Download Print this page

virtual access GW6610 User Manual

Gw6600 series and gw6600v series

Hide thumbs Also See for GW6610:

User manual (519 pages)

Table Of Contents

Table of Contents

Advertisement

Quick Links

GW6600 Series and GW6600V

Series User Manual

Issue:

1.5

Date:

09 September 2016

Table of Contents

Advertisement

Table of Contents

Need help?

Need help?

Do you have a question about the GW6610 and is the answer not in the manual?

Questions and answers

Summary of Contents for virtual access GW6610

Page 1 GW6600 Series and GW6600V Series User Manual Issue: Date: 09 September 2016...
Page 2: Table Of Contents
5.13 Certs and private keys ................32 5.14 Configuring a router’s web server ............. 33 5.15 Basic authentication (httpd conf) .............. 38 _______________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 2 of 384...
Page 3 User management using UCI ..............79 11.10 Configuring the management user password using UCI ......81 11.11 Configuring management user password using package options ....81 _______________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 3 of 384...
Page 4 14 Configuring SAToP and CESoPSN .............. 123 14.1 What are SAToP and CESoPSN? .............. 123 14.2 Clocking ....................123 14.3 Virtual Access proprietary SAToP/CESoPSN protocol extension ....124 14.4 Configuration package used ..............124 14.5 Configuring SAToP/CESoPSN ..............125 14.6 Configuring main settings using UCI ............
Page 5 Creating a WiFi in Client mode using the web interface ......194 21.6 Configuring WiFi in Client mode using command line ......... 195 22 Configuring a mobile connection .............. 197 _______________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 5 of 384...
Page 6 Configuring firewall using the web interface ..........273 27.3 Configuring firewall using UCI ..............285 27.4 IPv6 notes ................... 287 27.5 Implications of DROP vs. REJECT ............287 _______________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 6 of 384...
Page 7 GRE diagnostics ..................345 34 Configuring multicasting using PIM and IGMP interfaces ......347 34.1 Overview ..................... 347 34.2 Configuration package used ..............347 _______________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 7 of 384...
Page 8 Configuring SLA for a router using the web interface ......... 380 37.3 Configuring SLA for a router using the UCI interface ........382 _______________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 8 of 384...
Page 9: Introduction
_______________________________________________________________________________________________________ 1 Introduction Based on the very latest ADSL2+, WiFi and 3G HSPA+ technology, Virtual Access GW6600 Series routers address the needs of today’s businesses for managed resilient broadband connectivity. Point of Sale (POS), retail branch office, security monitoring and other key business applications demand managed connectivity that is cost-effective, high performance and resilient to network outage or last mile circuit failure.
Page 10 However the documentation usually assumes that a section label is not configured. The following table shows fields from a variety of chapters to illustrate the explanations above. _______________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 10 of 384...
Page 11 Diagnostics are explained at the end of each feature’s chapter. 1.2.4 UCI commands For detailed information on using UCI commands, read chapters ‘Router File Structure’ and ‘Using Command Line Interface’. _______________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 11 of 384...
Page 12: Gw6600 Series Hardware
GW6600V Series hardware features Dual SIM sockets • • Quad antenna SMA connectors • Four Gigabit Ethernet ports • Optional V.92 dial modem _______________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 12 of 384...
Page 13: Gsm And Lte Technology
The operating temperature range depends on the router’s type of power supply. Standard AC PSU: 0°C to +65°C Optional industrial PSU -20°C to +65°C DC input cable 0°C to +65°C _______________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 13 of 384...
Page 14: Antenna
1 x lockable SIM cover. 1 x 3G antenna 1 x WiFi antenna Extra antennas Virtual Access supplies a wide range of antennas for 3G and WiFi. Please visit our website: www.virtualaccess.com contact Virtual Access for more information. Table 3: GW6600 Series router optional components _______________________________________________________________________________________________________ ©...
Page 15: Inserting The Sim Cards
If you are connecting one antenna, screw the antenna into either of the WiFi SMA connectors. You can use a second WiFi antenna if necessary. _______________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 15 of 384...
Page 16: Powering Up
You can use recovery mode to manipulate the config files, but should only be used if all other configs files are corrupt. If your router has entered recovery mode, contact your local reseller for access information. _______________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 16 of 384...
Page 17: Gw6600 Series Led Behaviour
Data link connected and signal strength <= -89dBm. Signal Strength Data link connected and signal strength between -89dBm and -69dBm. LEDs Data link connected and signal strength >-69dBm. _______________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 17 of 384...
Page 18 Flashing Modem training. No data transmit. V.92 DAT LED Flashing Transmit data. Table 5: V.92 LED behaviour descriptions Applies to the GW6610-ALL model. CESoP enabled. ALL SYN LED CESoP disabled. Receive data. ALL DAT LED No data received. Table 6: ALL LED behaviour descriptions Applies to the GW6610-ISDN model.
Page 19: Ethernet Port Led Behaviour
Speed LED (amber) Flashing Link operating at 100Mbps or 10 Mbps Note: LED descriptions apply to all GW6600 Series and GW6600V Series models. _______________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 19 of 384...
Page 20: Factory Configuration Extraction From Sim Card
4: Factory configuration extraction from SIM card _______________________________________________________________________________________________________ 4 Factory configuration extraction from SIM card Virtual Access routers have a feature to update the factory configuration from a SIM card. This allows you to change the factory configuration of a router when installing the SIM.
Page 21: Accessing The Router
The default settings are shown below. The username and password are case sensitive. In the username field, type root. In the Password field, type admin. Click Login. The Status page appears. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 21 of 384...
Page 22: Accessing The Router Over Ethernet Using An Ssh Client
SCP server. No dedicated SPC client is supported; select the SCP client software of your own choice. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 22 of 384...
Page 23: Accessing The Router Over Ethernet Using A Telnet Client
Scroll down the page and click Save & Apply. Note: the username ‘root’ cannot be changed. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 23 of 384...
Page 24: Configuring The Password Using Uci
‘newpassword’ The new password will take effect after reboot and will now be displayed in encrypted format via the hashpassword option. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 24 of 384...
Page 25: Accessing The Device Using Radius Authentication
'radius' servers '192.168.0.1:3333|test|20 192.168.2.5|secret|10' UCI/Package Option Description UCI: system.@pam_auth[0].enabled=yes Enables and disables RADIUS configuration sections. Opt: enabled Enables following RADIUS _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 25 of 384...
Page 26: Accessing The Device Using Tacacs+ Authentication
'main' option hostname 'VirtualAccess' option timezone 'UTC' config pam_auth option enabled 'yes' option pamservice 'sshd' option pammodule 'auth' option pamcontrol 'sufficient' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 26 of 384...
Page 27 'yes' option pamservice 'luci' option pammodule 'account' option pamcontrol 'sufficient' option type 'tacplus' option servers '192.168.0.1:49|secret' option args 'service=ppp' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 27 of 384...
Page 28 'sufficient' option type 'tacplus' option servers '192.168.0.1:49|secret' option args 'service=ppp' UCI/Package Option Description UCI: system.@pam_auth[0].enabled=yes Enables and disables TACACS configuration sections. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 28 of 384...
Page 29: Ssh
The router uses a package called Dropbear to configure the SSH server on the box. You can configure Dropbear via the web interface or through an SSH connection by editing the file stored on: /etc/config_name/dropbear. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 29 of 384...
Page 30 In the top menu, click System -> Administration. The Administration page appears. Scroll down to the SSH Access section. Figure 8: The SSH access section _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 30 of 384...
Page 31: Package Dropbear Using Uci
Table 9: Information table for SSH access settings 5.12 Package dropbear using UCI root@VA_router:~# uci show dropbear dropbear.@dropbear[0]=dropbear dropbear.@dropbear[0].PasswordAuth=on dropbear.@dropbear[0].RootPasswordAuth=on dropbear.@dropbear[0].GatewayPorts=0 dropbear.@dropbear[0].IdleTimeout=30 dropbear.@dropbear[0].Port=22 dropbear.@dropbear[0].MaxLoginAttempts=3 Package dropbear using package options _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 31 of 384...
Page 32: Certs And Private Keys
If you have generated your own SSH public keys, you can input them in the SSH Keys section, for SSH public key authentication. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 32 of 384...
Page 33: Configuring A Router's Web Server
To configure the router’s HTTP server parameters, in the top menu, select Services -> HTTP Server. The HTTP Server page has two sections. Main Settings Server configurations Certificate Settings SSL certificates. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 33 of 384...
Page 34: Main Settings
ASN.1/DER private key used to serve HTTPS connections. If no listen_https options are given the key options are ignored. UCI: uhttpd.main.key /etc/uhttpd.key Opt: key Range _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 34 of 384...
Page 35 Does not follow symbolic links if enabled. UCI: uhttpd.main.no_symlinks Disabled. Opt: no_symlinks Enabled. Web: N/A Does not generate directory listings if enabled. UCI: uhttpd.main.no_dirlists Disabled. Opt: no_symlinks Enabled. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 35 of 384...
Page 36 '/www' option rfc1918_filter '1' option cert '/etc/uhttpd.crt' option key '/etc/uhttpd.key' option cgi_prefix '/cgi-bin' option script_timeout '60' option network_timeout '30' option config '/etc/http.conf' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 36 of 384...
Page 37 Activation, this must be set to the serial number (Eth0 UCI: uhttpd.commonname MAC address) of the device. Opt: commonname Table 11: Information table for HTTP server certificate settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 37 of 384...
Page 38: Basic Authentication (Httpd Conf)
If you use $p$… format, uhttpd will compare the client provided password against the one stored in the shadow or passwd database. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 38 of 384...
Page 39: Securing Uhttpd
Then modify the configuration appropriately: uci set uhttpd.main.listen_http='192.168.1.1:80' uci set uhttpd.main.listen_https='192.168.1.1:443' config 'uhttpd' 'main' list listen_http 192.168.1.1:80 list listen_https 192.168.1.1:443 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 39 of 384...
Page 40: Configuring Dynamic Dns
6 Configuring Dynamic DNS 6.1 Overview Dynamic DNS (DDNS) functionality on a Virtual Access router will dynamically perform DDNS updates to a server so it can associate an IP address with a correctly associated DNS name. Users can then contact a machine, router, device and so on with a DNS name rather than a dynamic IP address.
Page 41: Dynamic Dns Settings
IP is a associated with a network configuration Opt: ip_source interface IP is associated with an interface IP is associated with a URL _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 41 of 384...
Page 42: Dynamic Dns Using Uci
Dynamic DNS uses the ddns package /etc/config/ddns 6.4.1 UCI commands for DDNS root@VA_router:~# uci show ddns ddns.ddns1=service ddns.ddns1.enabled=1 ddns.ddns1.service_name=dyndns.org ddns.ddns1.domain=fqdn_of_interface ddns.ddns1.username=testusername ddns.ddns1.password=testpassword ddns.ddns1.ip_source=network ddns.ddns1.ip_network=dsl0 ddns.ddns1.check_interval=10 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 42 of 384...
Page 43 'test' option ip_source 'network' option ip_network 'dsl0' option check_interval '10' option check_unit 'minutes' option force_interval '72' option force_unit 'hours' option interface 'dsl0' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 43 of 384...
Page 44: System Settings
Configure the router’s web language and style. Time synchronization Configure the NTP server in this section. 7.2.1 General settings Figure 15: General settings in system properties _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 44 of 384...
Page 45 UCI: system.main.log_ip Range Opt: log_ip 0.0.0.0 Web: External system log server port External syslog server port number. UCI: system.main.log_port Range Opt: log_port _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 45 of 384...
Page 46 Table 14: Information table for the logging section 7.2.3 Language and style Figure 17: The language and style section in system properties _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 46 of 384...
Page 47: System Reboot
In the top menu, select System -> Reboot. The System page appears. Ensure you have saved all your configuration changes before you reboot. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 47 of 384...
Page 48: System Settings Using Uci
'system' 'main' option 'hostname' "VA_router" option 'timezone' "UTC" option 'log_ip' "1.1.1.1" option 'log_port' "514" option time_save_interval_min "10" option conloglevel '8' option cronloglevel '8' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 48 of 384...
Page 49: System Diagnostics
Set the options ‘log_file’, ‘log_size’ and ‘log_type’ as below: root@VA_router:~# uci export system package system _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 49 of 384...
Page 50 Shows end of the events stored flash. root@VA_router:~# tail –f /root/syslog.messages & Shows the log on an ongoing basis. To stop this option, press ctrl-c. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 50 of 384...
Page 51: Upgrading Router Firmware
8 Upgrading router firmware 8.1 Upgrading firmware using the web interface Copy the new firmware issued by Virtual Access to a PC connected to the router. In the top menu, select System tab > Backup/Flash Firmware. The Flash operations page appears.
Page 52 To verify that the router has been upgraded successfully, click Status in the top menu. The Firmware Version shows in the system list. Figure 23: The system status list _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 52 of 384...
Page 53: Upgrading Firmware Using Cli
To set the next image to boot to the alternative image, enter: vacmd set next image altimage For your configuration changes to apply, you must reboot your router. Enter: reboot _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 53 of 384...
Page 54: Router File Structure
Figure 24: The status page System information is also available from the CLI if you enter the following command: root@VA_router:~# va_vars.sh _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 54 of 384...
Page 55: Image Files
At any given time, only one of the configurations is the active configuration. The UCI system tool (Unified Configuration Interface) only acts upon the currently active configuration. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 55 of 384...
Page 56: Viewing And Changing Current Configuration
<config>[.<section[.<option>]] Deletes the given section or option. Table 1: Common commands, target and their descriptions _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 56 of 384...
Page 57: Managing Configurations
The current running configuration file may be exported using the web interface. In the top menu, select System > Backup/Flash Firmware. The Flash operations page appears. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 57 of 384...
Page 58 –c /etc/factconf/ export To export config1 or config2 configuration file, enter: root@VA_router:~# uci –c /etc/config1/ export root@VA_router:~# uci –c /etc/config2/ export _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 58 of 384...
Page 59: Importing A Configuration File
Figure 27: The system – restoring…page When the ‘waiting for router’ icon disappears, the upgrade is complete, and the login homepage appears. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 59 of 384...
Page 60 <paste in config file> <CTRL-D> Note: it is very important that the config file is in the correct format otherwise it will not import correctly. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 60 of 384...
Page 61: Using The Command Line Interface
10: Using the Command Line Interface _______________________________________________________________________________________________________ 10 Using the Command Line Interface This chapter explains how to view Virtual Access routers' log files and edit configuration files using a Command Line Interface (CLI) and the Unified Configuration Interface (UCI) system.
Page 62 3 11:37 usr lrwxrwxrwx 1 root root 4 Jul 16 2012 var -> /tmp drwxr-xr-x 4 root root 67 Jul 16 2012 www _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 62 of 384...
Page 63 374 root 344 R ps ax 375 root 400 S /bin/sh /sbin/hotplug button 384 root 396 R /bin/sh /sbin/hotplug button 385 root [keventd] _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 63 of 384...
Page 64: Using Unified Configuration Interface (Uci)
-f <file> use <file> as input instead of stdin when importing, merge data into an existing package _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 64 of 384...
Page 65 Note: all operations do not act directly on the configuration files. A commit command is required after you have finished your configuration. root@VA_router:~# uci commit _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 65 of 384...
Page 66 To show the configuration ‘tree’ for a given config, enter: root@VA_router:/# uci show network network.loopback=interface network.loopback.ifname=lo network.loopback.proto=static network.loopback.ipaddr=127.0.0.1 network.loopback.netmask=255.0.0.0 network.lan=interface network.lan.ifname=eth0 network.lan.proto=dhcp network.wan=interface network.wan.username=foo _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 66 of 384...
Page 67 To set the image to run on next reboot, enter: root@VA_router:~# vacmd set next image [image1|image2|altimage] root@VA_router:~# reboot _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 67 of 384...
Page 68 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 68 of 384...
Page 69: Configuration Files
10.3 Configuration files The table below lists common package configuration files that can be edited using uci commands. Other configuration files may also be present depending on the specific options available on the Virtual Access router. File Description Management /etc/config/autoload...
Page 70 It is important to note that identifiers and config file names may only contain the characters a-z, A-Z, 0-9 and _. However, option values may contain any character, as long they are properly quoted. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 70 of 384...
Page 71: Management Configuration Settings
11.2 Monitor Monitor is a Virtual Access proprietary tool, based on SNMP protocol, to monitor wide networks of deployed routers. The router will be configured to send information to Monitor, which is then stored and viewed centrally via the Monitor application. This includes features such as traffic light availability status, syslog and SLA monitoring.
Page 72: Autoload: Boot Up Activation
In the top menu, select Services ->Autoload. The Autoload page has two sections: Basic Settings and Entries. Click Add to access configuration settings for each section. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5...
Page 73 Defines how many minutes to back off for if a download and all retires fail. After the backoff period, the entire autoload sequence UCI: autoload.main.BackoffTimer will start again. Opt: Backofftimer Range _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 73 of 384...
Page 74 Opt: RemoteFilename $$ ini Request configuration $$ img Request firmware Note: $$.vas should always be requested last. Table 18: Information table for autoload _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 74 of 384...
Page 75: Autoload Using Uci
'Enabled' "yes" option 'StartTimer' "10" option 'RetryTimer' "30" option 'NumberOfRetries' "5" option 'BackoffTimer' "15" option 'BootUsingConfig' "altconfig" option 'BootUsingImage' "altimage" config 'entry' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 75 of 384...
Page 76: Http Client: Configuring Activation Using The Web Interface
To configure HTTP Client for Activator, in the top menu, click Services -> HTTP Client. The HTTP Client page has two sections: Basic Settings and Advanced Settings. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5...
Page 77 Advanced settings Web: ActivatorDownloadPath Specifies the URL on Activator to which the client should send requests. UCI: httpclient.default.ActivatorDownloadPath /Activator/Sessionle ss/Httpserver.asp Opt: ActivatorDownloadPath Range _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 77 of 384...
Page 78: Httpclient: Activator Configuration Using Uci
Table 19: Information table for HTTP client 11.8 Httpclient: Activator configuration using UCI root@VA_router:~# uci show httpclient httpclient.default=core httpclient.default.Enabled=yes httpclient.default.FileServer=10.1.83.36:80 10.1.83.37:80 httpclient.default.SecureFileServer=10.1.83.36:443 10.1.83.37:443 httpclient.default.ActivatorDownloadPath=/Activator/Sessionless/Httpserver. httpclient.default.SecureDownload=no httpclient.default.PresentCertificateEnabled=no _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 78 of 384...
Page 79: User Management Using Uci
User management is not currently available using the web interface. You can configure the feature using UCI or Activator. 11.9.1 User management packages Package Sections management_users users _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 79 of 384...
Page 80: Configuring User Management
The user must use their new user login details. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 80 of 384...
Page 81: Configuring The Management User Password Using Uci
The new password will take effect after reboot and will now be displayed in encrypted format via the hashpassword option. 11.12 User management using UCI root@VA_router:~# uci show management_users management_users.@user[0]=user management_users.@user[0].enabled=1 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 81 of 384...
Page 82: Configuring User Access To Specific Web
To specify monitor widgets only, enter: listallowed_pages 'monitor/<widgetname>' Example widget names are: dhcp, arp, 3gstats, interfaces, memory, multiwan, network, openvpn, routes, system, ipsec, dmvpn, tservd. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 82 of 384...
Page 83: Configuring An Adsl Interface
If you select the routed PPP service, you can run the PPP over ATM (PPPoA) or over Ethernet (PPPOE). The following diagrams illustrate the topology of these connections. Figure 30: A routed ADSL connection over PPPoA _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 83 of 384...
Page 84: Configuration Package Used
DHCP or PPP to dial into the provider network. In the Interface Overview section, click Add new interface. The Create Interface page appears. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 84 of 384...
Page 85 Web: Cover the following interface Select interfaces for bridge connection. UCI: network.[..x..].ifname Opt:ifname Table 21: Information table for the create new interface page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 85 of 384...
Page 86: Pppoa: General Setup
UCI: network.[..x..]. atmdev Opt:atmdev Web: ATM Virtual Channel Identifier (VCi) UCI: network.[..x..].vci Range Opt:vci Web: ATM Virtual Path Identifier (VPi) UCI: network.[..xx..].vpi Range Opt:vpi _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 86 of 384...
Page 87: Pppoa: Advanced Settings
Web: Use DNS servers advertised If disabled, DNS from peer will not be accepted. by peer Disabled. UCI: network.[..x..].peerdns Enabled. Opt: peerdns _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 87 of 384...
Page 88: Pppoa: Firewall Settings
Select existing firewall zone or select unspecified –or-create to create new firewall zone. UCI: firewall.@zone[2].name Opt: name Table 24: Information table for PPPoADSL interface _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 88 of 384...
Page 89: Creating An Adsl Pppoa Connection Using Uci
'test5' To view uci commands, enter: uci show network network.adsl.fwannex=a network.adsl.annex=a network.adsl.Enabled=yes network.ADSL=interface network.ADSL.proto=pppoa network.ADSL.encaps=vc network.ADSL.atmdev=0 network.ADSL.vci=35 network.ADSL.vpi=0 network.ADSL.username=test5@pppoa.com network.ADSL.password=test5 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 89 of 384...
Page 90: Creating A New Adsl Pppoeoa Connection
Select either LLC or VC-Mux. UCI: network.@atm-bridge[x].encaps VC-Mux Virtual circuit multiplexing. Opt: encaps Logical Link Control. Table 25: Information table for ATM bridges _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 90 of 384...
Page 91 12.9.3 Create a new PPPoEoA interface Scroll to the top of the page and click Add new interface….the Create Interface page appears. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 91 of 384...
Page 92 Select Custom Interface, and then type nas0. UCI: network.[..x..].ifname Opt: ifname Table 27: Information table for create a new interface section Click Submit. The Interfaces page appears. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 92 of 384...
Page 93 Leave this field empty to autodetect, or type the Service name. Web: Service name UCI: network.[..x..].service Opt: service Table 28: Information table for the new PPPoEoA interface _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 93 of 384...
Page 94 Closes inactive connection after the given amount of seconds. Use 0 to persist connection. UCI: network.[..x..].demand Range Opt: demand Table 29: Information table for PPPoA advanced settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 94 of 384...
Page 95: Configuring An Adsl Pppoeoa Connection Using Uci
'pppoe' option ifname 'nas0' option username 'test5@pppoe.com' option password 'test5' option ac 'test' option service 'test' option defaultroute '0' config atm-bridge _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 95 of 384...
Page 96: Configuring An Adsl Bridge Connection With Static Ip
Scroll down to the bottom of the page until you see the ATM Bridges section. Click Add. The ATM Bridges page appears. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 96 of 384...
Page 97 12.11.2 Bridged connection with static IP: advanced settings Select the Advanced Settings tab. The ATM Bridges page appears. Figure 43: The ATM bridges advanced settings tab _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 97 of 384...
Page 98 Scroll to the top of the page and click Add new interface….The Create Interface page appears. Figure 44: The create interface page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 98 of 384...
Page 99 Table 32: Information table for creating a static interface Click Submit. The Interfaces page appears. Figure 45: The new static interface page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 99 of 384...
Page 100 Leave this field blank if DHCP server is not needed on this interface. UCI: N/A Opt: N/A Table 33: Information table for the new static interface _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 100 of 384...
Page 101 Select unspecified to remove the interface from the associated zone or fill out the create field to define a new zone and attach the interface to it. Click Save & Apply _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 101 of 384...
Page 102 'nas0' option monitored '0' option ipaddr '10.33.4.7' option netmask '255.255.255.192' To view uci commands, enter: uci show network network.adsl.fwannex=a network.adsl.annex=a _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 102 of 384...
Page 103: Adsl Diagnostics
To check an IP address, transmit and received counter on an ADSL interface, in the top menu, select Network -> Interfaces. The Interface Overview page appears. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5...
Page 104 To check an IP address, transmit and received counter on an ADSL interface, in the top menu, select Network -> Interfaces. The Interface Overview page appears. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5...
Page 105 6.3dB / 3.3dB Noise Margin: 31.1dB / 35.9dB Line Uptime: 2d 18h 8m 30s To restart the ADSL interface, enter: root@VA_router:~# /etc/init.d/dsl_control restart _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 105 of 384...
Page 106: Configuring An Ethernet Interface
To create and edit interfaces via the web interface, in the top menu, click Network -> Interfaces. The Interfaces overview page appears. Figure 52: The interfaces overview page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 106 of 384...
Page 107 To create a new interface, in the Interface Overview section, click Add new interface. The Create Interface page appears. Figure 53: The create interface page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 107 of 384...
Page 108 'Use gateway metric' Physical Settings Bridge interfaces, VLAN PCP to SKB priority mapping, Firewall settings Assign a firewall zone to the interface _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 108 of 384...
Page 109 Assign given IPv6 default gateway to this interface (optional). UCI: network.<if name>.ip6gw Opt: ip6gw Table 36: Information table for LAN interface common configuration settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 109 of 384...
Page 110 Specifies the default route metric to use for this interface (optional). UCI: network.<if name>.metric Opt: metric Table 37: Information table for common configuration advanced settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 110 of 384...
Page 111 UCI: network.<if using UCI. name>.vlan_qos_map_egress Example: network.<if name>. vlan_qos_map_egress =1:2 2:1 Opt: list vlan_qos_map_egress _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 111 of 384...
Page 112: Loopback Interfaces
IP aliasing is associating more than one IP address to a network interface. You can assign multiple aliases. 13.2.4.1 IP-alias packages Package Sections Network alias _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 112 of 384...
Page 113 The IP Aliases configuration options page appears. The IP-Alias is divided into two sub sections: general setup and advanced. 13.2.4.3 IP-aliases: general setup Figure 58: The IP-aliases general setup section _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 113 of 384...
Page 114 Note: this option is only available for interfaces with a static IP address. 13.2.5.1 DHCP server: packages Package Sections dhcp dhcp To assign a DHCP Server to the interface, click Setup DHCP Server. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 114 of 384...
Page 115 Defines the lease time of addresses handed out to clients, for example 12h or 30m. UCI: dhcp.@dhcp[x].leasetime 12 hours Opt: leasetime Range Table 42: Information table for DHCP server general setup page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 115 of 384...
Page 116: Interface Configuration Using Uci
Interface configuration using UCI The configuration files are stored on /etc/config/network, /etc/config/firewall and /etc/config/dhcp root@VA_router:~# uci show network ….. network.newinterface=interface network.newinterface.proto=static network.newinterface.ifname=eth0 network.newinterface.monitored=0 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 116 of 384...
Page 117 13.3.1 Interface common configuration using package options The configuration files are stored on /etc/config/network, /etc/config/firewall and /etc/config/dhcp root@VA_router:~# uci export network package network …… config interface 'newinterface' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 117 of 384...
Page 118 '100' option leasetime '12h' option limit '150' option interface 'newinterface' To change any of the above values use uci set command. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 118 of 384...
Page 119: Configuring Port Maps
Ethernet switch physical port to logical interface mappings, go to the Port Map section at Network->Interfaces. Figure 63: The Interface port map section _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 119 of 384...
Page 120 13.5.3 Configuring port map using package options The configuration files are stored on /etc/config/network root@VA_router:~# uci export network ….. config va_switch option eth0 'A' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 120 of 384...
Page 121: Interface Diagnostics
Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:385585 errors:0 dropped:0 overruns:0 frame:0 TX packets:385585 errors:0 dropped:0 overruns:0 carrier:0 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 121 of 384...
Page 122: Route Status
Flags Metric Ref Iface 192.168.100.0 255.255.255.0 eth0 Note: a route will only be displayed in the routing table when the interface is up. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 122 of 384...
Page 123: Configuring Satop And Cesopsn
CESoPSN is an abbreviation for “Circuit Emulation Services over Packet Switched Network”. It is defined in IETF RFC5086 and is currently supported on Virtual Access router models fitted with ALL, X.21 or E1/T1 interfaces. It is used to carry an analogue leased line, an X.21 interface, an E1 timeslot or a group of E1 timeslots over a packet...
Page 124: Virtual Access Proprietary Satop/Cesopsn Protocol Extension
14.3 Virtual Access proprietary SAToP/CESoPSN protocol extension To compensate for packet loss in the network, Virtual Access implemented a proprietary extension to SAToP/CESoPSN. When enabled, a copy of the previous packet payload is added to the end of the packet. With the help of this mechanism it is possible to overcome the loss of single packets.
Page 125: Configuring Satop/Cesopsn
Note: the Blackbox tab only appears if Blackbox is configured on your router. Figure 66: SAToP/CESoPSN basic settings Figure 67: SAToP/CESoPSN blackbox settings Figure 68: SAToP/CESoPSN advanced settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 125 of 384...
Page 126: Configuring Main Settings Using Uci
Enables the use of the TOS field in the IP header. UCI: cesopd.main.tos_enabled Disabled. Opt: tos_enabled Enabled. Web: TOS Value Note: before changing this value, consult with Virtual Access support. UCI: cesopd.main.tos_enabled Decimal value of the TOS field in the IP Opt: tos_value header.
Page 127: Configuring Port Settings Using The Web Interface
Note: for E1 CESoPSN, a port represents a timeslot or group of timeslots. Figure 69: CESoPSN basic port settings Figure 70: CESoPSN advanced port settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 127 of 384...
Page 128 14: Configuring SAToP and CESoPSN _______________________________________________________________________________________________________ Figure 71: CESoPSN E1 port settings Figure 72: CESoPSN dual X.21 port settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 128 of 384...
Page 129 Enables the use of RTP header as specified in RFC5086. UCI: cesopd.[port].rtp_header_enabled Note: before disabling the use of RTP header, ensure that the peer supports this. Opt: rtp_header_enabled Disabled. Enabled. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 129 of 384...
Page 130 14: Configuring SAToP and CESoPSN _______________________________________________________________________________________________________ Web: Enable Packet Redundancy Enables a Virtual Access proprietary CESoPSN protocol extension, which can help to overcome packet loss. See the section ‘Virtual UCI: Access proprietary CESoPSN protocol extension’ for more cesopd.[port].va_prop_payload_redundan information. cy_enabled...
Page 131 N/A for E1 and ALL. Opt: dce Disabled. Enabled. Web:FIFO IRQ Level Specifies the FIFO IRQ Level. UCI: cesopd.[port].fifo_irq_level Note: before changing this value, consult with Virtual Access support. Opt: fifo_irq_level Specifies the IRQ level. Range 1-5. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5...
Page 132 Opt: x21_data_delay Range 0-7. Web:Driver Poll Interval Specifies the driver poll interval in milliseconds. UCI: cesopd.[port].tdm_intvl_ms Note: before changing this value, consult with Virtual Access support. Opt: tdm_intvl_ms Specifies the poll interval. Range 1-10. Table 48: Dual X.21 port settings...
Page 133: Configuring Port Settings Using Uci
<generic port options> ……. option e1t1_end '1' option e1t1_line_code '1' option e1t1_framing '2' option e1t1_impedance '1' option e1t1_timeslot '1' option e1t1_protocol '0' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 133 of 384...
Page 134: Cesopsn Diagnostics
# uci export cesopd package cesopd config cesopd 'main' option log_severity '5' option enable '1' config port 'Port1' option enable '1' option devname 'ttyLC0' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 134 of 384...
Page 135 To show the currently running configuration, enter: root@VA_router:~# cesop show config Main Config ----------- enable nodaemon log_severity tos_enabled tos_value : 16 blackbox_enabled blackbox_hours : 10 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 135 of 384...
Page 136 : 16 app_bit_reverse app_rx_shift va_prop_payload_redundancy_enabled: 0 devname : ttyU0 local_loopback rate ext_clock fifo_irq_level bit_reverse dte_tt_inv dce_tclk_inv dce_rclk_inv x21_clk_invert x21_data_delay x21_use_vco tdm_intvl_ms all_four_wire_mode _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 136 of 384...
Page 137 Tx CESoPSN Header L-Bit Tx CESoPSN Header R-Bit Tx CESoPSN Header M-Bits Tx TDM Payload [D4][51]... Uptime 40 hrs 45 mins 47 secs _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 137 of 384...
Page 138 Rx: TDM payload length errors 14.9.4 cesop clear stats To reset the statistical counters, enter: root@VA_router:~# cesop clear stats cesopd stats cleared cesop show debug _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 138 of 384...
Page 139 14: Configuring SAToP and CESoPSN _______________________________________________________________________________________________________ The output provided by cesop show debug is intended for Virtual Access support technicians and therefore the interpretation of the output produced by cesop show debug command is not explained here. root@VA_router:~# cesop show debug...
Page 140 If enabled, the blackbox records instances of packet loss or the late transmission and reception of packets. The information stored in the blackbox can help Virtual Access support analyse problems such as excessive jitter and packet loss. The information in the blackbox is intended for Virtual Access technicians and therefore, the interpretation of the output produced by cesop blackbox show command is not explained here.
Page 141 The command cesop upgrade usbcard re-programs the E1 card with the image in /lib/firmware/va-userial.bin The command is used for software upgrade of the E1 card. If an upgrade is necessary the image will be provided by Virtual Access. The upgrade process is logged on syslog. root@VA_router:~# cesop upgrade usbcard...
Page 142 To see the result of E1 card’s CPLD programming, enter: root@VA_router:~# cesop show usbcard cpld status USB card CPLD programming status: 0 The status should be 0. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 142 of 384...
Page 143 14.9.13 cesop clear bert stats To reset the bit error rate test statistical counters, enter: root@VA_router:~# cesop clear bert stats bert stats cleared _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 143 of 384...
Page 144: Isdn Pseudowire
When configuring ISDN pseudowire, you must decide the device’s role. A device typically acts as a client, which is the usual role for a GW6610-ISDN provider or for GW6610- ISDN in a back-to-back scenario.
Page 145: Pseudowire Functionality
15.3 ISDN pseudowire in client role The most typical scenario for the GW6610-ISDN is for it to act in a client role whereby locally attached ISDN equipment can make and receive calls on a remote ISDN network over an IP network, typically via the ADSL interface on the GW6610-ISDN router.
Page 146: Isdn Pseudowire In Client And Provider Role (Back-To-Back)
ISDN between one another over IP. As the entire network is self-contained, you can choose any numbering plan and it does not need to agree with ‘real-world’ numbering. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 146 of 384...
Page 147 15: ISDN pseudowire _______________________________________________________________________________________________________ In the example below it is assumed the routers involved have the following attributes. Typically this scenario would be implemented using two GW6610-ISDN routers. First GW6610-ISDN client • has two MSNs: 384720 and 384721 exists at address 10.1.183.20 Second GWX610-ISDN client •...
Page 148 UCI: config.client. secret Specifies the password to present to the provider to identify this site. Opt: secret Table 51: Options for client configurations _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 148 of 384...
Page 149 To do so, one ‘client’ section is required for each MSN number hosted by the other GW6610-ISDN unit. As most ISDN equipment supports at least two MSN numbers, there are typically two or more such sections.
Page 150: Analogue Leased Line Interface
The ALL interface provides you with the possibility to adjust the gain and attenuation. The diagram below shows the signal flow and the options available to control it. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5...
Page 151: All Status
To view the status of the ALL interface, enter: va5420_status /dev/ttyLCO The following output is shown: root@client_B:~# root@client_B:~# va5420_status /dev/ttyLCO Mode: Transparent Wire mode: 2-wire PCM Encoding: A-Law _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 151 of 384...
Page 152: All Statistics
To see whether a jitter buffer is enabled and what size it is, enter: root@VA_router:~# uci export cesopd package cesopd config cesopd 'main' option log_severity '5' option enable '1' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 152 of 384...
Page 153 … rx_jitter_buffer_enabled rx_jitter_buffer_size_ms : 24 16.5.1 ALL statistics clearing To clear statistics for ALL interface, enter: root@VA_router:~# va5420_stats_reset /dev/ttyLC0 Statistics reset _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 153 of 384...
Page 154: All Wiring
4 BLACK (RING1) 4 RING1 • 16.6.3 RJ45 not connected • not connected • • • • • not connected • • not connected _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 154 of 384...
Page 155: Dhcp Server And Dns Configuration (Dnsmasq)
In the top menu, select Network -> DHCP and DNS. The DHCP and DNS page appears. There are three sections: Server Settings, Active Leases, and Static Leases. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5...
Page 156 17: DHCP server and DNS configuration (Dnsmasq) _______________________________________________________________________________________________________ Figure 75: The DHCP and DNS page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 156 of 384...
Page 157 Opt: list rebind_domain No list configured. Range Table 52: Information table for general server settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 157 of 384...
Page 158 UCI: dhcp.@dnsmasq[0].addnhosts Opt: list addnhosts Table 53: Information table for resolv and host files section _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 158 of 384...
Page 159 Defines the filename of the boot image advertised to clients. This specifies BOOTP options, in most cases just the file name. UCI: dhcp.@dnsmasq[0].dhcp_boot Opt: dhcp_boot Table 54: Information table for TFTP settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 159 of 384...
Page 160 Enables disallow option for forwarding requests that cannot be answered by public name servers. Normally enabled for dial on UCI: dhcp.@dnsmasq[0].filterwin2k demand interfaces. Opt: filterwin2k Enabled. Disabled. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 160 of 384...
Page 161 Table 55: Information table for advanced settings 17.2.5 Active leases This section displays all currently active leases. Figure 79: The active leases section _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 161 of 384...
Page 162 The IPv4 address specifies the fixed address to use for this host.. UCI: dhcp.@host[0].ip Opt: ip Table 57: Information table for static leases _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 162 of 384...
Page 163: Configuring Dhcp And Dns Using Uci
2.2.2.2 dhcp.@dnsmasq[0].rebind domain=tes.domain dhcp.@dnsmasq[0].enable_tftp=0 dhcp.@dnsmasq[0].tftp_root=/tmp/tftp dhcp.@dnsmasq[0].dhcp_boot=boot.image dhcp.@dnsmasq[0].nonegcache=0 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 163 of 384...
Page 164 '1' list bogusnxdomain '1.1.1.1 ' list bogusnxdomain '2.2.2.2' option port '53' option dhcpleasemax '150' option ednspacket_max '1280' option dnsforwardmax '150' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 164 of 384...
Page 165: Configuring Dhcp Pools Using Uci
Defines the offset from the network address for the end of the DHCP pool UCI: dhcp.<pool_name>.limit Opt: limit Range 0 - 255 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 165 of 384...
Page 166: Configuring Static Leases Using Uci
'mypc' This adds the fixed IP address 192.168.1.2 and the name "mypc" for a machine with the (Ethernet) hardware address 00:11:22:33:44:55. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 166 of 384...
Page 167: Configuring Vlan
18:Configuring VLAN _______________________________________________________________________________________________________ 18 Configuring VLAN 18.1 Maximum number of VLANs supported Virtual Access’ routers support up to 4095 VLANs. 18.2 Configuration package used Package Sections Network 18.3 Configuring VLAN using the web interface 18.3.1 Create a VLAN interface To configure VLAN using the web interface, in the top menu, select Network - >Interfaces.
Page 168 Opt: ifname Table 59: Information table for the create interface page Click Submit. The Interfaces page for VLAN1 appears. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 168 of 384...
Page 169 UCI: network.VLAN1.ipaddr Opt: ipaddr Web: IPv4 netmask Subnet mask to be applied to the IP address of this interface. UCI: network.VLAN1.netmask Opt: netmask _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 169 of 384...
Page 170: Viewing Vlan Interface Settings
To view the new VLAN interface settings, in the top menu, select Network -> Interfaces. The Interfaces Overview page appears. The example below shows two VLAN interfaces configured. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 170 of 384...
Page 171: Configuring Vlan Using The Uci Interface
VLAN tag 100. Note: VLAN1 is, by default the native VLAN and will not be tagged. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 171 of 384...
Page 172: Configuring Static Routes
Web: netmask Defines the route netmask. If omitted, 255.255.255.255 is assumed, which makes the target a host address. UCI: network.@route[0].netmask Opt: netmask _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 172 of 384...
Page 173: Configuring Ipv6 Routes Using The Web Interface
By default all routes are named ‘route’, it is identified by @route then the route’s position in the package as a number. For example, for the first route in the package using UCI: network.@route[0]=route network.@route[0].interface=lan _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 173 of 384...
Page 174: Ipv4 Routes Using Uci
The command line example routes in the subsections below do not have a configured name. root@VA_router:~# uci show network network.@route[0]=route network.@route[0].interface=lan network.@route[0].target=3.3.3.10 network.@route[0].netmask=255.255.255.255 network.@route[0].gateway=10.1.1.2 network.@route[0].metric=3 network.@route[0].mtu=1400 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 174 of 384...
Page 175: Ipv4 Routes Using Package Options
…. config route option interface 'lan' option target '2001:0DB8:100:F00:BA3::1/64' option gateway '2001:0DB8:99::1' option metric ‘1’ option mtu '1500' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 175 of 384...
Page 176: Static Routes Diagnostics
Flags Metric Ref Iface 192.168.100.0 255.255.255.0 eth0 Note: a route will only be displayed in the routing table when the interface is up. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 176 of 384...
Page 177: Configuring Bgp (Border Gateway Protocol)
In the top menu, select Network -> BGP. BGP configuration page appears. The page has three sections: Global Settings, BGP Neighbours and BGP Route Map. Figure 86: The BGP page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 177 of 384...
Page 178 Type in a name for the BGP route map name and then click Add. The ROUTEMAP configuration section appears. You can configure multiple route maps. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 178 of 384...
Page 179 Defines the set value when a match occurs. Value format depends on the set option you have selected. UCI: bgpd.ROUTEMAP.set Opt: set Table 64: Information table for routemap _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 179 of 384...
Page 180: Configuring Bgp Using Uci
You can also configure BGP using UCI. The configuration file is stored on /etc/config/bgpd root@VA_router:~# uci show bgpd bgpd.bgpd=routing bgpd.bgpd.enabled=yes bgpd.bgpd.router_id=3.3.3.3 bgpd.bgpd.asn=1 bgpd.bgpd.network=11.11.11.0/29 192.168.103.1/32 bgpd.@peer[0]=peer bgpd.@peer[0].route_map_in=yes bgpd.@peer[0].ipaddr=11.11.11.1 bgpd.@peer[0].asn=1 bgpd.@peer[0].route_map=ROUTEMAP bgpd.ROUTEMAP=routemap _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 180 of 384...
Page 181: Configuring Bgp Using Packages Options
'ROUTEMAP' option order '10' option permit 'yes' option match_type 'ip address' option match '192.168.101.1/32' option set_type 'ip next-hop' option set '192.168.101.2/32' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 181 of 384...
Page 182: View Routes Statistics
To view routes via the command line, enter: root@support:~# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Iface 10.1.0.0 0.0.0.0 255.255.0.0 0 br- lan2 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 182 of 384...
Page 183: Configuring A Wifi Connection
_______________________________________________________________________________________________________ 21 Configuring a WiFi connection This section explains how to configure WiFi on a Virtual Access router using the web interface or via UCI. WiFi can act as an Access Point (AP) to another device in the network or it can act as a client to an existing AP.
Page 184 Select the transmit power range range you require. UCI: wireless.radio0.txpower Range 0dBm(1mW)-17dBm(50mW) Opt: txpower 17dBM(50mW) Table 66: Information table for the device configuration section _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 184 of 384...
Page 185 Defines the RTS/CTS threshold UCI: wireless.radio0.rts None Router defaults applied Opt: rts Range Table 67: Information table for device configuration advanced settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 185 of 384...
Page 186 Use this section to configure the interface name, mode and network settings. Differing web options may be presented depending on the Mode selected. Figure 94: The interface configuration general setup section _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 186 of 384...
Page 187 Use this section to configure encryption, ciper and create a security key. Differing options wil be defined depending on the encryption selected. Figure 95: The wireless security section _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 187 of 384...
Page 188 Defines the Radius port for EAP accounting. UCI:wireless.@wifi-iface[0].acct_port Opt: acc_port Web: Radius Accounting -Secret Defines the Radius secret for EAP accounting. UCI:wireless.@wifi-iface[0].acct_secret Opt: acct_secret _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 188 of 384...
Page 189: Configuring Wifi In Ap Mode
WiFi interface’, selecting a new interface for the Wireless Network in the Interface Configuration section. Next, in the top menu, select Network -> Interfaces. The Interface Overview page appears. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 189 of 384...
Page 190 Example: option ifname ‘eth2 eth3’ or network.<if name>.ifname=eth2 eth 3 Table 71: Information table for the physical section on the common configuration page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 190 of 384...
Page 191: Configuring Wifi Using Uci
'radio0' option mode 'ap' option disabled '1' option ssid 'Test_AP' option network 'newwifilan' option encryption 'psk' option key 'secretkey' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 191 of 384...
Page 192 'lan' option ifname 'eth0' option proto 'static' option ipaddr '192.168.100.1' option netmask '255.255.255.0' option type 'bridge' root@VA_router:~# uci export wireless package wireless _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 192 of 384...
Page 193 21.4.4 AP mode on an existing Ethernet interface using UCI root@VA_router:~# uci show network network.lan=interface network.lan.ifname=eth0 network.lan.proto=static network.lan.ipaddr=192.168.6.1 network.lan.netmask=255.255.255.0 network.lan.type=bridge root@VA_router:~# uci show wireless wireless.radio0=wifi-device wireless.radio0.type=mac80211 wireless.radio0.channel=11 wireless.radio0.phy=phy0 wireless.radio0.hwmode=11ng _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 193 of 384...
Page 194: Creating A Wifi In Client Mode Using The Web Interface
In the top menu, select Network -> Interfaces. The Interfaces Overview page appears. Click Edit in the newly created WiFi Client interface. The Common Configuration page appears. Figure 98: The client interface page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 194 of 384...
Page 195: Configuring Wifi In Client Mode Using Command Line
'radio0' option type 'mac80211' option channel '11' option phy 'phy0' option hwmode '11ng' option htmode 'HT20' list ht_capab 'SHORT-GI-40' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 195 of 384...
Page 196 TX-STBC RX-STBC1 DSSS_CCK-40 wireless.radio0.txpower=17 wireless.radio0.country=US wireless.@wifi-iface[0]=wifi-iface wireless.@wifi-iface[0].device=radio0 wireless.@wifi-iface[0].ssid=Remote-AP wireless.@wifi-iface[0].mode=sta wireless.@wifi-iface[0].network= newwifiClient wireless.@wifi-iface[0].encryption=psk2 wireless.@wifi-iface[0].key=testtest _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 196 of 384...
Page 197: Configuring A Mobile Connection
To create a new mobile interface, in the Interface Overview section, click Add new interface. The Create Interface page appears. Figure 99: The create interface page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 197 of 384...
Page 198 Setup more indept features such as initionalization timeout, LCP echo failure thresholds and inactivity timeouts. Firewall settings Assign a firewall zone to the connection. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 198 of 384...
Page 199 Web: Operator PLMN code Specifies an operator code to force the connection to a particular carrier. UCI: network.3G.operator Opt: operator _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 199 of 384...
Page 200 The Modem Configuration link at the bottom of the page is used for SIM pincode and SMS configuration.For more information, read the chapter ‘Configuring mobile manager’. 22.2.1.2 Mobile interface: advanced settings Figure 101: The advanced settings tab _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 200 of 384...
Page 201 6in4 option ipaddr 6to4 option ipaddr Table 75: Information table for general set up page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 201 of 384...
Page 202: Viewing Mobile Connectivity Information
To view mobile connectivity information, in the top menu, select Status -> Mobile Stats. The Mobile/3G Information page appears. Figure 103: The mobile stats page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 202 of 384...
Page 203: Configuring A Mobile Connection Using Uci
Home network mobile.3g_1_1_1.reg_code=1 mobile.3g_1_1_1.registered_pkt=1, Home network mobile.3g_1_1_1.reg_code_pkt=1 mobile.3g_1_1_1.area=FFFE mobile.3g_1_1_1.cell=189150A mobile.3g_1_1_1.tech=7 mobile.3g_1_1_1.technology=E-UTRAN mobile.3g_1_1_1.operator=0,0,"Vodafone",7 mobile.3g_1_1_1.sim1_iccid=89460127120912066226 mobile.3g_1_1_2.sim_slot=1 mobile.3g_1_1_2.sim_in=yes mobile.3g_1_1_2.operator="Vodafone" mobile.3g_1_1_2.cdma_roaming=Not Roaming mobile.3g_1_1_2.cdma_roaming_code=0 mobile.3g_1_1_2.cdma_srvmode=EVDO Rev B _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 203 of 384...
Page 204 22: Configuring a mobile connection _______________________________________________________________________________________________________ mobile.3g_1_1_2.cdma_srvmode_code=5 mobile.3g_1_1_2.cdma_total_drc=0.0 kbps mobile.3g_1_1_2.cdma_carr_cnt=2 mobile.3g_1_1_2.cdma_rx0=78 mobile.3g_1_1_2.sig_dbm=nan mobile.3g_1_1_2.cdma_rx1=105 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 204 of 384...
Page 205: Configuring Mobile Manager
Configuring mobile manager using the web interface Select Services -> Mobile Manager. The Mobile Manager page appears. Figure 104: The mobile manager page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 205 of 384...
Page 206 If checked, the router will return an SMS. Select Respond if you want the router to reply. UCI: mobile.@caller[0].respond Disabled. Opt:respond Enabled. Table 76: Information table for mobile manager basic settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 206 of 384...
Page 207 Web: Primary Channel B Allows the primary channel (B) to be changed UCI: mobile.main.cdma_primary_channel_b Default Opt: cdma_primary_channel_b 1-2016 any band class 5 channel number _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 207 of 384...
Page 208: Configuring Mobile Manager Using Uci
_____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 208 of 384...
Page 209: Configuring A Roaming Interface Template Via The Web Interface
To monitor via the web browser, login and select Status >system log. Scroll to the bottom of the log to view the SMS message. Figure 105: Example of output from system log _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 209 of 384...
Page 210: Sending Sms From The Router
An example would be to SMS the SIM card number by typing the following command on the phone and checking the SMS received from the router. uci show mobile.@caller[0].number _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 210 of 384...
Page 211: Configuring Multi-Wan
Configuring Multi-WAN using the web interface In the top menu, select Network -> Multi-Wan. The Multi-WAN page appears. Figure 106: The multi-WAN page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 211 of 384...
Page 212 In the WAN interfaces section, enter the name of the WAN interface to configure, and then click Add. The new section for configuring specific parameters appears. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5...
Page 213 24: Configuring Multi-WAN _______________________________________________________________________________________________________ Figure 107: Example interface showing failover traffic destination as the added multi-WAN interface _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 213 of 384...
Page 214 Range Web: Priority Specifies the priority of the interface. The higher the value, the higher the priority. UCI: multiwan.wan.priority Opt: priority Range _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 214 of 384...
Page 215 GSM Compact UTRAN GSM w/EGPRS UTRAN w/HSPDA UTRAN w/HSUPA UTRAN w/HSUPA and HSDPA E-UTRAN Table 79: Information table for multi-WAN interface page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 215 of 384...
Page 216: Multi-Wan Traffic Rules
'5' option priority '2' option manage_state 'yes' option exclusive_group '0' option ifup_retry_sec '40' option icmp_hosts 'disable' option icmp_interval ‘1’ option timeout ‘3’ _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 216 of 384...
Page 217: Multi-Wan Diagnostics
The multi-WAN package is linked to the network interfaces within /etc/config/network. Note: multi-WAN will not work if the WAN connections are on the same subnet and share the same default gateway. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 217 of 384...
Page 218: Troubleshooting
'300' option ifup_timeout_sec '40' The following output shows the multi-WAN standard stop/start commands for troubleshooting. root@VA_router:~# /etc/init.d/multiwan Syntax: /etc/init.d/multiwan [command] _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 218 of 384...
Page 219 Enter the name of the WAN interface to configure, and then click Add. The new section for configuring specific parameters will appear. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 219 of 384...
Page 220: Automatic Operator Selection
25 Automatic operator selection This section describes how to configure and operate the Automatic Operator Selection feature of a Virtual Access router. When the roaming SIM is connected, the radio module has the ability to scan available networks. The router, using mobile and multi-WAN packages, finds available networks to create and sort interfaces according to their signal strength.
Page 221 25.2.1.3 Create a primary predefined interface In the web interface top menu, go to Network ->Interfaces. The Interfaces page appears. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 221 of 384...
Page 222 Type the short operator name in lower case, for example: Operator name First four alphanumeric numbers Vodafone UK voda O2 – UK o2uk Orange oran _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 222 of 384...
Page 223 Table 80: Information table for the create interface page Click Submit. The Common Configuration page appears. Figure 111: The common configuration page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 223 of 384...
Page 224 Click the link if you need to configure additional options from Mobile Manager. UCI: N/A Opt: N/A Table 81: Information table for the general set up section Click Save & Apply. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 224 of 384...
Page 225 Figure 112: The multi-WAN page In the WAN Interfaces section, type in the name of the Multi-WAN interface. Click Add. The Multi-WAN page appears. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 225 of 384...
Page 226 Web: WAN Interfaces Provide the same interface name as chosen in multiwan section below and click Add. UCI: multiwan.3g_s<sim- number>_<short-operator-name> Opt: 3g_s<sim-number>_<short- operator-name> _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 226 of 384...
Page 227 Web: Exclusive Group Defines the group to which the interface belongs, only one interface can be active. UCI: multiwan.[..x..].exclusive_group Opt: exclusive_group Range _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 227 of 384...
Page 228 25.2.2 Set options for automatically created interfaces (failover) From the top menu on the web interface page, select Services ->Mobile Manager. The Mobile Manager page appears. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 228 of 384...
Page 229 AN-PPP user ID. Supported on Cellient (CDMA) modem only. UCI: mobile.main.hdr_userid Opt: hdr_userid Table 83: Information table for mobile manager basic settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 229 of 384...
Page 230 If checked, the router will return an SMS. Select Respond if you want the router to reply. UCI: mobile.@caller[0].respond Disabled. Opt: respond Enabled. Table 84: Information table for caller settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 230 of 384...
Page 231 25: Automatic operator selection _______________________________________________________________________________________________________ 25.2.3 Roaming interface template Figure 115: The roaming interface template page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 231 of 384...
Page 232 Sets ping timeout in seconds. Choose the time in seconds that the health monitor ICMP will timeout at. Opt: timeout Wait 3 seconds for ping reply Range _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 232 of 384...
Page 233 25.2.4 Scenario 2: PMP + roaming: pre-empt disabled As in the previous section, multi-WAN connects the PMP interface and uses auto created interfaces for failover. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 233 of 384...
Page 234 In the top menu, select System -> Reboot. The System Reboot page appears. Figure 118: The system reboot page Check the Reboot now check box and then click Reboot. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 234 of 384...
Page 235 Web: PIN code for SIM2 Depending on the SIM card specify the pin code for UCI: mobile.main.sim2pin SIM 2. Opt: sim2pin blank range _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 235 of 384...
Page 236 If checked, the router will return an SMS. Select Respond if you want the router to reply. UCI: mobile.@caller[0].respond Disabled. Opt: respond Enabled. Table 87: Information table for mobile manager caller settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 236 of 384...
Page 237 Adds all generated interfaces to this zone. UCI: Select existing zone or click unspecified or create to create a new mobile.@roaming_template[0].firewall_zo zone. Opt: firewall_zone _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 237 of 384...
Page 238 Opt: health_recovery_retries Web: Priority Type the priority number. The higher the value, the higher the priority. UCI: mobile.@roaming_template[0].priority Opt: priority range _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 238 of 384...
Page 239 UCI: multiwan.config.alt Leave this option unselected. Opt: alt Disabled. Enabled. Table 89: Information table for multi-WAN operation _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 239 of 384...
Page 240: Configuring Via Uci
'test' option sim '1' option operator 'vodafone IE' To view uci commands, enter: root@VA_router:~# uci show network network.loopback=interface network.loopback.ifname=lo network.loopback.proto=static network.loopback.ipaddr=127.0.0.1 network.loopback.netmask=255.0.0.0 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 240 of 384...
Page 241 'test IE' option username 'test' option password 'test' option service 'umts' option health_interval '4' option icmp_hosts 'disable' option timeout 'disable' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 241 of 384...
Page 242 IE mobile.@roaming_template[0].username=test mobile.@roaming_template[0].password=test mobile.@roaming_template[0].service=umts mobile.@roaming_template[0].health_interval=4 mobile.@roaming_template[0].icmp_hosts=disable mobile.@roaming_template[0].timeout=disable mobile.@roaming_template[0].health_fail_retries=3 mobile.@roaming_template[0].signal_threshold=-95 mobile.@roaming_template[0].priority=5 mobile.@roaming_template[0].ifup_retry_sec=120 mobile.@roaming_template[0].ifup_timeout_sec=180 mobile.@roaming_template[0].defaultroute=yes mobile.@roaming_template[0].sort_sig_strength=yes _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 242 of 384...
Page 243 To view the uci command of package multiwan, enter: root@VA_router:~# uci show multiwan multiwan.config=multiwan multiwan.config.enabled=1 multiwan.config.preempt=1 multiwan.main_voda=interface multiwan.main_voda.health_fail_retries=3 multiwan.main_voda.health_interval=3 multiwan.3g_s1_voda.timeout=1 multiwan.3g_s1_voda.icmp_hosts=disable multiwan.3g_s1 main _voda.priority=10 multiwan.3g_s1_voda.exclusive_group=3g multiwan.3g_s1_voda.signal_threshold=-95 multiwan.3g_s1_voda.ifup_retry_sec=350 multiwan.3g_s1_voda.ifup_timeout_sec=180 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 243 of 384...
Page 244: Configuring No Pmp + Roaming Using Uci
'test IE' option username 'test' option password 'test' option service 'umts' option health_fail_retries '2' option signal_threshold '-100' option priority '5' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 244 of 384...
Page 245 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 245 of 384...
Page 246: Automatic Operator Selection Diagnostics Via The Web Interface
Network -> Multi-WAN. To check interfaces that have been created in the network package, from the top menu, select Network -> Interfaces. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 246 of 384...
Page 247 Status. The Interface Status page appears. Scroll down to the bottom of the page to view Multi-WAN Stats. Figure 122: The status page: multi-WAN status section page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 247 of 384...
Page 248: Automatic Operator Selection Diagnostics Via Uci
Figure 123: Example of output from the command: cat /var/const_stat/multiwan To check interfaces created in the network package, enter: root@VA_router:~# cat /var/const_state/network _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 248 of 384...
Page 249 25: Automatic operator selection _______________________________________________________________________________________________________ Figure 124: Example of output from the command cat /var/const_state/network _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 249 of 384...
Page 250 To check the status of the interface you are currently using, enter: root@VA_router:~# cat /var/const_state_/mobile Figure 125: Example of output from the command cat /vat/const_state_/mobile _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 250 of 384...
Page 251: Configuring Ipsec
If you need to create an IPSec template for DMVPN, read the chapter ‘Dynamic Multipoint Virtual Private Network (DMVPN)’. The number of IPSec tunnels supported by Virtual Access’ routers is not limited in any way by software; the only hardware limitation is the amount of RAM installed on the device.
Page 252 Table 90: Information table for IPSec common settings 26.2.2 Common settings: configure connection Figure 127: The configuring IPSec settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 252 of 384...
Page 253 Connection uses transport mode. pass Connection does not perform any IPSec processing. drop Connection drops all the packets. Table 91: Information table for connection settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 253 of 384...
Page 254 Defines the IP address of LAN serviced by remote peer. UCI: strongswan.@connection[X]. remotelan Opt:remotelan Web: Remote LAN IP Address Mask Defines the Subnet of remote LAN. UCI: strongswan.@connection[X]. remotelanmask Opt:remotelanmask _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 254 of 384...
Page 255 Can be used if negotiation is never to be attempted or accepted (shunt connections). Table 92: Information table for IP addressing settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 255 of 384...
Page 256 DHGroup: modp1024 modp1536 modp2048 modp3072 modp4096 modp6144 modp8192 For example, a valid IKE algorithm is aes128-sha-modp1536. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 256 of 384...
Page 257 The value %forever means 'never Opt: keyringtries give up'. Relevant only locally, other end need not agree on _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 257 of 384...
Page 258 Defines the local address this secret applies to. UCI: strongswan.@secret[X].localaddress Opt: localaddress Web: ID selector Defines the remote address this secret applies to. UCI: strongswan.@secret[X]. remoteaddress Opt: remoteaddress _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 258 of 384...
Page 259: Configuring Ipsec Using Uci
'no' option uniqueids 'yes' option cachecrls 'no' option debug 'none' 26.3.2 Connection settings touch /etc/config/strongswan uci add strongswan connection uci set strongswan.@connection[0].ikelifetime=3h _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 259 of 384...
Page 260 '30s' option dpdtimeout '150s' option enabled 'yes' option name '3G_Backup' option auto 'start' option type 'tunnel' option remoteaddress '100.100.100.100 ' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 260 of 384...
Page 261 This will create the following output: config connection option name 'local' option enabled 'yes' option locallan '10.1.1.1' option locallanmask '255.255.255.255' option remotelan '10.1.1.0' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 261 of 384...
Page 262 # Commands to add a secret for xauth auth touch /etc/config/strongswan uci add strongswan secret uci set strongswan.@secret[1].enabled=yes uci set strongswan.@secret[1].idtype=userfqdn _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 262 of 384...
Page 263: Configuring An Ipsec Template For Dmvpn Via The Web Interface
Together, these sections define the required parameters for a two-way IKEv1 tunnel. Secret Settings 26.4.1 Configure common settings Figure 131: The common settings section _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 263 of 384...
Page 264 Local LAN IP Address • Local LAN IP Address Mask • Remote LAN IP Address • Remote LAN IP Address Mask • _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 264 of 384...
Page 265 26: Configuring IPSec _______________________________________________________________________________________________________ Figure 132: The connections settings section _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 265 of 384...
Page 266 Leave blank for DMVPN. remotelanmask Opt:remotelanmask Web: Local Protocol Restricts the connection to a single protocol on the local side. UCI: strongswan.@connection[X].localproto Opt: localproto _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 266 of 384...
Page 267 DHGroup: modp1024 modp1536 modp2048 modp3072 modp4096 modp6144 modp8192 For example, a valid IKE algorithm is: aes128-sha-modp1536. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 267 of 384...
Page 268 The value %forever means 'never give strongswan.@connection[X].keyringtries up'. Relevant only locally, other end need not agree on it. Opt: keyringtries _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 268 of 384...
Page 269 Defines the local address this secret applies to. UCI: strongswan.@secret[X].localaddress Opt: localaddress Web: ID selector Defines the remote address this secret applies to. UCI: strongswan.@secret[X]. remoteaddress Opt: remoteaddress _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 269 of 384...
Page 270: Configuring An Ipsec Template To Use With Dmvpn
_____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 270 of 384...
Page 271 '%forever' option dpdaction 'hold' option dpddelay '30s' option dpdtimeout '150s' config secret option enabled 'yes' option secrettype 'psk' option secret 'secret' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 271 of 384...
Page 272: Ipsec Diagnostics Using The Web Interface
INSTALLED, TRANSPORT, ESP in UDP SPIs: cca7b970_i d874dc90_o dmvpn_89_101_154_151{1}: 10.68.234.133/32[gre] === 89.101.154.151/32[gre] To view a list of IPSec commands, enter: root@VA_router:~# ipsec –help _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 272 of 384...
Page 273: Configuring Firewall
The General Zone, or defaults, section declares global firewall settings that do not belong to any specific zones. These default rules take effect last and more specific rules take effect first. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 273 of 384...
Page 274 ICMP message is returned to the source host. Drop Dropped packets are blocked by the firewall. Table 98: Information table for general settings page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 274 of 384...
Page 275 Rejected packets are blocked by the firewall and ICMP message is returned to the source host. Drop Dropped packets are blocked by the firewall. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 275 of 384...
Page 276 Defines protocol family (ipv4, ipv6 or any) to generate iptables rules for. UCI: firewall.<zone label>.family Opt: family Table 99: Information table for firewall zone settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 276 of 384...
Page 277 Web: Limit log messages Limits the amount of log messages per interval. UCI: firewall.<zone label>.log_limit Opt: log_limit Table 100: Information table for zone settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 277 of 384...
Page 278 This can be enabled through the conntrack option or through masq. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 278 of 384...
Page 279 Web: Internal IP address Specifies the internal (LAN) IP address for the traffic to be redirected UCI: firewall.<redirect label>.dest_ip Opt: dest_ip _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 279 of 384...
Page 280 NAT loopback (reflection). Figure 140: The firewall – port forwards – forward edits page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 280 of 384...
Page 281 Rules can be defined to allow or restrict access to specific ports, hosts or protocols. Figure 141: The firewall traffic rules page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 281 of 384...
Page 282 For DNAT, redirects matched incoming traffic to the given port on the internal host. UCI: firewall.<rule label>.dest_port For SNAT, matches traffic directed at the given ports. Opt: dest_port _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 282 of 384...
Page 283 Iptables rules can be defined here. Custom rules are applied after all other rules are applied. Consult official iptables documentation for exact syntax and details. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 283 of 384...
Page 284: Command Description
Extra arguments to pass to iptables, this is mainly useful to specify additional match options, like -m policy --dir in for IPSec. Table 106: Information table for custom rules commands _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 284 of 384...
Page 285: Configuring Firewall Using Uci
27.3.3 Inter-zone forwarding To enable forwarding of traffic from WAN to LAN, enter: uci add firewall forwarding uci set firewall.@forwarding[1].dest=wan uci set firewall.@forwarding[1].src=lan _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 285 of 384...
Page 286 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 286 of 384...
Page 287: Ipv6 Notes
(DoS). _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 287 of 384...
Page 288: Connection Tracking
ACCEPT option proto This example enables machines on the internet to use SSH to access your router. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 288 of 384...
Page 289 When used alone, Source NAT is used to restrict a computer's access to the internet, but allows it to access a few services by manually forwarding what appear to be a few local _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5...
Page 290 The following rule blocks all connection attempts from the client to the internet. config rule option src option dest option src_mac 00:00:00:00:00:00 option target REJECT _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 290 of 384...
Page 291 Vlan12 interface in the network file. When reverse path filtering mechanism is enabled, the router will check whether a receiving packet source address is routable. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 291 of 384...
Page 292 !192.168.1.100 option src_dport option dest_ip 192.168.1.100 option dest_port 3128 option target DNAT config redirect option dest option proto _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 292 of 384...
Page 293: Ipsec Passthrough
For some configurations you also have to open port 500/UDP. # ISAKMP protocol config rule option src option dest option proto option src_port _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 293 of 384...
Page 294: Firewall Management
To see the rules as they are executed, run the fw command with the FW_TRACE environment variable set to 1 (one): root@VA_router:/# FW_TRACE=1 fw reload _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 294 of 384...
Page 295 27: Configuring firewall _______________________________________________________________________________________________________ To direct the output to a file for later inspection, enter: root@VA_router:/# FW_TRACE=1 fw reload 2>/tmp/iptables.lo _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 295 of 384...
Page 296: Configuring Snmp
In the top menu, select Services -> SNMP. The SNMP Service page appears. 28.2.1 System and agent settings Figure 143: The SNMP service page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 296 of 384...
Page 297 Map community names into security names based on the community name and the source subnet. Use the first source/community combination that matches the incoming packet. Figure 144: The COM2Sec settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 297 of 384...
Page 298 An already defined security name that is being included in this group. UCI: snmpd.group[x].secname Opt: secname Table 109: Information table for group settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 298 of 384...
Page 299 SNMP version and minimum security level, to one of three views, depending on the request being processed. Figure 147: The access settings section _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 299 of 384...
Page 300 Trap receiver settings define a notification receiver that should be sent SNMPv1 TRAPs and SNMPv2c TRAP2. Figure 148: The trap receiver settings page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 300 of 384...
Page 301: Configuring Snmp Using Command Line
Configuring SNMP using command line The configuration files are stored on /etc/config/snmpd 28.3.1 System settings using UCI root@VA_router:~# uci show snmpd snmpd.system=system snmpd.system.sysLocation=Office 123 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 301 of 384...
Page 302 Note: the security names of “ro” and “rw” here are simply names – the fact of a security name having read only or read-write permissions is handled in the access section and dealt with at a group granularity. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 302 of 384...
Page 303 Similarly, requests from the security name “rw” in all protocols are mapped to the “private” group. 28.3.4.1 Group settings using UCI snmpd.grp_1_v1=group snmpd.grp_1_v1.version=v1 snmpd.grp_1_v1.group=public snmpd.grp_1_v1.secname=ro snmpd.grp_1_v2c=group snmpd.grp_1_v2c.version=v2c snmpd.grp_1_v2c.group=public snmpd.grp_1_v2c.secname=ro snmpd.grp_1_usm=group snmpd.grp_1_usm.version=usm snmpd.grp_1_usm.group=public _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 303 of 384...
Page 304 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 304 of 384...
Page 305 'group' 'private_v2c' option group 'private' option version 'v2c' option secname 'rw' config 'group' 'private_usm' option group 'private' option version 'usm' option secname 'rw' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 305 of 384...
Page 306 'public' option context 'none' option version 'any' option level 'noauth' option prefix 'exact' option read 'all' option write 'none' option notify 'none' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 306 of 384...
Page 307 # for SNMPv2c inform request receiver config informreceiver option host 'IPADDR[:PORT]' option community 'COMMUNITY STRING' An additional option was added to the 'agent' subsection: option authtrapenabled '0|1 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 307 of 384...
Page 308: Configuring Vrrp
To configure VRRP through the web interface, in the top menu, select Network -> VRRP. The VRRP page appears. To access configuration settings, click ADD. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 308 of 384...
Page 309 Sets the VRRP router ID (1 to 255). All co-operating VRRP routers serving the same LAN must be configured with the same UCI: vrrp.g1.router_id router ID. Opt: router_id Range 1-255 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 309 of 384...
Page 310: Configuring Vrrp Using Uci
'BACKUP' option router_id '1' option priority '115' option advert_int_sec '2' option password 'secret' option virtual_ipaddr '10.1.10.150/16' option garp_delay_sec '5' option ipsec_connection 'Test' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 310 of 384...
Page 311 To change any of the above values use uci set command. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 311 of 384...
Page 312: Dial Modem
30: Dial modem _______________________________________________________________________________________________________ 30 Dial modem Virtual Access GW6630, GW6000V and GW7630 Series routers are optionally fitted with a dial (V.90) modem. The table below shows standards that are supported. Data modem V.90 V.34 V.32bis V.32 V.29 V.22bis V.22 V.22 Fast Connect...
Page 313: Setting Up The V.90 Physical Port Connection
'test1' option number '1234' To view UCI commands, use the following commands: uci show network network.dialout5=interface network.dialout5.proto=ppp network.dialout5.auto=0 network.dialout5.device=/dev/ttyCX0 network.dialout5.noipdefault=1 network.dialout5.peerdns=0 network.dialout5.nopersist=1 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 313 of 384...
Page 314: Configuring The Modem As A Dial In Interface Via Uci
'1' option rings '2' option speed '19200' option debug '9' To view the configuration files, enter: uci show mgetty mgetty.main=mgetty mgetty.main.enabled=yes mgetty.ttyCX0=device _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 314 of 384...
Page 315 '0' option remote_auth_options 'require_eap' To view the configuration files, enter: uci show network network.dialin=interface network.dialin.proto=ppp network.dialin.auto=0 network.dialin.peerdns=1 network.dialin.remote_ipaddr=172.168.101.2 network.dialin.local_ipaddr=172.168.101.1 network.dialin.noipdefault=1 network.dialin.defaultroute=0 network.dialin.remote_auth_options=require_eap _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 315 of 384...
Page 316 '0' option linuxuser '0' To view the configuration files, enter: uci show managment_users managment_users.@user[0]=user managment_users.@user[0].enabled=1 managment_users.@user[0].username=test managment_users.@user[0].password=test managment_users.@user[0].srpuser=1 managment_users.@user[0].chapuser=0 managment_users.@user[0].webuser=0 managment_users.@user[0].smsuser=0 managment_users.@user[0].linuxuser=0 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 316 of 384...
Page 317: Dynamic Multipoint Virtual Private Network (Dmvpn)
New hubs can be added to the network to improve the performances and reliability. Ability to carry multicast and main routing protocols traffic (RIP, OSPF, BGP). • DMVPN can be deployed using Activator, the Virtual Access automated • provisioning system. Simplifies branch communications by enabling direct branch to branch •...
Page 318: Dmvpn Scenarios
Then it initiates VPN IPSec connection to spoke2. When an IPSec tunnel is established, spoke1 and spoke2 can send traffic directly • to each other. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 318 of 384...
Page 319 Note: if an IPSec tunnel fails to be established between the spokes then packets between the spokes are sent via the hub. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 319 of 384...
Page 320: Configuration Packages Used
Selects the IPSec connection, defined in strongSwan, to be used as a template. UCI: dmvpn.common.ipsec_template_name Opt: ipsec_template_name Table 117: Information table for DMVPN general settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 320 of 384...
Page 321 31.5.3 Configuring an IPSec template for DMVPN using the web interface Configuring an IPSec template is covered in the chapter ‘Configuring IPSec’. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 321 of 384...
Page 322: Dmvpn Diagnostics
Alias-Address: 11.11.11.3 Flags: up Interface: gre-GRE Type: local Protocol-Address: 11.11.11.3/32 Flags: up Interface: gre-GRE Type: cached Protocol-Address: 11.11.11.2/32 NBMA-Address: 178.237.115.129 NBMA-NAT-OA-Address: 172.20.38.129 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 322 of 384...
Page 323 REKEYING, TRANSPORT, expires in 55 seconds dmvpn_89_101_154_151{1}: 10.68.234.133/32[gre] === 192.168./32[gre] dmvpn_89_101_154_151{1}: INSTALLED, TRANSPORT, ESP in UDP SPIs: cca7b970_i d874dc90_o dmvpn_89_101_154_151{1}: 10.68.234.133/32[gre] === 89.101.154.151/32[gre] _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 323 of 384...
Page 324 Type: cached Protocol-Address: 11.11.11.2/32 NBMA-Address: 178.237.115.129 NBMA-NAT-OA-Address: 172.20.38.129 Flags: used up Expires-In: 0:18 Interface: gre-GRE Type: static Protocol-Address: 11.11.11.1/29 NBMA-Address: 89.101.154.151 Flags: up _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 324 of 384...
Page 325: Configuring Terminal Server
Configuration page appears. You must configure two main sections: Main Settings and Port Settings. 32.3.1 Configure main settings Figure 158: The terminal server main settings page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 325 of 384...
Page 326 In this section you can configure general port settings. The settings are usually the same for the central and the remote site. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 326 of 384...
Page 327 Forwarding timeout in milliseconds (network to serial). UCI: tservd.@port[0]. sfwd_timeout Set to 0 to forward to serial immediately. Opt: sfwd_timeout 20 ms Range 0-10000 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 327 of 384...
Page 328 Note: • The displayed settings vary depending on options selected. DTR <--> DSR signalling is not available on GW2028 router models. • _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 328 of 384...
Page 329 32: Configuring Terminal Server _______________________________________________________________________________________________________ Figure 160: The serial section fields (portmode RS232 and usb serial disabled) _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 329 of 384...
Page 330 In RS232 half-duplex mode, time in milliseconds between raising RTS and enabling the transmitter. For use with externally UCI: tservd.@port[0].rts_timeout connected V.23 modem. Opt: rts_timeout 30ms Range _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 330 of 384...
Page 331 DTR always on. DTR always off. DTR controlled by the application ontx In HDLC mode DTR is on during frame transmission. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 331 of 384...
Page 332 Opt: dce_tclk_inv Invert. Web: Dual X.21 card DCE RCLK Invert Enables X.21 DCE RCLK signal inversion. UCI: tservd.@port[0].dce_rclk_inv Normal. Opt: dce_rclk_inv Invert. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 332 of 384...
Page 333 In this section you can configure the network side of the Terminal Server. Note: the displayed settings vary depending on options selected. Figure 161: The port settings network fields (TCP server mode) _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 333 of 384...
Page 334 Set to 0 to use kernel defaults. Only displayed if Transport Mode tservd.@port[0].tcp_user_timeout is TCP. Opt: tcp_user_timeout 20000 20 seconds Range 0-65535 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 334 of 384...
Page 335: Terminal Server Using Uci
Table 123: Information table for port settings network section 32.4 Terminal Server using UCI root@VA_router:~# uci show tservd tservd.main=tservd tservd.main.log_severity=0 tservd.main.debug_rx_tx_enable=1 tservd.main.debug_ev_enable=1 tservd.@port[0]=port tservd.@port[0].devName=/dev/ttySC0 tservd.@port[0].remote_ip1=0.0.0.0 tservd.@port[0].remote_ip2=0.0.0.0 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 335 of 384...
Page 336: Terminal Server Using Package Options
Rx (0) Tx (0) UDP Datagrams Rx (0) Tx (0) TxErrs (0) UDP Bytes Rx (0) Tx (0) Up (0) Down (0) _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 336 of 384...
Page 337 - start USB serial card rx log tserv show userial rxlog <offs> <length> - show USB serial card rx log _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 337 of 384...
Page 338 - show USB serial card CPLD programming status tserv upgrade userial - initiate upgrade of the USB serial card tserv quit - terminate termserv process _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 338 of 384...
Page 339: Configuring A Gre Interface
In the Interface Overview section, click Add new interface. The Create Interface page appears. Figure 162: The create interface page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 339 of 384...
Page 340 IP address, TTL, tunnel key and MTU. Advanced Settings 'Bring up on boot' and 'monitor interface state' settings. Firewall settings Assign a firewall zone to the connection. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 340 of 384...
Page 341 Subnet mask, in CIDR notation, to be applied to the tunnel. Typically '30' for point-to-point tunnels. UCI: network.<if name>.mask_length Opt: mask_length Range 0 - 30 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 341 of 384...
Page 342 1472 Opt: mtu Range Table 125: Information table for GRE 33.2.2 GRE connection: common configuration-advanced settings Figure 164: GRE advanced settings page _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 342 of 384...
Page 343 GRE tunnel. To do this, browse to Network->Static Routes. For more information, read the chapter ‘Configuring Static Routes’. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 343 of 384...
Page 344: Gre Configuration Using Command Line
'128' option key '1234' option mtu '1472' option auto ‘1’ To change any of the above values use uci set command. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 344 of 384...
Page 345: Gre Diagnostics
RX packets:1465 errors:0 dropped:0 overruns:0 frame:0 TX packets:1465 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:166202 (162.3 KiB) TX bytes:166202 (162.3 KiB) _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 345 of 384...
Page 346 172.19.101.3 13.13.13.1 255.255.255.255 UGH gre-Tunnel1 Note: a GRE route will only be displayed in the routing table when the interface is up. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 346 of 384...
Page 347: Configuring Multicasting Using Pim And Igmp Interfaces
To configure PIM through the web interface, in the top menu, select Network -> PIM. The PIM page appears. To access the Global settings, click Add. Figure 166: The global settings interface _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 347 of 384...
Page 348: Virtual Access
UCI: pimd.interface[x].ssm Disabled. Opt: ssm Enabled. Table 128: Information table for interface settings To save your configuration updates, click Save & Apply. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 348 of 384...
Page 349: Configuring Pim And Igmp Using Uci
'no' Alternatively, enter: uci show pimd root@VA_router:/etc/config1# uci show pimd pimd.pimd=routing pimd.pimd.enabled=yes pimd.@interface[0]=interface pimd.@interface[0].enabled=yes pimd.@interface[0].interface=lan pimd.@interface[0].ssm=yes pimd.@interface[0].igmp=yes pimd.@interface[1]=interface pimd.@interface[1].enabled=yes pimd.@interface[1].interface=wan _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 349 of 384...
Page 350 34: Configuring multicasting using PIM and IGMP interfaces _______________________________________________________________________________________________________ pimd.@interface[1].ssm=yes pimd.@interface[1].igmp=no To change any of the above values use uci set command. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 350 of 384...
Page 351: Event System
_______________________________________________________________________________________________________ 35 Event system Virtual Access routers feature an event system. It allows you to forward router events to predefined targets for efficient control and management of devices. This chapter explains how the event system works and how to configure it using UCI commands.
Page 352: Supported Targets
The configuration is composed of a main section and as many forwardings, targets and connection testers as required. 35.7.1 Va_eventd: main section 35.7.1.1 Main using UCI root@VA_router:~# uci show va_eventd va_eventd.main=va_eventd va_eventd.main.enabled=yes va_eventd.main.event_queue_file=/tmp/event_buffer va_eventd.main.event_queue_size=128K _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 352 of 384...
Page 353 In the examples below no forwarding label has been defined. 35.7.3 Forwarding using UCI root@VA_router:~# uci show va_eventd va_eventd.@forwarding[0]=forwarding va_eventd.@forwarding[0].enabled=1 va_eventd.@forwarding[0].className=ethernet _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 353 of 384...
Page 354 Only generate events with the given className and the given label>.eventName eventName. The eventName is optional and can be omitted. Opt: eventName _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 354 of 384...
Page 355 If successful, the event system assumed the connection is valid for a configurable amount of time. 35.7.6.2 Ping connection tester using UCI va_eventd.@conn_tester[0]=conn_tester va_eventd.@conn_tester[0].name=pinger va_eventd.@conn_tester[0].enabled=1 va_eventd.@conn_tester[0].type=ping _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 355 of 384...
Page 356 A link connection tester tests a connection by checking the status of the interface being used. 35.7.6.6 Link connection tester using UCI va_eventd.@conn_tester[0]=conn_tester va_eventd.@conn_tester[0].name=linktest va_eventd.@conn_tester[0].enabled=1 va_eventd.@conn_tester[0].type=link va_eventd.@conn_tester[0].link_iface=eth0 Link connection tester using package options _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 356 of 384...
Page 357 When a syslog target receives an event, it sends it to the configured syslog server. In the examples below no target label has been defined. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 357 of 384...
Page 358 UCI: va_eventd.<target label>. Ability to change snmp version snmp_version Version1 Opt: snmp_version Version 2c Version 3 Table 135: Information table for syslog target settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 358 of 384...
Page 359 '0' option tls_forcessl3 '0' option timeout_sec "10" option from x@example.com option to y@example.com option subject_template "%{severityName} %{eventName}!!!" option body_template "%{eventName} (%{class}.%{subclass}) happened!" _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 359 of 384...
Page 360 UCI: va_eventd.<target Name of the connection tester to use for this target. label>.conn_tester Opt: conn_tester Table 136: Information table for email target settings _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 360 of 384...
Page 361 IP address of the SNMP Manager. label>.target_addr Opt: target_addr UCI: va_eventd.<target Optional IP address to use as the trap source IP address. label>.agent_addr Opt: agent_addr _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 361 of 384...
Page 362: Event System Diagnostics
Event system diagnostics 35.8.1 Displaying VA events To view a list of all available class names, events and severity levels, enter: vae_cli -d _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 362 of 384...
Page 363 2 | BadPasswordSSH | warning | SSH login attempt from %{p2}: ba.. | auth 3 | BadUserConsole | warning | Console login _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 363 of 384...
Page 364 2 | WiFiDisconnectedFromAP | notice | WiFi %{p1} disconnected from AP | wifi 2 | WiFiDisconnectedFromAP | notice | WiFi %{p1} disconnected from AP _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 364 of 384...
Page 365 | NTP query failed: %{p1} 35.8.2 Viewing the event system config To view the event system configuration via UCI, enter: root@VA_router:~# uci show va_eventd _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 365 of 384...
Page 366: Trap Manager
'yes' option className 'mobile' option severity 'notice-critical' option target 'snmp' config forwarding option enabled 'yes' option className 'ethernet' option target 'logit' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 366 of 384...
Page 367 '89.101.154.148:465' option smtp_user 'x@example.com' option smtp_password '******' option use_tls 'yes' option tls_starttls 'no' option tls_forcessl3 'no' option timeout_sec '10' option from 'y@example.com' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 367 of 384...
Page 368 '192.168.100.1' option conn_tester 'mon_server' config target option name 'logit' option enabled 'yes' option type 'exec' option cmd_template 'logger -t eventer %{eventName}' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 368 of 384...
Page 369: Configuring Sla Reporting On Monitor
The user must have admin privileges for any change to be made. If they do not, they will be informed of this fact. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 369 of 384...
Page 370: Configuring Router Upload Protocol
The graphs initially appear in an hourly format. To expand or reduce the time axis, use the appropriate zoom button. To navigate forwards or backwards chronologically, use the right and left arrow buttons. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 370 of 384...
Page 371 Figure 172: Raw data information from each graph To change the range of the graph, click zoom. Figure 173: Altered range of graph information _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 371 of 384...
Page 372 SLA Element drop-down menu. If you have not removed any graphs, this drop-down menu is not available. Figure 175: interface showing the add SLA element drop-down menu _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 372 of 384...
Page 373: Generating A Report
C:\Monitor\SlaReporting directory. The available frequency of report options in the drop-down list are: Once off • Hourly • Daily • Weekly • _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 373 of 384...
Page 374 Figure 178: Sample from the select devices page Click Continue and then add SLA report elements. Figure 179: Add report elements in the create statistic report _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 374 of 384...
Page 375 From the drop down box, select the relevant report and click Generate. The report appears. Figure 180: Example of a completed report _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 375 of 384...
Page 376: Reporting Device Status To Monitor Using Uci
SNMP trap is sent by default every minute. The router is capable of sending SNMP in version 1, 2c and 3. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 376 of 384...
Page 377 UCI: monitor.main. snmp_sec_eid snmpv3 security engine ID. Opt: snmp_sec_eid A sample Monitor configuration is shown below. root@VA_router:~# uci show monitor monitor.main=keepalive monitor.main.enable=yes monitor.main.interval_min=1 monitor.main.dev_reference=mikesamazondev _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 377 of 384...
Page 378 'yes' option interval_min '1' list monitor_ip '172.16.250.100' option dev_reference 'TEST' option snmp_version '2c' config keepalive 'v3' option enable 'yes' option interval_min '1' _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 378 of 384...
Page 379 'vasecret' option snmp_auth_proto 'MD5' option snmp_priv_pass 'vasecret' option snmp_priv_proto 'DES' config interface_stats 'stats' option enabled 'yes' option bin_period '1m' option bin_cache_size '1440 _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 379 of 384...
Page 380: Configuring Sla For A Router
37 Configuring SLA for a router SLA reporting works in two parts: 1. The Virtual Access Monitor system server connects via SSH into the router and schedules the task of uploading statistics to Monitor. 2. The Virtual Access router monitors UDP keepalive packets. It creates and stores statistics in bins.
Page 381 UCI: slad.main.max_bin_count Opt: max_bin_count Table 140: Information table for SLA settings When you have made all your configuration changes, click Save & Apply. _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 381 of 384...
Page 382: Configuring Sla For A Router Using The Uci Interface
To show all available statistic options, enter: root@VA_router:~# sla sla [current] | [all] | [oldest] | [newest] | [newest N] | [range: YYYMMDDHH-YYYYMMDDHH] _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 382 of 384...
Page 383: Virtual Access
To show the newest statistics, enter: root@VA_router: ~# sla newest ---------------------------------------- Bin valid: Start time 01.01.1970 03:32:00 End time 01.01.1970 03:33:00 Pkts In: Pkts Out: Bytes In: _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 383 of 384...
Page 384 1 ms Min GSM signal quality: -63 dBm Max GSM signal quality: -63 dBm Avg GSM signal quality -63 dBm Availability: 100.00% _____________________________________________________________________________________________________ © Virtual Access 2016 GW6600 Series and GW6600V Series User Manual Issue: 1.5 Page 384 of 384...

This manual is also suitable for:

Gw6640 Gw6640w Gw6650 Gw6650w Gw6610v Gw6640v ... Show all