NetComm Wireless NWL1201 3G LIGHT INDUSTRIAL M2M ROUTER User Manual

Download:
Mirror Download [FCC.gov]
Document ID	2114886
Application ID	i5iCtSGhTI2JxZzWXcUWSA==
Document Description	User Manual
Short Term Confidential	No
Permanent Confidential	No
Supercede	No
Document Type	User Manual
Display Format	Adobe Acrobat PDF - pdf
Filesize	321.21kB (4015124 bits)
Date Submitted	2013-11-08 00:00:00
Date Available	2014-05-07 00:00:00
Creation Date	2017-10-25 04:55:07
Producing Software	GPL Ghostscript 9.18
Document Lastmod	2017-10-25 04:55:07
Document Title	User Manual
Document Creator	PScript5.dll Version 5.2.2

Usser Guiide
NWL-12
2 Series – 3G Liight Ind
dustriall M2M Routerr
Copyright
Copyright© 2013 NetCom
mm Wireless Limited. All rights reserved.
The information contained herein is proprietarry to NetComm Wireless. No part of this ddocument may be translated, transcribed, reproduced, in any fform, or by any means without prior writteen
conssent of NetComm Wirreless.
Note: This document is subject too change without nottice.
Savee our environment
Wheen this equipment hass reached the end off its useful life, it mustt be taken to a recyclling centre and proceessed separately from
m domestic waste.
The cardboard box, the pplastic contained in the packaging, and thhe parts that make upp this device can be recycled in accordance with regionally eestablished regulationns. Never dispose of this
b subject to penaltiees or sanctions undeer the law. Instead, assk for disposal instrucctions from your munnicipal government.
electronic equipment aloong with your househoold waste. You may be
Please be responsible annd protect our environment.
Thiis manual cov
vers the follow
wing productss:
NetCComm Wireless NWL-12-01
NetCComm Wireless NWL-12-02
NetCComm Wireless 3G Ligght Industrial M2M Rouuter
www.netcommwirelless.com
DOCUMENT VVERSION
DATE
Initial documennt release
Table 1 - Document Revisionn History
Tabl
T le of
o Co
onte
entss
Ove
erview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Introduction .................................................................................................................................................................................................................................................................................................................................. 5
Target audience ........................................................................................................................................................................................................................................................................................................................... 5
Prerequisites ................................................................................................................................................................................................................................................................................................................................ 5
Notation ........................................................................................................................................................................................................................................................................................................................................ 5
Pro
oduct int roducct ion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Product overview ......................................................................................................................................................................................................................................................................................................................... 6
Package contents ........................................................................................................................................................................................................................................................................................................................ 6
Product features........................................................................................................................................................................................................................................................................................................................... 7
Phy
ysical dimensiions and indiccat ors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Physical dimensionss ................................................................................................................................................................................................................................................................................................................... 8
LED indicators.............................................................................................................................................................................................................................................................................................................................. 9
Ethernet port LED indicators..................................................................................................................................................................................................................................................................................................... 10
Interfaces ................................................................................................................................................................................................................................................................................................................................... 11
Pla
acement of t he
e rout er . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Mounting options ....................................................................................................................................................................................................................................................................................................................... 12
Inst allat ion and conf igurat ion of t he 3G Lig
ght Indust rial M
M2M rout er . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Powering the router .................................................................................................................................................................................................................................................................................................................... 18
Power consumption .................................................................................................................................................................................................................................................................................................................. 19
Installing the router .................................................................................................................................................................................................................................................................................................................... 19
Adv
vanced conf ig
gurat ion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
St at
a us . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Int ernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Data Connection ........................................................................................................................................................................................................................................................................................................................ 24
Connect on Demandd ................................................................................................................................................................................................................................................................................................................. 28
Operator Settings ....................................................................................................................................................................................................................................................................................................................... 32
SIM security settingss ................................................................................................................................................................................................................................................................................................................. 33
LAN ............................................................................................................................................................................................................................................................................................................................................ 37
Routing ....................................................................................................................................................................................................................................................................................................................................... 41
VPN ............................................................................................................................................................................................................................................................................................................................................ 51
Serrvices. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Dynamic DNS............................................................................................................................................................................................................................................................................................................................. 65
Network time (NTP) .................................................................................................................................................................................................................................................................................................................... 66
Data stream manageer ............................................................................................................................................................................................................................................................................................................... 67
Watchdogs ................................................................................................................................................................................................................................................................................................................................. 69
SNMP ......................................................................................................................................................................................................................................................................................................................................... 72
TR-069 ........................................................................................................................................................................................................................................................................................................................................ 74
GPS ............................................................................................................................................................................................................................................................................................................................................ 75
SMS messaging ......................................................................................................................................................................................................................................................................................................................... 78
Diagnostics ................................................................................................................................................................................................................................................................................................................................ 82
Sending an SMS Diaagnostic Command ................................................................................................................................................................................................................................................................................... 85
Sys
st em . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
Log ............................................................................................................................................................................................................................................................................................................................................. 92
System Configuratioon ................................................................................................................................................................................................................................................................................................................ 96
ment ........................................................................................................................................................................................................................................................................................................ 103
HTTPS key managem
SSH Key Managemeent............................................................................................................................................................................................................................................................................................................ 107
App
pendix
App
pendix
App
pendix
App
pendix
A:
B:
C:
D:
Tab
bles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
Devvice Mount ing Dimensions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
Mou
unt ing Brackett . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114
Deff ault Set t ings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
Restoring factory deefault settings ........................................................................................................................................................................................................................................................................................... 116
Recovery mode ........................................................................................................................................................................................................................................................................................................................ 117
App
pendix E: HTT
TPS - Uploadin
ng a self -signe
ed cert if icat e . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
App
pendix F: RJ-4
45 connect or . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
Saff et y and produ
uct care . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
NetComm Wireless 3G Light Industrial M2M Router
www.netcommwireless.com
Ove
O ervie
ew
In
ntroduc
ction
This document provides you all the informatioon you need to set upp, configure and use the NetComm Wireleess NWL-12 3G Light Industrial M2M Routter.
Ta
arget a
audienc
ce
This document is intendeed for system integrators or experienced hardware
installers wwho understand teleccommunications terminology and conceptts.
Prrerequ
uisites
Befoore continuing with the installation of your 3G Light Industrial M2M
M Router, please cconfirm that have the following:
A devvice with a working Etthernet network adappter.
A webb browser such as Internet Explorer, Mozilla Firefox or Google Chrome.
A flathhead screwdriver if field terminated power is required.
Notation
The following symbols arre used in this user guide:
The followingg note requires attenntion.
The followinng note provides a warning.
The followinng note provides usefful information.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
Product introduction
Product overview
Penta-band 3G with quad-band 2G auto-fallback
HSPA+ up to 14.4 Mbps DL
Ethernet port with full passive Power over Ethernet (PoE) support (802.3af) (NWL-12-01 only)
RS232/RS422/RS485 Port and USB 2.0 OTG port
Integrated ZigBee multipoint mesh wireless networking (NWL-12-01 only)
Built in GPS supporting an active or passive GPS Antenna via external SMA connector
Three multi-purpose I/O ports
One dedicated ignition input
Internal diversity antennas with option for external main antenna (autosensing)
Intelligent, Tri-Colour LED display for clear, easy to read modem status information
Extensive device management with support for TR-069, Web GUI and full feature management with SMS
Flexible mounting suitable for in-home use or industrial applications with built-in wall mount and DIN rail mounting options
Package contents
The NetComm Wireless 3G Light Industrial M2M Router package consists of:
1 x 3G Light Industrial M2M Router
2 x 3G antennas
1 x 1.5m yellow Ethernet cable 8P8C
1 x DIN rail mounting bracket
1 x six-way terminal block
1 x quick start guide and safety manual
If any of these items are missing or damaged, please contact NetComm Wireless Support immediately. The NetComm Wireless Support website can be found at:
http://support.netcommwireless.com.
NetComm Wireless 3G Light Industrial M2M Router
www.netcommwireless.com
Prroduct feature
es
The NetComm Wireless NNWL-12 3G Light Inddustrial M2M Router iss an M2M device dessigned by NetComm Wireless to address the rapid growth in MM2M deployments. Itt has been designed to
t 3G Light Industriaal M2M Router can bbe managed remotelyy even when it does not
provvide state-of-the-art feeatures and versatilityy at an affordable price. Compatible with network worldwide, the
havee an Internet connecttion via the use of SM
MS diagnostics and commands.
The 3G Light Industrial M
M2M Router includes many features such as Dial on Demand wwhich provides a means to seamlessly coonnect or disconnectt the mobile broadband connection to
consserve usage; TR-069 support for easy maanagement of a groupp of 3G Light Industri al M2M routers; and the ability to functionn as an SSH server too secure communications. Additionally, thhe
openn management system allows you to expaand the feature set byy producing your owwn custom software appplications.
The NetComm Wireless 33G Light Industrial M2M Router meets thee global demand for a reliable and cost-efffective M2M device that successfully catters to mass deploym
ment across businessses.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
Phys
P sica
al diime
ensio
onss and
indicato
ors
Ph
hysicall dimen
nsions
Beloow is a list of the physsical dimensions of thhe 3G Light Industrial M2M Router.
Figure 1 – 3G Lig
ight Industrial M2M Router
Dimensions
3G LIGHHT INDUSTRIAL M2M
M ROUTER
(WITHOUT EXXTERNAL ANTENNAAS ATTACHED)
Length
140 mm
Depth
103 mm
Height
30 mm
Weight
Tabble 2 - Device Dimenssions
NetCComm Wireless 3G Ligght Industrial M2M Rouuter
www.netcommwirelless.com
LE
ED ind
dicatorss
The 3G Light Industrial M
M2M Router uses 7 LEEDs to display the cuurrent system and co nnection status.
Figure 2 - 3G Ligh
ght Industrial M2M Rouuter LED Indicators
LEED ICON
NAME
Power
COLOUR
STATE
DESCRIPTIOON
Off
Power off
Double fflash
Powering up
On
Power on
On
Power on in recoverry mode
Slow flasshing
Hardware error
On
Connected via WWA
AN
Blinking
Traffic via WWAN
Slow flasshing
Connecting PDP
On
Registered network
Slow flasshing
Registering network
Slow flasshing
SIM PIN locked
Fast flasshing
SIM PUK locked
On
Can’t connect
On
3G
On
2G GPRS
On
GSM only (no GPRSS)
Networrk
Signal strength
TTable 3 - LED Indicatoors
Thee term “blinking” meanss that the LED may pulse, with the intervals thatt the LED is on and off nnot being equal. The term “flashing” means thaat the LED turns on andd off at equal intervals.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M RRouter
Signal strength LEDs
The following table lists the signal strength range corresponding with the number of lit signal strength LEDs.
NUMBER OF LIT LEDS
SIGNAL STRENGTH
All LEDs unlit
< -109 dBm
-109 dBm to -101dBm
-101 dBm to -91 dBm
-91 dBm to -85 dBm
-85 dBm to -77 dBm
> -77 dBm
Table 4 - Signal strength LED descriptions
LED update interval
The signal strength LEDs update within a few seconds with a rolling average signal strength reading. When selecting a location for the router or connected or positioning an external antenna,
please allow up to 20 seconds for the signal strength LEDs to update before repositioning.
Ethernet port LED indicators
The Ethernet port of the 3G Light Industrial M2M Router has two LED indicators on it.
Figure 3 - Ethernet port LED indicators
The table below describes the statuses of each light and their meanings.
LED
STATUS
DESCRIPTION
On
There is a valid network link.
Blinking
There is activity on the network link.
On
The Ethernet port is operating at a speed of 100Mbps.
Off
The Ethernet port is operating at a speed of 10Mbps or no Ethernet cable is connected.
Green
Amber
Table 5 - Ethernet port LED indicators description
NetComm Wireless 3G Light Industrial M2M Router
10
www.netcommwireless.com
In
nterface
es
The following interfaces aare available on the 3G
3 Light Industrial M2M Router:
Figure 4 - Interfacess
ITEM
DESCRIPTION
Main anttenna socket
SMA female connector for main antenna.
Auxiliaryy antenna socket
SMA female connector for auxiliary antenna.
GPS anteenna socket
SMA female connector for GPS antenna.
Six-way terminal block connector
Connect power sourrce, ignition and I/O wires hhere. Power, ignition and I//O wires may be terminatedd on optional terminal blockk and connected to DC inpput jack.
Refer to the diagram
m and table on under Step 3 of the Installing your device section for correct wirinng of the terminal block. Opperates in the 8-40V DC range.
Press and hold for leess than 5 seconds to rebooot to normal mode.
Reset buutton
Press and hold for 5 to 15 seconds to reboot too recovery mode.
Press and hold for 15 to 20 seconds to reset thhe router to factory default settings.
SIM cardd slot
Insert SIM card heree.
RJ45 PoE Ethernet port
Connect one or seveeral devices via a network sswitch here. This port can also optionally receive Pow
wer over Ethernet (802.3af PoE) in which case the DC
C power
supply can serve as a backup power source iff required (PoE available onn NWL-12-01 only).
Mini USBB 2.0 OTG port
Provides connectivity for optional external storaage or a USB Ethernet donngle. Supplies up to 0.5A too connected device.
Serial poort
Female DB9 port supporting 9-wire RS-232, RSS-485 or RS-422 (software selectable).
Table 6 – Interfacess
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
11
Plac
P cem
ment of tthe rou
uter
The two external high-peerformance antennas supplied with the rouuter are designed to provide optimum siggnal strength in a wide range of environmeents. If you find the signal strength is weaak, try
a acceptable signall, try moving the routeer to a different placee or mounting it differrently.
adjusting the orientation of the antennas. If yoou are unable to get an
Note: When sselecting a location foor the router, allow att least 20 seconds foor the signal strength LEDs to update befoore trying a different llocation or connectinng an external antennna.
Mountin
ng optio
ons
The 3G Light Industrial M
M2M router can be quuickly and easily mouunted in a variety of loocations.
Mo
ounted fla
at against th
he wall
Wheen mounted flat againnst the wall, the 3G Liight Industrial M2M roouter has a slimline fform factor. Use apprropriately sized screw
ws in the mounting hooles provided on the base of the unit.
Figure 5 - W
Wall mount - Flat agaainst the wall
NetCComm Wireless 3G Ligght Industrial M2M Rouuter
12
www.netcommwirelless.com
Pe
erpendicullar to the wall
If a large surface area is not available, there is the option of mounting the router perpeendicular to the wall. This
T gives the router a small wall footprintt while remaining seccurely attached. Use
apprropriately sized screwws in the mounting hooles provided on the back of the unit.
Figure 6 - Waall mount - Perpendicu
cular to the wall
C Section DIIN Rail mo
ount
The 3G Light Industrial M
M2M router easily sliddes onto a C Section DIN rail so that it is hhorizontally mounted. The DIN Rail mounting bracket is not reqquired for C Section DIN
D rail mounting.
Figuree 7 - C Section DIN raiil mount
To mount
m the unit on a C--Section DIN rail, slidde it on as illustrated below:
Figure 8 - Mounting the unit onn a DIN rail
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
13
Mounting bracket
The provided mounting bracket provides additional methods of mounting the 3G Light Industrial M2M router.
To attach the mounting bracket, slide it onto the rear of the router as shown in the diagram below:
Figure 9 - Sliding on the mounting bracket
To remove the bracket, press the PUSH button and slide the router off the bracket:
Figure 10 - Removing the mounting bracket
NetComm Wireless 3G Light Industrial M2M Router
14
www.netcommwireless.com
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
15
Ussing the m
mounting brracket for wall moun
nting
By first attaching the DINN rail bracket to the wall,
w the 3G Light Induustrial M2M router caan be easily attachedd and removed from the bracket.
Figure 11 – Wal
all mount - Mounted via
ia DIN rail bracket
Ussing the m
mounting brracket for Top hat D
DIN rail mo
ounting
The 3G Light Industrial M
M2M router may be veertically mounted to the
t wall with the braccket by sliding the braacket onto a top hat DIN
D rail
Figure
re 12 - Top hat DIN railil mount
Alterrnatively, you can attaach it to the DIN Rail by using the V bendd in the bracket as illuustrated below:
Figurre 13 - Attaching the m
mounting bracket to the
t DIN rail using the V bend
NetCComm Wireless 3G Ligght Industrial M2M Rouuter
16
www.netcommwirelless.com
De
esk mountt
In sittuations where wall m
mounts and DIN rails are not required, youu can simply place thhe 3G Light Industrial M2M router on a deesk using its rubber feeet to prevent it from slipping.
FFigure 14 - Desk mouunt
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
17
Installation and configuration
of the 3G Light Industrial M2M
router
Powering the router
The 3G Light Industrial M2M router can be powered in one of three ways:
1.
Power over Ethernet (802.3af PoE) (available on the NWL-12-01 only)
2.
DC power input via 6-pin connector (8-40V DC)
3.
DC power input via field terminated power source (8-40V DC)
The green power LED on the router lights up when a power source is connected.
Power over Ethernet (802.3af PoE) (available on the NWL-12-01 only)
Power over Ethernet (PoE) is a method of connecting network devices through Ethernet cable where power and data are passed along a single cable. This may be a desirable method of
powering the device if PoE is available, or if it’s most convenient in the desired installation environment to only have a single cable running to the 3G Light Industrial M2M router.
There are 5 power classes defined in the IEEE 802.3-2005 standard, of which the 3G Light Industrial M2M router is a class 3 device.
CLASS
CLASSIFICATION CURRENT
POWER RANGE
CLASS DESCRIPTION
26-30 mA
6.49 – 12.95 W
Mid power
Table 7 - PoE power classes
To use PoE to power the 3G Light Industrial M2M router, simply connect your router to a PoE injector or PoE network switch using the bundled yellow Ethernet cable 8P8C.
DC power via 6-pin connector
The DC input jack can accept power from a separately sold DC power supply. Both a standard temperature range DC power supply and an extended temperature range DC power supply are
available to purchase as accessories.
To power the device via DC Power via the 6-pin connector, remove the attached green terminal block from your router and connect the external DC power supply to the router’s green DC power
jack.
DC power via field terminated power source
If an existing 8-40V DC power supply is available, you can insert the wires into the supplied terminal block to power your router. Use a No. 3 flathead screwdriver to tighten the terminal block
screws and secure the power wires, making sure the polarity of the wires are correctly matched, as illustrated below.
Figure 15 - Locking Power Terminal Block
NetComm Wireless 3G Light Industrial M2M Router
18
www.netcommwireless.com
TERMINAL
DESCRRIPTION
Positive wire for powerr.
Ground wire.
Dedicated terminal for ignition detection.
I/O
Three terminals used foor input/output detection. (Please
refer to the User Guuide).
Table 8 - Locking power block
ck pin outs
Fa
ailover pow
wer suppo
ort (NWL-1
12-01 only))
The 3G Light Industrial M
M2M router includes support
for connectioon of two power sourcces at the same timee. When a PoE Ethernet cable is connecteed and DC power is also
a supplied to the DC
will automatically switcch to source power frrom
input jack of the router, thhe router will source power exclusively froom the PoE source. Inn the event that poweer from the PoE cablee is lost, the router wi
D input jack, withouut affecting the routerr’s operation. When PoE
P power is restoredd, the router automatically switches back to receive power fromm the PoE input source.
the DC
Viiewing pow
wer source
e informattion
You can view the currentt power input mode inn the Advanced statuus section of the devi ce’s web user interfaace. This is useful for remotely monitoring the device. You can also use the Softwarre
Deveelopment Kit to access this information for advanced purposes (e.g. configuring S MS alerts to inform you of the power statuus of the router).
To view the router’s poweer source informationn, log in to the router and expand the Advaanced status box on the status page. Seee the Status section oof this manual for more information on the
statuus page.
Po
ower c
consum
mption
To assist with power consumption planning, the following table summarises average ppower consumption during
the various states of the 3G Light Inndustrial M2M router under normal usage
condditions. It’s important to note that this tablee serves as an indicaation only as the powwer consumed by the device is affected byy many variables inclluding signal strength, network type, and
netwwork activity.
Av
verage pow
wer consu
umption fig
gures
STATE
POWER CONSUMPPTION
Powered on, idle and
a connected to packet data
1.2W
Powered on, connnected to packet dataa with average load
2.0W
Powered on, connnected to packet dataa with heavy traffic
4.0W
Peak power draw at maximum 3G moddule transmission powwer
5.0W
Table 9 - Av
Average power consum
mption figures
In
nstallin
ng the router
Afterr you have mounted tthe router and conneected a power sourcee, follow these steps tto complete the instaallation process.
1.
Connect eqquipment that requirees network access to the Ethernet port of yyour router. This mayy be your computer foor advanced configuuration purposes, or your
y end equipment which
requires daata access via the 3G
G Light Industrial M2M
M router. You can connnect one device dirrectly, or several devices using a network switch.
If you’re using PoE as the power source, you need too connect any devicees via an available daata Ethernet port on your
y PoE power sourrce (be it a PoE netwoork switch or PoE powwer
injector).
2.
Ensure the external power sourcce is switched on andd wait 2 minutes for yyour 3G Light Industrrial M2M router to staart up. To check the sstatus of your router, compare the LED
indicators oon the device with thoose listed on page 8 of this guide.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
19
Adv
A vanc
ced con
nfig
gura
ation
The 3G Light Industrial M
M2M Router comes with
w preconfigured setttings that should sui t most customers. Foor advanced configurration, log in to the wweb-based user interfface of the router.
To loog in to the web-baseed user interface routter:
1.
Open a web browser (e.g. Internet Explorer, Firefox, Safari), type http://1 92.168.1.1 into the address bar and press Enter. The web-baased user interface log in screen is displayyed.
Figure 16 – Log inn prompt for the web-bbased user interface
2.
Enter the loogin username and password.
If this is thee first time you are loggging in or you have not previously configgured the password ffor the “root” or “adm
min” accounts, you caan
use one of the default account details
to log in.
ADMIN MANAGER ACCOOUNT
ROOT MANAGER ACCOUNT
Username:
addmin
Useername:
rooot
Password:
addmin
Passsword:
addmin
Table 10 - M
Management accountt login details
Note: To acceess all features of thee router, you must use the root manager aaccount.
For security reeasons, we highly recommend that you change the passwordds for the root and addmin accounts upon initial installation. Youu can do so by navigating to the System and
then Administtration page.
The Status page is displaayed when you log inn successfully.
NetCComm Wireless 3G Ligght Industrial M2M Rouuter
20
www.netcommwirelless.com
Statu
S us
The status page of the web interface providess system related information and is displaayed when you log in to the 3G Light Industrial M2M router maanagement console. The
T status page showws
System information, LAN details, Cellular connection status, Packeet data connection sttatus and Advanced status details. You can toggle the sectionns from view by clicking the
buttoons to show or hide them. Extra status boxes will appear as addditional software feaatures are enabled (ee.g. VPN connectivityy).
or
Figgure 17 - The Status page
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
21
ITEM
DEFINITION
System information
System up time
The current uptime of the router.
Board version
The hardware version of the router.
Serial Number
The serial number of the router.
Software
The software version number running on the router.
Model
The type of phone module and the firmware version of the module.
Firmware version
The firmware revision of the phone module.
IMEI
The International Mobile Station Equipment Identity number used to uniquely identify a mobile device.
LAN
IP
The IP address and subnet mask of the router.
MAC Address
The MAC address of the router.
Ethernet Port Status
Displays the current status of the Ethernet port and its operating speed.
Cellular connection status
SIM Status
Displays the activation status of the router on the carrier network.
Signal strength (dBm)
The current signal strength measured in dBm
Network registration status
The status of the router’s registration for the current network.
Operator selection
The mode used to select an operator network.
Current operator
The current operator network in use.
Roaming status
The roaming status of the router.
Allowed bands
The bands to which the router may connect.
Current band
The current band being used by the router.
Coverage
The mobile equipment identifier (MEID) of the router, a unique code for identifying devices on a CDMA network.
WWAN Connection Status
Profile name
The name of the active profile.
Status
The connection status of the active profile.
Default profile
Indicates whether the current profile in use is the default profile.
WWAN IP
The IP address assigned by the mobile broadband carrier network.
DNS server
The primary and secondary DNS servers for the WWAN connection.
APN
The Access Point Name currently in use.
Connection uptime
The length of time of the current mobile connection session.
Advanced status
Mobile country code
The Mobile Country Code (MCC) of the router.
Mobile network code
The Mobile Network Code (MNC) of the router.
Signal quality (Ec/N0)
A measurement of the portion of the received signal that is usable. This is the signal strength minus the signal noise level.
Received signal code power (RSCP)
The power level of the signal on the current connection’s particular channel.
Power input mode
Displays whether power is currently being sourced from the PoE Ethernet port or from the DC input jack (PoE available on NWL-12-01 only)
HSUPA category
Displays the HSUPA category (1-9) for the current uplink
HSDPA category
Displays the HSDPA category (1-8) for the current downlink.
SIM ICCID
The Integrated Circuit Card Identifier of the SIM card used with the router, a unique number up to 19 digits in length.
Primary scrambling code (PSC)
The Primary scrambling code for the current signal.
DC input voltage
Displays the current voltage of the power input source provided via the DC Input jack
Location area code (LAC)
The ID of the cell tower grouping the current signal is broadcasting from.
NetComm Wireless 3G Light Industrial M2M Router
22
www.netcommwireless.com
IMSI
The Internationaal mobile subscriber identitty is a unique identifier of thhe user of a cellular networrk.
Cell ID
A unique code that
t identifies the base stattion from within the locationn area of the current mobilee network signal.
Channel number (UARFCCN)
The channel num
mber of the current 3G/2G connection.
Table 11 - Status page item
m details
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M RRouter
23
Internet
The Internet section provides configuration options for Wireless WAN, LAN, Routing and VPN connectivity.
Data Connection
The data connection page allows you to configure and enable/disable the connection profile. To access this page, click on the Networking menu, and under the Wireless WAN menu, select the
Data Connection item.
Figure 18 – Data connection settings
NetComm Wireless 3G Light Industrial M2M Router
24
www.netcommwireless.com
ITEM
DEFINITION
Data connection
Transparent Bridge (PPPPoE)
Toggles the trannsparent bridge function onn and off.
Profile name list
Default
Sets the correspponding profile to be the deefault gateway for all outboound traffic except traffic foor which there are configurered static route rules or profile routing settings.
Status
Toggles the corresponding profile on and off. If your carrier supportss it, two profiles may be turned on simultaneously.
APN
The APN configured for the correspondingg profile.
Username
The username used
u to log on to the corressponding APN.
Roaming settings
Allow data roaming
When set to ON, the router will allow local devices to access the Wireeless WAN network when the MachineLink 3G is roamming onto a foreign network. When set to OFF, the
router will deny network access to data seervices when roaming onto a foreign network. This setting is ON by default.
Table 122 - Data connection ite
tem details
Co
onnecting to the mobile broad
dband netw
work
The router supports the cconfiguration of up too six APN profiles; theese profiles allow youu to configure the setttings that the router will
w use to connect too the 2G/3G network and switch easily
betwween different connecction settings.
For advanced
networkingg purposes, you mayy activate a maximum
m of two profiles simu ltaneously (dependaant on network support). When activating ttwo connection profiles, you should avoidd
seleccting two profiles withh the same APN as this can cause only one profile to connectt. Similarly, activatingg two profiles which are both configured too automatically deterrmine an APN can caause a
confflict and result in neithher profile establishinng a connection. We recommend that thee two active connectioon profiles have differing, manually configgured APNs to avoid connection issues annd
ensuure smooth operationn.
Ma
anually co
onfiguring a connecttion profile
To manually
configure a connection profile:
1.
Click the Eddit button correspondding to the Profile thaat you wish to modify.. The data connection profile settings pagge is displayed.
Figure 19 - Data connection proofile settings
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
25
2.
Click the Profile toggle key to turn the profile on. Additional settings appear.
Figure 20 - Data connection settings - Profile turned on
3.
In the Profile name field, enter a name for the profile. This name is only used to identify the profile on the router.
4.
Ensure that the Automatic APN selection toggle key is set to off. If it is not, click it to toggle it to the off position.
5.
In the APN field, enter the APN Name (Access Point Name) and if required, use the Username and Password fields to enter your login credentials.
6.
Next to Authentication type, select the either CHAP or PAP depending on the type of authentication used by your provider.
7.
The Reconnect delay field specifies the number of seconds to wait between connection attempts. The default setting of 30 seconds is sufficient in most cases but you may modify it
to wait up to 65535 seconds if you wish.
8.
The Reconnect retries field specifies the number of times to attempt to connect to the network if the router fails to establish a connection. It is set to 0 by default which causes the
router to attempt to reconnect indefinitely.
9.
The Metric value is used by router to prioritise routes (if multiple are available) and is set to 20 by default. This value is sufficient in most cases but you may modify it if you are
aware of the effect your changes will have on the service.
10.
The MTU field allows you to modify the Maximum Transmission Unit used on the connection. Do not change this unless instructed to by your carrier.
11.
Use the NAT Masquerading toggle key to turn NAT Masquerading on or off. NAT masquerading, also known simply as NAT is a common routing feature which allows multiple LAN
devices to appear as a single WAN IP via network address translation. In this mode, the router modifies network traffic sent and received to inform remote computers on the internet
that packets originating from a machine behind the router actually originated from the WAN IP address of the router’s internal NAT IP address. This may be disabled if a framed
route configuration is required and local devices require WAN IP addresses.
12.
For advanced networking such as using dual simultaneous PDP contexts, you may wish to configure a particular profile to route only certain traffic via that profile by configuring a
custom address and mask of traffic to send via that profile. To do this, in the Profile routing settings section, enter the Network address and Network mask of the remote network. If
you do not want to use this feature, or are unsure, please leave these fields blank, which will not designate any particular traffic to be routed via this profile. For more information on
configuring Profile routing settings, see the Setting a default gateway with two active connection profiles example.
NetComm Wireless 3G Light Industrial M2M Router
26
www.netcommwireless.com
13.
Click the Saave button when youu have finished entering the profile detailss.
Co
onfirming a successfful connec
ction
Afterr configuring the paccket data session, andd ensuring that it is enabled,
click on the Status menu item at the top of the page to return to the Statuss page. When there iss a mobile broadband
connnection, the WWAN ssection is expanded showing the details of
o the connection andd the Status field dispplays Connected. To see details on the coonnected session, yoou can click the Showw data
usagge button.
Figure 21 - Paacket data connectionn status section
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
27
Connect
t on De
emand
The connect on demand feature keeps the Paacket Data Protocol (PDP) context deactivvated by default while making it appear too locally connected ddevices that the routeer has a permanent
attempts to esttablish a mobile broaadband data connection.
connnection to the mobile broadband network. When a packet of innterest arrives or an SSMS wake-up commaand is received, the router
Wheen the data connectioon is established, the router monitors traffic and terminates thee link when it is idle.
Note: When interesting packets arrive, the recovery tim
me for the wireless W
WAN connection is appproximately 20-30 seeconds.
Co
onfiguring
g Connect on Deman
nd
To configure Connect on demand:
1.
Click the Networking menu item
m from the top menu bar.
2.
On the Connnect on demand pagge, click the Connectt on demand toggle key so that it is ON. Extra
E options appear. See the following suub-sections for furtheer instructions.
Figure 22 - Connnect on demand conffiguration options
NetCComm Wireless 3G Ligght Industrial M2M Rouuter
28
www.netcommwirelless.com
Se
etting the rrouter to dial
d a connection whe
en traffic is
i detected
d on speciific ports
In soome situations, you m
may wish to have the internet connection disabled
except at timmes when outbound traffic to a particular external host’s port oor range of ports is sent to the router. To use
this feature,
click Enable dial port filter and enter the port number or list of port numbeers separated by com
mmas. When you seleect this option, all outbtbound ICMP/TCP/UDDP packets to any rem
mote
host on the specified porrt(s) will trigger the coonnection to dial. Notte that when this featture is enabled, the options
to ignore speccific packet types aree not available.
Figure 23 – Dial on ddemand - Data activity
ty triggered connectionn
You can allow Microsoft nnetwork awareness (NCSI) traffic through but if you prefer thatt they do not trigger the
t connection, click the Ignore Microsoftt network awareness (NCSI) traffic togglee key
to seet it to ON.
Figure 24 - DDIal on demand - Ignoore NCSI traffic
Ex
xcluding c
certain pac
cket types from trigg
gering the
e connectio
on to dial
Depending on your envirronment, you might prefer
to exclude certain types of traffic paassing through the roouter from triggering the
t data connection. You can tell the router to ignore outboundd
from a locally
TCP, UDP or ICMP packeets. When any of thesse options are checkked the router will nott dial a connection when that type of outbound destined data ppacket reaches the router
connnected device.
Figure 25 – Dia
ial on demand - Excludding IP protocols
Ex
xcluding c
certain app
plication ty
ypes from triggering
g the conn
nection to d
dial
Som
me devices may geneerate general traffic ass a part of normal opperation which you maay not want to trigger the data connectionn. You can set the rouuter to ignore Domain Name System (DNSS),
Netwwork Time Protocol (NNTP) or Microsoft netwwork awareness (NCCSI) traffic from devicces behind the router. When you check the box for these optio ns, it tells the router to
t ignore the requestt from
that application type andd will not dial a conneection when this data type is received.
Figure 26 - Dial oon demand - Excludingg application types
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
29
Setting timers for connection and disconnection
The router has a number of timer settings which let you determine when a connection is dialled and when it is disconnected.
Figure 27 – Dial on demand - Connect and disconnect timers
OPTION
DESCRIPTION
On data activity, stay online for at least
When traffic as per the configured settings above appear, the router will either continue to stay online, or dial a connection and will not disconnect it
for the specified time period (min. 1 minute, max. 1 hour). This timer is continuously reset throughout the duration of a dial-up session, whenever
data activity is detected matching the rules above.
After connecting, stay online for at least
This timer configures the router to not hang-up the connection for the specified time period after initially dialling the connection. This setting cannot
be less than the keep online period above. This timer affects the connection only once per dial up session, at the beginning of the session.
After hanging up, don’t redial for
After a connection has been disconnected, you can tell the router to rest for a period of time before re-dialling.
Disconnect regardless of traffic after
Forces the router to disconnect the connection regardless of the traffic passing through it. The default setting is never.
If you want to have the router dial a connection at regular intervals, use Connect regularly, every to specify the interval between dials. Setting this to
never effectively disables this option.
Connect regularly, every / Randomise connect frequency by
up to
The router also features the ability to randomise the time at which the first dial action is performed. This is useful in situations such as where you
have numerous routers in an area where a power outage has occurred. Setting a random dial time helps to reduce network congestion when all the
routers are powered on so they do not all try to connect simultaneously.
When it is set to at least 2 minutes, you are able to configure the router to randomise the time it begins to dial. The randomised dial timer only affects
the initial dial after the unit powers on or after the settings are saved. For example, if you configure the router to dial every 2 minutes with a
randomised dial time of 1 minute, the router will dial the initial connection at a time greater than 2 minutes, but less than 3 minutes. After the first dial,
the router will dial the connection exactly every 2 minutes.
Table 13 - Connect on demand - Connect and disconnect timers descriptions
Verbose mode
The router provides the option of logging all the data activity which matches the settings for the Dial on demand feature for advanced troubleshooting purposes. To enable the logging of the Dial
on demand feature, click the Enable verbose mode toggle key to switch it ON. See the System log section for more information.
Figure 28 – Dial on demand - Verbose logging configuration
NetComm Wireless 3G Light Industrial M2M Router
30
www.netcommwireless.com
Ma
anually co
onnecting//disconnec
cting
Therre may be times when you need to either force a connection too be made or force a disconnection manuually. You can use thee Manual connect annd Manual disconnecct buttons to do this
whenever necessary. Thee online status of the connection is displaayed above the buttonns.
Figure 29 - Diaal on demand - Onlinee/Offline control
Wheen you have finished cconfiguring the optioons for the Dial on demand feature, click thhe Save button at thee bottom to save your changes.
SM
MS Wake u
up
The router can also be wwoken up by means of
o an SMS message using
u the SMS diagnoostics feature by sending a zero byte classs 1 flash SMS. See ththe Diagnostics section for details on usinng the
SMSS Wake up function.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
31
Operato
or Settin
ngs
The Operator settings paage enables you to seelect which frequency band you will use ffor your connection and
a enables you to sccan for available netwwork operators in youur area.
Fi
Figure 30 - Band settinngs
p you are promptted to disable the data connection if it is
Note: In ordeer to change the celluular band settings, thhe data connection mmust be disabled. Whhen you access this page,
already activve.
You may want to do this iif you’re using the rouuter in a country with multiple frequency nnetworks that may noot all support High Sppeed Packet Access (HSPA). You can select the router to onlyy
connnect on the network ffrequencies that suit your
y requirements.
Use the Change band drrop down list to selecct the band you wish to
t use.
The following band settinngs options are availaable:
All Baands
GSM AAll
WCDM
MA All
GSM 850
GSM 900
GSM 1800
GSM 1900
WCMDA 850
MA 900
WCDM
MA 800
WCDM
MA 1900
WCDM
MA 2100
WCDM
It is not necessary to chaange the default settinng of All bands in moost cases. In fact, loccking to a particular band
b can cause connnection difficulties if thhe device is moved to
t a location where thhe
forceed band selection is no longer available.
Wheen All bands is selecteed, the router attemppts to find the most suuitable band based oon the available netwworks for the inserted SIM card.
The GSM All and the WCCDMA all options alloww you to force the deevice to lock to eitherr 2G networks only, or 3G networks only.
Clickk the Save button to ssave and apply your selection.
Op
perator se
ettings
The operator settings feaature allows you perfoorm a scan of availabble networks, and to ooptionally lock to a particular network retuurned by the networkk scan. To scan for avvailable networks, set the
and requires that the packet dataa session be disconneected prior to scanning.
Seleect operator mode froom automatic to Manuual then click the scaan button. This operaation can take a few minutes
NetCComm Wireless 3G Ligght Industrial M2M Rouuter
32
www.netcommwirelless.com
Figgure 31 - Operator sett
ttings
A list of the detected 3G service carriers in yoour area is displayed.
Figure
re 32 - Detected operaator list
Select the most appropriate 3G service from the
t list shown and click Apply.
Wheen Select operator moode is set to Automattic, the router selects the most appropriatee operator based on the inserted SIM carrd. This is the defaultt option and is sufficieent for most users.
SIIM secu
urity se
ettings
The SIM security settingss page can be used for
f authenticating SIM
M cards that have beeen configured with a security PIN.
Un
nlocking a PIN locke
ed SIM
If thee SIM card is locked,, you will receive a nootice when you accesss the Status page affter which you will bee directed to the PIN settings page to enteer the PIN. The PIN settings page lists thee
statuus of the SIM at the toop of the page.
If you are not redirected tto the PIN settings paage, to unlock the SIM:
a)
Click on thee Networking menu frrom the top menu baar, and then click SIMM security settings.
Figure 33 - SI
SIM security settings - SIM
S PIN locked
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
33
b)
Enter the PIN in the Current PINN field and then enterr it again in the Confirrm current PIN field to
t confirm the PIN.
c)
member PIN option. This
T feature allows thhe router to automaticcally send the PIN to the
If you are pplacing the router in a remote, unattendedd location, you may wwish to check the Rem
SIM each tiime the SIM asks for it (usually at power up).
u This enables the SIM to be PIN locked (to prevent unauthoorised re-use of the SSIM elsewhere), whilee still allowing the rouuter to
connect to the cellular service.
When this ffeature is enabled, thhe PIN you enter when setting the Rememmber PIN feature is enncrypted and stored locally on the router. The next time the SIM asks the router forr the
PIN, the rouuter decrypts the PINN and automatically sends it to the SIM witthout user interventioon.
When this ffeature is disabled annd the SIM is PIN locked and the PIN musst be manually entereed via the router‘s configuration interface.. In situations where the
t router will be
unattendedd, this is not desirablee.
Note: Selectt Remember PIN if yoou do not want to entter the PIN code eachh time the SIM is inseerted.
d)
Click the Saave button. If successsful, the router displaays the following screeen:
En
nabling/Diisabling SIIM PIN pro
otection
The security PIN protection can be turned on or off using the PIN protection toggle keyy.
FFigure 34 - PIN Setting
ngs
NetCComm Wireless 3G Ligght Industrial M2M Rouuter
34
www.netcommwirelless.com
Ch
hanging th
he SIM PIN
N code
PIN button and
a enter the currentt PIN into the Current PIN and Confirm current PIN fields, thenn enter the desired PIN into the New PIN and
If you would like to changge the PIN, click the Change
Conffirm new PIN fields aand click the Save buutton.
Figure 335 - PIN settings - Cha
hange PIN
Wheen the PIN has been cchanged successfully, the following screeen is displayed:
Figure 36 - SIM ssecurity settings – PIN
N unlock successful
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
35
Un
nlocking a PUK locke
ed SIM
Afterr three incorrect attem
mpts at entering the PIN, the SIM card beecomes PUK (Personnal Unblocking Key) locked and you are reequested to enter a P UK code to unlock it.
Note: To obtain the PUK unlock coode, you must contacct Vodafone.
You will be issued a PUKK to enable you to unllock the SIM and enteer a new PIN. Enter tthe new PIN and PUKK codes.
Clickk the Save button whhen you have finishedd entering the new PIN and PUK codes.
Figure 377 - SIM security - SIM PUK
P locked
NetCComm Wireless 3G Ligght Industrial M2M Rouuter
36
www.netcommwirelless.com
LA
AN
LA
AN configu
uration
The LAN configuration paage is used to configgure the LAN settingss of the router and to enable or disable DNNS Masquerading.
Figure 338 – LAN configuration
on settings
The default IP of the Etheernet port is 192.168.1.1 with subnet maskk 255.255.255.0. To cchange the IP address or Subnet mask, enter
e the new IP Addrress and/or Subnet mask
m and click the Saave
buttoon.
Note: If you cchange the IP address, remember to rebooot the router and ennter the new IP addreess into your browser address bar.
DN
NS masquerad
ding
DNSS masquerading allowws the router to proxyy DNS requests from LAN clients to dynammically assigned DNSS servers. When enabled, clients on the ro
router’s LAN can thenn use the router as a DNS
server without needing too know the dynamicaally assigned cellular network DNS serverss.
3 Light Industrial MM2M router hands out its own IP address (e.g. 192.168.1.1) as the DNS server addrress to LAN clients. The
With DNS masquerading ON, the DHCP serveer embedded in the 3G
downstream clients then send DNS requests to the 3G Light Indusstrial M2M router whi ch proxies them to thhe upstream DNS serrvers.
With DNS masquerading OFF, the DHCP servver hands out the upstream DNS server IPP addresses to downnstream clients directtly, so that downstreaam clients send DNS requests directly to the
upsttream DNS servers wwithout being proxied by the 3G Light Induustrial M2M router.
You may also override the DNS Masquerading option by specifyinng custom DNS Serveer IP addresses in the DHCP Server configuration mentioned iin the next section off this guide. In this caase
the DHCP
server assignss downstream devicees the manually configgured addresses andd the DNS Masqueraading option is ignoreed.
In most cases, it is not neecessary to disable DNS
D masquerading but
b if you need to, clicck the DNS masquerrading toggle key to turn it OFF and then cclick the Save buttonn.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
37
DHCP
The DHCP page is used to adjust the settings used by the router’s built in DHPC Server which assigns IP addresses to locally connected devices.
DHCP relay configuration
In advanced networks configurations where the 3G Light Industrial M2M Router should not be responsible for DHCP assignment, but instead an existing DHCP server is located on the Wireless
WAN connection, the clients behind the 3G Light Industrial M2M Router are able to communicate with the DHCP server when DHCP relay is enabled. This enables the 3G Light Industrial M2M
Router to accept client broadcast messages and to forward them onto another subnet.
To configure the router to act as a DHCP relay agent click the DHCP relay toggle key to turn it ON and enter the DHCP server address into the DHCP server address field. DHCP relay is
disabled by default.
Figure 39 – DHCP relay configuration
DHCP configuration
You can manually set the start and end address range to be used to automatically assign addresses within, the lease time of the assigned address, the default domain name suffix, primary and
secondary DNS server, the primary and secondary WINS server, as well as the advanced DHCP settings such as NTP, TFTP and Option 150/Option 160 (VoIP options).
Figure 40 - DHCP configuration
NetComm Wireless 3G Light Industrial M2M Router
38
www.netcommwireless.com
OPTION
DESCRIPTIO
ON
DHCP start range
Sets the first IP address of thhe DHCP range
DHCP end rannge
Sets the last IP address of thhe DHCP range
DHCP lease time (seconds)
Thhe length of time in secondds that DHCP allocated IP addresses are valid
Default domain name suffix
Specifies the default domainn name suffix for the DHCPP clients. A domain name suffix enables users to acceess a local server, for exam
mple, server1,
without
typing the full domaiin name server1.domain.coom
DNS server 1 IP address
Specifies the primary DNS ((Domain Name System) server’s IP address.
DNS server 2 IP address
Specifies the secondary DNNS (Domain Name System) server’s IP address.
WINS server 1 IP address
Specifies the primary WINS (Windows Internet Name Service)
server IP address
WINS server 2 IP address
Specifies the secondary WINNS (Windows Internet Nam
me Service) server IP addreess
NTP server (OOption 42)
Specifies the IP address of tthe NTP (Network Time Prootocol) server
TFTP Server (OOption 66)
Specifies the TFTP (Trivial FFile Transfer Protocol) serveer
DHCP option 150
Thhis is used to configure Cissco IP phones. When a Cissco IP phone starts, if it is not
n pre-configured with thee IP address and TFTP address, it sends a
reequest to the DHCP server to obtain this information. Specify the string which w ll be sent as a reply to the option 150 request.
DHCP option 160
Thhis is used to configure Poolycom IP phones. When a Polycom IP phone starts, iff it is not pre-configured witith the IP address and TFTP address, it
seends a request to the DHCCP server to obtain this information. Specify the string which will be sent as a repply to the option 160 request.
Enteer the desired DHCP options and click thee Save button.
Ad
ddress reserva
ation list
DHCCP clients are dynamically assigned an IPP address as they connnect, but you can reeserve an address for a particular device using the address reeservation list.
Figure 41 – DHCP – Address resservation list
To add a device to the adddress reservation lisst:
1.
Click the +AAdd button.
2.
In the Computer Name field enter a name for the devvice.
3.
In the MACC Address field, enterr the device’s MAC adddress.
4.
In the IP Adddress fields, enter thhe IP address that yoou wish to reserve forr the device.
5.
If the Enablle toggle key is not set to ON, click it to swwitch it to the ON possition.
6.
Click the Saave button to save thhe settings.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
39
Dynamic DHCP client list
The Dynamic DHCP client list displays a list of the DHCP clients. If you want to reserve the current IP address for future use, click the Clone button and the details will be copied to the address
reservation list fields. Remember to click the Save button under the Address reservation list section to confirm the configuration.
Figure 42 - Dynamic DHCP client list
NetComm Wireless 3G Light Industrial M2M Router
40
www.netcommwireless.com
Routing
Sta
atic
Static routing is the alternnative to dynamic rouuting used in more coomplex network scennarios and is used to facilitate communicaation between devicees on different networrks. Static routing involves
conffiguring the routers inn your network with all the information neccessary to allow the ppackets to be forwardded to the correct destination. If you channge the IP address off one of the devices inn the
staticc route, the route willl be broken.
Figgure 43 - Static routing
ng list
me routes are added bby default by the routter on initialization suuch as the Ethernet suubnet route for routinng to a device on the Ethernet subnet.
Som
Ad
dding Static Ro
outes
To add a new route to thee static routing list, click the +Add button.. The Static routes paage appears.
1.
In the Route name field, type a name for the route soo that it can be identiified in the static routting list.
2.
From the Network interface dropp down list, select thee interface for which you would like to creeate a static route.
3.
In the Destiination IP address fieeld, enter the IP addrress of the destinatio n of the route.
4.
In the IP suubnet mask field, enteer the subnet mask of
o the route.
5.
In the Gateway IP address field, enter the IP address of the gateway thatt will facilitate the rouute.
6.
In the Metriic field enter the metrric for the route. The metric value is used by the router to priorritise routes. The loweer the value, the highher the priority. To givve the route the higheest
priority, sett it to 0.
7.
Click the Saave button to save yoour settings.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
41
Figure 44 - Adding a static route
Active routing list
Static routes are displayed in the Active routing list.
Figure 45 - Active routing list
Deleting static routes
From the static routing list, click the
icon to the right of the entry you wish to delete.
Figure 46 - Deleting a static route
NetComm Wireless 3G Light Industrial M2M Router
42
www.netcommwireless.com
RIP
RIP (Routing Information Protocol) is used forr advertising routes too other routers. Thus all the routes in the router’s
routing table will be advertised to other nearby routerss. For example, the rooute
for thhe router’s Ethernet ssubnet could be adveertised to a router on the PPP interface sidde so that a router onn this network will knoow how to route to a ddevice on the router’s Ethernet subnet. Sttatic
routees must be added manually according to your requirements. See
S Adding Static Rooutes.
Note: Some rrouters will ignore RIPP.
Figgure 47 - RIP configura
ration
To enable Routing Inform
mation Protocol (RIP)
1.
Click the RIP toggle key to switcch it to the ON positioon.
2.
Using the VVersion drop down lisst, select the version of RIP that you wouldd like to use.
3.
Select the interface for which yoou want RIP to apply. You can choose thee LAN interface, the WWAN
interface or Both.
4.
Click the Saave button to confirm
m your settings.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
43
Re
edundancy
y (VRRP) configurati
ion
Virtuual Router Redundanccy Protocol (VRRP) iss a non-proprietary reedundancy protocol designed to increasee the availability of the default gateway seervicing hosts on the same subnet. This
increeased reliability is acchieved by advertisingg a “virtual router” (an abstract representtation of master and backup
routers actingg as a group) as a deefault gateway to thee host(s) instead of onne
physsical router. Two or m
more physical routers are then configured to stand for the virtu al router, with only onne doing the actual routing at any given tiime. If the current phhysical router that is
routing the data on behalf of the virtual routerr fails, an arrangemennt is made for anotheer physical router to automatically
replace it. The physical routeter that is currently forwarding data on behhalf
of the virtual router is called the master routerr.
Master routers have a priiority of 255 and backup router(s) can havve a priority betweenn 1 and 254.
A virrtual router must use 00-00-5E-00-01-XX as
a its (MAC) addresss. The last byte of thee address (XX) is the Virtual Router Identifier (VRID), which is ddifferent for each virtuual router in the netwoork.
This address is used by oonly one physical rouuter at a time, and is the only way that othher physical routers can
c identify the masteer router within a virtuual router.
Figuure 48 - VRRP configur
uration
To configure VRRP, confiigure multiple devicees as follows and connnect them all via an Ethernet network swiitch to downstream devices.
1.
Click the Redundancy (VRRP) toggle
key to activatee VRRP.
2.
In the Virtuaal ID field, enter an IDD between 1 and 2555. This is the VRRP IDD which is different foor each virtual router on the network.
3.
In the Router priority field, enterr a value for the priority – a higher value iss a higher priority.
4.
The Virtual IP address field is ussed to specify the VRRRP IP address – thiss is the virtual IP address that both virtual routers share.
5.
Click the Saave button to save thhe new settings.
Note: Configuuring VRRP changess the MAC address off the Ethernet port annd therefore if you waant to resume with thee web configuration yyou must use the neww IP address (VRRP IP)
I or
on a commannd prompt type:
M address).
arp –d  (i.e. arp –d 192.168
8.1.1) to clear the arp cache.(old MAC
NetCComm Wireless 3G Ligght Industrial M2M Rouuter
44
www.netcommwirelless.com
Po
ort Forward
ding
The Port forwarding list iss used to configure thhe Network Address Translation (NAT) rulles currently in effectt on the router.
Figuure 49 – Port forwardin
ing list
The purpose of the port fforwarding feature is to allow mapping of inbound requests to a specific port on the WAN IP address too a device connectedd on the Ethernet inteerface.
Ad
dding a port fo
orwarding rulle
To create a new port forwwarding rule:
1.
Click the +AAdd button. The port forwarding settings screen is displayed.
2.
Use the Prootocol drop down list to select the type of protocol you want too use for the rule. Thee protocols selectionss available are TCP, UDP and All.
3.
In the Sourrce IP Address field, enter
e a “friendly” adddress that is allowed to access the router or a wildcard IP address (0.0.0.0) that alllows all IP addressess to access the routerr.
4.
The Sourcee Port Range (From) and (To) fields are used
u to specify the poort(s) on the source side
s that are to be forwarded. This allowss you to send a rangee of consecutive port
numbers byy entering the first in the range in the (Froom) field and the last in the range in the (TTo) field. To forward a single port, enter thhe port in the (From) field and repeat it in the
(To) field.
5.
In the Destiination network adresss field, enter the IP address
of the client to which the traffic should
be forwarded.
6.
The Destinaation Port Range (Frrom) and (To) fields are
a used to specify thhe port(s) on the destination side that are to be forwarded. If thhe Source port rangee specifies a single port
then the deestination port may bee configured to any port.
p If the Source poort range specifies a range
of port numberrs then the Destinatioon port range must be the same as the Soource
port range.
7.
Click the Saave button to confirm
m your settings.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
45
Figure 50 - Port forwarding settings
To delete a port forwarding rule, click the
button on the Port forwarding list for the corresponding rule that you would like to delete.
NetComm Wireless 3G Light Industrial M2M Router
46
www.netcommwireless.com
DM
MZ
The Demilitarized Zone (DMZ) allows you to configure
all incomingg traffic on all protocools to be forwarded to
t a selected device behind the router. Thhis feature can be used to avoid complex port
a there is no filteringg of what traffic is alloowed and what is denied.
forwarding rules, but it exxposes the device to untrusted networks as
The DMZ configuration ppage is used to specify the IP Address of the device to use as the DMZ host.
Figu
gure 51 - DMZ configurration
1.
Click the DMZ toggle key to turnn the DMZ function ON.
2.
Enter the IPP Address of the device to be the DMZ hoost into the DMZ IP AAddress field.
3.
Click the Saave button to save yoour settings.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
47
Router Firewall
The Router firewall page is used to enable or disable the in-built firewall on the router. When enabled, the firewall performs stateful packet inspection on inbound traffic from the wireless WAN
and blocks all unknown services, that is, all services not listed on the Services configuration page of the router.
With respect to the other Routing options on the Networking page, the firewall takes a low priority. The priority of the firewall can be described as:
DMZ > MAC/IP/Port filtering rules > MAC/IP/Port filtering default rule > Router firewall rules
In other words, the firewall is of the lowest priority when compared to other manual routing configurations. Therefore, a MAC/IP/Port filtering rule takes priority in the event that there is a conflict of
rules. When DMZ is enabled, MAC/IP/Port filtering rules and the router firewall are ignored but the router will still honour the configuration of the Remote router access control settings listed under
Administration Settings.
Figure 52 - Router Firewall toggle key
NetComm Wireless 3G Light Industrial M2M Router
48
www.netcommwireless.com
MA
AC / IP / P
Port filterin
ng
The MAC/IP/Port filter feaature allows you apply a policy to the traffic that passes througgh the router, both inbound and outboundd, so that network acccess can be controlleed. When the filter is
except thosee listed in the “Currennt MAC / IP / Port filtering rules in effect” liist. Conversely, whenn the default rule is seet to
enabbled with a default rule of “Accepted”, all connections will be allowed
“Droopped”, all connections are denied exceppt for those listed in thhe filtering rules list.
Figuree 53 - MAC / IP / Portt filtering
Note: When enabling MAC / IP / Port filtering and settting the default rule too “Dropped”, you shoould ensure that you have first added a filltering rule which alloows at least one knowwn
MAC/IP to acccess the router, otheerwise you will not bee able to access the uuser interface of the router without resettinng the router to factoory default settings.
Crreating a M
MAC / IP / Port filterring rule
To create a filtering rule:
1.
Click the M
MAC / IP / Port filterinng toggle key to switcch it to the ON positioon.
2.
Using the DDefault rule (inbound//forward) drop down list, select the defau lt action for the routeer to take when traffic reaches it. By defauult, this is configured to Accepted. If you
change thiss to Dropped, you shoould first configure a filter rule that allows at least one device access
to the router, otherwise you will effffectively be locked out
o of the router.
3.
Click the Saave button to confirm
m the default rule.
4.
In the Curreent MAC / IP / Port filttering rules in system
m section, click the +AAdd button.
Figure 54 - Curren
ent MAC / IP/ Port filte
tering rules in effect
5.
Enter the details of the rule in thhe section that is dispplayed and click the SSave button.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
49
Figure 55 - MAC / IP / Port filtering settings
OPTION
DESCRIPTION
Bound
Use the drop down list to select the direction of the traffic for which you want to apply to the rule. Inbound refers to all traffic that is entering the
router including data entering from the WAN and the LAN. Outbound refers to all traffic exiting the router including traffic leaving in the direction of
the WAN and traffic leaving in the direction of the LAN. Forward specifies traffic that enters on the LAN or WAN side and is forwarded to the
opposite end.
Protocol
Use the drop down list to select the protocol for the rule. You can have the rule apply to All protocols, TCP, UDP, UDP/TCP or ICMP.
Source MAC Address
Enter the MAC address in six groups of two hexadecimal digits separated by colons (:). e.g. 00:40:F4:CE:FA:1E
Source IP Address
Enter the IPv4 address that the traffic originates from and the subnet mask using CIDR notation.
Destination IP Address
Enter the IPv4 address that the traffic is destined for and the subnet mask using CIDR notation.
Action
Select the action to take for traffic which meets the above criteria. You can choose to Accept or Drop packets. When the default rule is set to Accept,
you cannot create a rule with an Accept action since the rule is redundant. Likewise, if the default rule is set to Dropped you cannot create a rule with
a Drop action.
Comment
[Optional] Use this field to enter a comment as a meaningful description of the rule.
Table 14 - Current MAC / IP / Port filtering rules in effect
6.
The new rule is displayed in the filtering rules list. You can edit the rule by clicking the
Edit button or delete the rule by clicking the
button.
Figure 56 - Completed filtering rule
NetComm Wireless 3G Light Industrial M2M Router
50
www.netcommwireless.com
VPN
A Virrtual Private Network (VPN) is a tunnel prooviding a private link between two networrks or devices over a public network. Dataa to be sent via a VPNN needs to be encappsulated and as suchh is
geneerally not visible to thhe public network.
The advantages of a VPNN connection includee:
Data PProtection
Accesss Control
Data OOrigin Authenticationn
Data IIntegrity
Eachh VPN connection haas different configurattion requirements. Thhe following pages deetail the configuration options available foor the different VPN cconnection types.
Note: The following descriptions are an overview of thhe various VPN optionns available. More deetailed instructions are available in separaate whitepapers on the NetComm Wirelesss
website.
IPS
Sec
IPSeec operates on Layerr 3 of the OSI model and
a as such can prottect higher layered pprotocols. IPSec is used for both site to site VPN and Remote AAccess VPN. The 3G Light Industrial M2M
routeer supports IPsec end points and can be configured with Site to Site VPN tunnels wwith third party VPN routers.
Co
onfiguring
g an IPSec VPN
From
m the menu at the topp of the screen, click Networking and under the VPN section, cclick IPSec. A list of configured IPSec VPPN connections is dissplayed.
Fig
Figure 57 - IPSec VPN List
Clickk the +Add button to begin configuring ann IPSec VPN connecttion.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
51
Figure 58 – IPSec profile edit
NetComm Wireless 3G Light Industrial M2M Router
52
www.netcommwireless.com
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
53
The following table describes each of the fields of the IPSec VPN Connection Settings page.
ITEM
DEFINITION
IPSec profile
Enables or disables the VPN profile.
Profile name
A name used to identify the VPN connection profile.
Remote IPSec server address
The IP address of the IPSec server.
Remote LAN address
Enter the IP address of the remote network for use on the VPN connection.
Remote LAN subnet mask
Enter the subnet mask in use on the remote network.
Local LAN address
Enter the IP address of the local network for use on the VPN connection.
Local LAN subnet mask
Enter the subnet mask in use on the local network.
Encapsulation type
Select the encapsulation protocol to use with the VPN connection. You can choose ESP, AH or Any.
IKE mode
Select the IKE mode to use with the VPN connection. You can choose Main, Aggressive or Any.
PFS
Choose whether Perfect Forward Secrecy is ON or OFF for the VPN connection.
IKE encryption
Select the cipher type to use for the Internet Key Exchange.
IKE hash
Select the IKE Hash type to use for the VPN connection. The hash is used for authentication of packets for the key exchange.
IPSec encryption
Select the IPSec encryption type to use with the VPN connection.
IPSec hash
Select the IPSec hash type to use for the VPN connection. The hash is used for authentication of packets for the VPN connection.
DH group
Select the desired Diffie-Hellman group to use. Higher groups are more secure but also require longer to generate a key.
DPD action
Select the desired Dead Peer Detection action. This is the action to take when a dead Internet Key Exchange Peer is detected.
DPD keep alive time
Enter the time in seconds for the interval between Dead Peer Detection keep alive messages.
DPD timeout
Enter the time in seconds of no response from a peer before Dead Peer Detection times out.
IKE re-key time
Enter the time in seconds between changes of the encryption key. To disable changing the key, set this to 0.
SA life time
Enter the time in seconds for the security association lifetime.
Select the type of key mode in use for the VPN connection. You can select from:
Key mode



Pre Shared Key
RSA keys
Certificates
Pre-shared key
The pre-shared key is the key that peers used to authenticate each other for Internet Key Exchange.
Remote ID
Specifies the domain name of the remote network.
Local ID
Specifies the domain name of the local network.
Update Time
Displays the last time the key was updated.
Local RSA Key Upload
Select the RSA key file for the local router here by clicking the Browse button.
Remote RSA Key Upload
Select the RSA key file for the remote router here by clicking the Browse button.
Private key Passphrase
The Private key passphrase of the router is the passphrase used when generating the router’s private key using OpenSSL CA.
Key / Certificate
Select the type of key or certificate to use for authentication. You can select Local private key, Local public certificate, Remote public certificate, CA certificate, CRL certificate.
IPSec Certificate Upload
Select the IPSec certificate to upload by clicking the Browse button.
Table 15 - IPSec Configuration Items
NetComm Wireless 3G Light Industrial M2M Router
54
www.netcommwireless.com
Op
penVPN
OpenVPN is an open souurce virtual private neetwork (VPN) program
m for creating point-too-point or server-to-m
multi-client encryptedd tunnels between hoost computers. It can traverse network adddress
w well through prroxy servers and cann run over TCP and UDP
transslation (NAT) and fireewalls and allows autthentication by certificcate, pre-shared keyy or username and paassword. OpenVPN works
transsports. Support for OOpenVPN is available on several operatingg systems, including Windows, Linux, Macc OS, Solaris, OpenBBSD, FreeBSD, NetBSSD and QNX.
Co
onfiguring
g an Open VPN serve
er
From
m the menu at the topp of the screen, click Networking and from
m the VPN section on the left, click OpenVVPN. A list of configurred OpenVPN VPN cconnections is displayyed.
Figu
gure 59 - OpenVPN VPN
PN List
Clickk the +Add button forr the type of OpenVPN server/client you would
w like to configuree.
Op
penVPN Se
erver
To configure an OpenVPN Server:
1.
Click the OOpenVPN profile toggle key to switch it to the
t ON position.
2.
Type a nam
me for the OpenVPN server
profile you aree creating.
3.
Use the Seerver port field to seleect a port number andd then use the drop ddown list to select a packet
type to use for your OpenVPN Serrver. The default OpeenVPN port is 1194 annd
default paccket type is UDP.
4.
In the VPN network address and VPN network subnnet mask fields, enterr the IP address and network subnet mask to assign to your VPPN. This is ideally an internal IP address which
differs from
m your existing addresss scheme.
5.
Next to Difffie-Hellman parameteers, click the Generatte DH button. This wiill create an encryptioon key to secure your OpenVPN connectiion.
6.
Under Servver Certificates, enterr the required details. All fields must be coompleted. The Counttry field must consist of two characters onnly. When the details have been entered, click
the Generaate CA certificate buttton to generate the Certificate
Authority (CCA) certificate basedd on this information.
7.
Under the SServer certificates seection, select the Authhentication type that yyou would like to usee for the OpenVPN Seerver.
Note: The DDiffie-Hellman parameeters can take up to 10
1 minutes to generaate. Please be patientt.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
55
Certificate Authentication
In the Certificate Management section, enter the required details to create a client certificate. All fields are required. When you have finished entering the details, click the Generate button.
Figure 60 - OpenVPN server configuration – Certificate management
When it is done, you can click the Download P12 button or the Download TGZ button to save the certificate file depending on which format you would like. If for some reason the integrity of your
network has been compromised, you can return to this screen and use the Certificate drop down list to select the certificate and then press the Revoke button to disable it.
Optional: To inform the OpenVPN server of the network address scheme of the currently selected certificate, enter the network address and network subnet mask in the respective fields and
click the Set network information button. If you do not enter the remote subnet here, any packet requests from the server to the client will not be received by the client network because it is not
aware of the remote client’s subnet.
NetComm Wireless 3G Light Industrial M2M Router
56
www.netcommwireless.com
Figure 61 – OpenVPN server proofile settings
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
57
Use
ername / Passsword Authen
ntication
In the Username/Passwoord section, enter the username and password you would like tto use for authentication on the OpenVPN
N Server. Click the Doownload CA certificatte button to save the
ca.crt file. This file will need to be provided to the client.
Note: If yoou wish to have moree than one client connnect to this OpenVPNN server, you must usse Certificate authenttication mode as Useername/Password only allows for a single client
connectioon.
Figure 62 - OpenVPPN Server – Usernamee / Password section
Optioonal: To inform the OOpenVPN server of the network address scheme of the currenttly selected certificatte, enter the network address and networkk subnet mask in the respective fields andd
clickk the Set Network Infoormation button. If yoou do not enter the reemote subnet here, aany packet requests from
f the server to thee client will not be recceived by the client network
because it is not
aware of the remote cliennt’s subnet.
Wheen you have finished eentering all the required information, clickk Save to finish configguring the OpenVPN server.
Co
onfiguring
g an OpenV
VPN Clien
nt
1.
Click the OOpenVPN profile toggle key to switch it to the
t ON position.
2.
In the Profille name field, type a name for the OpenVVPN client profile you are creating.
3.
In the Serveer IP address field, tyype the WAN IP address of the OpenVPNN server.
4.
Use the Seerver port field to seleect a port number andd then use the drop ddown list to select a packet
type to use for the OpenVPN serveer. The default OpenVPN port is 1194 andd
default paccket type is UDP.
5.
If the Defauult gateway option is applied on the OpennVPN client page, thee OpenVPN server wiill enable connections to be made to otheer client networks connnected to it. If it is noot
selected, thhe OpenVPN connecction allows for securee communication linkks between this routeer and the remote OpenVPN server only.
6.
Use the Authentication type options to select the Autthentication type thatt you would like to usse for the OpenVPN client.
NetCComm Wireless 3G Ligght Industrial M2M Rouuter
58
www.netcommwirelless.com
Ce
ertificate Auth
hentication
In the Certificate upload section at the bottom
m of the screen, click the Browse button a nd locate the certificate file you downloadded when you configgured the OpenVPN server.
When it has been
seleccted, click the Upload button to send it too the router.
Figure 63 - OOpenVPN client - Certtificate upload
Use
ername / Passsword Authen
ntication
Enteer the username and password to authenticate with the OpenVVPN server.
Figure 64 - OpenVVPN Client - Usernamee/Password section
Use the Browse button too locate the CA certifficate file you saved from
f the OpenVPN Seerver and then presss the Upload button too send it to the routerr.
Clickk the Save button to complete the OpenVVPN Client configuration.
Co
onfiguring
g an OpenV
VPN P2P Connection
To configure an OpenVPN peer-to-peer connection:
1.
Set the OpeenVPN profile toggle key to switch it to the ON position.
2.
In the Profille name field, type a name for the OpenVVPN P2P profile you aare creating.
3.
On the routter designated as thee master, leave the Server IP address fieldd empty. On the routter designated as the slave, enter the WAAN IP address of the master.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
59
Figure 65 - OpenVPN P2P mode settings
4.
Use the Server port field to select a port number and then use the drop down list to select a packet type to use for the OpenVPN server. The default OpenVPN port is 1194 and
default packet type is UDP.
5.
In the Local IP Address and Remote IP Address fields, enter the respective local and remote IP addresses to use for the OpenVPN tunnel. The slave should have the reverse
settings of the master.
6.
Under the Remote network section, enter the network Address and network Subnet mask. The Network Address and Network Mask fields inform the Master node of the LAN
address scheme of the slave.
7.
Press the Generate button to create a secret key to be shared with the slave. When the timestamp appears, you can click the Download button to save the file to exchange with the
other router.
8.
When you have saved the secret key file on each router, use the Browse button to locate the secret key file for the master and then press the Upload button to send it to the slave.
Perform the same for the other router, uploading the slave’s secret key file to master.
9.
When they are uploaded click the Save button to complete the peer-to-peer OpenVPN configuration.
NetComm Wireless 3G Light Industrial M2M Router
60
www.netcommwireless.com
PP
PTP-Clientt
The Point-to-Point Tunnelling Protocol (PPTP) is a method for impleementing virtual privaate networks using a TCP and GRE tunneel to encapsulate PPPP packets. PPTP operates on Layer 2 of thhe
OSI model and is includeed on Windows compputers.
Co
onfiguring
g the PPTP Client
To configure the PPTP client:
1.
From the m
menu bar at the top off the screen, click Neetworking and then froom the VPN section on the left side of thee screen, click PPTP client. The PPTP clieent list is displayed.
Fig
Figure 66 - PPTP clientt list
2.
Click the +AAdd button to begin configuring
a new PPPTP client profile. Thee PPTP client edit scrreen is displayed.
Figur
ure 67 - VPN PPTP clien
ent edit
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
61
3.
Click the Enable PPTP client toggle key to switch it to the ON position.
4.
In the Profile name list, enter a profile name for the tunnel. This may be anything you like and is used to identify the tunnel on the router.
5.
Use the Username and Password fields to enter the username and password for the PPTP account.
6.
In the PPTP server address field, enter the IP address of the PPTP server.
7.
From the Authentication type drop down list, select the Authentication type used on the server. If you do not know the authentication method used, select any and the router will
attempt to determine the correct authentication type for you. There are 5 authentication types you can choose from:
CHAP – uses a three way handshake to authenticate the identity of a client.
MS-CHAP v1 – This is the Microsoft implementation of the Challenge Handshake Authentication Protocol for which support was dropped in Windows® Vista.
MS-CHAP v2 - This is the Microsoft implementation of the Challenge Handshake Authentication Protocol which was introduced in Windows® NT 4.0 and is still supported
today.
PAP – The Password Authentication Protocol uses a password as a means of authentication and as such, is commonly supported. PAP is not recommended because it
transmits passwords unencrypted and is not secure.
EAP – Extensible Authentication Protocol. An Authentication protocol commonly used in wireless networks.
8.
The metric value helps the router to prioritise routes and must be a number between 0 and 65535. The default value is 30 and should not be modified unless you are aware of the
effect your changes will have.
9.
The Use peer DNS option allows you to select whether the remote clients will use the Domain Name Server of the PPTP server. Click the toggle key to set this to ON or OFF as
required.
10.
NAT masquerading allows the router to modify the packets sent and received to inform remote computers on the internet that packets originating from a machine behind the router
actually originated from the WAN IP address of the router’s internal NAT IP address. Click the toggle key to switch this to the ON position if you want to use this feature.
11.
Set default route to PPTP sets all outbound data packets to go out through the PPTP tunnel. Click the toggle key to switch this to the ON position if you want to use this feature.
12.
The Verbose logging option sets the router to output detailed logs regarding the PPTP connection in the System Log section of the router interface.
13.
The Reconnect delay is the time in seconds that the router will wait before attempting to connect to the PPTP server in the event that the connection is broken. The minimum time to
wait is 30 seconds so as to not flood the PPTP server with connection requests, while the maximum time to wait is 65335 seconds.
14.
The Reconnect retries is the number of connection attempts that the router will make in the event that the PPTP connection goes down. If set to 0, the router will retry the connection
indefinitely, otherwise the maximum number of times to retry cannot be greater than 65335.
15.
Click the Save button to save the changes. The VPN will attempt to connect after your click Save. Click the Status button at the top left of the interface to return to the status window
and monitor the VPN’s connection state.
NetComm Wireless 3G Light Industrial M2M Router
62
www.netcommwireless.com
GR
RE tunnellling
The Generic Route Encapsulation (GRE) protoocol is used in addition to Point-to-Point TTunnelling Protocol (PPPTP) to create VPNss (virtual private netwworks) between clientts and servers or betwween
cliennts only. Once a PPTPP control session establishes the VPN tunnnel GRE is used to ssecurely encapsulatee the data or payload.
Co
onfiguring
g GRE tunn
nelling
To configure GRE tunnelling:
1.
From the m
menu bar at the top off the screen, click Neetworking and then froom the VPN section on the left side of thee screen, click GRE. The GRE client list iss displayed.
Fi
Figure 68 - GRE client list
2.
Click the +AAdd button to begin configuring
a new GRRE tunnelling client pprofile. The GRE Cliennt Edit screen is displayed.
Fig
igure 69 – GRE client edit
3.
Click the Ennable GRE Tunnel tooggle key to switch it to the ON position.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
63
4.
In the Profile name, enter a profile name for the tunnel. This may be anything you like and is used to identify the tunnel on the router.
5.
In the GRE server address field, enter the IP address of the GRE server.
6.
In the Local tunnel address field, enter the IP address you want to assign the tunnel locally.
7.
In the Remote tunnel address field, enter the IP address you want to assign to the remote tunnel.
8.
In the Remote network address field, enter the IP address scheme of the remote network.
9.
In the Remote network subnetmask field, enter the subnet mask of the remote network.
10.
The TTL (Time To Live) field is an 8-bit field used to remove an undeliverable data packet from a network to avoid unnecessary network traffic across the internet. The default value
of 255 is the upper limit on the time that an IP datagram can exist. The value is reduced by at least one for each hop the data packet takes to the next router on the route to the
datagram’s destination. If the TTL field reaches zero before the datagram arrives at its destination the data packet is discarded and an error message is sent back to the sender.
11.
The Verbose logging option sets the router to output detailed logs regarding the GRE tunnel in the System Log section of the router interface.
12.
The Reconnect delay is the time in seconds that the router will wait before attempting to connect to the GRE server in the event that the connection is broken. The minimum time to
wait is 30 seconds so as to not flood the GRE server with connection requests, while the maximum time to wait is 65335 seconds.
13.
The Reconnect retries is the number of connection attempts that the router will make in the event that the GRE connection goes down. If set to 0, the router will retry the connection
indefinitely, otherwise the maximum number of times to retry cannot be greater than 65335.
14.
Click the Save button to save the changes. The VPN will attempt to connect after your click Save. Click the Status button at the top left of the interface to return to the status window
and monitor the VPN’s connection state.
NetComm Wireless 3G Light Industrial M2M Router
64
www.netcommwireless.com
Serv
S vice
es
Dynamic
c DNS
The DDNS page is used to configure the Dynamic DNS feature of the router. A numbe r of Dynamic DNS hoosts are available from
m which to select.
Figuree 70 – Dynamic DNS settings
Dynaamic DNS provides a method for the routeer to update an exterrnal name server withh the current WAN IP address.
To configure dynamic DNNS:
1.
Click the DDNS configuration tooggle key to switch it to the ON position.
2.
From the Dynamic DNS drop doown list, select the Dyynamic DNS service that you wish to use. The available DDNSS services available aare:

www.ddhs.org

www.ddyndns.org

www.ddyns.cx

www.eeasydns.com

www.jjustlinux.com

www.oods.org

www.ttzo.com

www.zzoneedit.com
3.
In the Userrname and Password fields, enter the logoon credentials for youur DDNS account. Ennter the password for the account again inn the Verify passwordd field.
4.
Click the Saave button to save thhe DDNS configuratioon settings.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
65
Network time (NTP)
The NTP (Network Time Protocol) settings page allows you to configure the 3G Light Industrial M2M router to synchronize its internal clock with a global Internet Time server and specify the time
zone for the location of the router. This provides an accurate timekeeping function for features such as System Log entries and Firewall settings where the current system time is displayed and
recorded.
Any NTP server available publicly on the internet may be used. The default NTP server is 0.netcomm.pool.ntp.org.
Figure 71 - NTP settings
Configuring Timezone settings
To configure time zone settings:
1.
The Current time field shows the time and date configured on the router. If this is not accurate, use the Time zone drop down list to select the correct time zone for the router. If the
selected zone observes daylight savings time, a Daylight savings time schedule link appears below the drop down list. Click the link to see the start and end times for daylight
savings.
2.
When you have selected the correct time zone, click the Save button to save the settings.
Configuring NTP settings
To configure NTP settings:
1.
Click the Network time (NTP) toggle key to switch it to the ON position.
2.
In the NTP service field, enter the address of the NTP server you wish to use.
3.
The Synchronization on WWAN connection toggle key enables or disables the router from performing a synchronization of the time each time a mobile broadband connection is
established.
4.
The Daily synchronisation toggle key enables or disables the router from performing a synchronization of the time each day.
5.
When you have finished configuring NTP settings, click the Save button to save the settings.
NetComm Wireless 3G Light Industrial M2M Router
66
www.netcommwireless.com
Data
stre
eam manager
The data stream manageer provides you with the
t ability to create mappings
between innput ports and outputt ports (e.g. Serial Port, SMS, GPS, USB) aand performs any reqquired translation or data
c contact NetCom m Wireless about our Software Developm
ment
proccessing by each virtual data tunnel. Custoomers interested in deeveloping their own aapplications to createe custom mappings can
Kit.
The data stream manageer provides a wide range of possibilities and expands upon simmple PAD functionality to include the forw
warding and translatioon of data between any
a of the inputs and
outpputs of the router. Cerrtain accessories connnected via the USB port such as USB to Serial cables are alsso supported. For exaample, you could sennd the GPS data receeived by the module (in
NMEEA format) through thhe built-in serial port or
o out of the USB porrt using a USB to Serrial cable.
The following is an example of how to configuure the router to sendd GPS data through thhe serial port:
1.
Click the +AAdd button on the rigght side of the page.
Fig
igure 72 - Data stream
m list
2.
Click the Acctivate toggle key so that it is in the ON position.
Fig
igure 73 - Activate buttton
3.
In the Data stream name field, enter
e a name to identtify the mapping on tthe Data stream list.
4.
Under the EEndpoint A section, use
u the Type drop doown list to select GPSS.
5.
Under the EEndpoint B section, use
u the Type drop doown list to select Seriaal. Under the Serial port
p settings section, use the drop down llists to select the apppropriate parameters for
the serial pport output. The screeenshot below shows an
a example of typicaal settings for this sceenario.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
67
Figure 74 - Data stream manager - GPS to Serial port example
6.
Click the Save button to confirm your settings. The new data stream appears in the Data stream list.
Table 16 - Data stream list entry
NetComm Wireless 3G Light Industrial M2M Router
68
www.netcommwireless.com
Watchdo
ogs
To access the Watchdoggs page, click the Services menu item, theen select the Watchddogs menu item on the left.
Figuure 75 - Watchdogs Seettings
Watcchdogs are features wwhich monitor the router for anomalies annd restart the router iff an anomaly occurs preventing its normaal operation. When coonfigured, the watchddogs feature transmitts
conttrolled ping packets tto 1 or 2 user specifieed IP addresses to confirm an active connnection. If the watchddog does not receivee responses to the pinngs after a specified number of failures, it will
rebooot the device in a lasst resort attempt to reestore connectivity.
We recommend
using caaution when implemeenting this feature in situations
where the ddevice is intentionallyy offline for a particulaar reason, for exampple, when Dial-on-dem
mand has been enabbled.
This is because the watcchdog expects to be able
a to access the innternet at all times, annd will always eventually reboot the routerr if access isn't restorred by the time the various timers expire and
the fail
f count is reached.
d to the nature of tthe watchdog being a last resort standaloone backup mechanissm that it will continuue to do its job and reeboot the device evenn when the Dial-on-ddemand session is idlle, or
It is due
the mobile
broadband coonnection is disabledd by the user. Therefoore, we recommendeed that you disable thhis feature if Dial-on-ddemand is configuredd or if the mobile broadband connection will
be inntentionally disconneected on occasion.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
69
The watchdog works as ffollows:
a)
The router ssends 3 consecutive pings to the first desstination address at tthe interval specified in the Periodic Ping timer field.
b)
If all 3 pings to the first destination address fail, the router
sends 3 conseecutive pings to the second
destination adddress at the Periodicc Ping timer interval.
c)
If all 3 pings to the second desttination address fail, the
t router sends 3 pi ngs to the first destinnation address using the Periodic Ping acccelerated timer interrval.
d)
If all 3 acceelerated pings to the first destination addrress fail, the router seends 3 pings to the second
destination adddress at the Periodicc Ping accelerated timer interval.
e)
If all 3 acceelerated pings to the second destination address
fail, the routeer registers this as a fail and returns to steep C.
f)
When the nnumber of failures reaaches the number coonfigured in the Fail ccount field, the routerr reboots. If any ping succeeds, the routerr returns to step A annd does not reboot.
Note: The Peeriodic Ping timer shoould not be set to a value
v of less than 2100 seconds to allow the router time to reconnect to the cellular nnetwork following a reboot.
the periodic pping reset monitor, seet Fail count to 0.
To disable
Figuree 76 – Ping watchdog settings
NetCComm Wireless 3G Ligght Industrial M2M Rouuter
70
www.netcommwirelless.com
Co
onfiguring
g Periodic Ping settin
ngs
The Periodic Ping settinggs configure the routeer to transmit controlled ping packets to 2 specified IP addresses. If the router does not receive responnses to the pings, thee router will reboot.
To configure the ping waatchdog:
1.
In the First destination address field, enter a websitee address or IP addreess to which the router should send the first round of ping req uests.
2.
In the Secoond destination addreess field, enter a webbsite address or IP adddress to which the router should send the second round of piing requests.
3.
In the Perioodic Ping timer field, enter an integer betwween 300 and 65535 for the number of seeconds the router shoould wait between pinng attempts. Setting this to 0 disables thee ping
watchdog ffunction.
4.
In the Perioodic Ping acceleratedd timer field, enter an integer between 60 and 65535 for the nuumber of seconds thee router should wait bbetween acceleratedd ping attempts, i.e. pings
to the second destination addreess. Setting this to 0 disables
the ping wattchdog function
5.
In the Fail ccount field, enter an integer
between 1 annd 65535 for the nummber of times an acceelerated ping should fail before the router reboots. Setting this to 0 disables the pinng
watchdog ffunction.
Diisabling th
he Periodic
c Ping rese
et function
To disable
the Periodic PPing reset function, seet Fail count to 0.
Note: The trafffic generated by the periodic ping featuree is usually counted aas chargeable data usage.
Please keep this in mind when seleecting how often to ping.
Co
onfiguring
g a Periodiic reboot
The router can be configured to automaticallyy reboot after a periodd of time specified inn minutes. While this is not necessary, it does ensure that in thee case of remote installations, the router will
rebooot if some anomaly ooccurs.
1.
In the Forcee reboot every field, enter the time in minutes between forced reboots. The defaultt value is 0 which disables the Periodic reeboot function. The minimum
period betweeen
reboots is 5 minutes while the maximum
value is 655535 minutes.
2.
If you have configured a forced reboot time, you cann use the Randomisee reboot time drop doown list to select a random reboot timer. RRandomising the rebooot time is useful for
preventing a large number of deevices from rebootingg simultaneously andd flooding the networrk with connection attempts. The router wiill wait for the configuured Force reboot every
time and thhen randomly reboot within
w the configuredd Randomise reboot ttime.
3.
Click the Saave button to save thhe settings.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
71
SNMP
SNMP configuration
The SNMP page is used to configure the SNMP features of the router.
Figure 77 - SNMP configuration
SNMP (Simple Network Management Protocol) is used to remotely monitor the router for conditions that may warrant administrative attention. It can be used to retrieve information from the router
such as the signal strength, the system time and the interface status.
To configure SNMP:
1.
Click the SNMP toggle key to switch it to the ON position.
2.
Enter Read-only community name and Read-write community name which are used for client authentication.
Community names are used as a type of security to prevent access to reading and/or writing to the routers configuration. It is recommended that you change the Community names
to something other than the default settings when using this feature.
3.
Click the Save button to save any changes to the settings.
The Download button displays the Management information base (MIB) of the router. The MIB displays all the objects of the router that can have their values set or report their status. The MIB is
formatted in the SNMP-related standard RFC1155.
NetComm Wireless 3G Light Industrial M2M Router
72
www.netcommwireless.com
SN
NMP traps
SNM
MP traps are messagees from the router to the Network Manageement System sent ass UDP packets. Theyy are often used to nootify the managementt system of any significant events such ass
whetther the link is up or ddown.
Co
onfiguring
g SNMP tra
aps
To configure SNMP trapss:
1.
In the Trap destination field, entter the IP address to which SNMP data is to be sent.
2.
In the Hearrtbeat interval field, enter the number of seeconds between SNMMP heartbeats.
3.
Use the Traap persistence field too specify the time in seconds that an SNMMP trap persists.
4.
Use the Traap retransmission tim
me to specify the lenggth of time in secondss between SNMP trapp retransmissions.
FFigure 78 - SNMP trapps
To send a manual SNMPP Heartbeat, click the Send heartbeat button. When you have ffinished configuring the
t SNMP traps, clickk the Save button to ssave the settings.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
73
TR
R-069
To access the TR-069 coonfiguration page, clicck the Services menu item, then select thhe TR-069 menu item on the left.
Figure
re 79 - TR-069 configu
guration
The TR-069 (Technical RReport 069) protocol is a technical specificcation also known as CPE WAN Managem
ment Protocol (CWMPP). It is a framework fofor remote management and autoconffiguration of end-userr devices such as customer-premises equuipment (CPE) and AAuto Configuration Seervers (ACS). It is parrticularly efficient in aapplying configuration updates across
netwworks to multiple CPEEs.
TR-0069 uses a bi-directioonal SOAP/HTTP-bassed protocol based on the application layeer protocol and provides several benefits for the maintenancee of a field of CPEs:
Simplifies the initial configuration of a device during installation
Enables easy restoration of
o service after a factoory reset or replacemment of a faulty device
Firmwware and software verrsion management
Diagnnostics and monitoring
Note: You muust have your own coompatible ACS infrastructure to use TR-0669.In order to accesss and configure the TR-069 settings you mmust be logged into thhe router as the root user.
TR
R-069 confi
figuration
To configure TR-069:
1.
Click the Ennable TR-069 toggle key to switch it to the ON position.
2.
In the ACS URL field, enter the Auto Configuration Server’s
full domain nname or IP address.
3.
Use the ACCS username field to specify the username for the Auto Configguration Server.
4.
In the ACS password and Verifyy ACS password fieldds, enter the Auto Coonfiguration Server paassword.
5.
In the Connnection Request Username field, enter thee username to use foor the connection requests.
6.
In the Connnection Request Password and Verify passsword fields, enter thhe connection request password.
7.
The inform message acts as a beacon
to inform the ACS of the existencee of the router. Click the
t Enable periodic ACS
A informs toggle kkey to turn on the perriodic ACS inform
messages.
8.
In the Inform
m Period field, enter the number of seconnds between the inforrm messages.
9.
Click the Saave button to save thhe settings.
NetCComm Wireless 3G Ligght Industrial M2M Rouuter
74
www.netcommwirelless.com
GPS
The built-in GPS module allows you to use loccation-based services, monitor field deplooyed hardware or findd your current locatioon. The GPS Status wwindow provides up to date information abbout
location and tthe current GPS signal conditions (positioon dilution of precisioon (PDOP), horizontal dilution of precision (HDOP) and verticall dilution of precision (VDOP)) of the routeer.
the current
To use the GPS function, set the GPS operation toggle key to ON and click the Save bbutton.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
75
The Google map button provides a quick short cut to show your router’s current position on a map and because GPS positioning relies on accurate clock settings to obtain the correct
information about your location, the Clock Sync button allows you to quickly set the router clock to the correct time. This ensures you will always have the correct GPS position information
available.
Mobile Station Based Assisted GPS configuration
If you are not using a dedicated GPS antenna, you may use the nearby mobile base stations to triangulate your position. To do this, set the A-GPS toggle key to the ON position and use the drop
down lists to configure the automatic retry options.
Figure 80 - Mobile Stations Based Assisted GPS configuration options
ITEM
A-GPS Enable
DESCRIPTION
Enables or disables the mobile station based assisted GPS function.
Maximum Retry Count
Sets the maximum number of times the router should attempt to triangulate its position.
Retry delay (minute)
Sets the number of minutes the router should wait between attempts to triangulate its position.
Automatic Update Period (day)
Sets the number of days that the router should automatically update the A-GPS data. The maximum update period is 7 days.
Table 17 - Mobile Station Based Assisted GPS configuration options
Odometer
NetComm Wireless 3G Light Industrial M2M Router
76
www.netcommwireless.com
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
77
SMS messaging
The 3G Light Industrial M2M router offers an advanced SMS feature set, including sending messages, receiving messages, redirecting incoming messages to another destination, as well as
supporting remote commands and diagnostics messages.
Some of the functions supported include:
Ability to send a text message via a CDMA network and store it in permanent storage.
Ability to receive a text message via a CDMA network and store it in permanent storage.
Ability to forward incoming text messages via a CDMA network to another remote destination which may be a TCP/UDP server or other mobile devices.
Ability to receive run-time variables from the device (e.g. uptime) on request via SMS
Ability to change live configuration on the device (e.g. network username) via SMS.
Ability to execute supported commands (e.g. reboot) via SMS
Ability to trigger the 3G Light Industrial M2M router to download and install a firmware upgrade
Ability to trigger the 3G Light Industrial M2M router to download and apply a configuration file
To access the SMS messaging functions of the 3G Light Industrial M2M router, click on the Services menu item from the top menu bar, and then select one of the options under the SMS
messaging section on the left hand menu.
Setup
The Setup page provides the options to enable or disable the SMS messaging functionality and SMS forwarding functionalities of the router. SMS messaging is enabled by default.
Figure 81 - General SMS Configuration
NetComm Wireless 3G Light Industrial M2M Router
78
www.netcommwireless.com
OPTION
DEFINITION
Geneeral SMS configuration
SMSS messaging
Toggles the SMS functionalityy of the router on and off.
Messsages per page (10-50)
The number of SMS messagees to display per page. Muust be a value between 10 and 50.
Encooding scheme
The encoding method used ffor outbound SMS messages. GSM 7-bit mode permits up to 160 characters peer message but drops to 500
characters if the message inccludes special characters. UCS-2 mode allows the seending of Unicode charactters and permits a message to
bee up to 50 characters in lenngth.
SMSS forwarding configuration
Forwwarding
Toggles the SMS forwarding function of the router on and off.
Redirect to mobile
Enter a mobile number as thee destination for forwardedd SMS messages.
TCP address
Enter an IP address or domaain name as the destinationn for forwarded SMS messaages using TCP.
TCP port
The TCP port on which to connnect to the remote destinaation.
UDPP address
Enter an IP address or domaain name as the destinationn for forwarded SMS messaages using UDP.
UDPP port
The UDP port on which to coonnect to the remote destination.
Tabl
ble 18 - SMS Setup Set
ettings
SM
MS forward
ding config
guration
Incoming text messages can be redirected too another mobile device and/or a TCP/UDDP message server.
Re
edirect to m
mobile
You can forward incominng text messages to a different destinationn number. This destinnation number can be another mobile phoone or a 3G router phhone number.
For Example:
If someone sends a text m
message and Redireect to mobile is set to “+61412345678”, thhe text message is stoored on the router annd forwarded to “+61 412345678” at the saame time.
To disable
redirection to a mobile, clear the Redirect
to mobile field and click the Savee button.
Re
edirect to T
TCP / UDP
P address
You can also forward inccoming text messages to a TCP/UDP baseed destination. The TTCP or UDP server caan be any kind of pubblic or private server if the server acceptss incoming text-basedd
messages.
The TCP/UDP address caan be an IP address or domain name. The port number rangee is from 1 to 65535. Please
refer to your TCP/UDP
based SMSS server configurationn for which port to use.
For Example:
If someone sends a text m
message and TCP address
is set to “192.168.20.3” and TCP port is set to “2002”,, this text message is stored in the router aand forwarded to “1992.168.20.3” on port
“20002” at the same time.
To disable
redirection to a TCP or UDP addreess, clear the TCP adddress and UDP addrress fields and click the Save button.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
79
New message
The New message page can be used to send SMS text messages to a single or multiple recipients.
A new SMS message can be sent to a maximum of 100 recipients at the same time. After sending the message, the result is displayed next to the destination number as “Success” or “Failure” if
the message failed to send. By default, only one destination number field is displayed. Additional destination numbers may be added one at a time after entering a valid number for the current
destination number field. To add a destination number, click the
button and to remove the last destination in the list, click the
button.
Figure 82 - SMS - New Message
Destination numbers should begin with the “+” symbol followed by the country calling code. To send a message to a destination number, enter the “+” symbol followed by the country calling
code and then the destination number.
For example:
To send a message to the mobile destination number 0412345678 in Australia (country calling code 61), enter “+61412345678”.
After entering the required recipient numbers, type your SMS message in the New message field. As you type your message, a counter shows how many characters you have entered out of the
total number available for your chosen encoding scheme. When you have finished typing your message and you are ready to send it, click the Send button.
NetComm Wireless 3G Light Industrial M2M Router
80
www.netcommwireless.com
Inb
box / Outb
box
The Inbox displays all recceived messages thaat are stored on the router while the Outboox displays all sent messages.
Figure 83 - SMS Inboox
FFigure 84 - SMS Outbbox
ICON
DESCRIPTION
Forwward button. Click this buttton to open a new messag e window where you can forward the corresponding message to another recipiient.
Repply button. Click this buttonn to open a new message wwindow where you can reply to the sender.
Addd to White list. Click this button to add the sender’s mmobile number to the white list on the router.
Delete button. Click this button to delete the correspondding message.
Reffresh button. Click this buttoon to refresh the inbox or ooutbox to see new messages.
Tabl
ble 19 - Inbox/Outboxx icons
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
81
Diagnos
stics
The Diagnostics page is used to configure thee SMS diagnostics and command executtion configuration. Thhis allows you to channge the configurationn, perform functions remotely
and check on
o the
MS commands.
statuus of the router via SM
To access the Diagnosticcs page, click on the Services menu item then select the SMSS menu on the left andd finally select Diagnostics beneath it.
Figure
85 - SMS diagnnostics and commandd execution configurati
tion
SM
MS diagnostics and command
execution
n configura
ation
The options on this pagee are described beloww.
Enable remote d
diagnostics an
nd command execution
Enabbles or disables the rremote diagnostics feeature. If this setting is enabled all incomiing text messages arre parsed and tested for remote diagnostiics commands.
If rem
mote diagnostics com
mmands are found, the router executes thhose commands. Thiss feature is enabled by default. All remotee diagnostic commannds that are receivedd are stored in the Inbbox.
Note: It is possible to adjust setttings and prevent youur router from functiooning correctly using remote diagnostics. If this occurs, you wiill need to perform a factory reset in orderr to
mal operation.
restore norm
a a password whenn utilising this featuree to prevent unauthorised access. See thee White list descriptioon for more informatioon.
We highly reecommended that yoou use the white list and
NetCComm Wireless 3G Ligght Industrial M2M Rouuter
82
www.netcommwirelless.com
On
nly accept auth
henticated SM
MS messages
Enabbles or disables checcking the sender’s phhone number againstt the allowed sender white list for incoming diagnostics and coommand execution SSMS messages.
ming message against the
If authentication is enableed, the router will cheeck if the sender’s nuumber exists in the wwhite list. If it exists, thhe router then checkss the password (if connfigured) in the incom
passsword in the white listt for the correspondinng sending number. If they match, the diaagnostic or commandd is executed.
If thee number does not exxist in the white list or the password does not match, the routeer does not execute the incoming diagnosstic or command in thhe SMS message.
This is enabled by default and it is strongly addvised that you leavee this feature enabledd to maintain securityy.
Sen
nd Set comma
and acknowle
edgement rep
plies
The 3G Light Industrial M
M2M router will autom
matically reply to certaain types of comman ds received, such ass get commands, or execute
commands. However replies from
m the 3G Light Industtrial
M router are optional wwith set commands and
a the Wakeup com
mmand. This option E nables or disables seending an acknowleddgment message afteer execution of a set command or SMS
M2M
Wakkeup command. If dissabled, the router doees not send any acknnowledgement after eexecution of a set coommand or SMS Wakeup command. All accknowledgment replies are stored in the
Outbbox after they have bbeen sent.
This can be useful to determine if a commandd was received and executed
by the routeer. This option is disaabled by default.
Sen
nd acknowled
dgement repllies to
This option allows you to specify where to sennd acknowledgment messages after the eexecution of a set, orr exec command.
f number is seleccted, the acknowledggement message will be sent to the numbber defined in the Fixeed number to send reeplies to field. If the ssender’s number is selected,
the
If a fixed
acknnowledgement messaage will be sent to the number that the SM
MS diagnostic or commmand message origginated from. The deffault setting is to use the sender’s number.
Fix
xed number to
o send repliess to
This field defines the desstination number to which
w error messagess are sent after the exxecution of a get, set, or exec command. This field is only dispplayed when Send Error
E SMS to is set to
Fixed Number.
Sen
nd command error repliess
Enabbles or disables the ssending of an error message
resulting from the execution of a get, set, or exec com
mmand. All error replies are stored in the Outbox after they haave been sent.
Sen
nd error repliies to
Wheen Send Error SMS foor Get/Set/Exec Com
mmand is set to ON, this option is used to specify where the errror SMS is sent. Use the radio buttons to select either Fixed Number
or SMS Sendder
Num
mber. When set to SM
MS Sender Number thhe router will reply to the originating numbber of the SMS diagnostic or command. When
W set to Fixed Nu mber the router will send
s the error messaages
to the number specified iin the following field.
Sen
nd a maximum
m number of
You can set the maximum
m number of acknowwledgement and errorr messages sent wheen an SMS diagnosticc or command is executed. The maximumm limit can be set perr hour, day, week or month.
The router will send a maaximum of 100 repliess by default.
The number of messagess sent is shown beloww the options. The total transmitted messaage count resets afteer a reboot or at the beginning
of the time frame specified.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
83
White List for diagnostic or execution SMS
The white list is a list of mobile numbers that you can create which are considered “friendly” to the router. If Only accept authenticated SMS messages is enabled in the diagnostics section, the
router will compare the mobile number of all incoming diagnostic and command messages against this white list to determine whether the diagnostic or command should be executed. You may
optionally configure a password for each number to give an additional level of security. When a password is specified for a number, the SMS diagnostic or command message is parsed for the
password and will only be executed if the number and password match.
Figure 86 - White list for diagnostic or execution SMS
A maximum of 20 numbers can be stored on the router in the white list. To add a number to the white list, click the “+Add” button.
Figure 87 – Adding a number to the SMS white list
The White List numbers and passwords can be cleared by pressing the
button to the right of each entry. To add a number to the white list, enter it in the Destination number field and
optionally define a password in the Password field. When you have finished adding numbers click the Save button to save the entries.
NetComm Wireless 3G Light Industrial M2M Router
84
www.netcommwireless.com
Se
ending
g an SM
MS Diag
gnostic Comm
mand
Folloow the steps below too configure the routerr to optionally acceptt SMS diagnostic commmands only from auuthenticated senders and learn how to seend SMS diagnostic commands
to the router.
1.
Navigate too the Services > SMSS messaging > Diagnnostics page
2.
Confirm thaat the Enable remote diagnostics and com
mmand execution togggle key is set to the ON position. If it is seet to OFF click the tooggle key to switch it to the ON position.
3.
If you wish to have the router onnly accept commands from authenticated senders, ensure thaat Only accept authennticated SMS messagges is set to the ON position.
In the Whitee list
for diagnosstic or execution SMSS messages section, click the +Add butto n and enter the sendder’s number in internnational format into thhe Destination numbeer field that appears. If
you wish too also configure a passsword, enter the passsword in the Passwo
word field corresponding to the destinationn number.
4.
If you wouldd prefer to accept SM
MS diagnostic commands from any sendeer, set the Only accept authenticated SMSS messages toggle kkey to the OFF positioon.
Note: An alteernative method of addding a number to thhe white list is to sendd an SMS message to the router, navigatee to Services > SMS messaging > Inbox and then click the
button next tto the message whicch corresponds to thee sender’s number.
5.
Click the Saave button.
Ty
ypes of SM
MS diagnosstic comma
ands
Therre are three types of ccommands that can be sent; execute, gett and set. The basic syntax is as follows:
execuute COMMAND
get VAARIABLE
set VAARIABLE=VALUE
If authentication is enableed, each command must
m be preceded byy the password:
MMAND
PASSWORD execute COM
PASSWORD get VARIABLLE
PASSWORD set VARIABLE=VALUE
The following are some eexamples of SMS diaggnostic commands:
passwword6657 execute reboot
get rsssi
set appn1=testAPNvalue
SM
MS acknow
wledgment replies
The router automatically replies to get commaands with a value andd execute commandss with either a successs or error response. Set commands will oonly be responded too if the Send Set
ment replies toggle keey is set to ON. If thee Send command erroor replies toggle key is set to ON, the router will send a reply if the command is coorrect but a variable or
command acknowledgem
valuee is incorrect, for exaample, due to misspeelling.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
85
SMS command format
Generic Format for reading variables:
get VARIABLE
PASSWORD get VARIABLE
Generic Format for writing to variables:
set VARIABLE=VALUE
PASSWORD set VARIABLE=VALUE
Generic Format for executing a command:
Execute COMMAND
PASSWORD execute COMMAND
Replies
Upon receipt of a successfully formatted, authenticated (if required) command, the gateway will reply to the SMS in the following format:
TYPE
SMS CONTENTS
get command
“VARIABLE=VALUE”
set command
“Successfully set VARIABLE to VALUE”
execute command
“Successfully executed command COMMAND”
NOTES
Only sent if the acknowledgment message function is enabled
Table 20 - SMS Diagnostic Command Syntax
Where “VARIABLE” is the name of the value to be read
Where “VARIABLE (x)” is the name of another value to be read
Where “VALUE” is the content to be written to the “VARIABLE”
Where “COMMAND” is a supported command to be executed by the device (e.g. reboot)
Where “PASSWORD” is the password (if configured) for the corresponding sender number specified in the White List
Multiple commands can be sent in the same message, if separated by a semicolon.
For Example:
get VARIABLE1; get VARIABLE2; get VARIABLE3
PASSWORD get VARIABLE1; get VARIABLE2
set VARIABLE=VALUE1 ; set VARIABLE2=VALUE2
PASSWORD set VARIABLE1=VALUE1; set VARIABLE2=VALUE2; set VARIABLE3=VALUE3
If required, values can also be bound by an apostrophe, double apostrophe or back tick.
For Example:
“set VARIABLE=’VALUE’”
“set VARIABLE=”VALUE””
“set VARIABLE=`VALUE`”
“get VARIABLE”
NetComm Wireless 3G Light Industrial M2M Router
86
www.netcommwireless.com
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
87
A paassword (if required),, only needs to be sppecified once per SMS, but can be prefixeed to each commandd if desired.
“PASSSWORD get Variable1”; “get VARIABLE22”
“PASSSWORD set VARIABBLE1=VALUE1”; “sett VARIABLE2=VALUEE2”
executes the remaininng command line afteer the
If thee command sent includes the “reboot” coommand and has alreeady passed the whitte list password checck, the device keeps this password and ex
rebooot with this same passsword.
For Example:
“PASSSWORD execute rebboot; getVariable1”; “get VARABLE2”
“PASSSWORD execute rebboot; PASSWORD geet Variable1”; “get VAARABLE2”
Note: Commands, variables and values are case senssitive.
Lisst of valid command
ds
A list of valid commands which can be used in
i conjunction with thhe execute commandd are listed below:
“pdppcycle”, “pdpdown” and “pdpup” commaands can have a profile number suffix ‘x’ aadded. Without the suffix
s specified, the command operates aggainst the default proofile configured on thhe
profiile list page of the Weeb-UI.
COMMANDD NAME
DESCRRIPTION
reboot
Immediately performs a soft reboot.
pddpcycle
Disconnects (if connecteted) and reconnects the daata connection. If a profile number
is selected in the ccommand, try to disconnecct/reconnect the
specified profile in casee the profile is active. If no profile
number is selected, try to disconnect/reconnecct the current active profilee. Reports an error if no
profile number is selecteed and there is no currently activated profile.
pddpdown
Disconnects the PDP. Iff a profile number is selecteed in the command, the rouuter tries to disconnect thee specified profile in case the profile is active. If no
profile number is selecteed, try to disconnect the cuurrent active profile. Reports an error if no profile nummber is selected and there is no currently activated
profile.
pddpup
Reconnects the PDP. If a profile number is selecteed in the command, the rouuter tries to connect with the
he specified profile. If no prrofile number is
selected, the router triess to connect to the last active profile. The gateway will check the currently activaated profile and disconnecct this profile before
executing the commandd. The router reports an errror if no profile number is seelected and there is no stoored last active profile number.
facctorydefaults
Performs a factory resett on the router.
Performs a download annd install of a Firmware Upgrade (.cdi), Config File (.tar.gz) or a help documentt (.pdf) file.
If the file is a firmware immage as in the case of a .ccdi file, the router will apply the recovery image first annd then the main firmware image. The download
location is specified immmediately after the commannd and may be from an HTTTP or FTP source URL.
If the file is a .tar.gz file, the router will apply the file as a configuration file update for the device and rebboot afterwards.
doownload
If the file is a .pdf, the roouter will assume this is a user
u guide document and save
s it to the router and maake the file available for vieewing via the help menu
on the Web-UI.
Note: If your download UURL includes any space characters, please encode these
prior to transmission according to RFC1738, foor example:
ftp://username:passwordd@serveraddress/directoryy%20with%20spaces/filenaame.cdi
Note: Authenticated FTPP addresses may be used following the format as deffined in RFC1738, for exammple:
ftp://username:passwordd@serveraddress/directoryy/filename.cdi
Table 21 - List
st of Valid SMS diagnoostic commands
NetCComm Wireless 3G Ligght Industrial M2M Rouuter
88
www.netcommwirelless.com
The following table lists vvalid variables where “x” is a profile numbber (1-6). If no profile is specified, variablees are read from or written
to for the curreent active profile. If a profile is specified,
variaables are read from oor written to for the sppecified profile number (‘x’).
RDB VARIABLE NAAME
SMS VARIABLE NAME
READ/W
WRIT
DESCRRIPTION
EXAM
MPLE VALUE
link.profile.1.enable
Reaad:
link.profile.1.appn
(proofile no,atd#xxx,user,pass,,auth,iplocal,status)
link.profile.1.useer
1,atatd#777,username,passworrd, chap,202.44.185.111,up
profile
link.profile.1.paass
RW
Profile
link.profile.1.autth_type
Writite:
link.profile.1.iploocal
(atdd#xxx, user, pass,auth)
link.profile.1.staatus
atd#
d#777,username,password
link.profile.1.useer
username
RW
3G username
Gueest, could also return “null””
password
RW
3G password
Gueest, could also return “null””
link.profile.1.paass
link.profile.1.autth_type
authtype
RW
3G Authentication type
”paap” or”chap”
link.profile.1.iploocal
wanip
WAN IP addresss
2022.44.185.111
wwan.0.radio.innformation.signal_strength
rssi
3G signal strength
-655 dBm
meid
MEID number
0x000A1000021D003BB
usage
3G data usage of current
session
“Rxx 500 bytes, Tx 1024 bytes, Total 1524 bytes” or “Rx 0 byte, Tx 0
bytete, Total 0 byte” when wwan down
wanuptime
Up time of current 3G session
1 ddays 02:30:12 or 0 days 00:00:00 when wwan down
wwan.0.meid
statistics.usagee_current
statistics.usagee_current
10
/proc/uptime
deviceuptime
Device up time
1 ddays 02:30:12
11
wwan.0.system_network_status.current_bband
band
Current Frequency channel &
band
CHH:425 PCS-B Band
Table 22 - List of SMS diagnostitics variables
SM
MS diagnostics exam
mples
The examples below dem
monstrate various com
mbinations of supporrted commands. Thiss is not an exhaustivee list and serves as an example of possibiilities only.
DDESCRIPTION
AUTTHENTICATION
INPUT EXAMPLE
Not requireed
set username=’NetComm’
Required
PASSWORD set usernname= ”NetComm”
Not requireed
set password= `NetCoomm`
Required
PASSWORD set passwword= `NetComm`
Not requireed
set authtype= ‘pap’
Required
PASSWORD set authttype = pap
Not requireed
execute reboot
Required
PASSWORD execute reboot
Not requireed
get wanip
Required
PASSWORD get wanipp
Not requireed
get rssi
Required
PASSWORD get rssi
Send SMS to channge the data connection ussername
Send SMS to channge the data connection paassword
Send SMS to channge the data connection
authentication
Send SMS to rebooot
Send SMS to checck the WAN IP address
Send SMS to checck the mobile signal strenggth
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
89
Not required
get meid
Required
PASSWORD get meid
Not required
get band
Required
PASSWORD get band
Not required
execute pdpcycle
Required
PASSWORD execute pdpcycle
Not required
execute pdpdown
Required
PASSWORD execute pdpdown
Not required
execute pdpup
Required
PASSWORD execute pdpup
Not required
get wanip; get rssi
Required
PASSWORD get wanip; get rssi
Not required
set ssh.genkeys=1; set username=test; set auth=pap
Required
PASSWORD set ssh.genkeys=1; set username=test; set auth=pap
Not required
execute factorydefaults
Required
PASSWORD execute factorydefaults
Not required
get status
Required
PASSWORD get status
Send SMS to retrieve the history of the session,
including start time, end time and total data usage
Not required
get sessionhistory
Required
PASSWORD get sessionhistory
Send SMS to configure the router to send syslog to a
remote syslog server
Not required
set syslogserver
Required
PASSWORD set syslogserver
Send SMS to wake up the router, turn on the default
gateway and trigger the ‘connect on demand’ profile
if in waiting state.
Not required
execute wakeup
Required
PASSWORD execute wakeup
Send SMS to check the MEID number
Send SMS to check the current band
Send SMS to Disconnect (if connected) and
reconnect the data connection
Send SMS to disconnect the data connection
Send SMS to connect the data connection
Send multiple get command
Send multiple set command
Send SMS to reset to factory default settings
Send SMS to retrieve status of router
execute download http://download.com:8080/firmware_image.cdi
Not required
execute download http://download.com:8080/firmware_image_r.cdi
Send SMS to perform firmware upgrade when
firmware is located on HTTP server
PASSWORD execute download http://download.com:8080/firmware_image.cdi
Required
PASSWORD execute download http://download.com:8080/firmware_image_r.cdi
execute download ftp://username:password@download.com/firmware_image.cdi
Not required
execute download ftp://username:password@ download.com/firmware_image_r.cdi
Send SMS to perform firmware upgrade when
firmware is located on FTP server
PASSWORD execute download ftp://username:password@ download.com/firmware_image.cdi
Required
PASSWORD execute download ftp://username:password@ download.com/firmware_image_r.cdi
Not required
set pppoe=0
Required
PASSWORD set pppoe=0
Send SMS to turn on PPPoE and set dialstring and
service name
Not required
set pppoe=1,atd#777, Test
Required
PASSWORD set pppoe=1,atd#777, Test
Send SMS to retrieve the PPPoE status, currently
configured dial string and service name
Not required
get pppoe
Required
PASSWORD get pppoe
Not required
set ledmode=10
Required
PASSWORD set ledmode=10
Not required
get ledmode
Required
PASSWORD get ledmode
Not required
get ssh.proto
Required
PASSWORD get ssh.proto
Send SMS to turn off PPPoE
Send SMS to set the LED mode timeout to 10 minutes
Send SMS to retrieve the current LED mode
Retrieve current SSH protocol
NetComm Wireless 3G Light Industrial M2M Router
90
www.netcommwireless.com
Not requireed
set ssh.proto=1
Required
PASSWORD set ssh.pproto=1
Not requireed
get ssh.passauth
Required
PASSWORD get.ssh.ppassauth
Not requireed
set ssh.passauth=1 orr set ssh.passauth=0
Required
PASSWORD set ssh.ppassauth=1 or PASSWORD set ssh.passauth=0
Not requireed
execute ssh.genkeys
Required
PASSWORD execute ssh.genkeys
Not requireed
execute ssh.clearkeyss
Required
PASSWORD execute ssh.clearkeys
Not requireed
get MEID
Select SSH protoccol
Retrieve passwordd authentication status
Enable/disable paassword authentication on host
Generate set of puublic/private keys on the hoost
Clear client publicc keys stored on host
Retrieve the MEIDD of the router
Required
PASSWORD get MEIDD
Table 23 - SM
MS diagnostics exampple commands
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
91
System
Log
The Log pages are used to display or download the System log and IPSec logs on the router.
System log
The System Log enables you to troubleshoot any issues you may be experiencing with your 3G Light Industrial M2M router. To access the System Log page, click on the System menu. The
System Log is displayed.
Figure 88 - System log file
Log file
Use the Display level drop-down list to select a message level to be displayed. The message levels are described in the table below.
To download the System log for offline viewing, right-click the Download button and choose Save as.. to save the file. To clear the System log, click the Clear button. The downloaded log file is in
Linux text format with carriage return (CR) only at the end of a line, therefore in order to be displayed correctly with new lines shown, it is recommended to use a text file viewer which displays
this format correctly (e.g. Notepad++).
Log data is stored in RAM and therefore, when the unit loses power or is rebooted, it will lose any log information stored in RAM. To ensure that log information is accessible between reboots of
the router there are two options:
1.
Enable the Log to file option
NetComm Wireless 3G Light Industrial M2M Router
92
www.netcommwireless.com
2.
Use a remoote syslog server
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
93
Enable the log to file option
When the router is configured to log to a file, the log data is stored in flash memory, making it accessible after a reboot of the router. Up to 512kb of log data will be stored before it is overwritten
by new log data. Flash memory has a finite number of program-erase operations that it may perform to the blocks of memory. While this number of program-erase operations is quite large, we
recommend that you do not enable this option for anything other than debugging to avoid excessive wear on the memory.
Use a remote syslog server
The router can be configured to output log data to a remote syslog server. This is an application running on a remote computer which accepts and displays the log data. Most syslog servers can
also save the log data to a file on the computer on which it is running allowing you to ensure that no log data is lost between reboots.
To configure the 3G Light Industrial M2M Router to output log data to a remote syslog server:
1.
Click on the System menu from the top menu bar. The System log item is displayed.
2.
Under the Remote syslog server section, enter the IP address or hostname of the syslog server in the IP / Hostname [:PORT] field. You can also specify the port number after the
IP or hostname by entering a semi-colon and then the port number e.g. 192.168.1.102:514. If you do not specify a port number, the router will use the default UDP port 514.
3.
Click the Save button to save the configuration.
Figure 89 - System log
ITEM
DEFINITION
All
Display all system log messages.
Debug
Show extended system log messages with full debugging level details.
Info
Show informational messages only.
Notice
Show normal system logging information.
Warning
Show warning messages only.
Error
Show error condition messages only.
Table 24 - System log detail levels
NetComm Wireless 3G Light Industrial M2M Router
94
www.netcommwireless.com
IPS
Sec log
The IPSec log section proovides the ability for you to download the log for the IPSec VPPN function. This can assist in troubleshoooting any problems yoou may have with thee IPSec VPN.
Figure 90 - IPSec logg
Use the Log level drop down list to specify the type of detail you want
w to capture in thee log and then click the Save button. When you change the loggging level, any activve IPSec VPN tunnelss will
be disconnected
as a chhange in logging leveel requires the IPSec service to be restarteed.
To download
the IPSec loog, click the Downloaad IPSec log button and
a you will be prommpted to save the file.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
95
Sy
ystem C
Config
guration
Se
ettings bac
ckup and restore
The settings backup / resstore page is used too backup or restore thhe router’s configurattion or to reset it to faactory defaults. In ordder to view the settinggs page you must bee logged into the webb user
dmin. The backup / restore functions caan be used to easily configure
a large num
mber of 3G Light Induustrial M2M router byy configuring one rouuter
interrface as root usinng the password ad
with your desired settingss, backing them up to a file and then restoring that file to multiiple 3G Light Industrial M2M routers.
Figure 91 – Settings backup and
a restore
Bac
ck up your ro
outer’s configu
uration
Log in to the web configuuration interface, click on the System mennu and select Settinggs backup and restoree.
If you want to password pprotect your backup configuration files, enter your password i n the fields under Saave a copy of currentt settings and click onn Save. If you don’t want
w to password prootect
yourr files, just click on Saave. The router will thhen prompt you to select a location to savve the settings file.
Note: The folllowing conditions apply:

It is NOT poossible to edit the contents of the file dowwnloaded; if you modiify the contents of thee configuration file in any way you will nott be able to restore it later.
You may chhange the name of thhe file if you wish but the filename extensioon must remain as “.cfg”
Resstore your ba
ackup configu
uration
1. In the web configuration interfacce click on the System menu and select SSettings backup and restore.
2.
From the RRestore saved settings section, click on Brrowse or Choose a fiile and select the bacckup configuration file on your computer.
3.
Click Restoore to copy the settinggs to the new 3G Light Industrial M2M rouuter. The router will apply
a these settings and
a inform you it will rreboot - click on OK..
Resstoring the ro
outer’s factory
y default confiiguration
Clickk the Restore Defaultts button to restore thhe factory default connfiguration. The routeer asks you to confirm
m that you wish to resstore factory default ssettings. If you wish to continue with the
restooring of factory defauults, click OK.
Note: All currrent settings on the roouter will be lost when performing a restorre of factory default settings.
The device IP address will changge to 192.168.1.1 and the default usernam
me
root and ddefault password ad
dmin will be configgured.
NetCComm Wireless 3G Ligght Industrial M2M Rouuter
96
www.netcommwirelless.com
Up
pload
To access the Upload paage, click on the Systtem menu, then System Configuration andd then Upload.
The Upload page allows you to upload firmwaare files, HTTPS certificates or user createed application packaages to the 3G Light Industrial M2M routerr. When firmware files have been uploadeed,
they can also be installedd from this page. PDFF files, such as this user guide may also bbe uploaded for acceess on the router’s heelp page.
For more
m information on aapplication developm
ment, contact NetCom
mm Wireless about o ur Software Development Kit.
FFigure 92 - Upload pag
age
Up
pdating the
e Firmwarre
The firmware update process involves first uppdating the recovery image firmware and then updating the main firmware image.
Note: In ordeer to perform an updaate, you must be loggged into the router witth the root manager account (see the Advvanced configurationn section for more deetails).
To update the 3G Light Inndustrial M2M Router’s firmware:
1.
Power on thhe router as describeed in the Installing thee router section.
2.
Log in to thhe router with the roott user account (See the
t Advanced config uration section for deetails)
3.
Select the SSystem item from thee top menu bar, selecct the System configuuration item from the menu on the left andd then select the Uplooad menu item.
4.
Under the FFile uploads section, click the Browse buttton. Locate the recoovery firmware image file on your computeer and click Open. Thhe recovery image is named
ntc_nwl12__x.xx.xx.x_r.cdi while the main system firm
mware image is nameed ntc_nwl12_x.xx.xxx.x.cdi.
5.
Click the Upload button. The firm
mware image is uploaaded to the storage oon the router.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
97
Figure 93 - File upload
6.
Repeat steps 4 and 5 for the main system firmware image.
7.
The uploaded firmware images are listed in the Uploaded files section. Click the Install link next to the recovery image to begin installing the recovery firmware image and then click
OK on the confirmation window that appears.
Figure 94 - Uploaded files
8.
The recovery firmware image is flashed and when it is complete, the router displays “The firmware update was successful” and returns to the main Upload screen.
Figure 95 - Recovery firmware flash process
NetComm Wireless 3G Light Industrial M2M Router
98
www.netcommwireless.com
9.
Click the Innstall link to the right of
o the main firmware image you uploadedd and then click OK to
t confirm that you waant to continue with tthe installation.
Note: Do not remove the power when
w the router’s LEDDs are flashing as thiss is when the firmware update is in processs.
10.
The installaation is complete wheen the countdown reaaches zero. The routeer attempts to redirecct you to the Status page.
Figure 96 --– Installing main firm
mware image
11.
Hold down the reset button on the
t router for 15-20 seconds to reboot andd restore the factory default settings of the router. See the Resstoring factory default settings section forr more
information.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
99
Package manager
The Package Manager page is used to provide details of any user installed packages on the router and allow them to be uninstalled.
For more information on application development, contact NetComm Wireless about our Software Development Kit.
Figure 97 – Software applications manager
The Application name, Version number of the application, the architecture type and time of installation are all displayed. Clicking the Package details link will display a pop-up window with
further details of the package.
To uninstall any software applications, click the Uninstall link.
NetComm Wireless 3G Light Industrial M2M Router
100
www.netcommwireless.com
Ad
dministratiion setting
gs
To access the Administraation Settings page, click
c on the System menu
m then the Adminnistration menu on thee left and then click on
o Administration Setttings.
The Administration settings page is used to enable or disable prottocols used for remotte access and configgure the passwords for the user accountss used to log in to thee router.
Figur
ure 98 - Administrationn page
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
101
OPTION
DEFINITION
Remote router access coontrol
Enable HTTP
Enable or disaable remote HTTP access to
t the router. You can also set the port you would likee remote HTTP access to be available on.
HTTP management port
Enter a port nuumber between 1 and 65534 to use when accessing the router remotely.
Enable HTTPS
Enable or disaable remote HTTPS accesss to the router using a secuure connection.
Remote HTTPS access pport
Enter a port nuumber between 1 and 65534 to use when accessing the router remotely over a secure HTTPS connection.
Enable Telnet
Enable or disaable remote telnet (command line) access to the routeer.
Enable SSH
Enable or disaable Secure Shell on the router.
Remote SSH Access Portrt
Enter the port number for remote SSH acccess. Must be a port num ber between 1 and 65534..
Enable Ping
Enable or disaable remote ping responses on the WWAN connectioon.
Web User Interface accoount
Username
Use the drop down list to select the root or admin account to changge its web user interface password.
Password
Enter the desired web user interface passsword.
Confirm password
Re-enter the desired
web user interface password.
Telnet/SSH account
Username
Displays the Telnet/SSH.username.
This may not be changed.
Password
Enter the desired Telnet/SSH password.
Confirm password
Re-enter the desired
Telnet/SSH password.
Table 25 - Ad
Administration configuuration options
To access the router’s coonfiguration pages reemotely:
1.
Open a neww browser window annd navigate to the WAAN IP address and aassigned port number of the router, for example http://123.2099.130.249:8080
Note: You cann find the router’s WAAN IP address by clicking on the “Status” mmenu. The WWAN IPP field in the WWAN Connection
Status seection shows the routeer’s WAN IP address.
2.
Enter the ussername and passwoord to login to the rouuter and click Log in.
Note: To perfoorm functions like Firm
mware upgrade, deviice configuration bacckup and to restore and
a reset the router too factory defaults, yoou must be logged in with the root manageer
account.
NetCComm Wireless 3G Ligght Industrial M2M Rouuter
102
www.netcommwirelless.com
HTTPS
key managem
ment
What
is HTT
TP Secure??
HTTP Secure or HTTPS iss the use of the HTTPP protocol over an SSSL/TLS protocol. It is used primarily to prootect against eavesdrropping of communiccation between a webb browser and the weeb
t which it is connectted. This is especiallyy important when youu wish to have a secuure connection over a public network such as the internet. HTTTPS connections aree secured through thee use
site to
of ceertificates issued by ttrusted certificate autthorities such as VeriSign. When a web b rowser makes a connnection attempt to a secured
web site, a ddigital certificate is sent to the browser soo that
it can verify the authenticcity of the site using a built-in list of trustedd certificate authoritiees.
Therre are two main differrences between how HTTPS and HTTP coonnections work:
1.
HTTPS uses port 443 while HTTTP uses port 80 by deefault.
2.
Over an HTTTPS connection, all data
d sent and received is encrypted with SSL while over an HTTP connection, all data
d is sent unencryppted.
The encryption is achieveed through the use of
o a pair of public andd private keys on bothh sides of the connecction. In cryptography, a key refers to a nuumerical value used by an algorithm to alter
making the informatioon secure and visible only to those who haave the correspondinng key to recover (decrypt) the informationn. The public key is used
u to encrypt
inforrmation (encrypt it), m
inforrmation and can be ddistributed freely. Thee private key is used to decrypt informatioon and must be secreet by its owner.
Eachh 3G Light Industrial M2M router containss a self-signed digital certificate which is iddentical on all 3G Ligght Industrial M2M roouters. For a greater llevel of security, the router also supports
geneerating your own uniqque key. Additionally, you may use third party
p software to geneerate your own self-ssigned digital certificaate or purchase a siggned certificate from a trusted certificate
authority and then uploadd those certificates too the router.
Ge
enerating your own self-signe
ed certificaate
To generate
your own seelf-signed certificate:
1.
Click the Syystem item from the top
t menu bar, then Administration
from thhe side menu bar andd then HTTPS key management.
2.
Enter the ceertificate details using the appropriate fields. Each field must bbe completed in ordeer to generate a certificate.
Figure 99 - Ge
Generate self signed HTTTPS certificate
Note: The CCountry field must conntain a code for the desired
country from the list below.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
103
CODE
COUNTRY
COUNTRY
CODE
COUNTRY
CODE
COUNTRY
AX
Åland Islands
ER
Eritrea
LS
Lesotho
SA
Saudi Arabia
AD
Andorra
ES
Spain
LT
Lithuania
SB
Solomon Islands
AE
United Arab Emirates
ET
Ethiopia
LU
Luxembourg
SC
Seychelles
AF
Afghanistan
FI
Finland
LV
Latvia
SE
Sweden
AG
Antigua and Barbuda
FJ
Fiji
LY
Libya
SG
Singapore
AI
Anguilla
FK
Falkland Islands (Malvinas)
MA
Morocco
SH
St. Helena
AL
Albania
FM
Micronesia
MC
Monaco
SI
Slovenia
AM
Armenia
FO
Faroe Islands
MD
Moldova
SJ
Svalbard and Jan Mayen Islands
AN
Netherlands Antilles
FR
France
ME
Montenegro
SK
Slovak Republic
AO
Angola
FX
France, Metropolitan
MG
Madagascar
SL
Sierra Leone
AQ
Antarctica
GA
Gabon
MH
Marshall Islands
SM
San Marino
AR
Argentina
GB
Great Britain (UK)
MK
Macedonia
SN
Senegal
AS
American Samoa
GD
Grenada
ML
Mali
SR
Suriname
AT
Austria
GE
Georgia
MM
Myanmar
ST
Sao Tome and Principe
AU
Australia
GF
French Guiana
MN
Mongolia
SU
USSR (former)
AW
Aruba
GG
Guernsey
MO
Macau
SV
El Salvador
AZ
Azerbaijan
GH
Ghana
MP
Northern Mariana Islands
SZ
Swaziland
BA
Bosnia and Herzegovina
GI
Gibraltar
MQ
Martinique
TC
Turks and Caicos Islands
BB
Barbados
GL
Greenland
MR
Mauritania
TD
Chad
BD
Bangladesh
GM
Gambia
MS
Montserrat
TF
French Southern Territories
BE
Belgium
GN
Guinea
MT
Malta
TG
Togo
BF
Burkina Faso
GP
Guadeloupe
MU
Mauritius
TH
Thailand
BG
Bulgaria
GQ
Equatorial Guinea
MV
Maldives
TJ
Tajikistan
BH
Bahrain
GR
Greece
MW
Malawi
TK
Tokelau
BI
Burundi
GS
S. Georgia and S. Sandwich Isls.
MX
Mexico
TM
Turkmenistan
BJ
Benin
GT
Guatemala
MY
Malaysia
TN
Tunisia
BM
Bermuda
GU
Guam
MZ
Mozambique
TO
Tonga
BN
Brunei Darussalam
GW
Guinea-Bissau
NA
Namibia
TP
East Timor
BO
Bolivia
GY
Guyana
NC
New Caledonia
TR
Turkey
BR
Brazil
HK
Hong Kong
NE
Niger
TT
Trinidad and Tobago
BS
Bahamas
HM
Heard and McDonald Islands
NF
Norfolk Island
TV
Tuvalu
BT
Bhutan
HN
Honduras
NG
Nigeria
TW
Taiwan
BV
Bouvet Island
HR
Croatia (Hrvatska)
NI
Nicaragua
TZ
Tanzania
BW
Botswana
HT
Haiti
NL
Netherlands
UA
Ukraine
BZ
Belize
HU
Hungary
NO
Norway
UG
Uganda
CA
Canada
ID
Indonesia
NP
Nepal
UM
US Minor Outlying Islands
CC
Cocos (Keeling) Islands
IE
Ireland
NR
Nauru
US
United States
CF
Central African Republic
IL
Israel
NT
Neutral Zone
UY
Uruguay
CH
Switzerland
IM
Isle of Man
NU
Niue
UZ
Uzbekistan
CI
Cote D'Ivoire (Ivory Coast)
IN
India
NZ
New Zealand (Aotearoa)
VA
Vatican City State (Holy See)
CK
Cook Islands
IO
British Indian Ocean Territory
OM
Oman
VC
Saint Vincent and the Grenadines
CL
Chile
IS
Iceland
PA
Panama
VE
Venezuela
CM
Cameroon
IT
Italy
PE
Peru
VG
Virgin Islands (British)
CN
China
JE
Jersey
PF
French Polynesia
VI
Virgin Islands (U.S.)
CO
Colombia
JM
Jamaica
PG
Papua New Guinea
VN
Viet Nam
CR
Costa Rica
JO
Jordan
PH
Philippines
VU
Vanuatu
CS
Czechoslovakia (former)
JP
Japan
PK
Pakistan
WF
Wallis and Futuna Islands
CV
Cape Verde
KE
Kenya
PL
Poland
WS
Samoa
CX
Christmas Island
KG
Kyrgyzstan
PM
St. Pierre and Miquelon
YE
Yemen
CY
Cyprus
KH
Cambodia
PN
Pitcairn
YT
Mayotte
CZ
Czech Republic
KI
Kiribati
PR
Puerto Rico
ZA
South Africa
DE
Germany
KM
Comoros
PS
Palestinian Territory
ZM
Zambia
DJ
Djibouti
KN
Saint Kitts and Nevis
PT
Portugal
COM
US Commercial
DK
Denmark
KR
Korea (South)
PW
Palau
EDU
US Educational
DM
Dominica
KW
Kuwait
PY
Paraguay
GOV
US Government
DO
Dominican Republic
KY
Cayman Islands
QA
Qatar
INT
International
DZ
Algeria
KZ
Kazakhstan
RE
Reunion
MIL
US Military
EC
Ecuador
LA
Laos
RO
Romania
NET
Network
EE
Estonia
LC
Saint Lucia
RS
Serbia
ORG
Non-Profit Organization
EG
Egypt
LI
Liechtenstein
RU
Russian Federation
ARPA
Old style Arpanet
EH
Western Sahara
LK
Sri Lanka
RW
Rwanda
NetComm Wireless 3G Light Industrial M2M Router
104
CODE
www.netcommwireless.com
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
105
3.
When you have entered all the required details, press the Generate button. The certificate takes several minutes to generate. When the certificate has been generated, you are
informed that it has been successfully generated and installed. The web server on the router restarts and you are logged out of the router. Click OK to be taken back to the login
screen.
Figure 100 - New certificate successfully generated message
NetComm Wireless 3G Light Industrial M2M Router
106
www.netcommwireless.com
SS
SH Key
y Manag
gemen
nt
Secuure Shell (SSH) is UNNIX-based command interface and network protocol used to ggain secure access too a remote computer, execute commandss on a remote machinne or to transfer files
betwween machines. It waas designed as a replacement for Telnet and
a other insecure reemote shell protocols which send informattion, including passwwords, as plain text.
SSH uses RSA public keyy cryptography for booth connection and authentication.
Two ccommon ways of usinng SSH are:
word authentication too log on.
Use aautomatically generatted public-private keyy pairs to encrypt thee network connectionn and then use passw
p to perform the auuthentication and alloow users or programss to log in without usinng a password.
Use a manually generatedd public-private key pair
Figure 1101 - SSH Server Conffiguration
SS
SH Server C
Configura
ation
To configure the SSH serrver settings:
1.
Use the SSH Protocol drop dowwn list to select the prrotocol that you want to use. Protocol 2 is more recent and is considered
more seccure.
2.
Select the ttypes of authenticatioon you want to use byy clicking the Enablee password authentication and Enable keyy authentication togggle keys on or off. Notte that you may have both
authenticattion methods on but you
y may not turn them
m both off.
3.
Click the Saave button to confirm
m your settings.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
107
Host key management
SSH keys provide a means of identification using public key cryptography and challenge response authentication. This means that a secure connection can be established without transmitting a
password, thereby greatly reducing the threat of someone eavesdropping and guessing the correct credentials.
SSH Keys always come in pairs with one being a public key and the other a private key. The public key may be shared with any server to which you want to connect. When a connection request
is made, the server uses the public key to encrypt a challenge (a coded message) to which the correct response must be given. Only the private key can decrypt this challenge and produce the
correct response. For this reason, the private key should not be shared with those who you do not wish to give authorization.
The Host key management section displays the current public keys on the router and their date and timestamp. These public keys are provided in different formats, including DSA, RSA and
ECDSA. Each format has advantages and disadvantages in terms of signature generation speed, validation speed and encryption/decryption speed. There are also compatibility concerns to
consider with older clients when using ECDSA, for example.
Generating new keys
The complete set of keys can be re-generated by selecting the Generate keys button. This key generation process takes approximately 30 seconds to complete.
Downloading keys
The Get keys button allows you to download the complete set of public and private keys while the Get public keys button will download only the set of public keys.
Uploading your own key files
Click the Upload keys button to upload your own public key to the router.
Client key management
The Client Key Management section is used for uploading the public key file of clients. To upload a client public key, click the Upload button, browse to the file and click Open.
When the file is uploaded, it is examined for validity. If the key file is not a valid public key, it will not be uploaded.
NetComm Wireless 3G Light Industrial M2M Router
108
www.netcommwireless.com
LE
ED operatiion mode
The 7 front LED indicatorrs may be turned off after
a a timeout periodd for aesthetic or powwer saving reasons. To
T access the LED Operation
Mode pagee, click the System menu, then Administraation
on thhe left and finally seleect LED Operation Mode.
Figure
re 102 - LED Operationn Mode
m of the LEDs on the front panel of thee router. To set the ligghts to operate at all times,
set this to Alwa
ways on. To set the lights to turn off after a
The Mode drop down listt sets the operation mode
speccified period, select TTurn off after timeoutt. When configured too turn off after timeouut, use the LED poweer off timer field to specify the time in minuutes to wait before turning off the LED
indiccators. The LED Poweer Off Timer must be an integer between 1 and 65535.
W the wait period expires, the LEDs wiill turn off. If the routeer is rebooted, the LEED power off timer is reset. The router will boot
The wait period begins frrom the time the Savee button is clicked. When
a wait for the configgured time before turrning off again.
up and
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
109
Re
eboot
The reboot option in the SSystem section perfoorms a soft reboot of the router. This can bbe useful if you have made configuration changes you want too implement.
To reeboot the router:
1.
Click the Syystem menu item from
m the top menu bar.
2.
Click the Reboot button from thee menu on the left sidde of the screen.
Figure
re 103 - Reboot menuu option
3.
The router ddisplays a warning thhat you are about to perform
a reboot. If yyou wish to proceed, click the Reboot button then click OK on the confirmation winndow which appears.
Figure
re 104 - Reboot confirrmation
Note: It can take up to 2 minutess for the router to reboot.
Lo
ogging outt
To loog out of the router, cclick the
icon at the top right corner of
o the web user interfface.
NetCComm Wireless 3G Ligght Industrial M2M Rouuter
110
www.netcommwirelless.com
App
A pend
dix A: T
Tables
Tabble 1 - Document Revision History ............................
.......................................................................................................................................................................... 3
Tabble 2 - Device Dim
mensions ................................................................................................................................................................................................................... 8
Tabble 3 - LED Indicaators........................................................................................................................................................................................................................... 9
Tabble 4 - Signal strength LED descripptions .......................................................................................................................................................................................... 10
Tabble 5 – Interfaces ................................................................................................................................................................................................................................ 11
Tabble 6 - PoE powerr classes .................................................................................................................................................................................................................. 18
Tabble 7 - Locking poower block pin ouuts ................................................................................................................................................................................................ 19
Tabble 8 - Average poower consumptioon figures..................................................................................................................................................................................... 19
Tabble 9 - Managemeent account login details ....................................................................................................................................................................................... 20
Tabble 10 - Status page item details ....................................................................................................................................................................................................... 23
Tabble 11 - Data connnection item detaails ............................................................................................................................................................................................... 25
Tabble 12 - Connect oon demand - Connnect and disconnect timers desc riptions ................................................................................................................................ 30
Tabble 13 - Current M
MAC / IP / Port filteering rules in effect ..................................................................................................................................................................... 50
Tabble 14 - IPSec Configuration Items ................................................................................................................................................................................................... 54
Tabble 15 - SMS Setuup Settings .............................................................................................................................................................................................................. 79
Tabble 16 - Inbox/Outtbox icons ............................................................................................................................................................................................................... 81
Tabble 17 - SMS Diaggnostic Commandd Syntax ...................................................................................................................................................................................... 86
Tabble 18 - List of Vallid SMS diagnostic commands ............................................................................................................................................................................. 88
Tabble 19 - List of SM
MS diagnostics vaariables ........................................................................................................................................................................................ 89
Tabble 22 - SMS diaggnostics example commands ................................................................................................................................................................................ 91
Tabble 23 - System loog detail levels ........................................................................................................................................................................................................ 94
Tabble 24 - Administrration configuratioon options ................................................................................................................................................................................. 102
Tabble 25 - LAN Manaagement Default Settings ................................................................................................................................................................................... 115
Tabble 26 - Web Interrface Default Setttings .......................................................................................................................................................................................... 115
Tabble 27 - Telnet Access...................................................................................................................................................................................................................... 115
Tabble 28 - RJ-45 connnector pin outs .................................................................................................................................................................................................... 120
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
111
Appendix B: Device Mounting
Dimensions
The image below is at 100% scale and may be used as a template for mounting the device. All dimensions shown are in millimetres.
Figure 105 - Device mounting dimensions
NetComm Wireless 3G Light Industrial M2M Router
112
www.netcommwireless.com
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
113
Appendix C: Mounting
Bracket
The image below is at 100% scale and may be used as a template for mounting the bracket. All dimensions shown are in millimetres.
Figure 106 - Mounting bracket
NetComm Wireless 3G Light Industrial M2M Router
114
www.netcommwireless.com
App
A pend
dix D: D
Defa
aultt Settting
gs
The following tables list thhe default settings foor the 3G Light Industtrial M2M router.
LAN (MANAGEMENTT)
Static IP Address:
192.168.1.1
Subneet Mask:
255.255.255.0
Default Gateway:
192.168.1.1
Table 26 - LLAN Management Deffault Settings
ADMIN MANAGER ACCOOUNT
ROOT
MANAGER ACC
COUNT
Username:
admiin
Usernaame:
root
Password:
admiin
Passwword:
admin
Table 277 - Web Interface Defauult Settings
Note: Thee admin manager acccount allows you to manage
all settings off the router except fuunctions such as firmw
ware upgrade, devicce configuration backkup and restore and reset
to factory default settings, which are privileged only to the root manageer account.
3G LIGHT INDUSTTRIAL M2M ROUTERR TELNET ACCESS
Username:
root
Password:
admin
TTable 28 - Telnet Acceess
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
115
Restoring factory default settings
Restoring factory defaults will reset the 3G Light Industrial M2M router to its factory default configuration. You may encounter a situation where you need to restore the factory defaults on your 3G
Light Industrial M2M router such as:
You have lost your username and password and are unable to login to the web configuration page;
You are asked to perform a factory reset by support staff.
There are two methods you can use to restore factory default settings on your 3G Light Industrial M2M router:
Using the web-based user interface
Using the reset button on the interface panel of the router
Using the web-based user interface
To restore your router to its factory default settings, please follow these steps:
1.
Open a browser window and navigate to the IP address of the router (default address is http://192.168.1.1). Login to the router using root as the User Name and admin as
the password.
2.
Click the System item from the top menu bar, then System configuration on the left menu and then click Settings backup and restore.
3.
Under the Restore factory defaults section, click the Restore Defaults button. The router asks you to confirm that you wish to restore factory defaults. Click OK to continue. The
router sets all settings to default. Click OK again to reboot the router.
4.
When the Power light returns to a steady red, the reset is complete. The default settings are now restored.
Using the reset button on the interface panel of the router
Use a pen to depress the Reset button on the device for 15-20 seconds. The router will restore the factory default settings and reboot.
When you have reset your 3G Light Industrial M2M router to its default settings you will be able to access the device’s configuration web interface using http://192.168.1.1 with username
admin or root and password admin.
NetComm Wireless 3G Light Industrial M2M Router
116
www.netcommwireless.com
Recoverry mod
de
The 3G Light Industrial M
M2M router features twwo independent operating systems, eachh with its own file systtems. These two systems are referred to aas 'Main' and 'Recovery'. It is always posssible
m becomes damage d or corrupted (suchh as during a firmwaree upgrade failure).
to usse one in order to resstore the other in the event that one system
Bothh systems have Web interfaces that can be
b used to manipulatee the other inactive syystem. The 3G Light Industrial M2M routeer starts up by defaullt in the Main system mode, however the router
may be triggered to startt in recovery mode if desired.
To start the router in recoovery mode:
1.
Press and hhold the physical resset button on the interrface panel of the rouuter for 5 to 15 seconnds. When the LEDs on
o the front panel chaange to amber and countdown
in a sequeence,
release the reset button. The router then boots into recovery
mode.
2.
In your browwser, navigate to httpp://192.168.1.1. The router’s recovery modde is hardcoded to use
u this address regaardless of the IP addrress that was configuured in the main systeem.
The router’ss recovery console iss displayed.
Figuure 107 - Recovery coonsole
The recovery console proovides limited functioonality. Basic status innformation is availab le, as well as accesss to the System log for troubleshooting. Thhe Application Installeer can be used to uppload
f The Settings meenu provides the abil ity to reset the routerr to factory default seettings
and install different firmwware, allowing you to roll back to a previouus firmware in the eveent that an upgrade fails.
and the Reboot tab allowws you to perform a sooft reboot of the routeer.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
117
App
A pend
dix E: H
HTT
TPS Uplo
U oad
ding
g a self--sign
ned
cert
c ifica
ate
If you have your own selff-signed certificate orr one purchased elseewhere and signed bby a Certificate Authority, you can upload it to the 3G Light Ind ustrial M2M Router using
u the Upload pagge.
Note: Your keey and certificate filees must be named server.key and server.ccrt respectively otherrwise they will not work.
To upload your certificatee:
1.
Click on thee System item from thhe top menu bar. Froom the side menu barr, select System Connfiguration and then Upload.
The file uploaad screen is displayeed.
Fi
Figure 108 - Upload paage
2.
Click the Choose a File button and
a locate your serveer certificate file and click Open.
Figure
re 109 - Browse for seerver.crt
NetCComm Wireless 3G Ligght Industrial M2M Rouuter
118
www.netcommwirelless.com
3.
Click the Upload button to beginn uploading it to the router.
The file appeaars in the list of files stored
on the router.
Figure 1100 - Server certificate file
fi uploaded
4.
Repeat stepps 2 and 3 for the server key file.
5.
Click the Innstall link next to the server.crt
file then clicck OK on the promptt that is displayed. Thhe certificate file is installed. Repeat this ffor the key file. When each file is installed it is
removed froom the list of stored files.
Figure 1111 - Installing the serrver.crt file
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
119
Appendix F: RJ-45 connector
The RJ-45 connector provides an interface for a data connection and for device input power using the pin layout shown below.
Pin:
Figure 112 -The RJ-45 connector
PIN
COLOUR
SIGNAL (802.3AF MODE A)
SIGNAL (802.3AF MODE B)
White/Orange
stripe
Rx +
Rx + DC +
Orange Solid
Rx -
Rx - DC +
White/Green stripe
Tx +
Tx + DC -
Blue solid
DC +
unused
White/Blue stripe
DC +
unused
Green solid
Tx -
Tx - DC -
White/Brown stripe
DC -
unused
Brown solid
DC -
unused
Table 29 - RJ-45 connector pin outs
NetComm Wireless 3G Light Industrial M2M Router
120
www.netcommwireless.com
Safe
S ety and
a pro
odu
uct care
c e
RF Expo
osure
Yourr device contains a trransmitter and a receeiver. When it is on, it receives and transmmits RF energy. Whenn you communicate with
w your device, the ssystem handling youur connection controlss the
power level at which your device transmits.
This device meets the goovernment’s requirem
ments for exposure to radio waves.
This device is designed aand manufactured noot to exceed the emisssion limits for expossure to radio frequenccy (RF) energy set byy the Federal Commuunications Commissioon of the U.S. Governnment.
This device complies withh FCC radiation expoosure limits set forth for
f an uncontrolled e nvironment. To ensure compliance with RF
R exposure guidelinees the device must be
b used with a minimum of
20cm
m separation from thee body. Failure to observe these instructioons could result in yoour RF exposure exceeeding the relevant guideline
limits.
Ex
xternal anttenna
Any optional external anttenna used for this traansmitter must be insstalled to provide a seeparation distance of
o at least 20 cm from all persons and musst not be co-located or
o operated in conjunnction
with any other antenna or transmitter. Please consult the health annd safety guide of thee chosen antenna forr specific body separration guidelines as a greater distance of separation may be
requuired for high-gain anntennas.
Any external antenna gaiin must meet RF expoosure and maximum radiated output powwer limits of the appliccable rule section. Thhe maximum antennaa gain for this device as reported to the FCCC is:
0.2 dBi
d (850MHz) and 2.77 dBi (1900MHz).
CE
C Apprroval
This device has been tessted to and conformss to the regulatory reqquirements of the Eurropean Union and atttained CE Marking. The CE Mark is a confformity marking conssisting of the letters “CCE.”
The CE Mark applies to the products regulateed by the central Euroopean health, safety and environmental protection
legislation. The CE Mark is obliggatory for products itt applies to: the
b allowed to sell their product in the Euroopean market.
manufacturer affixes the marking in order to be
The wireless device is appproved to be used inn the member states of the EU. NetCommm Wireless declares that the wireless devicce is in compliance wwith the essential reqquirements and other
relevvant provisions of thee Radio and Telecommunications Terminaal Equipment Directivve 1999/5/EC (R&TTEE Directive). Compliannce with this directivee implies conformity to the following European
Norm
ms – N 60950 – Produuct Safety, EN 301 4889 EMC, EN301511 GSM
G RF, EN301908 UMTS RF, EN 62311 SAR Technical requirement for radio equuipment. A notified body has determined that
this device
has properly demonstrated that thhe requirements of the directive have bee n met and has issuedd a favourable certificate of expert opinioon. As such the device will bear the notifieed
bodyy number 0682 after the CE mark.
The CE Marking is not a qquality mark. Foremoost, it refers to the saffety rather than to thee quality of the produuct. Secondly, CE Marking is mandatory foor the product it applies to whereas most
quality markings are voluuntary.
Markking: The product shaall bear the CE mark, the notified body nuumber(s) as depictedd to the right. CE06822.
This product has also paassed the following ceertification standardss –
CE SARS EN62311/EN50385
CE RF
R – EN301511, EN301908-1/-2,
CE EMC
E – EN301489-1/-7/-24, EN55022/EN55024
CE Safety
– EN60950
NOTTE: It is highly recomm
mended that the device must be kept at leeast 20cm away fromm the human body.
This is a regulatory requirement and applies to
t all 3G capable devvices meeting standaard regulatory compliance such as the compliance standards listed above.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
121
FCC Statement
FCC compliance
Federal Communications Commission Notice (United States): Before a wireless device model is available for sale to the public, it must be tested and certified to the FCC that it does not exceed
the limit established by the government-adopted requirement for safe exposure.
FCC regulations
§ 15.19 (a)(3)
This device complies with part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) this device must accept any
interference received, including interference that may cause undesired operation.
§ 15.21
Changes or modifications not expressly approved by the party responsible for compliance could void the user‘s authority to operate the equipment.
****************************************************************************************************************************
§ 15.105 (b)
This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to part 15 of the FCC Rules. These limits are designed to provide reasonable protection
against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions,
may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful
interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the
following measures:
—Reorient or relocate the receiving antenna.
—Increase the separation between the equipment and receiver.
—Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
—Consult the dealer or an experienced radio/TV technician for help.
RF Exposure Information (MPE)
This equipment complies with radio frequency (RF) exposure limits adopted by the Federal Communications Commission for an uncontrolled environment. This equipment should be installed
and operated with minimum distance 20 cm between the radiator & your body.
NetComm Wireless 3G Light Industrial M2M Router
122
www.netcommwireless.com
IC
C Regu
ulationss:
RSSS-Gen 7.1.3
This device complies withh Industry Canada liccense-exempt RSS standard(s). Operatioon is subject to the following two conditionns:
(1) thhis device may not cause interference, annd
(2) thhis device must acceept any interference, including interferencce that may cause unndesired operation off the device.
appareil est cconforme aux CNR d''Industrie Canada appplicables aux appareeils radio exempts dee licence. L'exploitation est autorisée auxx deux conditions suivvantes:
Le présent
(1) l'appareil ne doit pas produire de brouillagge, et
(2) l'utilisateur de l'apparreil doit accepter toutt brouillage radioélecctrique subi, même sii le brouillage est sussceptible d'en comprromettre le fonctionneement."
********************************************************************************************************************************
ICESS-003
CANN ICES-3(B)/ NMB-3(BB)
********************************************************************************************************************************
RSS-Gen 7.1.2
This radio transmitter hass been approved by Industry Canada to operate
with the ante nna types listed beloow with the maximum permissible gain annd required antenna impedance for each
antenna type indicated. AAntenna types not inccluded in this list, havving a gain greater thhan the maximum gaain indicated for that type,
t are strictly prohhibited for use with thhis device.
Anteenna types: Dipole
Anteenna gain: 850MHz: 00.2dBi; 1900MHz: 2.77dBi
*************************************************************************************************************************************
IC RF Exposure Statem
ment (MPE)
This equipment complies with
w IC RSS-1
102 RF expo
osure limits set
s forth for an uncontrolleed environment. This
equipment sho
ould be installed and operrated with miinimum dista
ance 20 cm between
the radiator & yo
our body.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
123
Electrical safety
Accessories
Only use approved accessories.
Do not connect with incompatible products or accessories.
Connection to a car
Seek professional advice when connecting a device interface to the vehicle electrical system.
Distraction
Operating machinery
Full attention must be given to operating the machinery in order to reduce the risk of an accident.
Product handling
You alone are responsible for how you use your device and any consequences of its use.
You must always switch off your device wherever the use of a mobile phone is prohibited. Do not use the device without the clip-on covers attached, and do not remove or change the covers
while using the device. Use of your device is subject to safety measures designed to protect users and their environment.
Always treat your device and its accessories with care and keep it in a clean and dust-free place.
Do not expose your device or its accessories to open flames or lit tobacco products.
Do not expose your device or its accessories to liquid, moisture or high humidity.
Do not drop, throw or try to bend your device or its accessories.
Do not use harsh chemicals, cleaning solvents, or aerosols to clean the device or its accessories.
Do not paint your device or its accessories.
Do not attempt to disassemble your device or its accessories, only authorised personnel must do so.
Do not use or install this product in extremely hot or cold areas. Ensure that the device is installed in an area where the temperature is within the supported operating temperature range (-20°C to
65°C)
Do not use your device in an enclosed environment or where heat dissipation is poor. Prolonged use in such space may cause excessive heat and raise ambient temperature, which will lead to
automatic shutdown of your device or the disconnection of the mobile network connection for your safety. To use your device normally again after such shutdown, cool it in a well-ventilated place
before turning it on.
Please check local regulations for disposal of electronic products.
Do not operate the device where ventilation is restricted
Installation and configuration should be performed by trained personnel only.
Do not use or install this product near water to avoid fire or shock hazard. Avoid exposing the equipment to rain or damp areas.
Arrange power and Ethernet cables in a manner such that they are not likely to be stepped on or have items placed on them.
Ensure that the voltage and rated current of the power source match the requirements of the device. Do not connect the device to an inappropriate power source.
Small children
Do not leave your device and its accessories within the reach of small children or allow them to play with it.
They could hurt themselves or others, or could accidentally damage the device.
Your device contains small parts with sharp edges that may cause an injury or which could become detached and create a choking hazard.
NetComm Wireless 3G Light Industrial M2M Router
124
www.netcommwireless.com
Em
mergency situationss
This device, like any wireeless device, operatees using radio signalss, which cannot guaraantee connection in all
a conditions. Thereffore, you must never rely solely on any wireless device for
emergency communications.
De
evice heatting
Yourr device may becomee warm during normaal use.
Fa
aulty an
nd dam
maged produccts
Do not
n attempt to disasseemble the device or its accessories.
Onlyy qualified personnel must service or repaair the device or its acccessories.
If your device or its accessories have been suubmerged in water punctured or subjecteed to a severe fall, doo not use until they haave been checked att an authorised servicce centre.
www.netcommwireless.com
NeetComm Wireless 3G Light Industrial M2M Router
125
Interference
Care must be taken when using the device in close proximity to personal medical devices, such as pacemakers and hearing aids.
Pacemakers
Pacemaker manufacturers recommend that a minimum separation of 15cm be maintained between a device and a pacemaker to avoid potential interference with the pacemaker.
Hearing aids
People with hearing aids or other cochlear implants may experience interfering noises when using wireless devices or when one is nearby.
The level of interference will depend on the type of hearing device and the distance from the interference source, increasing the separation between them may reduce the interference. You may
also consult your hearing aid manufacturer to discuss alternatives.
Medical devices
Please consult your doctor and the device manufacturer to determine if operation of your device may interfere with the operation of your medical device.
Hospitals
Switch off your wireless device when requested to do so in hospitals, clinics or health care facilities. These requests are designed to prevent possible interference with sensitive medical
equipment.
Interference in cars
Please note that because of possible interference to electronic equipment, some vehicle manufacturers forbid the use of devices in their vehicles unless an external antenna is included in the
installation.
Explosive environments
Petrol stations and explosive atmospheres
In locations with potentially explosive atmospheres, obey all posted signs to turn off wireless devices such as your device or other radio equipment.
Areas with potentially explosive atmospheres include fuelling areas, below decks on boats, fuel or chemical transfer or storage facilities, areas where the air contains chemicals or particles, such
as grain, dust, or metal powders.
Blasting caps and areas
Turn off your device or wireless device when in a blasting area or in areas posted turn off “two-way radios” or “electronic devices” to avoid interfering with blasting operations.
NetComm Wireless 3G Light Industrial M2M Router
126
www.netcommwireless.com

---

Source Exif Data:

File Type                       : PDF
File Type Extension             : pdf
MIME Type                       : application/pdf
PDF Version                     : 1.6
Linearized                      : Yes
Encryption                      : Standard V4.4 (128-bit)
User Access                     : Print, Extract, Print high-res
Author                          : 
Create Date                     : 2013:09:25 16:26:56+08:00
Modify Date                     : 2013:09:25 16:38:15+08:00
XMP Toolkit                     : Adobe XMP Core 4.2.1-c043 52.372728, 2009/01/18-15:08:04
Creator Tool                    : PScript5.dll Version 5.2.2
Metadata Date                   : 2013:09:25 16:38:15+08:00
Producer                        : Acrobat Distiller 9.0.0 (Windows)
Format                          : application/pdf
Creator                         : 
Title                           : 
Document ID                     : uuid:cfcb8204-2419-47cb-b61f-ebc647698321
Instance ID                     : uuid:6ac61f71-81b3-4dca-adbb-2ba8a0c2a2b7
Page Count                      : 126

EXIF Metadata provided by EXIF.tools