Wieland wienet v3 страница 50 Скачать руководство пользователя | Manualshive

Страница: 50 / 95

background image

Contents of Package

51

Wieland Electric GmbH | BA001039 (Rev. A) | 08/2016

5.11

IPsec Tunnel Configuration

IPsec tunnel configuration can be called up by option

IPsec item

in the menu. IPsec tunnel allows pro-

tected (encrypted) connection of two networks LAN to the one which looks like one homogenous. In the

IPsec Tunnels Configuration window

are four rows, each row for one configured one IPsec tunnel.

Item

Description

Create

This item enables the individual tunnels.

Description

The name of the tunnel specified in the configuration of the tunnel.

Edit

Configuration IPsec tunnel.

Overview IPsec tunnels

Item

Description

Description

Name (description) of the tunnel

Remote IP Address

IP address of remote side of the tunnel. Domain name possible.

Remote ID

Identifier (ID) of remote side of the tunnel. It consists of two parts:

hostname

and

domain-name

(more information under the table).

Remote Subnet

IP address of a network behind remote side of the tunnel

Remote Subnet Mask Subnet mask of a network behind remote side of the tunnel
Remote Protocol/Port

Specifies Protocol/Port of remote side of the tunnel. The general form is

pro-

tocol/port

, for example 17/1701 for UDP (protocol 17) and port 1701. Enter-

ing protocol number only is possible, above mentioned format is preferred.

Local ID

Identifier (ID) of local side of the tunnel. It consists of two parts:

hostname

and

domain-name

(more information under the table).

Local Subnet

IP address of a local network

Local Subnet Mask

Subnet mask of a local network

Local Protocol/Port

Specifies Protocol/Port of a local network. The general form is

protocol/port

,

for example 17/1701 for UDP (protocol 17) and port 1701. Entering protocol
number only is possible, above mentioned format is preferred.

Encapsulation Mode

IPsec mode (the method of encapsulation) – choose tunnel (entire IP data-
gram is encapsulated) or transport (only IP header).

NAT traversal

If address translation is used between two end points of the tunnel, it needs
to enable

NAT Traversal

.

IKE Mode

Defines mode for establishing connection (

main or aggressive

). If the aggres-

sive mode is selected, establishing of IPsec tunnel will be faster, but encryp-

tion will set permanently on 3DES-MD5. We recommend not to use ag-

gressive mode due to a lower security!

IKE Algorithm

Way of algorithm selection:

•

auto – encryption and hash alg. are selected automatically

•

manual – encryption and hash alg. are defined by the user

IKE Encryption

Encryption algorithm – 3DES, AES128, AES192, AES256

IKE Hash

Hash algorithm – MD5, SHA1, SHA256, SHA384 or SHA512

IKE DH Group

Diffie-Hellman groups determine the strength of the key used in the key ex-
change process. Higher group numbers are more secure, but require addi-
tional time to compute the key. Group with higher number provides more se-
curity, but requires more processing time.

«
...
48
49
50
51
52
...
»

Содержание wienet v3

Страница 1: ...Wieland Electric GmbH BA001039 Rev A 08 2016 1 wienet v3 configuration Cellular router USER MANUAL Doc No BA001039 Updatet 08 2016 Rev A...

Страница 2: ...bes all the hardware units and functions known at the present time Descriptions may be included for units which are not present at the customer site The exact scope of delivery is described in the res...

Страница 3: ...guration 26 5 3 Mobile WAN Configuration 28 5 3 1 Connection to Mobile Network 28 5 3 2 DNS Address Configuration 29 5 3 3 Check Connection to Mobile Network Configuration 29 5 3 4 Data Limit Configur...

Страница 4: ...Set Real Time Clock 83 7 5 Set SMS Service Center Address 84 7 6 Unlock SIM Card 84 7 7 Send SMS 85 7 8 Backup Configuration 85 7 9 Restore Configuration 85 7 10 Update Firmware 86 7 11 Reboot 86 8 C...

Страница 5: ...he manual at the beginning 1 3 Presentation of safety relevant information Information that warns of personal injury or property damage are emphasized by safety instructions Please read this informati...

Страница 6: ...unnels using technologies IPSec OpenVPN and L2TP for secure communications Functions such as DHCP NAT NAT T DynDNS NTP VRRP control by SMS backup primary connec tion and many other Automatic check of...

Страница 7: ...router via the Web interface To ac cess the router over the web interface enter http xxx xxx xxx xxx as URL into the browser where xxx xxx xxx xxx is the router IP address The router s default IP add...

Страница 8: ...by pressing RST on the rear panel The configuration will be restored to the factory defaults and the router will reboot The green LED will be on during the reboot 3 1 Preventing the domain disagreeme...

Страница 9: ...Tx Errors Erroneous sent packets Tx Dropped Dropped sent packets Tx Overruns Lost sent packets because of overload Uptime Indicates how long the connection to mob network is established 4 1 2 Primary...

Страница 10: ...about the module which is mounted in the router Item Description Registration State of the network registration Operator Specifies the operator s network the router operates in Technology Transmissio...

Страница 11: ...cells Availability Availability of the router via the mobile network expressed as a percentage Mobile Network Statistics Note Tips for Mobile Network Statistics table Availability of connection to mo...

Страница 12: ...Status 13 Wieland Electric GmbH BA001039 Rev A 08 2016 Mobile WAN status...

Страница 13: ...haracter let us mention only the following Item Description STA MAC address of connected device station AID Identifier of connected device 1 2007 If 0 is displayed the station is not currently connect...

Страница 14: ...he channel on which access point AP broadcasts ERP Extended Rate PHY information element providing backward com patibility Extended supported rates Supported rates of access point AP that are beyond t...

Страница 15: ...Bcast Broadcast address Mask Mask of network MTU Maximum packet size that the equipment is able to transmit Metric Number of routers over which packet must go trought RX packets received packets error...

Страница 16: ...outer and DNS server IP address of router to each device The DHCP status window displays the following information for each configuration Item Description lease Assigned IP address starts Time of assi...

Страница 17: ...rts Active DHCP Leases Primary LAN and Active DHCP Leases WLAN 4 7 IPsec Status Information on actual IPsec tunnel state can be called up in option IPsec in the menu After correct build the IPsec tunn...

Страница 18: ...text file with the log extension will be saved The second button Save Report is used for creating detailed report generates all information needed by support in one text file in the txt format statist...

Страница 19: ...Status Wieland Electric GmbH BA001039 Rev A 08 2016 20 System Log Example of logging into the remote daemon at 192 168 2 115 Example program syslogd start with the parameter r...

Страница 20: ...he half duplex mode PoE PSE enabled The router provides power on the Ethernet cable disabled The router does not provide power on the Ethernet cable default Default Gateway IP address of router defaul...

Страница 21: ...cked dynamic DHCP server enabled IP Pool Start Start of IP addresses allocated to the DHCP clients IP Pool End End of IP addresses allocated to the DHCP clients Lease time Client can use the IP addres...

Страница 22: ...GmbH BA001039 Rev A 08 2016 Example 1 The network interface with dynamic DHCP server The range of dynamic allocated addresses from 192 168 1 2 to 192 168 1 4 The address is allocated 600 second 10 mi...

Страница 23: ...dynamic and static DHCP server The range of allocated addresses from 192 168 1 2 to 192 168 1 4 The address is allocated 10 minutes Client with MAC address 01 23 45 67 89 ab has IP address 192 168 1 1...

Страница 24: ...c GmbH BA001039 Rev A 08 2016 Example 3 The network interface with default gateway and DNS server Default gateway IP address is 192 168 1 20 DNS server IP address is 192 168 1 20 Example 3 Network Top...

Страница 25: ...till be active but the router will not be able to send data over the cellular network This feature is used to verify that data can be sent over the PPP connection and supplements the normal VRRP messa...

Страница 26: ...Package 27 Wieland Electric GmbH BA001039 Rev A 08 2016 Example of the VRRP protocol Topology of example VRRP configuration Example of VRRP configuration main router Example of VRRP configuration bac...

Страница 27: ...lect a specific method of data transmission GPRS UMTS PIN PIN parameter should be set only if it requires a SIM card router SIM card is blocked in case of several bad attempts to enter the PIN MRU Max...

Страница 28: ...ress item in regular time interval Ping Interval In case of unsuccessful ping a new one will be sent after ten seconds If it fails to ping the IP address of three times in a row the router terminates...

Страница 29: ...establish the connection to mobile network If this parameter is set to none the router launches in offline mode and it is necessary to estab lish connection to mobile network via SMS message Backup S...

Страница 30: ...he following parameters define the time after which the router attempts to go back to the default SIM card or APN Item Description Initial timeout The first attempt to switch back to the primary SIM c...

Страница 31: ...oint to point over ethernet is a network protocol for encapsulating Point to Point Protocol PPP frames inside Ethernet frames Allows you to create a PPPoE connection from the device behind router For...

Страница 32: ...itored Example 1 Mobile WAN configuration Example 2 The following configuration illustrates the situation in which the router switches to a backup SIM card after exceeding the data limits of 800 MB Wa...

Страница 33: ...dustrial router Item Description Username Username for secure access to PPPoE Password Password for secure access to PPPoE Authentication Authentication protocol in GSM network PAP or CHAP authenticat...

Страница 34: ...D Probes hidden SSID only for station STA mode Country Code Code of the country where the router is used with WiFi This code must be entered in format ISO 3166 1 alpha 2 If country code isn t specifie...

Страница 35: ...mal digits 128b WEP key WPA PSK Type The type of encryption when WPA PSK authenticating 256 bit secret ASCII passphrase PSK File WPA PSK Key for WPA PSK authentication This key must be entered accordi...

Страница 36: ...Contents of Package 37 Wieland Electric GmbH BA001039 Rev A 08 2016...

Страница 37: ...etwork interface Bridged Activates bridge mode no Bridged mode is not allowed it s default value WLAN network is not con nected with LAN network of the router yes Bridged mode is allowed WLAN network...

Страница 38: ...of enabling each of backup route i e Enable backup routes switching for Mobile WAN Enable backup routes switching for PPPoE Enable backup routes switching for WiFi STA Enable backup routes switching...

Страница 39: ...wlan0 Secondary LAN eth1 Tertiary LAN eth2 Primary LAN eth0 Example Secondary LAN is selected as the default route only if Create connection to mobile network option is not checked on the Mobile WAN...

Страница 40: ...ot checked packets will be accepted automatically If this item is checked and incoming packet is addressed to another network interface it will forward the packet according the rules defined in this s...

Страница 41: ...2016 42 Firewall configuration Example of the firewall configuration The router has allowed the following access from address 171 92 5 45 using any protocol from address 10 0 2 123 using TCP protocol...

Страница 42: ...Contents of Package 43 Wieland Electric GmbH BA001039 Rev A 08 2016 Topology of example firewall configuration Example firewall configuration...

Страница 43: ...the computer with the defined IP address Default Server IP Address Send all incoming packets to this IP addresses Configuration of send all incoming packets Enable the following options and enter the...

Страница 44: ...ntents of Package 45 Wieland Electric GmbH BA001039 Rev A 08 2016 Example 1 Configuration with one connection equipment on the router Example 1 Topology of NAT configuration Example 1 NAT configuratio...

Страница 45: ...ackets it default server IP address in this case is the address of the device behind the router Connected equip ment behind the router must have set Default Gateway on the router Connected device repl...

Страница 46: ...iption Displays the name of the tunnel specified in the configuration form of the tunnel Edit Select to configure an OpenVPN tunnel Overview of OpenVPN tunnels OpenVPN tunnels configuration Item Descr...

Страница 47: ...server mode Pre shared Secret Authentication using pre shared secret can be used for all offered authentica tion mode CA Certificate Auth using CA Certificate can be used for username password and X...

Страница 48: ...Contents of Package 49 Wieland Electric GmbH BA001039 Rev A 08 2016 OpenVPN tunnel configuration...

Страница 49: ...l configuration Configuration A B Protocol UDP UDP UDP Port 1194 1194 Remote IP Address 10 0 0 2 10 0 0 1 Remote Subnet 192 168 2 0 192 168 1 0 Remote Subnet Mask 255 255 255 0 255 255 255 0 Local Int...

Страница 50: ...local side of the tunnel It consists of two parts hostname and domain name more information under the table Local Subnet IP address of a local network Local Subnet Mask Subnet mask of a local network...

Страница 51: ...in multiclient mode Pre shared Key Shared key for both sides for Pre shared key authentication CA Certificate Certificate for X 509 authentication Remote Certificate Certificate for X 509 authenticat...

Страница 52: ...Contents of Package 53 Wieland Electric GmbH BA001039 Rev A 08 2016 The changes in settings will apply after pressing the Apply button...

Страница 53: ...pre shared key pre shared key Pre shared key test test Example IPsec configuration 5 12 GRE Tunnels Configuration Note GRE is an unencrypted protocol To enter the GRE tunnels configuration select the...

Страница 54: ...f the network behind the remote side of the tunnel Multicasts Enables disables multicast disabled multicast disabled enabled multicast enabled Pre shared Key An optional value that defines the 32 bit...

Страница 55: ...the router side L2TP server in the case of a server must be defined IP address range of fered by the server L2TP client in case of client must be defined the IP address of the server Server IP Addres...

Страница 56: ...L2TP tunnel Configuration A B Mode L2TP Server L2TP Client Server IP Address 10 0 0 1 Client Start IP Address 192 168 1 2 Client End IP Address 192 168 1 254 Local IP Address 192 168 1 Remote IP Addr...

Страница 57: ...ss range offered by the server PPTP client in case of client must be defined the IP address of the server Server IP Addres IP address of server Local IP Address IP address of the local side of the tun...

Страница 58: ...configuration Configuration of the PPTP tunnel Configuration A B Mode PPTP Server PPTP Client Server IP Address 10 0 0 1 Local IP Address 192 168 1 1 Remote IP Address Remote Subnet 192 168 2 0 192 1...

Страница 59: ...bers dyndns org DynDNS configuration Example of the DynDNS client configuration with domain wieland dyndns org Example of DynDNS configuration Note To access the router s configuration remotely it is...

Страница 60: ...It is also necessary to de fine a password for access to the SNMP agent Community Standard public is predefined Note At SNMPv1 v2 it is possible to define a different password for Read community read...

Страница 61: ...r For bi nary input and output the following range of OID is used OID Description 1 3 6 1 4 1 30140 2 3 1 0 Binary input BIN0 values 0 1 1 3 6 1 4 1 30140 2 3 2 0 Binary output OUT0 values 0 1 1 3 6 1...

Страница 62: ...18 SMTP Configuration The item SMTP is used for configuring SMTP Simple Mail Transfer Protocol client for sending e mails Item Description SMTP Server Address IP or domain address of the mail server S...

Страница 63: ...configured in the first part of the window Item Description Send SMS on power up Automatic sending of SMS messages after power up Send SMS on connect to mobile network Automatic sending SMS message a...

Страница 64: ...uration If the router is switched to offline mode by the SMS message the router will be in this mode up to next restart This behavior is the same for all control SMS messages It is possible to send co...

Страница 65: ...e AT CMSS Sends a message from SIM storage location value AT COPS Identifies the available mobile networks AT CPIN Is used to query and enter a PIN code AT CPMS Selects SMS memory storage types to be...

Страница 66: ...Contents of Package 67 Wieland Electric GmbH BA001039 Rev A 08 2016 Example 1 SMS configuration Example 2 Configuration of sending SMS via serial interface on the PORT1...

Страница 67: ...age Wieland Electric GmbH BA001039 Rev A 08 2016 68 Example 3 Configuration of controlling the router via SMS from any phone number Example 4 Configuration of controlling the router via SMS from the t...

Страница 68: ...Stop Bits Number of stop bit Split Timeout Time to rupture reports If you receive will identify the gap between two charac ters which is longer than the parameter value in milliseconds Then all of th...

Страница 69: ...g signal CD DTR on the router would be activated DTR Description server Description client Active Router allows TCP connect establishm Router starts TCP connection Nonactive Router does not permit TCP...

Страница 70: ...l v3 routers provide a program called getty which allows user to connect to the router via the serial line router must be fitted with an expansion port RS232 Getty displays the prompt and after enteri...

Страница 71: ...P address TCP Port In both modes of connection it is necessary to specify the TCP port the router will communicate on Inactivity Timeout Time period after which the TCP UDP connection is interrupted i...

Страница 72: ...3 Wieland Electric GmbH BA001039 Rev A 08 2016 Note Supported USB RS232 converters FTDI Prolific PL2303 Silicon Laboratories CP210 The changes in settings will apply after pressing the Apply button US...

Страница 73: ...Contents of Package Wieland Electric GmbH BA001039 Rev A 08 2016 74 Examples of USB port configuration Example 1 USB port configuration Example 2 USB port configuration...

Страница 74: ...hanges in settings will apply after pressing the Apply button Note Change will take effect after shut down and turn on the router This can be done in the Re boot item in the Administration section or...

Страница 75: ...script which begins after establishing a PPP WAN connection In the item Down Script is defined script which begins after lost a PPP WAN connection The changes in settings will apply after pressing the...

Страница 76: ...e communication protocol by the address HTTP HTTPS FTP or FTPS Unit ID Name of configuration name of the file without extension If the Unit ID is not filled the MAC address of the router is used as th...

Страница 77: ...ic update 1 The following examples find if there is a new firmware or configuration each day at 1 00 in the morning An example is for the wienet WR LTE v3 SL type of router with MAC address 00 11 22 3...

Страница 78: ......

Страница 79: ...d from www wieland electric com or can be custom programmed Module name Description MODBUS TCP2RTU Provides a conversion of MODBUS TCP IP protocol to MDBUS RTU protocol which can be operated on the se...

Страница 80: ...ity with used user modules Some of them are dependent on the version of the Linux kernel e g SmsBE and PoS Configuration It is recommended that you update user modules to the most recent version Infor...

Страница 81: ...ion Be careful If you lock all accounts with permissions role Admin it will not be possible to unlock these accounts This also means that the Users item will be unavaila ble for all users because all...

Страница 82: ...us ing the front panel binary input an SMS message or Web interface of the router Change profile 7 3 Change Password You may change the router password using the Change Password menu item Type the ne...

Страница 83: ...send or receive SMS messages contact your carrier to find out if this parameter is required This parameter is provisioned automatically by the carrier on CDMA networks and does not need to be manuall...

Страница 84: ...o send an SMS message using an HTTP request in the form GET send_exec cgi phone 2B420712345678 message Test HTTP 1 1 Authorization Basic cm9vdDpyb290 The HTTP request will be sent to TCP connection on...

Страница 85: ...lowing messages The progress is shown in the form of adding dots After the firmware update the router will automatically reboot Attention Uploading firmware intended for a different device can cause d...

Страница 86: ...put the SIM card into the SIM1 slot Primary SIM card attach the antenna to the ANT connector and connect the computer or switch and computers to the router s ETH0 interface LAN Wait a moment after tur...

Страница 87: ...obile network on the top is checked fac tory default For more details see chapter 4 3 1 Access to the Internet from LAN Mobile WAN configuration To check whether the connection is working properly go...

Страница 88: ...he situation on the fig 84 it s necessary to configure all the connections to the Internet in items LAN for Ethernet WLAN and WiFi for WiFi connection and Mobile WAN for mobile connection Then it is p...

Страница 89: ...the Internet Click the Apply button to confirm the changes For details see chapter 4 6 Configure connection to a WiFi network in the WiFi item see fig 87 Here check the Enable WiFi and fill in the dat...

Страница 90: ...Configuration in Typ Situations 91 Wieland Electric GmbH BA001039 Rev A 08 2016 Backed up access to the Internet WiFi configuration Backed up access to the Internet Mobile WAN configuration...

Страница 91: ...ternet Backup Routes configuration The router configured this way now serves to computers in LAN for backed up access to the Internet You can verify the configured network interfaces in the Status sec...

Страница 92: ...t is also configuration item in the web interface of the router see chapter 4 10 IPsec it is also configuration item in the web interface of the router see chapter 4 You can create also non encrypted...

Страница 93: ...P address of the opposite side of the tunnel including the remote subnet and mask not neces sary Important items are Local and Remote Interface IP Address where the interfaces of the tunnel s ends has...

Страница 94: ...interface port Mobile WAN configuration is the same as in the previous situations Just insert the SIM card into the SIM1 slot at the back of the router and attach the antenna to the ANT connector at...

Страница 95: ...92 labeled as SCADA as a TCP client to the IP address 10 0 6 238 port 2345 public IP address of the SIM card used in the router corre sponding to the usb0 network interface Devices can now communicate...

Отзывы:

Нет отзывов

Похожие инструкции для wienet v3

Бренд: Patton electronics Страницы: 20

Бренд: Aeotec Страницы: 6

Бренд: Xoro Страницы: 6

Бренд: NAPCO Страницы: 16

Бренд: Zonet Страницы: 2

Netgear Nighthawk D7800

Бренд: TPG Страницы: 2

D-Link COVR-1102

Бренд: TPG Страницы: 2

TP-Link VX420-G2v

Бренд: TPG Страницы: 4

Бренд: CTC Union Страницы: 50

Бренд: Tait Страницы: 38

Бренд: Technicolor Страницы: 28

MediaAccess TC8717T

Бренд: Technicolor Страницы: 84

Бренд: CTC Union Страницы: 26

Бренд: Blink Страницы: 4

Бренд: Terayon Страницы: 20

Бренд: ETEK Страницы: 14

Бренд: adaptiveRF Страницы: 17

Бренд: Maestro Страницы: 219

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды