RACOM MG102i Operating Manual
  1. Manuals
  2. Brands
  3. RACOM Manuals
  4. Network Router
  5. MG102i
  6. Operating manual
RACOM MG102i Operating Manual

RACOM MG102i Operating Manual

Gprs/umts/hspa+/lte router
Hide thumbs Also See for MG102i:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Operating Manual
Operating manual
GPRS/UMTS/HSPA+/LTE router
1.5
11/12/2015
RACOM s.r.o. • Mirova 1283 • 592 31 Nove Mesto na Morave • Czech Republic
Tel.: +420 565 659 511 • Fax: +420 565 659 512 • E-mail: racom@racom.eu
.
MG102i
.
www.racom.eu

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the MG102i and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for RACOM MG102i

Summary of Contents for RACOM MG102i

  • Page 1 Operating manual MG102i GPRS/UMTS/HSPA+/LTE router 11/12/2015 RACOM s.r.o. • Mirova 1283 • 592 31 Nove Mesto na Morave • Czech Republic www.racom.eu Tel.: +420 565 659 511 • Fax: +420 565 659 512 • E-mail: racom@racom.eu...

  • Page 3: Table Of Contents

    5. Bench test / Step-by-Step guide ....................20 5.1. Connecting the hardware ....................20 5.2. Powering up your wireless router ..................20 5.3. Connecting MG102i to a programming PC ................ 20 5.4. Basic setup ......................... 21 6. Installation ............................. 22 6.1.
  • Page 4 Index ..............................150 B. Revision History .......................... 153 List of Figures 1. Router MG102i UMTS and MG102i LTE ..................6 2.1. MG102i front and terminal panel ....................9 4.1. Dimensions in millimeters ......................12 4.2. Antenna connectors SMA ......................12 4.3.

  • Page 5: Important Notice

    Data may be delayed, corrupted (i.e. have errors), or be totally lost. Significant delays or losses of data are rare when wireless devices such as the M!DGE/MG102i are used in an appro- priate manner within a well‐constructed network. M!DGE/MG102i should not be used in situations where failure to transmit or receive data could result in damage of any kind to the user or any other party, including but not limited to personal injury, death, or loss of property.

  • Page 6: Getting Started

    As an alternative. you can configure a static IP address on your PC (e.g. 192.168.1.2/24) so that it is operating in the same subnet as the MG102i. The MG102i default IP address for first Eth inter- face is 192.168.1.1, the subnet mask is 255.255.255.0.

  • Page 7: Mg102I Router

    M!DGE/MG102i together with RACOM RipEX radio router offers an unrivaled solution for combining GPRS and UHF/VHF licensed radio in a single network. Even a single RipEX in the center of a MG102i network allows for efficient use of addressed serial SCADA protocols.

  • Page 8: Standards

    EN 50 121-4:2006 EN 55022:2010 EN 55024:2010 EN 61 000-6-2:2005 Radio EN 301511 V9.0.2 EN 301893 V1.7.1 Electrical Safety EN 60950-1 +A11:2006/2009 +A1 +A12:2010/2011 EN 62311:2008 IP rating IP40 IEEE 802.3i IEEE 802.3u IEEE 802.3af MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.

  • Page 9: Mg102I In Detail

    MG102i in detail 2. MG102i in detail Fig. 2.1: MG102i front and terminal panel All MG102i Wireless Routers run MG102i Software. Software offers the following key features: • Interfaces and Connection Management (Section 7.2, “INTERFACES”) ○ Dial-out (permanent, on switchover) ○...
  • Page 10 ○ Configuration via Command Line Interface (CLI) accessible via Secure Shell (SSH) and telnet ○ Batch configuration with text files ○ User administration ○ Troubleshooting tools ○ Over the air software update ○ Licensing (extra features) ○ Keys and certificates (HTTPS, SSH, OpenVPN, ...) ○ Legal Notice MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.

  • Page 11: Implementation Notes

    3.3. Network center In every network, the center plays a key role and has to be designed according to customer's require- ments. Several possible solutions are described in the application note's Chapter 2 – M!DGE / MG102i CENTER 3.4. VPN tunnels Customer data security arriving through the mobile network is often very important.

  • Page 12: Product

    4.2. Connectors 4.2.1. Antenna SMA Fig. 4.2: Antenna connectors SMA MG102i uses SMA antenna connectors: • Mob 1, Mob 2 for GSM/UMTS/LTE antenna connection (Mob 1 for 1st UMTS module, Mob 2 for LTE as auxiliary second connector or for 2nd UMTS), •...

  • Page 13: Eth Rj45 Plug - Pin Numbering

    100BaseT) signal TX− Fig. 4.3: Eth RJ45 Plug - pin numbering RX− 4.2.3. USB MG102i uses USB 1.1, Host A interface. USB interface is wired as standard: Tab. 4.2: USB pin description USB pin signal wire +5 V Data (−)

  • Page 14: Screw Terminal

    +20%) = 10.2–57.6 VDC. RS232 – RxD (receiving data) RS232 – TxD (transmitting data) RS232 – GND (ground) Digital output. Dry contact relay. Normally open with MG102i without DO1: powering. Digital output. Dry contact relay. Normally open with MG102i without DO2: powering.

  • Page 15: Reset Button

    Keep it pressed for at least 3 seconds for reboot and at least 10 seconds for a factory reset. The start of the factory reset is confirmed by all LEDs lighting up for one second. The button can be released afterwards. Fig. 4.6: Reset button © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...

  • Page 16: Indication Leds

    GPS is turned off and a valid NMEA stream is available A voice call is currently active Voice No voice call is active If lower side banks displayed Closed Opened Closed Opened Input set Input not set Input set Input not set MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.

  • Page 17: Technical Specifications

    190 W × 104 D × 40 H mm (7.48 × 4.09 × 1.57 in), ca. 610 g (1.35 lb) Type Approval CE, FCC Options Antennas Various antennas suitable for your application are available Mounting kit DIN rail bracket © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...

  • Page 18: Model Offerings

    – basic model (no HW module) – Wifi (Wireless Local Area Network) internal module (Part No. MG102i-HW-WLAN) Note: The WLAN module for MG102i-2U or MG102i-L has to be always ordered together with the GPS SW feature key. zzz – SW feature keys empty –...

  • Page 19: Accessories

    Product 4.6. Accessories 4.6.1. DIN rail bracket Fig. 4.8: DIN rail bracket Fig. 4.9: MG102i with DIN rail bracket DIN rail bracket Installation bracket for DIN rail mounting. For usage details see chapter Mounting and chapter Dimen- sions. © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...

  • Page 20: Bench Test / Step-By-Step Guide

    If not yet enabled, please enable the Dynamic Host Configuration Protocol (DHCP) so that your computer can lease an IP address from MG102i. Wait a moment until your PC has received the parameters (IP address, subnet mask, default gateway, DNS server).

  • Page 21: Basic Setup

    192.168.5.1 for Eth5 The default subnet mask is 255.255.255.0 for all interfaces. Start a Web Browser on your PC. Type the MG102i IP address in the address bar: http://192.168.1.1 Please set a password for the admin user account. Choose something that is both easy to remember and a strong password (such as one that contains numbers, letters and punctuation).

  • Page 22: Installation

    6.3. Power supply MG102i can be powered with an external power source capable of voltages from 10 to 55 Volts DC. MG102i should be powered using a certified (CSA or equivalent) power supply, which must have a limited and SELV circuit output.

  • Page 23: Web Configuration

    The highest priority link which has been established successfully will become the so-called hotlink which holds the default route for outgoing packets. Detailed information about status of each WAN interface is available in a separate window. © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...

  • Page 24: Interfaces

    Up to four priorities can be used. Outgoing traffic can also be distributed over multiple links on a per IP session basis. Choose the option "distributed" as an Operation Mode with the appropriate Weight. MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 25 After clicking on the WWAN "Edit" button, you can additionally set the "IP passthrough" option for the LAN2 interface. The result is that the connected device over the LAN2 port will obtain M!DGE's/MG102i's mobile IP address via DHCP. In another words, M!DGE/MG102i will be transparent for the connected device and will only serve for the mobile connectivity.
  • Page 26 This option is configurable within WWAN links only. Remember that LAN1 cannot be used as the port for the IP passthrough functionality. • LAN10 is not usable within M!DGE/MG102i routers. Do not select it. Connection Supervision Network outage detection can be used for switching between available WAN links and can be performed by sending pings on each link to authoritative hosts.
  • Page 27 Configure the Emergency action which should be taken after the maximum downtime is reached. Using "reboot" perfoms the system reboot. The option "restart services" restarts all link-related applica- tions including the modem reset. No action is done if the "none" © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 28 10 BaseT or 100 BaseT and Half or Full duplex can be set as well. MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 29 Web Configuration VLAN Management M!DGE/MG102i routers support Virtual LAN according to IEEE 802.1Q which can be used to create virtual interfaces on top of the Ethernet interface. The VLAN protocol inserts an additional header to Ethernet frames carrying a VLAN Identifier (VLAN ID) which is used for distributing the packets to the associated virtual interface.
  • Page 30 Web Configuration Static configuration of M!DGE's/MG102i's own IP address and Subnet mask is available for the LAN mode. The Alias IP address enables configuring the LAN inteface with a second IP address/subnet. Note Setting of the IP address is interconnected with the DHCP Server (if enabled) - menu the SERVICES - DHCP Server menu.
  • Page 31 WWAN interfaces with one modem but different SIM cards. Close attention has to be paid when other services (such as SMS or Voice) are operating on that modem as a SIM switch will affect their operation. © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 32 Network This page provides you with the information about the current network status, service type, signal strength, CID (Cell ID), LAC (Local Area Code) and LAI (Local Area Identifier) to which the modem has MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 33 The SIM card to be used for this WWAN interface Service type The required service type Please note that these settings supersede the general SIM based settings as soon as the link is being dialed. © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 34 As a client it can create an additional WAN link which for instance can be used as backup link. As access point, it can form another LAN interface which can be either bridged to an Ethernet- MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 35 Running in client mode, you can select the network to which you want to connect to and enter the required authentication settings. You may also perform a WLAN network scan and pick the settings from the discovered information directly. The credentials can be obtained by the operator of your WLAN access point. © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 36 The passphrase used for authentication. WLAN IP Settings This section lets you configure the TCP/IP settings of your WLAN network. A client interface can be run over DHCP or with a statically configured address and default gateway. MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 37 Choose whether the interface shall be operated bridged or in routing mode. Bridge interface If bridged, the LAN interface to which the WLAN network should be bridged. IP address / netmask In routing-mode, the IP address and netmask for this WLAN network. © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 38 (RS232, see Section 7.2.6, “Serial Port”). Note Supported modules are pl2303, ch341 and ftdi (quad-channel adapter). Following parameters can be configured: • Enable hotplug (always enabled) MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 39 Following files must exist in the root directory of a FAT16/32 formatted stick: • For authentication: autorun.key • For a software update: sw-update.img • For a configuration update: cfg-<SERIALNO>.zip or cfg.zip Enable auto run feature: Enable or disable auto run feature. © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 40 The keys are made up of your admin password. They can be generated and downloaded. You may also define multiple keys in this file (line-after-line) in case your admin password differs if applied to multiple M!DGE/MG102i routers. 7.2.6. Serial Port The serial protocol can function in various ways, configure it using the Edit button on the right.
  • Page 41 (XON) character to the other end to control the rate of incoming data. Hardware flow control: While 3 wired connection is used with M!DGE/MG102i hardware flow control is not available. Server Configuration: “Telnet” or “TCP raw” © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 42 The following text is valid for all M!DGE/MG102i/RipEX units (further in this the section called “Protocol Server” referred to as a "Unit") - the special properties for mobile GPRS/UMTS networks (e.g. limitation of broadcasting) are mentioned here.
  • Page 43 Routing table. When the UDP datagram reaches its final IP destination, it should be in a M!DGE/MG102i or RipEX router again. It is processed further according to its UDP port. It can be delivered to the Protocol server where where the datagram is decapsulated and the data received on the serial interface of the source unit are forwarded to COM.
  • Page 44 Note Broadcasts in the GPRS/UMTS network are not possible, thus setting of broadcast functionality is not allowed with M!DGE/MG102i units. If On, the address for broadcast packets in the SCADA protocol has to be defined: ■ Broadcast address format - List box Hex, Dec - format in which the broadcast address is defined.
  • Page 45 RipEX) or to any special daemon running in the destination address, the packet is discarded. Note M!DGE/MG102i use UDP port 8882 for its COM port. ■ Table The Address translation is defined in a table. There are no limitations such as when the Mask translation is used.
  • Page 46 Messages from the serial interface are processed in a similar way as the Master site, i.e. they are encapsulated in UDP datagrams, processed by the router inside the M!DGE/MG102i unit and for- warded to the respective interface, typically to the mobile network.
  • Page 47 Note: There is no the possibility to set Broadcast address, since Cactus broadcast messages always have the address 0x00. Hence when the Broadcast is On, packets with this destination are handled as broadcasts. Broadcasting is not supported with mobile networks. Address translation © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 48 Broadcasts are not supported with the mobile network. Address translation Table Mask • Advanced parameters ○ ACK Locally List box: Off, On Default = On If "On", ACK frames (0x1006) are not transferred over-the-air. MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 49 Each frame in the DNP3 protocol contains the source and destination addresses in its header, so there is no difference between Master and Slave in terms of the M!DGE/MG102i configuration. The DNP3 allows both Master–Slave polling as well as spontaneous communication from remote units.
  • Page 50 WAIT COMMAND (discards it), till the Wait timeout expires. The Recommended value is in the 1–10 seconds range. Modbus Modbus RTU is a serial polling-type communication protocol used by Master–Slave application. MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 51 RipEX supports Profibus DP (Process Field Bus, Decentralized Periphery) the widest-spread version of Profibus. The Profibus DP is supported even by M!DGE/MG102i, but it will work satisfactorily only with mobile networks with very short transport delays, like LTE or UMTS. The Profibus protocol config- uration uses all parameters described in Common parameters.
  • Page 52 Slave. • RB Net period [s] Default = 10 The M!DGE/MG102i/RipEX responds to the RB packets locally and in the set RB period the RB packets are transferred over the network. • RB Net timeout [s] Default = 10 (maximum=8190) Whenever an RB packet is sent over the network, the set RB Net timeout starts.
  • Page 53 • Address mode List box: Binary (1 B), Binary (2B LSB first). Binary (2B MSB first). Default = Binary (1 B) M!DGE/MG102i/RipEX reads the Protocol address in the format and length set (in bytes). • Address position Specify the sequence number of the byte, where the Protocol address starts.
  • Page 54 Unit and appended to the received data. UNI is the "Universal" protocol utility designed by RACOM. It is supposed to be used when the applic- ation protocol is not in the Unit list. The key condition is that messages generated by the Master applic- ation device always contain the respective Slave address and that address (or its relevant part) position, relative to the beginning of the message (packet, frame), is always the same (Address position).
  • Page 55 List box: Binary (1 B), ASCII (2 B), Binary (2B LSB first). Binary (2B MSB first). Default = Binary (1 B) M!DGE/MG102i/RipEX reads the Protocol address in the format and length set (in bytes). The ASCII 2-byte format is read as 2-character hexadecimal represent- ation of one-byte value.
  • Page 56 Besides on and off you may keep the status after reboot at default which corresponds to the default state as the hardware will be initialized at power-up. The digital inputs and outputs can also be monitored and controlled by SDK scripts. MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 57 Antenna type The type of the connected GPS antenna, either active or passive. Accuracy The desired accuracy in meters. Fix frame interval The amount of time to wait between fix attempts © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 58 Please consider to restrict access to the server port, either by a specifying a dedicated client network or by using a firewall rule. Position This page shows the current position of the box together with a location map. MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 59 This page provides you with a satellite view with some additional details. In the HOME menu, under GNSS status, you can see the current status together with a lot of information about satellites in range. © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 60 The azimuth (rotation around the vertical axis) in degrees as stated in GPGSV frames. The SNR (Signal to Noise Ratio), often referred as signal strength. Please note that the values are shown as calculated by the daemon, their accuracy might be suggestive. MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.

  • Page 61: Routing

    The route is a host route, typically the netmask is set to 255.255.255.255. Network The route is a network route, consisting of an address and net- mask which forms the subnet to be addressed © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 62 Source netmask The packet source netmask Destination address The packet destination address Destination netmask The packet destination netmask Protocol Protocol used (ANY, UDP or TCP) Type of service The TOS value within the packet header MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 63 A valid license key is required for running Mobile IP. It boasts with very small outages during switchover while keeping all IP sessions alive which is being accomplished by communicating with the static public IP address of a home agent which will encapsulate © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 64 Our implementation supports RFC 3344, 5177, 3024 and 3519 and interoperability with Cisco has been verified. However, M!DGE/MG102i routers can run as node and home agent which makes them able to replace expensive kits in the backbone for smaller scenarios.
  • Page 65 The mask for the home network. Shared secret The shared secret used for the mobile node authentication at the home agent. This can be either a 128-bit hexadecimal value or a random length ASCII string. © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 66 Web Configuration 7.3.5. Quality of Service (QoS) M!DGE/MG102i routers are able to prioritize and shape certain kinds of IP traffic. This is currently limited on egress, which means that only outgoing traffic can be stipulated. The current QoS implementation uses Stochastic Fairness Queueing (SFQ) classes in combination with Hierarchy Token Bucket (HTB) queuing disciplines.
  • Page 67 Each queue can be configured as follows: Name: The name of the QoS queue. Priority: A numerical priority for the queue, lower values indicate higher priorities. Bandwidth: The maximum possible bandwidth for this queue. © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...

  • Page 68: Firewall

    (over HTTP, HTTPS, SSH or TELNET) by default but block any other packets coming from the WAN interface. Please note that MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 69 (TCP ports 80, 443, 22 and 23): Address / Port Groups This menu can be used to form address or port groups which can be later used for firewall rules in order to reduce the number of rules. © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 70 Transparent Firewall M!DGE/MG102i can be configured with its Ethernet interfaces being bridged. In this case, the transparent firewall functionality can be configured to limit reachability of individual hosts connected to M!DGE/MG102i based on their MAC addresses, i.e. units connected to ETH1 cannot communicate to units connected to ETH2.
  • Page 71 Inbound rules can be used to modify the target section of IP packets and, for instance, forward a service or port to an internal host. By doing so, they will expose the service and make it reachable e.g. from the Internet. You may also establish 1:1 NAT to a complete host. © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 72 Port to which matching packets will be targeted Outbound Rules Outbound rules will modify the source section of IP packets and can be for instance used for 1:1 NAT. Description: A meaningful description of this rule MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 73 Source network/netmask of matching packets (if Map is set to "network") Rewrite to address/port: Address/port to which the source address/port of matching packets will be rewritten to Rewrite to network/netmask: Network/netmask to which the source network/netmask of matching packets will be rewritten to © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...

  • Page 74: Vpn

    Refer to section the section called “Client Management” to learn more about how to manage clients and generate the files. Operation mode: Choose the client or server mode for this tunnel MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 75 OpenVPN's HMAC usage is to first encrypt a packet, then HMAC the resulting ciphertext. If OpenVPN receives a packet with a bad HMAC, it drops this packet. HMAC usually adds 16 or 20 Bytes per packet. © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 76 (OpenVPN configuration file), • ca.crt (root certificate file), • server.crt (certificate file), • server.key (private key file), • dh1024.pem (Diffie Hellman parameters file), • a directory (with default name “ccd”) containing client-specific configuration files. MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 77 See the OpenVPN configuration example in our Application notes. (http://www.ra- com.eu/eng/products/m/midge/app/VPN_config.html#OpenVPN). 7.5.2. IPsec IPsec is primarily used for securing the Internet communication by authenticating and/or encrypting IP packets within a data stream. IPsec includes various cryptographic protocols and ciphers for key ex- © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 78 Enable or disable Dead Peer Detection. DPD will detect any broken IPSec connection, in particular the ISAKMP tunnel, and refresh the corresponding SAs (Security Associations) and SPIs (Security Pay- load Identifiers) for a faster tunnel re-establishment. MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 79 SA will both be cleared. Restart means that the SA will be immediately renegotiated. IKE Proposal RACOM routers support IKE authentication via the pre-shared keys (PSK) or certificates within a public key infrastructure. Using PSK requires the following settings:...
  • Page 80 This feature heavily increases security as PFS avoids penetration of the key-exchange protocol and prevents compromising the keys negotiated earlier. IPsec Proposal Encapsulation mode: Only the tunnel encapsulation mode is enabled IPsec protocol: Only the ESP IPsec protocol is enabled MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 81 Since the firmware 3.7.40.103, the maximum number of networks for individual IPsec tunnels has increased from 4 to 10. Note See the IPsec configuration example in our Application notes (http://www.ra- com.eu/eng/products/m/midge/app/index.html), Chapter 2.2 IPsec http://www.racom.eu/eng/products/m/midge/app/VPN_config.html#IPsec © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 82 The server address within the tunnel Client address range: Specifies a range of IP addresses assigned to each client Username/password: The common username/password configuration Once configured, individual clients can be configured with different credentials and IP addresses. MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 83 2784. It does not provide encryption nor authorization but can be used on an address-basis on top of other VPN techniques (such as IPsec) for tunneling purposes. The following parameters are required for setting up a tunnel: Peer address The remote peer IP address © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 84 GSM only. Naturally, a concurrent use of mobile Dial-Out and Dial-In connection is not possible. Note The Dial-in Server is not supported by the M!DGE/MG102i LTE hardware. Administrative status Enabled/disabled - incoming call shall be /shall not be answered...

  • Page 85: Services

    7.6. SERVICES 7.6.1. SDK RACOM routers are shipping with a Software Development Kit (SDK) which offers a simple and fast way to implement customer-specific functions and applications. It consists of: An SDK host which defines the runtime environment (a so-called sandbox), that is, controlling access to system resources (such as memory, storage and CPU) and, by doing so, catering for the right scalability.
  • Page 86 .WANLINK2_GATEWAY = string[11]: "10.64.64.64" .WANLINK1_DIAL_ATTEMPTS = string[1]: "0" .WANLINK2_SIGNAL_STRENGTH = string[3]: "-89" .WANLINK2_DATA_DOWNLOADED = string[7]: "1705494" .WANLINK2_DATA_UPLOADED = string[6]: "511619" .WANLINK1_DATA_UPLOADED = string[8]: "51587351" .WANLINK2_ADDRESS = string[11]: "10.203.3.28" .WANLINK2_NETWORK = string[7]: "O2 - CZ" MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 87 /* Check the current NTP server and set it to the IP address 192.168.0.2 and enable the NTP synchronisation */ printf ("The NTP server was previously using IP address: "); printf (nb_config_get("network.ntp.server0")); printf("\n\n"); nb_config_set("network.ntp.server0=192.168.0.2"); if (nb_config_get ("network.ntp.status") == "0"){ © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 88 Files written to/tmp will be hold in the memory and will be cleared upon a script restart.. As your scripts operate in the sandbox, you will have no access to the system tools (such as ifconfig). Administration MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 89 The status page informs you about the current SDK status. It provides an overview about any finished jobs, you can also stop a running job there and view the script output in the troubleshooting section where you will also find links for downloading the manuals and examples. Job Management © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 90 You can now add your personal script to the system by applying the following parameters: Name: A meaningful name to identify the script Description: An optional script description Arguments: An optional set of arguments passed to the script (supports quoting) MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 91 The testing page offers an editor and an input field for optional arguments which can be used to perform test runs of your script or test dedicated portions of it. Please note that you might need to quote argu- ments as they will otherwise be separated by white-spaces. © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 92 • current IP address of the VPN interface (if enabled) connect This will initiate a Dial-out connection over GSM/UMTS and the VPN connection (if enabled) and trigger sending an SMS with the following information: MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 93 "relay" mode. As a server, the unit answers to DHCP requests from hosts in the LAN directly. Aa a relay, the unit resends the requests to the configured DHCP server which handles them. First lease address: First address for DHCP clients © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 94 The secondary server which will be used in case the primary server is not available. You may further configure static hosts for serving fixed IP addresses for various hostnames. Please remember to point local hosts to the router’s address for resolving them. MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 95 Dynamic DNS client on this box is generally compatible with various DynDNS services on the Internet running by means of definitions by the DynDNS organization (see www.dyndns.com for server imple- mentations). Administrative status: Enabled or disabled © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 96 Password: The password used for authentication Please note that your RACOM router can operate as DynDNS service as well, provided that you hold a valid SERVER license and have your hosts pointed to the DNS service of the router. 7.6.6. E-mail client The E-Mail client can be used to send notifications to a particular E-Mail address upon certain events or by SDK scripts.
  • Page 97 OID - .1.3.6.1.4.1.33555.1.100.0.X.0.X where X is trap related. See the descriptions of the events below for the specific OID numbers. Please contact our technical department for more details. Note Own traps can be configured via SDK. See SDK script examples. © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 98 GPS signal is not available gps-up (301) GPS signal is available gre-down (413) GRE connection went down gre-up (412) GRE connection came up IPSEC ipsec-down (404) IPsec connection went down ipsec-up (403) IPsec connection came up MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 99 This page lets you turn on the SMS event notification service and enable remote control via SMS. Administration On RACOM routers it is possible to receive or send short messages (SMS) over each mounted modem (depending on the assembly options). Messages are received by querying the SIM card over a modem, so prior to that, the required assignment of a SIM card to a modem needs to be specified on the SIMs page.
  • Page 100 By using SMS routing you can specify outbound rules which will be applied whenever messages are sent. You can forward them to an enabled modem. For a particular number, you can for instance enforce messages be sent over a dedicated SIM. MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 101 This page can be used to test whether SMS sending in general or filtering/routing rules works. The maximum length per message part is limited to 160 characters, we also suggest to exclusively use characters which are supported by the GSM 7-bit alphabet. © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 102 Please note that these services will be accessible from the WAN interface also. In doubt, please consider to disable or restrict access to them by applying applicable firewall rules. The following parameters can be applied to the Telnet service: Administrative status: Whether the Telnet service is enabled or disabled MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 103 7.6.10. SNMP Agent M!DGE/MG102i is equipped with an SNMP daemon, supporting basic MIB tables (such as ifTable), plus additional enterprise MIBs to manage multiple systems. M!DGE/MG102i OID starts with 1.3.6.1.4.1.33555.10 prefix. The corresponding VENDOR MIB can be downloaded from the router.
  • Page 104 Device location Listening port SNMP agent port Once the SNMP agent is enabled, SNMP traps can be generated using SDK scripts or can be triggered by various Events (see the SYSTEM → Events menu). MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 105 We strongly recommend to use HTTPS when accessing the web service via a WAN interface as the communication will be encrypted and thus avoids any misuse of the system. In order to enable HTTPS you would need to generate or upload a server certificate in the section SYSTEM-Keys and Certificates. © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 106 DHCP on the backup device or even better, split the DHCP lease range in order to prevent any lease duplication. Note M!DGE/MG102i assigns a priority of 100 to the master and 1 to the backup router. Please adapt the priority of your third-party device appropriately. MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 107 Role of this system (either master or backup) VID: The Virtual Router ID (you can theoretically run multiple instances) Interface: Interface on which VRRP should be performed Virtual gateway address: Virtual gateway address formed by the participating hosts © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...

  • Page 108: System

    You can configure the behaviour of the status LEDs on the front panel of your device. They are usually divided into two banks - left (M!DGE) or upper (MG102i) for the digital IO port status or right (M!DGE) or lower (MG102i) for the connection status indication.
  • Page 109 Network Time Protocol (NTP) is a protocol for synchronizing the clocks of computer systems over packet-switched, variable-latency data networks. M!DGE/MG102i can synchronize its system time with an NTP server. If enabled, time synchronisation is usually triggered after a WAN link has come up but before starting any VPN connections.
  • Page 110 CLI. Username: Define a user name Description: The user description MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 111 Port used for accounting messages Use for login: This option enables remotely-defined users to access the Web Manager 7.7.3. Software Update Manual Software Update This menu can be used to run a manual software update. © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 112 (only if you need to use the serial interface Protocol server functionality). The previously saved configuration can be uploaded to the station manually afterwards. MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 113 Status: Enable/disable automatic software update Time of day: Every day at this time M!DGE/MG102i will do a check for updates URL: The server URL where the software update package should be downloaded from. Supported protocols are TFTP, HTTP(s), and FTP Firmware Update This menu can be used to perform a firmware update of a specific module.
  • Page 114 Web Configuration 7.7.4. Configuration Configuration via the Web Manager becomes tedious for large volumes of devices. M!DGE/MG102i therefore offers automatic and manual file-based configuration to automate things. Once you have successfully set up the system you can back up the configuration and restore the system with it after- wards.
  • Page 115 Enable/disable automatic configuration update Time of day: Time of day when the system will check for updates URL: The server URL where the configuration file should be retrieved from (supported protocols are HTTP(s), TFTP, FTP) © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 116 7.7.5. Troubleshooting Network Debugging Various tools reside on this page for further analysis of potential configuration issues. The ping utility can be used to verify the remote host reachability. MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 117 Define the target host (IP or hostname), Time-To-Live (TTL - number of hops on the resulting route) and the timeout in seconds (max. time to wait for the final respond). The tcpdump utility generates a network capture (PCAP) of an interface which can be later analyzed with Wireshark. © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 118 Download button. The captured file can be also downloaded from the /tmp/ directory via the appropriate file manager. The darkstat utility can be used to visualize your current network connections and traffic on a particular interface. MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 119 After the utility initialization, it can be viewed in a separate window. Displaying graphs and individual host statistics are supported. System Debugging Log files can be viewed, downloaded and reset here. Please study them carefully in case of any issues. © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 120 Web Configuration Default debugging levels for individual daemons are as follows: • configd – 4 • watchdog – 4 • swupdate – 5 • wwan-managerc – 5 • led-manager – 5 MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 121 Note For both direct E-mail and Online support form a connection to the Internet has to be avail- able. © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 122 The entry pages shows an overview about installed keys and certificates. The following sections may appear: Root CA: The root Certificate Authority (CA) which issues certificates, its key can be used to certify it at trusted third party on other systems. MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 123 Other certificate authorities which we trust when establishing SSL client connections. For each certificate section it is possible to perform the following operations: generate locally: Generate key and certificate locally on M!DGE/MG102i upload files: Key and certificate will be uploaded. We support files in PKCS12, PKCS7, PEM/DER format as well as RSA/DSS keys in OpenSSH or Dropbear format.
  • Page 124 It is possible to specify the passphrase for opening the private key. Please note that the system will generally apply the system-wide certificate passphrase on a key when installing the certificate. Thus, changing the general passphrase will result in all local keys getting equipped with the new one. MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 125 Click the padlock in the address bar • Click the More Information and the View Certificate button • Select the Details tab and press the Export button • Choose a path for the file (e.g. website.pem) © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 126 "licensed" is displayed in the respective line. 7.7.8. Legal Notice A dedicated GUI page under SYSTEM is pointing out that M!DGE/MG102i contains in part open source software that may be licensed under GPL, LGPL or other open source licenses. It further provides de- tailed information for each package, including the relevant license text and the corresponding source URL.
  • Page 127 Web Configuration © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...

  • Page 128: Logout

    Web Configuration 7.8. LOGOUT Log out from Web Manager. MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.

  • Page 129: Command Line Interface

    (Command Line Utility) Usage: [-ilvh] <command> ~ $ cli -i MIDGE Command Line Interface (version 0.2) (C) Copyright RACOM s.r.o, Czech Republic Enter 'help' for a list of available commands or hit the TAB key for auto-completion. Ready to serve. >...

  • Page 130: Print Help

    The following sections are trying to explain the available commands. 8.2. Print help The help command can be used to get the list of available commands when called without arguments, otherwise it will print the usage of the specified command. MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.

  • Page 131: Getting Config Parameters

    See the following example for reading configuration DIO values: > get dio.out1 dio.out1=on > get dio.out2 dio.out2=on 8.4. Setting config parameters The set command can be used to set configuration values. > set -h Usage: © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...

  • Page 132: Updating System Facilities

    [-h] [-p phrase] <operation> <cert> [<url>] Possible operations: install install a certificate from specified URL create create a certificate locally enroll enroll a certificate via SCEP erase erase an installed certificate view view an installed certificate MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.

  • Page 133: Getting Status Information

    In the following example, we read the current DIO values. Remember that the current states do not correspond to the configuration values set with "set dio.out" commands. > status dio === DIGITAL IO INFORMATION === IN1: IN2: OUT1: OUT2: © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...

  • Page 134: Scan

    (mail, sms, techsupport, ussd) <dest> destination of message (mail-address, phone-number or argument) <msg> message to be sent 8.10. Restarting services The restart command can be used to restart system services. > restart -h Usage: restart [-h] <service> MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.

  • Page 135: Debug

    The debug command can be used to display individual daemons debugging output. > debug -h Usage: debug [-hr] [-l <level>] <target> Options: -l <level> set debug level reset debug level Available debug targets: system scripts configd watchdog swupdate wwan-manager led-manager event-manager link-manager wwanmd surveyor © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...

  • Page 136: Resetting System

    Usage: shell [-h] [<cmd>] 8.15. CLI commands history The history command displays the history of CLI commands entered on the unit. > history 1 help 2 get -h 3 get dio.out1 4 set dio.out1=off MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.

  • Page 137: Cli-Php

    $ cli get "admin.password" "admin.debug" "admin.access" It supports whitespaces but please be aware that any special characters in the URL must be specified according to RFC1738 (which usually done by common clients such as wget, lynx, curl). © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 138 – Get configuration parameter Key usage: command=get&arg0=<config−key>[&arg1=<config−key>..] Examples: http://192.168.1.1/cli.php?version=2&output=html&usr=admin&pwd= admin01&command=get&arg0=config.version http://192.168.1.1/cli.php?version=2&output=html&usr=admin&pwd= admin01&command=get&arg0=openvpn.status&arg1=snmp.status&arg2=ipsec.status set – Set configuration parameter Key usage: command=set&arg0=<config−key>&arg1=<config−value>[&arg2=<config −key>&arg3=<config−value>..] Notes: In contrast to the other commands, this command requires a set MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 139 Notes: Available services can be retrieved by running 'command=restart&arg0=−h' Examples: http://192.168.1.1/cli.php?version=2&output=html&usr=admin&pwd= admin01&command=restart&arg0=−h http://192.168.1.1/cli.php?version=2&output=html&usr=admin&pwd= admin01&command=restart&arg0=link−manager reboot - Trigger system reboot Key usage: command=reboot Examples: http://192.168.1.1/cli.php?version=2&output=html&usr=admin&pwd=admin01&command=reboot reset - Run factory reset Key usage: command=reset Examples: http://192.168.1.1/cli.php?version=2&output=html&usr=admin&pwd=admin01&command=reset © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 140 The address has to be a valid E−Mail address such as abc@abc.com (the at−sign can be encoded with \%40). The E−Mail client must be properly configured prior to using that function. Examples: http://192.168.1.1/cli.php?version=2&output=html&usr=admin&pwd=admin01& command=send&arg0=mail&arg1=abc\%40abc . com&arg2=test MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 141 The argument card specifies the card module index (e.g. 0 for wwan0 ). The USSD code can consist of digits , plus signs , asterisks (can be encoded with \%2A) and dashes (can be encoded with \%23) . Examples: http://192.168.1.1/cli.php?version=2&output=html&usr=admin&pwd=admin01& command=send&arg0=ussd&arg1=0&arg2=\%2A100\%23 © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...

  • Page 142: Troubleshooting

    Connection from the M!DGE/MG102i router can be checked using the built-in pinger available in the SYSTEM → Troubleshooting → Network Debugging menu. The traceroute command is available in the same menu for tracing the packets from the M!DGE/MG102i router to the Host.
  • Page 143 Troubleshooting 9.3.2. Log Files Information about boot-up process and about running processes can be found in the Linux-like Log files, see the SYSTEM→ Troubleshooting → System Debugging menu. © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...

  • Page 144: Safety, Environment, Licensing

    The M!DGE/MG102i Wireless Routers must not be opened. Only the replacement of the SIM card is permitted. Voltage at all connectors of the communication module is limited to SELV (Safety Extra Low Voltage) and must not be exceeded.
  • Page 145 Safety, environment, licensing 10.1.2. RoHS and WEEE compliance The M!DGE/MG102i is fully compliant with the European Commission‟s RoHS (Restriction of Certain Hazardous Substances in Electrical and Electronic Equipment) and WEEE (Waste Electrical and Electronic Equipment) environmental directives). Restriction of hazardous substances (RoHS)

  • Page 146: Country Of Origin

    Nove Mesto na Morave, 1 of March 2014 Jiri Hruska, CEO RACOM s.r.o. • Mirova 1283 • 592 31 Nove Mesto na Morave • Czech Republic www.racom.eu Tel.: +420 565 659 511 • Fax: +420 565 659 512 • E-mail: racom@racom.eu ver.

  • Page 147: Warranty

    The serviced equipment shall be returned by RACOM to the customer by prepaid freight. If circumstances do not permit the equipment to be returned to RACOM, then the customer is liable and agrees to reim- burse RACOM for expenses incurred by RACOM during servicing the equipment on site. When equipment does not qualify for servicing under warranty, RACOM shall charge the customer and be reimbursed for costs incurred for parts and labour at prevailing rates.

  • Page 148: Glossary

    Internet Protocol Security ISDN Integrated Services Digital Network Internet Service Provider Local Area Network NAPT Network Address Port Translation Network Address Translation Point of Presence POP, POP3 Post Office Protocol, Version 3 Point to Point Protocol MG102iGPRS/UMTS/HSPA+/LTE router – © RACOM s.r.o.
  • Page 149 Subscriber Identity Module Software Transmission Control Protocol TFTP Trivial File Transfer Protocol User Datagram Protocol UMTS Universal Mobile Telecommunications System Universal Resource Locator Virtual Private Network WEEE Waste Electrical and Electronic Equipment environmental directives © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...

  • Page 150: Index

    18 event manager, 97 ordering code, 18 factory reset, 116 power supply, 22 features, 17 connect, 20 key features, 7 product file configuration, 114 Conformity, 144 firewall, 68 protocols COM, 42 protocolserver, 42 © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...
  • Page 151 17 standards, 8 start, 6 system, 108 restart, 109 settings, 108 technical specification, 17 time&region, 109 troubleshooting, 116, 142 update, 111 USB, 38 VPN, 74 WAN, 24 web configuration, 23 WEEE, 145 WLAN, 34 © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...

  • Page 153: Revision History

    Added section Section 10.2, “Country of Origin” Revision 1.3 2014-04-09 Complete manual revision for FW version 3.7.40.x Revision 1.4 2015-01-10 Added section Section 7.7.8, “Legal Notice”, Revision 1.5 2015-11-03 Complete manual revision for FW version 3.8.40.x © RACOM s.r.o. – MG102iGPRS/UMTS/HSPA+/LTE router...

Table of Contents