaces WLAN Adm...

Страница 43: ...ngs on each WAN link to authoritative hosts The link will be declared as down in case all trials failed You may further specify an emergency action if a certain downtime is reached Link Hosts Emergenc...

Страница 44: ...s are re transmitted in case a first ping failed Max number of failed trials The maximum number of failed ping trials until the link will be declared as down Emergency action The emergency action whic...

Страница 45: ...ulator Hostname NB1600 Software Version 4 4 0 103 2004 2020 NetModule AG WAN Link Management Supervision Settings Ethernet Port Setup VLAN Management IP Settings Mobile Modems SIMs Interfaces WLAN Adm...

Страница 46: ...ion can be set for each Ethernet port individually Most devices support auto negotiation which will configure the link speed automatically to comply with other devices in the network In case of negoti...

Страница 47: ...1 2 5 LAN1 background routed HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM LOGOUT Figure 5 8 VLAN Management In order to form a distinctive subnet the network interface of a remote LAN host mus...

Страница 48: ...upervision Settings Ethernet Port Setup VLAN Management IP Settings Mobile Modems SIMs Interfaces WLAN Administration Configuration IP Settings Bridges USB Serial Digital I O GNSS IP Address Managemen...

Страница 49: ...er will be retrieved from a DHCP server in the network You may also define static values but caution has to be taken to assign an unique IP address as it would otherwise raise IP conflicts in the netw...

Страница 50: ...rt Setup VLAN Management IP Settings Mobile Modems SIMs Interfaces WLAN Administration Configuration IP Settings Bridges USB Serial Digital I O GNSS Mobile SIMs This menu can be used to assign a defau...

Страница 51: ...order to restart PIN unlocking and trigger another network registration attempt Under some circumstances e g in case the modem flaps between base stations it might be nec essary to set a specific serv...

Страница 52: ...for unlocking the SIM card PUK code The PUK code for unlocking the SIM card optional Default modem The default modem assigned to this SIM card Preferred service The preferred service to be used with t...

Страница 53: ...2004 2020 NetModule AG WAN Link Management Supervision Settings Ethernet Port Setup VLAN Management IP Settings Mobile Modems SIMs Interfaces WLAN Administration Configuration IP Settings Bridges USB...

Страница 54: ...heron you may configure the following advanced settings Parameter WAN Advanced Parameters Required signal strength Sets a minimum required signal strength before the connection is di aled Home network...

Страница 55: ...tware Version 4 4 0 103 2004 2020 NetModule AG WAN Link Management Supervision Settings Ethernet Port Setup VLAN Management IP Settings Mobile Modems SIMs Interfaces WLAN Administration Configuration...

Страница 56: ...configure the following settings Parameter WLAN Management Operation type Specifies the desired IEEE 802 11 operation mode Radio band Selects the radio band to be used for connections depending on yo...

Страница 57: ...for NRSW version 4 4 Standard Frequencies Bandwidth Data Rate 802 11g 2 4 GHz 20 MHz 54 Mbit s 802 11n 2 4 5 GHz 20 40 MHz 300 Mbit s 802 11ac 5 GHz 20 40 80 MHz 866 7 Mbit s Table 5 20 IEEE 802 11 Ne...

Страница 58: ...eter WLAN Mesh Point Management Operation type Specifies the desired IEEE 802 11 operation mode Radio band Selects the radio band to be used for connections depending on your module it could be 2 4 or...

Страница 59: ...hould be preferred over WPA1 running WPA WPA2 mixed mode offers both WPA cipher The WPA cipher to be used the default is to run both TKIP and CCMP Identity The identity used for WPA RADIUS and WPA EAP...

Страница 60: ...r Hostname NB1600 Software Version 4 4 0 103 2004 2020 NetModule AG WAN Link Management Supervision Settings Ethernet Port Setup VLAN Management IP Settings Mobile Modems SIMs Interfaces WLAN Administ...

Страница 61: ...EAP TLS Force PMF Enables Protected Management Frames Hide SSID Hides the SSID Isolate clients Disables client to client communication Band steering master The WLAN interface which the client should b...

Страница 62: ...y join the wireless network connect to the other mesh partners with the same ID and sercurtiy credentials The authentication credentials have to be obtained by the operator of the mesh network Paramet...

Страница 63: ...ty modes can be configured Parameter WLAN Mesh Point Security Modes Off MESHID is disabled None No authentication provides an open network SAE SAE Simultaneous Authentication of Equals is a secure pas...

Страница 64: ...55 0 Apply Continue HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM LOGOUT Figure 5 14 WLAN IP Configuration The access point networks can be bridged to any LAN interface for letting WLAN clients...

Страница 65: ...eatures 4addr frame Enables the 4 address frame format required for bridge links IAPP Enables the Inter Access Point Protocol feature Pre auth Enables the pre authentication mechanism for roaming clie...

Страница 66: ...ows Parameter Bridge Settings Administrative status Enables or disables the bridge interface If you need an interface to the local system you need to define an IP address for the local device IP Addre...

Страница 67: ...ort Setup VLAN Management IP Settings Mobile Modems SIMs Interfaces WLAN Administration Configuration IP Settings Bridges USB Serial Digital I O GNSS USB Administration This menu can be used to activa...

Страница 68: ...ings Mobile Modems SIMs Interfaces WLAN Administration Configuration IP Settings Bridges USB Serial Digital I O GNSS Connected USB Devices Vendor ID Product IDBus ID Manufacturer Device Type Enabled U...

Страница 69: ...tion which can be used for setting up more systems with different admin passwords For new devices with an empty password the hash key e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 c...

Страница 70: ...gin shell so that users can login to the system If more than one serial inrterface is available one serial interface can be configured as login console at a time device server The serial port will be...

Страница 71: ...nagement Supervision Settings Ethernet Port Setup VLAN Management IP Settings Mobile Modems SIMs Interfaces WLAN Administration Configuration IP Settings Bridges USB Serial Digital I O GNSS SERIAL1 is...

Страница 72: ...bits 1 stop bit Software flow control None Hardware flow control None Server Configuration Protocol on IP port Telnet Port 2000 Timeout endless numbered 600 Allow remote control RFC 2217 Show banner A...

Страница 73: ...r Settings Protocol on IP port Selects the desired IP protocol TCP or Telnet Port Specifies the TCP port on which the server will be available Timeout The time in seconds before the port will be disco...

Страница 74: ...ort Baud rate Specifies the baud rate run on the serial port Hardware flow control You may enable RTS CTS hardware flow control so that the RTS and CTS lines are used to control the flow of data Param...

Страница 75: ...erial Digital I O GNSS Digital I O Status DI1 off DI2 on DO1 off turn on DO2 on turn off Digital I O Configuration DO1 after reboot default DO2 after reboot default Apply HOME INTERFACES ROUTING FIREW...

Страница 76: ...his page can be used to pre configure the audio module It can be later used for the voice gateway It can be configured as follows Parameter Audio Settings Volume level Default volume level for line ou...

Страница 77: ...acy based on the satellite information and compares it with this accuracy thresh old in meters If the calculated position accuracy is better than the accuracy threshold the position is reported Adjust...

Страница 78: ...client connects You can specify on request which typically requires an R to be sent Data will be sent instantly in case of raw mode which will provide NMEA frames or super raw which includes the orig...

Страница 79: ...tion PRN The PRN code of the satelitte also referred as satellite ID as stated in GPGSA frames Elevation The elevation up down angle between the dish pointing direction in degrees as stated in GPGSV f...

Страница 80: ...tion Static Routes This menu shows all routing entries of the system they can consist of active and configured ones The flags are as follows A ctive P ersistent H ost Route N etwork Route D efault Rou...

Страница 81: ...The routing metric of the interface default 0 higher metrics have the effect of making a route less favorable Flags A ctive P ersistent H ost Route N etwork Route D efault Route The flags obtain the f...

Страница 82: ...ERFACES ROUTING FIREWALL VPN SERVICES SYSTEM LOGOUT Figure 5 21 Extended Routing In contrast to statis routes extended routes can be made up not only of a destination address net mask but also a sourc...

Страница 83: ...l perform weighted IP session distribution for particular subnets across multiple interfaces Destination Distribution 8 8 4 4 32 WWAN1 50 LAN2 50 HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM L...

Страница 84: ...obile node is relayed via the tunnel to the home agent instead of directly being conveyed to the final destination This fact also empowers MIP to be used as a lightweight VPN replacement without paylo...

Страница 85: ...s whether UDP encapsulation shall be used or not To allow NAT traversal UDP encapsulation must be enabled Mobile network address Optionally specifies a subnet which should be routed to the mobile node...

Страница 86: ...be reconnected Administrative status mobile node home agent disabled Primary home agent address 194 29 27 205 Secondary home agent address optional Home address 10 20 0 13 SPI 103 Authentication type...

Страница 87: ...version 4 4 Parameter Mobile IP Node Configuration Shared secret The shared secret used for authentication of the mobile node at the home agent This can be either a 128 bit hexadecimal value or a ran...

Страница 88: ...n section can be used to define the WAN interfaces on which QoS should be active Parameter QoS Interface Parameters Interface The WAN interface on which QoS should be active Bandwidth congestion The b...

Страница 89: ...case the total bandwidth of all queues exceeds the set upstream bandwidth of QoS Interface Parameters Set TOS The TOS DiffServ value to set on matching packets You can now configure and assign any ser...

Страница 90: ...roups on a particular interface and distribute incoming multicast packets towards the downstream interfaces on which hosts have joined the groups Parameter Multicast Routing Settings Administrative st...

Страница 91: ...e interfaces tab is used to define OSPF specific settings for the IP interfaces of the router If no settings are defined for a specific interface default settings will be used Parameter OSPF Interface...

Страница 92: ...BGP when VRRP slave Disables the BGP protocol when the router is set to slave mode by the VRRP redundancy protocol The neighbors tab is used to configure all the BGP routers to peer with Parameter BGP...

Страница 93: ...S SSH or TELNET by default but block any other packets coming from the WAN interface 5 5 2 Adress Port Groups This menu can be used to form address or port groups which can be later used for firewall...

Страница 94: ...targeting its services Packets which are not matching any of the rules below will be ALLOWED Description Action Source Destination Port s DENY WAN ALL DENY ANY on WAN ANY ANY Apply Clear HOME INTERFAC...

Страница 95: ...matching packets UDP TCP or ICMP Destination port s The destination port of matching packets which can be specified by a single port or a range of ports only UDP TCP The statistics page can be used t...

Страница 96: ...figure the interfaces on which masquerading will be performed Interface Source WAN ANY HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM LOGOUT Figure 5 26 Masquerading The administration page lets...

Страница 97: ...e network address port translation rules for inbound packets Description Source Target Redirect to Apply HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM LOGOUT Figure 5 27 Inbound NAPT Please not...

Страница 98: ...for port range translation in outbound rules Use net work based mapping there NAPT Outbound Rules Outbound rules will modify the source section of IP packets and can be used to establish 1 1 NAT mapp...

Страница 99: ...ient Management IPsec Administration Tunnel Configuration PPTP Administration Tunnel Configuration Client Management GRE Administration Tunnel Configuration L2TP Administration Tunnel Configuration Op...

Страница 100: ...tion Tunnel Configuration L2TP Administration Tunnel Configuration OpenVPN Tunnel 1 Configuration Operation mode disabled client server standard expert Server port 1194 Type TUN Protocol UDP Network m...

Страница 101: ...or bridged networks Protocol The tunnel protocol to be used for the transport connection Network mode Defines how the packets should be forwarded which can be either routed or bridged from to a partic...

Страница 102: ...ficate against local CRL negotiate DNS If enabled the system will use the nameservers which have been negotiated over the tunnel OpenVPN Expert Configuration Client The expert configuration mode offer...

Страница 103: ...t Certificate file server key Private key file dh1024 pem Diffie Hellman parameters file ccd A directory containing client specific configuration files Keep in mind that a certificate becomes valid on...

Страница 104: ...namic Download HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM LOGOUT Figure 5 30 OpenVPN Client Management In the Networking section you can specify a fixed tunnel endpoint address for each clie...

Страница 105: ...provide a secure channel and a bundle of algorithms that pro vide the parameters necessary to operate the AH and or ESP operations The Internet Security Association Key Management Protocol ISAKMP pro...

Страница 106: ...raversal Restart on link change Apply Restart HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM LOGOUT Figure 5 31 IPsec Administration This page can be used to enable disable IPsec you may also sp...

Страница 107: ...eneral For setting up the tunnel you will have to configure the following parameters first Parameter IPsec General Settings Remote peer IP address or host name of the remote IPsec peer You may specify...

Страница 108: ...e of identification for the local ID which can be a FQDN username FQDN or IP address Local ID The local ID value Remote ID Type The type of identification for the remote ID Remote ID The remote ID val...

Страница 109: ...oposal This section can be used to configure the phase 2 settings Parameter IPsec Proposal Settings Encapsulation mode The desired encapsulation mode Tunnel or Transport IPsec protocol The desired IPs...

Страница 110: ...emote network behind the peer NAT address Optionally you can apply NAT masquerading for packets coming from a different local network The NAT address must reside in the network previously specified as...

Страница 111: ...Psec Administration Tunnel Configuration PPTP Administration Tunnel Configuration Client Management GRE Administration Tunnel Configuration L2TP Administration Tunnel Configuration PPTP Administration...

Страница 112: ...unnel 1 Configuration Operation mode disabled client server Server listen address ANY specify Server address 192 168 250 1 Client address range 192 168 250 10 to 192 168 250 13 Username admin Password...

Страница 113: ...l NetModule Router Simulator Hostname NB1600 Software Version 4 4 0 103 2004 2020 NetModule AG OpenVPN Administration Tunnel Configuration Client Management IPsec Administration Tunnel Configuration P...

Страница 114: ...tion Peer address The IP address of the remote peer Interface The device type for this tunnel Local tunnel address The local IP address of the tunnel Local tunnel netmask The local subnet mask of the...

Страница 115: ...s of the tunnel Remote port The remote port address of the tunnel Local tunnel ID The local tunnel ID identifies the tunnel into which the session will be created Remote tunnel ID The remote tunnel ID...

Страница 116: ...ction is not possible Figure 5 36 Dial in Server Settings The following settings can be set Parameter Dial in Server Configuration Administrative status Specifies whether incoming calls shall be answe...

Страница 117: ...NB3720 User Manual for NRSW version 4 4 Please note that Dial In connections are generally discouraged As they are implemented as GSM voice calls they suffer from unreliability and poor bandwidth 117...

Страница 118: ...Anyone reasonably experienced in the C language will find an environment that is easy to dig in However feel free to contact us via router support netmodule com and we will happily support you in fin...

Страница 119: ...11 Transfer files over HTTP FTP 12 Perform config software updates 13 Control the LEDs 14 Get system events restart services or reboot system 15 Scan for networks in range 16 Create your own web page...

Страница 120: ...h LOCATION_COUNTRY_CODE string 2 ch LOCATION_COUNTRY string 11 Switzerland LOCATION_POSTCODE string 4 8001 LOCATION_STATE string 6 Zurich LOCATION_LATITUDE string 9 47 3778058 LOCATION_LONGITUDE strin...

Страница 121: ...ng the router when the script is to be executed This can be either time based e g each Monday or triggered by one of the pre defined system events e g wan up as described in Events chapter 5 7 7 With...

Страница 122: ...Apply HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM LOGOUT Figure 5 37 SDK Administration This page can be used to control the SDK host and apply the following settings Parameter SDK Administra...

Страница 123: ...ancy Voice Gateway Name Trigger Script Arguments config_summary manual_trigger config_summary HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM LOGOUT Figure 5 38 SDK Jobs This page can be used to...

Страница 124: ...t You are ready to set up a job afterwards it can be created by using the following parameters Parameter SDK Job Parameters Name A meaningful name to identify the job Trigger Specifies the trigger tha...

Страница 125: ...rror unexpected expecting SDK Sample Application As an introduction you can step through a sample application namely the SMS control script which implements remote control over short messages and can...

Страница 126: ...of the system output 1 on Turns on the first digital output port output 1 off Turns off the first digital output port output 2 on Turns on the second digital output port output 2 off Turns off the sec...

Страница 127: ...Events SMS SSH Telnet Server SNMP Agent Web Server Softflow Discovery Redundancy Voice Gateway DHCP Server Management Network Interface Operation Mode DHCP Range Relay Server Lease Time LAN1 Server 1...

Страница 128: ...current DNS server addresses if not configured else wise You can specify fixed addresses here Only allow static hosts Any requests coming from none static hosts will be ignored It is also possible to...

Страница 129: ...SNMP Agent Web Server Softflow Discovery Redundancy Voice Gateway DNS Server Administration Administrative status enabled disabled DNS Server Configuration Domain name Primary name server 10 74 210 2...

Страница 130: ...NB3720 User Manual for NRSW version 4 4 130...

Страница 131: ...static hosts for serving fixed IP addresses for various host names Parameter DNS Static Hosts Settings Address The IP address of the static host Hostname The hostname of the static host Please remembe...

Страница 132: ...ion Administrative status enabled disabled NTP Server Configuration Poll interval 256 seconds Allowed hosts Address 192 168 1 0 Netmask 255 255 255 0 Apply HOME INTERFACES ROUTING FIREWALL VPN SERVICE...

Страница 133: ...ministration Job Management Testing DHCP Server DNS Server NTP Server Dynamic DNS E mail Events SMS SSH Telnet Server SNMP Agent Web Server Softflow Discovery Redundancy Voice Gateway DynDNS Administr...

Страница 134: ...host name provided by your DynDNS service e g my box dyndns org Port The HTTP port of the service typically 80 Username The user name used for authenticating at the service Password The password used...

Страница 135: ...address router netmodule com Server address mail netmodule com Server port 25 Authentication automatic Encryption tls Username router netmodule com Password Apply HOME INTERFACES ROUTING FIREWALL VPN...

Страница 136: ...NB3720 User Manual for NRSW version 4 4 Parameter E Mail Client Settings Password Password used for authentication 136...

Страница 137: ...enabled SNMP host The SNMP host or address to which the trap shall be sent SNMP port The port of the remote SNMP service Username The username for accessing the remote SNMP service Password The passwo...

Страница 138: ...hether the provided SMS Center service works and may fail You may use the sms report received event to figure out whether a message has been successfully sent Received messages are pulled from the SIM...

Страница 139: ...lso define rules to drop outgoing messages for instance when you want to avoid using any expensive service or international numbers Both types of rules form a list will be processed by order forwardin...

Страница 140: ...erver NTP Server Dynamic DNS E mail Events SMS SSH Telnet Server SNMP Agent Web Server Softflow Discovery Redundancy Voice Gateway Telnet Server Configuration Administrative status enabled disabled Se...

Страница 141: ...ettings Administrative status Whether the SSH service is enabled or disabled Server port The TCP port of the service usually 22 Disable admin login Disable login for admin users Disable password based...

Страница 142: ...LLDP EXT MED MIB 1 3 6 1 4 1 31496 VENDOR MIB The VENDOR MIB tables offer some additional information over the system and its WWAN GNSS and WLAN interfaces They can be accessed over the following OIDs...

Страница 143: ...nabled disabled Operation mode v1 v2c v3 v3 only Contact Location Listening port 161 Download MIB Apply HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM LOGOUT Figure 5 46 SNMP Agent The following...

Страница 144: ...or admin access Attention must be paid to the fact that SNMP passwords have to be more than 8 characters long Shorter passwords will be doubled for SNMP e g admin01 becomes admin01admin01 Please note...

Страница 145: ...ate status snmpget v 3 u admin n l authNoPriv a MD5 x DES A admin01admin01 192 168 1 1 1 3 6 1 4 1 31496 10 40 12 0 The return value can be one of succeeded 1 failed 2 inprogress 3 notstarted 4 Runnin...

Страница 146: ...6 1 4 1 31496 10 40 18 0 Getting the alternative software version snmpget v 3 u admin n l authNoPriv a MD5 x DES A admin01admin01 192 168 1 1 1 3 6 1 4 1 31496 10 40 19 0 Getting the alternative soft...

Страница 147: ...erver Dynamic DNS E mail Events SMS SSH Telnet Server SNMP Agent Web Server Softflow Discovery Redundancy Voice Gateway Web Server Configuration HTTP Administrative status enabled redirect to https HT...

Страница 148: ...ameter Softflow Settings Interface Interface on which to listen for traffic Host Address Destination address of the traffic data Port Port of the destination address Protocol Version Protocol version...

Страница 149: ...abled discovery protocols The following protocols are supported Parameter Discovery Configuration LLDP Link Layer Discovery Protocol CDP Cisco Discovery Protocol FDP Foundry Discovery Protocol SONMP N...

Страница 150: ...down Same applies when the WAN link goes down NetModule Router Simulator Hostname NB1600 Software Version 4 4 0 103 2004 2020 NetModule AG SDK Administration Job Management Testing DHCP Server DNS Se...

Страница 151: ...tual Router ID you can theoretically run multiple instances Interface Interface on which VRRP should be performed Virtual gateway address The virtual gateway address formed by the participating hosts...

Страница 152: ...strative status enabled disabled Call Routing Generic SIP Settings SIP status enabled disabled SIP interface LAN1 SIP port 5060 SIP register expires 150 seconds Apply HOME INTERFACES ROUTING FIREWALL...

Страница 153: ...lls directly routed to a SIP agent without registration SIP user agent Endpoint acting as SIP user agent towards a remote registrar Based on your equipment we recommend to adjust the modem s audio pro...

Страница 154: ...pecifies the modem which will be used for voice over mobile calls Audio profile Specifies the modem s audio profile Volume level Specifies the modem s volume level 1 low Parameter Endpoint Settings SI...

Страница 155: ...for NRSW version 4 4 Parameter Endpoint Settings SIP user agent Register Selects whether the user agent shall register at the registrar Expires The expiry time in seconds after registration will be t...

Страница 156: ...dpoint registration status and so on Using the SDK you can also initiate or accept a call adjust its volume level or do a hangup Anyway for simple scenarios the generic method should be sufficient and...

Страница 157: ...gistrar proxy Parameter X Lite Configuration User ID SIP username used in from headers i e subscriber name Domain SIP Domain used in from headers optional Authorization name Username used for authenti...

Страница 158: ...ging Tech Support Keys Certificates Licensing Legal Notice Local hostname NB1600 Application area stationary Reboot delay 3 seconds Enable TCP timestamps Apply HOME INTERFACES ROUTING FIREWALL VPN SER...

Страница 159: ...ilesize The maximum size of the log files in kB until they will get rotated Redirect address Specifies an IP address to which log messages should be redirected to A tiny system log server for Windows...

Страница 160: ...have a battery backed clock RTC In this case the system time is set during boot to the last valide time e g before power off NetModule Router Simulator Hostname NB1600 Software Version 4 4 0 103 2004...

Страница 161: ...ng to check whether NTP servers are available when running initial time update Sync time from GNSS Derive time from first GNSS device if enabled Parameter Time Zone Time Zone Set the local time zone D...

Страница 162: ...ll admin administrator Administrator cli user user User cli HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM LOGOUT Figure 5 52 User Accounts The admin user is a built in power user which represen...

Страница 163: ...en adding additional admin users you are required to provide the password of the default administrator Storing Passwords Normally the password for a user is only stored as a cryptographic hash which i...

Страница 164: ...hentication port 1812 Accounting port 1813 Secondary RADIUS Configuration Server address Secret Authentication port 1812 Accounting port 1813 Apply HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM...

Страница 165: ...de the administrator password if you want to downgrade to a release 4 1 x and lower The same passphrase will be used for bootloader login as well All users which have no password stored on the device...

Страница 166: ...utomatic software update Status Enable disable automatic software update Time of day Every day at this time the router will do a check for updates Operation Download latest image from the the server o...

Страница 167: ...ath to firmware package A firmware package ZIP usually consists of a flash utility an info file and the corresponding firmware files Please follow http www netmodule com support supportform aspx in or...

Страница 168: ...entication Software Update Software Update Modem Firmware Update Software Profiles Configuration File Configuration Factory Configuration Troubleshooting Network Debugging System Debugging Tech Suppor...

Страница 169: ...k Debugging System Debugging Tech Support Keys Certificates Licensing Legal Notice Automatic Updates Status enabled disabled Time of day 00 00 URL Apply HOME INTERFACES ROUTING FIREWALL VPN SERVICES S...

Страница 170: ...ivated whenever a factory reset has been triggered Store HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM LOGOUT Figure 5 56 Factory Configuration This menu can be used to reset the device to fact...

Страница 171: ...ility can be used to verify whether a remote host can be reached via IP Time of day The traceroute utility can be used to print the route packets trace to a remote host Tcpdump The tcpdump utility gen...

Страница 172: ...ager 27880 wanlink0 permanent link is suspended for 10s set suspended auto Jan 9 02 02 15 NB1600 user err mobile node 17795 Could not determine care of address No route to home agent Jan 9 02 02 15 NB...

Страница 173: ...ation Factory Configuration Troubleshooting Network Debugging System Debugging Tech Support Keys Certificates Licensing Legal Notice Tech Support You can generate and download a tech support file here...

Страница 174: ...L certicates used by the Web server missing MQTT Broker The SSL certicates used by the Web server missing SSH Server The host keys used by the SSH server installed SSH Authorization The keys used for...

Страница 175: ...e to perform the following operations Operation Description generate locally Generate key and certificate locally on the box see 5 8 8 for more options upload files Key and certificate will be uploade...

Страница 176: ...d Common Name CN NB1600 E Mail router support netmodule com Expiry period 7300 days Key size 2048 bits DH primes 2048 bits Signature sha256 Cipher aes256 Passphrase SCEP Configuration SCEP Status enab...

Страница 177: ...ed individually encoded in PEM DER or PKCS7 format All files CA certificate certificate and private key can also be uploaded in one stroke by using the container format PKCS12 RSA DSS keys can be conv...

Страница 178: ...ns as used by SDK functions or when downloading configuration software images you might upload a list of CA certificates which are considered trusted To obtain the CA certificate from a particular sit...

Страница 179: ...pdate Software Update Modem Firmware Update Software Profiles Configuration File Configuration Factory Configuration Troubleshooting Network Debugging System Debugging Tech Support Keys Certificates L...

Страница 180: ...express or implied To obtain the corresponding open source codes covered by these licenses please contact our techni cal support at router support netmodule com Acknowledgements This product includes...

Страница 181: ...NB3720 User Manual for NRSW version 4 4 5 9 LOGOUT Please use this menu to log out from the Web Manager 181...

Страница 182: ...ll be executed by the RETURN key You can use the Left and Right keys to move the current point between entered characters or use the Up and Down keys to search the history of entered commands Typing e...

Страница 183: ...taining whitespaces 6 2 Print Help The help command can be used to get the list of available commands when called without arguments otherwise it will print the usage of the specified command help Usag...

Страница 184: ...and can be used to check if all modify scripts have completed after a config change done h Usage done h 6 6 Getting Status Information The status command can be used to get various status information...

Страница 185: ...tus qos QoS status neigh Neighborhood status location Current Location 6 7 Scanning Networks The scan command can be used to scan for available WWAN and WLAN networks scan h Usage scan hs interface Op...

Страница 186: ...te software latest to install the latest version from our server 6 10 Manage keys and certificates The cert command can be used to manage keys and certificates cert h Usage cert h p phrase operation c...

Страница 187: ...emon surveyor Supervision daemon syslog Syslog daemon telnet Telnet server usbipd USB IP daemon voiced Voice daemon vrrpd VRRP daemon wlan WLAN interfaces wwan manager WWAN manager 6 12 Debug System T...

Страница 188: ...ory command will print the list of entered commands on a per user basis history h Usage history c It can be cleared by history c 6 17 CLI PHP CLI PHP the HTTP frontend to the CLI application can be us...

Страница 189: ...cation command Command to be executed arg0 arg31 Arguments passed to commands Notes The commands correspond to CLI commands as seen by cli l the arguments arg0 arg31 will be directly passed to cli Thu...

Страница 190: ...php version 2 output html usr admin pwd admin01 command get arg0 config version http 1 9 2 1 6 8 1 1 cli php version 2 output html usr admin pwd admin01 command get arg0 openvpn status arg1 snmp stat...

Страница 191: ...li php version 2 output html usr admin pwd admin01 command reset update Update system facilities Key usage command update arg0 facility arg1 URL Notes Available facilities can be retrieved by running...

Страница 192: ...client must be properly configured prior to using that function Examples http 1 9 2 1 6 8 1 1 cli php version 2 output html usr admin pwd admin01 command send arg0 mail arg1 abc 40abc com arg2 test se...

Страница 193: ...otes The argument card specifies the card module index e g 0 for wwan0 The USSD code can consist of digits plus signs asterisks can be encoded with 2A and dashes can be encoded with 23 Examples http 1...

Страница 194: ...atellite System module Mobilex Identifies a WWAN modem SERIALx Identifies a serial port OUTx Specifies a digital I O output port DOx INx Specifies a digital I O input port DIx ANY Generally includes a...

Страница 195: ...rence Signal Received Quality LAI Location Area Identification LAC Location Area Code MCC Mobile Country Code MNC Mobile Network Code CID Cell ID MSISDN Mobile Subscriber Integrated Services Digital N...

Страница 196: ...ection came up 407 pptp down PPTP connection went down 408 dialin up Dial In connection came up 409 dialin down Dial In connection went down 410 mobileip up Mobile IP connection came up 411 mobileip d...

Страница 197: ...s being established 801 ddns update succeeded Dynamic DNS update succeeded 802 ddns update failed Dynamic DNS update failed 901 usb storage added USB storage device has been added 902 usb storage remo...

Страница 198: ...Configuration The factory configuration including default values for any configuration parameter can be derived from the file etc config factory config cfg on the router You may also call cli get f p...

Страница 199: ...NB3720 User Manual for NRSW version 4 4 A 4 SNMP VENDOR MIB 199...

Страница 200: ...ver incl device identity gps monitor are A script for activating WLAN as soon as GPS position lat lon is within a specified range gps udp client compat are This script sends the local GPS NMEA stream...

Страница 201: ...messages coming from the serial port and forwards them via UDP to a remote host and vice versa serial write are This script can be used to write a message to the serial port set ipsec route are set ro...

Страница 202: ...SMS E Mail udpclient are This script sends a message to a remote UDP server udpserver are This script implements an UDP server which is able to receive mes sages update config are This script can be u...

Отзывы:

Нет отзывов