Page 1: User Manual
USER MANUAL GWR High Speed Cellular Router Series Document version 1.0.0 Date: December 2015 WWW.GENEKO.RS...
Page 2: Document Approval
User Manual Document History Date Description Author Comments 24.12.2015 User Manual Tanja Savić Firmware versions: 1.1.2 Document Approval The following report has been accepted and approved by the following: Signature Printed Name Title Date Dragan Marković Executive Director 24.12.2015 GWR High Speed Cellular Router Series...
Page 3: Table Of Contents
User Manual Content DOCUMENT APPROVAL ............................2 LIST OF FIGURES ..............................5 LIST OF TABLES ..............................8 DESCRIPTION OF THE GPRS/EDGE/HSPA ROUTER SERIES ..............9 ..........................10 YPICAL APPLICATION ......................... 11 ECHNICAL ARAMETERS ........................14 ROTOCOLS AND FEATURES ..........................17 RODUCT VERVIEW Front panel ...............................
Page 4 User Manual – PPTP............................ 56 ETTINGS – L2TP ............................ 57 ETTINGS – F – IP F ....................... 59 ETTINGS IREWALL ILTERING – F – MAC F ....................61 ETTINGS IREWALL ILTERING – D DNS ........................62 ETTINGS YNAMIC – S .........................
Page 5: List Of Figures
User Manual List of Figures Figure 1 – GWR High Speed Cellular Router Series ....................9 Figure 2 – GWR Router front panel ..........................17 Figure 3– GWR Router back panel ..........................17 Figure 4 – GWR Router top panel ..........................18 Figure 5 –...
Page 6 User Manual Figure 52– Default Settings page ..........................75 Figure 53 – System Reboot page ..........................75 Figure 54– Display Settings ............................75 Figure 55– Command Line Interface .......................... 76 Figure 56– Remote Management ..........................77 Figure 57– Connection Manager ..........................77 Figure 58–...
Page 7 User Manual Figure 107– IPSec configuration page II for GWR Router ..................115 Figure 108– IPSec configuration page III for GWR Router ..................116 Figure 109– IPSec start/stop page for GWR Router ....................116 Figure 110– Network Interfaces (list) ........................117 Figure 111–...
Page 8: List Of Tables
User Manual List of Tables Table 1 – Technical parameters............................ 14 Table 2 – GWR Router software features ........................16 Table 3 – WAN parameters ............................29 Table 4 – LAN parameters ............................30 Table 5 – DHCP Server parameters ..........................31 Table 6 –...
Page 9: Description Of The Gprs/Edge/Hspa Router Series
User Manual Description of the GPRS/EDGE/HSPA Router Series GWR routers represent a robust solution designed to provide remote connectivity across cellular networks. Low transmission delay and very high data rates offered by existing cellular networks completely eliminate the need for expensive wired infrastructure. GWR series brings scalability of even most demanding corporate networks on highest possible level.
Page 10: Typical Application
There are numerous variations of each and every one of above listed applications. Therefore GENEKO formed highly dedicated, top rated support team that can help you analyze your requirements and existing system, chose the right topology for your new system, perform initial configuration and tests and monitor the complete system after installation.
Page 11: Technical Parameters
User Manual Technical Parameters Wireless Interfaces – WWAN Sierra Wireless MC7710 or MC7304 (available on 4G models) DD800/900/1800/2100/2600 MHz Transfer rate (max): 100 Mbps down, 50 Mbps up 900/2100MHz UMTS/HSPA+/DC- HSPA+ Transfer rate (max): 21.1 Mbps down, 5.76 Mbps up GSM/GPRS/EDGE 900/1800/1900 MHz Transfer rate (max): 236.8 Kbps down, 236.8 Kbps up...
Page 12 User Manual Modes Access point, Client Transmit Power 18.1 dBm max Receive Sensitivity 54 Mbps / -75.7 dBm and 11 Mbps / -88.7 dBm Security 64/128/256-bit WEP, TKIP or AES keys; WPA and WPA2 Connector 1 x 50 Ω RP-SMA (Center pin: male) Wired Interfaces –...
Page 13 User Manual LCD view port 67 mm x 39 mm (W x H) LCD viewing angle 6 o’clock LCD background color Black LCD segment colors White, green, red, yellow LCD information Present SIM’s, active SIM, GSM provider, SMS available, roaming, signal strength, GSM technology, interfaces, uptime, IP addresses, firmware version LCD navigation One button used to select interface for which IP is...
Page 14: Protocols And Features
User Manual Approvals Safety EN 60950-1:2006 + A1:2010 + A2:2013 + A11:2009 + A12:2011 EN 301 489-1 V1.9.2, EN 301 489-7 V1.3.1, EN 301 489-17 V2.1.1, EN 301 489-24 V1.5.1 Radio Spectrum EN 301 511 v9.0.2, EN 301 908-2 v5.2.1, EN 301 908-13 v5.2.1, EN 300 328 v1.8.1 Table 1 –...
Page 15 TCP and a GRE tunnel operating to encapsulate PPP packets. PPTP – max. number of tunnels The Geneko Router can be used as a L2TP peer. L2TP is suitable for Layer-2 tunneling. Static tunnels are useful to establish network links across IP networks when the tunnels are fixed.
Page 16: Table 2 - Gwr Router Software Features
User Manual This menu provides a choice between two possible keepalive actions in case maximum number of failed packets is exceeded. If Switch SIM option is selected router will try to establish the GSM/UMTS keepalive connection using the other SIM card after the maximum number of failed packets is exceeded.
Page 17: Product Overview
User Manual Product Overview Front panel On the front panel (Error! Reference source not found.) the following connectors are located:  One or four RJ45 connector(s) – Ethernet port for connection into local computer network One RJ45 connector for RS232 serial communication (ADSL or WAN) ...
Page 18: Top Panel
User Manual The Display button can be used to see current firmware version or current ip address on the screen. The Reset button can be used for a warm reset or a reset to factory defaults. Warm reset: If the GWR Router is having problem connecting to the Internet, press and hold the reset button for a second using the tip of a pen.
Page 19: Putting Into Operation
User Manual Putting Into Operation Before putting the GWR Router in operation it is necessary to connect all components needed for the operation:  GSM/UMTS/LTE antenna,  Ethernet cable and  SIM card must be inserted. And finally, device should have powered up using power supply adapter. Power consumption of GWR router is 2W in standby and 3W in burst mode.
Page 20: Connecting Router
User Manual Figure 5 – Inserting SIM card CONNECTING ROUTER Warning: Use only the router’s box power supply. * Connect antennas to router. Make sure to tighten antennas so that they are not loose. * Plug AC/DC adapter cable into POWER CONNECTOR on your router. * Plug AC/DC adapter into wall power socket.
Page 21: Quick Setup
TURN LOGGING ON When troubleshooting router make sure logs are turned on. You should send logs to Geneko when submitting support request. * Click on MANAGEMENT -> LOGS link from the menu on the left side of the screen. * Click on LOCAL SYSLOG radio button, and then click on SAVE button.
Page 22: Device Configuration Using Web Application
User Manual Device configuration using web application The GWR Router’s web–based utility allows you to set up the Router and perform advanced configuration and troubleshooting. This chapter will explain all of the functions in this utility. For local access to the GWR Router’s web–based utility, launch your web browser, and enter the Router’s default IP address, 192.168.1.1, in the address field.
Page 23: Status Information
User Manual Status Information The GWR Router’s Status menu provides general information about router as well as real–time network information. Status information is divided into following categories: General Information  Lan Port Information  DHCP  WAN Information* or ADSL Information ...
Page 24: Status - Dhcp
User Manual Figure 8 – LAN Port Information Status – DHCP DHCP Information Tab provides information about DHCP clients with IP addresses gained from DHCP server, MAC addresses, expiration period, and lease status. Figure 9 – DHCP Information Status- WAN Information* WAN Port Information Tab provides information about WAN port and WAN traffic statistics ( IP address, netmask, Broadcast address, Gateway, WAN traffic statistics (in bytes) etc.) Screenshot of WAN Port Information is shown in Figure 8...
Page 25: Status- Adsl Information
User Manual Figure 10– WAN Port Information Status- ADSL Information ADSL Port Information Tab provides IP status information about interface, WAN address, primary DNS address, DSL information about upstream speed and downstream speed and Line information. Line information display ADSL line status, ADSL mode, upstream speed, downstream speed. GWR High Speed Cellular Router Series...
Page 26: Status - Mobile Information
User Manual Figure 11– ADSL Port Information Status – Mobile Information Mobile Information Tab provides information about GPRS/EDGE/HSPA/HSPA+/LTE connection and traffic statistics. Mobile information menu has three submenus which provide information about:  GPRS/EDGE/HSPA/HSPA+/LTE mobile module(manufacturer and model),  Mobile operator and signal quality, Mobile traffic statistics (in bytes) ...
Page 27: Status - Wireless Information
User Manual Status – Wireless Information Wireless Information Tab provides information about Interface Statistics, traffic statistics (in bytes), MAC address, Access Point Status, DHCP/DNS Server status and NAT status. Screenshot of Wireless Information from the router is shown in Error! Reference source not found.. Figure 13–...
Page 28: Figure 15- Router Monitoring #1
User Manual Figure 15– Router monitoring #1 Figure 16– Router monitoring #2 GWR High Speed Cellular Router Series...
Page 29: Settings -Wan Port
User Manual Settings –WAN Port* Click WAN Ports Tab, to open the WAN network screen. Use this screen to configure LAN TCP/IP settings. Figure 17– WAN Ports WAN Port Parameters Label Description Method Choose Method Static, DHCP, PPoE Metric Choose metrics to make routing decisions. Type the IP address of your GWR Router in dotted decimal notation.
Page 30: Settings - Dhcp Server
User Manual LAN Ports Parameters Label Description Metric Choose metrics to make routing decisions. Type the IP address of your GWR Router in dotted decimal notation. IP Address 192.168.1.1 is the factory default IP address. The subnet mask specifies the network number portion of an IP address. The Subnet Mask GWR Router support sub–netting.
Page 31: Table 5 - Dhcp Server Parameters
User Manual To use the GWR Router as your network’s DHCP server, click DHCP Server Tab for DHCP Server setup. The GWR Router has built–in DHCP server capability that assigns IP addresses and DNS servers to systems that support DHCP client capability. DHCP Server Parameters Label Description...
Page 32: Figure 19- Dhcp Server Configuration Page
User Manual Figure 19– DHCP Server configuration page GWR High Speed Cellular Router Series...
Page 33: Settings - Mobile Settings
User Manual Settings – Mobile Settings Click Mobile Settings Tab, to open the Mobile Settings screen. Use this screen to configure the GWR Router GPRS/EDGE/HSPA/HSPA+/LTE parameters (Error! Reference source not found.). Figure 20– Mobile Settings configuration page Mobile Settings Label Description This field specifies name of GSM/UMTS/LTE ISP.
Page 34 User Manual This field specifies Dial String for GSM/UMTS/LTE modem connection Dial String initialization. In most cases you have to change only APN field based on parameters obtained from Mobile Provider. This field cannot be altered. SIM PIN locking Enable locking of SIM card with PIN code. (PIN enabled) Enable operator This option forces your SIM card to register to predefined PLMN only.
Page 35: Table 6 - Mobile Settings Parameters
User Manual 1) Switch SIM – switches network connection from the SIM card on which data traffic limit has been reached to another SIM card, 2) Disconnect – disconnects network connection over the SIM card on which data traffic limit has been reached. Displays amount of traffic that has been transferred over SIM card from the moment of enabling "SIM data limit"...
Page 36: Settings-Adsl Port
User Manual Settings-ADSL Port Click ADSL Port Tab, to open the ADSL Settings screen. Use this screen to configure the username and password parameters (Error! Reference source not found.). Enable radio button Default route. Figure 21– ADSL Port Settings Settings – Wireless Settings Wireless settings for GWR router will give you good performance, reliability and security when using Wi-Fi.
Page 37: Figure 22- Wireless Settings Configuration Page
72.2 Mbit/s. Reload Click Reload to discard any changes and reload previous settings. Click Save button to save your changes back to the Geneko Router. Whether you Save make changes or not, router will reboot every time you click Save.
Page 38: Settings - Routing
User Manual Settings – Routing The static routing function determines the path that data follows over your network before and after it passes through the GWR Router. You can use static routing to allow different IP domain users to access the Internet through the GWR Router.
Page 39: Port Forwarding
User Manual Interface represents the “exit” of transmission for routing purposes. In this case Interface Eth0 represents LAN interface and ppp0 represents GSM/UMTS mobile interface of the GWR Router. Table 8 – Routing parameters Port forwarding Port forwarding is an application of NAT ( Network Address Translation) that redirects a communication request from one address and port number combination to another while the packets are traversing a network gateway.
Page 40: Settings - Demilitarized Zone (Dmz)
Label Description DMZ Settings Enable This field specifies if DMZ settings is enabled at the Geneko Router. IP address from LAN IP address to secure an internal network from external access. Reload Click Reload to discard any changes and reload previous settings.
Page 41: Rip Routing Engine For The Gwr Router
User Manual Figure 25– RIP configuration page RIP Settings Label Description Routing Manager Hostname Prompt name that will be displayed on telnet console. Password Login password. Enable log Enable log file. Port to bind at Local port the service will listen to. RIPD Prompt name that will be displayed on telnet console of the Routing Hostname...
Page 42 User Manual To enable RIP, use the following commands beginning in global configuration mode: ripd> ripd> en ripd# ripd# configure terminal ripd (config)# ripd(config)# router rip ripd(config-router)# To associates a network with a RIP routing process, use following commands: ripd(config-router)# network A.B.C.D/Mask By default, the GWR Router receives RIP version 1 and version 2 packets.
Page 43: Settings - Vrrp Settings
User Manual Settings – VRRP Settings VRRP (Virtual Router Redundancy Protocol) is a protocol which elects a master server on a LAN and the master answers to a 'virtual ip address'. If it fails, a backup server takes over the ip address. VRRP specifies an election protocol to provide the virtual router function described earlier.
Page 44: Generic Routing Encapsulation (Gre)
User Manual Generic Routing Encapsulation (GRE) Originally developed by Cisco, generic routing encapsulation (GRE) is now a standard, defined in RFC 1701, RFC 1702, and RFC 2784. GRE is a tunneling protocol used to transport packets from one network through another network. If this sounds like a virtual private network (VPN) to you, that’s because it theoretically is: Technically, a GRE tunnel is a type of a VPN —...
Page 45: Gre Keep Alive
User Manual Figure 27– GRE tunnel parameters configuration page GRE Keep alive GRE tunnels can use periodic status messages, known as keepalives, to verify the integrity of the tunnel from end to end. By default, GRE tunnel keepalives are disabled. Use the keepalive check box to enable this feature.
Page 46: Internet Protocol Security (Ipsec)
User Manual Internet Protocol Security (IPSec) IPSec (Internet Protocol Security) is a protocol suite for securing Internet Protocol communication by authenticating and encrypting each IP packet of a data stream. Click VPN Settings - IPSec, to open the VPN configuration screen. At the Figure 28– IPSec Summary screen you can see IPSec Summary.
Page 47: Table 14 - Ipsec Summary
User Manual Remote Group Field displays the IP address and subnet mask of the Remote Group. Remote Gateway Field shows the IP address of the Remote Device. Action - Edit This link opens screen where you can change the tunnel’s settings. Action - Delete Click on this link to delete the tunnel and all settings for that particular tunnel Field displays connection mode of the current tunnel.
Page 48: Figure 29- Ipsec Settings
User Manual Figure 29– IPSec Settings VPN Settings / IPSec Settings Label Description Tunnel Number This number will be generated automatically and it represents the tunnel number. Enter a name for the IPSec tunnel. This allows you to identify multiple tunnels Tunnel Name and does not have to match the name used at the other end of the tunnel.
Page 49 User Manual NOTE: The Local Security Group Type you select should match the Remote Security Group Type selected on the IPSec device at the other end of the tunnel. IP Address Only the computer with a specific IP address will be able to access the tunnel. Subnet Mask Enter the subnet mask.
Page 50 User Manual hackers using brute force to break encryption keys will not be able to obtain future IPSec keys. Both ends of the IPSec tunnel must enable this option in order to use the function. If the Perfect Forward Secrecy feature is disabled, then no new keys will be generated, so you do not need to set the Phase 2 DH Group.
Page 51: Table 15 - Ipsec Parameters
Compress (IP Payload IP Payload Compression is a protocol that reduces the size of IP datagram. Select Compression Protocol this option if you want the Geneko Router to propose compression when it (IP Comp)) initiates a connection. When DPD is enabled, the Geneko Router will send periodic HELLO/ACK messages to check the status of the IPSec tunnel (this feature can be used only when both peers or IPSec devices of the IPSec tunnel use the DPD mechanism).
Page 52: Openvpn
User Manual OpenVPN OpenVPN site to site allows connecting two remote networks via point–to–point encrypted tunnel. OpenVPN implementation offers a cost–effective simply configurable alternative to other VPN technologies. OpenVPN allows peers to authenticate each other using a pre–shared secret key, certificates, or username/password.
Page 53: Figure 31- Openvpn Example 1
User Manual Figure 31– OpenVPN example 1 Click VPN Settings -OpenVPN, to open the VPN configuration screen. At the Figure 28– IPSec Summary screen you can see OpenVPN Summary. This screen gathers information about settings of all defined OpenVPN tunnels. Up to 3 OpenVPN tunnels can be defined on GWR router. OpenVPN Summary and OpenVPN Settings are briefly displayed in following figures and tables.
Page 54 User Manual  pre–shared secret (Select this option if you want to use PSK as a authentication method),  username/password (Select this option if you want to use username/password along with CA Certificate as a authentication method),  X.509 cert. (client) (Select this option if you want to use X.509 certificates as a authentication method in client mode), ...
Page 55: Figure 33- Openvpn Configuration Page
User Manual Remote Interface IP Specify the IP address of the remote VPN tunnel endpoint. Address Pull from server Back Click Back to return on IPSec Summary screen. Reload Click Reload to discard any changes and reload previous settings. Click Save to save your changes back to the GWR Router. After that router Save automatically goes back and begin negotiations of the tunnels by clicking on the Start button.
Page 56: Settings - Pptp
User Manual Settings – PPTP The GWR Router can be used as a PTPP (Point-to-Point Tunneling Protocol) client. PPTP uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets. Figure 34– PPTP configuration page PPTP Label Description Number...
Page 57: Settings - L2Tp
User Manual Figure 35– PPTP Summary screen Settings – L2TP L2TP is suitable for Layer-2 tunneling. Static tunnels are useful to establish network links across IP networks when the tunnels are fixed. L2TP tunnels can carry data of more than one session. Each session is identified by a session id and its parent tunnel's tunnel id.
Page 58: Figure 37- L2Tp Summary Screen
User Manual Set the session id, which is a 32-bit integer value. Uniquely identifies the Session ID session being created. The value used must match the peer_session id value being used at the peer. Sets an optional cookie value to be assigned to the session. This is a 4 or 8 byte value, specified as 8 or 16 hex digits, e.g.
Page 59: Settings - Firewall - Ip Filtering
User Manual Settings – Firewall – IP Filtering TCP/IP traffic flow is controlled over IP address and port number through router’s interfaces in both directions. With firewall options it is possible to create rule which exactly matches traffic of interest. Traffic can be blocked or forward depending of action selected.
Page 60: Figure 38- Firewall Configuration Page
User Manual does match, then the next rule is specified by the value of the policy, which can be one of the values ACCEPT, DROP, REJECT. ACCEPT means to let the packet through. DROP means to drop the packet on the floor.The REJECT policy works basically the same as the DROP policy, but it also sends back an error message to the host sending the packet that was blocked.
Page 61: Settings - Firewall - Mac Filtering
User Manual Settings – Firewall – MAC Filtering MAC filtering can be used to restrict which Ethernet devices can send packets to the router. If MAC filtering is enabled, only Ethernet packets with a source MAC address that is configured in the MAC Filter table will be allowed.
Page 62: Settings - Dynamic Dns
User Manual Settings – Dynamic DNS Dynamic DNS is a domain name service allowing to link dynamic IP addresses to static hostname. To start using this feature firstly you should register to DDNS service provider. Section of the web interface where you can setup DynDNS parameters is shown in Error! Reference source not found..
Page 63: Settings - Serial Port
User Manual Number of tries Number of tries (default: 1) if network problem. Timeout The amount of time to wait on I/O (network problem). Period Time between update retry attempts, default value is 1800. Reload Click Reload to discard any changes and reload previous settings. Save Click Save to save your changes back to the GWR Router.
Page 64: Table 22 - Serial Port Over Tcp/Udp Parameters
User Manual Data bits Indicates the number of bits in a transmitted data package. Parity Checks for the parity bit. None is the default. The stop bit follows the data and parity bits in serial communication. It Stop bits indicates the end of transmission. The default is 1. Flow control manages data flow between devices in a network to ensure it is Flow control processed efficiently.
Page 65: Modbus Gateway Settings
User Manual Click Serial Port Tab to open the Serial Port Configuration screen. Use this screen to configure the GWR Router serial port parameters . Figure 42– Serial Port configuration page Modbus Gateway settings The serial server will perform conversion from Modbus/TCP to Modbus/RTU, allowing polling by a Modbus/TCP master.
Page 66: Table 23 - Modbus Gateway Parameters
User Manual Checks for the parity bit. Valid parity is: none, even and odd. None is the Parity default. The stop bit follows the data and parity bits in serial communication. It Stop bits indicates the end of transmission. Valid stop bits are: 1 and 2. The default is 1. Flow control manages data flow between devices in a network to ensure it is Flow control processed efficiently.
Page 67: Figure 43– Modbus Gateway Configuration
User Manual Figure 43– Modbus gateway configuration page GWR High Speed Cellular Router Series...
Page 68: Sms - Sms Remote Control
User Manual SMS – SMS Remote Control SMS remote control feature allows users to execute a short list of predefined commands by sending SMS messages to the router. GWR router series implement following predefined commands: In order to establish PPP connection, user should send SMS containing following string: :PPP–CONNECT After the command is executed, router sends a confirmation SMS with “OK”...
Page 69: Sms - Send Sms
User Manual Figure 44– SMS remote control configuration SMS – Send SMS SMS send feature allows users to send SMS message from WEB interface. In following picture is page from where SMS can be sent. There are two required fields on this page: Phone number and Message. Sending SMS messages is possible with this application.
Page 70: Maintenance
User Manual Maintenance The GWR Router provides administration utilities via web interface. Administrator can setup basic router’s parameters, perform network diagnostic, update software or restore factory default settings. Maintenance – Device Identity Settings Within Device Identity Settings Tab there is an option to define name, location of device and description of device function.
Page 71: Figure 47- Router Management Configuration Page
User Manual Figure 47– Router Management configuration page Administrator Password Label Description Enable Password By this check box you can activate or deactivate function for local (passwd) Authentication authentication when you access to web/console application. Username This field specifies Username for user (administrator) login purpose. Enter a new password for GWR Router.
Page 72: Maintenance - Date/Time Settings
User Manual Maintenance – Date/Time Settings To set the local time, select Date/Time Settings using the Network Time Protocol (NTP) automatically or Set the local time manually. Date and time settings on the GWR Router are done through window Date/Time Settings. Figure 48–...
Page 73: Maintenance - Update Firmware
You can use this feature to upgrade the GWR Router firmware to the latest version. If you need to download the latest version of the GWR Router firmware, please visit Geneko support site. Follow the on– screen instructions to access the download page for the GWR Router.
Page 74: Maintenance - Settings Backup
User Manual Maintenance – Settings Backup This feature allows you to make a backup file of complete configuration or some part of the configuration on the GWR Router. In order to backup the configuration, you should select the part of configuration you would like to backup.
Page 75: Maintenance - System Reboot
Figure 52– Default Settings page Maintenance – System Reboot If you need to restart the Router, Geneko recommends that you use the Reboot tool on this screen. Click Reboot to have the GWR Router reboot. This does not affect the router’s configuration.
Page 76: Management - Command Line Interface
User Manual Management – Command Line Interface CLI (command line interface) is a user text–only interface to a computer's operating system or an application in which the user responds to a visual prompt by typing in a command on a specified line and then receives a response back from the system.
Page 77: Management - Remote Management
Label Description Enable Remote Enable or disable Remote Management. Management Protocol Choose between Geneko and Sarian protocol. Bind to Specify the interface. TCP port Specify the TCP port. Save Click Save to save your changes back to the GWR Router.
Page 78: Getting Started With The Connection Wizard
User Manual Getting started with the Connection Wizard Connection Wizard is installed through few very simple steps and it is available immediately upon the installation. It is only for Windows OS. After starting the wizard you can choose between two available options for configuration: ...
Page 79: Figure 59- Connection Wizard - Router Detection
User Manual Figure 59– Connection Wizard – Router Detection When you select one of the routers from the list and click Next you will get to the following screen. Figure 60– Connection Wizard – LAN Settings GWR High Speed Cellular Router Series...
Page 80: Figure 61- Connection Wizard - Wan Settings
User Manual If you selected to configure LAN and WAN interface click, upon entering LAN information click Next and you will be able to setup WAN interface. Figure 61– Connection Wizard – WAN Settings After entering the configuration parameters if you mark option Establish connection router will start with connection establishment immediately when you press Finish button.
Page 81: Management - Simple Management Protocol (Snmp)
User Manual Management – Simple Management Protocol (SNMP) SNMP (Simple Network Management Protocol), is a network protocol that provides network administrators with the ability to monitor the status of the Router and receive notification of any critical events as they occur on the network. The Router supports SNMP v1/v2c and all relevant Management Information Base II (MIBII) groups.
Page 82: Management - Logs
User Manual Management – Logs Syslog is a standard for forwarding log messages in an IP network. The term "syslog" is often used for both the actual syslog protocol, as well as the application or library sending syslog messages. Syslog is a client/server protocol: the syslog sender sends a small (less than 1KB) textual message to the syslog receiver.
Page 83: Logout
User Manual The Geneko Router can send a detailed log to an external syslog server. The Router’s syslog captures all log activities and includes this information about Service server IP all data transmissions: every connection source and destination IP address, IP service, and number of bytes transferred.
Page 84 User Manual alias echo ipsec-status read times egrep iptables-view readarray arping elif jobs readlink touch else json2lua readonly basename enable kill realpath traceroute bash killall reboot trap esac return true bind eval less rip-ripd-conf break exec rip-zebra-conf type builtin exit typeset bunzip2 export...
Page 85: Configuration Examples
User Manual Configuration Examples GWR Router as Internet Router The GWR Routers can be used as Internet router for a single user or for a group of users (entire LAN). NAT function is enabled by default on the GWR Router. The GWR Router uses Network Address Translation (NAT) where only the mobile IP address is visible to the outside world.
Page 86: Gre Tunnel Configuration Between Two Gwr Routers
User Manual GRE Tunnel configuration between two GWR Routers GRE tunnel is a type of a VPN tunnel, but it is not a secure tunneling method. Simple network with two GWR Routers is illustrated on the diagram below (Error! Reference source not found.). Idea is to create GRE tunnel for LAN to LAN (site to site) connectivity.
Page 87: Figure 67- Network Configuration Page For Gwr Router 1
User Manual Figure 66– Network configuration page for GWR Router 1  Use SIM card with a static IP address, obtained from Mobile Operator. (Note the default gateway may show, or change to, an address such as 10.0.0.1; this is normal as it is the GSM/UMTS provider’s network default gateway).
Page 88: Figure 69- Routing Configuration Page For Gwr Router 1
User Manual Click Static Routes on Routing Tab to configure GRE Route. Parameters for this example are:   Destination Network: 192.168.2.0,  Netmask: 255.255.255.0,  Interface: gre_x. Figure 68– Routing configuration page for GWR Router 1 Optionally configure IP Filtering to block any unwanted incoming traffic. ...
Page 89: Figure 71- Gre Configuration Page For Gwr Router 2
User Manual parameters necessary for connection configuration should be required from mobile operator.  Check the status of GSM/UMTS connection (Mobile Settings Tab). If disconnected please click Connect button.  Click VPN Settings > GRE to configure GRE tunnel parameters: ...
Page 90: Gre Tunnel Configuration Between Gwr Router And Third Party Router
User Manual GRE Tunnel configuration between GWR Router and third party router GRE tunnel is a type of a VPN tunnels, but it isn't a secure tunneling method. However, you can encrypt GRE packets with an encryption protocol such as IPSec to form a secure VPN. On the diagram below (Error! Reference source not found.) is illustrated simple network with two sites.
Page 91: Figure 74- Lan Port Configuration Page
User Manual The GWR Router requirements:  Static IP WAN address,  Peer Tunnel Address will be the HQ router WAN IP address (static IP address),  Remote Subnet is HQ LAN IP address and Remote Subnet Mask is subnet mask of HQ LAN. GSM/UMTS APN Type: For GSM/UMTS networks GWR Router connections may require a Custom APN.
Page 92: Figure 75- Gre Configuration Page
User Manual Click VPN Settings > GRE Tunneling to configure new VPN tunnel parameters:   Enable: yes,  Local Tunnel Address: 10.10.10.1,  Local Tunnel Netmask: 255.255.255.252 (Unchangeable, always 255.255.255.252),  Tunnel Source: 172.29.8.5,  Tunnel Destination: 172.29.8.4,  KeepAlive enable: no, ...
Page 93: Ipsec Tunnel Configuration Between Two Gwr Routers
User Manual IPSec Tunnel configuration between two GWR Routers IPSec tunnel is a type of a VPN tunnels with a secure tunneling method. Simple network with two GWR Routers is illustrated on the diagram below Error! Reference source not found.. Idea is to create IPSec tunnel for LAN to LAN (site to site) connectivity.
Page 94: Scenario #1
User Manual Scenario #1 Router 1 and Router 2 , presented in the Figure 64, have firmware version that provides two modes of negotiation in IPSec tunnel configuration process:  Aggressive  Main In this scenario, aggressive mode will be used. Configurations for Router 1 and Router 2 are listed below. The GWR Router 1 configuration: Click Network Tab, to open the LAN NETWORK screen.
Page 95: Figure 79- Ipsec Configuration Page I For Gwr Router 1
User Manual Subnet Mask: 255.255.255.0.   Remote Group Setup Remote Security Gateway Type: IP Only,  IP Address: 172.29.8.5,  Remote ID Type: IP Address,  Remote Security Group Type: IP,  IP Address: 192.168.10.1.   IPSec Setup Key Exchange Mode: IKE with Preshared key, ...
Page 96: Figure 80- Ipsec Configuration Page Ii For Gwr Router 1
User Manual Figure 79– IPSec configuration page II for GWR Router 1 NOTE : Options NAT Traversal and Send Initial Contact are predefined Figure 80– IPSec configuration page III for GWR Router 1 Click Start button on Internet Protocol Security page to initiate IPSEC tunnel. NOTE: Firmware version used in this scenario also provides options for Connection mode of IPSec tunnel.
Page 97: Figure 82- Ipsec Start/Stop Page For Gwr Router 1
User Manual Figure 81– IPSec start/stop page for GWR Router 1 Click Start button and after that Connect button on Internet Protocol Security page to initiate IPSEC tunnel  On the device connected on GWR router 1 setup default gateway 10.0.10.1 The GWR Router 2 configuration: ...
Page 98 User Manual Tunnel Name: IPsec tunnel   Enable: true.  Local Group Setup Local Security Gateway Type: SIM card  Local ID Type: IP Address  IP Address From: SIM 1  Local Security Group Type: IP   IP Address: 192.168.10.1 ...
Page 99: Figure 84- Ipsec Configuration Page I For Gwr Router 2
User Manual Figure 83– IPSEC configuration page I for GWR Router 2 Figure 84– IPSec configuration page II for GWR Router 2 NOTE : Options NAT Traversal and Send Initial Contact are predefined. GWR High Speed Cellular Router Series...
Page 100: Figure 86- Ipsec Configuration Page Iii For Gwr Router 2
User Manual Figure 85– IPSec configuration page III for GWR Router 2 Click Start button on Internet Protocol Security page to initiate IPSEC tunnel. NOTE: Firmware version used in this scenario also provides options for Connection mode of IPSec tunnel. If connection mode Connect is selected that indicates side of IPSec tunnel which sends requests for establishing of the IPSec tunnel.
Page 101: Scenario #2
Connect button.  Click VPN Settings > IPSEC to configure IPSEC tunnel parameters. Click Add New Tunnel button to create new IPSec tunnel. Tunnel parameters are: Add New Tunnel  Tunnel Name: geneko,  Enable: true.   IPSec Setup Keying Mode: IKE with Preshared key, ...
Page 102: Figure 89- Ipsec Configuration Page I For Gwr Router 1
User Manual Local Security Gateway Type: SIM card,   Local ID Type: IP Address  IP Address From: SIM 1 (WAN connection is established over SIM 1),  Local Security Group Type: Subnet,  IP Address: 10.0.10.0,  Subnet Mask: 255.255.255.0. ...
Page 103: Figure 90- Ipsec Configuration Page Ii For Gwr Router 1
User Manual Figure 89– IPSEC configuration page II for GWR Router 1 Figure 90– IPSEC configuration page III for GWR Router 1 NOTE: Firmware version used in this scenario also provides options for Connection mode of IPSec tunnel. If connection mode Connect is selected that indicates side of IPSec tunnel which sends requests for establishing of the IPSec tunnel.
Page 104: Figure 92- Ipsec Start/Stop Page For Gwr Router 1
Click VPN Settings > IPSEC to configure IPSEC tunnel parameters. Click Add New Tunnel button to create new IPSec tunnel. Tunnel parameters are: Add New Tunnel  Tunnel Name: geneko  Enable: true  GWR High Speed Cellular Router Series...
Page 105 User Manual  IPSec Setup  Keying Mode: IKE with Preshared key Mode: main  Phase 1 DH group: Group 2  Phase 1 Encryption: 3DES  Phase 1 Authentication: MD5  Phase 1 SA Life Time: 28800   Perfect Forward Secrecy: true ...
Page 106: Figure 94- Ipsec Configuration Page I For Gwr Router 2
User Manual Figure 93– IPSEC configuration page I for GWR Router 2 Figure 94– IPSEC configuration page II for GWR Router 2 Figure 95– IPSEC configuration page III for GWR Router 2 GWR High Speed Cellular Router Series...
Page 107: Figure 97- Ipsec Start/Stop Page For Gwr Router 1
User Manual NOTE: Firmware version used in this scenario also provides options for Connection mode of IPSec tunnel. If connection mode Connect is selected that indicates side of IPSec tunnel which sends requests for establishing of the IPSec tunnel. If connection mode Wait is selected that indicates side of IPSec tunnel which listens and responses to IPSec establishing requests from Connect side.
Page 108: Ipsec Tunnel Configuration Between Gwr Router And Cisco Router
User Manual IPSec Tunnel configuration between GWR Router and Cisco Router IPSec tunnel is a type of a VPN tunnels with a secure tunneling method. On the diagram below is illustrated simple network with GWR Router and Cisco Router. Idea is to create IPSec tunnel for LAN to LAN (site to site) connectivity.
Page 109: Figure 99-Lan Port Configuration Page For Gwr Router
User Manual Figure 98–LAN Port configuration page for GWR Router  Click Mobile Settings Tab to configure parameters necessary for GSM/UMTS/LTE connection. All parameters necessary for connection configuration should be required from mobile operator.  Check the status of GSM/UMTS connection (Mobile Settings Tab). If disconnected please click Connect button.
Page 110 User Manual Figure 99– IPSEC configuration page I for GWR Router Figure 100– IPSec configuration page II for GWR Router Figure 101– IPSec configuration page III for GWR Router GWR High Speed Cellular Router Series...
Page 111: Figure 103- Ipsec Start/Stop Page For Gwr Router
User Manual Click Start button on Internet Protocol Security page to initiate IPSEC tunnel.  Click Start button and after that Connect button on Internet Protocol Security page to initiate IPSEC tunnel Figure 102– IPSec start/stop page for GWR Router ...
Page 112 User Manual crypto ipsec transform–set testGWR esp–3des esp–sha–hmac !––– Instances of the dynamic crypto map !––– reference previous IPsec profile. crypto dynamic–map dynGWR 5 set transform–set testGWR set isakmp–profile L2L match address 121 !––– Crypto–map only references instances of the previous dynamic crypto map. crypto map GWR 10 ipsec–isakmp dynamic dynGWR interface FastEthernet0/0 description WAN INTERFACE...
Page 113: Ipsec Tunnel Configuration Between Gwr Router And Juniper Ssg Firewall
User Manual  show ip interface—Displays the IP address assignment to the spoke router.  show crypto isakmp sa detail—Displays the IKE SAs, which have been set–up between the IPsec initiators.  show crypto ipsec sa—Displays the IPsec SAs, which have been set–up between the IPsec initiators. ...
Page 114: Figure 105- Network Configuration Page For Gwr Router
User Manual Figure 104– Network configuration page for GWR Router  Use SIM card with a static IP address, obtained from Mobile Operator.  Click WAN Settings Tab to configure parameters necessary for GSM/UMTS connection. All parameters necessary for connection configuration should be required from mobile operator. ...
Page 115: Figure 106- Ipsec Configuration Page I For Gwr Router
User Manual NAT Traversal: true,   Press Save to accept the changes. Figure 105– IPSEC configuration page I for GWR Router Figure 106– IPSec configuration page II for GWR Router GWR High Speed Cellular Router Series...
Page 116 User Manual Figure 107– IPSec configuration page III for GWR Router  Click Start button on Internet Protocol Security page to initiate IPSEC tunnel. Click Start button and after that Connect button on Internet Protocol Security page to initiate IPSEC tunnel Figure 108–...
Page 117 User Manual The Juniper SSG firewall configuration: Step1 – Create New Tunnel Interface  Click Interfaces on Network Tab. Figure 109– Network Interfaces (list)  Bind New tunnel interface to Untrust interface (outside int – with public IP addresss).  Use unnumbered option for IP address configuration.
Page 118 User Manual Step 2 – Create New VPN IPSEC tunnel  Click VPNs in main menu. To create new gateway click Gateway on AutoKey Advanced tab. Figure 111– AutoKey Advanced Gateway  Click New button. Enter gateway parameters: Gateway name: TestGWR, Security level: Custom, Remote Gateway type: Dynamic IP address( because your GWR router are hidden behind Mobile operator router’s (firewall) NAT),...
Page 119 User Manual  Click Advanced button. Security level – User Defined: custom, Phase 1 proposal: pre–g2–3des–sha, Mode: Agressive(must be aggressive because of NAT), Nat–Traversal: enabled, Click Return and OK. Figure 113– Gateway advanced parameters Step 3 – Create AutoKey IKE ...
Page 120 User Manual AutoKey IKE parameters are: VPNname: TestGWR, Security level: Custom, Remote Gateway: Predefined, Choose VPN Gateway from step 2. Figure 115– AutoKey IKE parameters  Click Advanced button. Security level – User defined: custom, Phase 2 proposal: pre–g2–3des–sha, Bind to – Tunnel interface: tunnel.3(from step 1), Proxy ID: Enabled, LocalIP/netmask: 10.10.10.0/24, RemoteIP/netmask: 192.168.10.0/24,...
Page 121 User Manual Figure 116– AutoKey IKE advanced parameters Step 4 – Routing  Click Destination tab on Routing menu.  Click New button. Routing parameters are: IP Address: 192.168.10.0/24, Gateway: tunnel.3(tunnel interface from step 1), Click OK. Figure 117– Routing parameters GWR High Speed Cellular Router Series...
Page 122 User Manual Step 5 – Policies  Click Policies in main menu.  Click New button (from Untrust to trust zone), Source Address: 192.168.10.0/24, Destination Address: 10.10.10.0/24, Services: Any.  Click OK. Figure 118– Policies from untrust to trust zone ...
Page 123 User Manual Figure 119– Policies from trust to untrust zone GWR High Speed Cellular Router Series...
Page 124: Openvpn Tunnel Between Gwr Router And Openvnp Server
OpenVPN configuration example Open VPN is established between one central locations and three remote locations with Geneko router configured in TCP client mode. Authentication used is pre-shared key. Figure 120– Multipoint OpenVPN topology...
Page 125 User Manual 255.255.255.252 subnet) dev-node adap1 Selection of virtual network adapter named adap1 secret key.txt Implementing file with pre-shared secret named key.txt ping 10 Keepalive comp-lzo LZO compression enabled disable-occ disable option consistency b) Save configuration file in C:\Program Files\OpenVPN\config as name.ovpn file. It is OpenVPN configuration file directory and you can reach it directly through Start menu>OpenVPN where you get options: Figure 121 -OpenVPN application settings...
Page 126 User Manual Configuration file for third remote location is: proto tcp-server dev tun ifconfig 2.2.2.9 2.2.2.10 dev-node adap3 secret key.txt ping 10 comp-lzo disable-occ All three configuration files (e.g. Server1.ovpn, Server2.ovpn, Server3.ovpn) have to be saved in same directory C:\Program Files\OpenVPN\config. Name of configuration file is name of your OpenVPN tunnel.
Page 127 User Manual Figure 122 – OpenVPN GWR settings Where pre-shared secret you paste from the key.txt file which you generate on OpenVPN server. In routing table static ip route to local OpenVPN server network (in this case it is 192.168.2.0/24) should be entered.
Page 128: Port Forwarding Example
User Manual Port forwarding example Port forwarding feature enables access to workstations behind the router and redirecting traffic in both traffic flow directions – inbound and outbound. Direction is selected by interface – PPP0 for inbound (WAN -> ETH0) and ETH0 for outbound traffic (ETH0 ->WAN). In the following example there are three types of access to LAN network enabled, every workstation with different service allowed from the outside.
Page 129: Serial Port - Example
User Manual Figure 127– GWR port forwarding configuration Serial port – example For connecting serial devices from remote locations to central location serial transparent conversion can be used. Serial communication is encapsulated in TCP/IP header and on the central location is recognized by the Virtual COM port application.
Page 130 User Manual Figure 129– GWR Serial port settings Option SERIAL PORT OVER TCP/UDP SETTINGS is used for configuration of transparent serial communication. Configuration parameters are presented in picture below Figure 130– GWR settings for Serial-to-IP conversion General Settings  Serial port over TCP/UDP settings Serial port settings GWR High Speed Cellular Router Series...
Page 131 User Manual  Bits per second: 57600  Data bits: 8  Parity: none  Stop bits: 1  Flow control: none TCP/UDP Settings  Protocol: TCP  Mode: client  Server IP address: 96.34.56.2 (IP address of server)  Connect to TCP port: 1234 ...
Page 132: Firewall - Example
User Manual Figure 132– Settings for virtual COM port  IP address: - (not used in server mode)  Port: 1234  Server Port: 1234  Port Name: COM10 (random selected) After “Create COM” is activated if everything is alright in log will be shown message that port COM10 is created, like in picture above.
Page 133 User Manual Accepts telnet connection from the outside to router’s WAN interface, for management over CLI interface Allow HTTP on ppp_0 Accepts WEB traffic from the outside to router’s WAN interface, for management over WEB interface Allow PING on ppp_0-with DDoS filter ICMP traffic to WAN interface of the router is allowed with prevention of Distributed Denial-of-service attack Allow RIP protocol...
Page 134 User Manual Figure 133– Firewall example Firewall is enabled in SETTINGS>FIREWALL page. Page for firewall configuration is presented in the following picture: Figure 134– Initial firewall configuration on GWR Firstly firewall should be enabled, that is done by selecting: Firewall General Settings>Enable Firewall can be configured by enabling or editing existing, predefined rules or by adding new one.
Page 135 User Manual Firewall is configured in following way: Telnet traffic is denied Select predefined rule number 3. Configuration page like on picture below is shown. Figure 135– Filtering of Telnet traffic ENABLE option should be selected to have this rule active. To deny Telnet traffic POLICY should be changed from ACCEPT to REJECT (ICMP error message type can be selected when policy reject is selected).
Page 136 User Manual Configuration should be like on the picture below. Figure 136– Filtering of ICMP traffic After configuration is finished SAVE button should be selected and user is returned to main configuration page. Priority of rule is changed by selecting number in drop-down menu. In this example number 4 is selected.
Page 137 User Manual Figure 137– Allowing ICMP traffic After configuration is finished SAVE button should be selected and user is returned to main configuration page. Priority of rule is changed by selecting number in drop-down menu. In this example number 5 is selected. Establishing of IPSec tunnel is allowed Firewall has to allow IKE and ESP protocol for IPSec tunnel establishment.
Page 138 User Manual 212.62.38.210. Policy should be configured in following way: Enable: selected Source address: Single IP; 212.62.38.210 All other settings should remain the same like in the picture below Figure 139– Allowing WEB access After configuration is finished SAVE button should be selected and user is returned to main configuration page.
Page 139 User Manual This is first rule in predefined firewall settings (Allow ALL from local LAN). It is recommended to have this rule enabled to allow access to management interfaces of the router. As this rules is already configured it is enough just to enable it to have access to router from LAN: Select EDIT of the rule Enable: selected SAVE and exit...
Page 140: Sms Management - Example
User Manual number 9 is selected. Additionally to these 11 rules two more rules are enabled: Allow already established traffic (priority number 2) Reject all other traffic (priority number 22) After all rules are configured and saved button APPLY RULES in bottom right corner should be selected to activate traffic filtering.
Page 141: Defining Keepalive Functionality
User Manual Figure 142– Configuration page for SMS management Settings are following:  Enable Remote Control: Enabled  Use default SMSC: Enabled  Phone Number 1,2…5: Allowed phone number From the mobile phone user can send 6 different commands for router management. Commands are following: 1.
Page 142 User Manual performed. If PPP should be restarted only when all packets are dropped defined value should be 100%. In following example keepalive is enabled on both SIM cards. Action defined is SWITCH SIM so router will change SIM card when link failure is detected. Settings are following: SIM1 Ping target: 8.8.8.8...
Page 143: Apendix
User Manual Apendix A. How to Achieve Maximum Signal Strength with GWR Router? The best throughput comes from placing the device in an area with the greatest Received Signal Strength Indicator (RSSI). RSSI is a measurement of the Radio Frequency (RF) signal strength between the base station and the mobile device, expressed in dBm.
Page 144 GENEKO Bul. Despota Stefana 59a 11000 Belgrade • Serbia Phone: +381 11 3340-591, 3340-178 Fax: +381 11 3224-437 e-mail: gwrsupport@geneko.rs www.geneko.rs UM GWR362-462 Rev. A Dec 15...

This manual is also suitable for:

Gwr

Geneko GWR252-B User Manual

Document Approval

List of Figures

List of Tables

Description of the Gprs/Edge/Hspa Router Series

Device Configuration

Device Configuration Using Web Application

Configuration Examples

Apendix

Quick Links

USER MANUAL

Need help?

Questions and answers

Related Manuals for Geneko GWR252-B

Summary of Contents for Geneko GWR252-B

This manual is also suitable for:

Table of Contents