Table of Contents
Advertisement
Quick Links
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for B+B SMARTWORK SPECTRE V3
Summary of Contents for B+B SMARTWORK SPECTRE V3
- Page 1 Configuration Manual for v3 Routers...
-
Page 2: Firmware Version
USED SYMBOLS Used symbols Danger – Information regarding user safety or potential damage to the router. Attention – Problems that can arise in specific situations. Information, notice – Useful tips or information of special interest. Firmware version Current version of firmware is 5.3.4 (March 10, 2016). GPL licence Source codes under GPL licence are available free of charge by sending an email to: info@conel.cz. -
Page 3: Table Of Contents
CONTENTS Contents 1 Basic Information 2 Access to the Web Conf. 2.1 Certificates and Preventing the Security Message ....3 Status 3.1 General Status . - Page 4 CONTENTS 4.13 L2TP Tunnel Configuration ......4.14 PPTP Tunnel Configuration ......4.15 DynDNS Configuration .
-
Page 5: List Of Figures
LIST OF FIGURES List of Figures Example of the Web Configuration ......Mobile WAN status ........WiFi Status . - Page 6 LIST OF FIGURES GRE Tunnels List ........GRE Tunnel Configuration .
- Page 7 LIST OF FIGURES Backup access to the Internet – sample topology ....112 Backup access to the Internet – LAN configuration ....112 Backup access to the Internet –...
-
Page 8: List Of Tables
LIST OF TABLES List of Tables Mobile Connection ........PoE PSE information . - Page 9 LIST OF TABLES Example IPsec configuration ......GRE Tunnels Overview ....... GRE Tunnel Configuration .
-
Page 10: Basic Information
(ATM), other self-service terminals, and many other devices. Wired router SPECTRE v3 ERT is an ideal device for the realization of a secure connection of two local area networks (LANs). Interconnection is carried out using two ETHERNET 10/100 interfaces and secure tunnel (IPsec, OpenVPN, L2TP). - Page 11 Examples would include using SMS or checking the status of the binary input. SPECTRE v3 routers can automatically up- date their configurations and firmware from a central server, allowing for mass reconfiguration of multiple routers at the same time.
-
Page 12: Access To The Web Conf
2. ACCESS TO THE WEB CONF. 2. Access to the Web Configuration Attention! Wireless transmissions only functions when you activate the SIM card for data traffic and insert it into the router. Remove the power source before inserting the SIM card. You may use the web interface to monitor, configure and manage the router. -
Page 13: Certificates And Preventing The Security Message
2. ACCESS TO THE WEB CONF. When you successfully enter login information on the login page, web interface will be displayed. The left side of the web interface contains a menu tree with sections for monitor- ing (Status), configuration (Configuration), customization (Customization) and administration (Administration) of the router. -
Page 14: Status
3. STATUS 3. Status 3.1 General Status Selecting the General item will open a screen displaying a summary of basic information about the router and its activities. This page is also displayed when you login to the web interface. Information is divided into several sections, based upon the type of router activity or the properties area: Mobile Connection, Primary LAN, Secondary LAN, Peripheral Ports and System Information. -
Page 15: Primary Lan, Secondary Lan, Tertiary Lan, Wifi
3. STATUS 3.1.2 Primary LAN, Secondary LAN, Tertiary LAN, WiFi Items displayed in this part have the same meaning as items in the previous part. More- over, the MAC Address item shows the MAC address of the corresponding router’s interface (Primary LAN –... -
Page 16: System Information
3. STATUS 3.1.4 System Information Item Description Firmware Version Information about the firmware version Serial Number Serial number of the router (in case of N/A is not available) Profile Current profile – standard or alternative profiles (profiles are used for example to switch between different modes of operation) Supply Voltage Supply voltage of the router Temperature... -
Page 17: Mobile Wan Status
3. STATUS 3.2 Mobile WAN Status The SPECTRE v3 ERT routers do not display the Mobile WAN status option. The Mobile WAN menu item contains current information about connections to the mobile network. The first part of this page (Mobile Network Information) displays basic information about mobile network the router operates in. -
Page 18: Description Of Periods
3. STATUS If a neighboring cell is highlighted in red, there is a risk that the router may repeatedly switch between the neighboring cell and the primary cell. This can affect the performance of the router. To prevent this, re-orient the antenna or use a directional antenna. The next section of this window displays historical information about the quality of the cel- lular WAN connection during each logging period. -
Page 19: Mobile Wan Status
3. STATUS The middle part of this page displays information about transferred data and the number of connections for both SIM cards (for each period). Item Description RX data Total volume of received data TX data Total volume of sent data Connections Number of connection to mobile network establishment Table 8: Traffic Statistics... -
Page 20: Wifi
3. STATUS 3.3 WiFi This item is available only if the router is equipped with a WiFi module. Selecting the WiFi item in the main menu of the web interface will display information about the WiFi access point (AP) and associated stations. Item Description hostapd state dump... -
Page 21: Wifi Scan
3. STATUS 3.4 WiFi Scan This item is available only if the router is equipped with a WiFi module. Selecting the WiFi Scan item scans for neighboring WiFi networks and displays the re- sults. Scanning can only be performed if the access point (WiFi AP) is off. Item Description MAC address of access point (AP) -
Page 22: Wifi Scan
3. STATUS Figure 4: WiFi Scan... -
Page 23: Network Status
3. STATUS 3.5 Network Status To view information about the interfaces and the routing table, open the Network item in the Status menu. The upper part of the window displays detailed information about the active interfaces only: Interface Description eth0, eth1, eth2 Network interfaces (Ethernet connection) usb0 Active PPP connection to the mobile network –... -
Page 24: Network Status
3. STATUS Continued from previous page Item Description packets – transmit packets errors – number of errors dropped – dropped packets overruns – outgoing packets lost because of overload carrier – wrong outgoing packets with errors resulting from the physical layer collisions Number of collisions on physical layer txqueuelen... -
Page 25: Dhcp Status
3. STATUS 3.6 DHCP Status Information about the DHCP server activity is accessible via DHCP item. The DHCP server provides automatic configuration of the client devices connected to the router. The DHCP server assigns each device an IP address, subnet mask, default gateway (IP address of router) and DNS server (IP address of router). -
Page 26: Ipsec Status
3. STATUS 3.7 IPsec Status Selecting the IPsec option in the status menu of the web page will bring up the information for any IPsec Tunnels that have been established. If the tunnel has been built correctly, the screen will display IPsec SA established (highlighted in red in the figure below.) Figure 7: IPsec Status 3.8 DynDNS Status The router supports DynamicDNS using a DNS server on www.dyndns.org. -
Page 27: System Log
3. STATUS When the router detects a DynDNS record update, the dialog displays one or more of the following messages: DynDNS client is disabled. Invalid username or password. Specified hostname doesn’t exist. Invalid hostname format. Hostname exists, but not under specified username. No update performed yet. -
Page 28: System Log
3. STATUS Figure 9: System Log The following example (figure) shows how to send syslog information to a remote server at 192.168.2.115 on startup. Figure 10: Example program syslogd start with the parameter -R... -
Page 29: Configuration
4. CONFIGURATION 4. Configuration 4.1 LAN Configuration To enter the Local Area Network configuration, select the LAN menu item in the Configu- ration section. Primary LAN is for the router’s first Ethernet interface (ETH0), Secondary LAN is for the router’s second Ethernet interface (ETH1). Tertiary LAN is for the third Ethernet in- terface if the router is configured as a 3-port Ethernet switch, or if the RS232-RS485-ETH Expansion Port is installed (ETH2). -
Page 30: Configuration Of The Network Interface
4. CONFIGURATION Continued from previous page Item Description PoE PSE enabled – The router provides power on the Ethernet cable. disabled – The router does not provide power on the Ethernet cable (default). Default Gateway Specifies the IP address of default gateway. When entering the IP address of default gateway, every packet for which the destination IP address was not found in the routing table, is sent to this IP address. -
Page 31: Example 1 - Network Topology For Dynamic Dhcp Server
4. CONFIGURATION Item Description Enable static Select this option to enable a static DHCP server. DHCP leases MAC Address MAC address of a DHCP client. IP Address Assigned IP address. Table 17: Configuration of Static DHCP Server Do not to overlap ranges of static allocated IP addresses with addresses allocated by the dynamic DHCP server. -
Page 32: Example 1 - Lan Configuration Page
4. CONFIGURATION Figure 12: Example 1 – LAN Configuration Page... -
Page 33: Example 2 - Network Topology With Both Static And Dynamic Dhcp Servers
4. CONFIGURATION Example 2: Configure the network interface to connect to a dynamic and static DHCP server: The range of allocated addresses is from 192.168.1.2 to 192.168.1.4. The address is allocated for 600 seconds (10 minutes). The client with the MAC address 01:23:45:67:89:ab has the IP address 192.168.1.10. The client with the MAC address 01:54:68:18:ba:7e has the IP address 192.168.1.11. -
Page 34: Example 3 - Network Topology
4. CONFIGURATION Example 3: Configure the network interface to connect to a default gateway and DNS server: Default gateway IP address is 192.168.1.20 DNS server IP address is 192.168.1.20 Figure 15: Example 3 – Network Topology Figure 16: Example 3 – LAN Configuration Page... -
Page 35: Vrrp Configuration
4. CONFIGURATION 4.2 VRRP Configuration Select the VRRP menu item to enter the VRRP configuration. VRRP protocol (Virtual Router Redundancy Protocol) allows you to transfer packet routing from the main router to a backup router in case the main router fails. (This can be used to provide a wireless cellular backup to a primary wired router in critical applications.) If the Enable VRRP is checked, you may set the following parameters. -
Page 36: Topology Of Vrrp Configuration Example
4. CONFIGURATION The Enable traffic monitoring option can be used to reduce the number of messages that are sent to test the PPP connection. When this parameter is set, the router will monitor the interface for any packets different from a ping. If a response to the packet is received within the timeout specified by the Ping Timeout parameter, then the router knows that the connection is still active. -
Page 37: Example Of Vrrp Configuration - Backup Router
4. CONFIGURATION Figure 19: Example of VRRP configuration – backup router... -
Page 38: Mobile Wan Configuration
4. CONFIGURATION 4.3 Mobile WAN Configuration The SPECTRE v3 ERT routers do not display the Mobile WAN configuration option. Select the Mobile WAN item in the Configuration menu section to enter the cellular network configuration page. 4.3.1 Connection to Mobile Network If you mark the Create connection to mobile network checkbox, then the router automati- cally attempts to establish a connection after booting up. -
Page 39: Mobile Wan Connection Configuration
4. CONFIGURATION Continued from previous page Item Description Specifies the Maximum Receive Unit which is the maximum size of a packet that the router can receive in a given environment. The default value is 1500 B. Other settings can cause the router to incorrectly trans- mit data. -
Page 40: Dns Address Configuration
4. CONFIGURATION When the router is unsuccessful in establishing a connection to mobile network, verify accuracy of the entered data. Alternatively, you can try a different authentication method or network type. 4.3.2 DNS Address Configuration The DNS Settings parameter is designed for easier configuration on the client side. When you set the value to get from opertor the router attempts to automatically obtain an IP address from the primary and secondary DNS server of the mobile network carrier. -
Page 41: Data Limit Configuration
4. CONFIGURATION 4.3.4 Data Limit Configuration Item Description Data limit Specifies the maximum expected amount of data transmitted (sent and received) over GPRS in one billing period (month). Warning Threshold Specifies the percentage of the "Data Limit" in the range of 50 % to 99 %. -
Page 42: Switch Between Sim Card Configurations
4. CONFIGURATION If you select none from the Backup SIM card drop down list, then the following parameters cause the router to go into the off line mode: Switch to other SIM card when connection fails, Switch to backup SIM card when roaming is detected and switch to default SIM card when home network is detected, Switch to backup SIM card when data limit is exceeded and switch to default SIM card when data limit isn’t exceeded. -
Page 43: Pppoe Bridge Mode Configuration
4. CONFIGURATION The following parameters specifies the length of time that the router waits before attempting to change back to the default SIM card or APN. Item Description Initial timeout Specifies the length of time that the router waits before the first attempt to change back to the primary SIM card or APN, the range of this parameter is from 1 to 10000 minutes. -
Page 44: Mobile Wan Configuration
4. CONFIGURATION Figure 20: Mobile WAN Configuration... -
Page 45: Example 1 - Mobile Wan Configuration
4. CONFIGURATION Example 1: The figure below displays the following scenario: the connection to the mobile network is controlled on the address 8.8.8.8 with the time interval of 60 seconds for the pri- mary SIM card and on the address www.google.com with the time interval 80 seconds for the secondary SIM card. -
Page 46: Pppoe Configuration
4. CONFIGURATION 4.4 PPPoE Configuration PPPoE (Point-to-Point over Ethernet) is a network protocol which encapsulates PPPoE frames into Ethernet frames. The router uses the PPPoE client to connect to devices support- ing a PPPoE bridge or server. The bridge or server is typically an ADSL router. To open the PPPoE Configuration page, select the PPPoE menu item. -
Page 47: Wifi Configuration
4. CONFIGURATION 4.5 WiFi Configuration This item is available only if the router is equipped with a WiFi module. Configure the WiFi network by selecting the WiFi item in the main menu of the router web interface. Activate WiFi by selecting Enable WiFi at the top of the form. You may also set the following properties: Item Description... - Page 48 4. CONFIGURATION Continued from previous page Item Description HW Mode HW mode of WiFi standard that will be supported by WiFi access point. IEE 802.11b IEE 802.11b+g IEE 802.11b+g+n IEE 802.11a IEE 802.11a+n Channel The channel, where the WiFi AP is transmitting. BW 40 MHz The option for HW mode 802.11n which allows transmission on two standard 20 MHz channels simultaneously.
- Page 49 4. CONFIGURATION Continued from previous page Item Description WEP Key Type Type of WEP key for WEP encryption: ASCII – WEP key in ASCII format. HEX – WEP key in hexadecimal format. WEP Default Key This item specifies the default WEP key. WEP Key 1-4 Items for different four WEP keys: WEP key in ASCII format must be entered in quotes.
-
Page 50: Wifi Configuration
4. CONFIGURATION Continued from previous page Item Description Access List Mode of Access/Deny list. Disabled – Access/Deny list is not used. Accept – Clients in Accept/Deny list can access the network. Deny – Clients in Access/Deny list cannot access the network. Accept/Deny List Accept or Denny list of client MAC addresses that set network ac- cess. -
Page 51: Wifi Configuration
4. CONFIGURATION Figure 25: WiFi Configuration... -
Page 52: Wlan Configuration
4. CONFIGURATION 4.6 WLAN Configuration This item is available only if the router is equipped with a WiFi module. The WiFi LAN and DHCP server page is displayed by selecting WLAN in the configuration section. You will then be able to set the following properties (see table below). Use the Enable WLAN interface check box at the top of this form to enable WiFi LAN interface. -
Page 53: Wlan Configuration
4. CONFIGURATION Use Enable dynamic DHCP leases item at the bottom of this form to enable dynamic allocation of IP addresses using the DHCP server. You may also specify these values: Item Description IP Pool Start Beginning of the range of IP addresses which will be assigned to DHCP clients. -
Page 54: Backup Routes
4. CONFIGURATION 4.7 Backup Routes By using the configuration form on the Backup Routes page, you can back up the pri- mary connection with alternative connections to the Internet/mobile network. Each backup connection can be assigned a priority. Switching between connections is done based upon set priorities and the state of the connections (for Primary LAN and Secondary LAN). -
Page 55: Backup Routes
4. CONFIGURATION If you unmark the Enable backup routes switching check box, the backup routes system operates in the backward compatibility mode. The router selects the default route based on implicit priorities of the enabled settings for each of the network interfaces, as the case may be enabling services that set these network interfaces. -
Page 56: Firewall Configuration
4. CONFIGURATION 4.8 Firewall Configuration The first security element which incoming packets pass is a check of the enabled source IP addresses and destination ports. You can specify the IP addresses as an IP address from which you can remotely access the router and the internal network connected behind a router. To enable this function, marking the Enable filtering of incoming packets check box located at the top of the Firewall Configuration page. -
Page 57: Forwarding Filtering
4. CONFIGURATION Item Description Source IP address from which access to the router is allowed. Destination IP address of destination device. Protocol Specifies the protocol used for remote access: all – Access for all protocols is active. TCP – Access for the TCP protocol is active. UDP –... -
Page 58: Firewall Configuration
4. CONFIGURATION Figure 28: Firewall Configuration Example of the firewall configuration: The router allows the following access: from IP address 171.92.5.45 using any protocol from IP address 10.0.2.123 using the TCP protocol on port 1000 from IP address 142.2.26.54 using the ICMP protocol... -
Page 59: Topology For The Firewall Configuration Example
4. CONFIGURATION Figure 29: Topology for the Firewall Configuration Example Figure 30: Firewall Configuration Example... -
Page 60: Nat Configuration
4. CONFIGURATION 4.9 NAT Configuration To configure the address translation function, open the NAT Configuration page, click on NAT in the Configuration section of the main menu. The router actually uses Port Address Translation (PAT), which is a method of mapping a TCP/UDP port to another TCP/UDP port. The router modifies the information in the packet header as the packets traverse a router. -
Page 61: Example 1 - Topology Of Nat Configuration
4. CONFIGURATION If you enable the following options and enter the port number, the router allows you to remotely access to the router from a PPP interface. Attention! Enable remote HTTP access on port activates the redirect from HTTP to HTTPS protocol only. -
Page 62: Example 1 - Nat Configuration
4. CONFIGURATION Figure 32: Example 1 – NAT Configuration It is important to mark the Send all remaining incoming packets to default server check box for this configuration. The IP address in this example is the address of the device behind the router. -
Page 63: Example 2 - Topology Of Nat Configuration
4. CONFIGURATION Example 2: Configuration with more equipment connected. Figure 33: Example 2 – Topology of NAT Configuration Figure 34: Example 2 – NAT Configuration... - Page 64 4. CONFIGURATION In this example, using the switch you can connect more devices behind the router. Every device connected behind the router has its own IP address. You enter the address in the Server IP Address field in the NAT dialog. The devices are communicating on port 80, but you can set port forwarding using the Public Port and Private Port fields in the NAT dialog.
-
Page 65: Openvpn Tunnel Configuration
4. CONFIGURATION 4.10 OpenVPN Tunnel Configuration Select the OpenVPN item to configure an OpenVPN tunnel. The OpenVPN tunnel function allows you to create a secure connection between two separate LAN networks. The router allows you to create up to four OpenVPN tunnels. Item Description Create... - Page 66 4. CONFIGURATION Continued from previous page Item Description Redirect Gateway Activates/deactivates redirection of data on Layer 2. Local Interface IP Specifies the IP address of a local interface. Address Remote Interface Specifies the IP address of the interface of opposite side of the IP Address tunnel.
-
Page 67: Openvpn Configuration
4. CONFIGURATION Continued from previous page Item Description Authenticate Mode Specifies the authentication mode: none – No authentication is set. Pre-shared secret – Specifies the shared key function for both sides of the tunnel. Username/password – Specifies authentication using a CA Certificate, Username and Password. -
Page 68: Openvpn Tunnel Configuration
4. CONFIGURATION The changes in settings will apply after pressing the Apply button. Figure 36: OpenVPN tunnel configuration... -
Page 69: Topology Of Openvpn Configuration Example
4. CONFIGURATION Example of the OpenVPN tunnel configuration: Figure 37: Topology of OpenVPN Configuration Example OpenVPN tunnel configuration: Configuration Protocol UDP Port 1194 1194 Remote IP Address 10.0.0.2 10.0.0.1 Remote Subnet 192.168.2.0 192.168.1.0 Remote Subnet Mask 255.255.255.0 255.255.255.0 Local Interface IP Address 19.16.1.0 19.16.2.0 Remote Interface IP Address... -
Page 70: Ipsec Tunnel Configuration
4. CONFIGURATION 4.11 IPsec Tunnel Configuration To open the IPsec Tunnel Configuration page, click IPsec in the Configuration section of the main menu. The IPsec tunnel function allows you to create a secured connection between two separate LAN networks. The router allows you to create up to four IPsec tunnels. To encrypt data between the local and remote subnets, specify the appropriate values in the subnet fields on both routers. - Page 71 4. CONFIGURATION Continued from previous page Item Description Remote Subnet Mask Subnet mask of a network behind remote side of the tunnel. Remote Protocol/Port Specifies Protocol/Port of remote side of the tunnel. The general form is protocol/port, for example 17/1701 for UDP (protocol 17) and port 1701.
- Page 72 4. CONFIGURATION Continued from previous page Item Description IKE DH Group Specifies the Diffie-Hellman groups which determine the strength of the key used in the key exchange process. Higher group num- bers are more secure, but require additional time to compute the key.
-
Page 73: Ipsec Tunnel Configuration
4. CONFIGURATION Continued from previous page Item Description CA Certificate Certificate for X.509 authentication. Remote Certificate Certificate for X.509 authentication. Local Certificate Certificate for X.509 authentication. Local Private Key Private key for X.509 authentication. Local Passphrase Passphrase used during private key generation. Extra Options Specifies the additional parameters of the IPsec tunnel for exam- ple, secure parameters. -
Page 74: Ipsec Tunnels Configuration
4. CONFIGURATION Figure 39: IPsec Tunnels Configuration... -
Page 75: Topology Of Ipsec Configuration Example
4. CONFIGURATION Example of the IPSec tunnel configuration: Figure 40: Topology of IPsec Configuration Example IPsec tunnel configuration: Configuration Remote IP Address 10.0.0.2 10.0.0.1 Remote Subnet 192.168.2.0 192.168.1.0 Remote Subnet Mask 255.255.255.0 255.255.255.0 Local Subnet 192.168.1.0 192.168.2.0 Local Subnet Mas: 255.255.255.0 255.255.255.0 Authenticate mode... -
Page 76: Gre Tunnels Configuration
4. CONFIGURATION 4.12 GRE Tunnels Configuration GRE is an unencrypted protocol. To open the GRE Tunnel Configuration page, click GRE in the Configuration section of the main menu. The GRE tunnel function allows you to create an unencrypted connection between two separate LAN networks. The router allows you to create four GRE tunnels. Item Description Create... -
Page 77: Gre Tunnel Configuration
4. CONFIGURATION Continued from previous page Item Description Pre-shared Key Specifies an optional value for the 32 bit shared key in numeric format, with this key the router sends the filtered data through the tunnel. Specify the same key on both routers, otherwise the router drops received packets. -
Page 78: Topology Of Gre Tunnel Configuration Example
4. CONFIGURATION Example of the GRE Tunnel configuration: Figure 43: Topology of GRE Tunnel Configuration Example GRE tunnel configuration: Configuration Remote IP Address 10.0.0.2 10.0.0.1 Remote Subnet 192.168.2.0 192.168.1.0 Remote Subnet Mask 255.255.255.0 255.255.255.0 Table 44: GRE Tunnel Configuration Example Examples of different options for configuration of GRE tunnel can be found in the application note GRE Tunnel [7]. -
Page 79: L2Tp Tunnel Configuration
4. CONFIGURATION 4.13 L2TP Tunnel Configuration L2TP is an unencrypted protocol. To open the L2TP Tunnel Configuration page, click L2TP in the Configuration section of the main menu. The L2TP tunnel function allows you to create a password protected connection between 2 LAN networks. -
Page 80: Topology Of L2Tp Tunnel Configuration Example
4. CONFIGURATION Example of the L2TP Tunnel configuration: Figure 45: Topology of L2TP Tunnel Configuration Example Configuration of the L2TP tunnel: Configuration Mode L2TP Server L2TP Client Server IP Address — 10.0.0.1 Client Start IP Address 192.168.2.5 — Client End IP Address 192.168.2.254 —... -
Page 81: Pptp Tunnel Configuration
4. CONFIGURATION 4.14 PPTP Tunnel Configuration PPTP is an unencrypted protocol. Select the PPTP item in the menu to configure a PPTP tunnel. PPTP tunnel allows pass- word protected connections between two LANs. It is similar to L2TP. The tunnels are active after selecting Create PPTP tunnel. -
Page 82: Topology Of Pptp Tunnel Configuration Example
4. CONFIGURATION Example of the PPTP tunnel configuration: Figure 47: Topology of PPTP Tunnel Configuration Example Configuration of the PPTP tunnel: Configuration Mode PPTP Server PPTP Client Server IP Address — 10.0.0.1 Local IP Address 192.168.1.1 — Remote IP Address 192.168.2.1 —... -
Page 83: Dyndns Configuration
4. CONFIGURATION 4.15 DynDNS Configuration The DynDNS function allows you to access the router remotely using an easy to remem- ber custom hostname. This DynDNS client monitors the IP address of the router and up- dates the address whenever it changes. In order for DynDNS to function, you require a pub- lic IP address, either static or dynamic, and an active Remote Access service account at www.dyndns.org. -
Page 84: Ntp Configuration
4. CONFIGURATION 4.16 NTP Configuration The NTP configuration form allows you to configure the NTP client. To open the NTP page, click NTP in the Configuration section of the main menu. NTP (Network Time Protocol) allows you to periodically set the internal clock of the router. The time is set from servers that provide the exact time to network devices. -
Page 85: Snmp Configuration
4. CONFIGURATION 4.17 SNMP Configuration The SNMP page allows you to configure the SNMP v1/v2 or v3 agent which sends in- formation about the router (and its expansion ports) to a management station. To open the SNMP page, click SNMP in the Configuration section of the main menu. SNMP (Simple Net- work Management Protocol) provides status information about the network elements such as routers or endpoint computers. -
Page 86: Oid Basic Structure
4. CONFIGURATION Activating the Enable I/O extension function allows you monitor the binary I/O inputs on the router. Selecting Enable M-BUS extension and entering the Baudrate, Parity and Stop Bits lets you monitor the meter status connected to the expansion port MBUS status. Selecting Enable reporting to supervisory system and entering the IP Address and Period lets you send statistical information to the monitoring system, R-SeeNet. -
Page 87: Snmp Configuration Example
4. CONFIGURATION This means that the router provides for example, information about the internal temperature (OID 1.3.6.1.4.1.248.40.1.3.3) or about the power voltage (OID 1.3.6.1.4.1.248.40.1.3.4). For binary inputs and output, the following range of OID is used: Description .1.3.6.1.4.1.30140.2.3.1.0 Binary input BIN0 (values 0,1) .1.3.6.1.4.1.30140.2.3.2.0 Binary output OUT0 (values 0,1) .1.3.6.1.4.1.30140.2.3.3.0... -
Page 88: Mib Browser Example
4. CONFIGURATION Figure 52: MIB Browser Example In order to access a particular device enter the IP address of the SNMP agent which is the router, in the Remote SNMP agent field. The dialog displayed the internal variables in the MIB tree after entering the IP address. -
Page 89: Smtp Configuration
4. CONFIGURATION 4.18 SMTP Configuration You use the SMTP form to configure the Simple Mail Transfer Protocol client (SMTP) for sending e-mails. Item Description SMTP Server Address IP or domain address of the mail server. SMTP Port Port the SMTP server is listening on. Secure Method none, SSL/TLS, or STARTTLS. - Page 90 4. CONFIGURATION Commands and parameters can be entered only in lowercase. Example of sending an e-mail: email –t name@domain.com –s "subject" –m "message" –a c: directory abc.doc –r 5 The command above sends an e-mail address to name@domain.com with the subject "subject", body message "message"...
-
Page 91: Sms Configuration
4. CONFIGURATION 4.19 SMS Configuration The SMS Configuration page is not available for the SPECTRE v3 ERT routers. Open the SMS Configuration page, click SMS in the Configuration section of the main menu. The router can automatically send SMS messages to a cell phone or SMS message server when certain events occur. -
Page 92: Control Via Sms
4. CONFIGURATION After you enter a phone number in the Phone Number 1 field, the router allows you to configure the control of the device using an SMS message. You can configure up to three numbers for incoming SMS messages. To enable the function, mark the Enable remote control via SMS check box. -
Page 93: Sending Sms
4. CONFIGURATION Continued from previous page Description set profile std Sets the standard profile set profile alt1 Sets the alternative profile 1 set profile alt2 Sets the alternative profile 2 set profile alt3 Sets the alternative profile 3 reboot The router reboots get ip The router responds with the IP address of the SIM card Table 58: Control SMS... -
Page 94: List Of At Commands
4. CONFIGURATION AT Command Description AT+CGMI Returns the specific identity of the manufacturer. AT+CGMM Returns the specific model identity of the manufacturer. AT+CGMR Returns the specific model revision identity of the manufacturer. AT+CGPADDR Displays the IP address of the usb0 interface. AT+CGSN Returns the product serial number. -
Page 95: Example 1 - Sms Configuration
4. CONFIGURATION Example 1: SMS sending configuration. After powering up the router, the phone with the number entered in the dialog receives an SMS in the following form: Router (Unit ID) has been powered up. Signal strength –xx dBm. After connecting to mobile network, the phone with the number entered in the dialog receives an SMS in the following form: Router (Unit ID) has established connection to mobile network. -
Page 96: Example 2 - Sms Configuration
4. CONFIGURATION Example 2: Configuration for sending SMS via serial interface on the Port 1. Figure 55: Example 2 – SMS Configuration Example 3: Control the router using an SMS from any phone number. Figure 56: Example 3 – SMS Configuration... -
Page 97: Example 4 - Sms Configuration
4. CONFIGURATION Example 4: Control the router using an SMS from two phone numbers. Figure 57: Example 4 – SMS Configuration... -
Page 98: Expansion Port Configuration
4. CONFIGURATION 4.20 Expansion Port Configuration Configuration of the expansion port can be done via Expansion Port 1 or Expansion Port 2 items in the menu. If the router has the RS232 interface, you configure it with the Expansion Port 1 selection. (Expansion Port 2 is not used). -
Page 99: Expansion Port Configuration
4. CONFIGURATION Continued from previous page Item Description Mode Mode of connection: TCP server – The router will listen for incoming TCP connection requests. TCP client – The router will connect to a TCP server on the specified IP address and TCP port. Server Address When set to TCP client above, it is necessary to enter the Server ad- dress and TCP port. -
Page 100: Expansion Port Configuration
4. CONFIGURATION When you mark the Use DTR as control of TCP connection check box, the router uses the data terminal ready (DTR) single to control the TCP connection. The remote device sends a DTR single to the router indicating that the remote device is ready for communications. Description server Description client Active... -
Page 101: Example Of Ethernet To Serial Communication
4. CONFIGURATION Examples of the expansion port configuration: Figure 59: Example of Ethernet to serial communication Figure 60: Example of serial port extension... -
Page 102: Usb Port Configuration
4. CONFIGURATION 4.21 USB Port Configuration You can use a USB to RS232 converter to send data out of the serial port from the Ethernet network in the same manner as the RS232 expansion port function. To specify the values for the USB port parameters, click USB Port in the Configuration section of the main menu. -
Page 103: Usb Port Configuration
4. CONFIGURATION If you mark the Reject new connections check box, then the router rejects any other con- nection attempt. This means that the router no longer supports multiple connections. If you mark the Check TCP connection check box, the router verifies the TCP connection. Item Description Keepalive Time... -
Page 104: Usb Configuration
4. CONFIGURATION Figure 61: USB configuration Examples of USB port configuration: Figure 62: Example 1 – USB port configuration... -
Page 105: Example 2 - Usb Port Configuration
4. CONFIGURATION Figure 63: Example 2 – USB port configuration... -
Page 106: Startup Script
4. CONFIGURATION 4.22 Startup Script Use the Startup Script window to create your own scripts which will be executed after all of the initialization scripts are run. The changes in settings will apply after pressing the Apply button. Figure 64: Startup script Any changes to the startup scripts will take effect the next time the router is power cycled or rebooted. -
Page 107: Up/Down Script
4. CONFIGURATION 4.23 Up/Down script Use the Up/Down Script window to create scripts which will run when the PPP connec- tion is started or goes down. Any scripts entered into the Up Script window will run after a PPP/WAN connection is established. Script commands entered into the Down Script window will run when the PPP/WAN connection is lost. -
Page 108: Automatic Update Configuration
4. CONFIGURATION 4.24 Automatic Update Configuration The router can be configured to automatically check for firmware updates from an FTP site or a web server and update its firmware or configuration information. Use the Automatic update menu to configure the automatic update settings. It is also possible to update the configuration and firmware through the USB host connector of the router. -
Page 109: Example Of Automatic Update
Figure 68: Example of Automatic Update 1 The following examples check for new firmware or configurations each day at 1:00 a.m. An example is given for the SPECTRE v3 LTE router with MAC address 00:11:22:33:44:55. Firmware: http://example.com/SPECTRE-v3-LTE.bin Configuration file: http://example.com/00.11.22.33.44.55.cfg... -
Page 110: Customization
5. CUSTOMIZATION 5. Customization 5.1 User Modules You may run custom software programs in the router to enhance the features of the router. Use the User Modules menu item to add new software modules to the router, to remove them, or to change their configuration. -
Page 111: User Modules
5. CUSTOMIZATION Module name Description MODBUS TCP2RTU Provides a conversion of MODBUS TCP/IP protocol to MDBUS RTU protocol, which can be operated on the serial line. Easy VPN client Provides secure connection of LAN network behind our router with LAN network behind CISCO router. NMAP Enables TCP and UDP scan. -
Page 112: Administration
6. ADMINISTRATION 6. Administration 6.1 Users This configuration function is only available for users assigned the admin role.! To assign roles and manage user accounts open the Users form in the Administration section of the main menu. The first frame of this configuration form contains an overview of available users. -
Page 113: Change Profile
6. ADMINISTRATION Ordinary users are not able to access router via Telnet, or SFTP. Read only FTP access is allowed for these users. Figure 72: Users 6.2 Change Profile In addition to the standard profile, up to three alternate router configurations or profiles can be stored in router’s non-volatile memory. -
Page 114: Change Password
6. ADMINISTRATION 6.3 Change Password Use the Change Password configuration form in the Administration section of the main menu for changing your password used to log on the device. Enter the new password in the New Password field, confirm the password using the Confirm Password field, and press the Apply button. -
Page 115: Set Sms Service Center Address
6. ADMINISTRATION 6.5 Set SMS Service Center Address The SPECTRE v3 ERT router does not support the Set SMS Service Center Address option. The function requires you to enter the phone number of the SMS service center to send SMS messages. To specify the SMS service center phone number use the Set SMS Ser- vice Center configuration form in the Administration section of the main menu. -
Page 116: Send Sms
6. ADMINISTRATION 6.7 Send SMS The SPECTRE v3 ERT router does not support the Send SMS option. You can send an SMS message from the router to test the cellular network. Use the Send SMS dialog in the Administration section of the main menu to send SMS messages. Enter the Phone number and text of your message in the Message field, then click the Send button. -
Page 117: Update Firmware
6. ADMINISTRATION 6.10 Update Firmware Select the Update Firmware menu item to view the current router firmware version and load new firmware into the router. To load new firmware, browse to the new firmware file and press the Update button to begin the update. Do not turn off the router during the firmware update. -
Page 118: Reboot
6. ADMINISTRATION 6.11 Reboot To reboot the router select the Reboot menu item and then press the Reboot button. Figure 81: Reboot... -
Page 119: Configuration In Typ. Situations
7. CONFIGURATION IN TYP. SITUATIONS 7. Configuration in Typ. Situations Although Conel routers have wide variety of uses, they are commonly used in the following ways. 7.1 Access to the Internet from LAN Figure 82: Access to the Internet from LAN – sample topology In this example, a LAN connecting to the Internet via a mobile network, the SIM card with a data tariff has to be provided by the mobile network operator. -
Page 120: Access To The Internet From Lan - Lan Configuration
7. CONFIGURATION IN TYP. SITUATIONS Figure 83: Access to the Internet from LAN – LAN configuration Mobile WAN Configuration Use the Mobile WAN item in the Configuration section to con- figure the connection to the mobile network. (Fig. 84.) In this case (depending on the SIM card) the configuration form can be blank. -
Page 121: Backup Access To The Internet From Lan
7. CONFIGURATION IN TYP. SITUATIONS 7.2 Backup Access to the Internet from LAN Figure 85: Backup access to the Internet – sample topology The configuration form on the Backup Routes page lets you back up the primary connection with alternative connections to the Internet/mobile network. Each backup connection can be assigned a priority. -
Page 122: Backup Access To The Internet - Wlan Configuration
7. CONFIGURATION IN TYP. SITUATIONS LAN configuration In the LAN item, Primary LAN, you can use the factory default configu- ration as in the previous situation. The ETH1 interface on the front panel of the router is used for connection to the Internet. It can be configured in Secondary LAN. Connect the cable to the router and set the appropriate values as in Fig. -
Page 123: Backup Access To The Internet - Wifi Configuration
7. CONFIGURATION IN TYP. SITUATIONS Figure 88: Backup access to the Internet – WiFi configuration Mobile WAN configuration To configure the mobile connection it should be sufficient to in- sert the SIM card into the SIM1 slot and attach the antenna to the ANT connector. (Depending on the SIM card you are using). -
Page 124: Backup Access To The Internet - Backup Routes Configuration
7. CONFIGURATION IN TYP. SITUATIONS Backup Routes configuration After setting up the backup routes you will need to set their priorities. In Figure the eth1 wired connection has the highest priority. If that connection fails, the second choice will be the WiFi wlan0 network interface. The third choice will be the mobile connection –... -
Page 125: Secure Networks Interconnection Or Using Vpn
7. CONFIGURATION IN TYP. SITUATIONS 7.3 Secure Networks Interconnection or Using VPN Figure 91: Secure networks interconnection – sample topology VPN (Virtual Private Network) is a protocol used to create a secure connection between two LANs, allowing them to function as a single network. The connection is secured (encrypted) and authenticated (verified). -
Page 126: Secure Networks Interconnection - Openvpn Configuration
7. CONFIGURATION IN TYP. SITUATIONS Mobile WAN configuration The mobile connection can be configured as described in the previous situations. (The router connects itself after a SIM card is inserted into SIM1 slot and an antenna is attached to the ANT connector.) Configuration is accessible via the Mobile WAN item the Configuration section. -
Page 127: Serial Gateway
7. CONFIGURATION IN TYP. SITUATIONS 7.4 Serial Gateway Figure 93: Serial Gateway – sample topology The router’s serial gateway function lets you establish serial connectivity across the Internet or with another network. Serial devices (meters, PLC, etc.) can then upload and download data. -
Page 128: Serial Gateway - Konfigurace Expansion Port
7. CONFIGURATION IN TYP. SITUATIONS Figure 94: Serial Gateway – konfigurace Expansion Port 1 To communicate with the serial device (PLC), connect from the PC (Labeled as SCADA in Fig. 93) as a TCP client to the IP address 10.0.6.238, port 2345 (the public IP address of the SIM card used in the router, corresponding to the usb0 network interface). -
Page 129: Glossary And Acronyms
8. GLOSSARY AND ACRONYMS 8. Glossary and Acronyms Backup Routes Allows user to back up the pri- GRE Generic Routing Encapsulation (GRE) is mary connection with alternative connections to a tunneling protocol that can encapsulate a wide the Internet/mobile network. Each backup con- variety of network layer protocols inside virtual nection can have assigned a priority. - Page 130 8. GLOSSARY AND ACRONYMS growth of the Internet and the predicted deple- (2001:0db8:85a3:0042:1000:8a2e:0370:7334), tion of available addresses, a new version of IP but methods of abbreviation of this full notation (IPv6), using 128 bits for the address, was de- exist. veloped in 1995.
- Page 131 8. GLOSSARY AND ACRONYMS tween computer systems over packet-switched, an overlay internetwork. A router is connected variable-latency data networks. to two or more data lines from different net- works. When a data packet comes in one of the OpenVPN OpenVPN implements virtual pri- lines, the router reads the address information vate network (VPN) techniques for creating se- in the packet to determine its ultimate destina-...
- Page 132 8. GLOSSARY AND ACRONYMS sists of a set of standards for network manage- URL of a web page is displayed on top in- ment, including an application layer protocol, a side an address bar. An example of a typi- database schema, and a set of data objects. cal URL would be http://www.example.com/ index.html, which indicates a protocol (http), a...
- Page 133 8. GLOSSARY AND ACRONYMS mode of telecommunication allows a business X.509 In cryptography, X.509 is an ITU-T to effectively carry out its daily function regard- standard for a public key infrastructure (PKI) less of location. The Internet can be considered and Privilege Management Infrastructure (PMI).
-
Page 134: Index
9. INDEX 9. Index Access Point Expansion Port Configuration ......RS232 ....... . Information . - Page 135 Send SMS ....... Serial line Mobile network ......RS232 .
-
Page 136: Recommended Literature
10. RECOMMENDED LITERATURE 10. Recommended Literature Conel: Commands and Scripts for v2 and v3 Routers, Application Note Conel: SmartCluster, Application Note Conel: R-SeeNet, Application Note Conel: R-SeeNet Admin, Application Note Conel: OpenVPN Tunnel, Application Note Conel: IPsec Tunnel, Application Note Conel: GRE Tunnel, Application Note Conel:...
Need help?
Do you have a question about the SPECTRE V3 and is the answer not in the manual?
Questions and answers