WoMaster WA512G Series Скачать руководство пользователя страница 83

Страница: 83 / 115

OpenVPN Certificate

Using digital certificates for authentication instead of preshared keys in VPNs is considered more secure. In

WoMaster’ devices, digital certificates are one way of authenticating two peer devices to establish a VPN tunnel.

Key Generation in the device

For OpenVPN connectivity, the OpenVPN Client must have the client Key/CA file generated by the OpenVPN

Server. Normally, you can generate the key in your VPN server and upload to the router switch which is Open VPN

client. However, while you just want to establish site to site VPN connectivity, install another Open VPN server may

consume lots of cost and engineer effort.

In the latest firmware, the WoMaster Secure Router Switch supports Key generation feature. Click

“Generate”

“Generate TLS Keys”

and

“Generate Static Key” in the Open VPN Router

, the system prompts you to wait 30

seconds to generate the key. Click “Yes” to start and wait 30 seconds. After generated, there are some VPN key/CA

files generated and stored within the system. The files include both OpenVPN Server and Client key/ca files.

The two key/ca files,

dh1024.pem and server.crt

are applied to Open VPN Server only. The two files must be

stored within the Open VPN server.

For security concern, the files are not allowed to download. You just need to

generate the keys while configured the Router as an Open VPN Server.

The rest of key/ca files include

CA, Client Cert and Client Key

. The three files must be stored within both the

Open VPN server and client. You can download the keys to your PC and upload the files to OpenVPN client. Then the

client has the same key. This is usefully tool for you to build you OpenVPN connectivity.

If you prefer to use Static Key, you can generate the

static.key

in OpenVPN Server and put the key in both

OpenVPN Server and Clients.

You can see the files’ name by select the drop-down menu of “Delete VPN Key”, download/import OpenVPN

client key/ca files in below columns.

Содержание WA512G Series

Страница 1: ...C COVER WA512G Series Industrial IEEE 802 11a b g n ac Wireless Mesh AP Client Nov 2020 V 1 3 ...

Страница 2: ...does not claim to provide for every possible contingency met in the process of installation operation or maintenance Should further information be required or should particular problem arise which are not covered sufficiently for the user s purposes the matter should be referred to WoMaster Users must be aware that updates and amendments will be made from time to time to add new information and or...

Страница 3: ...put 16 2 2 4 2 Wiring Antenna 17 2 2 4 3 Wiring Waterproof Connector 18 2 2 5 Mounting the AP 19 2 2 6 LED 20 2 2 WA512G D DIN RAIL 21 2 2 1 Dimension 21 2 2 2 Product Appearance 21 2 2 3 Product Package WA512G D 22 2 2 4 Interface Installation 22 2 2 4 1 Wiring Power Input 22 2 2 4 2 Wiring the Ground 23 2 2 5 Mounting the AP 23 2 2 5 1 DIN Rail Mounting 23 2 2 5 2 WALL Mounting 24 2 2 6 ANTENNA ...

Страница 4: ...53 3 4 2 6 Client Router Wireless WAN NAT Mode 56 3 4 3 WLAN Security 57 3 4 4 Advanced 58 3 4 4 1 Roaming Client based Fast Roaming 60 3 4 5 RADIUS Server AP Mode 63 3 4 6 Certificate File Client Mode 64 3 5 SECURITY 65 3 5 1 Access Control 65 3 5 2 Outbound Firewall 69 3 5 3 NAT Setting 73 3 5 4 OpenVPN 77 3 5 5 IPSEC Settings 85 3 5 6 L2TP SETTING 87 3 6 WARNING 89 3 6 1 Ping Watchdog 89 3 6 2 ...

Страница 5: ...6 3 8 2 AZURE IoT 99 3 8 3 Private IoT 102 3 8 4 RMS Remote Management System 103 3 9 BACKUP AND RESTORE 109 3 10 FIRMWARE UPGRADE 110 3 11 RESET TO DEFAULTS 111 3 12 SAVE 112 3 13 LOGOUT 113 3 14 REBOOT 113 4 REVISION HISTORY 114 ...

Страница 6: ...You can download the formal document of the product in our Web site or apply from our Sales Technical people The DoC in this product manual applied to below models Brand Name WoMaster Product Name Industrial Din Rail Waterproof IP67 2 4 5GHz 802 11ac Wave 2 MESH WLAN AP outer Model Name WA512GM D IP67 WA512G D IP67 Compliant Standard Safety UL62368 1 RF EN300328 EN301893 B1 EN62311 EMC EN301489 1 ...

Страница 7: ...se harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment End users must follow the specific operating instructions for satisfying R...

Страница 8: ...ion The access can only be gained by Skilled person or by Instructed person who have been instructed about the metal chassis of the equipment is so hot that Skilled person have to pay special attention or take special protection Only authorized by well trained professional person can access the restrict access location 2 External metal parts are hot Before touching it special attention or protecti...

Страница 9: ...r system shut down the power system before user go into the tower The error 690V will kill your life and can not be cured This is usually defined in the Safety Precaution of the high voltage station just remind again here for warming Environment Housing Only operate the device at the specified ambient temperature and humidity The temperature of the surrounding air means a distance of up to 5cm fro...

Страница 10: ...n the factory station open area the professional Wireless IT Engineer can provide better service for AP location channel and field plan to get better performance and coverage RF Radio Frequency Notice Read the Radio output power receiver sensitivity antenna gain specification before installing The shipped products and antenna comforts to the CE request and allowed to be used in all European countr...

Страница 11: ...ove standard cable is suggested and the maximum Ethernet cable distance is less than 100m Users MUST use the safety certificated PoE Switch PoE Injector and Power Supply The Industrial PoE Switch and PoE injector adapter is recommended Be notice the maximum power consumption of the product it is NOT allowed to connect over the specification This wireless AP Client WA512GM Series supports one 802 3...

Страница 12: ...h AP 802 11ac Wave 2 802 11b g n WLAN 2GE USB IP67 Enclosure EU plug WA512GM IP67 U Industrial 802 11ac Din Rail Dual Radio 2 4 5GHz Concurrent Wireless Mesh AP 802 11ac Wave 2 802 11b g n WLAN 2GE USB IP67 Enclosure US plug WA512G IP67 E Industrial 802 11ac Din Rail Dual Radio 2 4 5GHz Concurrent Wireless AP Client 802 11ac Wave 2 802 11b g n WLAN 2GE USB IP67 Enclosure EU plug WA512G IP67 U Indu...

Страница 13: ...er utility Enhanced Cyber Security Redundancy Support Firewall for inbound outbound traffic OpenVPN server client IPsec for secure remote connection IPSec Performance 150Mbps 256 bit encryption Support L2TP with PPP PAP CHAP LCP IPCP HTTPs SSH secure login Support TACACS multi user authentication for privileged user management Support Industrial IoT Cloud Server AWS Azure Private IoT and communica...

Страница 14: ... introduces mechanical and contains information on installation and configuration procedures 2 1 WA512G IP67 Housing 2 1 1 Dimension Dimensions of WA512G IP67 239mm H x 269mm H x 68mm D without mounting clip 2 1 2 Product Appearance ...

Страница 15: ...des 1x Product Unit 1x Quick Installation Guide 1x PoE Injector with AC Plug 3x Cable Gland 1x Mounting kit Note Antenna not included 2 2 4 Interface Installation After unpacking the box follow the steps below in order to properly connect the device ...

Страница 16: ...ctor 1 Install PoE injector power cord 2 Install Ethernet cable between PoE ports of WA512G and PoE injector 3 Install Ethernet cable between LAN ports of WA512G and PC NB whenever proceeding WebGUI configuration Wiring the Power Input through PSE switch 1 Install Ethernet cable between PoE ports of WA512G and PSE switch 2 Install Ethernet cable between LAN ports of WA512G and PSE switch whenever ...

Страница 17: ...e Male connector to connect the external antenna Please noted that the longer RF cable must cause more signal lost the shorter the more suitable The RF cable quality is also important for the extended antenna installation We recommend the high quality RF cable for example the RF400 50ohm LOW LOSS COAXIAL CABLE with UV RESISTANCE Note In field installation the RF Surge Arrestor is also important fo...

Страница 18: ...s not fixed in every site the steps are usually done in the field Connect the Ethernet cable to the waterproof cable gland in sequence If your RJ45 crystal connector is larger than the aperture you must thread the cable before pressing the RJ45 crystal connector Lock the Ethernet connector with cable gland finally Step 8 After completing the installation of the connector please check whether the E...

Страница 19: ... high tall factory the AP is also available by pole mounting on the ceiling 4 You can also mount the Access Point steadily to the wall by locking the wall mounting plate tightly The antenna is installed in the upper upward position You can use the attached screw B and its expansion screw While using other type screw for wall mounting make sure the device is fixed well 5 The mount plate can be inst...

Страница 20: ... status through LED connector WA512G IP67 series LED Status Description 5GHz Amber On AP mode Amber Blinking Station mode client connected Off Station mode radio disabled 2 4GHz Green On AP mode Green Blinking Station mode client connected Off Station mode radio disabled Power Red On Power On Off Not Receiving Power ...

Страница 21: ...21 2 2 WA512G D DIN Rail 2 2 1 Dimension 2 2 2 Product Appearance ...

Страница 22: ...WA512G equips with gigabit Ethernet ports and dual WLAN radio it s MUST to choose full gigabit PoE Switch with higher Ethernet bandwidth for example the DP208 DP412 DP612 The standard package in WA512G D does NOT have PoE injector inside You can buy our passive 48V not standard 802 3af at PoE you can also choose standard IEEE 802 3af af PoE Injector for powering You can aslo buy our PoE Switch Wir...

Страница 23: ...r electric shock establish a direct connection between the ground screw and the grounding surface prior to connecting devices 2 2 5 Mounting the AP You can mount the AP by attached Din Rail Clip or Wall mount by optional wall mount plate 2 2 5 1 DIN Rail Mounting The EN50022 DIN Rail plate should be already attached to the back panel of the device screwed tightly If user needs to reattach the DIN ...

Страница 24: ... 2 5 2 WALL Mounting Optional Wall mount Plate MK D1 2 Name Specification MK D1 2 WALL MOUNTING KIT WITH 2 PLATES AND 8 SCREWS DP210 WALL MOUNT PLATE 2pc DP210 WALL MOUNT PLATE PANTON BLACK Or other color by request Flat head M3 screw 8pcs Flat head screw M3 length 6MM nickel plated Packing material zipper bag No3 Packing material zipper bag No 3 70 W x100 L MM for SCREW Packing material zipper ba...

Страница 25: ...h our switch or router For WA512GM D please use the 6 screw holes near the inside 3 Lock the wall mount plate by the attached M3 6mm length screw to the device 4 Lock the wall mount plate to the WALL The suggested screw size for wall mount is M6 12mm length This screw varies from site to site we do not attach it Reference Wall mount screw M6 12mm ...

Страница 26: ... holder is also popular for metal box installation Major Specification of attached antenna WA512GM WA512G D LED LED Status Description Power Green On Power On Off Not Receiving Power Port 1 2 Green On Link Green Blinking Activity Ra 2 4GHz Rb 5GHz Green On AP mode Green Blinking Station mode client connected Off Station mode radio disabled Frequency 2400 2500 MHz 5150 5850 MHz S W R 2 0 2400 2500 ...

Страница 27: ...nternet Explorer or Mozilla or Google Chrome to access and configure the router management on the network 1 Plug the DC power to the router and connect router to computer 2 Make sure that the router default IP address is 192 168 10 1 3 Check that PC has an IP address on the same subnet as the router For example the PC and the router are on the same subnet if they both have addresses that start 192...

Страница 28: ...t the left side from the interface Through this web management interface user can configure monitoring and set the administration functions The whole information used web management interface to introduce the featured functions User can use all of the standard web browser to configure and access the router on the network ...

Страница 29: ...ce is as below TERMS DESCRIPTION System Name Default router Set up a name to the device System Description Display the name of the product Software Version Display the firmware latest version that installed in the device MAC Address Display the hardware s MAC address that assigned by the manufacturer IP Address Display the IP Address of the device Subnet Mask Display the subnet mask of the device ...

Страница 30: ...nge the Name and Password user just needs to input a new Name and New Password then confirm the new password in this section Try to re login with the new username and password Below is the interface for guest level With the Name default setting is guest and the authority allow user to read only all of configuration parameters When user try to change the configuration message will appear if user is...

Страница 31: ... Guest Name Default admin guest Key in new username here New Password Key in new password here Confirm Password Re type the new password again to confirm it After finishing configure the Username and Password click on Submit to apply the configuration Don t forget to Save the configuration ...

Страница 32: ...dress from DHCP Server Static IP Select Static IP to configure the IP configuration manually IP Address Default 192 168 10 1 Set up the IP address reserved by User network for User device If DHCP Client function is enabled no need to assign an IP address to device as it will be overwritten by DHCP server and shown here Subnet Mask Default 255 255 255 0 Assign the subnet mask for the IP address her...

Страница 33: ...rk for User device If DHCP Client function is enabled no need to assign an IP address to device as it will be overwritten by DHCP server and shown here Subnet Mask Default 255 255 255 0 Assign the subnet mask for the IP address here If DHCP Client function is enabled no needs to assign the subnet mask Gateway IP Address Default 0 0 0 0 Assign the gateway for the device here DNS 1 Specifies the IP ...

Страница 34: ...ist or select Manual IP to manually input the IP address of available time server Make sure that the device also has the internet connection After finished configuring click on Submit to activate the configuration 3 1 5 DHCP Server DHCP Server Setting WoMaster router has DHCP Server Function that will provide a new IP address to DHCP Client After enabling DHCP Server function set up the Network IP...

Страница 35: ...r will automatically assign an IP address to the computers on the LAN private network Be sure to set user computers to be DHCP clients by setting their TCP IP settings to Obtain an IP Address Automatically When user turns the computers on they will automatically load the proper TCP IP settings provided by the router If User manually assigns IP addresses to User computers or devices make sure the I...

Страница 36: ...eed Duplex Default N A Show the Speed Duplex for each port such as 10 full 10 half 100 full 100 half mode for Giga Ethernet Port 1 2 Click on Reload to update the information 3 2 2 Ethernet Setting Use this page to configure the Ethernet setting The description of the Ethernet Setting page is as below TERMS DESCRIPTION State Enable or disable the port Speed Duplex Default Auto Auto Negotiation Con...

Страница 37: ...ck the box to activate the function Outgoing Rate Limit Default 1024000 kbit s Set the maximum outgoing rate Outgoing Burst Default 20 kBytes Set the maximum outgoing burst Click on Submit to apply the configuration 3 3 GPS This GPS section has the function to show the current position of the device It could help the technician to track the device location 3 3 1 GPS Status GPS status is always dis...

Страница 38: ...report to cloud or specific server TERMS DESCRIPTION GPS mode Default Disable Disable Disable GPS function GPS Enable GPS function WA512G series does not support active GPS Contact WoMaster salesperson for GPS support User Input Input Latitude and Longitude The coordinates can be used to report to cloud or specific server ...

Страница 39: ...s Mode Display the current wireless mode SSID Display the primary name of the SSID Encryption Display the encryption mode ACK Timeout The ACK time of wireless beacon packet WMM Enable Display the status of the WMM support Noise Floor Display the background noise level Description when MESH AP Enabled TERMS DESCRIPTION Mode MESH AP or RE Range Extender mode SSID The current SSID of MESH network WLA...

Страница 40: ...Point mode it establishes a wireless connection receive from wireless clients and provide connection for wireless client devices the client can search and connect to several the access points The description of the columns is as below TERMS DESCRIPTION WLAN Interface Check the box to disable the WLAN interface and stop all of the wireless functions Operation Mode Default AP Select the Operation Mo...

Страница 41: ...Specify the maximum number of connected clients Country Select your country code for band regulation Wireless Mode Default 802 11G N Select the specific wireless mode different wireless mode has different configuration For each wireless mode it has the specific frequency and it has different basic settings HT Protect Default Disabled Select Enabled to activate the High Throughput protect to ensure...

Страница 42: ...th AP and client can have the negotiation phase about the frequency Maximum Output Power Default Half Specify the transmission power For the higher output power it can cover the signal widely and of course may need big power consumption The Full output power may need the antenna Data Rate Default Auto Select the specific data rate in order to control the transmission rate Auto is preferred rate th...

Страница 43: ...with 8 profiles for multiple SSID Click the button then another form will appear see the figure below The description of the column is as below TERMS DESCRIPTION Profile Name Display the available WLAN Profile name SSID Display the SSID Name Security Display the current security mode for the Wireless network VLAN ID Display the VLAN ID Enable Check the box to enable the WLAN Profile When user enab...

Страница 44: ... below is the pop up WLAN Security configuration page for each Profile In this configuration page user can configure the AP profile divide the AP connection and set the security setting by put the encryption mode and set the key or password to access the AP Refers to the WLAN Security Section for more description 3 7 3 Click Submit to apply the configuration Pop up window may be blocked by browser...

Страница 45: ... to disable the WLAN interface and stop all of the wireless functions Operation Mode Select the Operation Mode for the router AP Wireless Client WDS AP and WDS Client SSID Input the primary name of the access point WMM support Default Enable To enable or disable WIFI multi media QoS Country Select your country code for band regulation Wireless Mode Default 802 11G N Select the specific wireless mo...

Страница 46: ...urse may need big power consumption The Full output power may need the antenna Maximum Data Rate Default Auto Select the specific data rate in order to control the transmission rate Auto is preferred rate the access point will automatically select the highest available rate to transmit User may select lower rate when there is no great demand for transmission speed for long distance transmission Ex...

Страница 47: ...tion of the columns is as below TERMS DESCRIPTION Select Select the SSID SSID Display the detected SSID s name Frequency Channel Display the current frequency of the AP MAC Address Display the listed AP MAC Address Wireless Mode Display the Wireless mode Signal Strength Display the signal strength Security The security mode of the Access Point Click Selected to connect to the specific SSID Pop up ...

Страница 48: ...cription of the columns is as below TERMS DESCRIPTION WLAN Interface Check the box to disable the WLAN interface and stop all of the wireless function Operation Mode Select the Operation Mode for the router AP Wireless Client WDS AP and WDS Client SSID Default WR322_1 Input the primary name of the access point Broadcast SSID Default Enabled By enabling the broadcast SSID it makes the AP can be acc...

Страница 49: ...t the proper channel each country has different band user may select the channel based on the situation Or select auto to automatically set the channel Extension Channel Default Lower Channel 2417MHz 2 This option would be appeared when user select the Channel Mode to 20 40MHz or 40MHz To put range for the frequency it provides the Lower Channel 2417MHz 2 with the 40MHz center frequency is 2427MHz...

Страница 50: ...sumption The Full output power may need the antenna Data Rate Default Auto Select the specific data rate in order to control the transmission rate Auto is preferred rate the access point will automatically select the highest available rate to transmit User may select the low rate when there is no great demand for transmission speed for long distance transmission Extension Channel Protection Select...

Страница 51: ...Check the box to disable the WLAN interface and stop all of the wireless functions Operation Mode Select the Operation Mode for the router AP Wireless Client WDS AP and WDS Client SSID Default WR322_1 Input the primary name of the access point AP MAC Address Default 00 00 00 00 00 00 Set the specific AP MAC Address of the WDS AP Wireless Mode Default 802 11G N Select the specific wireless mode dif...

Страница 52: ...t can cover the signal widely and of course may need big power consumption The Full output power may need the antenna Data Rate Default Auto Select the specific data rate in order to control the transmission rate Auto is preferred rate the access point will automatically select the highest available rate to transmit User may select the low rate when there is no great demand for transmission speed ...

Страница 53: ...ients RE Range Extender to form a mesh network by uplink to other RE or CAP In MESH RE device the MESH SSID and Key setting must follow CAP settings Note that other wireless modes including AP client WDS AP WDS client modes will be dismissed and can t be configured Disable mesh to go back to AP client WDS AP WDS client mode MESH Settings TERMS DESCRIPTION Mesh Check the box to enable mesh network ...

Страница 54: ...of the connected AP in this page The MESH Status in CAP In Local Status you can find the information of the WLAN interface Operation mode MESH SSID Uplink Status Hop to CAP 0 in CAP Downlink number and Hops In Device you can find all the APs role and information It helps you to monitor the MESH network You can draw your MESH network architecture according to the information The first column you se...

Страница 55: ...Support Software Literature Software page of the WoMaster web site Apply the member account and login then you can download the ViewMaster software The link is as following https www womaster eu download_83_84 htm If you can t find the link search key word WoMaster ViewMaster to find it through searching machine Install the ViewMaster and run Search Device You can find your device through network ...

Страница 56: ...er LAN LAN WAN ath0 LAN LAN to Wireless WAN NAT Routing WLAN 2 Clinet Router LAN LAN LAN WAN ath16 LAN to Wireless WAN NAT Routing Ethernet Router LAN WAN Eth1 LAN LAN Ethernet Bridge Default Setting LAN LAN LAN LAN Default All interfaces work as LAN segment Note Only one Radio can be enabled as Client Client Router mode After enabled the WLAN Client Router mode the interface of WLAN 1 in WAN Sett...

Страница 57: ... of 26 hexadecimal numbers TKIP Temporal Key Integrity Protocol which is a kind of dynamic encryption is co used with WPA PSK AES Advanced Encryption Standard it is usually co used with WPA2 PSK Key Type Default Hex WEP can be configured with a 64 bit or 128 bit Shared Key hexadecimal or ASCII As defined hexadecimal number is represented by 0 9 A F or a f ASCII is represented by 0 9 A F a f or pun...

Страница 58: ...ss clients don t support A MPDU A MSDU aggregation Short GI Enable this function to obtain better data rate careful with compatibility issue RTS Threshold Default 2347 1 2347 Basically it is about the transmission process between the AP and the end station When the AP sends Request to Send frames to station and it will do the negotiation process about sending the data frame When the station receiv...

Страница 59: ...eamble Type the device can set the Preamble Type Automatically according to the need which is can be long or can be short IGMP Snooping Default Enable By enabling IGMP Snooping allows the ports to detect IGMP queries report packets and manage multicast traffic through the AP IGMP Snooping provides the ability to prune multicast traffic so that it travels only to those end destinations that require...

Страница 60: ...ickly switch to new AP However to avoid frequently switch the connected AP among the available APs it is better to reserve a minimum gray area before switching from the connected AP to new AP Figure 3 4 4 4 1 Fast Roaming Architecture For example in above the Roaming Threshold is configured as 55dbm and the Roaming Min Diff is 5 The client starts Fast Roaming mechanism while the signal strength of...

Страница 61: ... available fast roaming scan channel is 3 the APs channel setting should be one of the three available channels Due to the different language and input method types some characters may be mistaken for the same SSID but they are actually different SSIDs Pay attention to avoid this situation Figure 3 4 4 4 2 The WLAN Setting Wireless Client operation mode and SSID Figure 3 4 4 4 3 The WLAN Advanced ...

Страница 62: ... to new AP In practical you should do site survey in your environment and find out the suitable value for your field Roaming Min Diff 1 10 Default 3 Range 1 10 In practical you should do site survey in your environment and find out the suitable value for your field Scan Channel Fixed the target scan channel can reach quick roaming performance The system allows 3 channels select the specific channe...

Страница 63: ...in Server IP Address b Enter the Shared Secret of the RADIUS server c Enter the Server port if necessary by default RADIUS server listens to port 1812 d Click Submit The description of the RADIUS Authentication interface is as below TERMS DESCRIPTION IP Address Radius Server IP Address Server Port Set communication port on an external RADIUS server as the authentication database The default value ...

Страница 64: ...S that provided by the AP User needs to upload the specific certificate file so then the client can access the Wi Fi connection The description of the columns is as below TERMS DESCRIPTION Delete User Key Delete the selected certificate Upload User Key Upload a certificate file from a specified file location ...

Страница 65: ...Port Remote Management the router The description of the columns is as below TERMS DESCRIPTION Telnet Allows the user to remotely login and manage the device by Telnet When user doesn t enable it the connection through telnet will not allow SNMP Allows the user to remotely login and manage the device by SNMP When user doesn t enable it the connection through SNMP will not allow SSH Allows the user...

Страница 66: ...rough the use of certificates issued by trusted certificate authorities When a web browser makes a connection attempt to a secured web site a digital certificate is sent to the browser so that it can verify the authenticity of the site using a built in list of trusted certificate authorities If user uses the HTTPS Only a warning page would appear when user access the device in order to provide a s...

Страница 67: ... router from WAN interface The description of the columns is as below TERMS DESCRIPTION Filter All By select Filter All it will block all external access from WAN interface to the device such as SSH SNMP Web and Telnet and unblock the exception options Web Select this option to allow access to the router using Web HTTP or HTTPS from the WAN Interface Telnet Select this option to allow access to th...

Страница 68: ...the columns is as below TERMS DESCRIPTION Src IP Address Set up the source IP Address that may access the device Src Port Range Set up the source port range where the access came from Dest Port Range Set up the destination port range where the access is going to Comment Put any notes for the entry Select Select the table so user can press Delete Selected to delete Edit Click edit to modify the par...

Страница 69: ...arameter in this table it can restrict certain types of data packets from the local network to the internet through the Router The Source IP Filter will help to filter all of the packets that coming into the router If the source IP is on the list then the packets would be dropped But if the source IP is not on the list then the packets can be received Select Enable to activate Source IP Filtering ...

Страница 70: ...he packets Select Enable to activate Destination IP Filtering type the Destination IP Address and Comment to write a note for the entry and then click Submit to apply the settings After applied then user can see the new entry shown in the below table The description of the columns is as below TERMS DESCRIPTION Destination IP Address Display the Destination IP address Comment Put any notes for the ...

Страница 71: ... filtering type the Port Range of below Protocol type the protocol type can be UDP TCP or Both Type the Comment to write a note for the entry and then click Submit to activate the settings After applied user can see the new entry shown in the below table The description of the columns is as below TERMS DESCRIPTION Source Port Range Display the Source Port Range Range is from 1 to 65535 Protocol Di...

Страница 72: ...col type the protocol type can be UDP TCP or Both Type the Comment to write note for the entry and then press Submit to apply the settings After applied then user can see the new entry shown in the below table The description of the columns is as below TERMS DESCRIPTION Dest Port Range Display the Destination Port Range Range is from 1 to 65535 Protocol Display the protocol that has been chosen by...

Страница 73: ... the NAT in an RFC 1918 IP address space to initiate a connection to a host on the outside of the NAT It supports the Port Forwarding DMZ and 1 to 1 NAT configuration A DNAT by way of contrast occurs when the destination address is changed and the source IP address is maintained A DNAT allows a host on the outside to connect to a host on the inside In both cases the NAT has to maintain a connectio...

Страница 74: ...ser configuration DMZ A Demilitarized Zone is used to provide Internet services without sacrificing unauthorized access to its local private network Typically the DMZ host contains device accessible to Internet traffic such as Web HTTP servers FTP servers SMTP e mail servers and DNS servers Click Enable to activate the function and assign the IP address of DMZ Host IP Address This is the DMZ compu...

Страница 75: ...used to access the same remote device Randomize Change the port number every time access the remote device Click Submit to apply the configuration 1 to 1 NAT One to one NAT is a way to make systems behind a firewall and configured with private IP addresses those reserved for private use in RFC 1918 appear to have public IP addresses With one to one NAT you assign local systems RFC 1918 addresses t...

Страница 76: ...ow TERMS DESCRIPTION 1 to 1 NAT Check the box to enable the function Local IP Address The target local IP Address WAN IP Address The incoming IP Address that coming through the WAN Comment Enter a comment Click Submit to apply the configuration ...

Страница 77: ...ficates or username password The server and client have almost the same configuration The difference in the client configuration is the remote endpoint IP or hostname field Also the client can set up the keepalive settings OpenVPN Status This section shows the VPN Client and Server current status The description of the columns is as below TERMS DESCRIPTION Enabled Default no yes The VPN function i...

Страница 78: ...o VPN servers IP are also provided in order to have the backup connection for VPN Server The description of the columns is as below TERMS DESCRIPTION Enable VPN Client Select Enable to activate the VPN Client function Encryption Mode Choose the Encryption Mode Static Key Use a pre shared static key TLS Use SSL TLS certificates for authentication and key exchange Server 1 Type the IP Address of the...

Страница 79: ...Select enable or disable the persist key enable this function will keep the key first use if VPN restart after Keepalive timeout LZO Compression Default Disable Select use LZO Compression or not this function compresses data to decrease the traffic but also need more CPU effort Keepalive Default Enable Select enable or disable Keepalive function this function is use to detect the status of connect...

Страница 80: ...s as below TERMS DESCRIPTION Enable VPN Server Select Enable to activate the VPN Server function Encryption Mode Choose the Encryption Mode Static Key Use a pre shared static key TLS Use SSL TLS certificates for authentication and key exchange Server 1 Type the IP Address of the VPN Server Server 2 Type the second IP Address of the VPN Server if needed Port Default 1194 Input the port number that ...

Страница 81: ...r not this function compresses data to decrease the traffic but also need more CPU effort Keepalive Default Enable Select enable or disable Keepalive function this function is used to detect the status of the connection Ping Interval Input the ping interval the range can from 1 99999 seconds Retry Timeout Input the retry timeout the range can from 1 99999 seconds ifconfig Input the tunnel IP addre...

Страница 82: ...name and password for authentication Below is our OpenVPN client setting page select the TLS Encryption Mode and Enable Login checkbox then the Username Password columns are displayed Type correct Username and password added in OpenVPN User Settings ...

Страница 83: ...rate the key Click Yes to start and wait 30 seconds After generated there are some VPN key CA files generated and stored within the system The files include both OpenVPN Server and Client key ca files The two key ca files dh1024 pem and server crt are applied to Open VPN Server only The two files must be stored within the Open VPN server For security concern the files are not allowed to download Y...

Страница 84: ... you to generate Static key by the router switch After click Generate the system prompts you to wait 30 seconds to generate the key Click Yes to start then you will have static key file in the system Download CA Download the generated ca crt file here Copy and Upload the key to the OpenVPN client Router Download Client Cert Download the generated client crt file here Copy and Upload the key to the...

Страница 85: ...ected When the VPN is connected the IPsec status will display Connected Exchange Mode Main or Aggressive mode selection Authentication Method Default PSK Optional Pre Shared Key or Certificate Pre shared key Default none Type the Pre shared key The Pre share key must be the same in both ends IPsec Cipher Suites Default AES128 SHA1 DH2 Set algorithms for IKE and ESP proposal choose AES128 SHA1 DH2 ...

Страница 86: ...nt role not really client mode in IPSec the Router at head quarter normally acts as the VPN Server role The HQ normally has public IP that s the Remote IP of the router in branch office The local subnet in HQ is the remote subnet of the router in branch office If you have public IP in branch it s better to use public IP address for the WAN interface If you just have dynamic IP address for branch o...

Страница 87: ...y Below is the L2TP Server Setting interface The description of the column is as below TERMS DESCRIPTION L2TP Server Check the box to enable the function Local IP Address The IP Address of the L2TP Server Offered IP Range Offered IP Address range for the L2TP Clients Maximum 10 clients Authentication Method This section belongs to User Setting section User can choose authentication using the passw...

Страница 88: ...88 Password Password for L2TP connection Select Select the list on the table so user can press Edit or Delete Selected to delete Click the Refresh button to refresh the list ...

Страница 89: ...er time till it can be reached If it is unable to ping the target IP address this device will automatically reboot After User finishes configuring the settings click on Submit to apply User configuration The description of the columns is as below TERMS DESCRIPTION Enable Ping IP Address 1 Clicks enable to activate the feature Set the first IP Address to check if the device is alive or not Enable P...

Страница 90: ...ply User configuration User can monitor the system logs in Diagnostics Event Log page The condition or term described as following table TERMS DESCRIPTION Enable Remote Syslog Server Select Enable to enable system log IP Address Specify the IP address of the server Port Default 514 Specify the port number of the server After finish with the configuration clicks Submit to activate the function ...

Страница 91: ...e table Click Clear to remove the entire event logs list User may download the event logs file by click Download 3 7 2 ARP Table Basically WoMaster device is supported with two types of ARP which is the standard ARP and ARP with 802 2 LLC Type 2 Address Resolution Protocol ARP is a protocol for mapping an Internet Protocol address IP address to a physical machine address that is recognized in the ...

Страница 92: ...ble An ARP table contains recently cached MAC addresses of every immediate device that was communicating with the router Click on Reload to change the value Data Format Protocol Header 802 3 802 2 LLC 802 2 snap DS SA Len DSAP SSAP CTRL Org type ...

Страница 93: ...n IP address of the target device and click on Ping to start the ping 3 7 4 Traceroute Traceroute is a diagnostics tool for displaying the route path and measuring transit delays of packets across an Internet IP network Log containing route information will be shown after few seconds Enter the destination IP Address then click traceroute to start the process It will start search the route and meas...

Страница 94: ...mission Click on Reload to refresh the table The description of the columns is as below TERMS DESCRIPTION Poll Interval Default 5 To set the Poll Interval time setting with range from 0 to 65534 second Set To set new Interval time Stop the old Poll Interval first before set the new interval Stop To stop Polling Interval this action can be executed when user wants to change the poll interval time ...

Страница 95: ...where user may set the refresh period for refresh the list Click Set to apply the setting click Stop to stop the refresh function Click Reload to refresh the list The description of the columns is as below TERMS DESCRIPTION SSID Display the primary name of the SSID that available on the network MAC Address Display the MAC Address that connected to the AP Signal Strength Display the connection sign...

Страница 96: ...8 1 AWS IoT Amazon Web Services IoT enables secure bi directional communication between Internet connected things such as sensors actuators embedded devices or smart appliances and the AWS cloud over MQTT and HTTP For more information please visit http aws amazon com iot The description of the columns is as below TERMS DESCRIPTION Enable Enable the AWS IoT function AWS Root CA Root CA is necessary...

Страница 97: ...ick Thing Add your device shadow Create and download the key or certificate Certificate private key root CA is necessary Public key is used by AWS server to authenticate with private key The public key and private cannot be downloaded back after the user closes the page Policy can be added later ...

Страница 98: ...the device Go to Manage Things click the device name Click Interact Copy the HTTPS link to update user s Thing Shadow using this Rest API Endpoint Connect the device to AWS Copy the link and paste on the Target Host field at the AWS IoT page ...

Страница 99: ...t CA IoT Hub Enter the IoT hub server this information can be found at the azure platform Port Default 8883 Display the port number Because Azure IoT uses the MQTT protocol so user needs to enter 8883 port number that belongs to MQTT protocol Client ID Enter the client ID SAS Token Enter the SAS Token that needs to be generated by software Azure Device Explorer Click Submit to apply the configurat...

Страница 100: ...b menu and select Devices myCreatedDevice Shared access policies iothubowner Connection string primary key User has to annotate the value of this field 1 Get the connection string Click the IoT Hub Shared access policies 2 Click registryReadWrite copy the Connection string Primary Key ...

Страница 101: ...nk to download the software https github com Azure azure iot sdk csharp releases download 2018 3 13 SetupDeviceExplorer msi 4 Paste the Connection String Primary Key to the IoT Hub Connection String box Then type the Protocol Gateway HostName and click Update In the end generate the SAS Token ...

Страница 102: ...ardware applications and storage can all be provided as services The cloud network service has the advantages of easy expansion rapid adjustment and minimal management and can dynamically meet increasing demands Users can access the data which stored on the cloud anywhere anytime and seamlessly share to any authorized users The description of the columns is as below TERMS DESCRIPTION Enable Enable...

Страница 103: ...P server Click Submit to apply the configuration 3 8 4 RMS Remote Management System WoMaster supports Over the Air Remote Monitoring System RMS ThingMaster OTA This page allows the user to configure the RMS settings for the device so that the device will be monitored through the ThingsMaster OTA RMS The software is strong and easily to monitor your network over the air you can apply the software w...

Страница 104: ... the location Latitude Enter the Latitude coordinate of the device Longitude Enter the Longitude coordinate of the device CA Certificate The function from this certificate file is to create an encrypted MQTT communication User will get this file when download the ThingsMaster server file Note This field only supports in ThingsMaster v1 1 Click Submit to apply the configuration After succeed with t...

Страница 105: ...and VMWare software and download link is often updated following steps and figures may be updated 1 Contact our Sales to get the access to the ThingsMaster RMS Account 2 Login to ThingsMaster OTA RMS using RMS Account Login User RMS Account Password User RMS Password 3 Go to Home Device Management to register the device ...

Страница 106: ...nformation by clicking the at the corner of the page After click menu then a page will pop up Enter the device information Name Please start the name with Router Number Device type default Is gateway check the box Click Add ...

Страница 107: ...then click on the device folder go to Details Click on Copy Access Token This access token is code to link the device with the RMS Server 6 Go to the Web GUI IoT RMS Paste the Access Token code to the Web GUI And complete the configuration ...

Страница 108: ...Attributes Client Attributes to see if the data has been uploaded 8 If all of the data has been uploaded user can create a dashboard to visualize the data Go to Dashboards menu In this page user can upload the JSON file that sent by the WoMaster Sales in the email Click the to import JSON File or Create a new Dashboard ...

Страница 109: ...rget folder and then type the file name to back up the configuration Browse the target folder and select existed configuration file to restore the configuration back to the router This mode is only provided by Web UI while CLI is not supported Also this feature provides the Download Backup button in order to download the backup configuration from the router ...

Страница 110: ...uses the latest firmware before installing the router to the customer site Users can browse the target folder and then type the file name to back up the configuration Users also can browse the target folder and select the existed upgrade file This mode is only provided by Web UI while CLI is not supported Note that the system will be automatically rebooted after User finished upgrading the new fir...

Страница 111: ...ry defaults By check the Restore Factory default IP setting it means the IP of the device will directly change to the default IP 192 168 10 1 Pop up message screen to show User that have done the command Click on OK to close the screen and reboot the device Below is the interface for resetting the device with keep the IP Settings ...

Страница 112: ...12 3 12 Save Save option allows user to save any configuration Powering off the router without clicking on Save will cause loss of new settings After selecting Save click on Yes to save new configuration ...

Страница 113: ... on Yes to logout 3 14 Reboot System Reboot allows user to reboot the device Some of the feature changes require user to reboot the system Click on Reboot to reboot device Reboot main screen to do confirmation request Click Yes then the router will reboot immediately Remember to click on Save button to save configuration settings Otherwise the settings user made will be gone when the router is pow...

Страница 114: ...e ThingMaster OTA description Note The manual is user configuration guide not includes RED declaration of conformity RF specification and Safety precaution We offer other declaration of conformity form Please check our web site for the latest documents or contact our sales support window 20200506 Orwell V1 2b 1 Add Product DOC and Safe Precaution 2 Add WA512GM IP67 Wiring Antenna and Wiring Waterp...

Страница 115: ...115 48V 0 5A rating for PoE V1 3 Add FCC Statement Oct 7 2020 Orwell ...

Результаты поиска

Содержание WA512G Series

Отзывы:

Похожие инструкции для WA512G Series

Бренды по названию

Популярные бренды

WoMaster WA512G Series, Руководство пользователя

Результаты поиска

Содержание WA512G Series

Отзывы:

Похожие инструкции для WA512G Series

Бренды по названию

Популярные бренды