NetComm Wireless NTC620001 3G M2M ROUTER PLUS User Manual

Download:
Mirror Download [FCC.gov]
Document ID	2114946
Application ID	r2kDgO7i2wPEOBqOUp0kWg==
Document Description	User Manual
Short Term Confidential	No
Permanent Confidential	No
Supercede	No
Document Type	User Manual
Display Format	Adobe Acrobat PDF - pdf
Filesize	283.93kB (3549172 bits)
Date Submitted	2013-11-08 00:00:00
Date Available	2014-05-07 00:00:00
Creation Date	2017-10-25 04:54:04
Producing Software	GPL Ghostscript 9.18
Document Lastmod	2017-10-25 04:54:04
Document Title	User Manual
Document Creator	PScript5.dll Version 5.2.2

Usser Guiide
NTC-620
00 Serie
es – Inte
elligentt M2M Routerr
Copyright
Copyright© 2013 NetCom
mm Wireless Limited. All rights reserved.
The information contained herein is proprietarry to NetComm Wireless. No part of this ddocument may be translated, transcribed, reproduced, in any fform, or by any means without prior writteen
conssent of NetComm Wirreless.
Note: This document is subject too change without nottice.
Savee our environment
Wheen this equipment hass reached the end off its useful life, it mustt be taken to a recyclling centre and proceessed separately from
m domestic waste.
The cardboard box, the pplastic contained in the packaging, and thhe parts that make upp this device can be recycled in accordance with regionally eestablished regulationns. Never dispose of this
b subject to penaltiees or sanctions undeer the law. Instead, assk for disposal instrucctions from your munnicipal government.
electronic equipment aloong with your househoold waste. You may be
Please be responsible annd protect our environment.
Thiis manual cov
vers the follow
wing productss:
NetCComm Wireless NTC--6200-01
NetCComm Wireless NTC--6200-02
NetCComm Wireless Intelliggent M2M Router
www.netcommwirelless.com
DOCUMENT VVERSION
DATE
Initial documennt release
Table 1 - Document Revisionn History
Tabl
T le of
o Co
onte
entss
Ove
erview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Introduction .................................................................................................................................................................................................................................................................................................................................. 5
Target audience ........................................................................................................................................................................................................................................................................................................................... 5
Prerequisites ................................................................................................................................................................................................................................................................................................................................ 5
Notation ........................................................................................................................................................................................................................................................................................................................................ 5
Pro
oduct int roducct ion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Product overview ......................................................................................................................................................................................................................................................................................................................... 6
Package contents ........................................................................................................................................................................................................................................................................................................................ 6
Product features........................................................................................................................................................................................................................................................................................................................... 7
Phy
ysical dimensiions and indiccat ors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Physical dimensionss ................................................................................................................................................................................................................................................................................................................... 8
LED indicators.............................................................................................................................................................................................................................................................................................................................. 9
Ethernet port LED indicators..................................................................................................................................................................................................................................................................................................... 10
Interfaces ................................................................................................................................................................................................................................................................................................................................... 11
Pla
acement of t he
e rout er . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Mounting options ....................................................................................................................................................................................................................................................................................................................... 12
Inst allat ion and conf igurat ion of t he Int elli gent M2M Rou
ut er . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Powering the router .................................................................................................................................................................................................................................................................................................................... 17
Power consumption .................................................................................................................................................................................................................................................................................................................. 18
Installing the router .................................................................................................................................................................................................................................................................................................................... 18
Adv
vanced conf ig
gurat ion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
St at
a us . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Int ernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Data Connection ........................................................................................................................................................................................................................................................................................................................ 23
Connect on Demandd ................................................................................................................................................................................................................................................................................................................. 27
Operator Settings ....................................................................................................................................................................................................................................................................................................................... 31
SIM security settingss ................................................................................................................................................................................................................................................................................................................. 32
LAN ............................................................................................................................................................................................................................................................................................................................................ 36
Routing ....................................................................................................................................................................................................................................................................................................................................... 40
VPN ............................................................................................................................................................................................................................................................................................................................................ 50
Serrvices. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Dynamic DNS............................................................................................................................................................................................................................................................................................................................. 64
Network time (NTP) .................................................................................................................................................................................................................................................................................................................... 65
Data stream manageer ............................................................................................................................................................................................................................................................................................................... 66
Watchdogs ................................................................................................................................................................................................................................................................................................................................. 67
SNMP ......................................................................................................................................................................................................................................................................................................................................... 70
TR-069 ........................................................................................................................................................................................................................................................................................................................................ 72
GPS ............................................................................................................................................................................................................................................................................................................................................ 73
SMS messaging ......................................................................................................................................................................................................................................................................................................................... 74
Diagnostics ................................................................................................................................................................................................................................................................................................................................ 78
Sending an SMS Diaagnostic Command ................................................................................................................................................................................................................................................................................... 81
Sys
st em . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
Log ............................................................................................................................................................................................................................................................................................................................................. 88
System Configuratioon ................................................................................................................................................................................................................................................................................................................ 92
ment .......................................................................................................................................................................................................................................................................................................... 99
HTTPS key managem
SSH Key Managemeent............................................................................................................................................................................................................................................................................................................ 103
App
pendix
App
pendix
App
pendix
App
pendix
A:
B:
C:
D:
Tab
bles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
Devvice Mount ing Dimensions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108
Mou
unt ing Brackett . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
Deff ault Set t ings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
Restoring factory deefault settings ........................................................................................................................................................................................................................................................................................... 111
Recovery mode ........................................................................................................................................................................................................................................................................................................................ 112
App
pendix E: HTT
TPS - Uploadin
ng a self -signe
ed cert if icat e . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
App
pendix F: RJ-4
45 connect or . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
Saff et y and produ
uct care . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
NetComm Wireless Intelligent M2M Router
www.netcommwireless.com
Ove
O ervie
ew
In
ntroduc
ction
This document provides you all the informatioon you need to set upp, configure and use the NetComm Wireleess NTC-6200 Intelligent M2M Router.
Ta
arget a
audienc
ce
This document is intendeed for system integrators or experienced hardware
installers wwho understand teleccommunications terminology and conceptts.
Prrerequ
uisites
Befoore continuing with the installation of your Intelligent M2M Routter, please confirm thhat have the followingg:
A devvice with a working Etthernet network adappter.
A webb browser such as Internet Explorer, Mozilla Firefox or Google Chrome.
A flathhead screwdriver if field terminated power is required.
Notation
The following symbols arre used in this user guide:
The followingg note requires attenntion.
The followinng note provides a warning.
The followinng note provides usefful information.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
Product introduction
Product overview
Penta-band 3G with quad-band 2G auto-fallback
HSPA+ up to 14.4 Mbps DL
Ethernet port with full passive Power over Ethernet (PoE) support (802.3af) (NTC-6200-01 only)
RS232/RS422/RS485 Port and USB 2.0 OTG port
Integrated ZigBee multipoint mesh wireless networking (NTC-6200-01 only)
Built in GPS supporting an active or passive GPS Antenna via external SMA connector
Three multi-purpose I/O ports
One dedicated ignition input
Internal diversity antennas with option for external main antenna (autosensing)
Intelligent, Tri-Colour LED display for clear, easy to read modem status information
Extensive device management with support for TR-069, Web GUI and full feature management with SMS
Flexible mounting suitable for in-home use or industrial applications with built-in wall mount and DIN rail mounting options
Package contents
The NetComm Wireless Intelligent M2M Router package consists of:
1 x Intelligent M2M Router
2 x 3G antennas
1 x 1.5m yellow Ethernet cable 8P8C
1 x DIN rail mounting bracket
1 x six-way terminal block
1 x quick start guide and safety manual
If any of these items are missing or damaged, please contact NetComm Wireless Support immediately. The NetComm Wireless Support website can be found at:
http://support.netcommwireless.com.
NetComm Wireless Intelligent M2M Router
www.netcommwireless.com
Prroduct feature
es
The NetComm Wireless NNTC-6200 Intelligent M2M Router is an M22M device designed by NetComm Wireleess to address the rappid growth in M2M deeployments. It has beeen designed to provvide
price. Com
mpatible with networkk worldwide, the Intelligent M2M Router caan be managed remootely even when it does not have an Internnet
statee-of-the-art features aand versatility at an affordable
connnection via the use off SMS diagnostics annd commands.
The Intelligent M2M Routter includes many feaatures such as Dial on Demand which proovides a means to seeamlessly connect or disconnect the mobbile broadband conneection to conserve ussage;
TR-0069 support for easy management of a grroup of Intelligent M2M Routers; and the aability to function as an
a SSH server to secure communications.. Additionally, the open management systtem
allowws you to expand thee feature set by produucing your own custoom software applicatiions.
The NetComm Wireless Intelligent M2M Routeer meets the global demand
for a reliablee and cost-effective M2M
M device that succcessfully caters to maass deployment acrooss businesses.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
Physical dimensions and
indicators
Physical dimensions
Below is a list of the physical dimensions of the Intelligent M2M Router.
Figure 1 – Intelligent M2M Router Dimensions
INTELLIGENT M2M ROUTER
(WITHOUT EXTERNAL ANTENNAS ATTACHED)
Length
143 mm
Depth
107 mm
Height
34 mm
Weight
180g
Table 2 - Device Dimensions
NetComm Wireless Intelligent M2M Router
www.netcommwireless.com
LE
ED ind
dicatorss
The Intelligent M2M Routter uses 7 LEDs to display the current sysstem and connection status.
Figure 2 - Inte
telligent M2M Router LED Indicators
LEED ICON
NAME
Power
COLOUR
STATE
DESCRIPTIOON
Off
Power off
Double fflash
Powering up
On
Power on
On
Power on in recoverry mode
Slow flasshing
Hardware error
On
Connected via WWA
AN
Blinking
Traffic via WWAN
Slow flasshing
Connecting PDP
On
Registered network
Slow flasshing
Registering network
Slow flasshing
SIM PIN locked
Fast flasshing
SIM PUK locked
On
Can’t connect
On
3G
On
2G GPRS
On
GSM only (no GPRSS)
Networrk
Signal strength
TTable 3 - LED Indicatoors
Thee term “blinking” meanss that the LED may pulse, with the intervals thatt the LED is on and off nnot being equal. The term “flashing” means thaat the LED turns on andd off at equal intervals.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M RRouter
Signal strength LEDs
The following table lists the signal strength range corresponding with the number of lit signal strength LEDs.
NUMBER OF LIT LEDS
SIGNAL STRENGTH
All LEDs unlit
< -109 dBm
-109 dBm to -101dBm
-101 dBm to -91 dBm
-91 dBm to -85 dBm
-85 dBm to -77 dBm
> -77 dBm
Table 4 - Signal strength LED descriptions
LED update interval
The signal strength LEDs update within a few seconds with a rolling average signal strength reading. When selecting a location for the router or connected or positioning an external antenna,
please allow up to 20 seconds for the signal strength LEDs to update before repositioning.
Ethernet port LED indicators
The Ethernet port of the Intelligent M2M Router has two LED indicators on it.
Figure 3 - Ethernet port LED indicators
The table below describes the statuses of each light and their meanings.
LED
STATUS
DESCRIPTION
On
There is a valid network link.
Blinking
There is activity on the network link.
On
The Ethernet port is operating at a speed of 100Mbps.
Off
The Ethernet port is operating at a speed of 10Mbps or no Ethernet cable is connected.
Green
Amber
Table 5 - Ethernet port LED indicators description
NetComm Wireless Intelligent M2M Router
10
www.netcommwireless.com
In
nterface
es
The following interfaces aare available on the Intelligent M2M Routeer:
Figure 4 - Interfacess
ITEM
DESCRIPTION
Main anttenna socket
SMA female connector for main antenna.
Auxiliaryy antenna socket
SMA female connector for auxiliary antenna.
GPS anteenna socket
SMA female connector for GPS antenna.
Six-way terminal block connector
Connect power sourrce, ignition and I/O wires hhere. Power, ignition and I//O wires may be terminatedd on optional terminal blockk and connected to DC inpput jack.
Refer to the diagram
m and table on under Step 3 of the Installing your device section for correct wirinng of the terminal block. Opperates in the 8-40V DC range.
Press and hold for leess than 5 seconds to rebooot to normal mode.
Reset buutton
Press and hold for 5 to 15 seconds to reboot too recovery mode.
Press and hold for 15 to 20 seconds to reset thhe router to factory default settings.
SIM cardd slot
Insert SIM card heree.
RJ45 PoE Ethernet port
Connect one or seveeral devices via a network sswitch here. This port can also optionally receive Pow
wer over Ethernet (802.3af PoE) in which case the DC
C power
supply can serve as a backup power source iff required (PoE available onn NTC-6200-01 only).
Mini USBB 2.0 OTG port
Provides connectivity for optional external storaage or a USB Ethernet donngle. Supplies up to 0.5A too connected device.
Serial poort
Female DB9 port supporting 9-wire RS-232, RSS-485 or RS-422 (software selectable).
Table 6 – Interfacess
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
11
Plac
P cem
ment of tthe rou
uter
The two external high-peerformance antennas supplied with the rouuter are designed to provide optimum siggnal strength in a wide range of environmeents. If you find the signal strength is weaak, try
a acceptable signall, try moving the routeer to a different placee or mounting it differrently.
adjusting the orientation of the antennas. If yoou are unable to get an
Note: When sselecting a location foor the router, allow att least 20 seconds foor the signal strength LEDs to update befoore trying a different llocation or connectinng an external antennna.
Mountin
ng optio
ons
The Intelligent M2M Routter can be quickly annd easily mounted in a variety of locationss.
Mo
ounted fla
at against th
he wall
Wheen mounted flat againnst the wall, the Intelligent M2M Router has a slimline form facttor. Use appropriatelyy sized screws in thee mounting holes provvided on the base off the unit.
Figure 5 - W
Wall mount - Flat agaainst the wall
NetCComm Wireless Intelliggent M2M Router
12
www.netcommwirelless.com
Pe
erpendicullar to the wall
If a large surface area is not available, there is the option of mounting the router perpeendicular to the wall. This
T gives the router a small wall footprintt while remaining seccurely attached. Use
apprropriately sized screwws in the mounting hooles provided on the back of the unit.
Figure 6 - Waall mount - Perpendicu
cular to the wall
C Section DIIN Rail mo
ount
The Intelligent M2M Routter easily slides onto a C Section DIN rail so that it is horizontaally mounted. The DINN Rail mounting bracket is not required foor C Section DIN rail mounting.
Figuree 7 - C Section DIN raiil mount
To mount
m the unit on a C--Section DIN rail, slidde it on as illustrated below:
Figure 8 - Mounting the unit onn a DIN rail
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
13
Mounting bracket
The provided mounting bracket provides additional methods of mounting the Intelligent M2M Router.
To attach the mounting bracket, slide it onto the rear of the router as shown in the diagram below:
Figure 9 - Sliding on the mounting bracket
To remove the bracket, press the PUSH button and slide the router off the bracket:
Figure 10 - Removing the mounting bracket
NetComm Wireless Intelligent M2M Router
14
www.netcommwireless.com
Ussing the m
mounting brracket for wall moun
nting
By first attaching the DINN rail bracket to the wall,
w the Intelligent M22M Router can be eassily attached and rem
moved from the brackket.
Figure 11 – Wal
all mount - Mounted via
ia DIN rail bracket
Ussing the m
mounting brracket for Top hat D
DIN rail mo
ounting
The Intelligent M2M Routter may be vertically mounted to the wall with
w the bracket by ssliding the bracket onnto a top hat DIN rail
Figure
re 12 - Top hat DIN railil mount
Alterrnatively, you can attaach it to the DIN Rail by using the V bendd in the bracket as illuustrated below:
Figurre 13 - Attaching the m
mounting bracket to the
t DIN rail using the V bend
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
15
Desk mount
In situations where wall mounts and DIN rails are not required, you can simply place the Intelligent M2M Router on a desk using its rubber feet to prevent it from slipping.
Figure 14 - Desk mount
NetComm Wireless Intelligent M2M Router
16
www.netcommwireless.com
Insta
allation
n an
nd confiigurration
of
o th
he In
ntelllige
ent M2M
MR
Routter
Po
owerin
ng the router
The Intelligent M2M Routter can be powered in one of three ways:
1.
Power overr Ethernet (802.3af PooE) (available on the NTC-6200-01 only)
2.
DC power iinput via 6-pin conneector (8-40V DC)
3.
DC power iinput via field terminaated power source (88-40V DC)
The green power LED onn the router lights up when a power sourcee is connected.
Po
ower over Ethernet (802.3af
Po
oE) (availaable on the
e NTC-620
00-01 only))
Power over Ethernet (PoEE) is a method of connnecting network devvices through Etherneet cable where power and data are passeed along a single cabble. This may be a deesirable method of
o have a single cable running to the Inttelligent M2M Router.
powering the device if PooE is available, or if itt’s most convenient inn the desired installattion environment to only
Therre are 5 power classees defined in the IEEEE 802.3-2005 standard, of which the Intel ligent M2M Router iss a class 3 device.
CLASS
CLASSIFICAATION CURRENT
POW
WER RANGE
CLASS DEESCRIPTION
26-30 mA
6.49 – 12.95 W
Mid power
Tab
able 7 - PoE power classses
y router to a PoE innjector or PoE network switch using the bundled yellow Ethernnet cable 8P8C.
To use PoE to power the Intelligent M2M Routter, simply connect your
DC
C power v
via 6-pin co
onnector
The DC input jack can acccept power from a separately
sold DC power supply. Both a standard temperaturre range DC power supply and an extendded temperature rangge DC power supply are
available to purchase as accessories.
To power
the device via DC Power via the 6-ppin connector, removve the attached greenn terminal block from your router and connect the external DCC power supply to thee router’s green DC power
jack.
DC
C power v
via field terrminated power
sou
urce
If an existing 8-40V DC ppower supply is availaable, you can insert the
t wires into the suppplied terminal block to power your router. Use a No. 3 flatheadd screwdriver to tighten the terminal blocck
s the polarity of the wires are correctlyy matched, as illustrated below.
screws and secure the ppower wires, making sure
Figure 155 - Locking Power Term
minal Block
TERMINAL
www.netcommwireless.com
DESCRRIPTION
Positive wire for powerr.
Ground wire.
NetComm Wireeless Intelligent M2M Router
17
i
I/O
Dedicated terminal for ignition detection.
Three terminals used for input/output detection. (Please refer to the User Guide).
Table 8 - Locking power block pin outs
Failover power support (NTC-6200-01 only)
The Intelligent M2M Router includes support for connection of two power sources at the same time. When a PoE Ethernet cable is connected and DC power is also supplied to the DC input jack
of the router, the router will source power exclusively from the PoE source. In the event that power from the PoE cable is lost, the router will automatically switch to source power from the DC
input jack, without affecting the router’s operation. When PoE power is restored, the router automatically switches back to receive power from the PoE input source.
Viewing power source information
You can view the current power input mode in the Advanced status section of the device’s web user interface. This is useful for remotely monitoring the device. You can also use the Software
Development Kit to access this information for advanced purposes (e.g. configuring SMS alerts to inform you of the power status of the router).
To view the router’s power source information, log in to the router and expand the Advanced status box on the status page. See the Status section of this manual for more information on the
status page.
Power consumption
To assist with power consumption planning, the following table summarises average power consumption during the various states of the Intelligent M2M Router under normal usage conditions.
It’s important to note that this table serves as an indication only as the power consumed by the device is affected by many variables including signal strength, network type, and network activity.
Average power consumption figures
STATE
POWER CONSUMPTION
Powered on, idle and connected to packet data
1.2W
Powered on, connected to packet data with average load
2.0W
Powered on, connected to packet data with heavy traffic
4.0W
Peak power draw at maximum 3G module transmission power
5.0W
Table 9 - Average power consumption figures
Installing the router
After you have mounted the router and connected a power source, follow these steps to complete the installation process.
1.
Connect equipment that requires network access to the Ethernet port of your router. This may be your computer for advanced configuration purposes, or your end equipment which
requires data access via the Intelligent M2M Router. You can connect one device directly, or several devices using a network switch.
If you’re using PoE as the power source, you need to connect any devices via an available data Ethernet port on your PoE power source (be it a PoE network switch or PoE power
injector).
2.
Ensure the external power source is switched on and wait 2 minutes for your Intelligent M2M Router to start up. To check the status of your router, compare the LED indicators on
the device with those listed on page 8 of this guide.
NetComm Wireless Intelligent M2M Router
18
www.netcommwireless.com
Adv
A vanc
ced con
nfig
gura
ation
The Intelligent M2M Routter comes with precoonfigured settings thaat should suit most cuustomers. For advancced configuration, logg in to the web-basedd user interface of the router.
To loog in to the web-baseed user interface routter:
1.
Open a web browser (e.g. Internet Explorer, Firefox, Safari), type http://1 92.168.1.1 into the address bar and press Enter. The web-baased user interface log in screen is displayyed.
Figure 16 – Log inn prompt for the web-bbased user interface
2.
Enter the loogin username and password.
If this is thee first time you are loggging in or you have not previously configgured the password ffor the “root” or “adm
min” accounts, you caan
use one of the default account details
to log in.
ADMIN MANAGER ACCOOUNT
ROOT MANAGER ACCOUNT
Username:
addmin
Useername:
rooot
Password:
addmin
Passsword:
addmin
Table 10 - M
Management accountt login details
Note: To acceess all features of thee router, you must use the root manager aaccount.
For security reeasons, we highly recommend that you change the passwordds for the root and addmin accounts upon initial installation. Youu can do so by navigating to the System and
then Administtration page.
The Status page is displaayed when you log inn successfully.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
19
Status
The status page of the web interface provides system related information and is displayed when you log in to the Intelligent M2M Router management console. The status page shows System
information, LAN details, Cellular connection status, Packet data connection status and Advanced status details. You can toggle the sections from view by clicking the
show or hide them. Extra status boxes will appear as additional software features are enabled (e.g. VPN connectivity).
or
buttons to
Figure 17 - The Status page
NetComm Wireless Intelligent M2M Router
20
www.netcommwireless.com
ITEM
DEFINITION
System information
System up time
The current uptime of the router.
Board version
The hardware veersion of the router.
Serial Number
The serial numbber of the router.
Software
The software version number running on thhe router.
Model
The type of phone module and the firmwarre version of the module.
Firmware version
The firmware revvision of the phone modulee.
IMEI
The Internationaal Mobile Station Equipmennt Identity number used to uniquely
identify a mobile device.
LAN
IP
The IP address and subnet mask of the rouuter.
MAC Address
The MAC address of the router.
Ethernet Port Status
Displays the currrent status of the Ethernet port and its operating speeed.
Cellular connection status
SIM Status
Displays the acttivation status of the router on the carrier network.
Signal strength (dBm)
The current signnal strength measured in d Bm
Network registration statuus
The status of thee router’s registration for thhe current network.
Operator selection
The mode used to select an operator netwwork.
Current operator
The current operator network in use.
Roaming status
The roaming staatus of the router.
Allowed bands
The bands to whhich the router may connecct.
Current band
The current band being used by the routerr.
Coverage
The mobile equipment identifier (MEID) of the router, a unique code for identifying devices on a CDMA network.
WWAN Connection Statuus
Profile name
The name of thee active profile.
Status
The connection status of the active profile..
Default profile
Indicates whether the current profile in usee is the default profile.
WWAN IP
The IP address assigned by the mobile bro
roadband carrier network.
DNS server
The primary andd secondary DNS servers ffor the WWAN connection.
APN
The Access Poinnt Name currently in use.
Connection uptime
The length of tim
me of the current mobile coonnection session.
Advanced status
Mobile country code
The Mobile Country Code (MCC) of the rouuter.
Mobile network code
The Mobile Netw
work Code (MNC) of the roouter.
Signal quality (Ec/N0)
A measurement of the portion of the receivved signal that is usable. This is the signal strength minus
m the signal noise level..
Received signal code poower (RSCP)
The power level of the signal on the currennt connection’s particular channel.
Power input mode
Displays whetheer power is currently being sourced from the PoE Ethernet port or from the DC innput jack (PoE available onn NTC-6200-01 only)
HSUPA category
Displays the HSUPA category (1-9) for thee current uplink
HSDPA category
Displays the HSDPA category (1-8) for thee current downlink.
SIM ICCID
The Integrated Circuit
Card Identifier of thee SIM card used with the roouter, a unique number up to 19 digits in length.
Primary scrambling codee (PSC)
The Primary scrambling code for the curreent signal.
DC input voltage
Displays the currrent voltage of the power iinput source provided via the
t DC Input jack
Location area code (LACC)
The ID of the cell tower grouping the curreent signal is broadcasting from.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
21
IMSI
The International mobile subscriber identity is a unique identifier of the user of a cellular network.
Cell ID
A unique code that identifies the base station from within the location area of the current mobile network signal.
Channel number (UARFCN)
The channel number of the current 3G/2G connection.
Table 11 - Status page item details
NetComm Wireless Intelligent M2M Router
22
www.netcommwireless.com
Interrnet
The Internet section provvides configuration opptions for Wireless WAN,
W LAN, Routing annd VPN connectivity.
Data
Co
onnectio
on
The data connection pagge allows you to configure and enable/disable the connection profile. To access this page, click on the Networking menu, annd under the Wirelesss WAN menu, selectt the
Dataa Connection item.
Figure 118 – Data connectionn settings
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
23
ITEM
DEFINITION
Data connection
Transparent Bridge (PPPoE)
Toggles the transparent bridge function on and off.
Profile name list
Default
Sets the corresponding profile to be the default gateway for all outbound traffic except traffic for which there are configured static route rules or profile routing settings.
Status
Toggles the corresponding profile on and off. If your carrier supports it, two profiles may be turned on simultaneously.
APN
The APN configured for the corresponding profile.
Username
The username used to log on to the corresponding APN.
Roaming settings
Allow data roaming
When set to ON, the router will allow local devices to access the Wireless WAN network when the MachineLink 3G is roaming onto a foreign network. When set to OFF, the
router will deny network access to data services when roaming onto a foreign network. This setting is ON by default.
Table 12 - Data connection item details
Connecting to the mobile broadband network
The router supports the configuration of up to six APN profiles; these profiles allow you to configure the settings that the router will use to connect to the 2G/3G network and switch easily
between different connection settings.
For advanced networking purposes, you may activate a maximum of two profiles simultaneously (dependant on network support). When activating two connection profiles, you should avoid
selecting two profiles with the same APN as this can cause only one profile to connect. Similarly, activating two profiles which are both configured to automatically determine an APN can cause a
conflict and result in neither profile establishing a connection. We recommend that the two active connection profiles have differing, manually configured APNs to avoid connection issues and
ensure smooth operation.
Manually configuring a connection profile
To manually configure a connection profile:
1.
Click the Edit button corresponding to the Profile that you wish to modify. The data connection profile settings page is displayed.
Figure 19 - Data connection profile settings
NetComm Wireless Intelligent M2M Router
24
www.netcommwireless.com
2.
Click the Prrofile toggle key to tuurn the profile on. Addditional settings appeear.
Figure 20 - Dataa connection settings - Profile turned on
3.
In the Profille name field, enter a name for the profilee. This name is only uused to identify the prrofile on the router.
4.
Ensure thatt the Automatic APN selection toggle key is set to off. If it is noot, click it to toggle it to the off position.
5.
In the APN field, enter the APN Name (Access Pointt Name) and if requireed, use the Usernam
me and Password fieldds to enter your loginn credentials.
6.
Next to Autthentication type, seleect the either CHAP or
o PAP depending onn the type of authentiication used by your provider.
7.
The Reconnnect delay field speccifies the number of seconds to wait betweeen connection attem
mpts. The default settting of 30 seconds iss sufficient in most caases but you may modify it
to wait up to 65535 seconds if you
y wish.
8.
The Reconnnect retries field speccifies the number of times
to attempt to coonnect to the network if the router fails to establish a connectioon. It is set to 0 by deefault which causes the
router to atttempt to reconnect inndefinitely.
9.
The Metric value is used by routter to prioritise routess (if multiple are availlable) and is set to 200 by default. This valuue is sufficient in mosst cases but you mayy modify it if you are
aware of the effect your changees will have on the service.
10.
The MTU field allows you to modify the Maximum Transmission Unit usedd on the connection. Do not change this unless
instructed to bby your carrier.
11.
Use the NAAT Masquerading togggle key to turn NAT Masquerading
on or off. NAT masquerading, also known simpply as NAT is a commmon routing feature which
w allows multiple LAN
devices to appear as a single WAN
W IP via network address translation. Inn this mode, the routeer modifies network traffic sent and receivved to inform remote computers on the intternet
behind the router actually originaated from the WAN IPP address of the routter’s internal NAT IP aaddress. This may bee disabled if a framedd
that packetts originating from a machine
route configguration is required and
a local devices reqquire WAN IP addressses.
12.
For advancced networking such as using dual simultaaneous PDP contextss, you may wish to coonfigure a particular profile to route only ccertain traffic via that profile by configuring a
custom adddress and mask of traaffic to send via that profile. To do this, in the Profile routing seettings section, enter the Network addresss and Network mask of the remote network. If
you do not want to use this featuure, or are unsure, please leave these fiellds blank, which will not designate any paarticular traffic to be rrouted via this profilee. For more informatioon on
configuringg Profile routing settinngs, see the Setting a default gateway witth two active connecttion profiles example.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
25
13.
Click the Save button when you have finished entering the profile details.
Confirming a successful connection
After configuring the packet data session, and ensuring that it is enabled, click on the Status menu item at the top of the page to return to the Status page. When there is a mobile broadband
connection, the WWAN section is expanded showing the details of the connection and the Status field displays Connected. To see details on the connected session, you can click the Show data
usage button.
Figure 21 - Packet data connection status section
NetComm Wireless Intelligent M2M Router
26
www.netcommwireless.com
Connect
t on De
emand
The connect on demand feature keeps the Paacket Data Protocol (PDP) context deactivvated by default while making it appear too locally connected ddevices that the routeer has a permanent
attempts to esttablish a mobile broaadband data connection.
connnection to the mobile broadband network. When a packet of innterest arrives or an SSMS wake-up commaand is received, the router
Wheen the data connectioon is established, the router monitors traffic and terminates thee link when it is idle.
Note: When interesting packets arrive, the recovery tim
me for the wireless W
WAN connection is appproximately 20-30 seeconds.
Co
onfiguring
g Connect on Deman
nd
To configure Connect on demand:
1.
Click the Networking menu item
m from the top menu bar.
2.
On the Connnect on demand pagge, click the Connectt on demand toggle key so that it is ON. Extra
E options appear. See the following suub-sections for furtheer instructions.
Figure 22 - Connnect on demand conffiguration options
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
27
Setting the router to dial a connection when traffic is detected on specific ports
In some situations, you may wish to have the internet connection disabled except at times when outbound traffic to a particular external host’s port or range of ports is sent to the router. To use
this feature, click Enable dial port filter and enter the port number or list of port numbers separated by commas. When you select this option, all outbound ICMP/TCP/UDP packets to any remote
host on the specified port(s) will trigger the connection to dial. Note that when this feature is enabled, the options to ignore specific packet types are not available.
Figure 23 – Dial on demand - Data activity triggered connection
You can allow Microsoft network awareness (NCSI) traffic through but if you prefer that they do not trigger the connection, click the Ignore Microsoft network awareness (NCSI) traffic toggle key
to set it to ON.
Figure 24 - DIal on demand - Ignore NCSI traffic
Excluding certain packet types from triggering the connection to dial
Depending on your environment, you might prefer to exclude certain types of traffic passing through the router from triggering the data connection. You can tell the router to ignore outbound
TCP, UDP or ICMP packets. When any of these options are checked the router will not dial a connection when that type of outbound destined data packet reaches the router from a locally
connected device.
Figure 25 – Dial on demand - Excluding IP protocols
Excluding certain application types from triggering the connection to dial
Some devices may generate general traffic as a part of normal operation which you may not want to trigger the data connection. You can set the router to ignore Domain Name System (DNS),
Network Time Protocol (NTP) or Microsoft network awareness (NCSI) traffic from devices behind the router. When you check the box for these options, it tells the router to ignore the request from
that application type and will not dial a connection when this data type is received.
Figure 26 - Dial on demand - Excluding application types
NetComm Wireless Intelligent M2M Router
28
www.netcommwireless.com
Se
etting time
ers for conn
nection an
nd disconn
nection
The router has a numberr of timer settings which let you determine when a connection iis dialled and when it is disconnected.
Figure 27 – Dial onn demand - Connect and
an disconnect timers
OPTION
DESCRIPTION
On data activity, stay online for at least
When traffic as per the connfigured settings above apppear, the router will either continue to stay online, or dial a connection and will not disconnect it
for the specified time periood (min. 1 minute, max. 1 hour).
This timer is continuoously reset throughout the dduration of a dial-up sessioon, whenever
data activity is detected mmatching the rules above.
After connectingg, stay online for at least
This timer configures the rrouter to not hang-up the connection for the specified time period after initially ddialling the connection. Thiss setting cannot
be less than the keep onlinne period above. This timeer affects the connection onnly once per dial up session
on, at the beginning of the session.
After hanging upp, don’t redial for
After a connection has beeen disconnected, you can tell the router to rest for a period
of time before re-diaalling.
Disconnect regaardless of traffic after
Forces the router to disconnnect the connection regardless of the traffic passingg through it. The default setetting is never.
If you want to have the rouuter dial a connection at regular intervals, use Connecct regularly, every to specifify the interval between diaals. Setting this to
never effectively disables this option.
Connect regularrly, every / Randomise connect frequency by
up to
The router also features thhe ability to randomise the time
t at which the first dial action
is performed. This iss useful in situations such as
a where you
have numerous routers in an area where a power outage has occurred. Settingg a random dial time helps to reduce network congesstion when all the
routers are powered on soo they do not all try to connnect simultaneously.
When it is set to at least 2 minutes, you are able to configure the router to randomise the time it begins to dial. The randomised dial timer only affects
the initial dial after the unitt powers on or after the setttings are saved. For example, if you configure the rouuter to dial every 2 minutess with a
randomised dial time of 1 minute, the router will dial the initial connection at a time greater than 2 minutess, but less than 3 minutes. After the first dial,
the router will dial the connnection exactly every 2 minnutes.
Tablee 13 - Connect on dem
mand - Connect and dis
isconnect timers descr
criptions
Ve
erbose mo
ode
The router provides the ooption of logging all the data activity which matches the settinggs for the Dial on dem
mand feature for advanced troubleshootinng purposes. To enable the logging of thee Dial
on demand
feature, clickk the Enable verbose mode toggle key to switch it ON. See thee System log section for more information.
Figure 28 – Dial onn demand - Verbose loogging configuration
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
29
Manually connecting/disconnecting
There may be times when you need to either force a connection to be made or force a disconnection manually. You can use the Manual connect and Manual disconnect buttons to do this
whenever necessary. The online status of the connection is displayed above the buttons.
Figure 29 - Dial on demand - Online/Offline control
When you have finished configuring the options for the Dial on demand feature, click the Save button at the bottom to save your changes.
SMS Wake up
The router can also be woken up by means of an SMS message using the SMS diagnostics feature by sending a zero byte class 1 flash SMS. See the Diagnostics section for details on using the
SMS Wake up function.
NetComm Wireless Intelligent M2M Router
30
www.netcommwireless.com
Operato
or Settin
ngs
The Operator settings paage enables you to seelect which frequency band you will use ffor your connection and
a enables you to sccan for available netwwork operators in youur area.
Fi
Figure 30 - Band settinngs
p you are promptted to disable the data connection if it is
Note: In ordeer to change the celluular band settings, thhe data connection mmust be disabled. Whhen you access this page,
already activve.
You may want to do this iif you’re using the rouuter in a country with multiple frequency nnetworks that may noot all support High Sppeed Packet Access (HSPA). You can select the router to onlyy
connnect on the network ffrequencies that suit your
y requirements.
Use the Change band drrop down list to selecct the band you wish to
t use.
The following band settinngs options are availaable:
All Baands
GSM AAll
WCDM
MA All
GSM 850
GSM 900
GSM 1800
GSM 1900
WCMDA 850
MA 900
WCDM
MA 800
WCDM
MA 1900
WCDM
MA 2100
WCDM
It is not necessary to chaange the default settinng of All bands in moost cases. In fact, loccking to a particular band
b can cause connnection difficulties if thhe device is moved to
t a location where thhe
forceed band selection is no longer available.
Wheen All bands is selecteed, the router attemppts to find the most suuitable band based oon the available netwworks for the inserted SIM card.
The GSM All and the WCCDMA all options alloww you to force the deevice to lock to eitherr 2G networks only, or 3G networks only.
Clickk the Save button to ssave and apply your selection.
Op
perator se
ettings
The operator settings feaature allows you perfoorm a scan of availabble networks, and to ooptionally lock to a particular network retuurned by the networkk scan. To scan for avvailable networks, set the
and requires that the packet dataa session be disconneected prior to scanning.
Seleect operator mode froom automatic to Manuual then click the scaan button. This operaation can take a few minutes
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
31
Figure 31 - Operator settings
A list of the detected 3G service carriers in your area is displayed.
Figure 32 - Detected operator list
Select the most appropriate 3G service from the list shown and click Apply.
When Select operator mode is set to Automatic, the router selects the most appropriate operator based on the inserted SIM card. This is the default option and is sufficient for most users.
SIM security settings
The SIM security settings page can be used for authenticating SIM cards that have been configured with a security PIN.
Unlocking a PIN locked SIM
If the SIM card is locked, you will receive a notice when you access the Status page after which you will be directed to the PIN settings page to enter the PIN. The PIN settings page lists the
status of the SIM at the top of the page.
If you are not redirected to the PIN settings page, to unlock the SIM:
a)
Click on the Networking menu from the top menu bar, and then click SIM security settings.
Figure 33 - SIM security settings - SIM PIN locked
NetComm Wireless Intelligent M2M Router
32
www.netcommwireless.com
b)
Enter the PIN in the Current PINN field and then enterr it again in the Confirrm current PIN field to
t confirm the PIN.
c)
member PIN option. This
T feature allows thhe router to automaticcally send the PIN to the
If you are pplacing the router in a remote, unattendedd location, you may wwish to check the Rem
SIM each tiime the SIM asks for it (usually at power up).
u This enables the SIM to be PIN locked (to prevent unauthoorised re-use of the SSIM elsewhere), whilee still allowing the rouuter to
connect to the cellular service.
When this ffeature is enabled, thhe PIN you enter when setting the Rememmber PIN feature is enncrypted and stored locally on the router. The next time the SIM asks the router forr the
PIN, the rouuter decrypts the PINN and automatically sends it to the SIM witthout user interventioon.
When this ffeature is disabled annd the SIM is PIN locked and the PIN musst be manually entereed via the router‘s configuration interface.. In situations where the
t router will be
unattendedd, this is not desirablee.
Note: Selectt Remember PIN if yoou do not want to entter the PIN code eachh time the SIM is inseerted.
d)
Click the Saave button. If successsful, the router displaays the following screeen:
En
nabling/Diisabling SIIM PIN pro
otection
The security PIN protection can be turned on or off using the PIN protection toggle keyy.
FFigure 34 - PIN Setting
ngs
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
33
Changing the SIM PIN code
If you would like to change the PIN, click the Change PIN button and enter the current PIN into the Current PIN and Confirm current PIN fields, then enter the desired PIN into the New PIN and
Confirm new PIN fields and click the Save button.
Figure 35 - PIN settings - Change PIN
When the PIN has been changed successfully, the following screen is displayed:
Figure 36 - SIM security settings – PIN unlock successful
NetComm Wireless Intelligent M2M Router
34
www.netcommwireless.com
Un
nlocking a PUK locke
ed SIM
Afterr three incorrect attem
mpts at entering the PIN, the SIM card beecomes PUK (Personnal Unblocking Key) locked and you are reequested to enter a PPUK code to unlock it.
Note: To obtaain the PUK unlock coode, you must contacct Vodafone.
You will be issued a PUKK to enable you to unllock the SIM and enteer a new PIN. Enter tthe new PIN and PUKK codes.
Clickk the Save button whhen you have finishedd entering the new PIN and PUK codes.
Figure 377 - SIM security - SIM PUK
P locked
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
35
LA
AN
LA
AN configu
uration
The LAN configuration paage is used to configgure the LAN settingss of the router and to enable or disable DNNS Masquerading.
Figure 338 – LAN configuration
on settings
The default IP of the Etheernet port is 192.168.1.1 with subnet maskk 255.255.255.0. To cchange the IP address or Subnet mask, enter
e the new IP Addrress and/or Subnet mask
m and click the Saave
buttoon.
Note: If you cchange the IP address, remember to rebooot the router and ennter the new IP addreess into your browser address bar.
DN
NS masquerad
ding
DNSS masquerading allowws the router to proxyy DNS requests from LAN clients to dynammically assigned DNSS servers. When enabled, clients on the ro
router’s LAN can thenn use the router as a DNS
server without needing too know the dynamicaally assigned cellular network DNS serverss.
M2M Routeer hands out its own IP address (e.g. 192.168.1.1) as the DNSS server address to LAN
L clients. The
With DNS masquerading ON, the DHCP serveer embedded in the Intelligent
M Router which proxiies them to the upstreeam DNS servers.
downstream clients then send DNS requests to the Intelligent M2M
With DNS masquerading OFF, the DHCP servver hands out the upstream DNS server IPP addresses to downnstream clients directtly, so that downstreaam clients send DNS requests directly to the
upsttream DNS servers wwithout being proxied by the Intelligent M22M Router.
You may also override the DNS Masquerading option by specifyinng custom DNS Serveer IP addresses in the DHCP Server configuration mentioned iin the next section off this guide. In this caase
the DHCP
server assignss downstream devicees the manually configgured addresses andd the DNS Masqueraading option is ignoreed.
In most cases, it is not neecessary to disable DNS
D masquerading but
b if you need to, clicck the DNS masquerrading toggle key to turn it OFF and then cclick the Save buttonn.
NetCComm Wireless Intelliggent M2M Router
36
www.netcommwirelless.com
DH
HCP
The DHCP page is used to adjust the settingss used by the router’ss built in DHPC Serveer which assigns IP addresses
to locally connected
devices.
DH
HCP relay con
nfiguration
In addvanced networks coonfigurations where the Intelligent M2M Router should not be rresponsible for DHCPP assignment, but insstead an existing DHHCP server is located on the Wireless WANN
connnection, the clients beehind the Intelligent M2M
M Router are ablee to communicate witth the DHCP server when
w DHCP relay is enabled. This enabless the Intelligent M2M Router to accept clieent
broaadcast messages andd to forward them onto another subnet.
To configure the router too act as a DHCP relay agent click the DHCCP relay toggle key tto turn it ON and enter the DHCP server address
into the DHCCP server address fieeld. DHCP relay is
disabled by default.
Figure 339 – DHCP relay conffiguration
DH
HCP configura
ation
You can manually set thee start and end addreess range to be used to automatically asssign addresses withinn, the lease time of the assigned address,, the default domain name suffix, primary and
secoondary DNS server, thhe primary and secondary WINS server, as
a well as the advancced DHCP settings such
s as NTP, TFTP annd Option 150/Optionn 160 (VoIP options).
Figuure 40 - DHCP configuuration
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
37
OPTION
DESCRIPTION
DHCP start range
Sets the first IP address of the DHCP range
DHCP end range
Sets the last IP address of the DHCP range
DHCP lease time (seconds)
The length of time in seconds that DHCP allocated IP addresses are valid
Default domain name suffix
Specifies the default domain name suffix for the DHCP clients. A domain name suffix enables users to access a local server, for example, server1,
without typing the full domain name server1.domain.com
DNS server 1 IP address
Specifies the primary DNS (Domain Name System) server’s IP address.
DNS server 2 IP address
Specifies the secondary DNS (Domain Name System) server’s IP address.
WINS server 1 IP address
Specifies the primary WINS (Windows Internet Name Service) server IP address
WINS server 2 IP address
Specifies the secondary WINS (Windows Internet Name Service) server IP address
NTP server (Option 42)
Specifies the IP address of the NTP (Network Time Protocol) server
TFTP Server (Option 66)
Specifies the TFTP (Trivial File Transfer Protocol) server
DHCP option 150
This is used to configure Cisco IP phones. When a Cisco IP phone starts, if it is not pre-configured with the IP address and TFTP address, it sends a
request to the DHCP server to obtain this information. Specify the string which will be sent as a reply to the option 150 request.
DHCP option 160
This is used to configure Polycom IP phones. When a Polycom IP phone starts, if it is not pre-configured with the IP address and TFTP address, it
sends a request to the DHCP server to obtain this information. Specify the string which will be sent as a reply to the option 160 request.
Enter the desired DHCP options and click the Save button.
Address reservation list
DHCP clients are dynamically assigned an IP address as they connect, but you can reserve an address for a particular device using the address reservation list.
Figure 41 – DHCP – Address reservation list
To add a device to the address reservation list:
1.
Click the +Add button.
2.
In the Computer Name field enter a name for the device.
3.
In the MAC Address field, enter the device’s MAC address.
4.
In the IP Address fields, enter the IP address that you wish to reserve for the device.
5.
If the Enable toggle key is not set to ON, click it to switch it to the ON position.
6.
Click the Save button to save the settings.
NetComm Wireless Intelligent M2M Router
38
www.netcommwireless.com
Dy
ynamic DHCP client list
The Dynamic DHCP cliennt list displays a list of
o the DHCP clients. If you want to reservee the current IP addreess for future use, click the Clone button aand the details will bee copied to the addreess
member to click the Save
S button under thhe Address reservatioon list section to conffirm the configurationn.
reservation list fields. Rem
Figuree 42 - Dynamic DHCP client
list
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
39
Routing
Static
Static routing is the alternative to dynamic routing used in more complex network scenarios and is used to facilitate communication between devices on different networks. Static routing involves
configuring the routers in your network with all the information necessary to allow the packets to be forwarded to the correct destination. If you change the IP address of one of the devices in the
static route, the route will be broken.
Figure 43 - Static routing list
Some routes are added by default by the router on initialization such as the Ethernet subnet route for routing to a device on the Ethernet subnet.
Adding Static Routes
To add a new route to the static routing list, click the +Add button. The Static routes page appears.
1.
In the Route name field, type a name for the route so that it can be identified in the static routing list.
2.
From the Network interface drop down list, select the interface for which you would like to create a static route.
3.
In the Destination IP address field, enter the IP address of the destination of the route.
4.
In the IP subnet mask field, enter the subnet mask of the route.
5.
In the Gateway IP address field, enter the IP address of the gateway that will facilitate the route.
6.
In the Metric field enter the metric for the route. The metric value is used by the router to prioritise routes. The lower the value, the higher the priority. To give the route the highest
priority, set it to 0.
7.
Click the Save button to save your settings.
NetComm Wireless Intelligent M2M Router
40
www.netcommwireless.com
Figurre 44 - Adding a staticc route
Active routing liist
Static routes are displayeed in the Active routinng list.
Figgure 45 - Active routing
ng list
De
eleting static rroutes
From
m the static routing lisst, click the
icoon to the right of the entry
e you wish to deleete.
Figure
re 46 - Deleting a statitic route
www.netcommwireless.com
NetComm Wireeless Intelligent M2M RRouter
41
RIP
RIP (Routing Information Protocol) is used forr advertising routes too other routers. Thus all the routes in the router’s
routing table will be advertised to other nearby routerss. For example, the rooute
for thhe router’s Ethernet ssubnet could be adveertised to a router on the PPP interface sidde so that a router onn this network will knoow how to route to a ddevice on the router’s Ethernet subnet. Sttatic
routees must be added manually according to your requirements. See
S Adding Static Rooutes.
Note: Some rrouters will ignore RIPP.
Figgure 47 - RIP configura
ration
To enable Routing Inform
mation Protocol (RIP)
1.
Click the RIP toggle key to switcch it to the ON positioon.
2.
Using the VVersion drop down lisst, select the version of RIP that you wouldd like to use.
3.
Select the interface for which yoou want RIP to apply. You can choose thee LAN interface, the WWAN
interface or Both.
4.
Click the Saave button to confirm
m your settings.
NetCComm Wireless Intelliggent M2M Router
42
www.netcommwirelless.com
Re
edundancy
y (VRRP) configurati
ion
Virtuual Router Redundanccy Protocol (VRRP) iss a non-proprietary reedundancy protocol designed to increasee the availability of the default gateway seervicing hosts on the same subnet. This
increeased reliability is acchieved by advertisingg a “virtual router” (an abstract representtation of master and backup
routers actingg as a group) as a deefault gateway to thee host(s) instead of onne
physsical router. Two or m
more physical routers are then configured to stand for the virtu al router, with only onne doing the actual routing at any given tiime. If the current phhysical router that is
routing the data on behalf of the virtual routerr fails, an arrangemennt is made for anotheer physical router to automatically
replace it. The physical routeter that is currently forwarding data on behhalf
of the virtual router is called the master routerr.
Master routers have a priiority of 255 and backup router(s) can havve a priority betweenn 1 and 254.
A virrtual router must use 00-00-5E-00-01-XX as
a its (MAC) addresss. The last byte of thee address (XX) is the Virtual Router Identifier (VRID), which is ddifferent for each virtuual router in the netwoork.
This address is used by oonly one physical rouuter at a time, and is the only way that othher physical routers can
c identify the masteer router within a virtuual router.
Figuure 48 - VRRP configur
uration
To configure VRRP, confiigure multiple devicees as follows and connnect them all via an Ethernet network swiitch to downstream devices.
1.
Click the Redundancy (VRRP) toggle
key to activatee VRRP.
2.
In the Virtuaal ID field, enter an IDD between 1 and 2555. This is the VRRP IDD which is different foor each virtual router on the network.
3.
In the Router priority field, enterr a value for the priority – a higher value iss a higher priority.
4.
The Virtual IP address field is ussed to specify the VRRRP IP address – thiss is the virtual IP address that both virtual routers share.
5.
Click the Saave button to save thhe new settings.
Note: Configuuring VRRP changess the MAC address off the Ethernet port annd therefore if you waant to resume with thee web configuration yyou must use the neww IP address (VRRP IP)
I or
on a commannd prompt type:
M address).
arp –d  (i.e. arp –d 192.168
8.1.1) to clear the arp cache.(old MAC
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
43
Port Forwarding
The Port forwarding list is used to configure the Network Address Translation (NAT) rules currently in effect on the router.
Figure 49 – Port forwarding list
The purpose of the port forwarding feature is to allow mapping of inbound requests to a specific port on the WAN IP address to a device connected on the Ethernet interface.
Adding a port forwarding rule
To create a new port forwarding rule:
1.
Click the +Add button. The port forwarding settings screen is displayed.
2.
Use the Protocol drop down list to select the type of protocol you want to use for the rule. The protocols selections available are TCP, UDP and All.
3.
In the Source IP Address field, enter a “friendly” address that is allowed to access the router or a wildcard IP address (0.0.0.0) that allows all IP addresses to access the router.
4.
The Source Port Range (From) and (To) fields are used to specify the port(s) on the source side that are to be forwarded. This allows you to send a range of consecutive port
numbers by entering the first in the range in the (From) field and the last in the range in the (To) field. To forward a single port, enter the port in the (From) field and repeat it in the
(To) field.
5.
In the Destination network adress field, enter the IP address of the client to which the traffic should be forwarded.
6.
The Destination Port Range (From) and (To) fields are used to specify the port(s) on the destination side that are to be forwarded. If the Source port range specifies a single port
then the destination port may be configured to any port. If the Source port range specifies a range of port numbers then the Destination port range must be the same as the Source
port range.
7.
Click the Save button to confirm your settings.
NetComm Wireless Intelligent M2M Router
44
www.netcommwireless.com
Figuree 50 - Port forwarding settings
a port forwardinng rule, click the
To delete
www.netcommwireless.com
button on the Portt forwarding list for thhe corresponding rulee that you would like to delete.
NetComm Wireeless Intelligent M2M Router
45
DMZ
The Demilitarized Zone (DMZ) allows you to configure all incoming traffic on all protocols to be forwarded to a selected device behind the router. This feature can be used to avoid complex port
forwarding rules, but it exposes the device to untrusted networks as there is no filtering of what traffic is allowed and what is denied.
The DMZ configuration page is used to specify the IP Address of the device to use as the DMZ host.
Figure 51 - DMZ configuration
1.
Click the DMZ toggle key to turn the DMZ function ON.
2.
Enter the IP Address of the device to be the DMZ host into the DMZ IP Address field.
3.
Click the Save button to save your settings.
NetComm Wireless Intelligent M2M Router
46
www.netcommwireless.com
Ro
outer Firew
wall
The Router firewall page is used to enable or disable the in-built firewall on the router. When enabled, the firewall performs stateeful packet inspectionn on inbound traffic from
f the wireless WAAN
and blocks all unknown sservices, that is, all seervices not listed on the Services configuuration page of the router.
With respect to the other Routing options on the
t Networking page, the firewall takes a low priority. The priority of the firewall cann be described as:
DMZ > MAC/IP/Port filtering rulees > MAC/IP/Port filteering default rule > Roouter firewall rules
In otther words, the firewaall is of the lowest prioority when comparedd to other manual rouuting configurations. Therefore,
a MAC/IP/Port filtering rule takees priority in the evennt that there is a confflict of
ruless. When DMZ is enabbled, MAC/IP/Port filteering rules and the roouter firewall are ignoored but the router wiill still honour the connfiguration of the Remmote router access coontrol settings listed under
Adm
ministration Settings.
Figure 552 - Router Firewall tooggle key
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
47
MA
AC / IP / P
Port filterin
ng
The MAC/IP/Port filter feaature allows you apply a policy to the traffic that passes througgh the router, both inbound and outboundd, so that network acccess can be controlleed. When the filter is
except thosee listed in the “Currennt MAC / IP / Port filtering rules in effect” liist. Conversely, whenn the default rule is seet to
enabbled with a default rule of “Accepted”, all connections will be allowed
“Droopped”, all connections are denied exceppt for those listed in thhe filtering rules list.
Figuree 53 - MAC / IP / Portt filtering
Note: When enabling MAC / IP / Port filtering and settting the default rule too “Dropped”, you shoould ensure that you have first added a filltering rule which alloows at least one knowwn
MAC/IP to acccess the router, otheerwise you will not bee able to access the uuser interface of the router without resettinng the router to factoory default settings.
Crreating a M
MAC / IP / Port filterring rule
To create a filtering rule:
1.
Click the M
MAC / IP / Port filterinng toggle key to switcch it to the ON positioon.
2.
Using the DDefault rule (inbound//forward) drop down list, select the defau lt action for the routeer to take when traffic reaches it. By defauult, this is configured to Accepted. If you
change thiss to Dropped, you shoould first configure a filter rule that allows at least one device access
to the router, otherwise you will effffectively be locked out
o of the router.
3.
Click the Saave button to confirm
m the default rule.
4.
In the Curreent MAC / IP / Port filttering rules in system
m section, click the +AAdd button.
Figure 54 - Curren
ent MAC / IP/ Port filte
tering rules in effect
5.
Enter the details of the rule in thhe section that is dispplayed and click the SSave button.
NetCComm Wireless Intelliggent M2M Router
48
www.netcommwirelless.com
Figure 55 - MAC / IP / Port filteering settings
OPTION
DESCRIPTIO
ON
Bound
Use the drop down list to seelect the direction of the traaffic for which you want to apply
a to the rule. Inbound rerefers to all traffic that is entering the
roouter including data enterinng from the WAN and the LAN.
L Outbound refers to all traffic exiting the router inccluding traffic leaving in the direction of
thhe WAN and traffic leaving in the direction of the LAN. Forward specifies traffic that
t enters on the LAN or WWAN side and is forwardedd to the
oppposite end.
Protocol
Use the drop down list to seelect the protocol for the rule. You can have the rule apply to All protocols, TCP,, UDP, UDP/TCP or ICMP.
Source MAC AAddress
Enter the MAC address in siix groups of two hexadecim
mal digits separated by co ons (:). e.g. 00:40:F4:CE:FFA:1E
Source IP Adddress
Enter the IPv4 address that tthe traffic originates from and
a the subnet mask using CIDR notation.
Destination IP Address
Enter the IPv4 address that tthe traffic is destined for and the subnet mask using CIDR notation.
Action
Select the action to take for traffic which meets the aboove criteria. You can choosse to Accept or Drop packeets. When the default rule is set to Accept,
wise, if the default rule is sett to Dropped you cannot create a rule with
yoou cannot create a rule withth an Accept action since thhe rule is redundant. Likew
a Drop action.
Comment
[O
Optional] Use this field to eenter a comment as a meanningful description of the ruule.
Table 14 - Currennt MAC / IP / Port filteering rules in effect
6.
The new rule is displayed in thee filtering rules list. Yoou can edit the rule bby clicking the
Edit button or delete the rule by clicking tthe
button.
Figuree 56 - Completed filter
ering rule
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
49
VPN
A Virrtual Private Network (VPN) is a tunnel prooviding a private link between two networrks or devices over a public network. Dataa to be sent via a VPNN needs to be encappsulated and as suchh is
geneerally not visible to thhe public network.
The advantages of a VPNN connection includee:
Data PProtection
Accesss Control
Data OOrigin Authenticationn
Data IIntegrity
Eachh VPN connection haas different configurattion requirements. Thhe following pages deetail the configuration options available foor the different VPN cconnection types.
Note: The following descriptions are an overview of thhe various VPN optionns available. More deetailed instructions are available in separaate whitepapers on the NetComm Wirelesss
website.
IPS
Sec
IPSeec operates on Layerr 3 of the OSI model and
a as such can prottect higher layered pprotocols. IPSec is used for both site to site VPN and Remote AAccess VPN. The Inteelligent M2M Router
suppports IPsec end pointts and can be configured with Site to Site VPN tunnels with thi rd party VPN routerss.
Co
onfiguring
g an IPSec VPN
From
m the menu at the topp of the screen, click Networking and under the VPN section, cclick IPSec. A list of configured IPSec VPPN connections is dissplayed.
Fig
Figure 57 - IPSec VPN List
Clickk the +Add button to begin configuring ann IPSec VPN connecttion.
NetCComm Wireless Intelliggent M2M Router
50
www.netcommwirelless.com
Figu
gure 58 – IPSec profilee edit
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
51
NetComm Wireless Intelligent M2M Router
52
www.netcommwireless.com
The following table descrribes each of the fieldds of the IPSec VPN Connection Settings page.
ITTEM
DEFINITION
IPSec profile
Enables or disabless the VPN profile.
Profile name
A name used to ideentify the VPN connection pprofile.
Remote IPSec server adddress
The IP address of thhe IPSec server.
Remote LAN address
Enter the IP address of the remote network forr use on the VPN connectioon.
Remote LAN subnet massk
Enter the subnet maask in use on the remote neetwork.
Local LAN address
Enter the IP address of the local network for u se on the VPN connection.
Local LAN subnet mask
Enter the subnet maask in use on the local netwwork.
Encapsulation type
Select the encapsulation protocol to use with tthe VPN connection. You can
c choose ESP, AH or Any.
IKE mode
Select the IKE mode to use with the VPN connnection. You can choose Main,
M Aggressive or Any.
PFS
Choose whether Peerfect Forward Secrecy is OON or OFF for the VPN connection.
IKE encryption
Select the cipher type to use for the Internet KKey Exchange.
IKE hash
Select the IKE Hashh type to use for the VPN coonnection. The hash is useed for authentication of pacckets for the key exchangee.
IPSec encryption
Select the IPSec encryption type to use with thhe VPN connection.
IPSec hash
Select the IPSec haash type to use for the VPN connection. The hash is used for authentication of packets for the VPN connecction.
DH group
Select the desired Diffie-Hellman
group to usee. Higher groups are more secure but also require lonnger to generate a key.
DPD action
Select the desired Dead
D Peer Detection actionn. This is the action to take when a dead Internet Keyy Exchange Peer is detecteed.
DPD keep alive time
Enter the time in seconds for the interval betwween Dead Peer Detection keep alive messages.
DPD timeout
Enter the time in seconds of no response fromm a peer before Dead Peer Detection times out.
IKE re-key time
Enter the time in seconds between changes oof the encryption key. To disable changing the key, seet this to 0.
SA life time
Enter the time in seconds for the security assoociation lifetime.
Select the type of key mode in use for the VPNN connection. You can seleect from:
Key mode



Prre Shared Key
RSSA keys
Certificates
Pre-shared key
The pre-shared keyy is the key that peers usedd to authenticate each otheer for Internet Key Exchange.
Remote ID
Specifies the domain name of the remote netwwork.
Local ID
Specifies the domain name of the local netwo rk.
Update Time
Displays the last tim
me the key was updated.
Local RSA Key Upload
Select the RSA key file for the local router heree by clicking the Browse button.
Remote RSA Key Uploadd
Select the RSA key file for the remote router heere by clicking the Browsee button.
Private key Passphrase
The Private key passsphrase of the router is thee passphrase used when generating
the router’s private key using OpenSSL CAA.
Key / Certificate
Select the type of key or certificate to use for aauthentication. You can select Local private key, Locaal public certificate, Remotte public certificate, CA cerrtificate, CRL certificate.
IPSec Certificate Upload
Select the IPSec ceertificate to upload by clickiing the Browse button.
Table 115 - IPSec Configuratiion Items
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
53
Op
penVPN
OpenVPN is an open souurce virtual private neetwork (VPN) program
m for creating point-too-point or server-to-m
multi-client encryptedd tunnels between hoost computers. It can traverse network adddress
w well through prroxy servers and cann run over TCP and UDP
transslation (NAT) and fireewalls and allows autthentication by certificcate, pre-shared keyy or username and paassword. OpenVPN works
transsports. Support for OOpenVPN is available on several operatingg systems, including Windows, Linux, Macc OS, Solaris, OpenBBSD, FreeBSD, NetBSSD and QNX.
Co
onfiguring
g an Open VPN serve
er
From
m the menu at the topp of the screen, click Networking and from
m the VPN section on the left, click OpenVVPN. A list of configurred OpenVPN VPN cconnections is displayyed.
Figu
gure 59 - OpenVPN VPN
PN List
Clickk the +Add button forr the type of OpenVPN server/client you would
w like to configuree.
Op
penVPN Se
erver
To configure an OpenVPN Server:
1.
Click the OOpenVPN profile toggle key to switch it to the
t ON position.
2.
Type a nam
me for the OpenVPN server
profile you aree creating.
3.
Use the Seerver port field to seleect a port number andd then use the drop ddown list to select a packet
type to use for your OpenVPN Serrver. The default OpeenVPN port is 1194 annd
default paccket type is UDP.
4.
In the VPN network address and VPN network subnnet mask fields, enterr the IP address and network subnet mask to assign to your VPPN. This is ideally an internal IP address which
differs from
m your existing addresss scheme.
5.
Next to Difffie-Hellman parameteers, click the Generatte DH button. This wiill create an encryptioon key to secure your OpenVPN connectiion.
6.
Under Servver Certificates, enterr the required details. All fields must be coompleted. The Counttry field must consist of two characters onnly. When the details have been entered, click
the Generaate CA certificate buttton to generate the Certificate
Authority (CCA) certificate basedd on this information.
7.
Under the SServer certificates seection, select the Authhentication type that yyou would like to usee for the OpenVPN Seerver.
Note: The DDiffie-Hellman parameeters can take up to 10
1 minutes to generaate. Please be patientt.
NetCComm Wireless Intelliggent M2M Router
54
www.netcommwirelless.com
Ce
ertificate Auth
hentication
In the Certificate Manageement section, enter the required details to
t create a client certtificate. All fields are required. When you have finished enterinng the details, click thhe Generate button.
Figure
Fi
60 - OpenVPN se
server configuration – Certificate manageme
ment
w format you wouuld like. If for some reeason the integrity of your
Wheen it is done, you can click the Download P12 button or the Doownload TGZ button tto save the certificatee file depending on which
netwwork has been comprromised, you can retuurn to this screen andd use the Certificate drop down list to seleect the certificate andd then press the Revvoke button to disablee it.
Optioonal: To inform the OOpenVPN server of the network address scheme of the currenttly selected certificatte, enter the network address and networkk subnet mask in the respective fields andd
clickk the Set network infoormation button. If yoou do not enter the remote subnet here, anny packet requests from the server to the client will not be recceived by the client network because it is not
aware of the remote cliennt’s subnet.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
55
Figure 61 – OpenVPN server profile settings
NetComm Wireless Intelligent M2M Router
56
www.netcommwireless.com
Use
ername / Passsword Authen
ntication
In the Username/Passwoord section, enter the username and password you would like tto use for authentication on the OpenVPN
N Server. Click the Doownload CA certificatte button to save the
ca.crt file. This file will need to be provided to the client.
Note: If yoou wish to have moree than one client connnect to this OpenVPNN server, you must usse Certificate authenttication mode as Useername/Password only allows for a single client
connectioon.
Figure 62 - OpenVPPN Server – Usernamee / Password section
Optioonal: To inform the OOpenVPN server of the network address scheme of the currenttly selected certificatte, enter the network address and networkk subnet mask in the respective fields andd
clickk the Set Network Infoormation button. If yoou do not enter the reemote subnet here, aany packet requests from
f the server to thee client will not be recceived by the client network
because it is not
aware of the remote cliennt’s subnet.
Wheen you have finished eentering all the required information, clickk Save to finish configguring the OpenVPN server.
Co
onfiguring
g an OpenV
VPN Clien
nt
1.
Click the OOpenVPN profile toggle key to switch it to the
t ON position.
2.
In the Profille name field, type a name for the OpenVVPN client profile you are creating.
3.
In the Serveer IP address field, tyype the WAN IP address of the OpenVPNN server.
4.
Use the Seerver port field to seleect a port number andd then use the drop ddown list to select a packet
type to use for the OpenVPN serveer. The default OpenVPN port is 1194 andd
default paccket type is UDP.
5.
If the Defauult gateway option is applied on the OpennVPN client page, thee OpenVPN server wiill enable connections to be made to otheer client networks connnected to it. If it is noot
selected, thhe OpenVPN connecction allows for securee communication linkks between this routeer and the remote OpenVPN server only.
6.
Use the Authentication type options to select the Autthentication type thatt you would like to usse for the OpenVPN client.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
57
Certificate Authentication
In the Certificate upload section at the bottom of the screen, click the Browse button and locate the certificate file you downloaded when you configured the OpenVPN server. When it has been
selected, click the Upload button to send it to the router.
Figure 63 - OpenVPN client - Certificate upload
Username / Password Authentication
Enter the username and password to authenticate with the OpenVPN server.
Figure 64 - OpenVPN Client - Username/Password section
Use the Browse button to locate the CA certificate file you saved from the OpenVPN Server and then press the Upload button to send it to the router.
Click the Save button to complete the OpenVPN Client configuration.
Configuring an OpenVPN P2P Connection
To configure an OpenVPN peer-to-peer connection:
1.
Set the OpenVPN profile toggle key to switch it to the ON position.
2.
In the Profile name field, type a name for the OpenVPN P2P profile you are creating.
3.
On the router designated as the master, leave the Server IP address field empty. On the router designated as the slave, enter the WAN IP address of the master.
NetComm Wireless Intelligent M2M Router
58
www.netcommwireless.com
Figure 65 - OpenVPN P2P modde settings
4.
Use the Seerver port field to seleect a port number andd then use the drop ddown list to select a packet
type to use for the OpenVPN serveer. The default OpenVPN port is 1194 andd
default paccket type is UDP.
5.
In the Locaal IP Address and Remote IP Address fields, enter the respecttive local and remotee IP addresses to usee for the OpenVPN tunnnel. The slave should have the reverse
settings of tthe master.
6.
Under the RRemote network secttion, enter the networrk Address and netwoork Subnet mask. The Network Address and
a Network Mask fieelds inform the Masteer node of the LAN
address sccheme of the slave.
7.
Press the GGenerate button to crreate a secret key to be shared with the sllave. When the timesstamp appears, you can
c click the Downloaad button to save thee file to exchange withh the
other routerr.
8.
When you hhave saved the secreet key file on each router, use the Browse button to locate the secret key file for thee master and then preess the Upload button to send it to the slaave.
Perform thee same for the other router,
uploading the slave’s secret key fille to master.
9.
When they are uploaded click thhe Save button to complete the peer-to-ppeer OpenVPN configguration.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
59
PPTP-Client
The Point-to-Point Tunnelling Protocol (PPTP) is a method for implementing virtual private networks using a TCP and GRE tunnel to encapsulate PPP packets. PPTP operates on Layer 2 of the
OSI model and is included on Windows computers.
Configuring the PPTP Client
To configure the PPTP client:
1.
From the menu bar at the top of the screen, click Networking and then from the VPN section on the left side of the screen, click PPTP client. The PPTP client list is displayed.
Figure 66 - PPTP client list
2.
Click the +Add button to begin configuring a new PPTP client profile. The PPTP client edit screen is displayed.
Figure 67 - VPN PPTP client edit
NetComm Wireless Intelligent M2M Router
60
www.netcommwireless.com
3.
Click the Ennable PPTP client toggle key to switch it to the ON position.
4.
In the Profille name list, enter a profile name for the tunnel.
This may be aanything you like andd is used to identify thhe tunnel on the routeer.
5.
Use the Ussername and Passwoord fields to enter the username and passsword for the PPTP acccount.
6.
In the PPTPP server address field, enter the IP addreess of the PPTP serveer.
7.
From the Authentication type drrop down list, select the
t Authentication typpe used on the serveer. If you do not know the authentication mmethod used, select any
a and the router wiill
m:
attempt to ddetermine the correcct authentication type for you. There are 5 authentication typess you can choose from
CHAPP – uses a three way handshake to authennticate the identity of a client.
MS-CHAP v1 – This is the Microsoft implementation of the Challengge Handshake Authenntication Protocol for which support was ddropped in Windows®
® Vista.
implementaation of the Challengee Handshake Authenntication Protocol which was introduced inn Windows® NT 4.0 and
a is still supported
MS-CHAP v2 - This is the Microsoft
todayy.
mended because it
PAP – The Password Authentication Protocol uses a password as a means of authenticaation and as such, is commonly supportedd. PAP is not recomm
transm
mits passwords unenncrypted and is not seecure.
protocool commonly used in wireless networks.
EAP – Extensible Authenticcation Protocol. An Authentication
8.
The metric value helps the routeer to prioritise routes and must be a numbber between 0 and 655535. The default value is 30 and should nnot be modified unless you are aware of the
effect your changes will have.
9.
The Use peeer DNS option allowws you to select whethher the remote clientss will use the Domainn Name Server of the PPTP server. Click thhe toggle key to set this
t to ON or OFF as
required.
10.
NAT masquuerading allows the router
to modify the packets
sent and receeived to inform remotte computers on the internet that packetss originating from a machine
behind the roouter
actually origginated from the WAN IP address of the router’s
internal NAT IP address. Click thee toggle key to switchh this to the ON positition if you want to usee this feature.
11.
Set default route to PPTP sets all
a outbound data packets to go out throuugh the PPTP tunnel. Click the toggle key to switch this to the OON position if you waant to use this featuree.
12.
The Verbosse logging option setss the router to outputt detailed logs regardding the PPTP connection in the System Log
L section of the rouuter interface.
13.
The Reconnnect delay is the timee in seconds that the router will wait beforre attempting to connnect to the PPTP server in the event that thhe connection is brokken. The minimum tim
me to
wait is 30 seconds so as to not flood the PPTP serveer with connection reqquests, while the maxximum time to wait is 65335 seconds.
14.
The Reconnnect retries is the num
mber of connection attempts
that the routter will make in the evvent that the PPTP coonnection goes downn. If set to 0, the routeer will retry the conneection
indefinitely,, otherwise the maxim
mum number of timess to retry cannot be ggreater than 65335.
15.
Click the Saave button to save thhe changes. The VPNN will attempt to connnect after your click Save.
S Click the Status button at the top leftft of the interface to reeturn to the status winndow
and monitoor the VPN’s connection state.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
61
GRE tunnelling
The Generic Route Encapsulation (GRE) protocol is used in addition to Point-to-Point Tunnelling Protocol (PPTP) to create VPNs (virtual private networks) between clients and servers or between
clients only. Once a PPTP control session establishes the VPN tunnel GRE is used to securely encapsulate the data or payload.
Configuring GRE tunnelling
To configure GRE tunnelling:
1.
From the menu bar at the top of the screen, click Networking and then from the VPN section on the left side of the screen, click GRE. The GRE client list is displayed.
Figure 68 - GRE client list
2.
Click the +Add button to begin configuring a new GRE tunnelling client profile. The GRE Client Edit screen is displayed.
Figure 69 – GRE client edit
3.
Click the Enable GRE Tunnel toggle key to switch it to the ON position.
NetComm Wireless Intelligent M2M Router
62
www.netcommwireless.com
4.
In the Profille name, enter a proffile name for the tunnnel. This may be anytthing you like and is used
u to identify the tuunnel on the router.
5.
In the GRE server address fieldd, enter the IP addresss of the GRE server.
6.
In the Locaal tunnel address fieldd, enter the IP addresss you want to assignn the tunnel locally.
7.
In the Remote tunnel address field, enter the IP address you want to asssign to the remote tunnnel.
8.
In the Remote network address field, enter the IP adddress scheme of thee remote network.
9.
In the Remote network subnetm
mask field, enter the subnet
mask of the reemote network.
10.
The TTL (TTime To Live) field is an
a 8-bit field used to remove an undeliverrable data packet froom a network to avoidd unnecessary netwoork traffic across the internet. The default value
of 255 is the upper limit on the time
t that an IP datagram can exist. The vaalue is reduced by att least one for each hop
h the data packet ttakes to the next routter on the route to thee
datagram’ss destination. If the TTTL field reaches zeroo before the datagramm arrives at its destination the data packet is discarded and ann error message is seent back to the sendeer.
11.
The Verbosse logging option setss the router to outputt detailed logs regardding the GRE tunnel in the System Log section of the router intterface.
12.
The Reconnnect delay is the timee in seconds that the router will wait beforre attempting to connnect to the GRE serveer in the event that thee connection is broken. The minimum tim
me to
wait is 30 seconds so as to not flood the GRE serverr with connection reqquests, while the maxximum time to wait is 65335 seconds.
13.
The Reconnnect retries is the num
mber of connection attempts
that the routter will make in the evvent that the GRE connection goes down.. If set to 0, the router will retry the connecction
indefinitely,, otherwise the maxim
mum number of timess to retry cannot be ggreater than 65335.
14.
Click the Saave button to save thhe changes. The VPNN will attempt to connnect after your click Save.
S Click the Status button at the top leftft of the interface to reeturn to the status winndow
and monitoor the VPN’s connection state.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
63
Services
Dynamic DNS
The DDNS page is used to configure the Dynamic DNS feature of the router. A number of Dynamic DNS hosts are available from which to select.
Figure 70 – Dynamic DNS settings
Dynamic DNS provides a method for the router to update an external name server with the current WAN IP address.
To configure dynamic DNS:
1.
Click the DDNS configuration toggle key to switch it to the ON position.
2.
From the Dynamic DNS drop down list, select the Dynamic DNS service that you wish to use. The available DDNS services available are:

www.dhs.org

www.dyndns.org

www.dyns.cx

www.easydns.com

www.justlinux.com

www.ods.org

www.tzo.com

www.zoneedit.com
3.
In the Username and Password fields, enter the logon credentials for your DDNS account. Enter the password for the account again in the Verify password field.
4.
Click the Save button to save the DDNS configuration settings.
NetComm Wireless Intelligent M2M Router
64
www.netcommwireless.com
Network
k time (NTP)
The NTP (Network Time PProtocol) settings pagge allows you to configure the Intelligent M2M Router to synchhronize its internal cloock with a global Inteernet Time server andd specify the time zone for
for features ssuch as System Log entries and Firewall settings where the cuurrent system time is displayed and recorrded.
the location of the router.. This provides an acccurate timekeeping function
Any NTP server availablee publicly on the interrnet may be used. Thhe default NTP serverr is 0.netcomm.pool.nntp.org.
FFigure 71 - NTP setting
ngs
Co
onfiguring
g Timezone
e settings
To configure time zone settings:
1.
The Currennt time field shows thee time and date configured on the router. If this is not accuratee, use the Time zonee drop down list to seelect the correct time zone for the router. If the
selected zoone observes daylighht savings time, a Dayylight savings time scchedule link appearss below the drop dow
wn list. Click the link too see the start and end times for daylight
savings.
2.
When you hhave selected the correct time zone, clickk the Save button to ssave the settings.
Co
onfiguring
g NTP settings
To configure NTP settings:
1.
Click the Network time (NTP) tooggle key to switch it to the ON position.
2.
In the NTP service field, enter thhe address of the NTTP server you wish to use.
3.
The Synchrronization on WWANN connection toggle key
k enables or disabl es the router from peerforming a synchronization of the time eaach time a mobile brooadband connection is
establishedd.
4.
The Daily ssynchronisation toggle key enables or disaables the router fromm performing a synchrronization of the time each day.
5.
When you hhave finished configuuring NTP settings, click the Save button tto save the settings.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
65
Data stream manager
The data stream manager provides you with the ability to create mappings between input ports and output ports (e.g. Serial Port, SMS, GPS, USB) and performs any required translation or data
processing by each virtual data tunnel. Customers interested in developing their own applications to create custom mappings can contact NetComm Wireless about our Software Development
Kit.
To add a new data stream:
1.
Click the +Add button on the right side of the page.
Figure 72 - Data stream list
2.
Click the Activate toggle key so that it is in the ON position.
Figure 73 - Activate button
3.
In the Data stream name field, enter a name to identify the mapping on the Data stream list.
4.
Under the Endpoint A section, use the Type drop down list to select the input port. In the Mode drop down list, select the mode of the input port. If Endpoint A is set to Serial, use
the displayed drop down lists to specify further parameters about the serial port settings and PAD settings if required.
5.
Under the Endpoint B section, use the Type drop down list to select the output port. Use the Mode drop down list to select the mode of the output port. Enter any other details as
required for the type of output you have selected.
6.
Click the Save button to confirm your settings.
NetComm Wireless Intelligent M2M Router
66
www.netcommwireless.com
Watchdo
ogs
To access the Watchdoggs page, click the Services menu item, theen select the Watchddogs menu item on the left.
Figuure 74 - Watchdogs Seettings
Watcchdogs are features wwhich monitor the router for anomalies annd restart the router iff an anomaly occurs preventing its normaal operation. When coonfigured, the watchddogs feature transmitts
conttrolled ping packets tto 1 or 2 user specifieed IP addresses to confirm an active connnection. If the watchddog does not receivee responses to the pinngs after a specified number of failures, it will
rebooot the device in a lasst resort attempt to reestore connectivity.
We recommend
using caaution when implemeenting this feature in situations
where the ddevice is intentionallyy offline for a particulaar reason, for exampple, when Dial-on-dem
mand has been enabbled.
This is because the watcchdog expects to be able
a to access the innternet at all times, annd will always eventually reboot the routerr if access isn't restorred by the time the various timers expire and
the fail
f count is reached.
d to the nature of tthe watchdog being a last resort standaloone backup mechanissm that it will continuue to do its job and reeboot the device evenn when the Dial-on-ddemand session is idlle, or
It is due
the mobile
broadband coonnection is disabledd by the user. Therefoore, we recommendeed that you disable thhis feature if Dial-on-ddemand is configuredd or if the mobile broadband connection will
be inntentionally disconneected on occasion.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
67
The watchdog works as ffollows:
a)
The router ssends 3 consecutive pings to the first desstination address at tthe interval specified in the Periodic Ping timer field.
b)
If all 3 pings to the first destination address fail, the router
sends 3 conseecutive pings to the second
destination adddress at the Periodicc Ping timer interval.
c)
If all 3 pings to the second desttination address fail, the
t router sends 3 pi ngs to the first destinnation address using the Periodic Ping acccelerated timer interrval.
d)
If all 3 acceelerated pings to the first destination addrress fail, the router seends 3 pings to the second
destination adddress at the Periodicc Ping accelerated timer interval.
e)
If all 3 acceelerated pings to the second destination address
fail, the routeer registers this as a fail and returns to steep C.
f)
When the nnumber of failures reaaches the number coonfigured in the Fail ccount field, the routerr reboots. If any ping succeeds, the routerr returns to step A annd does not reboot.
Note: The Peeriodic Ping timer shoould not be set to a value
v of less than 2100 seconds to allow the router time to reconnect to the cellular nnetwork following a reboot.
the periodic pping reset monitor, seet Fail count to 0.
To disable
Figuree 75 – Ping watchdog settings
NetCComm Wireless Intelliggent M2M Router
68
www.netcommwirelless.com
Co
onfiguring
g Periodic Ping settin
ngs
The Periodic Ping settinggs configure the routeer to transmit controlled ping packets to 2 specified IP addresses. If the router does not receive responnses to the pings, thee router will reboot.
To configure the ping waatchdog:
1.
In the First destination address field, enter a websitee address or IP addreess to which the router should send the first round of ping req uests.
2.
In the Secoond destination addreess field, enter a webbsite address or IP adddress to which the router should send the second round of piing requests.
3.
In the Perioodic Ping timer field, enter an integer betwween 300 and 65535 for the number of seeconds the router shoould wait between pinng attempts. Setting this to 0 disables thee ping
watchdog ffunction.
4.
In the Perioodic Ping acceleratedd timer field, enter an integer between 60 and 65535 for the nuumber of seconds thee router should wait bbetween acceleratedd ping attempts, i.e. pings
to the second destination addreess. Setting this to 0 disables
the ping wattchdog function
5.
In the Fail ccount field, enter an integer
between 1 annd 65535 for the nummber of times an acceelerated ping should fail before the router reboots. Setting this to 0 disables the pinng
watchdog ffunction.
Diisabling th
he Periodic
c Ping rese
et function
To disable
the Periodic PPing reset function, seet Fail count to 0.
Note: The trafffic generated by the periodic ping featuree is usually counted aas chargeable data usage.
Please keep this in mind when seleecting how often to ping.
Co
onfiguring
g a Periodiic reboot
The router can be configured to automaticallyy reboot after a periodd of time specified inn minutes. While this is not necessary, it does ensure that in thee case of remote installations, the router will
rebooot if some anomaly ooccurs.
1.
In the Forcee reboot every field, enter the time in minutes between forced reboots. The defaultt value is 0 which disables the Periodic reeboot function. The minimum
period betweeen
reboots is 5 minutes while the maximum
value is 655535 minutes.
2.
If you have configured a forced reboot time, you cann use the Randomisee reboot time drop doown list to select a random reboot timer. RRandomising the rebooot time is useful for
preventing a large number of deevices from rebootingg simultaneously andd flooding the networrk with connection attempts. The router wiill wait for the configuured Force reboot every
time and thhen randomly reboot within
w the configuredd Randomise reboot ttime.
3.
Click the Saave button to save thhe settings.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
69
SNMP
SNMP configuration
The SNMP page is used to configure the SNMP features of the router.
Figure 76 - SNMP configuration
SNMP (Simple Network Management Protocol) is used to remotely monitor the router for conditions that may warrant administrative attention. It can be used to retrieve information from the router
such as the signal strength, the system time and the interface status.
To configure SNMP:
1.
Click the SNMP toggle key to switch it to the ON position.
2.
Enter Read-only community name and Read-write community name which are used for client authentication.
Community names are used as a type of security to prevent access to reading and/or writing to the routers configuration. It is recommended that you change the Community names
to something other than the default settings when using this feature.
3.
Click the Save button to save any changes to the settings.
The Download button displays the Management information base (MIB) of the router. The MIB displays all the objects of the router that can have their values set or report their status. The MIB is
formatted in the SNMP-related standard RFC1155.
NetComm Wireless Intelligent M2M Router
70
www.netcommwireless.com
SN
NMP traps
SNM
MP traps are messagees from the router to the Network Manageement System sent ass UDP packets. Theyy are often used to nootify the managementt system of any significant events such ass
whetther the link is up or ddown.
Co
onfiguring
g SNMP tra
aps
To configure SNMP trapss:
1.
In the Trap destination field, entter the IP address to which SNMP data is to be sent.
2.
In the Hearrtbeat interval field, enter the number of seeconds between SNMMP heartbeats.
3.
Use the Traap persistence field too specify the time in seconds that an SNMMP trap persists.
4.
Use the Traap retransmission tim
me to specify the lenggth of time in secondss between SNMP trapp retransmissions.
FFigure 77 - SNMP trapps
To send a manual SNMPP Heartbeat, click the Send heartbeat button. When you have ffinished configuring the
t SNMP traps, clickk the Save button to ssave the settings.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
71
TR
R-069
To access the TR-069 coonfiguration page, clicck the Services menu item, then select thhe TR-069 menu item on the left.
Figure
re 78 - TR-069 configu
guration
The TR-069 (Technical RReport 069) protocol is a technical specificcation also known as CPE WAN Managem
ment Protocol (CWMPP). It is a framework fofor remote management and autoconffiguration of end-userr devices such as customer-premises equuipment (CPE) and AAuto Configuration Seervers (ACS). It is parrticularly efficient in aapplying configuration updates across
netwworks to multiple CPEEs.
TR-0069 uses a bi-directioonal SOAP/HTTP-bassed protocol based on the application layeer protocol and provides several benefits for the maintenancee of a field of CPEs:
Simplifies the initial configuration of a device during installation
Enables easy restoration of
o service after a factoory reset or replacemment of a faulty device
Firmwware and software verrsion management
Diagnnostics and monitoring
Note: You muust have your own coompatible ACS infrastructure to use TR-0669.In order to accesss and configure the TR-069 settings you mmust be logged into thhe router as the root user.
TR
R-069 confi
figuration
To configure TR-069:
1.
Click the Ennable TR-069 toggle key to switch it to the ON position.
2.
In the ACS URL field, enter the Auto Configuration Server’s
full domain nname or IP address.
3.
Use the ACCS username field to specify the username for the Auto Configguration Server.
4.
In the ACS password and Verifyy ACS password fieldds, enter the Auto Coonfiguration Server paassword.
5.
In the Connnection Request Username field, enter thee username to use foor the connection requests.
6.
In the Connnection Request Password and Verify passsword fields, enter thhe connection request password.
7.
The inform message acts as a beacon
to inform the ACS of the existencee of the router. Click the
t Enable periodic ACS
A informs toggle kkey to turn on the perriodic ACS inform
messages.
8.
In the Inform
m Period field, enter the number of seconnds between the inforrm messages.
9.
Click the Saave button to save thhe settings.
NetCComm Wireless Intelliggent M2M Router
72
www.netcommwirelless.com
GPS
The built-in GPS module allows you to use loccation-based services, monitor field deplooyed hardware or findd your current locatioon. The GPS Status wwindow provides up to date information abbout
location and tthe current GPS signal conditions (positioon dilution of precisioon (PDOP), horizontal dilution of precision (HDOP) and verticall dilution of precision (VDOP)) of the routeer.
the current
To use the GPS function, set the GPS operation toggle key to ON and click the Save bbutton.
The Google map button pprovides a quick shoort cut to show your roouter’s current positioon on a map and beccause GPS positioninng relies on accurate clock settings to obttain the correct
inforrmation about your loocation, the Clock Synnc button allows you to quickly set the rouuter clock to the correect time. This ensures you will always havve the correct GPS position information
available.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
73
SMS messaging
The Intelligent M2M Router offers an advanced SMS feature set, including sending messages, receiving messages, redirecting incoming messages to another destination, as well as supporting
remote commands and diagnostics messages.
Some of the functions supported include:
Ability to send a text message via a CDMA network and store it in permanent storage.
Ability to receive a text message via a CDMA network and store it in permanent storage.
Ability to forward incoming text messages via a CDMA network to another remote destination which may be a TCP/UDP server or other mobile devices.
Ability to receive run-time variables from the device (e.g. uptime) on request via SMS
Ability to change live configuration on the device (e.g. network username) via SMS.
Ability to execute supported commands (e.g. reboot) via SMS
Ability to trigger the Intelligent M2M Router to download and install a firmware upgrade
Ability to trigger the Intelligent M2M Router to download and apply a configuration file
To access the SMS messaging functions of the Intelligent M2M Router, click on the Services menu item from the top menu bar, and then select one of the options under the SMS messaging
section on the left hand menu.
Setup
The Setup page provides the options to enable or disable the SMS messaging functionality and SMS forwarding functionalities of the router. SMS messaging is enabled by default.
Figure 79 - General SMS Configuration
NetComm Wireless Intelligent M2M Router
74
www.netcommwireless.com
OPTION
DEFINITION
Geneeral SMS configuration
SMSS messaging
Toggles the SMS functionalityy of the router on and off.
Messsages per page (10-50)
The number of SMS messagees to display per page. Muust be a value between 10 and 50.
Encooding scheme
The encoding method used ffor outbound SMS messages. GSM 7-bit mode permits up to 160 characters peer message but drops to 500
characters if the message inccludes special characters. UCS-2 mode allows the seending of Unicode charactters and permits a message to
bee up to 50 characters in lenngth.
SMSS forwarding configuration
Forwwarding
Toggles the SMS forwarding function of the router on and off.
Redirect to mobile
Enter a mobile number as thee destination for forwardedd SMS messages.
TCP address
Enter an IP address or domaain name as the destinationn for forwarded SMS messaages using TCP.
TCP port
The TCP port on which to connnect to the remote destinaation.
UDPP address
Enter an IP address or domaain name as the destinationn for forwarded SMS messaages using UDP.
UDPP port
The UDP port on which to coonnect to the remote destination.
Tabl
ble 16 - SMS Setup Set
ettings
SM
MS forward
ding config
guration
Incoming text messages can be redirected too another mobile device and/or a TCP/UDDP message server.
Re
edirect to m
mobile
You can forward incominng text messages to a different destinationn number. This destinnation number can be another mobile phoone or a 3G router phhone number.
For Example:
If someone sends a text m
message and Redireect to mobile is set to “+61412345678”, thhe text message is stoored on the router annd forwarded to “+61 412345678” at the saame time.
To disable
redirection to a mobile, clear the Redirect
to mobile field and click the Savee button.
Re
edirect to T
TCP / UDP
P address
You can also forward inccoming text messages to a TCP/UDP baseed destination. The TTCP or UDP server caan be any kind of pubblic or private server if the server acceptss incoming text-basedd
messages.
The TCP/UDP address caan be an IP address or domain name. The port number rangee is from 1 to 65535. Please
refer to your TCP/UDP
based SMSS server configurationn for which port to use.
For Example:
If someone sends a text m
message and TCP address
is set to “192.168.20.3” and TCP port is set to “2002”,, this text message is stored in the router aand forwarded to “1992.168.20.3” on port
“20002” at the same time.
To disable
redirection to a TCP or UDP addreess, clear the TCP adddress and UDP addrress fields and click the Save button.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
75
New message
The New message page can be used to send SMS text messages to a single or multiple recipients.
A new SMS message can be sent to a maximum of 100 recipients at the same time. After sending the message, the result is displayed next to the destination number as “Success” or “Failure” if
the message failed to send. By default, only one destination number field is displayed. Additional destination numbers may be added one at a time after entering a valid number for the current
destination number field. To add a destination number, click the
button and to remove the last destination in the list, click the
button.
Figure 80 - SMS - New Message
Destination numbers should begin with the “+” symbol followed by the country calling code. To send a message to a destination number, enter the “+” symbol followed by the country calling
code and then the destination number.
For example:
To send a message to the mobile destination number 0412345678 in Australia (country calling code 61), enter “+61412345678”.
After entering the required recipient numbers, type your SMS message in the New message field. As you type your message, a counter shows how many characters you have entered out of the
total number available for your chosen encoding scheme. When you have finished typing your message and you are ready to send it, click the Send button.
NetComm Wireless Intelligent M2M Router
76
www.netcommwireless.com
Inb
box / Outb
box
The Inbox displays all recceived messages thaat are stored on the router while the Outboox displays all sent messages.
Figure 81 - SMS Inboox
FFigure 82 - SMS Outbbox
ICON
DESCRIPTION
Forwward button. Click this buttton to open a new messag e window where you can forward the corresponding message to another recipiient.
Repply button. Click this buttonn to open a new message wwindow where you can reply to the sender.
Addd to White list. Click this button to add the sender’s mmobile number to the white list on the router.
Delete button. Click this button to delete the correspondding message.
Reffresh button. Click this buttoon to refresh the inbox or ooutbox to see new messages.
Tabl
ble 17 - Inbox/Outboxx icons
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
77
Diagnos
stics
The Diagnostics page is used to configure thee SMS diagnostics and command executtion configuration. Thhis allows you to channge the configurationn, perform functions remotely
and check on
o the
MS commands.
statuus of the router via SM
To access the Diagnosticcs page, click on the Services menu item then select the SMSS menu on the left andd finally select Diagnostics beneath it.
Figure
83 - SMS diagnnostics and commandd execution configurati
tion
SM
MS diagnostics and command
execution
n configura
ation
The options on this pagee are described beloww.
Enable remote d
diagnostics an
nd command execution
Enabbles or disables the rremote diagnostics feeature. If this setting is enabled all incomiing text messages arre parsed and tested for remote diagnostiics commands.
If rem
mote diagnostics com
mmands are found, the router executes thhose commands. Thiss feature is enabled by default. All remotee diagnostic commannds that are receivedd are stored in the Inbbox.
Note: It is possible to adjust setttings and prevent youur router from functiooning correctly using remote diagnostics. If this occurs, you wiill need to perform a factory reset in orderr to
mal operation.
restore norm
a a password whenn utilising this featuree to prevent unauthorised access. See thee White list descriptioon for more informatioon.
We highly reecommended that yoou use the white list and
NetCComm Wireless Intelliggent M2M Router
78
www.netcommwirelless.com
On
nly accept auth
henticated SM
MS messages
Enabbles or disables checcking the sender’s phhone number againstt the allowed sender white list for incoming diagnostics and coommand execution SSMS messages.
ming message against the
If authentication is enableed, the router will cheeck if the sender’s nuumber exists in the wwhite list. If it exists, thhe router then checkss the password (if connfigured) in the incom
passsword in the white listt for the correspondinng sending number. If they match, the diaagnostic or commandd is executed.
If thee number does not exxist in the white list or the password does not match, the routeer does not execute the incoming diagnosstic or command in thhe SMS message.
This is enabled by default and it is strongly addvised that you leavee this feature enabledd to maintain securityy.
Sen
nd Set comma
and acknowle
edgement rep
plies
The Intelligent M2M Routter will automatically reply to certain typess of commands receiived, such as get com
mmands, or execute commands. Howeveer replies from the Intelligent M2M Router are
MS Wakeup command. If
optioonal with set commannds and the Wakeup command. This option Enables or disablles sending an acknoowledgment message after execution of a set command or SM
disabled, the router doess not send any acknoowledgement after exxecution of a set commmand or SMS Wakeuup command. All ackknowledgment replies
es are stored in the Outbox after they havee
beenn sent.
This can be useful to determine if a commandd was received and executed
by the routeer. This option is disaabled by default.
Sen
nd acknowled
dgement repllies to
This option allows you to specify where to sennd acknowledgment messages after the eexecution of a set, orr exec command.
f number is seleccted, the acknowledggement message will be sent to the numbber defined in the Fixeed number to send reeplies to field. If the ssender’s number is selected,
the
If a fixed
acknnowledgement messaage will be sent to the number that the SM
MS diagnostic or commmand message origginated from. The deffault setting is to use the sender’s number.
Fix
xed number to
o send repliess to
This field defines the desstination number to which
w error messagess are sent after the exxecution of a get, set, or exec command. This field is only dispplayed when Send Error
E SMS to is set to
Fixed Number.
Sen
nd command error repliess
Enabbles or disables the ssending of an error message
resulting from the execution of a get, set, or exec com
mmand. All error replies are stored in the Outbox after they haave been sent.
Sen
nd error repliies to
Wheen Send Error SMS foor Get/Set/Exec Com
mmand is set to ON, this option is used to specify where the errror SMS is sent. Use the radio buttons to select either Fixed Number
or SMS Sendder
Num
mber. When set to SM
MS Sender Number thhe router will reply to the originating numbber of the SMS diagnostic or command. When
W set to Fixed Nu mber the router will send
s the error messaages
to the number specified iin the following field.
Sen
nd a maximum
m number of
You can set the maximum
m number of acknowwledgement and errorr messages sent wheen an SMS diagnosticc or command is executed. The maximumm limit can be set perr hour, day, week or month.
The router will send a maaximum of 100 repliess by default.
The number of messagess sent is shown beloww the options. The total transmitted messaage count resets afteer a reboot or at the beginning
of the time frame specified.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
79
White List for diagnostic or execution SMS
The white list is a list of mobile numbers that you can create which are considered “friendly” to the router. If Only accept authenticated SMS messages is enabled in the diagnostics section, the
router will compare the mobile number of all incoming diagnostic and command messages against this white list to determine whether the diagnostic or command should be executed. You may
optionally configure a password for each number to give an additional level of security. When a password is specified for a number, the SMS diagnostic or command message is parsed for the
password and will only be executed if the number and password match.
Figure 84 - White list for diagnostic or execution SMS
A maximum of 20 numbers can be stored on the router in the white list. To add a number to the white list, click the “+Add” button.
Figure 85 – Adding a number to the SMS white list
The White List numbers and passwords can be cleared by pressing the
button to the right of each entry. To add a number to the white list, enter it in the Destination number field and
optionally define a password in the Password field. When you have finished adding numbers click the Save button to save the entries.
NetComm Wireless Intelligent M2M Router
80
www.netcommwireless.com
Se
ending
g an SM
MS Diag
gnostic Comm
mand
Folloow the steps below too configure the routerr to optionally acceptt SMS diagnostic commmands only from auuthenticated senders and learn how to seend SMS diagnostic commands
to the router.
1.
Navigate too the Services > SMSS messaging > Diagnnostics page
2.
Confirm thaat the Enable remote diagnostics and com
mmand execution togggle key is set to the ON position. If it is seet to OFF click the tooggle key to switch it to the ON position.
3.
If you wish to have the router onnly accept commands from authenticated senders, ensure thaat Only accept authennticated SMS messagges is set to the ON position.
In the Whitee list
for diagnosstic or execution SMSS messages section, click the +Add butto n and enter the sendder’s number in internnational format into thhe Destination numbeer field that appears. If
you wish too also configure a passsword, enter the passsword in the Passwo
word field corresponding to the destinationn number.
4.
If you wouldd prefer to accept SM
MS diagnostic commands from any sendeer, set the Only accept authenticated SMSS messages toggle kkey to the OFF positioon.
Note: An alteernative method of addding a number to thhe white list is to sendd an SMS message to the router, navigatee to Services > SMS messaging > Inbox and then click the
button next tto the message whicch corresponds to thee sender’s number.
5.
Click the Saave button.
Ty
ypes of SM
MS diagnosstic comma
ands
Therre are three types of ccommands that can be sent; execute, gett and set. The basic syntax is as follows:
execuute COMMAND
get VAARIABLE
set VAARIABLE=VALUE
If authentication is enableed, each command must
m be preceded byy the password:
MMAND
PASSWORD execute COM
PASSWORD get VARIABLLE
PASSWORD set VARIABLE=VALUE
The following are some eexamples of SMS diaggnostic commands:
passwword6657 execute reboot
get rsssi
set appn1=testAPNvalue
SM
MS acknow
wledgment replies
The router automatically replies to get commaands with a value andd execute commandss with either a successs or error response. Set commands will oonly be responded too if the Send Set
ment replies toggle keey is set to ON. If thee Send command erroor replies toggle key is set to ON, the router will send a reply if the command is coorrect but a variable or
command acknowledgem
valuee is incorrect, for exaample, due to misspeelling.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
81
SMS command format
Generic Format for reading variables:
get VARIABLE
PASSWORD get VARIABLE
Generic Format for writing to variables:
set VARIABLE=VALUE
PASSWORD set VARIABLE=VALUE
Generic Format for executing a command:
Execute COMMAND
PASSWORD execute COMMAND
Replies
Upon receipt of a successfully formatted, authenticated (if required) command, the gateway will reply to the SMS in the following format:
TYPE
SMS CONTENTS
get command
“VARIABLE=VALUE”
set command
“Successfully set VARIABLE to VALUE”
execute command
“Successfully executed command COMMAND”
NOTES
Only sent if the acknowledgment message function is enabled
Table 18 - SMS Diagnostic Command Syntax
Where “VARIABLE” is the name of the value to be read
Where “VARIABLE (x)” is the name of another value to be read
Where “VALUE” is the content to be written to the “VARIABLE”
Where “COMMAND” is a supported command to be executed by the device (e.g. reboot)
Where “PASSWORD” is the password (if configured) for the corresponding sender number specified in the White List
Multiple commands can be sent in the same message, if separated by a semicolon.
For Example:
get VARIABLE1; get VARIABLE2; get VARIABLE3
PASSWORD get VARIABLE1; get VARIABLE2
set VARIABLE=VALUE1 ; set VARIABLE2=VALUE2
PASSWORD set VARIABLE1=VALUE1; set VARIABLE2=VALUE2; set VARIABLE3=VALUE3
If required, values can also be bound by an apostrophe, double apostrophe or back tick.
For Example:
“set VARIABLE=’VALUE’”
“set VARIABLE=”VALUE””
“set VARIABLE=`VALUE`”
“get VARIABLE”
NetComm Wireless Intelligent M2M Router
82
www.netcommwireless.com
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
83
A paassword (if required),, only needs to be sppecified once per SMS, but can be prefixeed to each commandd if desired.
“PASSSWORD get Variable1”; “get VARIABLE22”
“PASSSWORD set VARIABBLE1=VALUE1”; “sett VARIABLE2=VALUEE2”
executes the remaininng command line afteer the
If thee command sent includes the “reboot” coommand and has alreeady passed the whitte list password checck, the device keeps this password and ex
rebooot with this same passsword.
For Example:
“PASSSWORD execute rebboot; getVariable1”; “get VARABLE2”
“PASSSWORD execute rebboot; PASSWORD geet Variable1”; “get VAARABLE2”
Note: Commands, variables and values are case senssitive.
Lisst of valid command
ds
A list of valid commands which can be used in
i conjunction with thhe execute commandd are listed below:
“pdppcycle”, “pdpdown” and “pdpup” commaands can have a profile number suffix ‘x’ aadded. Without the suffix
s specified, the command operates aggainst the default proofile configured on thhe
profiile list page of the Weeb-UI.
COMMANDD NAME
DESCRRIPTION
reboot
Immediately performs a soft reboot.
pddpcycle
Disconnects (if connecteted) and reconnects the daata connection. If a profile number
is selected in the ccommand, try to disconnecct/reconnect the
specified profile in casee the profile is active. If no profile
number is selected, try to disconnect/reconnecct the current active profilee. Reports an error if no
profile number is selecteed and there is no currently activated profile.
pddpdown
Disconnects the PDP. Iff a profile number is selecteed in the command, the rouuter tries to disconnect thee specified profile in case the profile is active. If no
profile number is selecteed, try to disconnect the cuurrent active profile. Reports an error if no profile nummber is selected and there is no currently activated
profile.
pddpup
Reconnects the PDP. If a profile number is selecteed in the command, the rouuter tries to connect with the
he specified profile. If no prrofile number is
selected, the router triess to connect to the last active profile. The gateway will check the currently activaated profile and disconnecct this profile before
executing the commandd. The router reports an errror if no profile number is seelected and there is no stoored last active profile number.
facctorydefaults
Performs a factory resett on the router.
Performs a download annd install of a Firmware Upgrade (.cdi), Config File (.tar.gz) or a help documentt (.pdf) file.
If the file is a firmware immage as in the case of a .ccdi file, the router will apply the recovery image first annd then the main firmware image. The download
location is specified immmediately after the commannd and may be from an HTTTP or FTP source URL.
If the file is a .tar.gz file, the router will apply the file as a configuration file update for the device and rebboot afterwards.
doownload
If the file is a .pdf, the roouter will assume this is a user
u guide document and save
s it to the router and maake the file available for vieewing via the help menu
on the Web-UI.
Note: If your download UURL includes any space characters, please encode these
prior to transmission according to RFC1738, foor example:
ftp://username:passwordd@serveraddress/directoryy%20with%20spaces/filenaame.cdi
Note: Authenticated FTPP addresses may be used following the format as deffined in RFC1738, for exammple:
ftp://username:passwordd@serveraddress/directoryy/filename.cdi
Table 19 - List
st of Valid SMS diagnoostic commands
NetCComm Wireless Intelliggent M2M Router
84
www.netcommwirelless.com
The following table lists vvalid variables where “x” is a profile numbber (1-6). If no profile is specified, variablees are read from or written
to for the curreent active profile. If a profile is specified,
variaables are read from oor written to for the sppecified profile number (‘x’).
RDB VARIABLE NAAME
SMS VARIABLE NAME
READ/W
WRIT
DESCRRIPTION
EXAM
MPLE VALUE
link.profile.1.enable
Reaad:
link.profile.1.appn
(proofile no,atd#xxx,user,pass,,auth,iplocal,status)
link.profile.1.useer
1,atatd#777,username,passworrd, chap,202.44.185.111,up
profile
link.profile.1.paass
RW
Profile
link.profile.1.autth_type
Writite:
link.profile.1.iploocal
(atdd#xxx, user, pass,auth)
link.profile.1.staatus
atd#
d#777,username,password
link.profile.1.useer
username
RW
3G username
Gueest, could also return “null””
password
RW
3G password
Gueest, could also return “null””
link.profile.1.paass
link.profile.1.autth_type
authtype
RW
3G Authentication type
”paap” or”chap”
link.profile.1.iploocal
wanip
WAN IP addresss
2022.44.185.111
wwan.0.radio.innformation.signal_strength
rssi
3G signal strength
-655 dBm
meid
MEID number
0x000A1000021D003BB
usage
3G data usage of current
session
“Rxx 500 bytes, Tx 1024 bytes, Total 1524 bytes” or “Rx 0 byte, Tx 0
bytete, Total 0 byte” when wwan down
wanuptime
Up time of current 3G session
1 ddays 02:30:12 or 0 days 00:00:00 when wwan down
wwan.0.meid
statistics.usagee_current
statistics.usagee_current
10
/proc/uptime
deviceuptime
Device up time
1 ddays 02:30:12
11
wwan.0.system_network_status.current_bband
band
Current Frequency channel &
band
CHH:425 PCS-B Band
Table 20 - List of SMS diagnostitics variables
SM
MS diagnostics exam
mples
The examples below dem
monstrate various com
mbinations of supporrted commands. Thiss is not an exhaustivee list and serves as an example of possibiilities only.
DDESCRIPTION
AUTTHENTICATION
INPUT EXAMPLE
Not requireed
set username=’NetComm’
Required
PASSWORD set usernname= ”NetComm”
Not requireed
set password= `NetCoomm`
Required
PASSWORD set passwword= `NetComm`
Not requireed
set authtype= ‘pap’
Required
PASSWORD set authttype = pap
Not requireed
execute reboot
Required
PASSWORD execute reboot
Not requireed
get wanip
Required
PASSWORD get wanipp
Not requireed
get rssi
Required
PASSWORD get rssi
Send SMS to channge the data connection ussername
Send SMS to channge the data connection paassword
Send SMS to channge the data connection
authentication
Send SMS to rebooot
Send SMS to checck the WAN IP address
Send SMS to checck the mobile signal strenggth
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
85
Not required
get meid
Required
PASSWORD get meid
Not required
get band
Required
PASSWORD get band
Not required
execute pdpcycle
Required
PASSWORD execute pdpcycle
Not required
execute pdpdown
Required
PASSWORD execute pdpdown
Not required
execute pdpup
Required
PASSWORD execute pdpup
Not required
get wanip; get rssi
Required
PASSWORD get wanip; get rssi
Not required
set ssh.genkeys=1; set username=test; set auth=pap
Required
PASSWORD set ssh.genkeys=1; set username=test; set auth=pap
Not required
execute factorydefaults
Required
PASSWORD execute factorydefaults
Not required
get status
Required
PASSWORD get status
Send SMS to retrieve the history of the session,
including start time, end time and total data usage
Not required
get sessionhistory
Required
PASSWORD get sessionhistory
Send SMS to configure the router to send syslog to a
remote syslog server
Not required
set syslogserver
Required
PASSWORD set syslogserver
Send SMS to wake up the router, turn on the default
gateway and trigger the ‘connect on demand’ profile
if in waiting state.
Not required
execute wakeup
Required
PASSWORD execute wakeup
Send SMS to check the MEID number
Send SMS to check the current band
Send SMS to Disconnect (if connected) and
reconnect the data connection
Send SMS to disconnect the data connection
Send SMS to connect the data connection
Send multiple get command
Send multiple set command
Send SMS to reset to factory default settings
Send SMS to retrieve status of router
execute download http://download.com:8080/firmware_image.cdi
Not required
execute download http://download.com:8080/firmware_image_r.cdi
Send SMS to perform firmware upgrade when
firmware is located on HTTP server
PASSWORD execute download http://download.com:8080/firmware_image.cdi
Required
PASSWORD execute download http://download.com:8080/firmware_image_r.cdi
execute download ftp://username:password@download.com/firmware_image.cdi
Not required
execute download ftp://username:password@ download.com/firmware_image_r.cdi
Send SMS to perform firmware upgrade when
firmware is located on FTP server
PASSWORD execute download ftp://username:password@ download.com/firmware_image.cdi
Required
PASSWORD execute download ftp://username:password@ download.com/firmware_image_r.cdi
Not required
set pppoe=0
Required
PASSWORD set pppoe=0
Send SMS to turn on PPPoE and set dialstring and
service name
Not required
set pppoe=1,atd#777, Test
Required
PASSWORD set pppoe=1,atd#777, Test
Send SMS to retrieve the PPPoE status, currently
configured dial string and service name
Not required
get pppoe
Required
PASSWORD get pppoe
Not required
set ledmode=10
Required
PASSWORD set ledmode=10
Not required
get ledmode
Required
PASSWORD get ledmode
Not required
get ssh.proto
Required
PASSWORD get ssh.proto
Send SMS to turn off PPPoE
Send SMS to set the LED mode timeout to 10 minutes
Send SMS to retrieve the current LED mode
Retrieve current SSH protocol
NetComm Wireless Intelligent M2M Router
86
www.netcommwireless.com
Not requireed
set ssh.proto=1
Required
PASSWORD set ssh.pproto=1
Not requireed
get ssh.passauth
Required
PASSWORD get.ssh.ppassauth
Not requireed
set ssh.passauth=1 orr set ssh.passauth=0
Required
PASSWORD set ssh.ppassauth=1 or PASSWORD set ssh.passauth=0
Not requireed
execute ssh.genkeys
Required
PASSWORD execute ssh.genkeys
Not requireed
execute ssh.clearkeyss
Required
PASSWORD execute ssh.clearkeys
Not requireed
get MEID
Select SSH protoccol
Retrieve passwordd authentication status
Enable/disable paassword authentication on host
Generate set of puublic/private keys on the hoost
Clear client publicc keys stored on host
Retrieve the MEIDD of the router
Required
PASSWORD get MEIDD
Table 21 - SM
MS diagnostics exampple commands
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
87
System
Log
The Log pages are used to display or download the System log and IPSec logs on the router.
System log
The System Log enables you to troubleshoot any issues you may be experiencing with your Intelligent M2M Router. To access the System Log page, click on the System menu. The System Log
is displayed.
Figure 86 - System log file
Log file
Use the Display level drop-down list to select a message level to be displayed. The message levels are described in the table below.
To download the System log for offline viewing, right-click the Download button and choose Save as.. to save the file. To clear the System log, click the Clear button. The downloaded log file is in
Linux text format with carriage return (CR) only at the end of a line, therefore in order to be displayed correctly with new lines shown, it is recommended to use a text file viewer which displays
this format correctly (e.g. Notepad++).
Log data is stored in RAM and therefore, when the unit loses power or is rebooted, it will lose any log information stored in RAM. To ensure that log information is accessible between reboots of
the router there are two options:
1.
Enable the Log to file option
NetComm Wireless Intelligent M2M Router
88
www.netcommwireless.com
2.
Use a remoote syslog server
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
89
Enable the log to file option
When the router is configured to log to a file, the log data is stored in flash memory, making it accessible after a reboot of the router. Up to 512kb of log data will be stored before it is overwritten
by new log data. Flash memory has a finite number of program-erase operations that it may perform to the blocks of memory. While this number of program-erase operations is quite large, we
recommend that you do not enable this option for anything other than debugging to avoid excessive wear on the memory.
Use a remote syslog server
The router can be configured to output log data to a remote syslog server. This is an application running on a remote computer which accepts and displays the log data. Most syslog servers can
also save the log data to a file on the computer on which it is running allowing you to ensure that no log data is lost between reboots.
To configure the Intelligent M2M Router to output log data to a remote syslog server:
1.
Click on the System menu from the top menu bar. The System log item is displayed.
2.
Under the Remote syslog server section, enter the IP address or hostname of the syslog server in the IP / Hostname [:PORT] field. You can also specify the port number after the
IP or hostname by entering a semi-colon and then the port number e.g. 192.168.1.102:514. If you do not specify a port number, the router will use the default UDP port 514.
3.
Click the Save button to save the configuration.
Figure 87 - System log
ITEM
DEFINITION
All
Display all system log messages.
Debug
Show extended system log messages with full debugging level details.
Info
Show informational messages only.
Notice
Show normal system logging information.
Warning
Show warning messages only.
Error
Show error condition messages only.
Table 22 - System log detail levels
NetComm Wireless Intelligent M2M Router
90
www.netcommwireless.com
IPS
Sec log
The IPSec log section proovides the ability for you to download the log for the IPSec VPPN function. This can assist in troubleshoooting any problems yoou may have with thee IPSec VPN.
Figure 88 - IPSec logg
Use the Log level drop down list to specify the type of detail you want
w to capture in thee log and then click the Save button. When you change the loggging level, any activve IPSec VPN tunnelss will
be disconnected
as a chhange in logging leveel requires the IPSec service to be restarteed.
To download
the IPSec loog, click the Downloaad IPSec log button and
a you will be prommpted to save the file.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
91
Sy
ystem C
Config
guration
Se
ettings bac
ckup and restore
The settings backup / resstore page is used too backup or restore thhe router’s configurattion or to reset it to faactory defaults. In ordder to view the settinggs page you must bee logged into the webb user
dmin. The backup / restore functions caan be used to easily configure
a large num
mber of Intelligent M22M Router by configuuring one router with your
interrface as root usinng the password ad
desired settings, backingg them up to a file and then restoring that file to multiple Intelliggent M2M Routers.
Figure 89 – Settings backup and
a restore
Bac
ck up your ro
outer’s configu
uration
Log in to the web configuuration interface, click on the System mennu and select Settinggs backup and restoree.
If you want to password pprotect your backup configuration files, enter your password i n the fields under Saave a copy of currentt settings and click onn Save. If you don’t want
w to password prootect
yourr files, just click on Saave. The router will thhen prompt you to select a location to savve the settings file.
Note: The folllowing conditions apply:

It is NOT poossible to edit the contents of the file dowwnloaded; if you modiify the contents of thee configuration file in any way you will nott be able to restore it later.
You may chhange the name of thhe file if you wish but the filename extensioon must remain as “.cfg”
Resstore your ba
ackup configu
uration
1. In the web configuration interfacce click on the System menu and select SSettings backup and restore.
2.
From the RRestore saved settings section, click on Brrowse or Choose a fiile and select the bacckup configuration file on your computer.
3.
Click Restoore to copy the settinggs to the new Intelligent M2M Router. Thee router will apply theese settings and inforrm you it will reboot - click on OK.
Resstoring the ro
outer’s factory
y default confiiguration
Clickk the Restore Defaultts button to restore thhe factory default connfiguration. The routeer asks you to confirm
m that you wish to resstore factory default ssettings. If you wish to continue with the
restooring of factory defauults, click OK.
Note: All currrent settings on the roouter will be lost when performing a restorre of factory default settings.
The device IP address will changge to 192.168.1.1 and the default usernam
me
root and ddefault password ad
dmin will be configgured.
NetCComm Wireless Intelliggent M2M Router
92
www.netcommwirelless.com
Up
pload
To access the Upload paage, click on the Systtem menu, then System Configuration andd then Upload.
The Upload page allows you to upload firmwaare files, HTTPS certificates or user createed application packaages to the Intelligentt M2M Router. When firmware files have been
b uploaded, they can
also be installed from thiss page. PDF files, such as this user guidee may also be uploadded for access on thee router’s help page.
For more
m information on aapplication developm
ment, contact NetCom
mm Wireless about o ur Software Development Kit.
FFigure 90 - Upload pag
age
Up
pdating the
e Firmwarre
The firmware update process involves first uppdating the recovery image firmware and then updating the main firmware image.
Note: In ordeer to perform an updaate, you must be loggged into the router witth the root manager account (see the Advvanced configurationn section for more deetails).
To update the Intelligent M2M Router’s firmwaare:
1.
Power on thhe router as describeed in the Installing thee router section.
2.
Log in to thhe router with the roott user account (See the
t Advanced config uration section for deetails)
3.
Select the SSystem item from thee top menu bar, selecct the System configuuration item from the menu on the left andd then select the Uplooad menu item.
4.
Under the FFile uploads section, click the Browse buttton. Locate the recoovery firmware image file on your computeer and click Open. Thhe recovery image is named
ntc_nwl12__x.xx.xx.x_r.cdi while the main system firm
mware image is nameed ntc_nwl12_x.xx.xxx.x.cdi.
5.
Click the Upload button. The firm
mware image is uploaaded to the storage oon the router.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
93
Figure 91 - File upload
6.
Repeat steps 4 and 5 for the main system firmware image.
7.
The uploaded firmware images are listed in the Uploaded files section. Click the Install link next to the recovery image to begin installing the recovery firmware image and then click
OK on the confirmation window that appears.
Figure 92 - Uploaded files
8.
The recovery firmware image is flashed and when it is complete, the router displays “The firmware update was successful” and returns to the main Upload screen.
Figure 93 - Recovery firmware flash process
NetComm Wireless Intelligent M2M Router
94
www.netcommwireless.com
9.
Click the Innstall link to the right of
o the main firmware image you uploadedd and then click OK to
t confirm that you waant to continue with tthe installation.
Note: Do not remove the power when
w the router’s LEDDs are flashing as thiss is when the firmware update is in processs.
10.
The installaation is complete wheen the countdown reaaches zero. The routeer attempts to redirecct you to the Status page.
Figure 94 --– Installing main firm
mware image
11.
Hold down the reset button on the
t router for 15-20 seconds to reboot andd restore the factory default settings of the router. See the Resstoring factory default settings section forr more
information.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
95
Package manager
The Package Manager page is used to provide details of any user installed packages on the router and allow them to be uninstalled.
For more information on application development, contact NetComm Wireless about our Software Development Kit.
Figure 95 – Software applications manager
The Application name, Version number of the application, the architecture type and time of installation are all displayed. Clicking the Package details link will display a pop-up window with
further details of the package.
To uninstall any software applications, click the Uninstall link.
NetComm Wireless Intelligent M2M Router
96
www.netcommwireless.com
Ad
dministratiion setting
gs
To access the Administraation Settings page, click
c on the System menu
m then the Adminnistration menu on thee left and then click on
o Administration Setttings.
The Administration settings page is used to enable or disable prottocols used for remotte access and configgure the passwords for the user accountss used to log in to thee router.
Figur
ure 96 - Administrationn page
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
97
OPTION
DEFINITION
Remote router access coontrol
Enable HTTP
Enable or disaable remote HTTP access to
t the router. You can also set the port you would likee remote HTTP access to be available on.
HTTP management port
Enter a port nuumber between 1 and 65534 to use when accessing the router remotely.
Enable HTTPS
Enable or disaable remote HTTPS accesss to the router using a secuure connection.
Remote HTTPS access pport
Enter a port nuumber between 1 and 65534 to use when accessing the router remotely over a secure HTTPS connection.
Enable Telnet
Enable or disaable remote telnet (command line) access to the routeer.
Enable SSH
Enable or disaable Secure Shell on the router.
Remote SSH Access Portrt
Enter the port number for remote SSH acccess. Must be a port num ber between 1 and 65534..
Enable Ping
Enable or disaable remote ping responses on the WWAN connectioon.
Web User Interface accoount
Username
Use the drop down list to select the root or admin account to changge its web user interface password.
Password
Enter the desired web user interface passsword.
Confirm password
Re-enter the desired
web user interface password.
Telnet/SSH account
Username
Displays the Telnet/SSH.username.
This may not be changed.
Password
Enter the desired Telnet/SSH password.
Confirm password
Re-enter the desired
Telnet/SSH password.
Table 23 - Ad
Administration configuuration options
To access the router’s coonfiguration pages reemotely:
1.
Open a neww browser window annd navigate to the WAAN IP address and aassigned port number of the router, for example http://123.2099.130.249:8080
Note: You cann find the router’s WAAN IP address by clicking on the “Status” mmenu. The WWAN IPP field in the WWAN Connection
Status seection shows the routeer’s WAN IP address.
2.
Enter the ussername and passwoord to login to the rouuter and click Log in.
Note: To perfoorm functions like Firm
mware upgrade, deviice configuration bacckup and to restore and
a reset the router too factory defaults, yoou must be logged in with the root manageer
account.
NetCComm Wireless Intelliggent M2M Router
98
www.netcommwirelless.com
HTTPS
key managem
ment
What
is HTT
TP Secure??
HTTP Secure or HTTPS iss the use of the HTTPP protocol over an SSSL/TLS protocol. It is used primarily to prootect against eavesdrropping of communiccation between a webb browser and the weeb
t which it is connectted. This is especiallyy important when youu wish to have a secuure connection over a public network such as the internet. HTTTPS connections aree secured through thee use
site to
of ceertificates issued by ttrusted certificate autthorities such as VeriSign. When a web b rowser makes a connnection attempt to a secured
web site, a ddigital certificate is sent to the browser soo that
it can verify the authenticcity of the site using a built-in list of trustedd certificate authoritiees.
Therre are two main differrences between how HTTPS and HTTP coonnections work:
1.
HTTPS uses port 443 while HTTTP uses port 80 by deefault.
2.
Over an HTTTPS connection, all data
d sent and received is encrypted with SSL while over an HTTP connection, all data
d is sent unencryppted.
The encryption is achieveed through the use of
o a pair of public andd private keys on bothh sides of the connecction. In cryptography, a key refers to a nuumerical value used by an algorithm to alter
making the informatioon secure and visible only to those who haave the correspondinng key to recover (decrypt) the informationn. The public key is used
u to encrypt
inforrmation (encrypt it), m
inforrmation and can be ddistributed freely. Thee private key is used to decrypt informatioon and must be secreet by its owner.
Eachh Intelligent M2M Rouuter contains a self-ssigned digital certificaate which is identical on all Intelligent M2M
M Routers. For a greaater level of security, the router also suppports generating yourr own
unique key. Additionally, you may use third paarty software to geneerate your own self-siigned digital certificaate or purchase a signed certificate from a trusted certificate authority
and then upload
those certificates to the rrouter.
Ge
enerating your own self-signe
ed certificaate
To generate
your own seelf-signed certificate:
1.
Click the Syystem item from the top
t menu bar, then Administration
from thhe side menu bar andd then HTTPS key management.
2.
Enter the ceertificate details using the appropriate fields. Each field must bbe completed in ordeer to generate a certificate.
Figure 97 - Ge
Generate self signed HTTTPS certificate
Note: The CCountry field must conntain a code for the desired
country from the list below.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
99
CODE
COUNTRY
COUNTRY
CODE
COUNTRY
CODE
COUNTRY
AX
Åland Islands
ER
Eritrea
LS
Lesotho
SA
Saudi Arabia
AD
Andorra
ES
Spain
LT
Lithuania
SB
Solomon Islands
AE
United Arab Emirates
ET
Ethiopia
LU
Luxembourg
SC
Seychelles
AF
Afghanistan
FI
Finland
LV
Latvia
SE
Sweden
AG
Antigua and Barbuda
FJ
Fiji
LY
Libya
SG
Singapore
AI
Anguilla
FK
Falkland Islands (Malvinas)
MA
Morocco
SH
St. Helena
AL
Albania
FM
Micronesia
MC
Monaco
SI
Slovenia
AM
Armenia
FO
Faroe Islands
MD
Moldova
SJ
Svalbard and Jan Mayen Islands
AN
Netherlands Antilles
FR
France
ME
Montenegro
SK
Slovak Republic
AO
Angola
FX
France, Metropolitan
MG
Madagascar
SL
Sierra Leone
AQ
Antarctica
GA
Gabon
MH
Marshall Islands
SM
San Marino
AR
Argentina
GB
Great Britain (UK)
MK
Macedonia
SN
Senegal
AS
American Samoa
GD
Grenada
ML
Mali
SR
Suriname
AT
Austria
GE
Georgia
MM
Myanmar
ST
Sao Tome and Principe
AU
Australia
GF
French Guiana
MN
Mongolia
SU
USSR (former)
AW
Aruba
GG
Guernsey
MO
Macau
SV
El Salvador
AZ
Azerbaijan
GH
Ghana
MP
Northern Mariana Islands
SZ
Swaziland
BA
Bosnia and Herzegovina
GI
Gibraltar
MQ
Martinique
TC
Turks and Caicos Islands
BB
Barbados
GL
Greenland
MR
Mauritania
TD
Chad
BD
Bangladesh
GM
Gambia
MS
Montserrat
TF
French Southern Territories
BE
Belgium
GN
Guinea
MT
Malta
TG
Togo
BF
Burkina Faso
GP
Guadeloupe
MU
Mauritius
TH
Thailand
BG
Bulgaria
GQ
Equatorial Guinea
MV
Maldives
TJ
Tajikistan
BH
Bahrain
GR
Greece
MW
Malawi
TK
Tokelau
BI
Burundi
GS
S. Georgia and S. Sandwich Isls.
MX
Mexico
TM
Turkmenistan
BJ
Benin
GT
Guatemala
MY
Malaysia
TN
Tunisia
BM
Bermuda
GU
Guam
MZ
Mozambique
TO
Tonga
BN
Brunei Darussalam
GW
Guinea-Bissau
NA
Namibia
TP
East Timor
BO
Bolivia
GY
Guyana
NC
New Caledonia
TR
Turkey
BR
Brazil
HK
Hong Kong
NE
Niger
TT
Trinidad and Tobago
BS
Bahamas
HM
Heard and McDonald Islands
NF
Norfolk Island
TV
Tuvalu
BT
Bhutan
HN
Honduras
NG
Nigeria
TW
Taiwan
BV
Bouvet Island
HR
Croatia (Hrvatska)
NI
Nicaragua
TZ
Tanzania
BW
Botswana
HT
Haiti
NL
Netherlands
UA
Ukraine
BZ
Belize
HU
Hungary
NO
Norway
UG
Uganda
CA
Canada
ID
Indonesia
NP
Nepal
UM
US Minor Outlying Islands
CC
Cocos (Keeling) Islands
IE
Ireland
NR
Nauru
US
United States
CF
Central African Republic
IL
Israel
NT
Neutral Zone
UY
Uruguay
CH
Switzerland
IM
Isle of Man
NU
Niue
UZ
Uzbekistan
CI
Cote D'Ivoire (Ivory Coast)
IN
India
NZ
New Zealand (Aotearoa)
VA
Vatican City State (Holy See)
CK
Cook Islands
IO
British Indian Ocean Territory
OM
Oman
VC
Saint Vincent and the Grenadines
CL
Chile
IS
Iceland
PA
Panama
VE
Venezuela
CM
Cameroon
IT
Italy
PE
Peru
VG
Virgin Islands (British)
CN
China
JE
Jersey
PF
French Polynesia
VI
Virgin Islands (U.S.)
CO
Colombia
JM
Jamaica
PG
Papua New Guinea
VN
Viet Nam
CR
Costa Rica
JO
Jordan
PH
Philippines
VU
Vanuatu
CS
Czechoslovakia (former)
JP
Japan
PK
Pakistan
WF
Wallis and Futuna Islands
CV
Cape Verde
KE
Kenya
PL
Poland
WS
Samoa
CX
Christmas Island
KG
Kyrgyzstan
PM
St. Pierre and Miquelon
YE
Yemen
CY
Cyprus
KH
Cambodia
PN
Pitcairn
YT
Mayotte
CZ
Czech Republic
KI
Kiribati
PR
Puerto Rico
ZA
South Africa
DE
Germany
KM
Comoros
PS
Palestinian Territory
ZM
Zambia
DJ
Djibouti
KN
Saint Kitts and Nevis
PT
Portugal
COM
US Commercial
DK
Denmark
KR
Korea (South)
PW
Palau
EDU
US Educational
DM
Dominica
KW
Kuwait
PY
Paraguay
GOV
US Government
DO
Dominican Republic
KY
Cayman Islands
QA
Qatar
INT
International
DZ
Algeria
KZ
Kazakhstan
RE
Reunion
MIL
US Military
EC
Ecuador
LA
Laos
RO
Romania
NET
Network
EE
Estonia
LC
Saint Lucia
RS
Serbia
ORG
Non-Profit Organization
EG
Egypt
LI
Liechtenstein
RU
Russian Federation
ARPA
Old style Arpanet
EH
Western Sahara
LK
Sri Lanka
RW
Rwanda
NetComm Wireless Intelligent M2M Router
100
CODE
www.netcommwireless.com
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
101
3.
When you have entered all the required details, press the Generate button. The certificate takes several minutes to generate. When the certificate has been generated, you are
informed that it has been successfully generated and installed. The web server on the router restarts and you are logged out of the router. Click OK to be taken back to the login
screen.
Figure 98 - New certificate successfully generated message
NetComm Wireless Intelligent M2M Router
102
www.netcommwireless.com
SS
SH Key
y Manag
gemen
nt
Secuure Shell (SSH) is UNNIX-based command interface and network protocol used to ggain secure access too a remote computer, execute commandss on a remote machinne or to transfer files
betwween machines. It waas designed as a replacement for Telnet and
a other insecure reemote shell protocols which send informattion, including passwwords, as plain text.
SSH uses RSA public keyy cryptography for booth connection and authentication.
Two ccommon ways of usinng SSH are:
word authentication too log on.
Use aautomatically generatted public-private keyy pairs to encrypt thee network connectionn and then use passw
p to perform the auuthentication and alloow users or programss to log in without usinng a password.
Use a manually generatedd public-private key pair
Figure 999 - SSH Server Confifiguration
SS
SH Server C
Configura
ation
To configure the SSH serrver settings:
1.
Use the SSH Protocol drop dowwn list to select the prrotocol that you want to use. Protocol 2 is more recent and is considered
more seccure.
2.
Select the ttypes of authenticatioon you want to use byy clicking the Enablee password authentication and Enable keyy authentication togggle keys on or off. Notte that you may have both
authenticattion methods on but you
y may not turn them
m both off.
3.
Click the Saave button to confirm
m your settings.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
103
Host key management
SSH keys provide a means of identification using public key cryptography and challenge response authentication. This means that a secure connection can be established without transmitting a
password, thereby greatly reducing the threat of someone eavesdropping and guessing the correct credentials.
SSH Keys always come in pairs with one being a public key and the other a private key. The public key may be shared with any server to which you want to connect. When a connection request
is made, the server uses the public key to encrypt a challenge (a coded message) to which the correct response must be given. Only the private key can decrypt this challenge and produce the
correct response. For this reason, the private key should not be shared with those who you do not wish to give authorization.
The Host key management section displays the current public keys on the router and their date and timestamp. These public keys are provided in different formats, including DSA, RSA and
ECDSA. Each format has advantages and disadvantages in terms of signature generation speed, validation speed and encryption/decryption speed. There are also compatibility concerns to
consider with older clients when using ECDSA, for example.
Generating new keys
The complete set of keys can be re-generated by selecting the Generate keys button. This key generation process takes approximately 30 seconds to complete.
Downloading keys
The Get keys button allows you to download the complete set of public and private keys while the Get public keys button will download only the set of public keys.
Uploading your own key files
Click the Upload keys button to upload your own public key to the router.
Client key management
The Client Key Management section is used for uploading the public key file of clients. To upload a client public key, click the Upload button, browse to the file and click Open.
When the file is uploaded, it is examined for validity. If the key file is not a valid public key, it will not be uploaded.
NetComm Wireless Intelligent M2M Router
104
www.netcommwireless.com
LE
ED operatiion mode
The 7 front LED indicatorrs may be turned off after
a a timeout periodd for aesthetic or powwer saving reasons. To
T access the LED Operation
Mode pagee, click the System menu, then Administraation
on thhe left and finally seleect LED Operation Mode.
Figure
re 100 - LED Operationn Mode
m of the LEDs on the front panel of thee router. To set the ligghts to operate at all times,
set this to Alwa
ways on. To set the lights to turn off after a
The Mode drop down listt sets the operation mode
speccified period, select TTurn off after timeoutt. When configured too turn off after timeouut, use the LED poweer off timer field to specify the time in minuutes to wait before turning off the LED
indiccators. The LED Poweer Off Timer must be an integer between 1 and 65535.
W the wait period expires, the LEDs wiill turn off. If the routeer is rebooted, the LEED power off timer is reset. The router will boot
The wait period begins frrom the time the Savee button is clicked. When
a wait for the configgured time before turrning off again.
up and
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
105
Re
eboot
The reboot option in the SSystem section perfoorms a soft reboot of the router. This can bbe useful if you have made configuration changes you want too implement.
To reeboot the router:
1.
Click the Syystem menu item from
m the top menu bar.
2.
Click the Reboot button from thee menu on the left sidde of the screen.
Figure
re 101 - Reboot menuu option
3.
The router ddisplays a warning thhat you are about to perform
a reboot. If yyou wish to proceed, click the Reboot button then click OK on the confirmation winndow which appears.
Figure
re 102 - Reboot confirrmation
Note: It can take up to 2 minutess for the router to reboot.
Lo
ogging outt
To loog out of the router, cclick the
icon at the top right corner of
o the web user interfface.
NetCComm Wireless Intelliggent M2M Router
106
www.netcommwirelless.com
App
A pend
dix A: T
Tables
Tabble 1 - Document Revision History ............................
.......................................................................................................................................................................... 3
Tabble 2 - Device Dim
mensions ................................................................................................................................................................................................................... 8
Tabble 3 - LED Indicaators........................................................................................................................................................................................................................... 9
Tabble 4 - Signal strength LED descripptions .......................................................................................................................................................................................... 10
Tabble 5 – Interfaces ................................................................................................................................................................................................................................ 11
Tabble 6 - PoE powerr classes .................................................................................................................................................................................................................. 17
Tabble 7 - Locking poower block pin ouuts ................................................................................................................................................................................................ 18
Tabble 8 - Average poower consumptioon figures..................................................................................................................................................................................... 18
Tabble 9 - Managemeent account login details ....................................................................................................................................................................................... 19
Tabble 10 - Status page item details ....................................................................................................................................................................................................... 22
Tabble 11 - Data connnection item detaails ............................................................................................................................................................................................... 24
Tabble 12 - Connect oon demand - Connnect and disconnect timers desc riptions ................................................................................................................................ 29
Tabble 13 - Current M
MAC / IP / Port filteering rules in effect ..................................................................................................................................................................... 49
Tabble 14 - IPSec Configuration Items ................................................................................................................................................................................................... 53
Tabble 15 - SMS Setuup Settings .............................................................................................................................................................................................................. 75
Tabble 16 - Inbox/Outtbox icons ............................................................................................................................................................................................................... 77
Tabble 17 - SMS Diaggnostic Commandd Syntax ...................................................................................................................................................................................... 82
Tabble 18 - List of Vallid SMS diagnostic commands ............................................................................................................................................................................. 84
Tabble 19 - List of SM
MS diagnostics vaariables ........................................................................................................................................................................................ 85
Tabble 22 - SMS diaggnostics example commands ................................................................................................................................................................................ 87
Tabble 23 - System loog detail levels ........................................................................................................................................................................................................ 90
Tabble 24 - Administrration configuratioon options ................................................................................................................................................................................... 98
Tabble 25 - LAN Manaagement Default Settings ................................................................................................................................................................................... 110
Tabble 26 - Web Interrface Default Setttings .......................................................................................................................................................................................... 110
Tabble 27 - Telnet Access...................................................................................................................................................................................................................... 110
Tabble 28 - RJ-45 connnector pin outs .................................................................................................................................................................................................... 115
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
107
Appendix B: Device Mounting
Dimensions
The image below is at 100% scale and may be used as a template for mounting the device. All dimensions shown are in millimetres.
Figure 103 - Device mounting dimensions
NetComm Wireless Intelligent M2M Router
108
www.netcommwireless.com
App
A pend
dix C: M
Mou
unting
Brac
B ckett
The image below is at 1000% scale and may be
b used as a templatee for mounting the brracket. All dimensionns shown are in millim
metres.
Figuure 104 - Mounting brracket
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
109
App
A pend
dix D: D
Defa
aultt Settting
gs
The following tables list thhe default settings foor the Intelligent M2M
M Router.
LAN (MANAGEMENTT)
Static IP Address:
192.168.1.1
Subneet Mask:
255.255.255.0
Default Gateway:
192.168.1.1
Table 24 - LLAN Management Deffault Settings
ADMIN MANAGER ACCOOUNT
ROOT
MANAGER ACC
COUNT
Username:
admiin
Usernaame:
root
Password:
admiin
Passwword:
admin
Table 255 - Web Interface Defauult Settings
Note: Thee admin manager acccount allows you to manage
all settings off the router except fuunctions such as firmw
ware upgrade, devicce configuration backkup and restore and reset
to factory default settings, which are privileged only to the root manageer account.
INTELLIGENTT M2M ROUTER TELLNET ACCESS
Username:
root
Password:
admin
TTable 26 - Telnet Acceess
NetCComm Wireless Intelliggent M2M Router
110
www.netcommwirelless.com
Restorin
ng facto
ory deffault settings
Resttoring factory defaultss will reset the Intelliggent M2M Router to its factory default connfiguration. You may encounter a situationn where you need to restore the factory deefaults on your Intelligent
M2M
M Router such as:
You have lost your username and password annd are unable to loginn to the web configurration page;
You aare asked to perform a factory reset by support staff.
Therre are two methods yyou can use to restoree factory default settings on your Intellige nt M2M Router:
Usingg the web-based userr interface
t interface panel of the router
Usingg the reset button on the
Ussing the we
eb-based user interrface
To reestore your router to its factory default setttings, please follow these
steps:
1.
Open a broowser window and naavigate to the IP addrress of the router (deefault address is http:://192.168.1.1). Loginn to the router using r
root as the User Name and admin
n as
the passwoord.
2.
Click the System item from the top menu bar, then System
configuration on the left menu andd then click Settings backup and restore.
3.
Under the RRestore factory defauults section, click thee Restore Defaults buutton. The router askss you to confirm that you
y wish to restore faactory defaults. Clickk OK to continue. Thee
router sets all settings to defaultt. Click OK again to reboot
the router.
4.
When the PPower light returns to a steady red, the resset is complete. The ddefault settings are now
n restored.
Ussing the re
eset button
n on the intterface paanel of the router
Use a pen to depress thee Reset button on thee device for 15-20 seconds. The router wi ll restore the factory default settings and reboot.
Wheen you have reset youur Intelligent M2M Roouter to its default setttings you will be ablee to access the devicce’s configuration web interface using httpp://192.168.1.1 with username
admin or
roo
ot and password a
admin.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
111
Recovery mode
The Intelligent M2M Router features two independent operating systems, each with its own file systems. These two systems are referred to as 'Main' and 'Recovery'. It is always possible to use
one in order to restore the other in the event that one system becomes damaged or corrupted (such as during a firmware upgrade failure).
Both systems have Web interfaces that can be used to manipulate the other inactive system. The Intelligent M2M Router starts up by default in the Main system mode, however the router may be
triggered to start in recovery mode if desired.
To start the router in recovery mode:
1.
Press and hold the physical reset button on the interface panel of the router for 5 to 15 seconds. When the LEDs on the front panel change to amber and countdown in a sequence,
release the reset button. The router then boots into recovery mode.
2.
In your browser, navigate to http://192.168.1.1. The router’s recovery mode is hardcoded to use this address regardless of the IP address that was configured in the main system.
The router’s recovery console is displayed.
Figure 105 - Recovery console
The recovery console provides limited functionality. Basic status information is available, as well as access to the System log for troubleshooting. The Application Installer can be used to upload
and install different firmware, allowing you to roll back to a previous firmware in the event that an upgrade fails. The Settings menu provides the ability to reset the router to factory default settings
and the Reboot tab allows you to perform a soft reboot of the router.
NetComm Wireless Intelligent M2M Router
112
www.netcommwireless.com
App
A pend
dix E: H
HTT
TPS Uplo
U oad
ding
g a self--sign
ned
cert
c ifica
ate
If you have your own selff-signed certificate orr one purchased elseewhere and signed bby a Certificate Authority, you can upload it to the Intelligent M22M Router using the Upload page.
Note: Your keey and certificate filees must be named server.key and server.ccrt respectively otherrwise they will not work.
To upload your certificatee:
1.
Click on thee System item from thhe top menu bar. Froom the side menu barr, select System Connfiguration and then Upload.
The file uploaad screen is displayeed.
Fi
Figure 106 - Upload paage
2.
Click the Choose a File button and
a locate your serveer certificate file and click Open.
Figure
re 107 - Browse for seerver.crt
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
113
3.
Click the Upload button to begin uploading it to the router. The file appears in the list of files stored on the router.
Figure 108 - Server certificate file uploaded
4.
Repeat steps 2 and 3 for the server key file.
5.
Click the Install link next to the server.crt file then click OK on the prompt that is displayed. The certificate file is installed. Repeat this for the key file. When each file is installed it is
removed from the list of stored files.
Figure 109 - Installing the server.crt file
NetComm Wireless Intelligent M2M Router
114
www.netcommwireless.com
App
A pend
dix F: R
RJ-45
5 co
onnecto
or
The RJ-45 connector proovides an interface foor a data connection and
a for device input power using the pin layout shown below.
Pin:
Figure
re 110 -The RJ-45 connnector
PIIN
COLOUUR
SIGNAAL (802.3AF MODE A)
SIGNAAL (802.3AF MODE BB)
White/Oraange
stripee
Rx +
Rx + DC +
Orange Solid
Rx -
Rx - DC +
White/Greenn stripe
Tx +
Tx + DC -
Blue solid
DC +
unused
White/Blue stripe
DC +
unused
Green soolid
Tx -
Tx - DC -
White/Brownn stripe
DC -
unused
Brown soolid
DC -
unused
Taable 27 - RJ-45 connec
ector pin outs
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
115
Safety and product care
RF Exposure
Your device contains a transmitter and a receiver. When it is on, it receives and transmits RF energy. When you communicate with your device, the system handling your connection controls the
power level at which your device transmits.
This device meets the government’s requirements for exposure to radio waves.
This device is designed and manufactured not to exceed the emission limits for exposure to radio frequency (RF) energy set by the Federal Communications Commission of the U.S. Government.
This device complies with FCC radiation exposure limits set forth for an uncontrolled environment. To ensure compliance with RF exposure guidelines the device must be used with a minimum of
20cm separation from the body. Failure to observe these instructions could result in your RF exposure exceeding the relevant guideline limits.
External antenna
Any optional external antenna used for this transmitter must be installed to provide a separation distance of at least 20 cm from all persons and must not be co-located or operated in conjunction
with any other antenna or transmitter. Please consult the health and safety guide of the chosen antenna for specific body separation guidelines as a greater distance of separation may be
required for high-gain antennas.
Any external antenna gain must meet RF exposure and maximum radiated output power limits of the applicable rule section. The maximum antenna gain for this device as reported to the FCC is:
0.2 dBi (850MHz) and 2.7 dBi (1900MHz).
CE Approval
This device has been tested to and conforms to the regulatory requirements of the European Union and attained CE Marking. The CE Mark is a conformity marking consisting of the letters “CE.”
The CE Mark applies to the products regulated by the central European health, safety and environmental protection legislation. The CE Mark is obligatory for products it applies to: the
manufacturer affixes the marking in order to be allowed to sell their product in the European market.
The wireless device is approved to be used in the member states of the EU. NetComm Wireless declares that the wireless device is in compliance with the essential requirements and other
relevant provisions of the Radio and Telecommunications Terminal Equipment Directive 1999/5/EC (R&TTE Directive). Compliance with this directive implies conformity to the following European
Norms – N 60950 – Product Safety, EN 301 489 EMC, EN301511 GSM RF, EN301908 UMTS RF, EN 62311 SAR Technical requirement for radio equipment. A notified body has determined that
this device has properly demonstrated that the requirements of the directive have been met and has issued a favourable certificate of expert opinion. As such the device will bear the notified
body number 0682 after the CE mark.
The CE Marking is not a quality mark. Foremost, it refers to the safety rather than to the quality of the product. Secondly, CE Marking is mandatory for the product it applies to whereas most
quality markings are voluntary.
Marking: The product shall bear the CE mark, the notified body number(s) as depicted to the right. CE0682.
This product has also passed the following certification standards –
CE SAR- EN62311/EN50385
CE RF – EN301511, EN301908-1/-2,
CE EMC – EN301489-1/-7/-24, EN55022/EN55024
CE Safety – EN60950
NOTE: It is highly recommended that the device must be kept at least 20cm away from the human body.
This is a regulatory requirement and applies to all 3G capable devices meeting standard regulatory compliance such as the compliance standards listed above.
NetComm Wireless Intelligent M2M Router
116
www.netcommwireless.com
FC
CC Sta
atement
FC
CC compliiance
Fedeeral Communicationss Commission Notice (United States): Befoore a wireless devicee model is available for
f sale to the public, it must be tested andd certified to the FCCC that it does not excceed
the limit established by thhe government-adoppted requirement for safe
s exposure.
FC
CC regulattions
§ 155.19 (a)(3)
This device complies withh part 15 of the FCC Rules. Operation is subject
to the followinng two conditions: (1) This device may noot cause harmful interrference, and (2) thiss device must acceptt any
interrference received, inccluding interference that
t may cause undeesired operation.
§ 155.21
Changes or modificationss not expressly approoved by the party ressponsible for compliaance could void the user‘s
authority to operate the equipment..
********************************************************************************************************************************
§ 155.105 (b)
This equipment has beenn tested and found too comply with the limits for a Class B digittal device, pursuant to
t part 15 of the FCC Rules. These limits aare designed to provide reasonable proteection
against harmful interferennce in a residential innstallation. This equippment generates, usees and can radiate raadio frequency energgy and, if not installedd and used in accorddance with the instrucctions,
munications. Howeveer, there is no guaranntee that interferencee will not occur in a paarticular installation. IIf this equipment doees cause harmful
may cause harmful interfference to radio comm
interrference to radio or teelevision reception, which
w can be determined by turning the e quipment off and on, the user is encouragged to try to correct tthe interference by one or more of the
followwing measures:
—Reeorient or relocate thee receiving antenna.
—Inccrease the separation between the equippment and receiver.
—Coonnect the equipmennt into an outlet on a circuit
different from that to which the receeiver is connected.
—Coonsult the dealer or aan experienced radioo/TV technician for heelp.
RF Exposure Infformation (MP
PE)
This equipment compliess with radio frequency (RF) exposure limitts adopted by the Fedderal Communicationns Commission for ann uncontrolled enviroonment. This equipmeent should be installeed
and operated with minimum distance 20 cm between
the radiator & your body.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
117
IC Regulations:
RSS-Gen 7.1.3
This device complies with Industry Canada license-exempt RSS standard(s). Operation is subject to the following two conditions:
(1) this device may not cause interference, and
(2) this device must accept any interference, including interference that may cause undesired operation of the device.
Le présent appareil est conforme aux CNR d'Industrie Canada applicables aux appareils radio exempts de licence. L'exploitation est autorisée aux deux conditions suivantes:
(1) l'appareil ne doit pas produire de brouillage, et
(2) l'utilisateur de l'appareil doit accepter tout brouillage radioélectrique subi, même si le brouillage est susceptible d'en compromettre le fonctionnement."
****************************************************************************************************************************
ICES-003
CAN ICES-3(B)/ NMB-3(B)
****************************************************************************************************************************
RSS-Gen 7.1.2
This radio transmitter has been approved by Industry Canada to operate with the antenna types listed below with the maximum permissible gain and required antenna impedance for each
antenna type indicated. Antenna types not included in this list, having a gain greater than the maximum gain indicated for that type, are strictly prohibited for use with this device.
Antenna types: Dipole
Antenna gain: 850MHz: 0.2dBi; 1900MHz: 2.7dBi
****************************************************************************************************************************
IC RF Exposure Statement (MPE)
This equipment complies with IC RSS-102 RF exposure limits set forth for an uncontrolled environment. This
equipment should be installed and operated with minimum distance 20 cm between the radiator & your body.
NetComm Wireless Intelligent M2M Router
118
www.netcommwireless.com
Electrica
al safetty
Ac
ccessoriess
Onlyy use approved acceessories.
Do not
n connect with incoompatible products or accessories.
Co
onnection to a car
Seekk professional advicee when connecting a device interface to thhe vehicle electrical ssystem.
Distracti
ion
Op
perating m
machinery
Full attention
must be givven to operating the machinery
in order too reduce the risk of ann accident.
Prroduct handliing
You alone are responsiblle for how you use yoour device and any consequences of its uuse.
You must always switch ooff your device whereever the use of a mobbile phone is prohibitted. Do not use the device
without the clipp-on covers attachedd, and do not removee or change the covers
whilee using the device. UUse of your device is subject to safety meaasures designed to pprotect users and theeir environment.
Alwaays treat your device and its accessories with care and keep it in a clean and dustt-free place.
Do not
n expose your devicce or its accessories to open flames or lit tobacco products.
Do not
n expose your devicce or its accessories to liquid, moisture or high humidity.
Do not
n drop, throw or try to bend your device or its accessories.
Do not
n use harsh chemiccals, cleaning solventts, or aerosols to cleaan the device or its a ccessories.
Do not
n paint your device or its accessories.
Do not
n attempt to disasseemble your device orr its accessories, onlyy authorised personnnel must do so.
Do not
n use or install this pproduct in extremelyy hot or cold areas. Ennsure that the devicee is installed in an areea where the temperaature is within the suppported operating temperature range (-200°C to
65°CC)
Do not
n use your device inn an enclosed enviroonment or where heatt dissipation is poor. Prolonged use in succh space may cause excessive heat and raise ambient tempeerature, which will leaad to
automatic shutdown of yoour device or the discconnection of the moobile network connecction for your safety. To
T use your device normally again after suuch shutdown, cool it in a well-ventilated place
befoore turning it on.
Please check local regulaations for disposal off electronic products.
Do not
n operate the devicce where ventilation iss restricted
Instaallation and configuraation should be perfoormed by trained perssonnel only.
Do not
n use or install this pproduct near water too avoid fire or shock hazard. Avoid expossing the equipment too rain or damp areas.
Arrange power and Etherrnet cables in a manner such that they are not likely to be steppped on or have item
ms placed on them.
Ensuure that the voltage aand rated current of thhe power source mattch the requirementss of the device. Do noot connect the devicee to an inappropriate power source.
Sm
mall childrren
Do not
n leave your devicee and its accessories within the reach of small children or alloww them to play with it..
Theyy could hurt themselvves or others, or could accidentally damage the device.
Yourr device contains small parts with sharp edges
that may causee an injury or which ccould become detachhed and create a chooking hazard.
www.netcommwireless.com
NetComm Wireeless Intelligent M2M Router
119
Emergency situations
This device, like any wireless device, operates using radio signals, which cannot guarantee connection in all conditions. Therefore, you must never rely solely on any wireless device for
emergency communications.
Device heating
Your device may become warm during normal use.
Faulty and damaged products
Do not attempt to disassemble the device or its accessories.
Only qualified personnel must service or repair the device or its accessories.
If your device or its accessories have been submerged in water punctured or subjected to a severe fall, do not use until they have been checked at an authorised service centre.
Interference
Care must be taken when using the device in close proximity to personal medical devices, such as pacemakers and hearing aids.
Pacemakers
Pacemaker manufacturers recommend that a minimum separation of 15cm be maintained between a device and a pacemaker to avoid potential interference with the pacemaker.
Hearing aids
People with hearing aids or other cochlear implants may experience interfering noises when using wireless devices or when one is nearby.
The level of interference will depend on the type of hearing device and the distance from the interference source, increasing the separation between them may reduce the interference. You may
also consult your hearing aid manufacturer to discuss alternatives.
Medical devices
Please consult your doctor and the device manufacturer to determine if operation of your device may interfere with the operation of your medical device.
Hospitals
Switch off your wireless device when requested to do so in hospitals, clinics or health care facilities. These requests are designed to prevent possible interference with sensitive medical
equipment.
Interference in cars
Please note that because of possible interference to electronic equipment, some vehicle manufacturers forbid the use of devices in their vehicles unless an external antenna is included in the
installation.
Explosive environments
Petrol stations and explosive atmospheres
In locations with potentially explosive atmospheres, obey all posted signs to turn off wireless devices such as your device or other radio equipment.
Areas with potentially explosive atmospheres include fuelling areas, below decks on boats, fuel or chemical transfer or storage facilities, areas where the air contains chemicals or particles, such
as grain, dust, or metal powders.
Blasting caps and areas
Turn off your device or wireless device when in a blasting area or in areas posted turn off “two-way radios” or “electronic devices” to avoid interfering with blasting operations.
NetComm Wireless Intelligent M2M Router
120
www.netcommwireless.com

---

Source Exif Data:

File Type                       : PDF
File Type Extension             : pdf
MIME Type                       : application/pdf
PDF Version                     : 1.6
Linearized                      : Yes
Encryption                      : Standard V4.4 (128-bit)
User Access                     : Print, Extract, Print high-res
Author                          : 
Create Date                     : 2013:09:27 18:57:14+08:00
Modify Date                     : 2013:09:27 19:13:13+08:00
XMP Toolkit                     : Adobe XMP Core 4.2.1-c043 52.372728, 2009/01/18-15:08:04
Creator Tool                    : PScript5.dll Version 5.2.2
Metadata Date                   : 2013:09:27 19:13:13+08:00
Producer                        : Acrobat Distiller 9.0.0 (Windows)
Format                          : application/pdf
Creator                         : 
Title                           : 
Document ID                     : uuid:e50bc7e9-e059-4941-aabf-46f767a27d58
Instance ID                     : uuid:5c6bf126-5135-4841-8ef4-58c14db28649
Page Count                      : 120

EXIF Metadata provided by EXIF.tools