manualshive.com logo in svg

Wieland wienet v3, Руководство пользователя

Компания Wieland рада представить свой продукт Wieland wienet v3. Теперь у вас есть возможность бесплатно скачать инструкцию по использованию для этого продукта на нашем сайте. Благодаря этой инструкции вы сможете максимально эффективно использовать свой новый продукт. Скачивать здесь: manualshive.com.

Поделиться
Скачать
background image

Contents of Package 

 

41 

Wieland Electric GmbH | BA001039 (Rev. A) | 08/2016

 

5.8

 

Firewall Configuration 

The first security element which incoming packets must pass is check of enabled source IP addresses 
and destination ports. It can be specified IP addresses from which you can remotely access the router 
and the internal network connected behind a router. If the 

Enable filtering of incoming packets

 item is 

checked (located at the beginning of the configuration form Firewall), this element is enabled and all in-
coming packets are checked against the table with IP addresses. This means that incoming packets will 

be treated according rules specified in the table. It is possible to define up to eight rules for incoming 
packets. There are the following parameters: 

Item 

Description 

Source 

IP address from which access to the router is allowed 

Protocol 

Specifies protocol for remote access: 

 

all – access is enabled for all protocols 

 

TCP – access is enabled for TCP protocol 

 

UDP – access is enabled for UDP protocol 

 

ICMP – access is enabled for ICMP protocol 

Target Port 

The port number on which access to the router is allowed 

Action 

Type of action: 

 

allow – access is allowed 

 

deny – access is denied 

Filtering of incoming packets 

The following part of the configuration form defines the forwarding policy. If 

Enabled filtering of for-

warded packets

 item is not checked, packets will be accepted automatically. If this item is checked and 

incoming packet is addressed to another network interface, it will forward the packet according the rules 

defined in this second table. If the packet is alowed according to the table, it will be sent out according to 
the routing table. If the forwarding rule does not exist, packet will be dropped.  
In tables with rules it is possible to allow all traffic within the selected protocol (the rule specifies only a 
protocol). Or you can create strict rules by specifying source and destination IP addresses and ports. 

Item 

Description 

Source  

IP address of source device 

Destination 

IP address of destination device 

Protocol 

Specifies protocol for remote access: 

 

all – access is enabled for all protocols 

 

TCP – access is enabled for TCP protocol 

 

UDP – access is enabled for UDP protocol 

 

ICMP – access is enabled for ICMP protocol 

Target  

Port The port number on which access to the router is allowed 

Action 

Type of action: 

 

allow – access is allowed 

 

deny – access is denied 

Forwarding filtering 

There is also the possibility to drop a packet whenever request for service which is not in the router 

comes (check box named 

Enable filtering of locally destinated packets

). The packet is dropped automati-

cally without any information. 
As a protection against DoS attacks (this means attacks during which the target system is flooded with 
plenty of meaningless requirements) is used option named 

Enable protection against DoS attacks

 which 

limits the number of connections to five per second. 

Содержание wienet v3

Страница 1: ...Wieland Electric GmbH BA001039 Rev A 08 2016 1 wienet v3 configuration Cellular router USER MANUAL Doc No BA001039 Updatet 08 2016 Rev A...

Страница 2: ...bes all the hardware units and functions known at the present time Descriptions may be included for units which are not present at the customer site The exact scope of delivery is described in the res...

Страница 3: ...guration 26 5 3 Mobile WAN Configuration 28 5 3 1 Connection to Mobile Network 28 5 3 2 DNS Address Configuration 29 5 3 3 Check Connection to Mobile Network Configuration 29 5 3 4 Data Limit Configur...

Страница 4: ...Set Real Time Clock 83 7 5 Set SMS Service Center Address 84 7 6 Unlock SIM Card 84 7 7 Send SMS 85 7 8 Backup Configuration 85 7 9 Restore Configuration 85 7 10 Update Firmware 86 7 11 Reboot 86 8 C...

Страница 5: ...he manual at the beginning 1 3 Presentation of safety relevant information Information that warns of personal injury or property damage are emphasized by safety instructions Please read this informati...

Страница 6: ...unnels using technologies IPSec OpenVPN and L2TP for secure communications Functions such as DHCP NAT NAT T DynDNS NTP VRRP control by SMS backup primary connec tion and many other Automatic check of...

Страница 7: ...router via the Web interface To ac cess the router over the web interface enter http xxx xxx xxx xxx as URL into the browser where xxx xxx xxx xxx is the router IP address The router s default IP add...

Страница 8: ...by pressing RST on the rear panel The configuration will be restored to the factory defaults and the router will reboot The green LED will be on during the reboot 3 1 Preventing the domain disagreeme...

Страница 9: ...Tx Errors Erroneous sent packets Tx Dropped Dropped sent packets Tx Overruns Lost sent packets because of overload Uptime Indicates how long the connection to mob network is established 4 1 2 Primary...

Страница 10: ...about the module which is mounted in the router Item Description Registration State of the network registration Operator Specifies the operator s network the router operates in Technology Transmissio...

Страница 11: ...cells Availability Availability of the router via the mobile network expressed as a percentage Mobile Network Statistics Note Tips for Mobile Network Statistics table Availability of connection to mo...

Страница 12: ...Status 13 Wieland Electric GmbH BA001039 Rev A 08 2016 Mobile WAN status...

Страница 13: ...haracter let us mention only the following Item Description STA MAC address of connected device station AID Identifier of connected device 1 2007 If 0 is displayed the station is not currently connect...

Страница 14: ...he channel on which access point AP broadcasts ERP Extended Rate PHY information element providing backward com patibility Extended supported rates Supported rates of access point AP that are beyond t...

Страница 15: ...Bcast Broadcast address Mask Mask of network MTU Maximum packet size that the equipment is able to transmit Metric Number of routers over which packet must go trought RX packets received packets error...

Страница 16: ...outer and DNS server IP address of router to each device The DHCP status window displays the following information for each configuration Item Description lease Assigned IP address starts Time of assi...

Страница 17: ...rts Active DHCP Leases Primary LAN and Active DHCP Leases WLAN 4 7 IPsec Status Information on actual IPsec tunnel state can be called up in option IPsec in the menu After correct build the IPsec tunn...

Страница 18: ...text file with the log extension will be saved The second button Save Report is used for creating detailed report generates all information needed by support in one text file in the txt format statist...

Страница 19: ...Status Wieland Electric GmbH BA001039 Rev A 08 2016 20 System Log Example of logging into the remote daemon at 192 168 2 115 Example program syslogd start with the parameter r...

Страница 20: ...he half duplex mode PoE PSE enabled The router provides power on the Ethernet cable disabled The router does not provide power on the Ethernet cable default Default Gateway IP address of router defaul...

Страница 21: ...cked dynamic DHCP server enabled IP Pool Start Start of IP addresses allocated to the DHCP clients IP Pool End End of IP addresses allocated to the DHCP clients Lease time Client can use the IP addres...

Страница 22: ...GmbH BA001039 Rev A 08 2016 Example 1 The network interface with dynamic DHCP server The range of dynamic allocated addresses from 192 168 1 2 to 192 168 1 4 The address is allocated 600 second 10 mi...

Страница 23: ...dynamic and static DHCP server The range of allocated addresses from 192 168 1 2 to 192 168 1 4 The address is allocated 10 minutes Client with MAC address 01 23 45 67 89 ab has IP address 192 168 1 1...

Страница 24: ...c GmbH BA001039 Rev A 08 2016 Example 3 The network interface with default gateway and DNS server Default gateway IP address is 192 168 1 20 DNS server IP address is 192 168 1 20 Example 3 Network Top...

Страница 25: ...till be active but the router will not be able to send data over the cellular network This feature is used to verify that data can be sent over the PPP connection and supplements the normal VRRP messa...

Страница 26: ...Package 27 Wieland Electric GmbH BA001039 Rev A 08 2016 Example of the VRRP protocol Topology of example VRRP configuration Example of VRRP configuration main router Example of VRRP configuration bac...

Страница 27: ...lect a specific method of data transmission GPRS UMTS PIN PIN parameter should be set only if it requires a SIM card router SIM card is blocked in case of several bad attempts to enter the PIN MRU Max...

Страница 28: ...ress item in regular time interval Ping Interval In case of unsuccessful ping a new one will be sent after ten seconds If it fails to ping the IP address of three times in a row the router terminates...

Страница 29: ...establish the connection to mobile network If this parameter is set to none the router launches in offline mode and it is necessary to estab lish connection to mobile network via SMS message Backup S...

Страница 30: ...he following parameters define the time after which the router attempts to go back to the default SIM card or APN Item Description Initial timeout The first attempt to switch back to the primary SIM c...

Страница 31: ...oint to point over ethernet is a network protocol for encapsulating Point to Point Protocol PPP frames inside Ethernet frames Allows you to create a PPPoE connection from the device behind router For...

Страница 32: ...itored Example 1 Mobile WAN configuration Example 2 The following configuration illustrates the situation in which the router switches to a backup SIM card after exceeding the data limits of 800 MB Wa...

Страница 33: ...dustrial router Item Description Username Username for secure access to PPPoE Password Password for secure access to PPPoE Authentication Authentication protocol in GSM network PAP or CHAP authenticat...

Страница 34: ...D Probes hidden SSID only for station STA mode Country Code Code of the country where the router is used with WiFi This code must be entered in format ISO 3166 1 alpha 2 If country code isn t specifie...

Страница 35: ...mal digits 128b WEP key WPA PSK Type The type of encryption when WPA PSK authenticating 256 bit secret ASCII passphrase PSK File WPA PSK Key for WPA PSK authentication This key must be entered accordi...

Страница 36: ...Contents of Package 37 Wieland Electric GmbH BA001039 Rev A 08 2016...

Страница 37: ...etwork interface Bridged Activates bridge mode no Bridged mode is not allowed it s default value WLAN network is not con nected with LAN network of the router yes Bridged mode is allowed WLAN network...

Страница 38: ...of enabling each of backup route i e Enable backup routes switching for Mobile WAN Enable backup routes switching for PPPoE Enable backup routes switching for WiFi STA Enable backup routes switching...

Страница 39: ...wlan0 Secondary LAN eth1 Tertiary LAN eth2 Primary LAN eth0 Example Secondary LAN is selected as the default route only if Create connection to mobile network option is not checked on the Mobile WAN...

Страница 40: ...ot checked packets will be accepted automatically If this item is checked and incoming packet is addressed to another network interface it will forward the packet according the rules defined in this s...

Страница 41: ...2016 42 Firewall configuration Example of the firewall configuration The router has allowed the following access from address 171 92 5 45 using any protocol from address 10 0 2 123 using TCP protocol...

Страница 42: ...Contents of Package 43 Wieland Electric GmbH BA001039 Rev A 08 2016 Topology of example firewall configuration Example firewall configuration...

Страница 43: ...the computer with the defined IP address Default Server IP Address Send all incoming packets to this IP addresses Configuration of send all incoming packets Enable the following options and enter the...

Страница 44: ...ntents of Package 45 Wieland Electric GmbH BA001039 Rev A 08 2016 Example 1 Configuration with one connection equipment on the router Example 1 Topology of NAT configuration Example 1 NAT configuratio...

Страница 45: ...ackets it default server IP address in this case is the address of the device behind the router Connected equip ment behind the router must have set Default Gateway on the router Connected device repl...

Страница 46: ...iption Displays the name of the tunnel specified in the configuration form of the tunnel Edit Select to configure an OpenVPN tunnel Overview of OpenVPN tunnels OpenVPN tunnels configuration Item Descr...

Страница 47: ...server mode Pre shared Secret Authentication using pre shared secret can be used for all offered authentica tion mode CA Certificate Auth using CA Certificate can be used for username password and X...

Страница 48: ...Contents of Package 49 Wieland Electric GmbH BA001039 Rev A 08 2016 OpenVPN tunnel configuration...

Страница 49: ...l configuration Configuration A B Protocol UDP UDP UDP Port 1194 1194 Remote IP Address 10 0 0 2 10 0 0 1 Remote Subnet 192 168 2 0 192 168 1 0 Remote Subnet Mask 255 255 255 0 255 255 255 0 Local Int...

Страница 50: ...local side of the tunnel It consists of two parts hostname and domain name more information under the table Local Subnet IP address of a local network Local Subnet Mask Subnet mask of a local network...

Страница 51: ...in multiclient mode Pre shared Key Shared key for both sides for Pre shared key authentication CA Certificate Certificate for X 509 authentication Remote Certificate Certificate for X 509 authenticat...

Страница 52: ...Contents of Package 53 Wieland Electric GmbH BA001039 Rev A 08 2016 The changes in settings will apply after pressing the Apply button...

Страница 53: ...pre shared key pre shared key Pre shared key test test Example IPsec configuration 5 12 GRE Tunnels Configuration Note GRE is an unencrypted protocol To enter the GRE tunnels configuration select the...

Страница 54: ...f the network behind the remote side of the tunnel Multicasts Enables disables multicast disabled multicast disabled enabled multicast enabled Pre shared Key An optional value that defines the 32 bit...

Страница 55: ...the router side L2TP server in the case of a server must be defined IP address range of fered by the server L2TP client in case of client must be defined the IP address of the server Server IP Addres...

Страница 56: ...L2TP tunnel Configuration A B Mode L2TP Server L2TP Client Server IP Address 10 0 0 1 Client Start IP Address 192 168 1 2 Client End IP Address 192 168 1 254 Local IP Address 192 168 1 Remote IP Addr...

Страница 57: ...ss range offered by the server PPTP client in case of client must be defined the IP address of the server Server IP Addres IP address of server Local IP Address IP address of the local side of the tun...

Страница 58: ...configuration Configuration of the PPTP tunnel Configuration A B Mode PPTP Server PPTP Client Server IP Address 10 0 0 1 Local IP Address 192 168 1 1 Remote IP Address Remote Subnet 192 168 2 0 192 1...

Страница 59: ...bers dyndns org DynDNS configuration Example of the DynDNS client configuration with domain wieland dyndns org Example of DynDNS configuration Note To access the router s configuration remotely it is...

Страница 60: ...It is also necessary to de fine a password for access to the SNMP agent Community Standard public is predefined Note At SNMPv1 v2 it is possible to define a different password for Read community read...

Страница 61: ...r For bi nary input and output the following range of OID is used OID Description 1 3 6 1 4 1 30140 2 3 1 0 Binary input BIN0 values 0 1 1 3 6 1 4 1 30140 2 3 2 0 Binary output OUT0 values 0 1 1 3 6 1...

Страница 62: ...18 SMTP Configuration The item SMTP is used for configuring SMTP Simple Mail Transfer Protocol client for sending e mails Item Description SMTP Server Address IP or domain address of the mail server S...

Страница 63: ...configured in the first part of the window Item Description Send SMS on power up Automatic sending of SMS messages after power up Send SMS on connect to mobile network Automatic sending SMS message a...

Страница 64: ...uration If the router is switched to offline mode by the SMS message the router will be in this mode up to next restart This behavior is the same for all control SMS messages It is possible to send co...

Страница 65: ...e AT CMSS Sends a message from SIM storage location value AT COPS Identifies the available mobile networks AT CPIN Is used to query and enter a PIN code AT CPMS Selects SMS memory storage types to be...

Страница 66: ...Contents of Package 67 Wieland Electric GmbH BA001039 Rev A 08 2016 Example 1 SMS configuration Example 2 Configuration of sending SMS via serial interface on the PORT1...

Страница 67: ...age Wieland Electric GmbH BA001039 Rev A 08 2016 68 Example 3 Configuration of controlling the router via SMS from any phone number Example 4 Configuration of controlling the router via SMS from the t...

Страница 68: ...Stop Bits Number of stop bit Split Timeout Time to rupture reports If you receive will identify the gap between two charac ters which is longer than the parameter value in milliseconds Then all of th...

Страница 69: ...g signal CD DTR on the router would be activated DTR Description server Description client Active Router allows TCP connect establishm Router starts TCP connection Nonactive Router does not permit TCP...

Страница 70: ...l v3 routers provide a program called getty which allows user to connect to the router via the serial line router must be fitted with an expansion port RS232 Getty displays the prompt and after enteri...

Страница 71: ...P address TCP Port In both modes of connection it is necessary to specify the TCP port the router will communicate on Inactivity Timeout Time period after which the TCP UDP connection is interrupted i...

Страница 72: ...3 Wieland Electric GmbH BA001039 Rev A 08 2016 Note Supported USB RS232 converters FTDI Prolific PL2303 Silicon Laboratories CP210 The changes in settings will apply after pressing the Apply button US...

Страница 73: ...Contents of Package Wieland Electric GmbH BA001039 Rev A 08 2016 74 Examples of USB port configuration Example 1 USB port configuration Example 2 USB port configuration...

Страница 74: ...hanges in settings will apply after pressing the Apply button Note Change will take effect after shut down and turn on the router This can be done in the Re boot item in the Administration section or...

Страница 75: ...script which begins after establishing a PPP WAN connection In the item Down Script is defined script which begins after lost a PPP WAN connection The changes in settings will apply after pressing the...

Страница 76: ...e communication protocol by the address HTTP HTTPS FTP or FTPS Unit ID Name of configuration name of the file without extension If the Unit ID is not filled the MAC address of the router is used as th...

Страница 77: ...ic update 1 The following examples find if there is a new firmware or configuration each day at 1 00 in the morning An example is for the wienet WR LTE v3 SL type of router with MAC address 00 11 22 3...

Страница 78: ......

Страница 79: ...d from www wieland electric com or can be custom programmed Module name Description MODBUS TCP2RTU Provides a conversion of MODBUS TCP IP protocol to MDBUS RTU protocol which can be operated on the se...

Страница 80: ...ity with used user modules Some of them are dependent on the version of the Linux kernel e g SmsBE and PoS Configuration It is recommended that you update user modules to the most recent version Infor...

Страница 81: ...ion Be careful If you lock all accounts with permissions role Admin it will not be possible to unlock these accounts This also means that the Users item will be unavaila ble for all users because all...

Страница 82: ...us ing the front panel binary input an SMS message or Web interface of the router Change profile 7 3 Change Password You may change the router password using the Change Password menu item Type the ne...

Страница 83: ...send or receive SMS messages contact your carrier to find out if this parameter is required This parameter is provisioned automatically by the carrier on CDMA networks and does not need to be manuall...

Страница 84: ...o send an SMS message using an HTTP request in the form GET send_exec cgi phone 2B420712345678 message Test HTTP 1 1 Authorization Basic cm9vdDpyb290 The HTTP request will be sent to TCP connection on...

Страница 85: ...lowing messages The progress is shown in the form of adding dots After the firmware update the router will automatically reboot Attention Uploading firmware intended for a different device can cause d...

Страница 86: ...put the SIM card into the SIM1 slot Primary SIM card attach the antenna to the ANT connector and connect the computer or switch and computers to the router s ETH0 interface LAN Wait a moment after tur...

Страница 87: ...obile network on the top is checked fac tory default For more details see chapter 4 3 1 Access to the Internet from LAN Mobile WAN configuration To check whether the connection is working properly go...

Страница 88: ...he situation on the fig 84 it s necessary to configure all the connections to the Internet in items LAN for Ethernet WLAN and WiFi for WiFi connection and Mobile WAN for mobile connection Then it is p...

Страница 89: ...the Internet Click the Apply button to confirm the changes For details see chapter 4 6 Configure connection to a WiFi network in the WiFi item see fig 87 Here check the Enable WiFi and fill in the dat...

Страница 90: ...Configuration in Typ Situations 91 Wieland Electric GmbH BA001039 Rev A 08 2016 Backed up access to the Internet WiFi configuration Backed up access to the Internet Mobile WAN configuration...

Страница 91: ...ternet Backup Routes configuration The router configured this way now serves to computers in LAN for backed up access to the Internet You can verify the configured network interfaces in the Status sec...

Страница 92: ...t is also configuration item in the web interface of the router see chapter 4 10 IPsec it is also configuration item in the web interface of the router see chapter 4 You can create also non encrypted...

Страница 93: ...P address of the opposite side of the tunnel including the remote subnet and mask not neces sary Important items are Local and Remote Interface IP Address where the interfaces of the tunnel s ends has...

Страница 94: ...interface port Mobile WAN configuration is the same as in the previous situations Just insert the SIM card into the SIM1 slot at the back of the router and attach the antenna to the ANT connector at...

Страница 95: ...92 labeled as SCADA as a TCP client to the IP address 10 0 6 238 port 2345 public IP address of the SIM card used in the router corre sponding to the usb0 network interface Devices can now communicate...

Отзывы:

Нет отзывов

Похожие инструкции для wienet v3

2Wire HomePortal 3801HGV Specification preview
HomePortal 3801HGV
Бренд: 2Wire Страницы: 2
Radyne DMD2401 LB Installation And Operation Manual preview
DMD2401 LB
Бренд: Radyne Страницы: 179
Osaka MTX-63I Integrator'S Manual preview
MTX-63I
Бренд: Osaka Страницы: 50
3 Com U.S. Robotics 3Com User’S Manual & Reference preview
3Com
Бренд: 3 Com U.S. Robotics Страницы: 19
Ebyte NA111 User Manual preview
NA111
Бренд: Ebyte Страницы: 31
3Com U.S. Robotics 56K Voice User'S Manual And Reference preview
U.S. Robotics 56K Voice
Бренд: 3Com Страницы: 85
DECODE IDM 50B User Manual preview
IDM 50B
Бренд: DECODE Страницы: 23
B+B SmartWorx ZXT24-RM Quick Start Manual preview
ZXT24-RM
Бренд: B+B SmartWorx Страницы: 2
Lucent Technologies 4703US Reference Manual preview
4703US
Бренд: Lucent Technologies Страницы: 80
NAL RESEARCH CORPORATION 9602-NAL Quick Start Manual preview
9602-NAL
Бренд: NAL RESEARCH CORPORATION Страницы: 3
Zte MF820B Quick Manual preview
MF820B
Бренд: Zte Страницы: 7
Nivis RF-P9-06-01-01 User Manual preview
RF-P9-06-01-01
Бренд: Nivis Страницы: 12
Sagem F@st 800 (RFC 1483) User Manual preview
F@st 800 (RFC 1483)
Бренд: Sagem Страницы: 76
Abocom Modem UTM560 Quick Installation Manual preview
Modem UTM560
Бренд: Abocom Страницы: 19
ICP DAS USA SST-2450 User Manual preview
SST-2450
Бренд: ICP DAS USA Страницы: 26
Bamo GsM 24e Instruction Manual preview
GsM 24e
Бренд: Bamo Страницы: 4
TDS Actiontec T3200M Installation Instructions preview
Actiontec T3200M
Бренд: TDS Страницы: 2
Patton electronics 1206P Installation And Operation Manual preview
1206P
Бренд: Patton electronics Страницы: 12

Бренды по названию

Популярные бренды

Загрузить еще бренды