Advance Multimedia Internet Technology ISL500001 IIoT 4G User Manual UM IDG500 IOG500

Advance Multimedia Internet Technology Inc. IIoT 4G UM IDG500 IOG500

Contents

Users Manual-2.pdf

M2MCellularGateway 100 Chapter3ObjectDefinition3.1SchedulingSchedulingprovidesabilityofadding/deletingtimeschedulerules,whichcanbeappliedtootherfunctionality.3.1.1SchedulingConfigurationGotoObjectDefinition>Scheduling>Configurationtab.ButtondescriptionItem Valuesetting DescriptionAdd N/A ClicktheAddbuttontoconfiguretimescheduleruleDelete N/A ClicktheDeletebuttontodeleteselectedrule(s)WhenAddbuttonisapplied,TimeScheduleConfigurationandTimePeriodDefinitionscreenswillappear.TimeScheduleConfigurationItem ValueSetting DescriptionRuleName String:anytext SetrulenameRulePolicy DefaultInactivate Inactivate/activatethefunctionbeenappliedtointhetimeperiodbelow
M2MCellularGateway 101 TimePeriodDefinitionItem ValueSetting DescriptionWeekDay Selectfrommenu SelecteverydayoroneofweekdayStartTime Timeformat(hh:mm) StarttimeinselectedweekdayEndTime Timeformat(hh:mm) EndtimeinselectedweekdaySave N/A Click Save to save the settings Undo N/A Click Undo to cancel the settings Refresh N/A Click the Refresh button to refresh the time schedule list.  
M2MCellularGateway 102 3.2User(notsupported)Not supported feature for the purchased product, leave it as blank.  
M2MCellularGateway 103 3.3Grouping(notsupported)Not supported feature for the purchased product, leave it as blank. 
M2MCellularGateway 104 3.4ExternalServerGotoObjectDefinition>ExternalServer>ExternalServertab.TheExternalServersettingallowsusertoaddexternalserver.CreateExternalServerWhenAddbuttonisapplied,ExternalServerConfigurationscreenwillappear.
M2MCellularGateway 105 ExternalServerConfigurationItem Valuesetting DescriptionSeverName1.Stringformatcanbeanytext2.AMustfilledsettingEnteraservername.Enteranamethatiseasyforyoutounderstand.ServerType AMustfilledsettingSpecifytheServerTypeoftheexternalserver,andentertherequiredsettingsfortheaccessingtheserver.EmailServer(AMustfilledsetting):WhenEmailServerisselected,UserName,andPasswordarealsorequired.UserName(Stringformat:anytext)Password(Stringformat:anytext)RADIUSServer(AMustfilledsetting):WhenRADIUSServerisselected,thefollowingsettingsarealsorequired.Primary:SharedKey(Stringformat:anytext)AuthenticationProtocol(BydefaultCHAPisselected)SessionTimeout(Bydefault1)Thevaluesmustbebetween1and60.IdleTimeout:(Bydefault1)Thevaluesmustbebetween1and15.Secondary:SharedKey(Stringformat:anytext)AuthenticationProtocol(BydefaultCHAPisselected)SessionTimeout(Bydefault1)Thevaluesmustbebetween1and60.IdleTimeout:(Bydefault1)Thevaluesmustbebetween1and15.FTP(SFTP)Server(AMustfilledsetting):WhenFTP(SFTP)Serverisselected,thefollowingsettingsarealsorequired.UserName(Stringformat:anytext)Password(Stringformat:anytext)Protocol(SelectFTPorSFTP)Encryprion(SelectPlain,ExplicitFTPSorImplicitFTPS)Transfermode(SelectPassiveorActive)ServerIP/FQDN AMustfilledsetting SpecifytheIPaddressorFQDNusedfortheexternalserver.ServerPort AMustfilledsettingSpecifythePortusedfortheexternalserver.Ifyouselectedacertainservertype,thedefaultserverportnumberwillbeset.ForEmailServer25willbesetbydefault;ForSyslogServer,port514willbesetbydefault;ForRADIUSServer,port1812willbesetbydefault;ForFTP(SFTP)Server,port21willbesetbydefault;ValueRange:1~65535.AccountPort 1.AMustfilledsetting2.1813issetbydefaultSpecifytheaccountingportusedifyouselectedexternalRADIUSserver.ValueRange:1~65535.
M2MCellularGateway 106 Server Theboxischeckedbydefault ClickEnabletoactivatethisExternalServer.Save N/A ClickSavetosavethesettingsUndo N/A ClickUndotocancelthesettingsRefresh N/A ClicktheRefreshbuttontorefreshtheexternalserverlist. 
M2MCellularGateway 107 3.5 CertificateIn cryptography, a public key certificate (also known as a digital certificate or identity certificate) is anelectronicdocumentusedtoproveownershipofapublickey.Thecertificateincludesinformationaboutthekey, information about its owner's identity, and the digital signature of an entity that has verified thecertificate'scontentsaregenuine.Ifthesignatureisvalid,andthepersonexaminingthecertificatetruststhesigner,thentheyknowtheycanusethatkeytocommunicatewithitsowner9.Inatypicalpublic‐keyinfrastructure(PKI)scheme,thesignerisacertificateauthority(CA),usuallyacompanysuchasVeriSignwhichchargescustomerstoissuecertificatesforthem.Inaweboftrustscheme,thesigneriseitherthekey'sowner(aself‐signedcertificate)orotherusers("endorsements")whomthepersonexaminingthecertificatemightknowandtrust.ThedevicealsoplaysasaCArole.CertificatesareanimportantcomponentofTransportLayerSecurity(TLS,sometimescalledbyitsoldernameSSL),wheretheypreventanattackerfromimpersonatingasecurewebsiteorotherserver.Theyarealsousedinotherimportantapplications,suchasemailencryptionandcode signing. Here, it can be used in IPSectunnelingforuserauthentication.3.5.1Configuration(notsupported)Not supported feature for the purchased product, leave it as blank.  9 http://en.wikipedia.org/wiki/Public_key_certificate.
M2MCellularGateway 108 3.5.2MyCertificateMyCertificateincludesaLocalCertificateList.LocalCertificateListshowsallgeneratedcertificatesbytherootCAforthegateway.AnditalsostoresthegeneratedCertificateSigningRequests(CSR)whichwillbesignedbyotherexternalCAs.Thesignedcertificatescanbeimportedasthelocalonesofthegateway.Self‐signedCertificateUsageScenarioScenarioApplicationTimingWhentheenterprisegatewayownstherootCAandVPNtunnelingfunction,itcangenerateitsownlocalcertificatesbybeingsignedbyitselforimportanylocal certificates that are signed by otherexternalCAs.AlsoimportthetrustedcertificatesforotherCAsandClients.Inaddition,sinceithastherootCA,italsocansignCertificateSigningRequests(CSR)toformcorrespondingcertificatesforothers.ThesecertificatescanbeusedfortworemotepeerstomakesuretheiridentityduringestablishingaVPNtunnel.ScenarioDescriptionGateway 1 generates the root CA and a local certificate (HQCRT) signed by itself. Import a trustedcertificate(BranchCRT)–aBranchCSRcertificateofGateway2signedbyrootCAofGateway1.Gateway2createsaCSR(BranchCSR)tolettherootCAoftheGateway1signittobetheBranchCRTcertificate.ImportthecertificateintotheGateway2asalocalcertificate.Inaddition,alsoimportthecertificatesoftherootCAoftheGateway1intotheGateway2asthetrustedones.(Pleasealsorefertofollowingtwosub‐sections)Establish an IPSec VPN tunnel with IKE and X.509 protocols by starting from either peer, so that all
M2MCellularGateway 109 clienthostsinthesebothsubnetscancommunicatewitheachother.ParameterSetupExampleForNetwork‐AatHQFollowingtableslisttheparameterconfigurationasanexampleforthe"MyCertificate"functionusedin the user authentication of IPSec VPN tunnel establishing, asshowninabovediagram.Theconfiguration example must be combined with the ones in followingtwosectionstocompletethewholeuserscenario.Usedefaultvalueforthoseparametersthatarenotmentionedinthetables.ConfigurationPath [MyCertificate]‐[RootCACertificateConfiguration]Name HQRootCAKey KeyType:RSAKeyLength:1024‐bitsSubjectName Country(C):TWState(ST):Taiwan Location(L):TainanOrganization(O):AMITHQOrganizationUnit(OU):HQRDCommonName(CN):HQRootCAE‐mail:hqrootca@amit.com.twConfigurationPath [MyCertificate]‐[LocalCertificateConfiguration]Name HQCRTSelf‐signed: ■Key KeyType:RSAKeyLength:1024‐bitsSubjectName Country(C):TWState(ST):Taiwan Location(L):TainanOrganization(O):AMITHQOrganizationUnit(OU):HQRDCommonName(CN):HQCRTE‐mail:hqcrt@amit.com.twConfigurationPath [IPSec]‐[Configuration]IPSec ■EnableConfigurationPath [IPSec]‐[TunnelConfiguration]Tunnel ■EnableTunnelName s2s‐101Interface WAN1TunnelScenarioSitetoSiteOperationModeAlwaysonConfigurationPath [IPSec]‐[Local&RemoteConfiguration]LocalSubnet 10.0.76.0LocalNetmask 255.255.255.0FullTunnel DisableRemoteSubnet 10.0.75.0RemoteNetmask 255.255.255.0RemoteGateway 118.18.81.33
M2MCellularGateway 110 ConfigurationPath [IPSec]‐[Authentication]KeyManagement IKE+X.509LocalCertificate:HQCRTRemoteCertificate:BranchCRTLocalID UserNameNetwork‐ARemoteID UserNameNetwork‐BConfigurationPath [IPSec]‐[IKEPhase]NegotiationMode MainModeX‐Auth NoneForNetwork‐BatBranchOfficeFollowingtableslisttheparameterconfigurationasanexampleforthe"MyCertificate"functionusedin the user authentication of IPSec VPN tunnel establishing, asshowninabovediagram.Theconfiguration example must be combined with the ones in followingtwosectionstocompletethewholeuserscenario.Usedefaultvalueforthoseparametersthatarenotmentionedinthetables.ConfigurationPath [MyCertificate]‐[LocalCertificateConfiguration]Name BranchCRTSelf‐signed: □Key KeyType:RSAKeyLength:1024‐bitsSubjectName Country(C):TWState(ST):Taiwan Location(L):TainanOrganization(O):AMITBranchOrganizationUnit(OU):BranchRDCommonName(CN):BranchCRTE‐mail:branchcrt@amit.com.twConfigurationPath [IPSec]‐[Configuration]IPSec ■EnableConfigurationPath [IPSec]‐[TunnelConfiguration]Tunnel ■EnableTunnelName s2s‐102Interface WAN1TunnelScenarioSitetoSiteOperationModeAlwaysonConfigurationPath [IPSec]‐[Local&RemoteConfiguration]LocalSubnet 10.0.75.0LocalNetmask 255.255.255.0FullTunnel DisableRemoteSubnet 10.0.76.0
M2MCellularGateway 111 RemoteNetmask 255.255.255.0RemoteGateway 203.95.80.22ConfigurationPath [IPSec]‐[Authentication]KeyManagement IKE+X.509LocalCertificate:BranchCRTRemoteCertificate:HQCRTLocalID UserNameNetwork‐BRemoteID UserNameNetwork‐AConfigurationPath [IPSec]‐[IKEPhase]NegotiationMode MainModeX‐Auth NoneScenarioOperationProcedureInabovediagram,"Gateway1"isthegatewayofNetwork‐Ainheadquarters and the subnet of itsIntranetis10.0.76.0/24.IthastheIPaddressof10.0.76.2forLANinterfaceand203.95.80.22forWAN‐1interface."Gateway2"isthegatewayofNetwork‐BinbranchofficeandthesubnetofitsIntranetis10.0.75.0/24.IthastheIPaddressof10.0.75.2forLANinterfaceand118.18.81.33forWAN‐1interface.TheybothserveastheNATsecuritygateways.Gateway 1 generates the root CA and a local certificate (HQCRT) that is signed by itself. Import thecertificates of the root CA and HQCRT into the "Trusted CA Certificate List" and "Trusted ClientCertificateList"ofGateway2.Gateway 2 generates a Certificate Signing Request (BranchCSR) foritsowncertificate(BranchCRT)(Pleasegenerateonenotself‐signedcertificateintheGateway2,andclickonthe"View"buttonforthatCSR.Justdownloadsit).TaketheCSRtobesignedbytherootCAofGateway1andobtaintheBranchCRTcertificate(youneedrenameit).Importthecertificateintothe"TrustedClientCertificateList"oftheGateway1andthe"LocalCertificateList"ofGateway2.Gateway2canestablishanIPSecVPNtunnelwith"SitetoSite"scenarioandIKEandX.509protocolstoGateway1.Finally,theclienthostsintwosubnetsof10.0.75.0/24and10.0.76.0/24cancommunicatewitheachother.
M2MCellularGateway 112 MyCertificateSettingGotoObjectDefinition>Certificate>MyCertificatetab.The My Certificate setting allows user to create local certificates. In "My Certificate" page, there are twoconfigurationwindowsforthe"MyCertificate"function.The"LocalCertificateList"windowshowsthestoredcertificatesorCSRsforrepresentingthegateway.The"LocalCertificateConfiguration"windowcanletyoufillrequiredinformationnecessaryforcorrespondingcertificatetobegeneratedbyitself,orcorrespondingCSRtobesignedbyotherCAs.CreateLocalCertificate WhenAddbuttonisapplied,LocalCertificateConfigurationscreenwillappear.The required information to be filled for the certificate or CSR includes the name, key and subject name. It is a certificate if the "Self-signed" box is checked; otherwise, it is a CSR. 
M2MCellularGateway 113 LocalCertificateConfigurationItem Valuesetting DescriptionName 1.Stringformatcanbeanytext2.AMustfilledsettingEnteracertificatename.ItwillbeacertificatefilenameIfSelf‐signedischecked,itwillbesignedbyrootCA.IfSelf‐signedisnotchecked,itwillgenerateacertificatesigningrequest(CSR).Key AMustfilledsetting Thisfieldistospecifythekeyattributesofcertificate.KeyTypetosetpublic‐keycryptosystems.Currently,onlyRSAissupported.KeyLengthtosetthelengthinbitsofthekeyusedinacryptographicalgorithm.Itcanbe512/768/1024/1536/2048.DigestAlgorithmtosetidentifierinthesignaturealgorithmidentifierofcertificates.ItcanbeMD5/SHA‐1.SubjectName AMustfilledsetting Thisfieldistospecify theinformationofcertificate.Country(C)isthetwo‐letterISOcodeforthecountrywhereyourorganizationislocated.State(ST)isthestatewhereyourorganizationislocated.Location(L)isthelocationwhereyourorganizationislocated.Organization(O)isthenameofyourorganization.OrganizationUnit(OU)isthenameofyourorganizationunit.CommonName(CN)isthenameofyourorganization.Emailistheemailofyourorganization.Ithastobeemailaddresssettingonly.ExtraAttributes AMustfilledsetting Thisfieldistospecify theextrainformationforgeneratingacertificate.Challenge Password for the password you can use to request certificaterevocationinthefuture.UnstructuredNameforadditionalinformation.SCEPEnrollment AMustfilledsetting Thisfieldistospecify theinformationofSCEP.Ifuserwantstogenerateacertificatesigningrequest(CSR)andthensignedbySCEPserveronline,usercanchecktheEnablebox.SelectaSCEPServertoidentifytheSCEPserverforuse.TheserverdetailedinformationcouldbespecifiedinExternalServers.RefertoObjectDefinition>ExternalServer>ExternalServer.YoumayclickAddObjectbuttontogenerate.SelectaCACertificatetoidentifywhichcertificatecouldbeacceptedbySCEPserverforauthentication.ItcouldbegeneratedinTrustedCertificates.SelectanoptionalCAEncryptionCertificate,ifitisrequired,toidentifywhichcertificatecouldbeacceptedbySCEPserverforencryptiondatainformation.ItcouldbegeneratedinTrustedCertificates.FillinoptionalCAIdentifiertoidentifywhichCAcouldbeusedforsigningcertificates.Save N/A ClicktheSavebuttontosavetheconfiguration.Back N/A WhentheBackbuttonisclicked,thescreenwillreturntopreviouspage.When Import button is applied, an Import screen will appear. You can import a certificate from an existedcertificatefile,ordirectlypasteaPEMencodedstringasthecertificate.
M2MCellularGateway 114 ImportItem Valuesetting DescriptionImport AMustfilledsetting Selectacertificatefilefromuser’scomputer,andclicktheApplybuttontoimportthespecifiedcertificatefiletothegateway.PEMEncoded 1.Stringformatcanbeanytext2.AMustfilledsettingThisisanalternativeapproachtoimportacertificate.Youcandirectlyfillin(CopyandPaste)thePEMencodedcertificatestring,andclicktheApplybuttontoimportthespecifiedcertificatetothegateway.Apply N/A ClicktheApplybuttontoimportthecertificate.Cancel N/A ClicktheCancelbuttontodiscardtheimportoperationandthescreenwillreturntotheMyCertificatespage. 
M2MCellularGateway 115 3.5.3TrustedCertificateTrustedCertificateincludesTrustedCACertificateList,TrustedClientCertificateList,andTrustedClientKeyList. The Trusted CA Certificate List places the certificates of external trusted CAs. The Trusted ClientCertificateListplacestheothers'certificateswhatyoutrust.AndtheTrustedClientKeyListplacestheothers’keyswhatyoutrusted.Self‐signedCertificateUsageScenarioScenarioApplicationTiming(sameastheonedescribedin"MyCertificate"section)WhentheenterprisegatewayownstherootCAandVPNtunnelingfunction,itcangenerateitsownlocalcertificatesbybeingsignedbyitself.AlsoimportsthetrustedcertificatesforotherCAsandClients.ThesecertificatescanbeusedfortworemotepeerstomakesuretheiridentityduringestablishingaVPNtunnel.ScenarioDescription(sameastheonedescribedin"MyCertificate"section)Gateway 1 generates the root CA and a local certificate (HQCRT) signed by itself. Import a trustedcertificate(BranchCRT)–aBranchCSRcertificateofGateway2signedbyrootCAofGateway1.Gateway2createsaCSR(BranchCSR)tolettherootCAoftheGateway1signittobetheBranchCRTcertificate.ImportthecertificateintotheGateway2asalocalcertificate.Inaddition,alsoimportsthecertificatesoftherootCAofGateway1intotheGateway2asthetrustedones.(Pleasealsoreferto"MyCertificate"and"IssueCertificate"sections).Establish an IPSec VPN tunnel with IKE and X.509 protocols by starting from either peer, so that allclienthostsinthesebothsubnetscancommunicatewitheachother.ParameterSetupExample(sameastheonedescribedin"MyCertificate"section)
M2MCellularGateway 116 ForNetwork‐AatHQFollowingtableslisttheparameterconfigurationasanexampleforthe"TrustedCertificate"functionused in the user authentication of IPSec VPN tunnel establishing, as shown in above diagram. Theconfiguration example must be combined with the ones in "My Certificate" and "Issue Certificate"sectionstocompletethesetupforthewholeuserscenario.ConfigurationPath [TrustedCertificate]‐[TrustedClientCertificateList]CommandButton ImportConfigurationPath [TrustedCertificate]‐[TrustedClientCertificateImportfromaFile]File BranchCRT.crtForNetwork‐BatBranchOfficeFollowingtableslisttheparameterconfigurationasanexampleforthe"TrustedCertificate"functionused in the user authentication of IPSec VPN tunnel establishing, as shown in above diagram. Theconfiguration example must be combined with the ones in "My Certificate" and "Issued Certificate"sectionstocompletethesetupforthewholeuserscenario.ConfigurationPath [TrustedCertificate]‐[TrustedCACertificateList]CommandButton ImportConfigurationPath [TrustedCertificate]‐[TrustedCACertificateImportfromaFile]File HQRootCA.crtConfigurationPath [TrustedCertificate]‐[TrustedClientCertificateList]CommandButton ImportConfigurationPath [TrustedCertificate]‐[TrustedClientCertificateImportfromaFile]File HQCRT.crtScenarioOperationProcedure(sameastheonedescribedin"MyCertificate"section)Inabovediagram,the"Gateway1"isthegatewayofNetwork‐AinheadquartersandthesubnetofitsIntranetis10.0.76.0/24.IthastheIPaddressof10.0.76.2forLANinterfaceand203.95.80.22forWAN‐1interface.The"Gateway2"isthegatewayofNetwork‐Binbranch office and the subnet of itsIntranetis10.0.75.0/24.IthastheIPaddressof10.0.75.2forLANinterfaceand118.18.81.33forWAN‐1interface.TheybothserveastheNATsecuritygateways.InGateway2importthecertificatesoftherootCAandHQCRTthat were generated and signed byGateway1intothe"TrustedCACertificateList"and"TrustedClientCertificateList"ofGateway2.
M2MCellularGateway 117 Importthe obtainedBranchCRTcertificate(thederived BranchCSRcertificateafterGateway1’s rootCAsignature)intothe"TrustedClientCertificateList"oftheGateway1andthe"LocalCertificateList"oftheGateway2.Formoredetails,refertotheNetwork‐Boperation procedure in "My Certificate"sectionofthismanual.Gateway2canestablishanIPSecVPNtunnelwith"SitetoSite"scenarioandIKEandX.509protocolstoGateway1.Finally,theclienthostsintwosubnetsof10.0.75.0/24and10.0.76.0/24cancommunicatewitheachother.
M2MCellularGateway 118 TrustedCertificateSettingGotoObjectDefinition>Certificate>TrustedCertificatetab.TheTrustedCertificatesettingallowsusertoimporttrustedcertificatesandkeys.ImportTrustedCACertificate When Import button is applied, a Trusted CA importscreenwillappear.YoucanimportaTrustedCAcertificatefromanexistedcertificatefile,ordirectlypasteaPEMencodedstringasthecertificate.TrustedCACertificateListItem Valuesetting DescriptionImportfromaFileAMustfilledsetting SelectaCAcertificatefilefromuser’scomputer,andclicktheApply buttontoimportthespecifiedCAcertificatefiletothegateway.ImportfromaPEM1.Stringformatcanbeanytext2.AMustfilledsettingThisisanalternativeapproachtoimportaCAcertificate.Youcandirectlyfillin(CopyandPaste)thePEMencodedCAcertificatestring,andclicktheApplybuttontoimportthespecifiedCAcertificatetothegateway.Apply N/A ClicktheApplybuttontoimportthecertificate.Cancel N/A ClicktheCancelbuttontodiscardtheimportoperationandthescreenwillreturntotheTrustedCertificatespage.InsteadofimportingaTrustedCAcertificatewithmentionedapproaches,youcanalsogettheCAcertificatefromtheSECPserver.IfSCEPisenabled(RefertoObjectDefinition>Certificate>Configuration),youcanclickGetCAbutton,aGetCAConfigurationscreenwillappear.
M2MCellularGateway 119 GetCAConfigurationItem Valuesetting DescriptionSCEPServer AMustfilledsetting SelectaSCEPServer toidentifytheSCEPserverforuse.TheserverdetailedinformationcouldbespecifiedinExternalServers.RefertoObjectDefinition>ExternalServer>ExternalServer.YoumayclickAddObjectbuttontogenerate.CAIdentifier 1.StringformatcanbeanytextFillinoptionalCAIdentifier toidentifywhichCAcouldbeusedforsigningcertificates.Save N/A ClickSave tosavethesettings.Close N/A ClicktheClosebuttontoreturntotheTrustedCertificatespage.ImportTrustedClientCertificate When Import button is applied, a Trusted Client Certificate Import screen will appear. You can import aTrusted Client Certificate from an existed certificate file, or directly paste a PEM encoded string as thecertificate.TrustedClientCertificateList
M2MCellularGateway 120 Item Valuesetting DescriptionImportfromaFileAMustfilledsetting Selectacertificatefilefromuser’scomputer,andclicktheApplybuttontoimportthespecifiedcertificatefiletothegateway.ImportfromaPEM1.Stringformatcanbeanytext2.AMustfilledsettingThisisanalternativeapproachtoimportacertificate.Youcandirectlyfillin(CopyandPaste)thePEMencodedcertificatestring,andclicktheApplybuttontoimportthespecifiedcertificatetothegateway.Apply N/A ClicktheApplybuttontoimportcertificate.Cancel N/A ClicktheCancelbuttontodiscardtheimportoperationandthescreenwillreturntotheTrustedCertificatespage.ImportTrustedClientKey When Import button is applied, a Trusted Client Key Import screen will appear. You can import a TrustedClientKeyfromanexistedfile,ordirectlypasteaPEMencodedstringasthekey.TrustedClientKeyListItem Valuesetting DescriptionImportfromaFileAMustfilledsetting Selectacertificatekeyfilefromuser’scomputer,andclicktheApplybuttontoimportthespecifiedkeyfiletothegateway.ImportfromaPEM1.Stringformatcanbeanytext2.AMustfilledsettingThisisanalternativeapproachtoimportacertificatekey.Youcandirectlyfillin(CopyandPaste)thePEMencodedcertificatekeystring,andclicktheApplybuttontoimportthespecifiedcertificatekeytothegateway.Apply N/A ClicktheApplybuttontoimportthecertificatekey.Cancel N/A ClicktheCancelbuttontodiscardtheimportoperationandthescreenwillreturntotheTrustedCertificatespage. 
M2MCellularGateway 121 Chapter4FieldCommunication(notsupported)Not supported feature for the purchased product, leave it as blank. 
M2MCellularGateway 122 Chapter5Security 5.1 VPNAvirtualprivatenetwork(VPN)extendsaprivatenetworkacross a public network, such as the Internet. Itenablesacomputertosendandreceivedataacrosssharedorpublicnetworksasifitweredirectlyconnectedtotheprivatenetwork,whilebenefittingfromthefunctionality, security and management policies of theprivatenetwork.Thisisdonebyestablishingavirtualpoint‐to‐pointconnectionthroughtheuseofdedicatedconnections, encryption, or a combination of the two. The tunnel technology supports data confidentiality,data origin authentication and data integrity of network information by utilizing encapsulation protocols,encryptionalgorithms,andhashingalgorithms.The product series supports different tunneling technologies to establish secure tunnels between multiplesitesfordatatransferring,suchasIPSec,OpenVPN,L2TP(overIPSec),PPTPandGRE.Besides,someadvancedfunctions, like Full Tunnel, Tunnel Failover, Tunnel Load Balance, NetBIOS over IPSec, NAT Traversal andDynamicVPN,arealsosupported.
M2MCellularGateway 123 5.1.1IPSecInternetProtocolSecurity(IPSec)isaprotocolsuiteforsecuring Internet Protocol (IP) communications byauthenticating and encrypting each IP packet of a communication session. IPSec includes protocols forestablishingmutualauthenticationbetweenagentsatthebeginning of the session and negotiation ofcryptographickeystobeusedduringthesession.AnIPSecVPNtunnelisestablishedbetweenIPSecclientandserver.Sometimes,wecalltheIPSecVPNclientastheinitiatorandtheIPSecVPNserverastheresponder.Thisgatewaycanbeconfiguredasdifferentrolesandestablishnumberoftunnelswithvariousremotedevices.BeforegoingtosetuptheVPNconnections,youmayneedtodecidethescenariotypeforthetunneling.IPSecTunnelScenariosTobuildIPSectunnel,youneedtofillinremotegatewayglobalIP,andoptionalsubnet if the hosts behind IPSec peercanaccesstoremotesiteorhosts.Under such configuration, there arefourscenarios:SitetoSite:Youneedtosetupremotegateway IP and subnet of bothgateways. After the IPSec tunnelestablished, hosts behind bothgatewayscancommunicationeachotherthroughthetunnel.SitetoHost:SitetoHostissuitablefortunnelingbetweenclientsinasubnetandanapplicationserver(host).
M2MCellularGateway 124 As in the diagram, the clients behind the M2M gateway can access to the host "Host‐DC" located in thecontrolcenterthroughSitetoHostVPNtunnel.Host to Site: On the contrast, for a single host (or mobile user to) to access the resources located in anintranet,theHosttoSitescenariocanbeapplied.HosttoHost:HosttoHostisaspecialconfigurationforbuildingaVPNtunnelbetweentwosinglehosts.SitetoSitewith"FullTunnel"enabledIn"SitetoSite"scenario,clienthostsinremotesitecanaccess the enterprise resources in the Intranet of HQgateway via an established IPSec tunnel, as describedabove. However, Internet access originates fromremotesitestillgothroughitsregularWANconnection.Ifyouwantallpacketsfromremotesitetoberoutedvia this IPSec tunnel, including HQ server access andInternet access, you can just enable the “Full Tunnel"setting.Asaresult,everytimeuserssurfsweborsearchingdataonInternet,checkingpersonalemails,orHQserveraccess,alltrafficswillgothroughthesecureIPSec tunnel and route by the Security Gateway incontrolcenter.SitetoSitewith"HubandSpoke"mechanismFora controlcenter tomanage thesecure Intranetamong all its remote sites, there is a simpleconfiguration,called HubandSpoke,forthewholeVPNnetwork.AHubandSpokeVPNNetworkissetup in organizations with centralized control centerover all its remote sites, like shops or offices. Thecontrolcenteracts as theHubroleand theremoteshopsorOfficesactasSpokes.AllVPNtunnelsfromremotesitesterminateatthisHub,whichactsasaconcentrator. Site‐to‐site connections betweenspokes do not exist. Traffic originating from onespokeanddestinedforanotherspokehastogoviathe Hub. Under such configuration, you don’t needtomaintainVPNtunnelsbetweeneachtworemoteclients.
M2MCellularGateway 125 IPSecSettingGotoSecurity>VPN>IPSectab.TheIPSecSettingallowsusertocreateandconfigureIPSectunnels.EnableIPSecConfigurationWindowItem Valuesetting DescriptionIPsec Uncheckedbydefault ClicktheEnableboxtoenableIPSecfunction.NetBIOSoverIPSec Uncheckedbydefault ClicktheEnableboxtoenableNetBIOSoverIPSecfunction.NATTraversal Checkedbydefault ClicktheEnableboxtoenableNATTraversalfunction.Max.ConcurrentIPSecTunnelsDependsonProductspecification.ThespecifiedvaluewilllimitthemaximumnumberofsimultaneousIPSectunnelconnection.Thedefaultvaluecanbedifferentforthepurchasedmodel.Save N/A ClickSavetosavethesettingsUndo N/A ClickUndotocancelthesettingsCreate/EditIPSectunnelEnsurethattheIPSecenableboxischeckedtoenablebeforefurtherconfiguringtheIPSectunnelsettings.WhenAdd/Editbuttonisapplied,aseriesofconfigurationscreenswillappear.TheyareTunnelConfiguration,Local & Remote Configuration, Authentication, IKE Phase, IKE Proposal Definition, IPSec Phase, and IPSecProposalDefinition.YouhavetoconfigurethetunneldetailsforbothlocalandremoteVPNdevices.
M2MCellularGateway 126 TunnelConfigurationWindowItem Valuesetting DescriptionTunnel Uncheckedbydefault ChecktheEnableboxtoactivatetheIPSectunnelTunnelName1.AMustfillsetting2.StringformatcanbeanytextEnteratunnelname.Enteranamethatiseasyforyoutoidentify.ValueRange:1~19characters.Interface1.AMustfillsetting2.WAN1isselectedbydefaultSelecttheinterfaceonwhichIPSectunnelistobeestablished.ItcanbetheavailableWANandLANinterfaces.TunnelScenario1.AMustfillsetting2.SitetositeisselectedbydefaultSelectanIPSectunnelingscenariofromthedropdownboxforyourapplication.SelectSite‐to‐Site,Site‐to‐Host,Host‐to‐Site,orHost‐to‐Host.IfLANinterfaceisselected,onlyHost‐to‐Hostscenarioisavailable.WithSite‐to‐SiteorSite‐to‐HostorHost‐to‐Site,IPSecoperatesintunnelmode.Thedifferenceamongthemisthenumberofsubnets.WithHost‐to‐Host,IPSecoperatesintransportmode.TunelTCPMSS1.Anoptionalsetting2.AutoissetbydefaultSelectfromthedropdownboxtodefinethesizeofTunelTCPMSS.SelectAuto,andalldeviceswilladjustthisparameterautomatically.SelectManual,andspecifyanexpectedvauleforTunelTCPMSS.ValueRange:64~1500bytes.HubandSpoke1.Anoptionalsetting2.NoneissetbydefaultSelectfromthedropdownboxtosetupyourgatewayforHub‐and‐SpokeIPSecVPNDeployments.SelectNoneifyourdeploymentswillnotsupportHuborSpokeencryption.SelectHubforaHubroleintheIPSecdesign.SelectSpokeforaSpokeroleintheIPSecdesign.Note:HubandSpokeareavailableonlyforSite‐to‐SiteVPNtunnelingspecifiedinTunnelScenario.ItisnotavailableforDynamicVPNtunnelingapplication.OperationMode 1.AMustfillsetting2.AlwayonisselectedDefineoperationmodefortheIPSecTunnel.ItcanbeAlwaysOn,orFailover.Ifthistunnelissetasafailovertunnel,youneedtofurtherselectaprimary
M2MCellularGateway 127 bydefault tunnelfromwhichtofailoverto.Note:FailovermodeisnotavailableforthegatewaywithsingleWAN.EncapsulationProtocol1.AMustfillsetting2.ESPisselectedbydefaultSelecttheEncapsulationProtocolfromthedropdownboxforthisIPSectunnel.AvailableencapsulationsareESPandAH.Local&RemoteConfigurationWindowItem Valuesetting DescriptionLocalSubnetList AMustfillsettingSpecifytheLocalSubnetIPaddressandSubnetMask.ClicktheAddorDeletebuttontoaddordeleteaLocalSubnet.Note_1:WhenDynamicVPNoptioninTunnelScenarioisselected,therewillbeonlyonesubnetavailable.Note_2:WhenHost‐to‐SiteorHost‐to‐HostoptioninTunnelScenarioisselected,LocalSubnetwillnotbeavailable.Note_3:WhenHubandSpokeoptioninHubandSpokeisselected,therewillbeonlyonesubnetavailable.RedirectTraffic UncheckedbydefaultClickEnableboxtoactivatetheRedirectTrafficfunction.Note:RedirectTrafficisavailableonlyforHost‐to‐SitespecifiedinTunnelScenario.Bydefault,itisdisabled,soitcanpreventtheun‐expectedanddangerousaccesstothepeersubnet.Ifyouenablesuchfunction,allthenetworkdevicesbehindtheVPNhost(actually,itisanNATgateway)canaccesstothepeersubnetwiththehostIP.FullTunnel Uncheckedbydefault ClickEnableboxtoenableFullTunnel.Note:FulltunnelisavailableonlyforSite‐to‐SitespecifiedinTunnelScenario.
M2MCellularGateway 128 RemoteSubnetList AMustfillsetting SpecifytheRemoteSubnetIPaddressandSubnetMask.ClicktheAddorDeletebuttontoaddordeleteRemoteSubnetsetting.RemoteGateway1.AMustfillsetting.2.Formatcanbeaipv4addressorFQDNSpecifytheRemoteGateway.AuthenticationConfigurationWindowItem Valuesetting DescriptionKeyManagement1.AMustfillsetting2.Pre‐sharedKey8to32characters.SelectKeyManagementfromthedropdownboxforthisIPSectunnel.IKE+Pre‐sharedKey: userneedstosetakey(8~32characters).IKE+X.509:userneedsCertificatetoauthenticate.IKE+X.509willbeavailableonlywhenCertificatehasbeenconfiguredproperly.RefertoCertificatesectionofthismanualandalsoObjectDefinition>Certificateinweb‐basedutility.Manually:userneedstoenterkeyIDtoauthenticate.ManualkeyconfigurationwillbeexplainedinthefollowingManualKeyManagementsection.LocalID AnoptionalsettingSpecifytheLocalIDforthisIPSectunneltoauthenticate.SelectUserNameforLocalIDandentertheusername.Theusernamemayincludebutcan’tbeallnumbers.SelectFQDNforLocalIDandentertheFQDN.SelectUser@FQDNforLocalIDandentertheUser@FQDN.SelectKeyIDforLocalIDandentertheKeyID(Englishalphabetornumber).RemoteID AnoptionalsettingSpecifytheRemoteIDforthisIPSectunneltoauthenticate.SelectUserNameforRemoteIDandentertheusername.Theusernamemayincludebutcan’tbeallnumbers.SelectFQDNforLocalIDandentertheFQDN.SelectUser@FQDNforRemoteIDandentertheUser@FQDN.SelectKeyIDforRemoteIDandentertheKeyID(Englishalphabetornumber).Note:RemoteIDwillbenotavailablewhenDynamicVPNoptioninTunnelScenarioisselected.
M2MCellularGateway 129 IKEPhaseWindowItem Valuesetting DescriptionIKEVersion1.Amustfillsetting2.v1isselectedbydefaultSpecifytheIKEversionforthisIPSectunnel.Selectv1orv2Note:IKEversionswillnotbeavailablewhenDynamicVPNoptioninTunnelScenarioisselected,orAHoptioninEncapsulationProtocolisselected.NegotiationMode MainModeissetbydefaultdefaultSpecifytheNegotiationModeforthisIPSectunnel.SelectMainModeorAggressiveMode.X‐Auth NoneisselectedbydefaultSpecifytheX‐AuthroleforthisIPSectunnel.SelectServer,Client,orNone.SelectedNonenoX‐Authauthenticationisrequired.SelectedServerthisgatewaywillbeanX‐Authserver.ClickontheX‐AuthAccountbuttontocreateremoteX‐Authclientaccount.SelectedClientthisgatewaywillbeanX‐Authclient.EnterUsernameandPasswordtobeauthenticatedbytheX‐Authservergateway.Note:X‐AuthClientwillnotbeavailableforDynamicVPNoptionselectedinTunnelScenario.DeadPeerDetection(DPD)1.Checkedbydefault2.DefaultTimeout180sandDelay30sClickEnableboxtoenableDPDfunction.SpecifytheTimeoutandDelaytimeinseconds.ValueRange:0~999secondsforTimeoutandDelay.Phase1KeyLifeTime1.AMustfillsetting2.Default3600s3.Max.86400sSpecifythePhase1KeyLifeTime.ValueRange:30~86400.
M2MCellularGateway 130 IKEProposalDefinitionWindowItem Valuesetting DescriptionIKEProposalDefinition AMustfillsettingSpecifythePhase1Encryptionmethod.ItcanbeDES/3DES/AES‐auto/AES‐128/AES‐192/AES‐256.SpecifytheAuthenticationmethod.ItcanbeNone/MD5/SHA1/SHA2‐256.SpecifytheDHGroup.ItcanbeNone/Group1/Group2/Group5/Group14/Group15/Group16/Group17/Group18.CheckEnableboxtoenablethissettingIPSecPhaseWindowItem Valuesetting DescriptionPhase2KeyLifeTime1.AMustfillsetting2.28800sissetbydefault3.Max.86400sSpecifythePhase2KeyLifeTimeinsecond.ValueRange:30~86400.
M2MCellularGateway 131 IPSecProposalDefinitionWindowItem Valuesetting DescriptionIPSecProposalDefinition AMustfillsettingSpecifytheEncryptionmethod.ItcanbeNone/DES/3DES/AES‐auto/AES‐128/AES‐192/AES‐256.Note:NoneisavailableonlywhenEncapsulationProtocolissetasAH;itisnotavailableforESPEncapsulation.SpecifytheAuthenticationmethod.ItcanbeNone/MD5/SHA1/SHA2‐256.Note:NoneandSHA2‐256areavailableonlywhenEncapsulationProtocolissetasESP;theyarenotavailableforAHEncapsulation.SpecifythePFSGroup.ItcanbeNone/Group1/Group2/Group5/Group14/Group15/Group16/Group17/Group18.ClickEnabletoenablethissettingSave N/A ClickSavetosavethesettingsUndo N/A ClickUndotocancelthesettingsBack N/A ClickBacktoreturntothepreviouspage.ManualKeyManagementWhen the Manually option is selected for Key Management as described in Authentication ConfigurationWindow, a series of configuration windows for Manual IPSec Tunnel configuration will appear. TheconfigurationwindowsaretheLocal&RemoteConfiguration,theAuthentication,andtheManualProposal.AuthenticationWindowItem Valuesetting Description
M2MCellularGateway 132 KeyManagement AMustfillsetting SelectKeyManagementfromthedropdownboxforthisIPSectunnel.InthissectionManuallyistheoptionselected.LocalID Anoptionalsetting SpecifytheLocalIDforthisIPSectunneltoauthenticate.SelecttheKeyIDforLocalIDandentertheKeyID(Englishalphabetornumber).RemoteID Anoptionalsetting SpecifytheRemoteIDforthisIPSectunneltoauthenticate.SelectKeyIDforRemoteIDandentertheKeyID(Englishalphabetornumber).Local&RemoteConfigurationWindowItem Valuesetting DescriptionLocalSubnet AMustfillsetting SpecifytheLocalSubnetIPaddressandSubnetMask.LocalNetmask AMustfillsetting SpecifytheLocalSubnetMask.RemoteSubnet AMustfillsetting SpecifytheRemoteSubnetIPaddressRemoteNetmask AMustfillsetting SpecifytheRemoteSubnetMask.RemoteGateway1.AMustfillsetting2.AnIPv4addressorFQDNformatSpecifytheRemoteGateway.TheRemoteGatewayUnder the Manually Key Management authentication configuration, only one subnet is supported for bothLocalandRemoteIPSecpeer.ManualProposalWindowItem Valuesetting DescriptionOutboundSPI Hexadecimalformat SpecifytheOutboundSPIforthisIPSectunnel.
M2MCellularGateway 133 ValueRange:0~FFFF.InboundSPI Hexadecimalformat SpecifytheInboundSPIforthisIPSectunnel.ValueRange:0~FFFF.Encryption 1.AMustfillsetting2.HexadecimalformatSpecifytheEncryptionMethodandEncryptionkey.AvailableencryptionmethodsareDES/3DES/AES‐128/AES‐192/AES‐256.ThekeylengthforDESis16,3DESis48,AES‐128is32,AES‐192is48,andAES‐256is64.Note:WhenAHoptioninEncapsulationisselected,encryptionwillnotbeavailable.Authentication 1.AMustfillsetting2.HexadecimalformatSpecifytheAuthenticationMethodandAuthenticationkey.AvailableencryptionsareNone/MD5/SHA1/SHA2‐256.ThekeylengthforMD5is32,SHA1is40,andSHA2‐256is64.Note:WhenAHoptioninEncapsulationProtocolisselected,NoneoptioninAuthenticationwillnotbeavailable.Save N/A ClickSavetosavethesettingsUndo N/A ClickUndotocancelthesettingsBack N/A ClickBacktoreturntothepreviouspage.Create/EditDynamicVPNServerListSimilartocreateanIPSecVPNTunnelforsite/hosttosite/hostscenario,whenEditbuttonisappliedaseriesof configuration screen will appear. They are Tunnel Configuration,Local&RemoteConfiguration,Authentication, IKE Phase, IKE Proposal Definition, IPSec Phase, and IPSec Proposal Definition. You have toconfigurethetunneldetailsforthegatewayasaDynamicVPNserver.Note:Forthepurchasedgateway,youcanconfigureoneDynamicVPNserverforeachWANinterface.
M2MCellularGateway 134 TunnelConfigurationWindowItem Valuesetting DescriptionTunnel Uncheckedbydefault ChecktheEnableboxtoactivatetheDynamicIPSecVPNtunnel.TunnelName1.AMustfillsetting2.StringformatcanbeanytextEnteratunnelname.Enteranamethatiseasyforyoutoidentify.ValueRange:1~19characters.Interface1.AMustfillsetting2.WAN1isselectedbydefaultSelectWANinterfaceonwhichIPSectunnelistobeestablished.TunnelScenario1.AMustfillsetting2.DynamicVPNisselectedbydefaultTheIPSectunnelingscenarioisfixedtoDynamicVPN.OperationMode1.AMustfillsetting2.AlwayonisselectedbydefaultTheavailableoperationmodeisAlwaysOn.FailoveroptionisnotavailablefortheDynamicIPSecscenario.EncapsulationProtocol1.AMustfillsetting2.ESPisselectedbydefaultSelecttheEncapsulationProtocolfromthedropdownboxforthisIPSectunnel.AvailableencapsulationsareESPandAH.Local&RemoteConfigurationWindowItem Valuesetting DescriptionLocalSubnet AMustfillsetting SpecifytheLocalSubnetIPaddress.LocalNetmask AMustfillsetting SpecifytheLocalSubnetMask.AuthenticationConfigurationWindowItem Valuesetting DescriptionKeyManagement 1.AMustfillsetting SelectKeyManagementfromthedropdownboxforthisIPSectunnel.
M2MCellularGateway 135 2.Pre‐sharedKey8to32characters.IKE+Pre‐sharedKey: userneedstosetakey(8~32characters).LocalID AnoptionalsettingSpecifytheLocalIDforthisIPSectunneltoauthenticate.SelectUserNameforLocalIDandentertheusername.Theusernamemayincludebutcan’tbeallnumbers.SelectFQDNforLocalIDandentertheFQDN.SelectUser@FQDNforLocalIDandentertheUser@FQDN.SelectKeyIDforLocalIDandentertheKeyID(Englishalphabetornumber).RemoteID AnoptionalsettingSpecifytheRemoteIDforthisIPSectunneltoauthenticate.SelectUserNameforRemoteIDandentertheusername.Theusernamemayincludebutcan’tbeallnumbers.SelectFQDNforLocalIDandentertheFQDN.SelectUser@FQDNforRemoteIDandentertheUser@FQDN.SelectKeyIDforRemoteIDandentertheKeyID(Englishalphabetornumber).Note:RemoteIDwillbenotavailablewhenDynamicVPNoptioninTunnelScenarioisselected.FortherestIKEPhase,IKEProposalDefinition,IPSecPhase,andIPSecProposalDefinitionsettings,theyarethesameasthatofcreatinganIPSecTunneldescribedinprevioussection.Pleaserefertotherelateddescription.
M2MCellularGateway 136 5.1.2OpenVPNOpenVPN is an application that implements virtual private network (VPN) techniques for creating securepoint‐to‐pointor site‐to‐siteconnectionsin routedor bridgedconfigurationsand remote access facilities.Ituses a custom security protocol that utilizes SSL/TLS for key exchange.Itiscapableoftraversingnetworkaddresstranslators(NATs)andfirewalls.OpenVPN allows peers to authenticate each other using a Static Key (pre‐shared key) or certificates. Whenused in a multi‐client‐server configuration,itallowstheserver to release an authentication certificate forevery client,using signatureand certificate authority.It uses the OpenSSL encryption library extensively, aswellastheSSLv3/TLSv1protocol,andcontainsmanysecurityandcontrolfeatures.OpenVPN Tunneling is a Client and Server based tunneling technology. The OpenVPN Server must have aStaticIPoraFQDN,andmaintainaClientlist.TheOpenVPNClientmaybeamobileuserormobilesitewithpublic IP or private IP, and requesting the OpenVPN tunnel connection. The product can only behave as aOpenVPNClientroleforanOpenVPNtunnelconnection.TherearetwoOpenVPNconnectionscenarios.TheyaretheTAPandTUNscenarios.Theproductcancreateeither alayer‐3based IP tunnel (TUN), or a layer‐2based Ethernet TAP that can carry any type of Ethernettraffic.InadditiontoconfiguringthedeviceasaServerorClient,youhavetospecifywhichtypeofOpenVPNconnectionscenarioistobeadopted.OpenVPNTUNScenarioTheterm"TUN"modeisreferredtoroutingmodeandoperateswithlayer3packets.Inroutingmode,theVPNclient is given an IP address on a different subnet thanthe local LAN under the OpenVPN server. This virtualsubnet is created for connecting to any remote VPNcomputers. In routing mode, the OpenVPN servercreates a "TUN" interface with its own IP address poolwhich is different to the local LAN. Remote hosts thatdial‐in will get an IP address inside the virtual networkandwillhaveaccessonlytotheserverwhereOpenVPNresides.IfyouwanttoofferremoteaccesstoaVPNserverfromclient(s),andinhibittheaccesstoremoteLANresourcesunder VPN server, OpenVPN TUN mode is the simplestsolution.Asshowninthediagram,theM2M‐IoTGatewayisconfiguredasanOpenVPNTUNClient,andconnectstoanOpenVPN UN Server. Once the OpenVPN TUN connection is established, the connected TUN client will be
M2MCellularGateway 137 assignedavirtualIP(10.8.0.2)whichisbelongtoavirtualsubnetthatisdifferenttothelocalsubnetinControlCenter. With such connection, the local networked devices will get a virtual IP 10.8.0.x if its traffic goesthroughtheOpenVPNTUNconnectionwhenRedirectInternetTrafficsettingsisenabled;Besides,theSCADAServerinControlCentercanaccessremoteattachedserialdevice(s)withthevirtualIPaddress(10.8.0.2).OpenVPNTAPScenarioTheterm"TAP"isreferredtobridgemodeandoperateswith layer 2 packets. In bridge mode, the VPN client isgiven an IP address on the same subnet as the LANresided under the OpenVPN server. Under suchconfiguration, the OpenVPN client can directly access totheresourcesinLAN.IfyouwanttoofferremoteaccesstotheentireremoteLANforVPNclient(s),youhavetosetupOpenVPNin“TAP”bridgemode.As shown in the diagram, the M2M‐IoT Gateway isconfiguredasanOpenVPNTAPClient,andconnectstoanOpenVPNTAPServer.OncetheOpenVPNTAPconnectionisestablished,theconnectedTAPclientwillbeassignedavirtualIP(192.168.100.210)whichisthe samesubnetasthatoflocalsubnetinControlCenter.Withsuchconnection,theSCADAServerinControlCentercanaccessremoteattachedserialdevice(s)withthevirtualIPaddress(192.168.100.210).
M2MCellularGateway 138 OpenVPNSettingGotoSecurity>VPN>OpenVPNtab.TheOpenVPNsettingallowsusertocreateandconfigureOpenVPNtunnels.EnableOpenVPNConfigurationItem Valuesetting DescriptionOpenVPN TheboxisuncheckedbydefaultChecktheEnable boxtoactivatetheOpenVPNfunction.Client Clientisselectedbydefault.Only Clientis available,youcanspecifytheclientsettingsinanotherclientconfigurationwindow.
M2MCellularGateway 139 AsanOpenVPNClientIfClientisselected,anOpenVPNClientListscreenwillappear.WhenAddbuttonisapplied,OpenVPNClientConfigurationscreenwillappear.OpenVPNClientConfigurationwindowletyouspecifytherequiredparametersforanOpenVPNVPNclient,suchas"OpenVPNClientName","Interface", "Protocol", "Tunnel Scenario", "Remote IP/FQDN", "Remote Subnet", "Authorization Mode","EncryptionCipher","HashAlgorithm"andtunnelactivation.
M2MCellularGateway 140 OpenVPNClientConfigurationItem Valuesetting DescriptionOpenVPNClientNameAMustfilledsetting TheOpenVPNClientName willbeusedtoidentifytheclientinthetunnellist.ValueRange:1~32characters.Interface 1.AMustfilledsetting2.BydefaultWAN‐1isselected.DefinethephysicalinterfacetobeusedforthisOpenVPNClienttunnel.Protocol 1.AMustfilledsetting2.BydefaultTCPisselected.DefinetheProtocol fortheOpenVPNClient. SelectTCP‐>TheOpenVPNwilluseTCPprotocol,andPortwillbesetas443automatically. SelectUDP‐>TheOpenVPNwilluseUDPprotocol,andPortwillbesetas1194automatically.Port 1.AMustfilledsetting2.Bydefault443isset.SpecifythePort fortheOpenVPNClienttouse.Value Range: 1 ~ 65535.TunnelScenario 1.AMustfilledsetting2.BydefaultTUNisselected.Specify the type ofTunnel Scenario for the OpenVPN Client to use. It can beTUNforTUNtunnelscenario,orTAPforTAPtunnelscenario.RemoteIP/FQDN AMustfilledsetting SpecifytheRemoteIP/FQDN ofthepeerOpenVPNServerforthisOpenVPNClienttunnel.FillintheIPaddressorFQDN.RemoteSubnet 1.AnOptionalsetting.2.Theboxisuncheckedbydefault.ChecktheEnable boxtoactivateremotesubnetfunction,andspecify RemoteSubnetofthepeerOpenVPNServerforthisOpenVPNClienttunnel.Fillintheremotesubnetaddressandremotesubnetmask.RedirectInternetTraffic1.AnOptionalsetting.2.Theboxisuncheckedbydefault.ChecktheEnable boxtoactivatetheRedirectInternetTrafficfunction.NAT 1.AnOptionalsetting.2.Theboxisuncheckedbydefault.ChecktheEnable boxtoactivatetheNAT function.AuthorizationMode 1.AMustfilledsetting2.BydefaultTLSisselected.Specify theauthorizationmode fortheOpenVPNServer. TLS‐>The OpenVPN will use TLS authorization mode, and the following items CACert.,ClientCert.andClientKeywillbedisplayed.CA Cert. could be selected in Trusted CA Certificate List. Refer to ObjectDefinition>Certificate>TrustedCertificate.ClientCert.couldbeselectedinLocalCertificateList.RefertoObjectDefinition>Certificate>MyCertificate.ClientKeycouldbeselectedinTrustedClientkeyList.RefertoObjectDefinition>Certificate>TrustedCertificate. StaticKey‐>TheOpenVPNwillusestatickeyauthorizationmode,andthefollowingitemsLocalEndpointIPAddress,RemoteEndpointIPAddressandStaticKeywillbedisplayed.LocalEndpointIPAddressAMustfilledsetting Specifythe virtual LocalEndpointIPAddress ofthisOpenVPNgateway.ValueRange:TheIPformatis10.8.0.x,therangeofxis1~254.Note:LocalEndpointIPAddresswillbeavailableonlywhenStaticKeyischoseninAuthorizationMode.
M2MCellularGateway 141 RemoteEndpointIPAddressAMustfilledsetting Specifythevirtual Remote EndpointIPAddressofthepeerOpenVPNgateway.ValueRange:TheIPformatis10.8.0.x,therangeofxis1~254.Note: Remote Endpoint IP Address will be available only when StaticKeyischoseninAuthorizationMode.StaticKeyAMustfilledsetting SpecifytheStaticKey.Note:StaticKeywillbeavailableonlywhenStaticKeyischoseninAuthorizationMode.EncryptionCipher BydefaultBlowfishisselected.SpecifytheEncryptionCipher.ItcanbeBlowfish/AES‐256/AES‐192/AES‐128/None.HashAlgorithm BydefaultSHA‐1isselected.SpecifytheHashAlgorithm.ItcanbeSHA‐1/MD5/MD4/SHA2‐256/SHA2‐512/None/Disable.LZOCompression BydefaultAdaptiveisselected.SpecifytheLZOCompressionscheme.ItcanbeAdaptive/YES/NO/Default.PersisKey 1.AnOptionalsetting.2.Theboxischeckedbydefault.ChecktheEnable boxtoactivatethePersisKeyfunction.PersisTun 1.AnOptionalsetting.2.Theboxischeckedbydefault.ChecktheEnable boxtoactivatethePersisTunfunction.AdvancedConfigurationN/A Click the Edit button to specify the Advanced Configuration setting for theOpenVPNserver.Ifthebuttonisclicked,AdvancedConfigurationwillbedisplayedbelow.Tunnel TheboxisuncheckedbydefaultCheckthe Enable boxtoactivate thisOpenVPNtunnel.Save N/A Click Savetosavethesettings.Undo N/A Click Undo tocancelthechanges.Back N/A ClickBack toreturntolastpage. 
M2MCellularGateway 142 WhenAdvancedConfigurationisselected,anOpenVPNClientAdvancedConfigurationscreenwillappear.OpenVPNAdvancedClientConfigurationItem Valuesetting DescriptionTLSCipher 1.AMustfilledsetting.2.TLS‐RSA‐WITH‐AES128‐SHAisselectedbydefaultSpecifytheTLS Cipher from thedropdownlist.ItcanbeNone/TLS‐RSA‐WITH‐RC4‐MD5/TLS‐RSA‐WITH‐AES128‐SHA/TLS‐RSA‐WITH‐AES256‐SHA / TLS‐DHE‐DSS‐AES128‐SHA / TLS‐DHE‐DSS‐AES256‐SHA.Note: TLS Cipher will be available only when TLS is chosen in AuthorizationMode.TLSAuth.Key 1.AnOptionalsetting.2.Stringformat:anytextSpecifytheTLSAuth.Key forconnectingtoanOpenVPNserver,iftheserverrequiredit.Note:TLSAuth.KeywillbeavailableonlywhenTLSischoseninAuthorizationMode.
M2MCellularGateway 143 UserName AnOptionalsetting. Enter the User account for connecting to an OpenVPN server, if the serverrequiredit.Note:UserNamewillbeavailableonlywhenTLSischoseninAuthorizationMode.Password AnOptionalsetting. Enter the Password forconnectingtoanOpenVPNserver,iftheserverrequiredit.Note:UserNamewillbeavailableonlywhenTLSischoseninAuthorizationMode.BridgeTAPto BydefaultVLAN1isselectedSpecifythe settingof“BridgeTAPto” tobridgetheTAPinterfacetoacertainlocalnetworkinterfaceorVLAN.Note: Bridge TAP to will be available only when TAP is chosen in TunnelScenarioandNATisunchecked.FirewallProtection Theboxisuncheckedbydefault.Checktheboxtoactivatethe FirewallProtectionfunction.Note:FirewallProtectionwillbeavailableonlywhenNATisenabled.ClientIPAddress BydefaultDynamicIPisselectedSpecifythe virtualIPAddress fortheOpenVPNClient.ItcanbeDynamicIP/StaticIP.TunnelMTU 1.AMustfilledsetting2.Thevalueis1500bydefaultSpecifythevalueofTunnelMTU.ValueRange:0~1500.TunnelUDPFragmentThevalueis1500bydefaultSpecifythevalueofTunnelUDPFragment.ValueRange:0~1500.Note: Tunnel UDP Fragment will be available only when UDP is chosen inProtocol.TunnelUDPMSS‐FixTheboxisuncheckedbydefault.ChecktheEnable boxto activate theTunnelUDPMSS‐Fixfunction.Note: Tunnel UDP MSS‐Fix will be available only when UDP is chosen inProtocol.nsCerTypeVerificationTheboxisuncheckedbydefault.ChecktheEnable boxtoactivatethensCerTypeVerificationfunction.Note: nsCerType Verification will be available only when TLS is chosen inAuthorizationMode.TLSRenegotiationTime(seconds)Thevalueis3600bydefaultSpecifythetimeintervalofTLSRenegotiationTime.ValueRange:‐1~86400.ConnectionRetry(seconds)Thevalueis‐1bydefault SpecifythetimeintervalofConnectionRetry.Thedefault‐1meansthatitisnoneedtoexecuteconnectionretry.ValueRange:‐1~86400,and‐1meansnoretryisrequired.DNS BydefaultAutomaticallyisselectedSpecifythe settingofDNS.ItcanbeAutomatically/Manually.AdditionalConfigurationAnOptionalsetting. Enteroptionalconfigurationstringhere.Upto256charactersisallowable.ValueRange:0~256characters.Save N/A Click Savetosavethesettings.Undo N/A Click Undo tocancelthechanges.Back N/A ClickBack toreturntolastpage.
M2MCellularGateway 144 5.1.3L2TPLayer2TunnelingProtocol(L2TP)isatunnelingprotocolusedtosupportvirtualprivatenetworks(VPNs)oraspartofthedeliveryofservicesbyISPs.Itdoesnotprovideanyencryptionorconfidentialitybyitself.Rather,itrelies on an encryption protocol that it passes within the tunnel to provide privacy. This Gateway can onlybehaveasaL2TPclientforaL2TPVPNtunel.L2TPClient:ItcanbemobileusersorgatewaysinremoteofficeswithdynamicIP.Tosetuptunnel,itshouldget“username”,“password”andserver’sglobalIP.Inaddition,itisrequiredtoidentifytheoperationmodefor each tunnel as main connection, failover for another tunnel, or load balance tunnel to increase overallbandwidth.Itneedstodecide“DefaultGateway”or“RemoteSubnet”forpacketflow.Moreover,youcanalsodefine what kind of traffics will pass through the L2TP tunnel in the “Default Gateway / Remote Subnet”parameter.Besides, for the L2TP client peer, a RemoteSubnetitemisrequired.ItisfortheIntranetofL2TP server peer. So, at L2TP client peer, thepackets whose destination is in the dedicatedsubnetwillbetransferredviatheL2TPtunnel.Others will be transferred based on currentrouting policy of the gateway at L2TP clientpeer. But, if you entered 0.0.0.0/0 in theRemote Subnet field, it will be treated as a"DefaultGateway"settingfortheL2TPclientpeer, all packets, including the InternetaccessingofL2TPclientpeer,willgothroughthe established L2TP tunnel. That means the
M2MCellularGateway 145 remoteL2TPserverpeercontrolstheflowofanypacketsfromtheL2TPclientpeer.Certainly,thosepacketscomethroughtheL2TPtunnel.L2TPSettingGotoSecurity>VPN>L2TPtab.TheL2TPsettingallowsusertocreateandconfigureL2TPtunnels.EnableL2TPEnableL2TPWindowItem Valuesetting DescriptionL2TP Uncheckedbydefault ClicktheEnableboxtoactivateL2TPfunction.Client AMustfilledsetting SpecifytheroleofL2TP.OnlyClientroleisavailableforthisgateway.BelowaretheconfigurationwindowsforL2TPClient.Save N/A ClickSavebuttontosavethesettingsAsaL2TPClientL2TPClientConfigurationItemSetting Valuesetting DescriptionL2TPClient Theboxisuncheckedbydefault ChecktheEnableboxtoenableL2TPclientroleofthegateway.Save N/A ClickSavebuttontosavethesettings.Undo N/A ClickUndobuttontocancelthesettings.
M2MCellularGateway 146  
M2MCellularGateway 147 Create/EditL2TPClientWhen Add/Editbuttonisapplied,aseriesofconfigurationscreenwillappear.Youcanaddupto8L2TPClients.L2TPClientConfigurationItemSetting Valuesetting DescriptionTunnelName AMustfilledsetting Enteratunnelname.Enteranamethatiseasyforyoutoidentify.ValueRange:1~32characters.Interface AMustfilledsetting DefinetheselectedinterfacetobetheusedforthisL2TPtunnel(WAN‐1isavailableonlywhenWAN‐1interfaceisenabled)
M2MCellularGateway 148 ThesameappliestootherWANinterfaces(e.g.WAN‐2).OperationMode1.AMustfilledsetting2.AlwasyonisselectedbydefaultDefineoperationmodefortheL2TPTunnel.ItcanbeAlwaysOn,orFailover.Ifthistunnelissetasafailovertunnel,youneedtofurtherselectaprimarytunnelfromwhichtofailoverto.Note:FailovermodeisnotavailableforthegatewaywithsingleWAN.L2TPoverIPSec TheboxisuncheckedbydefaultChecktheEnableboxtoactivateL2TPoverIPSec,andfurtherspecifyaPre‐sharedKey(8~32characters).RemoteLNSIP/FQDN AMustfilledsetting EnterthepublicIPaddressortheFQDNoftheL2TPserver.RemoteLNSPort1.AMustfilledsetting2.1701issetbydefaultEntertheRemoteLNSPortforthisL2TPtunnel.ValueRange:1~65535.UserName AMustfilledsettingEntertheUserNameforthisL2TPtunneltobeauthenticatedwhenconnecttoL2TPserver.ValueRange:1~32characters.Password AMustfilledsetting EnterthePasswordforthisL2TPtunneltobeauthenticatedwhenconnecttoL2TPserver.TunnelingPassword(Optional)Theboxisuncheckedbydefault EntertheTunnelingPasswordforthisL2TPtunneltoauthenticate.RemoteSubnet AMustfilledsettingSpecifytheremotesubnetforthisL2TPtunneltoreachL2TPserver.TheRemoteSubnetformatmustbeIPaddress/netmask(e.g.10.0.0.2/24).ItisfortheIntranetofL2TPVPNserver.So,atL2TPclientpeer,thepacketswhosedestinationisinthededicatedsubnetwillbetransferredviatheL2TPVPNtunnel.OtherswillbetransferredbasedoncurrentroutingpolicyofthesecuritygatewayatL2TPclientpeer.Ifyouentered0.0.0.0/0intheRemoteSubnetfield,itwillbetreatedasadefaultgatewaysettingfortheL2TPclientpeer,allpackets,includingtheInternetaccessingofL2TPClientpeer,willgothroughtheestablishedL2TPVPNtunnel.ThatmeanstheremoteL2TPVPNservercontrolstheflowofanypacketsfromtheL2TPclientpeer.Certainly,thosepacketscomethroughtheL2TPVPNtunnel.AuthenticationProtocol1.AMustfilledsetting2.UncheckedbydefaultSpecifyoneoremultipleAuthenticationProtocolforthisL2TPtunnel.AvailableauthenticationmethodsarePAP/CHAP/MS‐CHAP/MS‐CHAPv2.MPPEEncryption1.Uncheckedbydefault2.anoptionalsettingSpecifywhetherL2TPserversupportsMPPEProtocol.ClicktheEnableboxtoenableMPPE.Note:whenMPPEEncryptionisenabled,theAuthenticationProtocolPAP/CHAPoptionswillnotbeavailable.LCPEchoType1.AutoissetbydefaultSpecifytheLCPEchoTypeforthisL2TPtunnel.ItcanbeAuto,User‐defined,orDisable.Auto:thesystemsetstheIntervalandMax.FailureTime.User‐defined:entertheIntervalandMax.FailureTime.ThedefaultvalueforIntervalis30seconds,andMaximumFailureTimesis6Times.Disable:disabletheLCPEcho.ValueRange:1~99999forIntervalTime,1~999forFailureTime.ServicePort AMustfilledsetting SpecifytheServicePortforthisL2TPtunneltouse.ItcanbeAuto,(1701)for
M2MCellularGateway 149 Cisco),orUser‐defined.Auto:Thesystemdeterminestheserviceport.1701(forCisco):Thesystemuseport1701forconnectingwithCISCOL2TPServer.User‐defined:Entertheserviceport.Thedefaultvalueis0.ValueRange:0~65535.Tunnel Uncheckedbydefault ChecktheEnableboxtoenablethisL2TPtunnel.Save N/A ClickSavebuttontosavethesettings.Undo N/A ClickUndobuttontocancelthesettings. 
M2MCellularGateway 150 5.1.4PPTPPoint‐to‐PointTunnelingProtocol(PPTP)isamethodforimplementingvirtualprivatenetworks.PPTPusesacontrolchanneloverTCPandaGREtunneloperatingtoencapsulatePPPpackets.Itisaclient‐serverbasedtechnology.TherearevariouslevelsofauthenticationandencryptionforPPTPtunneling,usuallynativelyasstandardfeaturesoftheWindowsPPTPstack.Thesecuritygatewaycanonlyplay"PPTPClient"roleforaPPTPVPNtunnel.PPTPtunnelprocessisnearlythesameasL2TP.PPTPClient:ItcanbemobileusersorgatewaysinremoteofficeswithdynamicIP.Tosetuptunnel,itshouldget“username”,“password”andserver’sglobalIP.Inaddition,itisrequiredtoidentifytheoperationmodefor each tunnel as main connection, failover for another tunnel, or load balance tunnel to increase overallbandwidth.Itneedstodecide“DefaultGateway”or“RemoteSubnet”forpacketflow.Moreover,youcanalsodefine what kind of traffics will pass through the PPTP tunnel in the “Default Gateway / Remote Subnet”parameter.Besides,forthePPTPclientpeer,aRemoteSubnetitemisrequired.ItisfortheIntranetofPPTP server peer. So, at PPTP client peer, thepackets whose destination is in the dedicatedsubnetwillbetransferred via thePPTPtunnel.Others will be transferred based on currentrouting policy of the gateway at PPTP clientpeer. But, if you entered 0.0.0.0/0 in theRemote Subnet field, it will be treated as a"DefaultGateway"settingforthePPTPclientpeer, all packets, including the Internet
M2MCellularGateway 151 accessingofPPTPclientpeer,willgothroughtheestablishedPPTPtunnel.ThatmeanstheremotePPTPserverpeercontrolstheflowofanypacketsfromthePPTPclientpeer.Certainly,thosepacketscomethroughthePPTPtunnel.PPTPSettingGotoSecurity>VPN>PPTPtab.ThePPTPsettingallowsusertocreateandconfigurePPTPtunnels.EnablePPTPEnablePPTPWindowItem Valuesetting DescriptionPPTP Uncheckedbydefault ClicktheEnableboxtoactivatePPTPfunction.Client AMustfillsetting SpecifytheroleofPPTP.OnlyClientroleisavailableforthisgateway.BelowaretheconfigurationwindowsforPPTPClient.Save N/A ClickSavebuttontosavethesettings.AsaPPTPClientPPTPClientConfigurationItem Valuesetting DescriptionPPTPClient Uncheckedbydefault ChecktheEnableboxtoenablePPTPclientroleofthegateway.Save N/A ClickSavebuttontosavethesettings.Undo N/A ClickUndobuttontocancelthesettings.
M2MCellularGateway 152 Create/EditPPTPClientWhenAdd/Editbuttonisapplied,aseriesPPTPClientConfigurationwillappear.PPTPClientConfigurationWindowItem Valuesetting DescriptionTunnelName AMustfillsetting Enteratunnelname.Enteranamethatiseasyforyoutoidentify.ValueRange:1~32characters.Interface1.AMustfillsetting2.WAN1isselectedbydefaultDefinetheselectedinterfacetobetheusedforthisPPTPtunnel(WAN‐1isavailableonlywhenWAN‐1interfaceisenabled)ThesameappliestootherWANinterfaces(e.g.WAN‐2).OperationMode1.AMustfillsetting2.AlwasyonisselectedbydefaultDefineoperationmodeforthePPTPTunnel.ItcanbeAlwaysOn,orFailover.Ifthistunnelissetasafailovertunnel,youneedtofurtherselectaprimarytunnelfromwhichtofailoverto.Note:FailovermodeisnotavailableforthegatewaywithsingleWAN.
M2MCellularGateway 153 RemoteIP/FQDN1.AMustfillsetting.2.Formatcanbeaipv4addressorFQDNEnterthepublicIPaddressortheFQDNofthePPTPserver.UserNameAMustfillsetting EntertheUserNameforthisPPTPtunneltobeauthenticatedwhenconnecttoPPTPserver.ValueRange:1~32characters.Password AMustfillsetting EnterthePasswordforthisPPTPtunneltobeauthenticatedwhenconnecttoPPTPserver.RemoteSubnetAMustfillsetting SpecifytheremotesubnetforthisPPTPtunneltoreachPPTPserver.TheRemoteSubnetformatmustbeIPaddress/netmask(e.g.10.0.0.2/24).ItisfortheIntranetofPPTPVPNserver.So,atPPTPclientpeer,thepacketswhosedestinationisinthededicatedsubnetwillbetransferredviathePPTPVPNtunnel.OtherswillbetransferredbasedoncurrentroutingpolicyofthesecuritygatewayatPPTPclientpeer.Ifyouentered0.0.0.0/0intheRemoteSubnetfield,itwillbetreatedasadefaultgatewaysettingforthePPTPclientpeer,allpackets,includingtheInternetaccessingofPPTPClientpeer,willgothroughtheestablishedPPTPVPNtunnel.ThatmeanstheremotePPTPVPNservercontrolstheflowofanypacketsfromthePPTPclientpeer.Certainly,thosepacketscomethroughthePPTPVPNtunnel.AuthenticationProtocol1.AMustfillsetting2.UncheckedbydefaultSpecifyoneoremultipleAuthenticationProtocolforthisPPTPtunnel.AvailableauthenticationmethodsarePAP/CHAP/MS‐CHAP/MS‐CHAPv2.MPPEEncryption1.Uncheckedbydefault2.anoptionalsettingSpecifywhetherPPTPserversupportsMPPEProtocol.ClicktheEnableboxtoenableMPPE.Note:whenMPPEEncryptionisenabled,theAuthenticationProtocolPAP/CHAPoptionswillnotbeavailable.LCPEchoTypeAutoissetbydefaultSpecifytheLCPEchoTypeforthisPPTPtunnel.ItcanbeAuto,User‐defined,orDisable.Auto:thesystemsetstheIntervalandMax.FailureTime.User‐defined:entertheIntervalandMax.FailureTime.ThedefaultvalueforIntervalis30seconds,andMaximumFailureTimesis6Times.Disable:disabletheLCPEcho.ValueRange:1~99999forIntervalTime,1~999forFailureTime.Tunnel Uncheckedbydefault ChecktheEnableboxtoenablethisPPTPtunnel.Save N/A ClickSavebuttontosavethesettings.Undo N/A ClickUndobuttontocancelthesettings.Back N/A ClickBackbuttontoreturntothepreviouspage.
M2MCellularGateway 154 5.1.5GREGenericRoutingEncapsulation(GRE)isatunnelingprotocoldevelopedbyCiscoSystemsthatencapsulatesawide variety of network layer protocols inside virtual point‐to‐point links over an Internet Protocolinternetwork.DeployaM2MgatewayforremotesiteandestablishavirtualprivatenetworkwithcontrolcenterbyusingGRE tunneling. So, all client hosts behind M2M gateway can make data communication with server hostsbehindcontrolcentergateway.GRETunnelingissimilartoIPSecTunneling,clientrequestingthetunnelestablishmentwiththeserver.BoththeclientandtheservermusthaveaStaticIPoraFQDN.Anypeergatewaycanbeworkedaseitheraclientoraserver,evenusingthesamesetofconfigurationrule.GRETunnelScenarioTo setup a GRE tunnel, each peer needs tosetup its global IP as tunnel IP and fill in theother'sglobalIPasremoteIP.Besides, each peer must further specify theRemote Subnet item. It is for the Intranet ofGREserverpeer.So,atGREclientpeer,thepackets whose destination is in the dedicatedsubnet will be transferred via the GRE tunnel.Others will be transferred based on currentroutingpolicyofthegatewayatGREclientpeer.But, if you entered 0.0.0.0/0 in the RemoteSubnet field, it will be treated as a "DefaultGateway"settingfortheGREclientpeer,allpackets,includingtheInternetaccessingofGREclientpeer,willgothroughtheestablishedGREtunnel.Thatmeansthe remoteGREserverpeercontrolsthe flowofanypacketsfromtheGREclientpeer.Certainly,thosepacketscomethroughtheGREtunnel.
M2MCellularGateway 155 IftheGREserversupportsDMVPNHubfunction,likeCiscorouterastheVPNconcentrator,theGREclientcanactivetheDMVPNspokefunctionheresinceitisimplementedbyGREoverIPSectunneling.GRESettingGotoSecurity>VPN>GREtab.TheGREsettingallowsusertocreateandconfigureGREtunnels.EnableGREEnableGREWindowItem Valuesetting DescriptionGRETunnel Uncheckedbydefault ClicktheEnableboxtoenableGREfunction.Max.ConcurrentGRETunnelsDependsonProductspecification.ThespecifiedvaluewilllimitthemaximumnumberofsimultaneousGREtunnelconnection.Thedefaultvaluecanbedifferentforthepurchasedmodel.Save N/A ClickSavebuttontosavethesettingsUndo N/A ClickUndobuttontocancelthesettingsCreate/EditGREtunnelWhenAdd/Editbuttonisapplied,aGRERuleConfigurationscreenwillappear.
M2MCellularGateway 156 GRERuleConfigurationWindowItem Valuesetting DescriptionTunnelName AMustfillsetting Enteratunnelname.Enteranamethatiseasyforyoutoidentify.ValueRange:1~9characters.Interface1.AMustfillsetting2.WAN1isselectedbydefaultSelecttheinterfaceonwhichGREtunnelistobeestablished.ItcanbetheavailableWANandLANinterfaces.OperationMode1.AMustfillsetting2.AlwayonisselectedbydefaultDefineoperationmodefortheGRETunnel.ItcanbeAlwaysOn,orFailover.Ifthistunnelissetasafailovertunnel,youneedtofurtherselectaprimarytunnelfromwhichtofailoverto.Note:FailovermodeisnotavailableforthegatewaywithsingleWAN.TunnelIP AnOptionalsetting EntertheTunnelIPaddressandcorrespondingsubnetmask.RemoteIP AMustfillsetting EntertheRemoteIPaddressofremoteGREtunnelgateway.NormallythisisthepublicIPaddressoftheremoteGREgateway.MTU1.AMustfilledsetting2.Auto(valuezero)issetbydefault MTUreferstoMaximumTransmissionUnit.ItspecifiesthelargestpacketsizepermittedforInternettransmission.WhensettoAuto(value‘0’),therouterselectsthebestMTUforbestInternet
M2MCellularGateway 157 connectionperformance.ValueRange:0~1500.Key AnOptionalsetting EntertheKeyfortheGREconnection.ValueRange:0~9999999999.TTL 1.AMustfillsetting2.1to255rangeSpecifyTTLhop‐countvalueforthisGREtunnel.ValueRange:1~255.Keepalive1.Uncheckedbydefault2.5sissetbydefaultChecktheEnableboxtoenableKeepalivefunction.SelectPingIPtokeepliveandentertheIPaddresstoping.Enterthepingtimeintervalinseconds.ValueRange:5~999seconds.RemoteSubnet AMustfillsettingSpecifytheremotesubnetforthisGREtunnel.TheRemoteSubnetformatmustbeIPaddress/netmask(e.g.10.0.0.2/24).ItisfortheIntranetofGREserverpeer.So,atGREclientpeer,thepacketswhosedestinationisinthededicatedsubnetwillbetransferredviatheGREtunnel.OtherswillbetransferredbasedoncurrentroutingpolicyofthesecuritygatewayatGREclientpeer.Ifyouentered0.0.0.0/0intheRemoteSubnetfield,itwillbetreatedasadefaultgatewaysettingfortheGREclientpeer,allpackets,includingtheInternetaccessingofGREclientpeer,willgothroughtheestablishedGREtunnel.ThatmeanstheremoteGREserverpeercontrolstheflowofanypacketsfromtheGREclientpeer.Certainly,thosepacketscomethroughtheGREtunnel.DMVPNSpoke Uncheckedbydefault SpecifywhetherthegatewaywillsupportDMVPNSpokeforthisGREtunnel.CheckEnableboxtoenableDMVPNSpoke.IPSecPre‐sharedKey AMustfillsetting EnteraDMVPNspokeauthenticationPre‐sharedKey(8~32characters).Note:Pre‐sharedKeyisavailableonlywhenDMVPNSpokeisenabled.IPSecNATTraversal Uncheckedbydefault CheckEnableboxtoenableNAT‐Traversal.Note:IPSecNATTraversalwillnotbeavailablewhenDMVPNisnotenabled.IPSecEncapsulationMode UncheckedbydefaultSpecifyIPSecEncapsulationModefromthedropdownbox.ThereareTransportmodeandTunnelmodesupported.Note:IPSecEncapsulationModewillnotbeavailablewhenDMVPNisnotenabled.Tunnel Uncheckedbydefault CheckEnableboxtoenablethisGREtunnel.Save N/A ClickSavebuttontosavethesettings.Undo N/A ClickUndobuttontocancelthesettings.Back N/A ClickBackbuttontoreturntothepreviouspage.
M2MCellularGateway 158 5.2FirewallThe firewall functions include Packet Filter, URL Blocking, Content Filter, MAC Control, Application Filter, IPSandsomefirewalloptions.Thesupportedfunctioncanbedifferentforthepurchasedgateway.5.2.1PacketFilter
M2MCellularGateway 159 "PacketFilter"functioncanletyoudefinesomefilteringrules for incoming and outgoing packets. So thegatewaycancontrolwhatpacketsareallowedorblockedtopassthroughit.Apacketfilterruleshouldindicatefromandtowhichinterfacethepacketentersandleavesthegateway,thesourceanddestinationIPaddresses,anddestinationserviceporttypeandportnumber.Inaddition,thetimescheduletowhichtherulewillbeactive.PacketFilterwithWhiteListScenarioAsshowninthediagram,specify"PacketFilterRuleList"aswhitelist(Allow those match the followingrules) and define the rules. Rule‐1 is to allow HTTPpacketstopass,andRule‐2istoallowHTTPSpacketstopass.Undersuchconfiguration,thegatewaywillallowonlyHTTPandHTTPSpackets,issuedfromtheIPrange192.168.123.200 to 250, which are targeted to TCPport80or443topasstheWANinterface.PacketFilterSettingGotoSecurity>Firewall>PacketFilterTab.Thepacketfiltersettingallowsusertocreateandcustomizepacketfilterpoliciestoallowor rejectspecificinbound/outboundpacketsthroughtherouterbasedontheirofficesetting.EnablePacketFilterConfigurationWindowItemName Valuesetting DescriptionPacketFilter Theboxisuncheckedby ChecktheEnableboxtoactivatePacketFilterfunction
M2MCellularGateway 160 defaultBlackList/WhiteListDenythosematchthefollowingrulesissetbydefaultWhenDenythosematchthefollowingrulesisselected,asthenamesuggest,packetsspecifiedintheruleswillbeblocked–blacklisted.Incontrast,withAllowthosematchthefollowingrules,youcanspecificallywhitelistthepacketstopassandtherestwillbeblocked.LogAlert Theboxisuncheckedbydefault ChecktheEnableboxtoactivateEventLog.Save N/A ClickSavetosavethesettingsUndo N/A ClickUndotocancelthesettingsCreate/EditPacketFilterRulesThegatewayallowsyoutocustomizeyourpacketfilteringrules.Itsupportsuptoamaximumof20filterrulesets.WhenAddbuttonisapplied,PacketFilterRuleConfigurationscreenwillappear.PacketFilterRuleConfigurationItemName Valuesetting DescriptionRuleName 1.Stringformatcanbe Enterapacketfilterrulename.Enteranamethatiseasyforyoutoremember.
M2MCellularGateway 161 anytext2.AMustfilledsettingValueRange:1~30characters.FromInterface1.AMustfilledsetting2.BydefaultAnyisselectedDefinetheselectedinterfacetobethepacket‐enteringinterfaceoftherouter.IfthepacketstobefilteredarecomingfromLANtoWANthenselectLANforthisfield.OrVLAN‐1toWANthenselectVLAN‐1forthisfield.OtherexamplesareVLAN‐1toVLAN‐2.VLAN‐1toWAN.SelectAnytofilterpacketscomingintotherouterfromanyinterfaces.Pleasenotethattwoidenticalinterfacesarenotacceptedbytherouter.e.g.,VLAN‐1toVLAN‐1.ToInterface1.AMustfilledsetting2.BydefaultAnyisselectedDefinetheselectedinterfacetobethepacket‐leavinginterfaceoftherouter.IfthepacketstobefilteredareenteringfromLANtoWANthenselectWANforthisfield.OrVLAN‐1toWANthenselectWANforthisfield.OtherexamplesareVLAN‐1toVLAN‐2.VLAN‐1toWAN.SelectAnytofilterpacketsleavingtherouterfromanyinterfaces.Pleasenotethattwoidenticalinterfacesarenotacceptedbytherouter.e.g.,VLAN‐1toVLAN‐1.SourceIP1.AMustfilledsetting2.BydefaultAnyisselectedThisfieldistospecifytheSourceIPaddress.SelectAnytofilterpacketscomingfromanyIPaddresses.SelectSpecificIPAddresstofilterpacketscomingfromanIPaddress.SelectIPRangetofilterpacketscomingfromaspecifiedrangeofIPaddress.DestinationIP1.AMustfilledsetting2.BydefaultAnyisselectedThisfieldistospecifytheDestinationIPaddress.SelectAnytofilterpacketsthatareenteringtoanyIPaddresses.SelectSpecificIPAddresstofilterpacketsenteringtoanIPaddressenteredinthisfield.SelectIPRangetofilterpacketsenteringtoaspecifiedrangeofIPaddressenteredinthisfield.SourceMAC1.AMustfilledsetting2.BydefaultAnyisselectedThisfieldistospecifytheSourceMACaddress.SelectAnytofilterpacketscomingfromanyMACaddresses.SelectSpecificMACAddresstofilterpacketscomingfromaMACaddress.Protocol1.AMustfilledsetting2.BydefaultAny(0)isselectedForProtocol,selectAnytofilteranyprotocolpacketsThenforSourcePort,selectapredefinedportdropdownboxwhenWell‐knownServiceisselected,otherwiseselectUser‐definedServiceandspecifyaportrange.ThenforDestinationPort,selectapredefinedportdropdownboxwhenWell‐knownServiceisselected,otherwiseselectUser‐definedServiceandspecifyaportrange.ValueRange:1~65535forSourcePort,DestinationPort.ForProtocol,selectICMPv4tofilterICMPv4packetsForProtocol,selectTCPtofilterTCPpacketsThenforSourcePort,selectapredefinedportdropdownboxwhenWell‐knownServiceisselected,otherwiseselectUser‐definedServiceandspecifyaportrange.ThenforDestinationPort,selectapredefinedportdropdownboxwhenWell‐knownServiceisselected,otherwiseselectUser‐definedServiceandspecifyaportrange.ValueRange:1~65535forSourcePort,DestinationPort.
M2MCellularGateway 162 ForProtocol,selectUDPtofilterUDPpacketsThenforSourcePort,selectapredefinedportdropdownboxwhenWell‐knownServiceisselected,otherwiseselectUser‐definedServiceandspecifyaportrange.ThenforDestinationPort,selectapredefinedportdropdownboxwhenWell‐knownServiceisselected,otherwiseselectUser‐definedServiceandspecifyaportrange.ValueRange:1~65535forSourcePort,DestinationPort.ForProtocol,selectGREtofilterGREpacketsForProtocol,selectESPtofilterESPpacketsForProtocol,selectSCTPtofilterSCTPpacketsForProtocol,selectUser‐definedtofilterpacketswithspecifiedportnumber.ThenenterapotnumberinProtocolNumberbox.TimeSchedule AMustfilledsettingApplyTimeScheduletothisrule,otherwiseleaveitasAlways.IfthedropdownlistisemptyensureTimeScheduleispre‐configured.RefertoObjectDefinition>Scheduling>Configurationtab.Rule Theboxisuncheckedbydefault. ClickEnableboxtoactivatethisrulethensavethesettings.Save N/A ClickSavetosavethesettingsUndo N/A ClickUndotocancelthesettingsBack N/A WhentheBackbuttonisclickedthescreenwillreturntothePacketFilterConfigurationpage. 
M2MCellularGateway 163 5.2.2URLBlocking"URLBlocking"functioncanletyoudefineblockingorallowingrulesforincomingandoutgoingWebrequestpackets. With defined rules, gateway can control the Web requests containing the complete URL, partialdomainname,orpre‐definedkeywords.Forexample,onecanfilteroutorallowonlytheWebrequestsbasedondomaininputsuffixeslike.comor.orgorkeywordslike“bct”or“mpe”.AnURLblockingruleshouldspecifytheURL,partialdomainname,orincludedkeywordsintheWebrequestsfromandtothegatewayandalsothedestinationserviceport.Besides,acertaintimeschedulecanbeappliedtoactivatetheURLBlockingrulesduringpre‐definedtimeinterval(s).The gateway will logs and displays the disallowed web accessing requests that matched the defined URLblockingruleintheblack‐listorintheexclusionofthewhite‐list.Whenyouchoose"Allowalltopassexceptthosematchthefollowingrules"forthe"URLBlockingRuleList",youaresettingthedefinedURLblockingrulestobelongtotheblacklist.Thepackets,listedintherulelist,willbe blocked if one pattern in the requests matches to one rule. Other Web requests can pass through thegateway.Incontrast,whenyouchoose"Denyalltopassexceptthosematchthefollowingrules"forthe"URLBlockingRuleList",youaresettingthedefinedpacketfiltering rules to belong to the white list. The Webrequests, listed in the rule, will be allowed if one pattern in the requests matches to one rule. Other Webrequestswillbeblocked.URLBlockingRulewithBlackListWhentheadministratorofthegatewaywantstoblock the Web requests with some dedicatedpatterns,hecanusethe"URLBlocking"functionto block specific Web requests by defining theblack listas shownin abovediagram.Certainly,whentheadministratorwantstoallowonlytheWeb requests with some dedicated patterns togo through the gateway, he can also use the"URL Blocking" function by defining the whitelisttomeettherequirement.As shown in the diagram, enable the URLblocking function and create the first rule todenytheWebrequestswith"sex"or"sexygirl"patternsandthe other to deny the Web requests with"playboy"patterntogothroughthegateway.Systemwillblockthe Web requests with "sex", "sexygirl" or"playboy"patternstopassthroughthegateway. 
M2MCellularGateway 164 URLBlockingSettingGotoSecurity>Firewall>URLBlockingTab.In"URL Blocking"page,therearethree configurationwindows.Theyare the"Configuration"window,"URLBlockingRuleList"window,and"URLBlockingRuleConfiguration"window.The"Configuration"windowcanletyouactivatetheURLblockingfunctionandspecifytoblacklistingortowhitelistingthepacketsdefinedinthe"URLBlockingRuleList"entry.Inaddition,logalertingcanbeenabledtorecordon‐goingeventsforanydisallowedWebrequestpackets.Referto"SystemStatus"in"6.1.1SystemRelated"sectioninthisusermanualforhowtoviewrecordedlog.The"URLBlockingRuleList"windowlistsallyourdefinedURLblocking rule entry. And finally, the "URLBlockingRuleConfiguration"windowcanletyoudefineURLblockingrules.Theparametersinaruleincludetherulename,theSourceIPorMAC,theURL/DomainName/Keyword,thedestinationserviceports,theintegratedtimescheduleruleandtheruleactivation.EnableURLBlockingConfigurationItem Valuesetting DescriptionURLBlocking TheboxisuncheckedbydefaultChecktheEnable boxtoactivateURLBlockingfunction.BlackList/WhiteListDenythosematchthefollowingrulesissetbydefaultSpecifytheURLBlockingPolicy,eitherBlackListorWhiteList.BlackList:WhenDenythosematchthefollowingrulesisselected,asthenamesuggest,thematchedWebrequestpacketswillbeblocked.WhiteList:WhenAllowthosematchthefollowingrulesisselected,thematchedWebrequestpacketscanpassthroughtheGateway,andtheothersthatdon’tmatchtheruleswillbeblocked.LogAlert TheboxisuncheckedbydefaultChecktheEnable boxtoactivateEventLog.Save NA ClickSave buttontosavethesettingsUndo NA ClickUndo buttontocancelthesettingsCreate/EditURLBlockingRulesTheGatewaysupportsuptoamaximumof20URLblockingrulesets.EnsurethattheURLBlockingisenabledbeforewecancreateblockingrules.
M2MCellularGateway 165 WhenAddbuttonisapplied,theURLBlockingRuleConfigurationscreenwillappear.URLBlockingRulesConfigurationItem Valuesetting DescriptionRuleName1.Stringformatcanbeanytext2.AMustfilledsettingSpecifyanURLBlocking rulename.Enteranamethatiseasyforyoutounderstand.SourceIP1. AMustfilledsetting2. AnyissetbydefaultThisfieldistospecifytheSourceIPaddress. SelectAnytofilterpacketscomingfromanyIPaddresses. SelectSpecificIPAddresstofilterpacketscomingfromanIPaddressenteredinthisfield. SelectIPRangetofilterpacketscomingfromaspecifiedrangeofIPaddressenteredinthisfield.SourceMAC1. AMustfilledsetting2. AnyissetbydefaultThisfieldistospecifytheSourceMAC address. SelectAnytofilterpacketscomingfromanyMACaddresses. SelectSpecificMACAddresstofilterpacketscomingfromaMACaddressenteredinthisfield.URL/DomainName/Keyword1.AMustfilledsetting2.Supportsuptoamaximumof10Keywordsinarulebyusingthedelimiter“;”.SpecifyURL,DomainName,orKeywordlistforURLchecking. IntheBlackListmode,ifamatchedruleisfound,thepacketswillbedropped. IntheWhiteListmode,ifamatchedruleisfound,thepacketswillbeacceptedandtheotherswhichdon’tmatchanyrulewillbedropped.DestinationPort1. AMustfilledsetting2. AnyissetbydefaultThisfieldistospecifytheDestinationPortnumber. SelectAnytofilterpacketsgoingtoanyPort. SelectSpecificServicePorttofilterpacketsgoingtoaspecificPortenteredinthisfield. SelectPortRangetofilterpacketsgoingtoaspecificrangeofPortsenteredinthisfield.Time AMustfilledsetting ApplyaspecificTimeScheduletothisrule;otherwiseleaveitas(0)Always.IfthedropdownlistisemptyensureTimeScheduleispre‐configured.RefertoObject
M2MCellularGateway 166 ScheduleRule Definition>Scheduling>Configuration tab.Rule Theboxisuncheckedbydefault.ClicktheEnableboxtoactivatethisrule.Save NA ClicktheSave buttontosavethesettings.Undo NA ClicktheUndo buttontocancelthechanges.Back NAClicktheBackbuttontoreturntotheURLBlockingConfigurationpage. 
M2MCellularGateway 167 5.2.3MACControl"MAC Control" function allows you to assign the accessibility to the gateway for different users based ondevice’s MAC address. When the administrator wants to reject the traffics from some client hosts with specific MAC addresses, he can use the "MAC Control" function to reject with the black list configuration.MACControlwithBlackListScenarioAsshown inthe diagram,enabletheMACcontrolfunctionandspecifythe"MACControlRuleList"isablacklist,andconfigureoneMACcontrolruleforthegatewayto denythe connectionrequestfromthe "JP NB" with its own MAC address20:6A:6A:6A:6A:6B.Systemwillblocktheconnectingfromthe"JPNB"tothegatewaybutallowothers.
M2MCellularGateway 168 MACControlSettingGotoSecurity>Firewall>MACControlTab.TheMACcontrolsettingallowsusertocreateandcustomizeMACaddresspoliciestoalloworrejectpacketswithspecificsourceMACaddress.EnableMACControlConfigurationWindowItem Valuesetting DescriptionMACControl Theboxisuncheckedbydefault ChecktheEnableboxtoactivatetheMACfilterfunctionBlackList/WhiteListDenyMACAddressBelowissetbydefaultWhenDenyMACAddressBelowisselected,asthenamesuggest,packetsspecifiedintheruleswillbeblocked–blacklisted.Incontrast,withAllowMACAddressBelow,youcanspecificallywhitelistthepacketstopassandtherestwillbeblocked.LogAlert Theboxisuncheckedbydefault ChecktheEnableboxtoactivatetoactivateEventLog.KnownMACfromLANPCList N/A SelectaMACAddressfromLANClientList.ClicktheCopytotocopytheselectedMACAddresstothefilterrule.Save N/A ClickSavetosavethesettingsUndo N/A ClickUndotocancelthesettings
M2MCellularGateway 169 Create/EditMACControlRulesThegatewaysupportsuptoamaximumof20filterrulesets.EnsurethattheMACControlisenabledbeforewecancreatecontrolrules.WhenAddbuttonisapplied,FilterRuleConfigurationscreenwillappear.MACControlRuleConfigurationItem Valuesetting DescriptionRuleName1.Stringformatcanbeanytext2.AMustfillsettingEnteraMACControlrulename.Enteranamethatiseasyforyoutoremember.MACAddress(Use:toCompose)1.MACAddressstringFormat2.AMustfillsettingSpecifytheSourceMACAddresstofilterrule.TimeSchedule AMustfillsettingApplyTimeScheduletothisrule;otherwiseleaveitas(0)Always.Ifthedropdownlistisempty,ensureTimeScheduleispre‐configured.RefertoObjectDefinition>Scheduling>ConfigurationtabEnable Theboxisuncheckedbydefault. ClickEnableboxtoactivatethisrule,andthensavethesettings.Save N/A ClickSavetosavethesettingsUndo N/A ClickUndotocancelthesettingsBack N/A ClickBacktoreturntotheMACControlConfigurationpage.
M2MCellularGateway 170 5.2.4ContentFilter(notsupported)Not supported feature for the purchased product, leave it as blank. 
M2MCellularGateway 171 5.2.5ApplicationFilter(notsupported)Not supported feature for the purchased product, leave it as blank. 
M2MCellularGateway 172 5.2.6IPSToprovideapplicationserversintheInternet,administratormayneedtoopenspecificportsfortheservices.However,therearesomeriskstoalwaysopenserviceportsintheInternet.Inordertoavoidsuchattackrisks,itisimportanttoenableIPSfunctions.Intrusion Prevention System (IPS) is network security appliancesthatmonitornetworkand/orsystemactivitiesformaliciousactivity.ThemainfunctionsofIPSaretoidentifymaliciousactivity,loginformationaboutthisactivity,attempttoblock/stopitandreportit.YoucanenabletheIPSfunctionandcheckthelistedintrusion activities when needed. You can also enable the log alerting so that system will record Intrusioneventswhencorrespondingintrusionsaredetected.IPSScenarioAsshowninthediagram,thegatewayservesasanE‐mailserver,WebServerandalsoprovides TCP port 8080 for remoteadministration. So, remote users or unknownuserscanrequestthoseservicesfromInternet.With IPS enabled, the gateway can detectincoming attack packets, including the TCPports(25,80,110,443and8080)withservices.It will block the attack packets and let thenormalaccesstopassthroughthegateway 
M2MCellularGateway 173 IPSSettingGotoSecurity>Firewall>IPSTab.TheIntrusionPreventionSystem(IPS)settingallowsusertocustomizeintrusionpreventionrulestopreventmaliciouspackets.EnableIPSFirewallConfigurationWindowItem Valuesetting DescriptionIPS Theboxisuncheckedbydefault ChecktheEnableboxtoactivateIPSfunctionLogAlert Theboxisuncheckedbydefault ChecktheEnableboxtoactivatetoactivateEventLog.Save N/A ClickSavetosavethesettingsUndo N/A ClickUndotocancelthesettingsSetupIntrusionPreventionRulesTherouterallowsyoutoselectintrusionpreventionrulesyoumaywanttoenable.EnsurethattheIPSisenabledbeforewecanenablethedefensefunction.
M2MCellularGateway 174 SetupIntrusionPreventionRulesItemName Valuesetting DescriptionSYNFloodDefense 1.AMustfilledsetting2.Theboxisuncheckedbydefault.3.Trafficthresholdissetto300bydefault4.Thevaluerangecanbefrom10to10000.ClickEnableboxtoactivatethisintrusionpreventionruleandenterthetrafficthresholdinthisfield.UDPFloodDefenseClickEnableboxtoactivatethisintrusionpreventionruleandenterthetrafficthresholdinthisfield.ICMPFloodDefenseClickEnableboxtoactivatethisintrusionpreventionruleandenterthetrafficthresholdinthisfield.ValueRange:10~10000.PortScanDefection1.AMustfilledsetting2.Theboxisuncheckedbydefault.3.Trafficthresholdissetto200bydefault4.Thevaluerangecanbefrom10to10000.ClickEnableboxtoactivatethisintrusionpreventionruleandenterthetrafficthresholdinthisfield.ValueRange:10~10000.BlockLandAttackTheboxisuncheckedbydefault. ClickEnableboxtoactivatethisintrusionpreventionrule.BlockPingofDeathBlockIPSpoofBlockTCPFlagScanBlockSmurf
M2MCellularGateway 175 BlockTracerouteBlockFraggleAttackARPSpoofingDefence1.AMustfilledsetting2.Theboxisuncheckedbydefault.3.Trafficthresholdissetto300bydefault4.Thevaluerangecanbefrom10to10000.ClickEnableboxtoactivatethisintrusionpreventionruleandenterthetrafficthresholdinthisfield.ValueRange:10~10000.Save NA ClickSavetosavethesettingsUndo NA ClickUndotocancelthesettings 
M2MCellularGateway 176 5.2.7OptionsTherearesomeadditionalusefulfirewalloptionsinthispage.“StealthMode”letsgatewaynottorespondtoportscansfromtheWANsothatmakesitlesssusceptibletodiscoveryandattacksontheInternet.”SPI”enablesgatewaytorecordthepacketinformationlikeIPaddress,portaddress,ACK,SEQnumberandsoonwhiletheypassthroughthegateway,andthegatewaycheckseveryincomingpackettodetectifthispacketisvalid.“DiscardPingfromWAN”makesanyhostontheWANsidecan`tping this gateway. And finally, “RemoteAdministratorHosts”enablesyoutoperformadministrationtaskfromaremotehost.Ifthisfeatureisenabled,onlyspecifiedIPaddress(es)canperformremoteadministration. 
M2MCellularGateway 177 EnableSPIScenarioAsshowninthediagram,GatewayhastheIPaddress of 118.18.81.200 for WAN interface and192.168.1.253forLANinterface.ItservesasaNATgateway.UsersinNetwork‐Ainitiatetoaccesscloud server through the gateway. Sometimes,unknown users will simulate the packets but usedifferent source IP to masquerade. With the SPIfeaturebeenenabledatthegateway,itwillblocksuchpacketsfromunknownusers.DiscardPingfromWAN&RemoteAdministratorHostsScenario“Discard Ping from WAN” makes any host on theWANsidecan`tpingthisgatewayreplyanyICMPpackets.EnabletheDiscardPingfromWANfunctionto prevent security leak when local users surf theinternet.Remoteadministratorknowsthegateway’sglobalIP,and he can access the Gateway GUI via TCP port8080.FirewallOptionsSettingGotoSecurity>Firewall>OptionsTab.ThefirewalloptionssettingallowsnetworkadministratortomodifythebehaviorofthefirewallandtoenableRemoteRouterAccessControl.EnableFirewallOptions
M2MCellularGateway 178 FirewallOptionsItem Valuesetting DescriptionStealthMode Theboxisuncheckedbydefault ChecktheEnableboxtoactivatetheStealthModefunctionSPI Theboxischeckedbydefault ChecktheEnableboxtoactivatetheSPIfunctionDiscardPingfromWANTheboxisuncheckedbydefault ChecktheEnableboxtoactivatetheDiscardPingfromWANfunctionDefineRemoteAdministratorHostTherouter allowsnetwork administrator tomanagerouterremotely.Thenetworkadministrator canassignspecificIPaddressandserviceporttoallowaccessingtherouter.RemoteAdministratorHostDefinitionItem Valuesetting DescriptionProtocol HTTPissetbydefault SelectHTTPorHTTPSmethodforrouteraccess.IP AMustfilledsettingThisfieldistospecifytheremotehosttoassignaccessrightforremoteaccess.SelectAnyIPtoallowanyremotehostsSelectSpecificIPtoallowtheremotehostcomingfromaspecificsubnet.AnIPaddressenteredinthisfieldandaselectedSubnetMasktocomposethesubnet.
M2MCellularGateway 179 ServicePort1.80forHTTPbydefault2.443forHTTPSbydefaultThisfieldistospecifyaServicePorttoHTTPorHTTPSconnection.ValueRange:1~65535.EnablingtheruleTheboxisuncheckedbydefault. ClickEnableboxtoactivatethisrule.Save N/A ClickEnableboxtoactivatethisrulethensavethesettings.Undo N/A ClickUndotocancelthesettings 
M2MCellularGateway 180 Chapter6Administration 6.1Configure&ManageConfigure&Managereferstoenterprise‐wideadministrationofdistributedsystemsincluding(andcommonlyinpractice)computersystems.Centralizedmanagementhasatimeandefforttrade‐offthatisrelatedtothesizeofthecompany,theexpertiseoftheITstaff,andtheamount of technology being used. This devicesupportsmanysystemmanagementprotocols,suchasCommandScript,TR‐069,SNMP,andTelnetwithCLI.Youcansetupthoseconfigurationsinthe"Configure&Manage"section.
M2MCellularGateway 181 6.1.1CommandScriptCommand script configuration is the application that allows administrator to setup the pre‐definedconfigurationinplaintextstyleandapplyconfigurationonstartup.GotoAdministration>CommandScript>ConfigurationTab.EnableCommandScriptConfigurationConfigurationItem Valuesetting DescriptionConfiguration Theboxisuncheckedbydefault ChecktheEnableboxtoactivatetheCommandScriptfunction.BackupScript N/A ClicktheViaWebUIorViaStoragebuttontobackuptheexistedcommandscriptina.txtfile.YoucanspecifythescriptfilenameinScriptNamebelow.UploadScript N/A ClicktheViaWebUIorViaStoragebuttontoUploadtheexistedcommandscriptfromaspecified.txtfile.ScriptName 1.AnOptionalsetting2.AnyvalidfilenameSpecifyascriptfilenameforscriptbackup,ordisplaytheselecteduploadscriptfilename.ValueRange:0~32characters.Version 1.AnOptionalsetting2.AnystringSpecifytheversionnumberfortheappliedCommandscript.ValueRange:0~32characters.Description 1.AnOptionalsetting2.Anystring EnterashortdescriptionfortheappliedCommandscript.Updatetime N/A Itrecordstheuploadtimeforlastcommadscriptupload.
M2MCellularGateway 182 Edit/BackupPlainTextCommandScriptYoucanedittheplaintextconfigurationsettingsintheconfigurationscreenasabove.PlainTextConfigurationItem Valuesetting DescriptionClean NA Cleantextarea.(YoushouldclickSave buttontofurthercleantheconfigurationalreadysavedinthesystem.)Backup NA Backupanddownloadconfiguration.Save NA SaveconfigurationThe supported plain text configuration items are shown in the followinglist.ForthesettingsthatcanbeexecutedwithstandardLinuxcommands,youcanputtheminascriptfile,andapplytothesystemconfigurewith STARTUP command. For those configurations without corresponding Linux command set to configure,youcanconfigurethemwithproprietarycommandset.ConfigurationContentKey Valuesetting DescriptionOPENVPN_ENABLED 1:enable0:disableEnableordisableOpenVPNClientfunction.OPENVPN_DESCRIPTION AMustfilledSettingSpecifythetunnelnamefortheOpenVPNClientconnection.OPENVPN_PROTO udptcpDefinetheProtocol fortheOpenVPNClient. SelectTCPorTCP/UDP‐>TheOpenVPNwilluseTCPprotocol,andPortwillbesetas443automatically. SelectUDP‐>TheOpenVPNwilluseUDPprotocol,andPortwillbesetas1194automatically.OPENVPN_PORT AMustfilledSettingSpecifythePort fortheOpenVPNClienttouse.OPENVPN_REMOTE_IPADDR IPorFQDN SpecifytheRemoteIP/FQDN ofthepeerOpenVPNServerforthisOpenVPNClienttunnel.FillintheIPaddressorFQDN.OPENVPN_PING_INTVL seconds SpecifythetimeintervalforOpenVPNkeep‐alivechecking.OPENVPN_PING_TOUT seconds SpecifythetimeoutvalueforOpenVPNClientkeep‐alivechecking.OPENVPN_COMP Adaptive SpecifytheLZOCompression algorithmforOpenVPNclient.OPENVPN_AUTH StaticKey/TLS Specifytheauthorizationmode fortheOpenVPNtunnel.
M2MCellularGateway 183  TLS‐>TheOpenVPNwilluseTLSauthorizationmode,andthefollowingitemsCACert.,ClientCert.andClientKeyneedtospecifyaswell.OPENVPN_CA_CERT AMustfilledSettingSpecifytheTrustedCAcertificatefortheOpenVPNclient.ItwillgothroughBase64Conversion.OPENVPN_LOCAL_CERT AMustfilledSettingSpecifythelocalcertificateforOpenVPNclient.ItwillgothroughBase64Conversion.OPENVPN_LOCAL_KEY AMustfilledSettingSpecifythelocalkeyfortheOpenVPNclient.ItwillgothroughBase64Conversion.OPENVPN_EXTRA_OPTS Options SpecifytheextraoptionssettingfortheOpenVPNclient.IP_ADDR1 Ip EthernetLANIPIP_NETM1 Netmask EthernetLANMASKPPP_MONITORING 1:enable0:disableWhentheNetworkMonitoringfeatureisenabled,therouterwilluseDNSQueryorICMPtoperiodicallycheckInternetconnection–connectedordisconnected.PPP_PING 0:DNSQuery1:ICMPQueryWith DNSQuery,thesystemcheckstheconnectionbysendingDNSQuerypacketstothedestinationspecifiedinPPP_PING_IPADDR.WithICMPQuery,thesystemwillcheckconnectionbysendingICMPrequestpacketstothedestinationspecifiedinPPP_PING_IPADDR.PPP_PING_IPADDR IP SpecifyanIPaddressasthetargetforsendingDNSquery/ICMPrequest.PPP_PING_INTVL seconds Specifythetimeintervalfor betweentwoDNSQueryorICMPcheckingpackets.STARTUP Scriptfile FortheconfigurationsthatcanbeconfiguredwithstandardLinuxcommands,youcanputtheminascriptfile,andapplythescriptfilewithSTARTUPcommand.Forexample,STARTUP=#!/bin/shSTARTUP=echo“startupdone”>/tmp/demoPlainTextSystemConfigurationwithTelnetInadditiontotheweb‐styleplaintextconfigurationasmentionedabove,thegatewaysystemalsoallowtheconfigurationviaTelnet CLI.Administratorcanusetheproprietarytelnetcommand“txtConfig” andrelatedactionitemstoperformtheplainsystemconfiguration.Thecommandformatis:txtConfig(action)[option]Action Option Descriptionclone Outputfile Duplicatetheconfigurationcontentfromdatabaseandstoredasaconfigurationfile.(ex:txtConfigclone/tmp/config)Thecontentsintheconfigurationfilearethesameastheplaintextcommandsmentionedabove.Thisactionisexactlythesameasperformingthe“Backup”plaintextconfiguration.commit aexistingfile Committheconfigurationcontenttodatabase.(ex:txtConfigcommit/tmp/config)enable NA Enableplaintextsystemconfig.
M2MCellularGateway 184 (ex:txtConfigenable)disable NA Disableplaintextsystemconfig.(ex:txtConfigdisable)run_immediately NA Applytheconfigurationcontentthathasbeencommittedindatabase.(ex:txtConfigrun_immediately)run_immediately aexistingfile Assignaconfigurationfiletoapply.(ex:txtConfigrun_immediately/tmp/config)
M2MCellularGateway 185 6.1.2TR‐069TR‐069 (Technical Report 069)is a Broadband Forum technical specification entitledCPE WAN ManagementProtocol(CWMP).Itdefinesanapplicationlayerprotocolforremotemanagementofend‐userdevices,likethisgatewaydevice.AsabidirectionalSOAP/HTTP‐basedprotocol,it provides the communication betweencustomer‐premisesequipment(CPE)andAutoConfigurationServers(ACS).TheSecurityGatewayissuchCPE.TR‐069isacustomizedfeatureforISP.Itisnotrecommendthatyouchangetheconfigurationforthis.Ifyouhaveanyprobleminusingthisfeaturefordevicemanagement,please contact with your ISP or the ACSproviderforhelp.AttherightuppercornerofTR‐069Settingscreen,one“[Help]”commandletyouseethesamemessageaboutthat.Scenario‐ManagingdeployedgatewaysthroughanACSServerScenarioApplicationTimingWhen the enterprise data center wants to use an ACS server to manage remote gatewaysgeographically distributed elsewhere in the world, the gatewaysinallbranchofficesmusthaveanembeddedTR‐069agenttocommunicate withtheACSserver.SothattheACSservercanconfigure,FWupgradeandmonitorthesegatewaysandtheircorrespondingIntranets.ScenarioDescriptionTheACSservercanconfigure,upgradewithlatestFWandmonitorthesegateways.RemotegatewaysinquiretheACSserverforjobstodoineachtimeperiod.TheACSservercanaskthegatewaystoexecutesomeurgentjobs.ParameterSetupExample
M2MCellularGateway 186 Followingtableslisttheparameterconfigurationasanexample fortheGateway 1inabovediagramwith"TR‐069"enabling.Usedefaultvalueforthoseparametersthatarenotmentionedinthetables.ConfigurationPath [TR‐069]‐[Configuration]TR‐069 ■EnableACSURL http://qa.acslite.com/cpe.phpACSUserNameACSUserNameACSPasswordACSPasswordConnectionRequestPort 8099ConnectionRequestUserName ConnReqUserNameConnectionRequestPassword ConnReqPasswordInform ■EnableInterval900ScenarioOperationProcedureInabovediagram,theACSservercanmanagemultiple gatewaysintheInternet.The"Gateway 1"isoneofthemandhas118.18.81.33IPaddressforitsWAN‐1interface.Whenallremotegatewayshavebootedup,theywilltrytoconnecttotheACSserver.Oncetheconnectionsareestablishedsuccessfully,theACSservercanconfigure,upgradewithlatestFWandmonitorthesegateways.RemotegatewaysinquiretheACSserverforjobstodoineachtimeperiod.IftheACSserverneedssomeurgentjobstobedonebythegateways,itwillissuethe"ConnectionRequest"commandtothosegateways.AndthosegatewaysmakeimmediateconnectionsinresponsetotheACSserver’simmediateconnectionrequestforexecutingtheurgentjobs.
M2MCellularGateway 187 TR‐069SettingGotoAdministration>Configure&Manage>TR‐069tab.In "TR‐069" page, there is only one configuration window for TR‐069 function. In the window, you mustspecifytherelatedinformationforyoursecuritygatewaytoconnecttotheACS.DrivethefunctiontoworkbyspecifyingtheURLoftheACSserver,theaccountinformationtologintheACSserver,theserviceportandtheaccount information for connection requesting from the ACS server, and the time interval for job inquiry.Excepttheinquirytime,therearenoactivitiesbetweentheACSserverandthegatewaysuntilthenextinquirycycle.ButiftheACSserverhasnewjobsthatareexpectedtodobythegatewaysurgently,itwillaskthesegatewaysbyusingconnectionrequestrelatedinformationforimmediate connection for inquiring jobs andexecuting.EnableTR‐069TR‐069Item Valuesetting Description
M2MCellularGateway 188 TR‐069 Theboxisuncheckedbydefault ChecktheEnableboxtoactivateTR‐069function.Interface WAN‐1isselectedbydefault.WhenyoufinishsetbasicnetworkWAN‐1~WAN‐n,youcanchooseWAN‐1~WAN‐nWhenyoufinishsetSecurity>VPN>IPSec/OpenVPN/PPTP/L2TP/GRE,youcanchooseIPSec/OpenVPN/PPTP/L2TP/GREtunnel,theinterfacejustlike“IPSec#1”DataModel ACSCloudDataModelisselectedbydefault.SelecttheTR‐069datmodelfortheremotemanagement.Standard:theACSServerisastandardone,whichisfullycomplywithTR‐069.ACSCloudDataModel:SelectthisdatamodelifyouintendtouseCloudACSServertomanagingthedeployedgateways.ACSURL AMustfilledsetting YoucanaskACSmanagerprovideACSURLandmanuallysetACSUsername AMustfilledsetting YoucanaskACSmanagerprovideACSusernameandmanuallysetACSPassword AMustfilledsetting YoucanaskACSmanagerprovideACSpasswordandmanuallysetConnectionRequestPort1.AMustfilledsetting.2.Bydefault8099isset.YoucanaskACSmanagerprovideACSConnectionRequestPortandmanuallysetValueRange:0~65535.ConnectionRequestUserName AMustfilledsetting YoucanaskACSmanagerprovideACSConnectionRequestUsernameandmanuallysetConnectionRequestPassword AMustfilledsetting YoucanaskACSmanagerprovideACSConnectionRequestPasswordandmanuallysetInform1.Theboxischeckedbydefault.2.TheIntervalvalueis300bydefault.WhentheEnableboxischecked,thegateway(CPE)willperiodiclysendinformmessagetoACSServeraccordingtotheIntervalsetting.ValueRange:0~86400forInformInterval.CertificationSetup ThedefaultboxisselectedbydefaultYoucanleaveitasdefaultorselectanexpectedcertificateandkeyfromthedropdownlist.RefertoObjectDefinition>CertificateSectionfortheCertificateconfiguration.Save N/A ClickSavetosavethesettings.Undo N/A ClickUndotocancelthemodifications.WhenyoufinishsetACSURLACSUsernameACSPassword,yourgateway(CPE,ClientPremiumEquipment)cansendinformtoACSServer.WhenyoufinishsetConnectionRequestPortConnectionRequest Username ConnectionRequest Password,ACSServercanaskthegateway(CPE)tosendinformtoACSServer.EnableSTUNServer
M2MCellularGateway 189 STUNSettingsConfigurationItem Valuesetting DescriptionSTUN Theboxischeckedbydefault ChecktheEnableboxtoactivateSTUNfunction.ServerAddress1.Stringformat:anyIPv4address2.Itisanoptionalitem.SpecifytheIPaddressfortheexpectedSTUNServer.ServerPort 1.Anoptionalsetting2.3478issetbydefaultSpecifytheportnumberfortheexpectedSTUNServer.ValueRange:1~65535.KeepAlivePeriod 1.Anoptionalsetting2.0issetbydefaultSpecifythekeepalivetimeperiodfortheconnectionwithSTUNServer.ValueRange:0~65535.Save N/A ClickSavetosavethesettings.Undo N/A ClickUndotocancelthemodifications. 
M2MCellularGateway 190 6.1.3SNMPInbrief,SNMP,theSimpleNetworkManagementProtocol,isaprotocoldesignedtogiveauserthecapabilitytoremotelymanageacomputernetworkbypollingandsettingterminal values and monitoring networkevents.IntypicalSNMPuses,oneormoreadministrativecomputers,calledmanagers,havethetaskofmonitoringormanagingagroupofhostsordevicesonacomputernetwork.Eachmanagedsystemexecutes,atalltimes,asoftwarecomponentcalledanagentwhichreportsinformationviaSNMPtothemanager.SNMPagentsexposemanagementdataonthemanagedsystemsasvariables.Theprotocolalsopermitsactivemanagementtasks,suchasmodifyingandapplyinganewconfigurationthroughremotemodificationofthesevariables.ThevariablesaccessibleviaSNMPareorganizedinhierarchies. These hierarchies, and othermetadata(suchastypeanddescriptionofthevariable),aredescribed by Management Information Bases(MIBs).ThedevicesupportsseveralpublicMIBsandoneprivateMIBfortheSNMPagent.ThesupportedMIBsareasfollow: MIB-II (RFC 1213, Include IPv6), IF-MIB, IP-MIB, TCP-MIB, UDP-MIB, SMIv1 and SMIv2, SNMPv2-TM and SNMPv2-MIB, and AMIB (a Proprietary MIB) SNMPManagementScenarioScenarioApplicationTimingTherearetwoapplicationscenariosofSNMPNetworkManagementSystems (NMS).LocalNMSisin
M2MCellularGateway 191 theIntranet andmanageall devices thatsupportSNMP protocolinthe Intranet.Anotheroneis theRemote NMS to manage some devices whose WAN interfaces are connected together by using aswitch or a router with UDP forwarding. If you want to manage some devices and they all havesupportedSNMPprotocol,useeitheroneapplicationscenario,especiallythemanagementofdevicesintheIntranet.InmanagingdevicesintheInternet,theTR‐069isthebettersolution.Pleaserefertolastsub‐section.ScenarioDescriptionTheNMSservercanmonitorandconfigurethemanageddevicesbyusingSNMPprotocol,andthosedevicesarelocatedatwhereUDPpacketscanreachfromNMS.ThemanageddevicesreporturgenttrapeventstotheNMSservers.UseSNMPv3versionofprotocolcanprotectedthetransmittingofSNMPcommandsandresponses.TheremoteNMSwithprivilegeIPaddresscanmanagethedevices,butotherremoteNMScan't.ParameterSetupExampleFollowingtableslisttheparameterconfigurationasanexamplefortheGateway1inabovediagramwith"SNMP"enablingatLANandWANinterfaces.Usedefaultvalueforthoseparametersthatarenotmentionedinthetables.ConfigurationPath [SNMP]‐[Configuration]SNMPEnable ■LAN■WANSupportedVersions ■v1■v2c■v3Get/SetCommunity ReadCommunity/WriteCommunityTrapEventReceiver1 118.18.81.11WANAccessIPAddress 118.18.81.11ConfigurationPath [SNMP]‐[UserPrivacyDefinition]ID 12 3UserName UserName1UserName2 UserName3Password Password1 Password2 DisableAuthentication MD5SHA‐1 DisableEncryption DES Disable DisablePrivacyMode authPriv authNoPriv noAuthNoPrivPrivacyKey 12345678 Disable DisableAuthority Read/Write Read ReadEnable ■Enable ■Enable ■EnableScenarioOperationProcedureInabovediagram,theNMSservercanmanagemultipledevicesin the Intranet or a UDP‐reachablenetwork.The"Gateway1"isoneofthemanageddevices,andithas theIPaddressof 10.0.75.2forLANinterfaceand118.18.81.33forWAN‐1interface.ItservesasaNATrouter.
M2MCellularGateway 192 Atfirststage,theNMSmanagerpreparesrelatedinformationfor all managed devices and recordsthemintheNMSsystem.ThenNMSsystemgetsthestatusofallmanageddevicesbyusingSNMPgetcommands.Whenthemanagerwantstoconfigurethemanageddevices,theNMSsystemallowshimtodothatbyusingSNMPsetcommands.The"UserName1"accountisusedifthemanagerusesSNMPv3protocolforconfiguringthe"Gateway 1".Onlythe"UserName1"accountcanletthe"Gateway1"accepttheconfigurationfromtheNMSsincetheauthorityoftheaccountis"Read/Write".Once a managed device has an urgent event to send, the device will issue a trap to the Trap EventReceivers.TheNMSitselfcouldbeoneamongthem.If you want to secure the transmitted SNMP commands and responsesbetweentheNMSandthemanageddevices,useSNMPv3versionofprotocol.TheremoteNMSwithoutprivilegeIPaddresscan'tmanagethe"Gateway1",since"Gateway1"allowsonlytheNMSwithprivilegeIPaddresscanmanageitviaitsWANinterface.
M2MCellularGateway 193 SNMPSettingGotoAdministration>Configure&Manage>SNMPtab.TheSNMPallowsusertoconfigureSNMPrelevantsettingwhichincludes interface, version, access controlandtrapreceiver.EnableSNMPSNMPItem Valuesetting DescriptionSNMPEnable 1.TheboxesareuncheckedbydefaultSelecttheinterfacefortheSNMPandenableSNMPfunctions.WhenChecktheLANbox,itwillactivateSNMPfunctionsandyoucanaccessSNMPfromLANside;WhenChecktheWANbox,itwillactivateSNMPfunctionsandyoucanaccessSNMPfromWANside.WANInterface1.AMustfilledsetting2.ALLWANsisselectedbydefaultSpecifytheWANinterfacethataremoteSNMPhostcanaccesstothedevice.Bydefault,AllWANsisselected,andthereisnolimitationfortheWANinferface.SupportedVersions1.AMustfilledsetting2.TheboxesareuncheckedbydefaultSelecttheversionfortheSNMPWhenCheckthev1box.ItmeansyoucanaccessSNMPbyversion1.WhenCheckthev2cbox.ItmeansyoucanaccessSNMPbyversion2c.WhenCheckthev3box.ItmeansyoucanaccessSNMPbyversion3.RemoteAceessIP1.Stringformat:anyIPv4address2.Itisanoptionalitem.SpecifytheRemoteAccessIPforWAN.SelectSpecificIPAddress,andfillinacertainIPaddress.ItmeansonlythisIPaddresscanaccessSNMPfromLAN/WANside.SelectIPRange,andfillinarangeofIPaddresses.ItmeanstheIPaddresswithinspecifiedrangecanaccessSNMPfromLAN/WANside.Ifyouleftitasblank,itmeansanyIPaddresscanaccessSNMPfromWANside.
M2MCellularGateway 194 SNMPPort1.Stringformat:anyportnumber2.ThedefaultSNMPportis161.3.AMustfilledsettingSpecifytheSNMPPort.Youcanfillinanyportnumber.Butyoumustensuretheportnumberisnottobeused.ValueRange:1~65535.Save N/A ClickSavetosavethesettingsUndo N/A ClickUndotocancelthesettingsCreate/EditMultipleCommunityTheSNMPallowsyoutocustomyouraccesscontrolforversion1andversion2user.Theroutersupportsuptoamaximumof10communitysets.WhenAddbuttonisapplied,MultipleCommunityRuleConfigurationscreenwillappear.MultipleCommunityRuleConfigurationItem Valuesetting DescriptionCommunity1.ReadOnlyisselectedbydefault2.AMustfilledsetting3.Stringformat:anytextSpecifythisversion1orversionv2cuser’scommunitythatwillbeallowedReadOnly(GETandGETNEXT)orRead‐Write(GET,GETNEXTandSET)accessrespectively.Themaximumlengthofthecommunityis32.Enable 1.Theboxischeckedbydefault ClickEnabletoenablethisversion1orversionv2cuser.Save N/AClicktheSavebuttontosavetheconfiguration.ButitdoesnotapplytoSNMPfunctions.WhenyoureturntotheSNMPmainpage.Itwillshow“Clickonsavebuttontoapplyyourchanges”remindusertoclickmainpageSavebutton.Undo N/A ClicktheUndobuttontocancelthesettings.Back N/A ClicktheBackbuttontoreturntolastpage.
M2MCellularGateway 195 Create/EditUserPrivacyTheSNMPallowsyoutocustomyouraccesscontrolforversion3user.Theroutersupportsuptoamaximumof128UserPrivacysets.WhenAddbuttonisapplied,UserPrivacyRuleConfigurationscreenwillappear.UserPrivacyRuleConfigurationItem Valuesetting DescriptionUserName 1.AMustfilledsetting2.Stringformat:anytextSpecifytheUserNameforthisversion3user.ValueRange:1~32characters.Password 1.Stringformat:anytextWhenyourPrivacyModeisauthNoPrivorauthPriv,youmustspecifythePasswordforthisversion3user.ValueRange:8~64characters.Authentication 1.NoneisselectedbydefaultWhenyourPrivacyModeisauthNoPrivorauthPriv,youmustspecifytheAuthenticationtypesforthisversion3user.SelectedtheauthenticationtypesMD5/SHA‐1touse.Encryption 1.NoneisselectedbydefaultWhenyourPrivacyModeisauthPriv,youmustspecifytheEncryptionprotocolsforthisversion3user.SelectedtheencryptionprotocolsDES/AEStouse.
M2MCellularGateway 196 PrivacyMode 1.noAuthNoPrivisselectedbydefaultSpecifythePrivacyModeforthisversion3user.SelectedthenoAuthNoPriv.Youdonotuseanyauthenticationtypesandencryptionprotocols.SelectedtheauthNoPriv.YoumustspecifytheAuthenticationandPassword.SelectedtheauthPriv.YoumustspecifytheAuthentication,Password,EncryptionandPrivacyKey.PrivacyKey 1.Stringformat:anytextWhenyourPrivacyModeisauthPriv,youmustspecifythePrivacyKey(8~64characters)forthisversion3user.Authority 1.ReadisselectedbydefaultSpecifythisversion3user’sAuthoritythatwillbeallowedReadOnly(GETandGETNEXT)orRead‐Write(GET,GETNEXTandSET)accessrespectively.OIDFilterPrefix 1.Thedefaultvalueis12.AMustfilledsetting3.Stringformat:anylegalOIDTheOIDFilterPrefixrestrictsaccessforthisversion3usertothesub‐treerootedatthegivenOID.ValueRange:1~2080768.Enable 1.TheboxischeckedbydefaultClickEnabletoenablethisversion3user.Save N/A ClicktheSavebuttontosavetheconfiguration.ButitdoesnotapplytoSNMPfunctions.WhenyoureturntotheSNMPmainpage.Itwillshow“Clickonsavebuttontoapplyyourchanges”remindusertoclickmainpageSavebutton.Undo N/A ClicktheUndobuttontocancelthesettingsBack N/A ClicktheBackbuttontoreturnthelastpage.Create/EditTrapEventReceiverThe SNMP allows you to custom your trap event receiver. The router supports up to a maximum of4 TrapEventReceiversets.WhenAddbuttonisapplied,TrapEventReceiverRuleConfigurationscreenwillappear.ThedefaultSNMPVersionisv1.Theconfigurationscreenwillprovidetheversion1mustfilleditems.
M2MCellularGateway 197 Whenyouselectedv2c,theconfigurationscreenisexactlythesameasthatofv1,excepttheversion.Whenyouselectedv3,theconfigurationscreenwillprovidemoresettingitemsfortheversion3Trap.TrapEventReceiverRuleConfigurationItem Valuesetting DescriptionServerIP1.AMustfilledsetting2.Stringformat:anyIPv4addressorFQDNSpecifythetrapServerIPorFQDN.TheDUTwillsendtraptotheserverIP/FQDN.ServerPort1.Stringformat:anyportnumber2.ThedefaultSNMPtrapportis1623.AMustfilledsettingSpecifythetrapServerPort.Youcanfillinanyportnumber.Butyoumustensuretheportnumberisnottobeused.ValueRange:1~65535.
M2MCellularGateway 198 SNMPVersion 1.v1isselectedbydefaultSelecttheversionforthetrapSelectedthev1.Theconfigurationscreenwillprovidetheversion1mustfilleditems.Selectedthev2c.Theconfigurationscreenwillprovidetheversion2cmustfilleditems.Selectedthev3.Theconfigurationscreenwillprovidetheversion3mustfilleditems.CommunityName1.Av1andv2cMustfilledsetting2.Stringformat:anytextSpecifytheCommunityNameforthisversion1orversionv2ctrap.ValueRange:1~32characters.UserName1.Av3Mustfilledsetting2.Stringformat:anytextSpecifytheUserNameforthisversion3trap.ValueRange:1~32characters.Password1.Av3Mustfilledsetting2.Stringformat:anytextWhenyourPrivacyModeisauthNoPrivorauthPriv,youmustspecifythePasswordforthisversion3trap.ValueRange:8~64characters.PrivacyMode1.Av3Mustfilledsetting2.noAuthNoPrivisselectedbydefaultSpecifythePrivacyModeforthisversion3trap.SelectedthenoAuthNoPriv.Youdonotuseanyauthenticationtypesandencryptionprotocols.SelectedtheauthNoPriv.YoumustspecifytheAuthenticationandPassword.SelectedtheauthPriv.YoumustspecifytheAuthentication,Password,EncryptionandPrivacyKey.Authentication1.Av3Mustfilledsetting2.NoneisselectedbydefaultWhenyourPrivacyModeisauthNoPrivorauthPriv,youmustspecifytheAuthenticationtypesforthisversion3trap.SelectedtheauthenticationtypesMD5/SHA‐1touse.Encryption1.Av3Mustfilledsetting2.NoneisselectedbydefaultWhenyourPrivacyModeisauthPriv,youmustspecifytheEncryptionprotocolsforthisversion3trap.SelectedtheencryptionprotocolsDES/AEStouse.PrivacyKey1.Av3Mustfilledsetting2.Stringformat:anytextWhenyourPrivacyModeisauthPriv,youmustspecifythePrivacyKey(8~64characters)forthisversion3trap.Enable 1.Theboxischeckedbydefault ClickEnabletoenablethistrapreceiver.Save N/AClicktheSavebuttontosavetheconfiguration.ButitdoesnotapplytoSNMPfunctions.WhenyoureturntotheSNMPmainpage.Itwillshow“Clickonsavebuttontoapplyyourchanges”remindusertoclickmainpageSavebutton.Undo N/A ClicktheUndobuttontocancelthesettings.Back N/A ClicktheBackbuttontoreturnthelastpage.
M2MCellularGateway 199 SpecifySNMPMIB‐2SystemIfrequired,youcanalsospecifytherequiredonformationthetheMIB‐2System.SNMPMIB‐2SystemConfigurationItem Valuesetting DescriptionsysContact 1.AnOptionalfilledsetting2.Stringformat:anytextSpecifythecontactinformationforMIB‐2system.ValueRange:0~64characters.sysLocation 1.AnOptionalfilledsetting2.Stringformat:anytextSpecifythelocationinformationforMIB‐2system.ValueRange:0~64characters.EditSNMPOptionsIfyouusesomeparticularprivateMIB,youmustfilltheenterprisename,numberandOID.Options
M2MCellularGateway 200 Item Valuesetting DescriptionEnterpriseName1.ThedefaultvalueisDefault2.AMustfilledsetting3.Stringformat:anytextSpecifytheEnterpriseNamefortheparticularprivateMIB.ValueRange:1~10characters,andonlystringwithA~Z,a~z,0~9,’–‘,‘_’.EnterpriseNumberThedefaultvalueis12823(DefaultEnterpriseNumber)2.AMustfilledsetting3.Stringformat:anynumberSpecifytheEnterpriseNumberfortheparticularprivateMIB.ValueRange:1~2080768.EnterpriseOID1.Thedefaultvalueis1.3.6.1.4.1.12823.4.4.9(DefaultEnterpriseOID)2.AMustfilledsetting3.Stringformat:anylegalOIDSpecifytheEnterpriseOIDfortheparticularprivateMIB.TherangeoftheeachOIDnumberis1‐2080768.ThemaximumlengthoftheenterpriseOIDis31.Theseventhnumbermustbeidenticalwiththeenterprisenumber.Save N/A ClicktheSavebuttontosavetheconfigurationandapplyyourchangestoSNMPfunctions.Undo N/A ClicktheUndobuttontocancelthesettings. 
M2MCellularGateway 201 6.1.4Telnet&SSHAcommand‐lineinterface(CLI),also knownascommand‐line userinterface,and consoleuserinterfacearemeansofinteractingwithacomputerprogramwheretheuser(orclient)issuescommandstotheprogramintheformofsuccessivelinesoftext(commandlines).Theinterfaceisusuallyimplementedwithacommandlineshell,which isaprogram thatacceptscommands as textinputandconverts commandstoappropriateoperating system functions. Programs with command‐line interfacesaregenerallyeasiertoautomateviascripting. The device supports both Telnet and SSH (Secure Shell) CLI with default service port 23 and 22,respectively.Telnet&SSHScenarioScenarioApplicationTimingWhentheadministratorofthegatewaywantstomanageitfromremotesiteintheIntranetorInternet,hemayuse"TelnetwithCLI"functiontodothatbyusing"Telnet"or"SSH"utility.ScenarioDescriptionTheLocalAdminortheRemoteAdmincanmanagetheGatewaybyusing"Telnet"or"SSH"utilitywithprivilegedusernameandpassword.ThedatapacketsbetweentheLocalAdminandtheGatewayorbetweentheRemoteAdminandtheGateway can be plain texts or encrypted texts. Suggest they are plain texts in the Intranet for LocalAdmintouse"Telnet"utility,andencryptedtextsintheInternetforRemoteAdmintouse"SSH"utility.
M2MCellularGateway 202 ParameterSetupExampleFollowingtableliststheparameterconfigurationasanexamplefortheGatewayinabovediagramwith"TelnetwithCLI"enablingatLANandWANinterfaces.Usedefaultvalueforthoseparametersthatarenotmentionedinthetable.ConfigurationPath [Telnet&SSH]‐[Configuration]Telnet LAN: ■EnableWAN: EnableServicePort:23SSH LAN: ■EnableWAN: ■EnableServicePort:22ScenarioOperationProcedureInabovediagram,"LocalAdmin"or"RemoteAdmin"canmanagethe "Gateway" in the Intranet orInternet.The"Gateway"isthegatewayofNetwork‐A,andthesubnetofitsIntranetis10.0.75.0/24.IthastheIPaddressof10.0.75.2forLANinterfaceand118.18.81.33forWAN‐1interface.ItservesasaNATgateway.The"LocalAdmin"intheIntranetuses"Telnet"utilitywithprivilegedaccounttologintheGateway.Orthe"RemoteAdmin"intheInternetuses"SSH"utilitywithprivilegedaccounttologintheGateway.Theadministratorofthegatewaycancontrolthedeviceaslikeheisinfrontofthegateway.
M2MCellularGateway 203 Telnet&SSHSettingGotoAdministration>Configure&Manage>Telnet&SSHtab.TheTelnet&SSHsettingallowsadministratortoaccessthisdevicethroughthetraditionalTelnetorSSHTelnetprogram.Beforeyoucantelnet(login)tothedevice,please configure the related settings andpasswordwithcare.ThepasswordmanagementpartallowsyoutosetrootpasswordforloggingtelnetandSSH.ConfigurationItem Valuesetting DescriptionTelnet 1. TheLANEnableboxischeckedbydefault.2. BydefaultServicePortis23.ChecktheEnableboxtoactivatetheTelnetfunctionforconnectingfromLANorWANinterfaces.You can set which number of Service Portyouwanttoprovideforthecorrespondingservice.ValueRange:1~65535.SSH 3. TheLANEnableboxischeckedbydefault.4. BydefaultServicePortis22.ChecktheEnableboxtoactivatetheSSHTelnetfunctionforconnectingfromLANorWANinterfaces.You can set which number of Service Portyouwanttoprovideforthecorrespondingservice.ValueRange:1~65535.Save N/A ClickSavetosavethesettingsUndo N/A ClickUndotocancelthesettings
M2MCellularGateway 204 ConfigurationItem Valuesetting Descriptionroot 1.String:anytextbutnoblankcharacter2.Thedefaultpasswordfortelnetis‘wirelessm2m’.Typeoldpasswordandspecifynewpasswordtochangerootpassword.Note_1:Youarehighlyrecommendedtochangethedefaulttelnetpasswordwithyoursbeforethedeviceisdeployed.Note_2:IfyouhavetroubleforthedefaultpasswordforpreviousFWversion,pleasecheckthecorrespondingUserManualtogetthecorrectone.Save N/A ClickSavetosavethesettingsUndo N/A ClickUndotocancelthesettings
M2MCellularGateway 205 6.2SystemOperation System Operation allows the network administrator to manage system, settings such as web‐based utilityaccess password change, system information, system time, system log, firmware/configuration backup &restore,andreset&reboot. 6.2.1Password&MMIGotoAdministration>SystemOperation>Password&MMItab.ChangeUserNameChangeUsernamescreenallowsnetworkadministratortochangetheweb‐basedMMIloginaccounttoaccessgateway.ClicktheModifybuttonandprovidethenewusernamesetting. UsernameConfigurationItem Valuesetting DescriptionUsername1.ThedefaultUsernameforweb‐basedMMIis‘admin’.DisplaythecurrentMMIloginaccount(Username).NewUsername String:anytext EnternewUsernametoreplacethecurrentsetting.Password String:anytext Entercurrentpasswordtoverifyifyouhavethepermissiontochangetheusernamesetting.Save N/A ClickSavebuttontosavethesettingsUndo N/A ClickUndobuttontocancelthesettingsChangePasswordChangepasswordscreenallowsnetworkadministratortochangetheweb‐basedMMIloginpasswordtoaccessgateway.
M2MCellularGateway 206  PasswordConfigurationItem Valuesetting DescriptionOldPassword1.String:anytext2.Thedefaultpasswordforweb‐basedMMIis‘admin’.Enterthecurrentpasswordtoenableyouunlocktochangepassword.NewPassword String:anytext EnternewpasswordNewPasswordConfirmation String:anytext EnternewpasswordagaintoconfirmSave N/A ClickSavebuttontosavethesettingsUndo N/A ClickUndobuttontocancelthesettingsChangeMMISettingforAccessingThis is the gateway’s web‐based MMI access which allows administrator to access the gateway formanagement.Thegateway’sweb‐basedMMIwillautomaticallylogoutwhentheidletime haselapsed.Thesettingallowsadministratortoenableautomaticlogoutandsetthelogoutidletime.Whenthelogintimeoutisdisabled,thesystemwon’tlogouttheadministratorautomatically.
M2MCellularGateway 207  MMIConfigurationItem Valuesetting DescriptionLogin 3timesissetbydefaultEnterthelogintrialcountingvalue.ValueRange:3~10.IfsomeonetriedtologinthewebGUIwithincorrectpasswordformorethanthecountingvalue,anwarningmessage“AlreadyreachingmaximumPassword‐Guessingtimes,pleasewaitafewseconds!”willbedisplayedandignorethefollowinglogintrials.LoginTimeoutTheEnableboxischecked,and300issetbydefault.ChecktheEnableboxtoactivatetheautologoutfunction,andspecifythemaximumidletimeaswell.ValueRange:30~65535.GUIAccessProtocol http/httpsisselectedbydefault.SelecttheprotocolthatwillbeusedforGUIaccess.Itcanbehttp/https,httponly,orhttpsonly.HTTPsCertificateSetupThedefaultboxisselectedbydefaultIfthehttpsAccessProtocolisselected,theHTTPsCertificateSetupoptionwillbeavailableforfurtherconfiguration.Youcanleaveitasdefaultorselectaexpectedcertificateandkeyfromthedropdownlist.RefertoObjectDefinition>CertificateSectionfortheCertificateconfiguration.httpCompression Theboxisuncheckedbydefault.Checkthebox(gzip,ordeflate)ifanycomprerssionmethodispreferred.SystemBootMode NormalModeisselectedbydefault.Selectthesystembootmodethatwillbeadoptedtobootupthedevice.NormalMode:Ittakeslongerbootuptime,about200seconds,withcompletefirmwareimagecheckduringthedevicebooting.FastMode:Ittakesshorterbootuptime,about120seconds,withoutcheckingthefirmwareimageduringthedevicebooting.QuickMode:Ittakesshorterbootuptime,about90seconds,withoutcheckingthefirmwareimageandcreatetheinternaldatabaseforUser/Group/CaptivePortalfunctions.Note:UseQuickModewithcare,onceselected,theUser/Group/CaptivePortalfunctionwillbecomenon‐functional.Save N/A ClickSavebuttontosavethesettingsUndo N/A ClickUndobuttontocancelthesettings 
M2MCellularGateway 208 6.2.2SystemInformationSystemInformationscreengivesnetwork administrator a quick look up on the device information for thepurchadesgateway.GotoAdministration>SystemOperation>SystemInformationtab.SystemInformationItem ValueSetting DescriptionModelName N/A Itdisplaysthemodelnameofthisproduct.DeviceSerialNumber N/A Itdisplaystheserialnumberofthisproduct.KernelVersion N/A ItdisplaystheLinuxkernelversionoftheproductFWVersion N/A ItdisplaysthefirmwareversionoftheproductCPUUsage N/A ItdisplaysthepercentageofCPUutilization.MemoryUsage N/A Itdisplaysthepercentageofdevicememoryutilization.SystemTime N/A Itdisplaysthecurrentsystemtimethatyoubrowsedthiswebpage.DeviceUp‐Time N/A Itdisplaysthestatisticsforthedeviceup‐timesincelastbootup.Refresh N/A ClicktheRefreshbuttontoupdatethesystemInformationimmediately. 
M2MCellularGateway 209 6.2.3SystemTimeThegatewayprovidesmanuallysetupandauto‐synchronizedapproachesfortheadministratortosetupthesystemtimeforthegateway.GotoAdministration>SystemOperation>SystemTimetab.SystemTimeInformationItem ValueSetting DescriptionTimeZone1.Itisanoptionalitem.2.GMT+00:00isselectedbydefault.Select a time zone where this device locates.Auto‐synchronization1.Checkedbydefault.2.Autoisselectedbydefault.ChecktheEnablebuttontoactivatethetimeauto‐synchronizationfunctionwithacertainNTPserver.YoucanentertheIPorFQDNfortheNTPserveryouexpected,orleaveitasautomodesothattheavailableserverwillbeusedfortimesynchronizationonebyone. DaylightSavingTime1.Itisanoptionalitem.2.Un‐checkedbydefaultChecktheEnablebuttontoactivatethedaylightsavingfunction.When you enabled this function, you have to specify the start date and end date for the daylight saving time duration. SetDate&Time 1.Itisanoptionalitem. If you do not enable the time auto-synchronization function, you can also manually set the date (Year/Month/Day) and time (Hour:Minute:Second). Save N/A ClicktheSavebuttontosavethesettings.Refresh N/A ClicktheRefreshbuttontoupdatethesystemtimeimmediately.Insteadofmanuallyconfiguringthesystemtimeforthegateway,therearetwosimpleandquicksolutionsforyoutosetthecorrecttimeinformationandsetitasthesystemtimeforthegateway.
M2MCellularGateway 210 Thefirstoneis“SyncwithTimerServer”.Basedonyourselectionoftimezoneandtimeserverinabovetimeinformationconfigurationwindow,systemwillcommunicatewithtimeserverbyNTPProtocoltogetsystemdateandtimeafteryouclickontheSyncwithTimerServerbutton.Note:Remembertoselectacorrecttimezoneforthedevice,otherwise,youwilljustgettheUTC(CoordinatedUniversalTime)time,notthelocaltimeforthedevice.Thesecondoneis“SyncwithmyPC”.ClickontheSyncwithmyPCbuttontoletsystemsynchronizeitsdateandtimetothetimeoftheadministrationPC. 
M2MCellularGateway 211 6.2.4SystemLogSystemLogscreencontainsvariouseventlogtoolsfacilitatingnetworkadministratortoperformlocaleventloggingandremotereporting.GotoAdministration>SystemOperation>SystemLogtab.View&EmailLogHistoryView button is provided for network administrator to view log history on the gateway. Email Now buttonenablesadministratortosendinstantEmailforanalysis.View&EmailLogHistoryItem Valuesetting DescriptionViewbutton N/A ClicktheViewbuttontoviewLogHistoryinWebLogListWindow.EmailNowbutton N/A ClicktheEmailNowbuttontosendLogHistoryviaEmailinstantly.
M2MCellularGateway 212 WebLogListWindowItem ValueSetting DescriptionTimecolumn N/A ItdisplayseventtimestampsLogcolumn N/A ItdisplaysLogmessagesWebLogListButtonDescriptionItem Valuesetting DescriptionPrevious N/A ClickthePreviousbuttontomovetothepreviouspage.Next N/A ClicktheNextbuttontomovetothenextpage.First N/A ClicktheFirstbuttontojumptothefirstpage.Last N/A ClicktheLastbuttontojumptothelastpage.Download N/A ClicktheDownloadbuttontodownloadlogtoyourPCintarfileformat.Clear N/A ClicktheClearbuttontoclearalllog.Back N/A ClicktheBackbuttontoreturntothepreviouspage.WebLogTypeCategoryWebLogTypeCategoryscreenallowsnetworkadministratortoselect the type of events to log and bedisplayedintheWebLogListWindowasdescribedintheprevioussection.ClickontheViewbuttontoviewLogHistoryintheWebLogListwindow.
M2MCellularGateway 213 WebLogTypeCategorySettingWindowItem ValueSetting DescriptionSystem Checkedbydefault ChecktologsystemeventsandtodisplayintheWebLogListwindow.Attacks Checkedbydefault ChecktologattackeventsandtodisplayintheWebLogListwindow.Drop Checkedbydefault ChecktologpacketdropeventsandtodisplayintheWebLogListwindow.Loginmessage Checkedbydefault ChecktologsystemlogineventsandtodisplayintheWebLogListwindow.Debug Un‐checkedbydefault ChecktologdebugeventsandtodisplayintheWebLogListwindow.EmailAlertEmailAlertscreenallowsnetworkadministratortoselectthetypeofeventtologandbesenttothedestinedEmailaccount.EmailAlertSettingWindowItem ValueSetting DescriptionEnable Un‐checkedbydefault CheckEnableboxtoenablesendingeventlogmessagestodestinedEmailaccountdefinedintheE‐mailAddressesblankspace.Server N/ASelectoneemailserverfromtheServerdropdownboxtosendEmail.Ifnonehasbeenavailable,clicktheAddObjectbuttontocreateanoutgoingEmailserver.You may also add an outgoing Email server from Object Definition > External Server > External Server tab.E‐mailaddress String:emailformatEntertherecipient’sEmailaddress.SeparateEmailaddresseswithcomma‘,’orsemicolon‘;’EntertheEmailaddressintheformatof‘myemail@domain.com’Subject String:anytext EnteranEmailsubjectthatiseasyforyoutoidentifyontheEmailclient.Logtypecategory Defaultunchecked Select the type of events to log and be sent to the designated Email account.AvailableeventsareSystem,Attacks,Drop,Loginmessage,andDebug.
M2MCellularGateway 214 SyslogdSyslogdscreenallowsnetworkadministratortoselectthetypeofeventtologandbesenttothedesignatedSyslogserver.SyslogdSettingWindowItem ValueSetting DescriptionEnable Un‐checkedbydefault CheckEnableboxtoactivatetheSyslogdfunction,andsendeventlogstoasyslogserverServer N/ASelectonesyslogserverfromtheServerdropdownboxtosenteventlogto.Ifnonehasbeenavailable,clicktheAddObjectbuttontocreateasystemlogserver.You may also add an system log server from the Object Definition > External Server > External Server tab.Logtypecategory Un‐checkedbydefault Selectthetypeofeventtologandbesenttothedestinedsyslogserver.AvailableeventsareSystem,Attacks,Drop,Loginmessage,andDebug.LogtoStorageLog to Storagescreen allowsnetworkadministratorto select the type of events tolog and be stored at aninternaloranexternalstorage.LogtoStorageSettingWindowItem ValueSetting DescriptionEnable Un‐checkedbydefault Checktoenablesendinglogtostorage.SelectDevice Internalisselectedbydefault Selectinternalorexternalstorage.Logfilename Un‐checkedbydefault Enterlogfilenametosavelogsindesignatedstorage.SplitfileEnable Un‐checkedbydefault Checkenableboxtosplitfilewheneverlogfilereachingthespecifiedlimit.SplitfileSize 200KBissetbydefault Enterthefilesizelimitforeachsplitlogfile.ValueRange:10~1000.Logtypecategory Un‐checkedbydefault Checkwhichtypeoflogstosend:System,Attacks,Drop,Loginmessage,DebugLogtoStorageButtonDescriptionItem Valuesetting DescriptionDownloadlogfileN/A ClicktheDownloadlogfilebuttontodownloadlogfilestoalog.tarfile.
M2MCellularGateway 215 6.2.5Backup&RestoreIntheBackup&Restorewindow,youcanupgradethedevicefirmwarewhennewfirmwareisavailableandalsobackup/restorethedeviceconfiguration.In addition to the factory defaultsettings,youcanalsocustomizeaspecialconfigurationsettingasacustomizeddefaultvalue.Withthiscustomizeddefaultvalue,youcanresetthedevicetotheexpecteddefaultsettingifneeded.GotoAdministration>SystemOperation>Backup&Restoretab.FWBackup&RestoreItem ValueSetting DescriptionFWUpgrade ViaWebUIisselectedbydefaultIfnewfirmwareisavailable,clicktheFWUpgradebuttontoupgradethedevicefirmwareviaWebUI,orViaStorage.Afterclickingonthe“FWUpgrade”commandbutton,youneedtospecifythefilenameofnewfirmwarebyusing“Browse”button,andthenclick“Upgrade”buttontostarttheFWupgradingprocessonthisdevice.IfyouwanttoupgradeafirmwarewhichisfromGPLpolicy,pleasecheck“Acceptunofficialfirmware”BackupConfigurationSettingsDownloadisselectedbydefaultYoucanbackuporrestorethedeviceconfigurationsettingsbyclickingtheViaWebUIbutton.Download:forbackupthedeviceconfigurationtoaconfig.binfile.Upload:forrestoreadesignatedconfigurationfiletothedevice.ViaWebUI:toretrievetheconfigurationfileviaWebGUI.AutoRestoreConfigurationTheEnableboxisuncheckedbydefaultChicktheEnablebuttontoactivatethecustomizeddefaultsettingfunction.Oncethefunctionisactivated,youcansavetheexpectedsettingasacustomizeddefaultsettingbyclickingtheSaveConf.button,orclickingtheCleanConf.buttontoerasethestoredcustomizedconfiguration. 
M2MCellularGateway 216 6.2.6Reboot&ResetForsomespecialreasonorsituation,youmayneedtorebootthegatewayorresetthedeviceconfigurationtoitsdefault value.Inadditionto performtheseoperationsthroughthePowerON/OFF,orpressingtheresetbuttononthedevicepanel,youcandoitthroughthewebGUItoo.GotoAdministration>SystemOperation>Reboot&Resettab.In the Reboot & Reset window, you can reboot this device by clicking the “Reboot” button, and reset thisdevicetodefaultsettingsbyclickingthe“Reset”button.SystemOperationWindowItem ValueSetting DescriptionReboot NowisselectedbydefaultChicktheRebootbuttontorebootthegatewayimmediatelyoronapre‐definedtimeschedule.Now:RebootimmediatelyTimeSchedule:Selectapre‐definedauto‐reboottimescheduleruletoreboottheautodeviceonadesignatedtim.Todefineatimeschedulerule,gotoObjectDefinition>Scheduling>Configurationtab.ResettoDefault N/A ClicktheResetbuttontoresetthedeviceconfigurationtoitsdefaultvalue. 
M2MCellularGateway 217 6.3FTP(notsupported)Not supported feature for the purchased product, leave it as blank. 
M2MCellularGateway 218 6.4Diagnostic Thisgatewaysupportssimplenetworkdiagnosistoolsfortheadministratortotroubleshootandfindtherootcauseoftheabnormalbehaviorortrafficspassingthroughthe gateway.TherecanbeaPacketAnalyzertohelprecordthepacketsforadesignatedinterfaceorspecificsource/destinationhost,andanotherPingandTracerttoolsfortestingthenetworkconnectivityissues.6.4.1DiagnosticToolsTheDiagnosticToolsprovidesomefrequentlyusednetworkconnectivitydiagnostictools(approaches)forthenetworkadministratortocheckthedeviceconnectivity.GotoAdministration>Diagnostic>DiagnosticToolstab.DiagnosticToolsItem Valuesetting DescriptionPingTest OptionalSettingThisallowsyoutospecifyanIP/FQDNandthetestinterface(LAN,WAN,orAuto),sosystemwilltrytopingthespecifieddevicetotestwhetheritisaliveafterclickingonthePingbutton.Atestresultwindowwillappearbeneathit.TracertTest OptionalsettingTraceroute(tracert)commandisanetworkdiagnostictoolfordisplayingtheroute(path)andmeasuringtransitdelaysofpacketsacrossanIPnetwork.Tracerouteproceedsuntilall(three)sentpacketsarelostformorethantwice,thentheconnectionislostandtheroutecannotbeevaluated.First,youneedtospecifyanIP/FQDN,thetestinterface(LAN,WAN,orAuto)andtheprotocol(UDPorICMP),andbydefault,itisUDP.Then,systemwilltrytotracethespecifiedhosttotestwhetheritisaliveafterclickingonTracertbutton.Atestresultwindowwillappearbeneathit.WakeonLAN OptionalsettingWakeonLAN(WOL)isanEthernetnetworkingstandardthatallowsacomputertobeturnedonorawakenedbyanetworkmessage.YoucanspecifytheMACaddressofthecomputer,inyourLANnetwork,toberemotelyturnedonbyclickingontheWakeupcommandbutton.Save N/A ClicktheSavebuttontosavetheconfiguration. 
M2MCellularGateway 219 Chapter7Service 7.1 CellularToolkit Besides cellular data connection, you mayalsoliketomonitordatausageofcellularWAN,sendingtextmessagethroughSMS,changing PIN code of SIM card,communicating with carrier/ISP by USSDcommand, or doing a cellular network scanfordiagnosticpurpose.In Cellular Toolkit section, it includes severaluseful features that are related to cellularconfiguration or application. You canconfigure settings of Data Usage, SMS, SIMPIN, USSD, and Network Scan here. PleasenoteatleastavalidSIMcardisrequiredtobeinsertedtodevicebeforeyoucontinuesettingsinthissection.
M2MCellularGateway 220 7.1.1DataUsageMostofdataplanforcellularconnectioniswithalimitedamountofdatausage.Ifdatausagehasbeenoverlimitedquota,eitheryouwillgetmuchlowerdatathroughputthatmayaffectyourdailyoperation,oryouwillgeta‘billshock’inthenextmonthbecausecarrier/ISPchargesalotfortheover‐quotadatausage.WithhelpfromDataUsagefeature,devicewillmonitorcellulardatausagecontinuouslyandtakeactions.Ifdatausagereacheslimitedquota,devicecanbesettodropthecellulardataconnectionrightaway.Otherwise,if secondary SIM card is inserted, device will switch to secondary SIM and establish another cellular dataconnectionwithsecondarySIMautomatically.IfDataUsagefeatureisenabled,allhistoryofcellulardatausage can be viewed at Status>Statistics &Reports>CellularUsagetab.3G/4GDataUsageDataUsagefeatureenablinggatewaydevicetocontinuously monitor cellular data usage and takeactions.Inthediagram,quotalimitofSIMAis1Gbpermonthandbillstartdateis20thofeverymonth.Thedeviceissmarttostartanewcalculationofdata usage on every 20th of month. EnableConnection Restrict will force gateway device todropcellularconnectionofSIMAwhendatausagereaches quota limit (1Gb in this case). If SIMfailover feature is configured in Internet Setup,then gateway will switch to SIM B and establish anewcellulardataconnectionautomatically.
M2MCellularGateway 221 DataUsageSettingGotoService>CellularToolkit>DataUsagetab.BeforefinishedsettingsforDataUsage,youneedtoknowbillstartdate,billperiod,andquotalimitofdatausageaccordingtoyourdataplan.YoucanaskthisinformationfromyourcarrierorISP.Create/Edit3G/4GDataUsageProfileWhenAddbuttonisapplied,3G/4GDataUsageProfileConfigurationscreenwillappear.Youcancreateuptofourdatausageprofiles,oneprofileforeachSIMcardusedintheGateway.3G/4GDataUsageProfileConfigurationItemSetting Valuesetting DescriptionSIMSelect 3G/4G‐1andSIMAbydefault.Chooseacellularinterface (3G/4G‐1or3G/4G‐2),andaSIMcardboundtotheselectedcellularinterfacetoconfigureitsdatausageprofile.CarrierName Itisanoptionalitem. FillintheCarrierNamefortheselectedSIMcardforidentification.CyclePeriod Daysbydefault Thefirstboxhas threetypes forcycleperiod.TheyareDays,WeeklyandMonthly.Days:ForperDayscycleperiods,youhavetofurtherspecifythenumberofdaysinthesecondbox.ValueRange:1~90days.Weekly,Monthly:Thecycleperiodisoneweekoronemonth.StartDate N/A Specifythedateto startmeasurenetworktraffic.Pleasedon’tselectthedaybeforenow,otherwise,thetrafficstatisticswillbeincorrect.
M2MCellularGateway 222 DataLimitation N/A Specifytheallowabledatalimitationforthedefinedcycleperiod.ConnectionRestrictUn‐Checkedbydefault. ChecktheEnable boxtoactivate theconnectionrestrictionfunction.Duringthespecifiedcycleperiod,iftheactualdatausageexceedstheallowabledatalimitation,thecellularconnectionwillbeforcedtodisconnect.Enable Un‐Checkedbydefault. ChecktheEnable boxtoactivate thedatausageprofile. 
M2MCellularGateway 223 7.1.2SMSShortMessageService(SMS)isatextmessagingservice,whichisusedtobewidely‐usedonmobilephones.Itusesstandardizedcommunicationsprotocolstoallowmobilephonesorcellulardevicestoexchangeshorttextmessagesinaninstantandconvenientway.SMSSettingGotoService>CellularToolkit>SMStabWiththisgatewaydevice,youcansendSMStextmessagesorbrowsereceivedSMSmessagesasyouusuallydoonacellularphone.SetupSMSConfigurationConfigurationItem Valuesetting DescriptionPhysicalInterfaceTheboxis3G/4G‐1bydefaultChooseacellularinterface(3G/4G‐1or3G/4G‐2)forthefollowingSMSfunctionconfiguration.SMS TheboxischeckedbydefaultThisistheSMSswitch.IftheboxcheckedthattheSMSfunctionenable,iftheboxuncheckedthattheSMSfunctiondisable.SIMStatus N/A DependoncurrentlySIMstatus.ThepossiblevaluewillbeSIM_AorSIM_B.SMSStorage TheboxisSIMCardOnlybydefaultThisistheSMSstoragelocation.CurrentlytheoptiononlySIMCardOnly.Save N/A ClicktheSavebuttontosavethesettings
M2MCellularGateway 224 SMSSummaryShowUnreadSMS,ReceivedSMS,RemainingSMS,andeditSMScontexttosend,readSMSfromSIMcard.SMSSummaryItem Valuesetting DescriptionUnreadSMS N/A IfSIMcardinserttorouterfirsttime,unreadSMSvalueiszero.WhenreceivedthenewSMSbutdidn’tread,thisvalueplusone.ReceivedSMS N/A ThisvaluerecordtheexistingSMSnumbersfromSIMcard,WhenreceivedthenewSMS,thisvalueplusone.RemainingSMS N/A ThisvalueisSMScapacityminusreceivedSMS,WhenreceivedthenewSMS,thisvalueminusone.NewSMS N/AClickNewSMSbutton,aNewSMSscreenappears.UsercansettheSMSsettingfromthisscreen.RefertoNewSMSinthenextpage.SMSInbox N/AClickSMSInboxbutton,aSMSInboxListscreenappears.UsercanreadordeleteSMS,replySMSorforwardSMSfromthisscreen.RefertoSMSInboxListinthenextpage.Refresh N/A ClicktheRefreshbuttontoupdatetheSMSsummaryimmediately.NewSMSYoucansettheSMSsettingfromthisscreen.
M2MCellularGateway 225 NewSMSItem Valuesetting DescriptionReceivers N/A WritethereceiverstosendSMS.UserneedtoaddthesemicolonandcomposemultiplereceiversthatcangroupsendSMS.TextMessage N/A WritetheSMScontexttosendSMS.Theroutersupportsuptoamaximumof1023characterforSMScontextlength.Send N/A ClicktheSendbutton,abovetextmessagewillbesentasaSMS.Result N/AIfSMShasbeensentsuccessfully,itwillshowSendOK,otherwiseSendFailedwillbedisplayed.SMSInboxListYoucanreadordeleteSMS,replySMSorforwardSMSfromthisscreen.SMSInboxListItem Valuesetting DescriptionID N/A ThenumberorSMS.FromPhoneNumber N/A WhatthephonenumberfromSMSTimestamp N/AWhattimereceiveSMSSMSTextPreview N/A PreviewtheSMStext.ClicktheDetailbuttontoreadacertainmessage.Action TheboxisuncheckedbydefaultClicktheDetailbuttontoreadtheSMSdetail;ClicktheReply/Forwardbuttontoreply/forwardSMS.Besides,youcancheckthebox(es),andthenclicktheDeletebuttontodeletethecheckedSMS(s).Refresh N/A RefreshtheSMSInboxList.Delete N/A DeletetheSMSforallcheckedboxfromAction.Close N/A ClosetheDetailSMSMessagescreen.
M2MCellularGateway 226 7.1.3SIMPIN Withmostcasesintheworld,usersneedtoinsertaSIMcard(a.k.a.UICC)intoenddevicestogetoncellularnetworkforvoiceserviceordatasurfing.TheSIMcardisusually released by mobile operators or serviceproviders. Each SIMcard hasa unique number(so‐called ICCID) fornetworkowners orserviceproviders toidentifyeachsubscriber.AsSIMcardplaysanimportantrolebetweenserviceprovidersandsubscribers,somesecuritymechanismsarerequiredonSIMcardtopreventanyunauthorizedaccess.EnablingaPINcodeinSIMcardisaneasyandeffectivewayofprotectingcellulardevicesfromunauthorizedaccess.ThisgatewaydeviceallowsyoutoactivateandmanagePINcodeonaSIMcardthroughitswebGUI.ActivatePINcodeonSIMCardThisgatewaydeviceallowsyoutoactivatePINcodeonSIMcard.Thisexampleshowshow toactivatePINcodeon SIM‐Afor3G/4G‐1withdefaultPINcode“0000”.ChangePINcodeonSIMCardThisgatewaydeviceallowsyoutochangePINcodeonSIMcard.Followingtheexampleabove,youneed to type original PIN code“0000”,andthentypenewPINcodewith‘1234’ifyouliketosetnewPINcodeas‘1234’.ToconfirmthenewPINcodeyoutypeiswhatyouwant,youneedtotypenewPINcode‘1234’inVerifiedNewPINCodeagain.UnlockSIMcardbyPUKCodeIfyouenteredincorrectPINcodeatconfigurationpagefor3G/4G‐1WANoverthreetimes,andthenitwillcauseSIMcardtobelockedbyPUKcode.ThenyouhavetocallservicenumbertogetaPUKcodetounlockSIMcard.Inthediagram,thePUKcodeis“12345678”andnewPINcodeis“5678”.
M2MCellularGateway 227 SIMPINSettingGotoService>CellularToolkit>SIMPINTabWiththeSIMPINFunctionwindow,itallowsyoutoenableordisableSIMlock(whichmeansprotectedbyPINcode),orchangePINcode.Youcanalsoseetheinformationofremaining times of failure trials as wementionedearlier.Ifyourunoutofthesefailuretrials,youneedtogetaPUKcodetounlockSIMcard.SelectaSIMCardConfigurationWindowItem Valuesetting DescriptionPhysicalInterfaceTheboxis3G/4G‐1bydefaultChooseacellularinterface(3G/4G‐1or3G/4G‐2)tochangetheSIMPINsettingfortheselectedSIMCard.Thenumberofphysicalmodemsdependsonthegatewaymodelyoupurchased.SIMStatus N/A IndicationfortheselectedSIMcardandtheSIMcardstatus.The status could be Ready, Not Insert, or SIM PIN. Ready -- SIM card is inserted and ready to use. It can be a SIM card without PIN protection or that SIM card is already unlocked by correct PIN code. Not Insert -- No SIM card is inserted in that SIM slot. SIM PIN -- SIM card is protected by PIN code, and it’s not unlocked by a correct PIN code yet. That SIM card is still at locked status. SIMSelection N/A SelecttheSIMcardforfurtherSIMPINconfiguration.PresstheSwitchbutton,thentheGatewaywillswitchSIMcardtoanotherone.Afterthat,youcanconfiguretheSIMcard. 
M2MCellularGateway 228 Enable/ChangePINCode Enable or Disable PIN code (password) function, and even change PIN code function. SIMfunctionWindowItemSetting Valuesetting DescriptionSIMlock DependonSIMcard ClicktheEnable buttontoactivatetheSIMlockfunction.ForthefirsttimeyouwanttoenabletheSIMlockfunction,youhavetofillinthePINcodeaswell,andthenclickSavebuttontoapplythesetting.Remainingtimes DependonSIMcard RepresenttheremainingtrialtimesfortheSIMPINunlocking.Save N/A ClicktheSavebuttontoapplythesetting.ChangePINCode N/A ClicktheChangePINcodebuttontochangethePINcode(password).IftheSIMLockfunctionisnotenabled,theChangePINcodebuttonisdisabled.Inthecase,ifyoustillwanttochangethePINcode,youhavetoenabletheSIMLockfunctionfirst,fillinthePINcode,andthenclicktheSavebuttontoenable.Afterthat,YoucanclicktheChangePINcodebuttontochangethePINcode.WhenChangePINCodebuttonisclicked,thefollowingscreenwillappear.Item ValueSetting DescriptionCurrentPINCodeAMustfilledsetting Fillinthecurrent (old)PINcodeoftheSIMcard.NewPINCode AMustfilledsetting FillinthenewPINCodeyouwanttochange.VerifiedNewPINCodeAMustfilledsettingConfirmthenewPINCodeagain.Apply N/A ClicktheApplybuttontochangethePINcodewithspecifiednewPINcode.Cancel N/A ClicktheCancel buttontocancelthechangesandkeepcurrentPINcode.Note:IfyouchangedthePINcodeforacertainSIMcard,youmustalsochangethecorrespondingPINcode
M2MCellularGateway 229 specified in the Basic Network>WAN & Uplink>Internet Setup>Connection with SIM Cardpage.Otherwise,itmayresultinwrongSIMPINtrialswithinvalid(old)PINcode. UnlockwithaPUKCodeThePUKFunctionwindowisonlyavailableforconfigurationifthatSIMcardislockedbyPUKcode.ItmeansthatSIMcardislockedandneedsadditionalPUKcodetounlock.UsuallyithappensaftertoomanytrialsofincorrectPINcode,andtheremainingtimesinSIMFunctiontable turnsto0. Inthissituation, youneed tocontactyourserviceproviderandrequestaPUKcodeforyourSIMcard,andtrytounlockthelockedSIMcardwiththeprovidedPUKcode.AfterunlockingaSIMcardbyPUKcodesuccessfully,theSIMlockfunctionwillbeactivatedautomatically. PUKFunctionWindowItem Valuesetting DescriptionPUKstatus PUKUnlock/PUKLockIndicationforthePUKstatus.ThestatuscouldbePUKLockorPUKUnlock.Asmentionedearlier,theSIMcardwillbelockedbyPUKcodeaftertoomanytrialsoffailurePINcode.Inthiscase,thePUKStatuswillturnstoPUKLock.Inanormalsituation,itwilldisplayPUKUnlock.Remainingtimes DependonSIMcard Represent theremainingtrialtimesforthePUKunlocking.Note:DONOTmaketheremainingtimesdowntozero,itwilldamagetheSIMcardFOREVER!CallforyourISP’shelptogetacorrectPUKandunlocktheSIMifyoudon’thavethePUKcode.PUKCode AMustfilledsetting FillinthePUKcode(8digits)thatcanunlocktheSIMcardinPUKunlockstatus.NewPINCode AMustfilledsetting FillintheNewPINCode(4~8digits)fortheSIMcard.YouhavetodetermineyournewPINcodetoreplacetheold,forgottenone.KeepthePINcode(password)inmindwithcare.Save N/A ClicktheSavebuttontoapplythesetting. Note:IfyouchangedthePUKcodeandPINcodeforacertainSIMcard, you must also change thecorrespondingPINcodespecifiedintheBasicNetwork>WAN&Uplink>InternetSetup>ConnectionwithSIMCardpage.Otherwise,itmayresultinwrongSIMPINtrialswithinvalid(old)PINcode. 
M2MCellularGateway 230 7.1.4USSDUnstructured Supplementary Service Data (USSD) is a protocol used by GSM cellular telephones tocommunicate with theservice provider's computers. USSD can be usedforWAPbrowsing,prepaidcallbackservice, mobile‐money services, location‐based content services, menu‐based information services, and aspartofconfiguringthephoneonthenetwork.An USSD message is up to 182 alphanumeric characters in length. Unlike Short Message Service (SMS)messages, USSD messages create a real‐time connection during an USSD session. The connection remainsopen,allowingatwo‐wayexchangeofasequenceofdata.ThismakesUSSDmoreresponsivethanservicesthatuseSMS.USSDScenarioUSSDallowsyoutohaveaninstantbi‐directionalcommunicationwithcarrier/ISP.Inthediagram,theUSSDcommand ‘*135#’isreferredtodataroamingservices.AftersendingthatUSSDcommandtocarrier,youcangeta response at window USSD Response. Please note theUSSDcommandvariesfordifferentcarriers/ISP.
M2MCellularGateway 231 USSDSettingGotoService>CellularToolkit>USSDtab.In"USSD"page,therearefourwindowsfortheUSSDfunction.The"Configuration"windowcanletyouspecifywhich3G/4Gmodule(physicalinterface)isusedfortheUSSDfunction,andsystemwillshowwhichSIMcardinthemoduleisthecurrentusedone.Thesecondwindowisthe"USSDProfileList"anditshowsallyourdefinedUSSDprofilesthatstorepre‐commandsforactivatinganUSSDsession.An"Add"buttoninthewindowcanletyouaddonenewUSSDprofileanddefinethecommandfortheprofileinthethirdwindow,the"USSDProfileConfiguration".WhenyouwanttostarttheactivationofanUSSD connection session to the USSD server,selecttheUSSDprofileortypeinthecorrectpre‐command,andthenclickonthe"Send"buttonforthesession. The responses from the USSD server will be displayed beneath the "USSD Command" line. Whencommandstypedinthe"USSDCommand"fieldaresent,receivedresponses will be displayed in the "USSDResponse"blankspace.UsercancommunicatewiththeUSSDserverbysendingUSSDcommandsandgettingUSSDresponsesviathegateway.USSDConfigurationConfigurationItem Valuesetting DescriptionPhysicalInterface Theboxis3G/4G‐1bydefault.Chooseacellularinterface(3G/4G‐1or3G/4G‐2)toconfiguretheUSSDsettingfortheconnectedcellularservice(identifiedwithSIM_AorSIM_B).SIMStatus N/A Showtheconnectedcellularservice(identifiedwithSIM_AorSIM_B).Create/EditUSSDProfileThecellulargatewayallowsyoutocustomyourUSSDprofile.Itsupportsuptoamaximumof35USSDprofiles.WhenAddbuttonisapplied,USSDProfileConfigurationscreenwillappear.
M2MCellularGateway 232 USSDProfileConfigurationItem Valuesetting DescriptionProfileName N/A EnteranamefortheUSSDprofile.USSDCommand N/AEntertheUSSDcommanddefinedfortheprofile.Normally,itisacommandstringcomposedwithnumerickeypad“0~9”,“*”,and“#”.TheUSSDcommandsarehighlyrelatedtothecellularservice,pleasecheckwithyourserviceproviderforthedetails.Comments N/A Enterabriefcommentfortheprofile.SendUSSDRequestWhensendtheUSSDcommand,theUSSDResponsescreenwillappear.WhenclicktheClearbutton,theUSSDResponsewilldisappear.USSDRequestItem Valuesetting DescriptionUSSDProfile N/A SelectaUSSDprofilenamefromthedropdownlist.USSDCommand N/A TheUSSDCommandstringoftheselectedprofilewillbeshownhere.USSDResponse N/AClicktheSendbuttontosendtheUSSDcommand,andtheUSSDResponsescreenwillappear.Youwillseetheresponsemessageofthecorrespondingservice,receivetheserviceSMS.
M2MCellularGateway 233 7.1.5NetworkScan"Network Scan" function can let administrator specify the device how to connect to the mobile system fordata communication in each 3G/4G interface. For example, administrator can specify which generation ofmobilesystemisusedforconnection,2G,3GorLTE.Moreover,hecandefinetheirconnectionsequenceforthe gateway device to connect to the mobile system automatically.Administratoralsocanscanthemobilesystemsintheairmanually,selectthetargetoperatorsystemandapplyit.Themanualscanningapproachisusedforproblemdiagnosis.NetworkScanSettingGotoService>CellularToolkit>NetworkScantab.In"NetworkScan"page,therearetwowindowsfortheNetworkScanfunction.The"Configuration"windowcanletyouselectwhich3G/4Gmodule(physicalinterface)isusedtoperformNetworkScan,andsystemwillshowthecurrentusedSIMcardinthemodule.Youcanconfigureeach3G/4GWANinterfacebyexecutingthenetworkscanningoneafteranother.Youcanalsospecifytheconnectionsequenceofthetargetedgenerationofmobilesystem,2G/3G/LTE.NetworkScanConfigurationConfigurationItem Valuesetting DescriptionPhysicalInterfaceTheboxis3G/4G‐1bydefaultChooseacellularinterface(3G/4G‐1or3G/4G‐2)forthenetworkscanfunction.Note:3G/4G‐2isonlyavailableforfortheproductwithdualcellularmodule.SIMStatus N/A Showtheconnectedcellularservice(identifiedwithSIM_AorSIM_B).NetworkType Autoisselectedbydefault.Specifythenetworktypeforthenetworkscanfunction.ItcanbeAuto,2GOnly,2Gprefer,3GOnly,3Gprefer,orLTEOnly.WhenAutoisselected,thenetworkwillberegisterautomatically;Ifthepreferoptionisselected,networkwillberegisterforyouroptionfirst;Iftheonlyoptionisselected,networkwillberegisterforyouroptiononly.ScanApproach Autoisselectedbydefault.WhenAutoselected,cellularmoduleregisterautomatically.IftheManuallyoptionisselected,aNetworkProviderListscreenappears.PressScanbuttontoscanforthenearestbasestations.Select(checkthebox)thepreferredbasestationsthenclickApplybuttontoapplysettings.
M2MCellularGateway 234 Save N/A ClickSavetosavethesettingsThesecondwindowisthe"NetworkProviderList"windowanditappearswhentheManuallyScanApproachisselectedintheConfigurationwindow.Byclickingonthe"Scan"buttonandwaitfor1to3minutes,thefoundmobileoperatorsystemwillbedisplayedforyoutochoose.Clickagainonthe"Apply"buttontodrivesystemtoconnecttothatmobileoperatorsystemforthededicated3G/4Ginterface.
M2MCellularGateway 235 Chapter8Status8.1Dashboard(notsupported)Not supported feature for the purchased product, leave it as blank. 
M2MCellularGateway 236 8.2BasicNetwork8.2.1WAN&UplinkStatusGotoStatus>BasicNetwork>WAN&Uplinktab.The WAN & Uplink Status window shows the current status for different network type, including networkconfiguration, connecting information, modem status and trafficstatistics.Thedisplaywillberefreshedoneveryfiveseconds.WANinterfaceIPv4NetworkStatusWANinterfaceIPv4NetworkStatusscreenshowsstatusinformationforIPv4network.WANinterfaceIPv4NetworkStatusItem Valuesetting DescriptionID N/A ItdisplayscorrespondingWANinterfaceWANIDs.Interface N/A ItdisplaysthetypeofWANphysicalinterface.Dependingonthemodelpurchased,itcanbeEthernet,3G/4G,etc...WANType N/AItdisplaysthemethodwhichpublicIPaddressisobtainedfromyourISP.Dependingonthemodelpurchased,itcanbeStaticIP,DynamicIP,PPPoE,PPTP,L2TP,3G/4G.NetworkType N/AItdisplaysthenetworktypefortheWANinterface(s).Dependingonthemodelpurchased,itcanbeNAT,Routing,Bridge,orIPPass‐through.IPAddr. N/A ItdisplaysthepublicIPaddressobtainedfromyourISPforInternetconnection.Defaultvalueis0.0.0.0ifleftunconfigured.SubnetMask N/A ItdisplaystheSubnetMaskforpublicIPaddressobtainedfromyourISPforInternetconnection.Defaultvalueis0.0.0.0ifleftunconfigured.Gateway N/A ItdisplaystheGatewayIPaddressobtainedfromyourISPforInternetconnection.Defaultvalueis0.0.0.0ifleftunconfigured.DNS N/A ItdisplaystheIPaddressofDNSserverobtainedfromyourISPforInternetconnection.Defaultvalueis0.0.0.0ifleftunconfigured.MACAddress N/A ItdisplaystheMACAddressforyourISPtoallowyouforInternetaccess.Note:NotallISPmayrequirethisfield.Conn.Status N/A ItdisplaystheconnectionstatusofthedevicetoyourISP.
M2MCellularGateway 237 StatusareConnectedordisconnected.Action N/AThisareaprovidesfunctionalbuttons.RenewbuttonallowsusertoforcethedevicetorequestanIPaddressfromtheDHCPserver.Note:RenewbuttonisavailablewhenDHCPWANTypeisusedandWANconnectionisdisconnected.ReleasebuttonallowsusertoforcethedevicetoclearitsIPaddresssettingtodisconnectfromDHCPserver.Note:ReleasebuttonisavailablewhenDHCPWANTypeisusedandWANconnectionisconnected.ConnectbuttonallowsusertomanuallyconnectthedevicetotheInternet.Note:ConnectbuttonisavailablewhenConnectionControlinWANTypesettingissettoConnectManually(RefertoEditbuttoninBasicNetwork>WAN&Uplink>InternetSetup)andWANconnectionstatusisdisconnected.DisconnectbuttonallowsusertomanuallydisconnectthedevicefromtheInternet.Note:ConnectbuttonisavailablewhenConnectionControlinWANTypesettingissettoConnectManually(RefertoEditbuttoninBasicNetwork>WAN&Uplink>InternetSetup)andWANconnectionstatusisconnected.WANinterfaceIPv6NetworkStatusWANinterfaceIPv6NetworkStatusscreenshowsstatusinformationforIPv6network.WANinterfaceIPv6NetworkStatusItem Valuesetting DescriptionID N/A ItdisplayscorrespondingWANinterfaceWANIDs.Interface N/A ItdisplaysthetypeofWANphysicalinterface.Dependingonthemodelpurchased,itcanbeEthernet,3G/4G,etc...WANType N/A ItdisplaysthemethodwhichpublicIPaddressisobtainedfromyourISP.WANtypesettingcanbechangedfromBasicNetwork>IPv6>Configuration.Link‐localIPAddress N/A ItdisplaystheLANIPv6Link‐Localaddress.GlobalIPAddress N/A ItdisplaystheIPv6globalIPaddressassignedbyyourISPforyourInternetconnection.Conn.Status N/A Itdisplaystheconnectionstatus.Thestatuscanbeconnected,disconnectedandconnecting.Action N/A Thisareaprovidesfunctionalbuttons.
M2MCellularGateway 238 EditButtonwhenpressed,web‐basedutilitywilltakeyoutotheIPv6configurationpage.(BasicNetwork>IPv6>Configuration.)LANInterfaceNetworkStatusLANInterfaceNetworkStatusscreenshowsIPv4andIPv6informationofLANnetwork.LANInterfaceNetworkStatusItem Valuesetting DescriptionIPv4Address N/A ItdisplaysthecurrentIPv4IPAddressofthegatewayThisisalsotheIPAddressuserusetoaccessRouter’sWeb‐basedUtility.IPv4SubnetMask N/A Itdisplaysthecurrentmaskofthesubnet.IPv6Link‐localAddress N/A ItdisplaysthecurrentLANIPv6Link‐Localaddress.ThisisalsotheIPv6IPAddressuserusetoaccessRouter’sWeb‐basedUtility.IPv6GlobalAddress N/A ItdisplaysthecurrentIPv6globalIPaddressassignedbyyourISPforyourInternetconnection.MACAddress N/A ItdisplaystheLANMACAddressofthegatewayAction N/AThisareaprovidesfunctionalbuttons.EditIPv4Buttonwhenpress,web‐basedutilitywilltakeyoutotheEthernetLANconfigurationpage.(BasicNetwork>LAN&VLAN>EthernetLANtab).EditIPv6Buttonwhenpress,web‐basedutilitywilltakeyoutotheIPv6configurationpage.(BasicNetwork>IPv6>Configuration.)3G/4GModemStatus3G/4GModemStatusListscreenshowsstatusinformationfor3G/4GWANnetwork(s).3G/4GModemStatusListItem Valuesetting DescriptionPhysicalInterface N/A ItdisplaysthetypeofWANphysicalinterface.Note:Somedevicemodelmaysupporttwo3G/4Gmodules.Theirphysicalinterface
M2MCellularGateway 239 namewillbe3G/4G‐1and3G/4G‐2.CardInformation N/A Itdisplaysthevendor’s3G/4Gmodemmodelname.LinkStatus N/A Itdisplaysthe3G/4Gconnectionstatus.ThestatuscanbeConnecting,Connected,Disconnecting,andDisconnected.SignalStrength N/A Itdisplaysthe3G/4Gwirelesssignallevel.NetworkName N/A Itdisplaysthenameoftheservicenetworkcarrier.Refresh N/A ClicktheRefreshbuttontorenewtheinformation.Action N/AThisareaprovidesfunctionalbuttons.DetailButtonwhenpress,windowsofdetailinformationwillappear.TheyaretheModemInformation,SIMStatus,andServiceInformation.Refertonextpageformore.When the Detail button is pressed, 3G/4G modem information windows such as Modem Information, SIMStatus,ServiceInformation,SignalStrength/Quality,andErrorMessagewillappear.InterfaceTrafficStatisticsInterfaceTrafficStatisticsscreendisplaystheInterface’stotaltransmittedpackets.InterfaceTrafficStatisticsItem Valuesetting DescriptionID N/A ItdisplayscorrespondingWANinterfaceWANIDs.Interface N/A ItdisplaysthetypeofWANphysicalinterface.Dependingonthemodelpurchased,itcanbeEthernet,3G/4G,etc…ReceivedPackets(Mb) N/A Itdisplaysthedownstreampackets(Mb).Itisresetwhenthedeviceisrebooted.TransmittedPackets(Mb) N/A Itdisplaystheupstreampackets(Mb).Itisresetwhenthedeviceisrebooted. 
M2MCellularGateway 240 8.2.2LAN&VLANStatusGotoStatus> BasicNetwork>LAN&VLANtab.ClientListTheClientListshowsyoutheLANInterface,IPaddress,HostName,MACAddress,andRemainingLeaseTimeofeachdevicethatisconnectedtothisgateway.LANClientListItem Valuesetting DescriptionLANInterface N/A ClientrecordofLANInterface.StringFormat.IPAddress N/A ClientrecordofIPAddressTypeandtheIPAddress.TypeisStringFormatandtheIPAddressisIPv4Format.HostName N/A ClientrecordofHostName.StringFormat.MACAddress N/A ClientrecordofMACAddress.MACAddressFormat.RemainingLeaseTime N/A ClientrecordofRemainingLeaseTime.TimeFormat. 
M2MCellularGateway 241 8.2.3WiFiStatus(notsupported)Not supported feature for the purchased product, leave it as blank. 
M2MCellularGateway 242 8.2.4DDNSStatusGotoStatus> BasicNetwork>DDNStab.TheDDNSStatuswindowshowsthecurrentDDNSserviceinuse,thelastupdatestatus,andthelastupdatetimetotheDDNSserviceserver.DDNSStatusDDNSStatusItem ValueSetting DescriptionHostName N/A It displays the name you entered to identifyDDNSserviceproviderProvider N/A It displays the DDNS server of DDNSserviceproviderEffectiveIP N/A It displays the public IP address of the device updated to the DDNS serverLastUpdateStatus N/A It displays whether the last update of the device public IP address to the DDNS server has been successful (Ok) or failed (Fail). LastUpdateTime N/A It displays time stamp of the last update of public IP address to the DDNS server.Refresh N/A Therefreshbuttonallowsusertoforcethedisplaytorefreshinformation.
M2MCellularGateway 243 8.3Security8.3.1VPNStatusGotoStatus> Security>VPNtab.TheVPNStatus widow shows the overall VPN tunnel status. The display will berefreshedoneveryfiveseconds.IPSecTunnelStatusIPSec Tunnel Status windows show the configuration for establishing IPSec VPN connection and currentconnectionstatus.IPSecTunnelStatusItem Valuesetting DescriptionTunnelName N/A Itdisplaysthetunnelnameyouhaveenteredtoidentify.TunnelScenario N/A ItdisplaystheTunnelScenariospecified.LocalSubnets N/A ItdisplaystheLocalSubnetsspecified.RemoteIP/FQDN N/A ItdisplaystheRemoteIP/FQDNspecified.RemoteSubnets N/A ItdisplaystheRemoteSubnetsspecified.Conn.Time N/A ItdisplaystheconnectiontimefortheIPSectunnel.Status N/A ItdisplaystheStatusoftheVPNconnection.Thestatusdisplaysare
M2MCellularGateway 244 Connected,Disconnected,Waitfortraffic,andConnecting.EditButton N/A ClickonEditButtontochangeIPSecsetting,web‐basedutilitywilltakeyoutotheIPSecconfigurationpage.(Security>VPN>IPSectab)OpenVPNClientStatusOpenVPNClientStatusItem Valuesetting DescriptionOpenVPNClientNameN/A Itdisplaysthe Client nameyouhaveenteredforidentification.Interface N/A ItdisplaystheWANinterfacespecifiedfortheOpenVPNclientconnection.RemoteIP/FQDNN/A Itdisplaysthe peer OpenVPN Server’sPublicIPaddress(theWANIPaddress)orFQDN.RemoteSubnet N/A ItdisplaystheRemoteSubnetspecified.TUN/TAPRead(bytes)N/A ItdisplaystheTUN/TAPReadBytesofOpenVPNClient.TUN/TAPWrite(bytes)N/A Itdisplaysthe TUN/TAPWriteBytesofOpenVPNClient.TCP/UDPRead(bytes)N/A ItdisplaystheTCP/UDPReadBytesofOpenVPNClient.TCP/UDPWrite(bytes)N/A ItdisplaystheTCP/UDPWriteBytesofOpenVPNClient.ConnectionConn.Time N/A Itdisplays the connectiontimeforthecorrespondingOpenVPNtunnel.Conn.Status N/A ItdisplaystheconnectionstatusofthecorrespondingOpenVPNtunnel.ThestatuscanbeConnected,orDisconnected.
M2MCellularGateway 245 L2TPClientStatusLT2TPClientStatusshowstheconfigurationforestablishingLT2TPtunnelandcurrentconnectionstatus.L2TPClientStatusItem Valuesetting DescriptionClientName N/A ItdisplaysNamefortheL2TPClientspecified.Interface N/A ItdisplaystheWANinterfacewithwhichthegatewaywillusetorequestPPTPtunnelingconnectiontothePPTPserver.VirtualIP N/A ItdisplaystheIPaddressassignedbyVirtualIPserverofL2TPserver.RemoteIP/FQDN N/A ItdisplaystheL2TPServer’sPublicIPaddress(theWANIPaddress)orFQDN.DefaultGateway/RemoteSubnetN/AItdisplaysthespecifiedIPaddressofthegatewaydeviceusedtoconnecttotheinternettoconnecttotheL2TPserver–thedefaultgateway.OrotherspecifiedsubnetifthedefaultgatewayisnotusedtoconnecttotheL2TPserver–theremotesubnet.Conn.Time N/A ItdisplaystheconnectiontimefortheL2TPtunnel.Status N/A ItdisplaystheStatusoftheVPNconnection.ThestatusdisplaysConnected,Disconnect,andConnecting.Edit N/A ClickonEditButtontochangeL2TPclientsetting,web‐basedutilitywilltakeyoutotheL2TPclientpage.(Security>VPN>L2TPtab)
M2MCellularGateway 246 PPTPClientStatusPPTPClientStatusshowstheconfigurationforestablishingPPTPtunnelandcurrentconnectionstatus.PPTPClientStatusItem Valuesetting DescriptionClientName N/A ItdisplaysNameforthePPTPClientspecified.Interface N/A ItdisplaystheWANinterfacewithwhichthegatewaywillusetorequestPPTPtunnelingconnectiontothePPTPserver.VirtualIP N/A ItdisplaystheIPaddressassignedbyVirtualIPserverofPPTPserver.RemoteIP/FQDN N/A ItdisplaysthePPTPServer’sPublicIPaddress(theWANIPaddress)orFQDN.DefaultGateway/RemoteSubnet N/AItdisplaysthespecifiedIPaddressofthegatewaydeviceusedtoconnecttotheinternettoconnecttothePPTPserver–thedefaultgateway.OrotherspecifiedsubnetifthedefaultgatewayisnotusedtoconnecttothePPTPserver–theremotesubnet.Conn.Time N/A ItdisplaystheconnectiontimeforthePPTPtunnel.Status N/A ItdisplaystheStatusoftheVPNconnection.ThestatusdisplaysConnected,Disconnect,andConnecting.EditButton N/A ClickonEditButtontochangePPTPclientsetting,web‐basedutilitywilltakeyoutothePPTPserverpage.(Security>VPN>PPTPtab) 
M2MCellularGateway 247 8.3.2FirewallStatusGotoStatus>Security>FirewallStatusTab.TheFirewallStatusprovidesuseraquickviewofthefirewallstatusandcurrentfirewallsettings.Italsokeepsthe log history of the dropped packets by the firewall rule policies, and includes the administrator remoteloginsettingsspecifiedintheFirewallOptions.Byclickingtheicon[+],thestatustablewillbeexpandedtodisplayloghistory.Clicking the Editbuttonthescreenwillbeswitchedtotheconfigurationpage.PacketFilterStatusPacketFilterStatusItem Valuesetting DescriptionActivatedFilterRule N/A ThisisthePacketFilterRulename.DetectedContents N/AThisistheloggedpacketinformation,includingthesourceIP,destinationIP,protocol,anddestinationport–theTCPorUDP.Stringformat:SourceIPtoDestinationIP:DestinationProtocol(TCPorUDP)IP N/A TheSourceIP(IPv4)oftheloggedpacket.Time N/A TheDateandTimestampoftheloggedpacket.Date&timeformat.("Month""Day""Hours":"Minutes":"Seconds")Note:EnsurePacketFilterLogAlertisenabled.RefertoSecurity>Firewall>PacketFiltertab.CheckLogAlertandsavethesetting.URLBlockingStatusURLBlockingStatusItem Valuesetting DescriptionActivatedBlockingRule N/A ThisistheURLBlockingRulename.BlockedURL N/A Thisistheloggedpacketinformation.
M2MCellularGateway 248 IP N/A TheSourceIP(IPv4)oftheloggedpacket.Time N/A TheDateandTimestampoftheloggedpacket.Date&timeformat.("Month""Day""Hours":"Minutes":"Seconds")Note:EnsureURLBlockingLogAlertisenabled.RefertoSecurity>Firewall>URLBlockingtab.CheckLogAlertandsavethesetting.WebContentFilterStatusWebContentFilterStatusItem Valuesetting DescriptionActivatedFilterRule N/A Loggedpacketoftherulename.Stringformat.DetectedContents N/A Loggedpacketofthefilterrule.Stringformat.IP N/A LoggedpacketoftheSourceIP.IPv4format.Time N/A LoggedpacketoftheDateTime.Datetimeformat("Month""Day""Hours":"Minutes":"Seconds")Note:EnsureWebContentFilterLogAlertisenabled.RefertoSecurity>Firewall>WebContentFiltertab.CheckLogAlertandsavethesetting.
M2MCellularGateway 249 MACControlStatusMACControlStatusItem Valuesetting DescriptionActivatedControlRule N/A ThisistheMACControlRulename.BlockedMACAddresses N/A ThisistheMACaddressoftheloggedpacket.IP N/A TheSourceIP(IPv4)oftheloggedpacket.Time N/A TheDateandTimestampoftheloggedpacket.Date&timeformat.("Month""Day""Hours":"Minutes":"Seconds")Note:EnsureMACControlLogAlertisenabled.RefertoSecurity>Firewall>MACControltab.CheckLogAlertandsavethesetting.ApplicationFiltersStatusApplicationFiltersStatusItem Valuesetting DescriptionFilteredApplicationCategory N/A ThenameoftheApplicationCategorybeingblocked.FilteredApplicationName N/A ThenameoftheApplicationbeingblocked.IP N/A TheSourceIP(IPv4)oftheloggedpacket.Time N/A TheDateandTimestampoftheloggedpacket.Date&timeformat.("Month""Day""Hours":"Minutes":"Seconds")Note:EnsureApplicationFilterLogAlertisenabled.RefertoSecurity>Firewall>ApplicationFiltertab.CheckLogAlertandsavethesetting.
M2MCellularGateway 250 IPSStatusIPSFirewallStatusItem Valuesetting DescriptionDetectedIntrusion N/A Thisistheintrusiontypeofthepacketsbeingblocked.IP N/A TheSourceIP(IPv4)oftheloggedpacket.Time N/A TheDateandTimestampoftheloggedpacket.Date&timeformat.("Month""Day""Hours":"Minutes":"Seconds")Note:EnsureIPSLogAlertisenabled.RefertoSecurity>Firewall>IPStab.CheckLogAlertandsavethesetting.FirewallOptionsStatusFirewallOptionsStatusItem Valuesetting DescriptionStealthMode N/A EnableorDisablesettingstatusofStealthModeonFirewallOptions.StringFormat:DisableorEnableSPI N/A EnableorDisablesettingstatusofSPIonFirewallOptions.StringFormat:DisableorEnableDiscard Ping fromWAN N/AEnableorDisablesettingstatusofDiscardPingfromWANonFirewallOptions.StringFormat:DisableorEnableRemoteAdministratorManagementN/AEnableorDisablesettingstatusofRemoteAdministrator.IfRemoteAdministratorisenabled,itshowsthecurrentlyloggedinadministrator’ssourceIPaddressandloginusernameandthelogintime.Format:IP:"SourceIP",UserName:"LoginUserName",Time:"Datetime"Example:IP:192.168.127.39,UserName:admin,Time:Mar301:34:13Note:EnsureFirewallOptionsLogAlertisenabled.RefertoSecurity>Firewall>Optionstab.CheckLogAlertandsavethesetting.
M2MCellularGateway 251 8.4Administration8.4.1Configure&ManageStatusGotoStatus>Administration>Configure&Managetab.TheConfigure&ManageStatuswindowshowsthestatusformanagingremotenetworkdevices.Thetypeofmanagementavailableinyourdeviceisdependedonthedevicemodelpurchased.ThecommonlyusedonesaretheSNMP,TR‐069,andUPnP.SNMPLinkingStatusSNMPLinkStatusscreenshowsthestatusofcurrentactiveSNMPconnections.SNMPLinkStatusItem Valuesetting DescriptionUserName N/A Itdisplaystheusernameforauthentication.ThisisonlyavailableforSNMPversion3.IPAddress N/A ItdisplaystheIPaddressofSNMPmanager.Port N/A ItdisplaystheportnumberusedtomaintainconnectionwiththeSNMPmanager.Community N/A ItdisplaysthecommunityforSNMPversion1orversion2conly.Auth.Mode N/A ItdisplaystheauthenticationmethodforSNMPversion3only.PrivacyMode N/A Itdisplaystheprivacymodeforversion3only.SNMPVersion N/A ItdisplaystheSNMPVersionemployed.SNMPTrapInformationSNMPTrapInformationscreenshowsthestatusofcurrentreceivedSNMPtraps.SNMPTrapInformationItem Valuesetting DescriptionTrapLevel N/A Itdisplaysthetraplevel.Time N/A Itdisplaysthetimestampoftrapevent.TrapEvent N/A ItdisplaystheIPaddressofthetrapsenderandeventtype.
M2MCellularGateway 252 TR‐069StatusTR‐069StatusscreenshowsthecurrentconnectionstatuswiththeTR‐068server.TR‐069StatusItem Valuesetting DescriptionLinkStatus N/AItdisplaysthecurrentconnectionstatuswiththeTR‐068server.TheconnectionstatusiseitherOnwhenthedeviceisconnectedwiththeTR‐068serverorOffwhendisconnected.
M2MCellularGateway 253 8.5Statistics&Report8.5.1ConnectionSessionGotoStatus>Statistics&Reports>ConnectionSessiontab.InternetSurfingStatisticshowstheconnectiontracksonthisrouter.InternetSurfingStatisticItem Valuesetting DescriptionPrevious N/A ClickthePreviousbutton;youwillseethepreviouspageoftracklist.Next N/A ClicktheNextbutton;youwillseethenextpageoftracklist.First N/A ClicktheFirstbutton;youwillseethefirstpageoftracklist.Last N/A ClicktheLastbutton;youwillseethelastpageoftracklist.Export(.xml) N/A ClicktheExport(.xml)buttontoexportthelisttoxmlfile.Export(.csv) N/A ClicktheExport(.csv)buttontoexportthelisttocsvfile.Refresh N/A ClicktheRefreshbuttontorefreshthelist.
M2MCellularGateway 254 8.5.2NetworkTraffic(notsupported)Not supported feature for the purchased product, leave it as blank. 
M2MCellularGateway 255 8.5.3DeviceAdministrationGotoStatus>Statistics&Reports>DeviceAdministrationtab.DeviceAdministrationshowsthelogininformation.DeviceManagerLoginStatisticItem Valuesetting DescriptionPrevious N/A ClickthePreviousbutton;youwillseethepreviouspageofloginstatistics.Next N/A ClicktheNextbutton;youwillseethenextpageofloginstatistics.First N/A ClicktheFirstbutton;youwillseethefirstpageofloginstatistics.Last N/A ClicktheLastbutton;youwillseethelastpageofloginstatistics.Export(.xml) N/A ClicktheExport(.xml)buttontoexporttheloginstatisticstoxmlfile.Export(.csv) N/A ClicktheExport(.csv)buttontoexporttheloginstatisticstocsvfile.Refresh N/A ClicktheRefreshbuttontorefreshtheloginstatistics.
M2MCellularGateway 256 8.5.4CellularUsageGotoStatus>Statistics&Reports>CellularUsagetab.Cellular Usage screenshowsdata usagestatisticsfortheselectedcellularinterface.Thecellulardatausagecanbeaccumulatedperhourorperday.
M2MCellularGateway 257 AppendixAGPLWRITTENOFFER This product incorporates open source software components covered by the terms of third party copyright notices and license agreements contained below. GPSBabel Version 1.4.4 Copyright (C) 2002-2005 Robert Lipe<robertlipe@usa.net> GPL License: https://www.gpsbabel.org/ Curl Version 7.19.6 Copyright (c) 1996-2009, Daniel Stenberg, <daniel@haxx.se>. MIT/X derivate License: https://curl.haxx.se/ OpenSSL Version 1.0.2c Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) GPL License: https://www.openssl.org/ brctl - ethernet bridge administration Stephen Hemminger <shemminger@osdl.org> Lennert Buytenhek <buytenh@gnu.org> version 1.1 GNU GENERAL PUBLIC LICENSE Version 2, June 1991 tc - show / manipulate traffic control settings Stephen Hemminger<shemminger@osdl.org> Alexey Kuznetsov<kuznet@ms2.inr.ac.ru> version iproute2-ss050330 GNU GENERAL PUBLIC LICENSE Version 2, June 1991 dhcp-fwd — starts the DHCP forwarding agent Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> version 0.7 GNU GENERAL PUBLIC LICENSE Version 2, June 1991 lftp - Sophisticated file transfer program Alexander V. Lukyanov <lav@yars.free.net> version:4.5.x Copyright (c) 1996-2014 by Alexander V. Lukyanov (lav@yars.free.net) dnsmasq - A lightweight DHCP and caching DNS server. Simon Kelley <simon@thekelleys.org.uk> version:2.72 dnsmasq is Copyright (c) 2000-2014 Simon Kelley
M2MCellularGateway 258 socat - Multipurpose relay Version: 2.0.0-b8 GPLv2 http://www.dest-unreach.org/socat/ LibModbus Version: 3.0.3 LGPL v2 http://libmodbus.org/news/ LibIEC60870 GPLv2 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA https://sourceforge.net/projects/mrts/ Openswan Version: v2.6.38 GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. https://www.openswan.org/ Opennhrp Version: v0.14.1 OpenNHRP is an NHRP implementation for Linux. It has most of the RFC2332 and Cisco IOS extensions. Project homepage: http://sourceforge.net/projects/opennhrp Git repository: git://opennhrp.git.sourceforge.net/gitroot/opennhrp LICENSE OpenNHRP is licensed under the MIT License. See MIT-LICENSE.txt for additional details. OpenNHRP embeds libev. libev is dual licensed with 2-clause BSD and GPLv2+ licenses. See libev/LICENSE for additional details. OpenNHRP links to c-ares. c-ares is licensed under the MIT License. https://sourceforge.net/projects/opennhrp/ IPSec-tools Ve r sio n: v0 .8 No GPL be written http://ipsec-tools.sourceforge.net/ PPTP Version: pptp-1.7.1 GNU GENERAL PUBLIC LICENSE Version 2, June 1991
M2MCellularGateway 259 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 675 Mass Ave, Cambridge, MA 02139, USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. http://pptpclient.sourceforge.net/ PPTPServ Version: 1.3.4 GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 675 Mass Ave, Cambridge, MA 02139, USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. http://poptop.sourceforge.net/ L2TP Version: 0.4 Copying All software included in this package is Copyright 2002 Roaring Penguin Software Inc. You may distribute it under the terms of the GNU General Public License (the "GPL"), Version 2, or (at your option) any later version. http://www.roaringpenguin.com/ L2TPServ Version: v 1.3.1 GNU GENERAL PUBLIC LICENSEVersion 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc.59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. http://www.xelerance.com/software/xl2tpd/ Mpstat: from sysstat, system performance tools for Linux Version: 10.1.6 Copyright: (C) 1999-2013 by Sebastien Godard (sysstat <at> orange.fr) SSHD: dropbear, a SSH2 server Version: 0.53.1 Copyright: (c) 2002-2008 Matt Johnston Libncurses: The ncurses (new curses) library is a free software emulation of curses in System V Release 4.0 (SVr4), and more. Version: 5.9 Copyright: (c) 1998,2000,2004,2005,2006,2008,2011,2015 Free Software Foundation, Inc., 51 Franklin Street, Boston, MA 02110-1301, USA MiniUPnP: The miniUPnP daemon is an UPnP IGD (internet gateway device) which provide NAT traversal services to any UPnP enabled client on the network. Version: 1.7 Copyright: (c) 2006-2011, Thomas BERNARD
M2MCellularGateway 260 CoovaChilli is an open-source software access controller for captive portal (UAM) and 802.1X access provisioning. Version: 1.3.0 Copyright: (C) 2007-2012 David Bird (Coova Technologies) <support@coova.com> Krb5: Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. Version: 1.11.3 Copyright: (C) 1985-2013 by the Massachusetts Institute of Technology and its contributors OpenLDAP: a suite of the Lightweight Directory Access Protocol (v3) servers, clients, utilities, and development tools. Version: 2.4 Copyright: 1998-2014 The OpenLDAP Foundation Samba3311: the free SMB and CIFS client and server for UNIX and other operating systems Version: 3.3.11 Copyright: (C) 2007 Free Software Foundation, Inc. <http://fsf.org/> NTPClient: an NTP (RFC-1305, RFC-4330) client for unix-alike computers Version: 2007_365 Copyright: 1997, 1999, 2000, 2003, 2006, 2007 Larry Doolittle exFAT: FUSE-based exFAT implementation Version: 0.9.8 Copyright: (C) 2010-2012 Andrew Nayenko ONTFS_3G: The NTFS-3G driver is an open source, freely available read/write NTFS driver for Linux, FreeBSD, Mac OS X, NetBSD, Solaris and Haiku. Version: 2009.4.4 Copyright: (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA mysql-5_1_72: a release of MySQL, a dual-license SQL database server Version: 5.1.72 Copyright: (c) 2000, 2013, Oracle and/or its affiliates FreeRadius: a high performance and highly configurable RADIUS server Version: 2.1.12 Copyright: (C) 1999-2011 The FreeRADIUS server project and contributors Linux IPv6 Router Advertisement Daemon – radvd Version: V 1.15 Copyright (c) 1996,1997 by Lars Fenneberg<lf@elemental.net> BSD License: http://www.litech.org/radvd/ WIDE-DHCPv6 Dynamic Host Configuration Protocol for IPv6 (DHCPv6) clients, servers, and relay agents.
M2MCellularGateway 261 Version: 20080615 Copyright (C) 1998-2004 WIDE Project. BSD License: https://sourceforge.net/projects/wide-dhcpv6/  Federal Communication Commission Interference Statement This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation. This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one of the following measures: - Reorient or relocate the receiving antenna. - Increase the separation between the equipment and receiver. - Connect the equipment into an outlet on a circuit different from that to which the receiver is connected. - Consult the dealer or an experienced radio/TV technician for help. FCC Caution: Any changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate this equipment. This transmitter must not be co-located or operating in conjunction with any other antenna or transmitter.
FOR MOBILE DEVICE USAGE (>20cm/low power) Radiation Exposure Statement: This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment. This equipment should be installed and operated with minimum distance 20cm between the radiator & your body. M2MCellularGateway 262

Navigation menu