RACOM M!DGE3 Скачать руководство пользователя | Manualshive

Страница: 109 / 183

background image

Note

Informational note.

7.3.3.3. Cooperation with other services

• MASQUERADE rule for Cellular connection has lower priority that user NAT (it is tested after the

NAT), thus it is possible to create exceptions in NAT settings.

• By using DNAT it is possible to intercept a passing connection and redirect it into the RipEX (similar

to a proxy behavior).

• For redirection

○ Local IP address will be filled into “

Rewrite destination IP

” parameter.

○ Service port, to which is the local address being redirected will be filled into “

Rewrite destination

port

” parameter.

NAT and IPsec

• DNAT can be used before packing a packet into the IPsec.

• SNAT works on packets unpacked from IPsec.

• SNAT can be used before packing a packet into the IPsec (parameter “

Output interface

” must be

set to “All”)

• Rules of SNAT and MASQUERADE (from Cellular) changes packets addresses before capturing by

IPsec traffic selector.

7.4. VPN

VPN (Virtual Private Network) extends a private network across a public network, and enables users
to send and receive data across shared or public networks as if their computing devices were directly
connected to the private network. Applications running across the VPN may therefore benefit from the
functionality, security, and management of the private network.

7.4.1. IPsec

Internet Protocol Security (IPsec) is a network protocol suite that authenticates and encrypts the
packets of data sent over a network. IPsec includes protocols for establishing mutual authentication
between agents at the beginning of the session and negotiation of cryptographic keys for use during
the session. IPsec uses cryptographic security services to protect communications over Internet Protocol
(IP) networks. IPsec supports network-level peer authentication, data-origin authentication, data integrity,
data confidentiality (encryption), and replay protection. IPsec is an end-to-end security scheme operating
within the Internet Layer of the Internet Protocol Suite. IPsec is recognized as a secure, standardized
and well-proven solution by the professional public.

Although there are 2 modes of operation, M!DGE3 only offers a Tunnel mode. In Tunnel mode, the
entire IP packet is encrypted and authenticated. It is then encapsulated into a new IP packet (ESP –
Encapsulating Security Payloads) with a new IP header.

Symmetrical cryptography is used to encrypt the packets. The symmetric keys must be safely delivered
to the peer. In order to maintain a secure connection, symmetric keys must be regularly exchanged.

109

© RACOM s.r.o. – M!DGE3 Cellular Router

Settings

«
...
107
108
109
110
111
...
»

Содержание M!DGE3

Страница 1: ...User manual M DGE3 Cellular Router fw 2 0 13 0 2022 09 14 version 1 0 www racom eu RACOM s r o Mirova 1283 592 31 Nove Mesto na Morave Czech Republic Tel 420 722 937 522 E mail racom racom eu...

Страница 2: ......

Страница 3: ...rs 35 6 2 Changes to commit 35 6 3 Notifications 37 6 4 User menu 38 6 5 Remote access 38 6 6 Refresh 40 6 7 Help 40 6 8 Shortcuts 41 7 Settings 42 7 1 Interfaces 42 7 1 1 Ethernet 42 7 1 1 1 Network...

Страница 4: ...6 7 2 3 4 Network Areas and interfaces Interfaces 87 7 2 3 5 Network Areas and interfaces Neighbors 88 7 2 3 6 Network Areas and interfaces Networks 89 7 2 3 7 Static rules 89 7 2 3 8 Import filter 90...

Страница 5: ...gnostics 146 8 1 Overview 146 8 1 1 Measurements 146 8 1 2 Statistics 147 8 2 Information 147 8 2 1 Interfaces 147 8 2 2 Routing 149 8 2 3 Firewall 150 8 2 3 1 Firewall L2 150 8 2 3 2 Firewall L3 150...

Страница 6: ...arranty 173 10 1 Safety instructions 173 10 2 High temperature 174 10 3 Battery disposal 174 10 4 Instructions for Safe Operation of Equipment 174 10 5 SW license 174 10 6 EU Compliance 176 10 6 1 RoH...

Страница 7: ...e Due to the nature of wireless communications transmission and reception of data can never be guaranteed Data may be delayed corrupted i e have errors or be totally lost Significant delays or losses...

Страница 8: ...adapter External WiFi adapter Part No OTH USB WIFI W2 an optional accessory of the M DGE3 see ETH USB adapter 1 needs to be used Any other adapter will not work correctly when connected to M DGE3 uni...

Страница 9: ...sk Note https For security reasons the http protocol with ssl encryption can be used for the commu nication between the PC and M DGE3 The https protocol requires a security certificate You must instal...

Страница 10: ...cellular routers are native IP devices with Linux OS that have been designed with attention to detail performance and quality M DGE3 is built into a rugged metal casing that allows for multiple instal...

Страница 11: ...2 1 Dimensions Fig 2 1 M DGE3 dimensions 11 RACOM s r o M DGE3 Cellular Router Product...

Страница 12: ...2 M DGE3 Edge bracket dimensions Fig 2 3 M DGE3 flat bracket dimensions For more information see Section 4 1 1 DIN rail mounting and Section 4 1 2 Flat mounting M DGE3 Cellular Router RACOM s r o 12 P...

Страница 13: ...Antenna connectors An antenna can be connected to M DGE3 via SMA female 50 connect or M DGE3 is equipped with two connect ors The ANT1 connector will be used for common transmitting and receiving sing...

Страница 14: ...LEEP INPUT SI 1 pull below 1 1 VDC to activate 1 1 VDC 1 9 VDC threshold hysteresis max 50 VDC HW ALARM INPUT AI 2 pull below 1 1 VDC to activate 1 1 VDC 1 9 VDC threshold hysteresis max 50 VDC GND fo...

Страница 15: ...al output POWER The POWER pins labelled and serve to connect a power supply 10 50 VDC The requirements for a power supply are defined in Section 4 6 Power supply and Chapter 9 Technical parameters 15...

Страница 16: ...ngeable with maximal power consumption 1 25 W Both fibre optic and metallic Ethernet SFP modules are supported For optical both single and dual mode fibre optics Ethernet modules 2 or 1 fibers can be...

Страница 17: ...M RS232 Terminal block In Out Signal In Out Signal Pin Out CTS 1 In RTS 2 In Out line B Out RxD 3 In Out line A In TxD 4 GND GND 5 M DGE3 keeps pin 6 DSR at the level of 0 state ON approx 6 2 V by RS2...

Страница 18: ...X 9 Connector Shell Shield Shell The USB interface is designed for the connection to an external ETH USB adapter or a WiFi adapter They are optional accessories to M DGE3 for more details see www ripe...

Страница 19: ...tal Outputs Open drain output max 50 VDC 0 2 A Isolated differential digital input Input voltage difference P N 1 9 VDC Logic H Input voltage difference P N 1 1 VDC Logic L Maximum differential voltag...

Страница 20: ...cards Two SIM card holders for Micro SIM 3FF are available under the screwed cover on the M DGE3 right side Warning Disconnect M DGE3 unit from a power supply before opening the cover and manipulating...

Страница 21: ...for Micro SIM 3FF are available under the screwed cover on the M DGE3 right side 2 4 GPS M DGE3 cellular router shall be equipped by the GPS receiver with time pulse output EXT1 connector is used for...

Страница 22: ...signalise signal strength Permanently lit or flashing in 1 sec intervals Yellow Green Yellow Red Flashing Connect ing into the cellular network Colour signalise signal strength When 2 nd cellular used...

Страница 23: ...ot Possible values N not used W Expansion cellular module Bands W Part No mPCIe W Bands W 4G 3G 2G Global For frequency bands see details G GPS GNSS module Part No mPCIe GPS C Expansion 2 RS232 Part N...

Страница 24: ...code which is printed on Product label on the housing SW keys are not HW dependent and can be ordered later on so they are not printed on Product label Order code the complete product code which is u...

Страница 25: ...B adapters ETH WiFi https www racom eu eng products radio modem ripex html accessories_ethusb 4 Demo case https www racom eu eng products radio modem ripex html accessories_democase 1 https www racom...

Страница 26: ...sure proper grounding Section 4 4 Grounding 5 Run cables and plug in all connectors except from the SCADA equipment Section 2 2 Connectors 6 Apply power supply to M DGE3 7 Connect configuration PC Rip...

Страница 27: ...lar modem is directly mounted to the DIN rail by a holder which comes with the modem Fig 4 1 DIN rail Using this mounting M DGE3 can be mounted in different angles by 90 clockwise counter clockwise 27...

Страница 28: ...edged mounting to the DIN rail Edge bracket optional accessory is used Use solely the M4 5 mm screws that are supplied Fig 4 2 Edged mounting to DIN rail M DGE3 Cellular Router RACOM s r o 28 Installa...

Страница 29: ...t mounting directly to the support you must use the Flat bracket an optional accessory Use solely the M4 5 mm screws that are supplied Fig 4 3 Flat mounting using Flat bracket 29 RACOM s r o M DGE3 Ce...

Страница 30: ...e should be chosen so that its attenuation does not exceed 3 to 6 dB as a rule of thumb Use 50 impedance cables only The shorter the feed line the better If M DGE3 is installed close to antenna the da...

Страница 31: ...and other devices Connecting the RTU and other devices to M DGE3 while powered increases the likelihood of damage due to the discharge of difference in electric potentials M DGE3 may be powered from a...

Страница 32: ...e a virtual serial interface to such application and converts the serial data to TCP UDP datagrams which are then received by the terminal server in M DGE3 This type of connection between M DGE3 SCADA...

Страница 33: ...routing between the source Local M DGE3 and the destination IP Remote M DGE3 needs to be configured properly When in Bridge mode IP address of the Network interface the Radio interface is bridged wit...

Страница 34: ...s depicted in this User manual are taken on the desktop type of screen resolution Note A mechanism against brute force attack is implemented When wrong combination of the Account Password is entered y...

Страница 35: ...to commit M DGE3 is capable of remembering changes which were done in its configuration and collecting them in a Changes to commit basket All changes of configuration parameters are highlighted by dif...

Страница 36: ...tion about their changed values Old value New value From this page it is possible to Return to configuration return to the last changed value Reset changes all changes will be reset back to their prev...

Страница 37: ...e the most efficient location Note To access Notification Center it is possible to use shortcut Ctrl Alt N Notifications are mostly triggered by user actions in the interface for example success or fa...

Страница 38: ...n of the unit accessing the unit IP address directly from the web browser works fine If the unit should be connected remotely via the radio network the so called Remote access needs to be used to conf...

Страница 39: ...tion 7 6 7 Firmware Remote access can be activated via click on the Remote access button The connection to remote radio proceeds The IP address of the actually connected M DGE3 unit is displayed as pa...

Страница 40: ...s to remote units 6 6 Refresh Refresh button placed in the right corner of the web page header triggers a feature which assures the user that he is working with current data Triggering the Refresh wil...

Страница 41: ...the respective sub chapter of the User manual 6 8 Shortcuts Tab 6 1 Table of shortcuts Access to Shortcut Changes to commit Ctrl Alt C Notification center Ctrl Alt N Remote access Ctrl Alt R 41 RACOM...

Страница 42: ...erfaces can be defined Multiple physical Ethernet interfaces can be bridged together by using single Network interface When unit is operating in Bridge mode the default Network interface bridges toget...

Страница 43: ...interface Allow unit management Enables disables unit management for the specific Network interface Add IP Subnet Adds defined subnet to the Network interface IP Mask IP address mask of the specific...

Страница 44: ...7 1 1 2 Ports Ethernet 1 Ethernet 5 List box enable disable default enable Enables Disables ETH port SW control ETH1 ETH4 speed List box auto auto auto full auto half 1000 Mbps auto 1000 Mbps full 10...

Страница 45: ...P frame forwarded to the M DGE3 router module and further processed according to router rules Such UDP frames received by the M DGE3 unit from the M DGE3 network based on the unit IP address and UDP p...

Страница 46: ...ent with each data character arranged so that the number of 1 bits in each character including the parity bit is always odd or always even If a byte is received with the wrong number of 1 bits then it...

Страница 47: ...ed in order to pause and resume the transmission of data If RX buffer of M DGE3 is full the CTS goes down Note RTS CTS Flow control requires a 5 wire connection to the COM port Buffer flush time ms Nu...

Страница 48: ...nto which the serial SCADA packet received from COM is encapsulated Destination UDP port List box Manual COM1 COM3 TS1 TS5 default COM1 The same UDP port will be used for all destination This UDP port...

Страница 49: ...the same UDP port is used for all the SCADA units which results in the following limita tions SCADA devices on all sites have to be connected to the same interface only one SCADA device to one COM por...

Страница 50: ...arget IP IP address to which the response is sent when TARGET is chosen in the Response target mode 7 1 2 3 1 None The None protocol switches the COM port off All incoming data will be thrown away No...

Страница 51: ...4 COMLI COMLI is a serial polling type communication protocol used by Master Slave application When M DGE3 radio network in Router mode is used more COMLI Masters can be employed within one Radio netw...

Страница 52: ...00 0 switches this functionality off Timeout for checking of the duplicity of two following frames Used when the very same frame is incoming via COM port within the timeout measured from the moment of...

Страница 53: ...col contains the source and destination addresses in its header so there is no difference between Master and Slave in terms of the M DGE3 configuration The DNP3 allows both Master Slave polling as wel...

Страница 54: ...s protocol local acknowledgment Typically the default setting shall be used In case a need it is possible to change ACK parameters in ADVANCED Generic com_x_prot Pro tocol_DF1 menu ACK locally List bo...

Страница 55: ...A is a full duplex protocol featuring 32bit long addresses error detection based on 16 bit checksum XOR or 16 bit CRC error correction MARS A was widely used by legacy RACOM radio modems in the MORSE...

Страница 56: ...legacy MORSE network implementations This parameter does not change protocol behaviour CRC List box On Off default Off Error detection algorithm On CRC algorithm is used Off XOR algorithm is used 7 1...

Страница 57: ...imeout parameter controls how long the unit waits for an acknowledgement frame The timeout is started when the original frame received from the Radio channel is transmitted to the connected device ove...

Страница 58: ...layer L2 in OSI model hence M DGE3 uses a similar way to read SCADA address as in UNI protocol There is a handshake STX 0x02 DLE Ox10 on the start of communication and DLE ETX DLE on the end This hand...

Страница 59: ...ce number of the byte where the Protocol address starts Note 3964 R protocol is using escape sequence control sequence for DLE 0x10 I e when 0x10 is in user data 0x1010 is sent instead When address po...

Страница 60: ...er must be set so that one has High priority and the other has Low BCC List box On Off default On BCC Block Check Character is a control byte used for data integrity control it makes the reli ability...

Страница 61: ...s mode allows to behave in limited way as a Master and send to other Slave Slave Plus write command read command is not allowed Broadcast List box On Off default On When On the 255 address is treated...

Страница 62: ...ster timeout This timeout is reseted after receiving of an answer from Slave or a frame in coming from the connected master Mode of Connected device SLAVE Response timeout ms Number 0 16383 default 30...

Страница 63: ...ire COM or Ethernet interface ACK 0x06 frames are transmitted on successful reception and NAK 0x15 on unsuccessful frame reception ACK timeout ms Number 0 16383 default 1000 Note ACK timeout is measur...

Страница 64: ...ocol is fully transparent i e all messages are transported and delivered without any modifications Mode of Connected device List box Master Slave default Master Adress mode List box Binary 1B ASCII 2B...

Страница 65: ...ept broadcasts List box On Off default On On Broadcast packets received at the radio channel are forwarded to the COM port Off Broadcast packets received at the radio channel are discarded Unicast pac...

Страница 66: ...rt with each datagram In such a case set Destination port 0 M DGE3 will then send replies to the port from which the last response was received This feature allows to extend the number of simultaneous...

Страница 67: ...bles the cellular MAIN EXT When disabled default the module power is off Note Routing Mode WWAN AUX is added to the Static routing rules definition When this mode is selected the routing Gateway param...

Страница 68: ...ning packets will be correctly routed back to its original source internal device Allow unit management List box On Off default On Allows to manage the unit over WWAN interface Link testing List box O...

Страница 69: ...ntication We do not recommend to use this option because of security issues the option is provided to offer legacy systems compatibility User name and Password are required CHAP CHAP Challenge Handsha...

Страница 70: ...be used Lock to home Only the home network will be used if the SIM supports PLMN reading This option can also be used as a switch off for the roaming Location area identity LAI String 00000 999999 de...

Страница 71: ...er 3 3600 default 60 Time period during which is the connection being tested Repeat period s Number 3 3600 default 10 If the test results as failed the connection is tested again after defined time pe...

Страница 72: ...succeeds both addresses must pass the test Note If the connection to SIM card fails missing SIM wrong PIN all profiles using that SIM will be blocked If all profiles are blocked the whole Cellular int...

Страница 73: ...to first profile List box On Off default On When enabled the module will switch back to its first profile after defined time period Time to return to first profile min Number 5 10080 default 480 Time...

Страница 74: ...terface can filter the traffic List box WWAN or AUX HotStandby WWAN is activated only in active mode disabled in passive In passive mode the module is dis connected from the mobile network IPsec Autom...

Страница 75: ...according to the Routing table Unlimited number of subnets can be defined on the Network interface They are routed independently The COM ports are treated in the standard way as router devices message...

Страница 76: ...hop on the specific route is over the radio channel the Radio IP is used as a Gateway If Base driven protocol is used and the destination Remote is behind a Repeater the destination Remote Radio IP is...

Страница 77: ...highly dynamic wireless networks for more information see RFC6126 2 BABEL is also a dynamic routing protocol for Internet Protocol IP networks It is an Interior Gateway Protocol IGP working within one...

Страница 78: ...odically and also after their update Routing path decision is based on a metric Metric is set on each interface It reflects a price for the packet reception The higher the metric value the more disadv...

Страница 79: ...1 Dynamic rule 192 168 1 0 24 192 168 11 1 metric 32 Packet with DST 192 168 1 42 will be routed to 192 168 11 1 because the dynamic rule has a nar rower mask Example 2 similar situation with addition...

Страница 80: ...not travel through 7 2 2 3 Network Interfaces Active List box On Off default Off Enables disables the interface Interface String a z A Z 0 9 max 16 char default empty Interfaces which will be used by...

Страница 81: ...ing Hello packets Update interval multiplier Number 2 30 default 4 Interval of sending the routing table update packets to share the network topology information across the BABEL network The update in...

Страница 82: ...g routing rule is processed by those Import filters Maximum number of filter rules is 256 Active List box On Off default On Enables disables the filter rule Filter network List box Off Match Not match...

Страница 83: ...nce in the routing table to be used when Set preference is enabled The higher the number the better the preference Local preferred source address IP address default 0 0 0 0 Preferred source IP address...

Страница 84: ...ernal Inter area External type 1 External type 2 default External type 2 OSPF sources Internal stands for internally generated rule e g interface range Inter area stands for rule generated on the area...

Страница 85: ...path metric There are two types of metrics Metric Type 1 path length individual interfaces pass over costs are added Metric Type 2 is setup on the rules which are exported to the OSPF from outside Rul...

Страница 86: ...E3 unit acts in the OSPF network as a dynamic router Every router is identified by an ID having the format of IP address This IP address does not have to be real Router ID is shared with the BGP proto...

Страница 87: ...LAN 141 VLAN if_ prefix must be used followed by Network interface name dot and VLAN number e g if_LAN 141 29 Radio radio Hot standby hstdby GRE L3 gre_tunX where X is the tunnel number starting from...

Страница 88: ...propagation The higher the number the higher the priority 0 states the router cannot be used as a primary or backup router Use broadcast List box On Off default Off Defines if OSPF packets distributio...

Страница 89: ...ts two subnets 192 168 1 0 24 and 192 168 2 0 24 Area border router between Area 0 0 0 1 and 0 0 0 0 defines a rule for network aggregation 192 168 0 0 16 As a result of this the area border router an...

Страница 90: ...sk from Number 0 32 default 0 Mask to Number 0 32 default 32 Definition of the enabled range of the mask length of the processed routing rule Examples Rule 0 0 0 0 0 0 32 captures all IP ranges Rule 1...

Страница 91: ...the source IP address is set according to the outgoing interface Note Informational note 7 2 3 9 Export filter OSPF export filter rules define set of routing rules to be exported from the unit into th...

Страница 92: ...e called internal iBGP All BGP routers within given AS must be fully interconnected every router must have connection to all other routers It is possible to define Route reflectors they must be fully...

Страница 93: ...534 and 4200000000 4294967294 AS numbers from this range can be safely used by anyone Preference Number 0 2 32 1 default 100 Router preference within the local AS The higher the number the higher the...

Страница 94: ...hbor type List box Internal External default External Neighbor router type selection Internal neighbor belongs to the same AS iBGP External belongs to other AS eBGP Neighbor AS Number 0 2 32 1 default...

Страница 95: ...lue Incoming packets having lower than expected value expected number of hops are discarded Expected hops Number 2 32 default 2 Number of expected hops between the neighbors Route reflector client Lis...

Страница 96: ...d of the routing rule destination range comparison Network IP Network mask IP address default 0 0 0 0 0 IP address and mask defines the network prefix to be compared Mask from Number 0 32 default 0 Ma...

Страница 97: ...0 0 0 0 Preferred source IP address for the locally generated packets When disabled default value 0 0 0 0 is used the source IP address is set according to the outgoing interface 7 2 4 6 Export IGP f...

Страница 98: ...Filter OSPF tag List box Off Match Not match default Off Selects the way of filtering based on OSPF tag OSPF tag Number 0 2 32 1 default 0 OSPF tag to be compared The tag is added to a rule when inser...

Страница 99: ...ighbor the path was received from this AS last on the path Source routing rule originates from this AS first on the path Path AS Number 0 2 32 1 default 65000 The number of the AS searched for Action...

Страница 100: ...h default Off Selects the way of filtering based on OSPF tag OSPF tag Number 0 2 32 1 default 0 OSPF tag to be compared The tag is added to a rule when inserted to OSPF Filter BGP path List box Off Is...

Страница 101: ...traffic to from other MAC addresses is allowed Whitelist Only the MAC addresses listed in the table are allowed i e only packets to from them are al lowed The traffic to from other MAC addresses is b...

Страница 102: ...ule with narrower mask has higher priority The rule s order does not affect priority Source port from Source port to Interval of source ports Input interface List box All Radio All ETH ETH1 ETH5 Other...

Страница 103: ...which may affect datagrams to from these ports in L3 Firewall settings Management connection to a remote M DGE3 may be lost when another M DGE3 acts as a router along the management packets route and...

Страница 104: ...ocol is set to Other Protocol List box All ICMP UDP TCP GRE ESP Other default All Filters selected protocol If none of the mentioned values suits select Other Protocol number Number 0 255 default 1 Th...

Страница 105: ...ess to IP address default Off Off Source address and or port will be replaced by values from parameters Rewrite source IP and Rewrite source port This applies only if those parameters are set they are...

Страница 106: ...ace Source port from Source port to Destination port from Destination port to and Protocol number define a filter which is catching specified packets SNAT rule applies for those packets Parameters Sou...

Страница 107: ...terfaces radio the name of LAN or VLAN interface the name of GRE tunnel etc This parameter occurs only if parameter Input Interface is set to Other Range mapping List box Off IP address to IP address...

Страница 108: ...t Set to IP 10 10 10 1 and port 502 resulting in a range of IPs 10 10 10 1 10 10 10 15 due to Destination ports of received UDP data in a range of 20001 20015 15 ports 15 IP ad dresses A new port is a...

Страница 109: ...therefore benefit from the functionality security and management of the private network 7 4 1 IPsec Internet Protocol Security IPsec is a network protocol suite that authenticates and encrypts the pa...

Страница 110: ...unnel contains 1 IKE SA and at least 1 CHILD SA Link partner peer secure authentication is assured using Pre Shared Key PSK authentication method Both link partners share the same key password As and...

Страница 111: ...IPsec VPN tunnel click the Add VPN configuration button Add Edit IPsec VPN tunnel associations Every item in the table represents one IKE SA There can be a maximum of 8 active IKE SA limited by syste...

Страница 112: ...p PFS List box None legacy Group 2 MODP1024 legacy Group 5 MODP1536 legacy Group 14 MODP2048 Group 15 MODP3072 Group 25 ECP192 Group 26 ECP224 Group 19 ECP256 Group 20 ECP384 Group 21 ECP521 Group 27...

Страница 113: ...SHA384 SHA512 default SHA256 IKE CHILD SA integrity algorithm The legacy marked methods are recognized as unsafe Peer configuration must match The same value as selected for the Integrity algorithm is...

Страница 114: ...elevant peer is identified using it s Peer ID The key must be the same for both local and peer side of the IPsec Mode List box Passphrase Key default Passphrase This parameter occurs only if parameter...

Страница 115: ...es Local network address Mask Source IP address and mask of the packets to be captured and forwarded to the encrypted tunnel Remote network address Mask Destination IP address and mask of the packets...

Страница 116: ...M DGE3 Cellular Router RACOM s r o 116 Settings...

Страница 117: ...packet transmission through tunnel is attempted Restart connection is established immediately 7 4 2 GRE L2 GRE L2 tunnel is interconnected to the bridge LAN interface as one of the bridge s port it c...

Страница 118: ...nterfaces Ethernet Network interface Name Key enabled Enables using key identification of the tunnel from to the same peer Key Identification number of the tunnel Number 0 4 294 967 295 default 0 MTU...

Страница 119: ...mber 0 4 294 967 295 default 0 MTU MTU of the L2 tunnel Number 70 1476 default 1476 Overhead of the L3 tunnel is 24 B so it should be GRE MTU Path MTU 24 If the MTU is bigger than is allowed along the...

Страница 120: ...min Sec tech Tech Guest Write Write Write Read only Ethernet Radio COM Terminal servers Cellular Interfaces SETTINGS Write Write Read only Read only Radio Encryption Write Write Write Read only Static...

Страница 121: ...erves as login to the whole network 7 5 1 User access User access serves for enabling disabling and setting of used protocol access It can be used for setting a non standard port for the protocol as w...

Страница 122: ...ll users button provides backup of all Local user accounts into a file Import all user button provides restoration of all Local user accounts from a backup file Active session is logged out automatica...

Страница 123: ...ADVANCED Generic UserAccess Web inactivity timeout Note It is necessary to install firmware version 1 4 5 0 or higher to assure proper functionality of Local and Remote authentication 7 5 2 2 Setting...

Страница 124: ...lly with an authentication server RADIUS client server protocol is used for remote authentication RADIUS accounts can be mapped to one of the four user roles This is either managed by the server itsel...

Страница 125: ...hall be set during the server configuration The user access level will be granted according to the integer ranges for individual role levels When the server does not allow setting of Management Privil...

Страница 126: ...amper reset and click the Reset tamper button Note The unit must be re assembled before Tamper reset otherwise it returns an error Whole process can take a while and ends by rebooting the unit M DGE3...

Страница 127: ...tact Additional SNMP information All the fields above are typically used in the NMS systems to identify the specific unit 7 6 1 2 Service USB The USB service interface primary purpose is to provide un...

Страница 128: ...P server This is the IP address to be used when accessing the unit manage ment via this serial interface DHCP pool start Default IP address of the DHCP server 1 DHCP Server assigns addresses to connec...

Страница 129: ...tics Unit time can be setup manually or it can be synchronized with an NTP server NTP server synchron ization is recommended The unit itself serves as an NTP server providing the time synchronization...

Страница 130: ...y updates the Change device time manually field to minimize the delay between the time input and the moment of time setup NTP client synchronization source Synchronization source of the NTP client The...

Страница 131: ...le every time the configuration is changed to be able to restore the configuration into another unit in case of unit maintenance Backup and download button triggers the web browser Download action The...

Страница 132: ...on button loads default values of all configuration parameters into the web interface All parameters whose current value differs from the default are marked as changed They are listed in the Changes t...

Страница 133: ...ion detector calibration Note Basic data such as Code Region SW keys will always remain in the unit Warning This action can take up to two minutes do not power off the unit until finished 133 RACOM s...

Страница 134: ...Tab 7 3 Configuration versions FW version CNF version 2 0 13 0 1 M DGE3 Cellular Router RACOM s r o 134 Settings...

Страница 135: ...arm outputs AO DO1 DO2 see Section 2 2 2 Power and Control Events can also generate an SMS notifications which are being sent to a defined phone number see Section 7 6 5 SMS 7 6 4 SNMP SNMP Simple Net...

Страница 136: ...ault public Community name used by v1 and v2cWhen mode v1_v2c_v3 is used this parameter is mandatory Version 3 settings Security username String 1 32 char default empty Username for SNMPv3 When v3 pro...

Страница 137: ...le 800083130302a92006ef Engine ID String 1 27 char When User defined Engine ID mode is selected the differentiated part of the Engine ID can be entered as ASCII characters or generated e g U3qPrisWoDY...

Страница 138: ...of the SMS is depended on the type of module and coding If longer SMS is required only SMS notifications it is divided into a Chained SMS Note This section closely cooperates with Section 7 1 4 Cellul...

Страница 139: ...ation Chained SMS are supported Sending SMS notifications can be activated in Section 7 6 3 Events 7 6 5 1 Parameters SMS password String 2 16 ASCII char default public Sets a SMS password which serve...

Страница 140: ...ONNECTED Reg RegHome Net 23002 Svc 2G_EDGE Band ARFCN 77 Signal RSSI 48 dBm APN internet IP 100 110 103 173 smsevent param Example public smsevent raise This command is used to turn on off alarms whic...

Страница 141: ...serial number Use Choose File dialog to select the file and Install key button to install the key s to unit Differences with the previous generation of M DGE3 SW keys are always installed as a file t...

Страница 142: ...are version in all units is the best way to keep the network maintenance simple Upgrading firmware to a newer version is not obligatory unless there are bug security fixes etc The cyber security issue...

Страница 143: ...In case of slow connection and file transfer longer than 120 s the web browser will shut down the connection and the action will not finish successfully This action does not update the running unit fi...

Страница 144: ...M DGE3 is a very powerful device and it really shows all parameters in the Advanced section When you visit the page for the first time you will see a search field and below a tree of configuration pa...

Страница 145: ...Be careful when adjusting settings in Advanced section and review the Changes page in detail before sending changes to the device 145 RACOM s r o M DGE3 Cellular Router Settings...

Страница 146: ...re can be disabled in parameters Advanced Interfaces Radio Radio paramet ers Block radio in extreme temperatures Card Voltage provides data about voltage measured on input connector Arrow headed symbo...

Страница 147: ...taking 14 mins from history seconds passed from current minute 8 2 Information This section provides more detailed information data extract about settings of RipEX2 unit It provides also a deeper exp...

Страница 148: ...TTINGS Interfaces Ether net Network interfaces IP Subnet VLAN eth1 eth2 eth3 eth4 Interface of physical Ethernet ports ETH1 ETH4 BP L2 interface type eth0 Interface of physical port SFP ETH5 BP L2 int...

Страница 149: ...nal routing table of dynamic routing service bird master4 Displays data called by linux command birdcl show route all table master4 Babel data extract of status of BABEL protocol Displays data called...

Страница 150: ...ed by linux command iptables L 8 2 3 2 Firewall L3 Displays data called by following linux commands iptables nvL line numbers 8 2 3 3 NAT Displays data called by following linux commands iptables disp...

Страница 151: ...h given interface This table contains Name of an interface Status and statistics of front disciplines displays data called by linux command tc qdisc show Status and statistics of classes displays data...

Страница 152: ...device 8 2 5 1 System information Basic unit information is provided Product code Identifies the unit hardware Serial number Unique unit identification number FW version Currently installed unit firm...

Страница 153: ...ble here No limits are applied if the Region ID is empty Region description Detailed description of the Region if active 8 2 6 Diagnostic package This menu serves for collecting data either from local...

Страница 154: ...ally clicking the Refresh button it is possible to view the status of the package Once the package is ready it can be downloaded by clicking the Download button After its download the package is delet...

Страница 155: ...ehavior Informational item Blue Informational 6 INFO Debug Debug info if set so Grey Debug 7 8 4 Statistics M DGE3 unit permanently monitors various system channels There are several types of those ch...

Страница 156: ...re constant Ethernet ports and their counters or do not rise to a high values COM ports Terminal servers and their counters What affects the length of available history the most is the number of radio...

Страница 157: ...perience provided by the specialized apps 8 4 2 Serial protocol statistics Serial protocols statistics provides set of data monitoring the COM port s and Terminal server s Only enabled interfaces are...

Страница 158: ...s Only enabled interfaces are displayed Only correctly received frames are handled The counters correspond to the specific IP protocol types Rx direction from the physical Ethernet port to the M DGE3...

Страница 159: ...ar module Rx direction from the Cellular module to the Router module Cell aux internal interface name All information is displayed for this interface together UDP TCP ICMP ARP Packet count and amount...

Страница 160: ...e of networks displayed in of time Note Values are rounded to an integer in 8 4 4 3 Cellular signal statistics Interface Cell aux interface is used for M DGE3 cellular module 2G RSSI 3G RSCP 4G RSRP s...

Страница 161: ...tings of the monitored items and outputs Please note that even if both of the outputs are switched off and some interfaces are set to On the monitoring is still running in the background The monitorin...

Страница 162: ...ns over the internal interfaces may not be that straightforward please consult above for clarification All List box On Off default On Monitoring output can also be limited by IP protocol type Select O...

Страница 163: ...ox On Off default Off When On monitoring shows packets which are dropped e g CRC is not valid buffer overflow ETH interfaces Include management traffic List box On Off default Off Enable disable manag...

Страница 164: ...1 hour 3 hours 24 hours Off default 5 min Show time difference List box On Off default Off When On the time difference between subsequent packets is displayed in the monitoring output 8 5 2 File outp...

Страница 165: ...ime period approx 1 s some data will not be displayed in the console output A note about the omited data will be inserted to the console output to the position of the non displayed data 8 6 Routing Di...

Страница 166: ...tion provides the following details Examined address example 8 8 8 8 Next hop gateway address example via 192 168 141 254 Next hop interface example dev if_bridge Outgoing packet Source address exampl...

Страница 167: ...cy 1 Alert 2 Critical 3 Error default Off Off switched off the SYSLOG functionality Only the events with set severity and higher will be send to the Syslog server Severities for indi vidual Events can...

Страница 168: ...2 DO 1 difDI not available when Expansion board C COM ports is used Optional interfaces Active antenna 3 3 VDC SMA female EXT1 on bottom Expansion board G GPS GNSS 72 channel u blox M8 engine GPS QZSS...

Страница 169: ...uency Division Duplex FDD DL Multi Input Multi Output MIMO 2 2 3G UMTS HSDPA HSUPA 3GPP Release 8 Dual Cell HS Packet Access DC HSPA UMTS Terrestrial Radio Access UTRA Frequency Division Duplex FDD DL...

Страница 170: ...l RBAC WPA2 PSK secured WiFi management access optional IPsec GRE VPN IEEE 802 1Q tagging VLAN RADIUS AAA protocol Layer 2 MAC Layer 3 IP Layer 4 TCP UDP Firewall Digitally signed FW Case opening evid...

Страница 171: ...2010 Seismic qualification EN 60529 1993 A1 2001 A2 2014 IP rating Tab 9 2 List of connected cables Recommended cable type Shielded Nonshielded Specified length for EN 61850 3 Input Output V03VH H 2 0...

Страница 172: ...TE Tx 0 1 W 10BaseT Ethernet 0 12 W 100BaseT 0 5 W 1000BaseT per Eth interface with connected equipment 0 2 W 1st COM 0 15 W GNSS 0 1 W 2 nd COM Rx 0 3 Tx 3 0 W 2 nd LTE 1 0 W SFP module typ M DGE3 Ce...

Страница 173: ...nditions Protect the communication module against dust moisture and high tem perature We remind the users of the duty to observe the restrictions concerning the utilization of radio devices at petrol...

Страница 174: ...e proper manner The same applies to equipment maintenance In order to prevent damage to the radio modem and other terminal equipment the supply must always be disconnected upon connecting or disconnec...

Страница 175: ...plicable machine readable copies of source code of this software under GPL or LGPL li censes on contacts listed on https www racom eu This product also includes software developed by the University of...

Страница 176: ...10 6 EU Compliance 10 6 1 RoHS WEEE and WFD Fig 10 1 EU Declaration of Conformity RoHS WEEE M DGE3 Cellular Router RACOM s r o 176 Safety regulations warranty...

Страница 177: ...VHC listed on European chemical agency ECHA SCIP database candidate list in concentrations above 0 1 w w 10 6 2 EU Declaration of Conformity RED Fig 10 2 EU Declaration of Conformity RED 10 6 3 Simpli...

Страница 178: ...HR RACOM s r o ovime izjavljuje da je radijska oprema tipa M DGE3 u skladu s Direktivom 2014 53 EU IT Il fabbricante RACOM s r o dichiara che il tipo di apparecchiatura radio M DGE3 conforme alla dire...

Страница 179: ...unauthorised person nor due to the action of abnormal or extreme environmental conditions such as overvoltage liquid immersion or lightning strike Any equipment subject to repair under warranty must...

Страница 180: ...quirements Condition of the accumulator Annually Functionality check power source Overcharging Accumulator damage Annually Full utilization of provided protective coverings Annually Remove any items w...

Страница 181: ...n System PC Personal Computer DHCP Dynamic Host Configuration Protocol DNS Domain Name Server PER Packet Error Rate PWR Power DTE Data Terminal Equipment EMC Electro Magnetic Compatibility RF Radio Fr...

Страница 182: ...n Control Protocol TS5 Terminal server 5 TX Transmitter UDP User Datagram Protocol VSWR Voltage Standing Wave Ratio WEEE Waste Electrical and Electronic Equipment M DGE3 Cellular Router RACOM s r o 18...

Страница 183: ...differ from the actual unit you are working with While every reasonable effort has been made to ensure the accuracy of this publication product improvements may also result in minor differences betwe...

Отзывы:

Нет отзывов

Похожие инструкции для M!DGE3

Бренд: Paradyne Страницы: 85

Бренд: IEI Technology Страницы: 86

Lite N42B1P Series

Бренд: Dahua Technology Страницы: 14

Бренд: Paradyne Страницы: 23

Vigor 2760 Series

Бренд: Draytek Страницы: 54

Бренд: WAGO Страницы: 48

Бренд: Moxa Technologies Страницы: 51

Бренд: SurfControl Страницы: 2

Бренд: Zalip Страницы: 77

EtherFast LNE100TX ver. 5

Бренд: Linksys Страницы: 42

Бренд: UTStarcom Страницы: 71

Бренд: Connectland Страницы: 10

Бренд: ivideon Страницы: 11

Бренд: MA lighting Страницы: 49

Бренд: Aviosys Страницы: 77

Бренд: LaView Страницы: 2

Dynalink MyZone 3G24W

Бренд: NetComm Страницы: 5

DiskStation Series

Бренд: Synology Страницы: 6

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды