Digi TransPort LR54 User Manual
  1. Manuals
  2. Brands
  3. Digi Manuals
  4. Network Router
  5. TransPort LR54
  6. User manual

Digi TransPort LR54 User Manual

Wr routers
Hide thumbs Also See for TransPort LR54:
1
2
3
4
Table Of Contents
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
Table of Contents

Advertisement

Quick Links

Digi TransPort® WR Routers
for models LR54, WR54, and WR64
User Guide

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the TransPort LR54 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Digi TransPort LR54

Summary of Contents for Digi TransPort LR54

  • Page 1 Digi TransPort® WR Routers for models LR54, WR54, and WR64 User Guide...
  • Page 2 Revision history—90002282 Revision Date Description Updated to support Digi TransPort firmware version 4.2.0.22. April 2018 This release focuses on support for using a TransPort router in transit scenarios. Feature enhancements include: Wi-Fi client and access point mode support and enhancements. See Wi-Fi interfaces.

  • Page 3: Applicable Models

    © 2018 Digi International Inc. All rights reserved. Disclaimers Information in this document is subject to change without notice and does not represent a commitment on the part of Digi International. Digi provides this document “as is,” without warranty of Digi TransPort WR Routers User Guide...
  • Page 4 Feedback To provide feedback on this document, email your comments to techcomm@digi.com Include the document title and part number (Digi TransPort WR Routers User Guide, 90002282 F) in the subject line of your email. Digi TransPort WR Routers User Guide...

  • Page 5: Table Of Contents

    Contents Applicable models What's new in Digi TransPort version 4.5 Configuration and management Using the web interface Log in to the web interface Log out of the web interface Using the command line Access the command line interface Log in to the command line interface...
  • Page 6 Show WAN IPv6 status Security Local users User access levels Configure a user Delete a user Change a user's password Firewall management with IP filters IP filter source and destination options IP filter criteria options Digi TransPort WR Routers User Guide...
  • Page 7 Forward location information to a remote host Show location information Auto-run commands Python Run a Python application at the command line Show running Python applications Stop a Python application Run an interactive Python session Digi TransPort WR Routers User Guide...
  • Page 8 Example: Use an SSL certificate authentication with shared account Remote management Remote Manager Configure Digi Remote Manager Show Digi Remote Manager connection status Enable health reporting and set sample interval Using Simple Network Management Protocol (SNMP) Configure SNMPv1 and SNMPv2...
  • Page 9 Configure an IPsec tunnel Example: IPsec tunnel between a TransPort LR54 and TransPort WR44 Debug an IPsec configuration Show IPsec status and statistics IPsec XAuth authentication OpenVPN Configure an OpenVPN server for routing mode and certificate authentication Configure an OpenVPN server to use username and password authentication...
  • Page 10 Device cannot communicate on ETH2, ETH3, or ETH4 ports Verify cellular connectivity Check cellular signal strength Verify serial connectivity Web reference Dashboard DMNR page File system page Firewall page GRE page Cellular locked pin page Device preferences page Hotspot page Interfaces—cellular page Digi TransPort WR Routers User Guide...
  • Page 11 Wide Area Network (WAN) page—Ethernet Wide Area Network (WAN) page Command reference ? (Display command help) ! (Revert command settings) analyzer atcommand autorun cellular clear cloud copy date defroute dhcp-host dhcp-option dhcp-server dmnr dynamic-dns exit firewall firewall6 gpio-analog Digi TransPort WR Routers User Guide...
  • Page 12 Digi TransPort WR Routers User Guide...
  • Page 13 Who should read this section What are system firewall rules? User priority chains Testing new firewall rules Using the autorun command to force firewall rule precedence System chains Migration of rules from older firmware Future releases Digi TransPort WR Routers User Guide...

  • Page 14: What's New In Digi Transport Version 4.5

    What's new in Digi TransPort version 4.5 Digi TransPort version 4.5 includes the following new features and enhancements: Support for the Digi TransPort WR54. Support for PySerial. Support for DHCP static IP mapping. Support for configuration of DHCP options. Digi TransPort WR Routers User Guide...

  • Page 15: Configuration And Management

    Configuration and management Using the web interface Using the command line Digi TransPort WR Routers User Guide...

  • Page 16: Using The Web Interface

    The device label is also attached to the bottom of the device. The TransPort Dashboard appears. See Dashboard. Log out of the web interface Click the Logout button in the upper right corner of the web interface. Digi TransPort WR Routers User Guide...

  • Page 17: Using The Command Line

    Configuration and management Using the command line Using the command line Digi TransPort provides a command-line interface you can use to configure the device, display status and statistics, as well as update firmware and manage device files. See Command reference details on all available commands.

  • Page 18: Execute A Command From The Web Interface

    Default value : auto digi.router> eth 1 speed To use the ? character in a parameter value, enclose it within " characters. For example, to display the help text for the system command's description parameter: Digi TransPort WR Routers User Guide...

  • Page 19: Revert Command Settings Using The ! Character

    Configuration commands configure settings for various device features. Configuration commands have the following format: <command> <instance> <parameter> <value> Where <instance> is the index number associated with the feature. For example, this command configures the eth1 Ethernet interface: Digi TransPort WR Routers User Guide...

  • Page 20: Display Status And Statistics Using Show Commands

    For string parameters, if the string value contains a space, the value must be enclosed in quotation marks; For example, to assign a descriptive name for the device using the system command, enter: digi.router> system description "HQ router" Digi TransPort WR Routers User Guide...

  • Page 21: Interfaces

    TransPort devices have several physical communications interfaces. The available interfaces vary by device model. These interfaces can be bridged in a Local Area Network (LAN) or assigned to a Wide Area Network (WAN). Ethernet interfaces Cellular interfaces Wi-Fi interfaces Serial interface Digi TransPort WR Routers User Guide...

  • Page 22: Ethernet Interfaces

    State: Enable or disable the Ethernet interface. By default, all of the Ethernet interfaces are enabled. Description: Optional: Enter a description for the Ethernet interface. Speed: Optional: Select the speed for the Ethernet interface. Duplex: Optional: Select the duplex mode for the Ethernet interface. 4. Click Apply. Digi TransPort WR Routers User Guide...

  • Page 23: Show Ethernet Status And Statistics

    3. Optional: Set the duplex mode. digi.router> eth 1 duplex {auto | full | half} 4. Optional: Set the speed. digi.router> eth 1 speed {auto | 1000 | 100 | 10} 5. Save the configuration. digi.router> save config Show Ethernet status and statistics...
  • Page 24 Oper Status : Up Up Time : 1 Day, 13 Hours, 30 Minutes, 23 Seconds MAC Address : 00:50:18:21:E2:84 DHCP : on IP Address : 82.68.87.20 Netmask : 255.255.255.0 DNS Server(s) Link : 100Base-T Full-Duplex Digi TransPort WR Routers User Guide...
  • Page 25 Rx Drop Packet Tx Drop Packet Rx Pause Packet Tx Pause Packet Rx Filtering Packet Tx Collision Event Rx Alignment Error Rx Undersize Error Rx Fragment Error Rx Oversize Error Rx Jabber Error digi.router> Digi TransPort WR Routers User Guide...

  • Page 26: Cellular Interfaces

    Interfaces Cellular interfaces Cellular interfaces Depending on the model, Digi TransPort devices can support one or two cellular modules, and each module supports two SIMs. This means that a TransPort device can have either two or four cellular interfaces: cellular1-sim1...

  • Page 27: Show Cellular Status And Statistics

    4. Optional: Set the preferred mode. digi.router> cellular 1 sim1-preferred-mode 3g 5. Optional: Set a description for the cellular interface. digi.router> cellular 1 description “AT&T Connection” 6. Optional: Configure the number of connection attempts. For example, to set the number of attempts to 10, enter: digi.router>...
  • Page 28 Channel : 5230 APN in use : Context 3: vzwinternet IP address : 100.103.109.8 Mask : 255.255.255.240 Gateway : 100.103.109.9 DNS Servers : 198.224.186.135, 198.224.187.135 TX Bytes : 1440 RX Bytes : 890 digi.router> Digi TransPort WR Routers User Guide...

  • Page 29: Unlock A Sim Card

    For 3G and 2G cellular connections, the current RSSI value determines signal strength. To view this value, enter the show cellular command. Excellent: > -70 dBm Good: -70 dBm to -85 dBm Fair: -86 dBm to -100 dBm Poor: < -100 dBm to -109 dBm No service: -110 dBm Digi TransPort WR Routers User Guide...

  • Page 30: Tips For Improving Cellular Signal Strength

    Move the TransPort device to another location. Try connecting a different set of antennas, if available. Purchase a Digi Antenna Extender Kit: Antenna Extender Kit, 1m Antenna Extender Kit, 3m Digi TransPort WR Routers User Guide...

  • Page 31: Wi-Fi Interfaces

    Wi-Fi interfaces Wi-Fi interfaces Depending on the model, a Digi TransPort router has one or two Wi-Fi modules. You can configure a Wi- Fi module for either Wi-Fi access point mode or Wi-Fi client mode. By default, both Wi-Fi modules are configured as Access Points.

  • Page 32: Configure The Wi-Fi Module Channel

    4. In the Edit Selected box, select the band for the Wi-Fi module. 5. Click Apply.    Command line To configure the band and/or protocol used by a Wi-Fi module, use the wifi-module command. Digi TransPort WR Routers User Guide...

  • Page 33: Configure A Wi-Fi Access Point With No Security

    To configure Wi-Fi access points, use the wifi-ap command. 1. Configure the Wi-Fi module for access point mode. digi.router> wifi-module 1 mode access-point 2. Enter the SSID for the Wi-Fi access point. digi.router> wifi-ap 1 ssid WR64-AP1 Digi TransPort WR Routers User Guide...

  • Page 34: Configure A Wi-Fi Access Point With Enterprise Security

    3. Enter the security for the Wi-Fi access point. digi.router> wifi-ap 1 security none 4. Optional: Enter a description for the Wi-Fi access point. digi.router> wifi-ap 1 description “Office AP” 5. Optional: Disable broadcasting the SSID in beacon packets. digi.router> wifi-ap 1 broadcast-ssid off 6.
  • Page 35 5. Optional: Enter the RADIUS server port. digi.router> wifi-ap 1 radius-port 3001 6. Optional: Enter a description for the Wi-Fi access point. digi.router> wifi-ap 1 description “Office AP” 7. Optional: Disable broadcasting the SSID in beacon packets. digi.router> wifi-ap 1 broadcast-ssid off 8.

  • Page 36: Show Wi-Fi Access Point Status And Statistics

    Admin Status : Up Oper Status : Down Channel Module SSID : WR64-000073-1 Security : WPA2-Personal Received Sent ------------------------------------------------- Rx Packets : 8501 Tx Packets : 7178 Rx Bytes : 1512218 Tx Bytes : 1454265 Digi TransPort WR Routers User Guide...

  • Page 37: Configure A Wi-Fi Client And Add Client Networks

    Wi-Fi client networks: Some access points hide (do not broadcast) their SSID. In this case, enable the Hidden SSID option and the client will send out probes for the SSID when scanning. In general, for both security and performance issues, Digi recommends you do not enable the Hidden option.
  • Page 38 2. Optional: Customize options for the Wi-Fi client. For Wi-Fi module 1, the client is Wi-Fi client 1; for Wi-Fi module 2, the client is Wi-Fi client 2. digi.router> wifi-client <1 - 2> <parameter> <value> 3. Add Wi-Fi client networks to the Wi-Fi client. For example: digi.router>...

  • Page 39: Show Wi-Fi Client Status And Statistics

    Show detailed status and statistics of a Wi-Fi client To show a detailed status and statistics of a Wi-Fi client, enter show wifi-client command along with the interface you want to show. digi.router> show wifi-client 1 Digi TransPort WR Routers User Guide...

  • Page 40: Serial Interface

    Enable PySerial access for the serial interface digi.router> serial state python digi.router> save config Enter a description for the serial interface digi.router> serial description “Command line access” digi.router> save config Set the baud rate For example, to set the baud rate to 9600, enter: digi.router>...
  • Page 41 Interfaces Serial interface Set the flow control For example, to set the flow control to hardware, enter: digi.router> serial flowcontrol hardware digi.router> save config Digi TransPort WR Routers User Guide...

  • Page 42: Show Serial Status And Statistics

    Serial 1 Status --------------- Description Admin Status : CLI Oper Status : up Uptime : 0:07:05 Tx Bytes : 4038 Rx Bytes : 81 Overflows Overruns Line status : RTS|CTS|DTR|DSR|CD0 digi.router> Digi TransPort WR Routers User Guide...
  • Page 43 Local Area Networks (LANs) About Local Area Networks (LANs) Configure a LAN Show LAN status and statistics Delete a LAN DHCP servers Digi TransPort WR Routers User Guide...

  • Page 44: Local Area Networks (Lans)

    The diagram shows a LAN connecting the eth2, eth3, and eth4 interfaces for a TransPort LR54 unit. Once the LAN is configured and enabled, the devices connected to the network interfaces can communicate with each other, as demonstrated by the ping commands. Digi TransPort WR Routers User Guide...

  • Page 45: Configure A Lan

    See DHCP relay for more information. 5. In the IPv6 group, configure IPv6. See Configure a LAN for IPv6. 6. In the Advanced group, enter the Maximum Transmission Unit (MTU), or packet size, for Digi TransPort WR Routers User Guide...

  • Page 46: Show Lan Status And Statistics

    2. Click a LAN to display additional status information, or to configure a LAN.    Command line To show the status and statistics for a LAN, use the show lan command. For example, here is show lan output for a LAN on which IPv6 is enabled: Digi TransPort WR Routers User Guide...
  • Page 47 : Up Description : Ethernet and Wi-Fi LAN network Interfaces : eth3 : 1500 IP Address : 192.168.1.1 Mask : 255.255.255.0 IPv6 is disabled on this interface Received Sent -------- ---- Packets Bytes 22946 digi.router> Digi TransPort WR Routers User Guide...

  • Page 48: Delete A Lan

    IP Start and IP End values match the corresponding IPv4 and Netmask settings for the interface. If the device is being configured to use a DHCP relay server, see DHCP relay. Digi TransPort WR Routers User Guide...
  • Page 49 1 dns1 10.30.1.1 7. Enter the alternate DNS server address given to clients: digi.router> dhcp-server 1 dns2 209.183.48.11 8. Enter the lease time: digi.router> dhcp-server 1 lease-time 60 9. Save the configuration. digi.router> save config Digi TransPort WR Routers User Guide...
  • Page 50 To view your current static IP mapping, type the dhcp-host command with no parameters: digi.router> dhcp-host dhcp-host 1: ip-address 192.168.1.2 mac-address 00:50:18:21:E2:82 dhcp-host 2: ip-address 192.168.1.3 mac-address 00:50:18:21:E2:83 dhcp-host 3: ip-address mac-address dhcp-host 4: ip-address mac-address --More-- Digi TransPort WR Routers User Guide...
  • Page 51 4. (Optional) Set the user class to which this option applies: digi.router> dhcp-option 1 user-class Engineering 5. (Optional) Force the option to be sent to the DHCP clients. digi.router> dhcp-option 1 force on 6. Save the configuration: digi.router> save config Digi TransPort WR Routers User Guide...
  • Page 52 To view your current DHCP option configuration, type the dhcp-option command with no parameters: digi.router> dhcp-option dhcp-option 1: force lan1 option user-class Engineering value 192.168.1.100,192.168.1.1 dhcp-option 2: force option user-class value dhcp-option 3: force option user-class value --More-- Digi TransPort WR Routers User Guide...

  • Page 53: Show Dhcp Server Settings

    Configuring DHCP relay involves the following items: Required configuration items IP address of the primary DHCP relay server, to define the relay server that will respond to DHCP requests. Additional configuration items IP address of a secondary DHCP relay server. Digi TransPort WR Routers User Guide...
  • Page 54 1 relay-server1 192.168.1.1 4. (Optional) Define the IP address of the DHCP server that will serve as the primary DHCP relay server: digi.router> dhcp-server 1 relay-server2 192.168.1.2 5. Save the configuration: digi.router> save config Digi TransPort WR Routers User Guide...
  • Page 55 If the TransPort device successfully forwards a DHCP request but does not receive a reply from the DHCP server, a static route may be required on the DHCP server's host to route the reply back to the device. Digi TransPort WR Routers User Guide...

  • Page 56: Wide Area Networks (Wans)

    Depending on model type, TransPort devices support several Ethernet interfaces. For example, a TransPort LR54 device has four Ethernet interfaces, named eth1, eth2, eth3, and eth4. Other models have fewer Ethernet interfaces, but the naming and numbering of interfaces is similar. You can use Ethernet interfaces as a WAN when connecting to the Internet, through a device such as a cable modem, as shown in the example.

  • Page 57: Wan Priority And Default Route Metrics

    Networks > WANs on the menu and expanding the Probing group. See Configure a Wide Area Network (WAN) for information. The parameters are configured at the command line using the wan <n> timeout and wan <n> retry-after commands. See the command for information. Digi TransPort WR Routers User Guide...

  • Page 58: Active Vs. Passive Failure Detection

    Note The WR64 and some variants of the WR54 have a second modem with two additional sim slots. On these devices, up to four cellular interfaces can be associated with WANs. Digi TransPort WR Routers User Guide...
  • Page 59 SureLink probe options for cellular WANs with only one SIM For WANs configured to use a cellular interface with only one SIM, you can configure additional probe options to reset the cellular module and/or the router when a failure is detected: Digi TransPort WR Routers User Guide...
  • Page 60 Reboot cellular module: If probing fails after a specified amount of time, the TransPort device reboots the cellular module. See the command probe-fail-reset-module option. Reboot router: If probing fails after a specified amount of time, the TransPort device reboots the TransPort device. See the command probe-fail-reset-router option. Digi TransPort WR Routers User Guide...

  • Page 61: Configure A Wide Area Network (Wan)

    These additional configuration settings are not typically configured, but you can set them as needed. For Ethernet interfaces: The IP configuration. WANs typically get their IP address configuration from the network to which they connect (for example, cellular). However, you can manually set the IP configuration Digi TransPort WR Routers User Guide...
  • Page 62 5. In the Security group, configure optional security settings for the WAN. 6. In the Probing group, configure optional probe host settings for the WAN. 7. Click Apply.    Command line Configure basic WAN settings Digi TransPort WR Routers User Guide...
  • Page 63 1 gateway 10.1.2.1 digi.router> wan 1 dns1 10.1.2.1 digi.router> wan 1 dns2 8.8.8.8 5. Optional: Set the speed. digi.router> eth 1 speed {auto | 1000 | 100 | 10} 6. Save the configuration. digi.router> save config Configure IP probe settings 1.

  • Page 64: Show Wan Status And Statistics

    To show detailed status for a WAN, enter the show wan command, specifying the WAN instance number. For example, for a WAN on which IPv6 is enabled: digi.router> show wan 1 WAN 1 Status and Statistics Digi TransPort WR Routers User Guide...
  • Page 65 If IP probing is disabled because the configuration is invalid, the output is similar to the following: digi.router> show wan 1 WAN 1 Status and Statistics --------------------------- WAN Interface : eth1 Admin Status : Up Oper Status : Up IP Address : 10.52.18.120 Digi TransPort WR Routers User Guide...

  • Page 66: Delete A Wan

    2. On the WAN page, select the WAN to delete. 3. Click Delete.    Command line You cannot delete a WAN using the command line. Instead, disable the WAN using the wan n state off command, for example: wan 1 state off Digi TransPort WR Routers User Guide...

  • Page 67: Ipv6

    There are several common IPv6 address types, distinguished by their beginning characters: Address type Beginning characters Description Global routable addresses Either 2 or 3 Each device using IPv6 on the Internet has a globally unique routable IPv6 address. Digi TransPort WR Routers User Guide...

  • Page 68: Auto Address Assignment

    Router Advertisement message. The device uses Duplicate Address Detection (DAD) to ensure the auto-generated IPv6 address is unique. DHCPv6 The device uses DHCPv6 to get an IPv6 address and other network configuration. Digi TransPort WR Routers User Guide...

  • Page 69: Prefix Delegation

    Enabling IPv6 on a LAN does not affect IPv4 operation. When IPv6 is enabled for a LAN, you can have IPv4 addresses on the LAN and hosts on the LAN can use IPv4 and IPv6 as required. Digi TransPort WR Routers User Guide...

  • Page 70: Show Lan Ipv6 Status

    : 1500 DHCP client : Off IP Address : 192.168.1.1 Mask : 255.255.255.0 DNS Server(s) : 8.8.8.8 IPv6 Address(es) : fe80::8473:dff:fe69:ab41/64 (Link Local) 2600:1000:b03e:7ae9:1000::1/68 (Global) Received Sent --------- ---- Packets 167018 56253 Bytes 13487578 4608476 Digi TransPort WR Routers User Guide...

  • Page 71: Configure A Wan For Ipv6

    2. Select the WAN on which you want to configure prefix delegation. 3. Enter the length of the requested prefix in the Requested Prefix Length field.    Command line To change the length of the requested prefix, use the command ipv6-prefix-length parameter. For example: Digi TransPort WR Routers User Guide...

  • Page 72: Show Wan Ipv6 Status

    : 255.255.255.252 Gateway DNS Server(s) : 198.224.186.135, 198.224.187.135 IPv6 Address(es) : 2600:1000:b03e:7ae9:3038:63ff:fe47:4158/64 (Global) fe80::3038:63ff:fe47:4158/64 (Link Local) IPv6 DNS Server(s) : 2001:4888:12:ff00:106:d::, 2001:4888:13:ff00:123:d:: Probes are not being used Received Sent -------- ---- Packets Bytes 104697 130536 Digi TransPort WR Routers User Guide...

  • Page 73: Security

    Security Local users Firewall management with IP filters Certificate and key management Remote Authentication Dial-In User Service (RADIUS) Digi TransPort WR Routers User Guide...

  • Page 74: Local Users

    You can change the default user 1 configuration to match your site requirements. User access levels TransPort devices support three access levels: super, read-write, and read-only. These access levels determine the level of control users have over device features and settings. Digi TransPort WR Routers User Guide...

  • Page 75: Configure A User

    When you add a new user using the web interface, TransPort creates a new user with the next available index number. When you create a new user using the command line, you cannot set or change the user index number assigned to a user. Digi TransPort WR Routers User Guide...
  • Page 76 1 name joeuser 2. Configure the password. For example: digi.router> user 1 password omnivers1031 3. Optional: Configure the access level. For example: digi.router> user 1 access read-write 4. Save the configuration. digi.router> save config Digi TransPort WR Routers User Guide...

  • Page 77: Delete A User

    4. Confirm the new password. 5. Click Apply.    Command line 1. Enter the user command, specifying the new password value: digi.router> user <user number> password <password-value> 2. Save the configuration. digi.router> save config Digi TransPort WR Routers User Guide...
  • Page 78 Security Local users For example: digi.router> user 6 password tester digi.router> save config Digi TransPort WR Routers User Guide...

  • Page 79: Firewall Management With Ip Filters

    The following rule applies only to incoming traffic received from any configured WAN, regardless of other specified parameters. Note The destination None value is the default and need not be specified. ip-filter 1 src any-wan ip-filter 1 dst none Digi TransPort WR Routers User Guide...

  • Page 80: Ip Filter Criteria Options

    2. Within the set of rules you want to add, click  (Add Filter) to create a new filter. See Firewall page for field descriptions. 3. When you have finished adding rules, click Apply. Digi TransPort WR Routers User Guide...

  • Page 81: Delete An Ip Filter Rule

    To add an IP filter rule, use the ip-filter command. For example, to create IP filter rule 3: digi.router> ip-filter 3 description Allow WAN SNMP only from 10.20 network digi.router> ip-filter 3 action accept digi.router> ip-filter 3 src any-wan digi.router> ip-filter 3 protocol tcp,udp digi.router>...

  • Page 82: Enable Or Disable An Ip Filter Rule

    1. On the menu, click Security > Firewall. The Firewall page appears, displaying all configured IP filter rules. 2. Select Input IP Filters to view input IP filters and select Routing IP Filters to view routing IP filters. Digi TransPort WR Routers User Guide...
  • Page 83 Allow WAN SNMP only from 10.20 network Reject any-lan any-wan tcp udp Restrict LAN to WAN for various email services Accept lan1 any-lan Allow LAN1 SSH to Other LANs Reject lan1 any-lan Restrict LAN1 from Accessing Other LANs Digi TransPort WR Routers User Guide...

  • Page 84: Ip Filter Examples

    SNMP (ports 161 and 162) is allowed. Allows access to multiple protocols (the default). It allows both TCP and UDP access for the SNMP service. digi.router> ip-filter 3 description Allow WAN SNMP only from 10.20 network digi.router> ip-filter 3 action accept digi.router> ip-filter 3 src any-wan digi.router>...
  • Page 85 Restricts the rejected traffic to a set of commonly used mail ports. Rejects access using multiple protocols (the default). It rejects both TCP and UDP access. digi.router> ip-filter 4 description Restrict LAN to WAN for various email services digi.router> ip-filter 4 action reject digi.router>...
  • Page 86 The following example shows how to restrict devices on LAN 1 (perhaps a public LAN) from communicating with devices on any other LAN (perhaps internal LANs) except for certain services. By default, LAN devices can communicate with other LANs. Digi TransPort WR Routers User Guide...
  • Page 87 Rule 6 is a Reject rule that restricts LAN 1 from accessing any protocol and any port on other LANs. It is executed after rule 5. digi.router> ip-filter 5 description Allow LAN1 SSH to Other LANs digi.router> ip-filter 5 action accept digi.router>...

  • Page 88: Certificate And Key Management

    You can optionally encrypt the file using either the aes128 or aes256 options. If you choose to encrypt the file, you must provide a password that must be at least four characters in length. For example: digi.router> pki privkey testpriv.key 2048 aes128 hello Create a Diffie Hellman key file ...

  • Page 89: Upload A Private Key File

    However, TransPort does not allow you to continue a command line—the example is for display only. digi.router> pki csr country GB state "North Yorkshire" locality Richmond organization Digi organizational-unit "Digi Engineering" common-name www.example.com testpriv.key testpriv.csr sha256...

  • Page 90: Remote Authentication Dial-In User Service (Radius)

    The local-auth parameter configures how the TransPort behaves when all configured RADIUS servers are unavailable. In most situations, Digi recommends you enable local-auth. In this way, when the RADIUS servers are unavailable for any reason, local users can log in to the TransPort and configure other available servers.

  • Page 91: Configure A Radius Server

    RADIUS servers are unavailable. d. Click Debug to log RADIUS debug messages to the TransPort log. This is optional. 3. Under the Primary Server Settings section, configure the primary RADIUS server. See RADIUS page for detailed information. Digi TransPort WR Routers User Guide...
  • Page 92 1813 10. (Optional) Set a backup server secret: digi.router> radius backup-server-secret thisisthebackupsecret 11. (Optional) Set a backup server timeout: digi.router> radius backup-server-timeout 10 12. Turn on the RADIUS server authentication: digi.router> radius state on Digi TransPort WR Routers User Guide...
  • Page 93 Security Remote Authentication Dial-In User Service (RADIUS) 13. Save the configuration: digi.router> save config Digi TransPort WR Routers User Guide...

  • Page 94: Hotspot

    Hotspot authentication modes Selecting a LAN to be used by the hotspot Hotspot DHCP server Hotspot security Hotspot configuration Show hotspot status and statistics Show current hotspot configuration Customize the hotspot login page Hotspot RADIUS attributes Digi TransPort WR Routers User Guide...

  • Page 95: Hotspot Authentication Modes

    Requests made via any other protocol will also time out. Most operating systems will detect this scenario and automatically notify users to open the login page in a web browser. Digi TransPort WR Routers User Guide...

  • Page 96: Selecting A Lan To Be Used By The Hotspot

    (such as the LAN and VPN interfaces). Additionally, the default firewall rules prevent hotspot clients from accessing the router itself (for example, via the web interface or SSH). Digi TransPort WR Routers User Guide...

  • Page 97: Hotspot Configuration

    Configure the hotspot with click-through authentication Configure the hotspot with a local shared password Configure the hotspot with a RADIUS shared password Configure the hotspot with RADIUS users authentication Configure the hotspot to use HotspotSystem Digi TransPort WR Routers User Guide...

  • Page 98: Enable The Hotspot Using The Default Configuration

    HTML page. Enable the hotspot Hotspot using the default configuration can be enabled by using the Web UI or the command line: Web UI instructions Command line instructions Digi TransPort WR Routers User Guide...
  • Page 99 For Select Access Point, select the access point of the Wi-FI interface that was selected for the LAN. b. For SSID, type the SSID that will be used for this hotspot. c. For Security, select None. d. Enable Broadcast SSID. e. Click Apply. Digi TransPort WR Routers User Guide...
  • Page 100 2. Enable and add interfaces to the hotspot's default LAN (LAN2): a. Enable the LAN: digi.router> lan 2 state on b. Add interfaces to the LAN: digi.router> lan 2 interfaces wifi-ap2 Digi TransPort WR Routers User Guide...
  • Page 101 If an Ethernet interface was added to the LAN, no configuration of the Ethernet interface is required. a. Set the SSID for the Wi-Fi interface: digi.router> wifi-ap 2 ssid ssid b. Disable the Wi-Fi interface's security: digi.router> wifi-ap 2 security none 4. Save the configuration: digi.router> save config Digi TransPort WR Routers User Guide...

  • Page 102: Configure The Hotspot With Click-Through Authentication

    Selecting a LAN to be used by the hotspot for more information. Configure the hotspot Hotspot with click-through authentication can be configured by using the Web UI or the command line: Web UI instructions Command line instructions Digi TransPort WR Routers User Guide...
  • Page 103 Enter the number and selected either Kbps or Mbps. The default for both is 10 Mbps. m. For DHCP Lease Length, enter the duration of the DHCP server lease in seconds. The default is 600 seconds. Digi TransPort WR Routers User Guide...
  • Page 104 For Security, select None. d. Enable Broadcast SSID. e. Click Apply.    Command line 1. Enable and configure the hotspot for click-through authentication: a. Assign the appropriate LAN to the hotspot: digi.router> hotspot lan lan3 Digi TransPort WR Routers User Guide...
  • Page 105 Add the remote server to either the allowed-domains or allowed-subnets: digi.router> hotspot allowed-domains domain-name Additional servers can be added to the allowed-domains or allowed-subnets using a comma-separated list. Up to 999 characters are allowed. Digi TransPort WR Routers User Guide...
  • Page 106 If an Ethernet interface was added to the LAN, no configuration of the Ethernet interface is required. a. Set the SSID for the Wi-Fi interface: digi.router> wifi-ap 2 ssid ssid b. Disable the Wi-Fi interface's security: digi.router> wifi-ap 2 security none Digi TransPort WR Routers User Guide...
  • Page 107 Hotspot Hotspot configuration 4. Save the configuration: digi.router> save config Digi TransPort WR Routers User Guide...

  • Page 108: Configure The Hotspot With A Local Shared Password

    Selecting a LAN to be used by the hotspot for more information. Configure the hotspot Hotspot with local shared password authentication can be configured by using the Web UI or the command line: Web UI instructions Command line instructions Digi TransPort WR Routers User Guide...
  • Page 109 Enter the number and selected either Kbps or Mbps. The default for both is 10 Mbps. m. For DHCP Lease Length, enter the duration of the DHCP server lease in seconds. The default is 600 seconds. Digi TransPort WR Routers User Guide...
  • Page 110 For Security, select None. d. Enable Broadcast SSID. e. Click Apply.    Command line 1. Enable and configure the hotspot for local shared password authentication: a. Assign the appropriate LAN to the hotspot: digi.router> hotspot lan lan3 Digi TransPort WR Routers User Guide...
  • Page 111 Add the remote server to either the allowed-domains or allowed-subnets: digi.router> hotspot allowed-domains domain-name Additional servers can be added to the allowed-domains or allowed-subnets using a comma-separated list. Up to 999 characters are allowed. Digi TransPort WR Routers User Guide...
  • Page 112 If an Ethernet interface was added to the LAN, no configuration of the Ethernet interface is required. a. Set the SSID for the Wi-Fi interface: digi.router> wifi-ap 2 ssid ssid b. Disable the Wi-Fi interface's security: digi.router> wifi-ap 2 security none Digi TransPort WR Routers User Guide...
  • Page 113 Hotspot Hotspot configuration 4. Save the configuration: digi.router> save config Digi TransPort WR Routers User Guide...

  • Page 114: Configure The Hotspot With A Radius Shared Password

    Most of its configuration (for example, its IP address and DHCP server) is set automatically by the hotspot, and the LAN is dedicated for use only by the hotspot. For this reason, you should select a LAN for the hotspot that has not already been configured for use outside of hotspot functionality. Digi TransPort WR Routers User Guide...
  • Page 115 Selecting a LAN to be used by the hotspot for more information. Configure the hotspot Hotspot with RADIUS shared password authentication can be configured by using the Web UI or the command line: Web UI instructions Command line instructions Digi TransPort WR Routers User Guide...
  • Page 116 For Server Port, enter the port number for the hotspot server. The default is 4990. n. For Auth Port, enter the port number for the hotspot authentication server. The default is 3990. Digi TransPort WR Routers User Guide...
  • Page 117 For Interfaces, select the appropriate Ethernet and/or Wi-Fi interfaces for the hotspot. c. Click Apply. 3. Configure the hotspot's Wi-Fi interface: Note If an Ethernet interface was added to the LAN, no configuration of the Ethernet interface is required. Digi TransPort WR Routers User Guide...
  • Page 118 Assign the appropriate LAN to the hotspot: digi.router> hotspot lan lan3 Hotspot LAN configuration for important information about selecting a LAN for the hotspot. b. Set the authentication mode to radius-shared-password: digi.router> hotspot auth-mode radius-shared-password Digi TransPort WR Routers User Guide...
  • Page 119 DHCP server. Hotspot DHCP server for more information. digi.router> hotspot ip-address ip-address digi.router> hotspot mask subnet-mask e. Set the fully qualified domain name or IP address of the primary RADIUS server: digi.router> hotspot radius-server1 server Digi TransPort WR Routers User Guide...
  • Page 120 The default for both is 10000 kbps. digi.router> hotspot bandwidth-max-up max_in_kbps digi.router> hotspot bandwidth-max-down max_in_kbps p. (Optional) Change the duration of the DHCP server lease in seconds. The default is 600 seconds. digi.router> hotspot dhcp-lease length_in_seconds Digi TransPort WR Routers User Guide...
  • Page 121 If an Ethernet interface was added to the LAN, no configuration of the Ethernet interface is required. a. Set the SSID for the Wi-Fi interface: digi.router> wifi-ap 2 ssid ssid b. Disable the Wi-Fi interface's security: digi.router> wifi-ap 2 security none 4. Save the configuration: digi.router> save config Digi TransPort WR Routers User Guide...

  • Page 122: Configure The Hotspot With Radius Users Authentication

    SSH server via that LAN. Do not enable hotspot for the LAN that you are using to access the device for other purposes. See Selecting a LAN to be used by the hotspot for more information. Digi TransPort WR Routers User Guide...
  • Page 123 Hotspot Hotspot configuration Configure the hotspot Hotspot with RADIUS users authentication can be configured by using the Web UI or the command line: Web UI instructions Command line instructions Digi TransPort WR Routers User Guide...
  • Page 124 For Server Port, enter the port number for the hotspot server. The default is 4990. n. For Auth Port, enter the port number for the hotspot authentication server. The default is 3990. Digi TransPort WR Routers User Guide...
  • Page 125 For Interfaces, select the appropriate Ethernet and/or Wi-Fi interfaces for the hotspot. c. Click Apply. 3. Configure the hotspot's Wi-Fi interface: Note If an Ethernet interface was added to the LAN, no configuration of the Ethernet interface is required. Digi TransPort WR Routers User Guide...
  • Page 126 Assign the appropriate LAN to the hotspot: digi.router> hotspot lan lan3 Hotspot LAN configuration for important information about selecting a LAN for the hotspot. b. Set the authentication mode to radius-users: digi.router> hotspot auth-mode radius-users Digi TransPort WR Routers User Guide...
  • Page 127 DHCP server. Hotspot DHCP server for more information. digi.router> hotspot ip-address ip-address digi.router> hotspot mask subnet-mask e. Set the fully qualified domain name or IP address of the primary RADIUS server: digi.router> hotspot radius-server1 server Digi TransPort WR Routers User Guide...
  • Page 128 The default for both is 10000 kbps. digi.router> hotspot bandwidth-max-up max_in_kbps digi.router> hotspot bandwidth-max-down max_in_kbps p. (Optional) Change the duration of the DHCP server lease in seconds. The default is 600 seconds. digi.router> hotspot dhcp-lease length_in_seconds Digi TransPort WR Routers User Guide...
  • Page 129 If an Ethernet interface was added to the LAN, no configuration of the Ethernet interface is required. a. Set the SSID for the Wi-Fi interface: digi.router> wifi-ap 2 ssid ssid b. Disable the Wi-Fi interface's security: digi.router> wifi-ap 2 security none 4. Save the configuration: digi.router> save config Digi TransPort WR Routers User Guide...

  • Page 130: Configure The Hotspot To Use Hotspotsystem

    2. Add a new location for the hotspot. Take care when selecting the Business Model because some options cannot be changed after you create the location. Go to Add a new location. 3. Click Modify Hotspot Data & Settings. Digi TransPort WR Routers User Guide...
  • Page 131 Refer to the following page for an up-to-date list of social login domains that need to be whitelisted: Whitelist for hotspot free social login. Configure the hotspot Hotspot with HotspotSystem authentication can be configured by using the Web UI or the command line: Web UI instructions Command line instructions Digi TransPort WR Routers User Guide...
  • Page 132 (such as social media sites). If Remote URL has been selected for the Login type, the domain for the web server that is being use to serve the remote HTML files must be included in the white list defined in these fields. n. Click Apply. Digi TransPort WR Routers User Guide...
  • Page 133 Assign the appropriate LAN to the hotspot: digi.router> hotspot lan lan3 Hotspot LAN configuration for important information about selecting a LAN for the hotspot. b. Set the authentication mode to hotspotsystem: digi.router> hotspot auth-mode hotspotsystem Digi TransPort WR Routers User Guide...
  • Page 134 Enable the hotspot. digi.router> hotspot state on 2. Enable and add interfaces to the hotspot's LAN: a. Enable the LAN: digi.router> lan 3 state on b. Add interfaces to the LAN: digi.router> lan 3 interfaces wifi-ap2 Digi TransPort WR Routers User Guide...

  • Page 135: Show Hotspot Status And Statistics

    On the menu, click Network > Services > Hotspot. The current configuration is displayed.    Command line View the current hotspot configuration using the show hotspot command with no parameters: digi.router> hotspot hotspot 1: allowed-domains allowed-subnets auth-mode click-through auth-port 3990 bandwidth-max-down 10000 bandwidth-max-up 10000 dhcp-lease ip-address 10.1.0.1 Digi TransPort WR Routers User Guide...

  • Page 136: Customize The Hotspot Login Page

    HTML page when they log into the hotspot. You can also host the HTML pages on an external web server, rather than on the TransPort device. This section contains the following information: Digi TransPort WR Routers User Guide...

  • Page 137: Edit Sample Hotspot Html Pages

    Rather than editing the sample HTML pages, you can upload a custom login page with a different filename. The new page should include ChilliLibrary.js and call the same JavaScript functions that the sample HTML pages do. Additional pages and assets can be uploaded to the hotspot folder, and additional Digi TransPort WR Routers User Guide...
  • Page 138 Restore hotspot default sample pages If you have customized the sample HTML pages without making a backup of the samples, you may wish to restore the original version of the HTML pages without doing a factory reset. Digi TransPort WR Routers User Guide...

  • Page 139: Use A Remote Webserver

    Hotspot RADIUS attributes The RADIUS server may send attributes to the hotspot to affect the operation of a client session. For example, here are some of the RADIUS attributes that the hotspot handles: Session-Timeout Idle-Timeout Acct-Interim-Interval Digi TransPort WR Routers User Guide...
  • Page 140 Also, if the RADIUS server requests it, the hotspot will send accounting information back to the RADIUS server. For example, here are some of the RADIUS attributes that the hotspot sends: Acct-Input-Octets Acct-Output-Octets Acct-Session-Time Acct-Input-Packets Acct-Output-Packets Acct-Input-Gigawords Acct-Output-Gigawords Digi TransPort WR Routers User Guide...
  • Page 141 Services and applications Location information Auto-run commands Python Port forwarding Using an SSH server Digi TransPort WR Routers User Guide...

  • Page 142: Services And Applications

    An IP filter rule should also be also created on the device to allow this port to accept UDP communications. Note When the device is configured as a location server, it will not read location data from its GNSS module. Digi TransPort WR Routers User Guide...
  • Page 143 WebUI or the command line.    Web 1. On the menu, click Security > Firewall > Input IP Filters. 2. Click  (Add Filter) to create a new filter. Digi TransPort WR Routers User Guide...
  • Page 144 This example uses IP filter rule 3. This number should be replaced with an unused instance to avoid overwriting an existing IP filter rule. 1. (Optional) Set a description for this ip-filter rule: digi.router> ip-filter 3 description IP filter rule for incoming location messages 2. Set the action to accept: digi.router>...

  • Page 145: Forward Location Information To A Remote Host

    5. For Server, enter the IP address of the remote host to which location messages will be sent. 6. For Server Port, enter the UDP port on the remote host to which location messages will be sent. Digi TransPort WR Routers User Guide...
  • Page 146 To forward location information from external sources: digi.router> location state server 2. Set the IP address of the remote host to which location messages will be sent: digi.router> location-client 1 server 192.168.2.3 Digi TransPort WR Routers User Guide...
  • Page 147 Services and applications Location information 3. (Optional) Provide a description of the remote host: digi.router> location-client 1 description Remote host 1 4. Set the UDP port on the remote host to which location messages will be sent: digi.router> location-client 1 server-port 8000 5.
  • Page 148 1 server 192.168.2.3 3. (Optional) Provide a description of the remote host: digi.router> location-client 1 description Remote host 1 4. Set the UDP port on the remote host to which location messages will be sent: digi.router> location-client 1 server-port 8000 5.

  • Page 149: Show Location Information

    To show detailed location information and statistics, use the show location command: digi.router> show location Location Status --------------- GNSS State : on Source : 192.168.2.3 Latitude : 40* 49' 20.000" N (40.822245) Longitude : 73* 12' 32.000" E (-73.209048) Digi TransPort WR Routers User Guide...
  • Page 150 Location information Altitude : 15 meters Velocity : 0 meters per second Direction : None Quality : Standard GNSS (2D/3D) UTC Date and Time : 03 October 2018, 16:47:53 No. of Satellites : 7 digi.router> Digi TransPort WR Routers User Guide...

  • Page 151: Auto-Run Commands

    Example: Update the configuration from file config.da0 1. Type the following command: digi.router> autorun 1 command “update config config.da0” 2. Save the configuration. digi.router> save config Example: Run a timed reboot 1.

  • Page 152: Python

    2. Use the python command to run the Python application. In the following example, the Python application, health.py, takes 3 parameters: 120, ports and storage: digi.router> python health.py 120 ports storage Show running Python applications    Command line Use the show python command to list Python applications currently running on your TransPort device.

  • Page 153: Run An Interactive Python Session

    Python applications can stored in a different directory as required; for example, you can create a scripts directory using the mkdir command, and store your uploaded Python applications in this directory. Required configuration items Upload the Python script to be run. Enable the Python script. Digi TransPort WR Routers User Guide...
  • Page 154 1. Configure the Python application to be run automatically at startup. digi.router> python-autostart 1 filepath “scripts/traffic.py” 2. (Optional) Configure arguments for the Python script. digi.router> python-autostart 1 args “300 –quiet” 3. (Optional) Configure the action to be taken when the script finishes. Allowed values are: none, restart or reboot.

  • Page 155: Digidevice Module

    Description Location Contact >>> Many of the cli show commands can output the response in JSON format, using the -fjson option. This makes it easier for Python applications to read the data. digi.router> python Digi TransPort WR Routers User Guide...
  • Page 156 'cpu-min': '0', 'uptime': '3 Days, 11 Hours, 16 Minutes, 50 Seconds'} >>> >>> print (resp[“model”]) LR54W-FIPS >>> The digidevice datapoint submodule Use the datapoint submodule to upload custom datapoints to Digi Remote Manager (DRM). The following characteristics can be defined for a datapoint: Stream ID Value (Optional) Data type integer...

  • Page 157: Log Messages For Python Applications

    >>> syslog.syslog(syslog.LOG_ERR, “Error message from Python”) >>> syslog.syslog(syslog.LOG_INFO, “Informational message from Python”) 2. Print the event log: digi.router> show log 2018-07-16 07:36:29.103272 user.err python3_sb: Error message from Python 2018-07-16 07:36:30.447212 user.info python3_sb: Informational message from Python Digi TransPort WR Routers User Guide...

  • Page 158: Port Forwarding

    (the default state). Incomplete and incorrect port forwarding rules are not applied. For example: digi.router> port-forward 4 port 80 digi.router> port-forward 4 to-ip-address 192.168.47.1 digi.router> port-forward 4 state on digi.router> save config Digi TransPort WR Routers User Guide...

  • Page 159: Delete A Port Forwarding Rule

    To enable or disable a port forwarding rule, use the port-forwardstate parameter. For example, to enable port forwarding rule 4: digi.router> port-forward 4 state on digi.router> save config To disable port forwarding rule 4: digi.router> port-forward 4 state off digi.router> save config Digi TransPort WR Routers User Guide...

  • Page 160: Show Port Forwarding Rules

    192.168.1.1 for the first time using the admin user account. $ ssh admin@192.168.1.1 The authenticity of host '192.168.1.1 (192.168.1.1)' can't be established. RSA key fingerprint is 2c:db:01:65:2f:bb:a3:4f:c0:5e:dd:2d:e7:9f:7d:01. Are you sure you want to continue connecting (yes/no)? yes Digi TransPort WR Routers User Guide...

  • Page 161: Terminate An Ssh Connection

    SSH public key for the user SSH key type Optional configuration items If you want to use the configured user via the serial or web UI interfaces, you must configure a password for the user. Digi TransPort WR Routers User Guide...

  • Page 162: Using Ssh With Certificate Authentication

    2. Configure the SSH public key for the user. Because the SSH public key is a long character string, cut and paste the key to avoid input errors. For example: digi.router> user 2 ssh-key AAAAB3NzaC1y... T3rbBVb 3. Configure the SSH key type for the user. For example: digi.router>...
  • Page 163 For example: digi.router> ssh 1 ca-key AAAAB3NzaC1y...yjpY4HJ 5. Configure the SSH CA key type. For example: digi.router> ssh 1 ca-key-type ssh-rsa 6. Save the configuration. digi.router> save config Digi TransPort WR Routers User Guide...

  • Page 164: Example: Use An Ssl Certificate Authentication

    On the Linux host 1. Create a CA private and public RSA key pair in the .ssh directory. You will be prompted for a passphrase. To prevent unauthorized use of the CA key, Digi recommends you configure a passphrase for the key.

  • Page 165: Example: Use An Ssl Certificate Authentication With Shared Account

    2. The SSH CA admin signs Alice’s SSH public key using the CA private key, using the name it- admin as the principal (ssh-keygen -n option) in the key signing. 3. The SSH CA admin gives the signed public key file (for example, id_rsa-cert.pub). Digi TransPort WR Routers User Guide...
  • Page 166 9. As Alice and Bob are using a shared account, the event log only logs the fact the user it-admin has logged in. However, the system log does display the ID of the user’s public key so it is possible to identify who logged in. Digi TransPort WR Routers User Guide...

  • Page 167: Remote Management

    Remote management Remote Manager Using Simple Network Management Protocol (SNMP) Digi TransPort WR Routers User Guide...

  • Page 168: Remote Manager

    The Digi Remote Manager servers also provide a data storage facility. Using Digi Remote Manager requires setting up a Digi Remote Manager account. To set up a Digi Remote Manager account and learn more about Digi Remote Manager, go to www.digi.com/products/cloud/digi-remote-manager.
  • Page 169 1. On the menu, click System > Administration > Remote Manager. The Digi Remote Manager page appears. 2. Enter your credentials to log in to your Digi Remote Manager account and click Log In. 3. Select a group for you device in your Digi Remote Manager account, then click Register Device.

  • Page 170: Show Digi Remote Manager Connection Status

    Show Digi Remote Manager connection status    Web On the menu, click System > Administration > Remote Manager. The Digi Remote Manager page shows whether your device is connected to Digi Remote Manager, as well as device connection statistics.    Command line...

  • Page 171: Using Simple Network Management Protocol (Snmp)

    5. For the Health sample interval, select the interval for sampling data. 6. Click Save to save the configuration.    Command line Turn on health reporting for Digi Remote Manager: digi.router> cloud health on digi.router> save config Set sample interval to 30 minutes: digi.router>...

  • Page 172: Configure Snmpv1 And Snmpv2

    4. Configure an IP filter that allows SNMP traffic to be received by the TransPort device. For example, to allow SNMP packets from IP host 192.168.1.200 over LAN 1, the commands are as follows: digi.router> ip-filter 1 description “Allow SNMP from 192.168.1.200” digi.router> ip-filter 1 dst-ip-port 161 digi.router> ip-filter 1 src lan1 digi.router>...
  • Page 173 8. Configure an IP filter that allows SNMP traffic to be received TransPort device. For example, to allow SNMP packets from IP host 192.168.1.200 over any WAN interface, the commands are as follows: digi.router> ip-filter 1 description “Allow SNMP from 192.168.1.200” digi.router> ip-filter 1 dst-ip-port 161 digi.router> ip-filter 1 src lan1 digi.router>...

  • Page 174: Routing

    Routing IP routing Dynamic DNS Web filtering (OpenDNS) Dynamic Mobile Network Routing (DMNR) Quality of Service (QoS) Virtual Router Redundancy Protocol (VRRP) Digi TransPort WR Routers User Guide...

  • Page 175: Ip Routing

    In the web interface, general IP settings are configured as part of configuring a LAN or WAN. See Configure a LAN Configure a Wide Area Network (WAN).    Command line 1. Set the hostname. digi.router> ip hostname WR64-NewYork 2. Set the administrative distance for connected routes. digi.router> ip admin-conn 3 Digi TransPort WR Routers User Guide...

  • Page 176: Configure A Static Route

    1 mask 255.255.255.0 2. Set the gateway IP address. digi.router> route 1 gateway 192.168.1.254 3. Save the configuration. digi.router> save config Example 2 To configure a static route to the 44.1.0.0/16 network using the cellular1 interface: Digi TransPort WR Routers User Guide...

  • Page 177: Show The Ipv4 Routing Table

    To revert the settings for the route destination, enter the route command, specifying the interface number, the destination parameter, and the exclamation mark (!) character. For example: digi.router> route 1 destination ! digi.router> save config Digi TransPort WR Routers User Guide...

  • Page 178: Routing Rules

    Current not supported.    Command line 1. Configure the routing rule for LAN1: a. Set the source to LAN1: digi.router> routing-rule 1 src lan1 b. Set the wan to WAN1: digi.router> routing-rule 1 wan 1 Digi TransPort WR Routers User Guide...
  • Page 179 3. Enable the routing rule: digi.router> routing-rule 2 state on 4. Save the configuration: digi.router> save config Show routing rules    Web Current not supported.    Command line show routing-rule command displays the current routing rules configuration: Digi TransPort WR Routers User Guide...

  • Page 180: Dynamic Dns

    WAN, the TransPort monitors the IP address of WAN interfaces. If you select Public, the TransPort monitors the public-facing IP address, regardless of the IP address of the WAN interface.    Command line Digi TransPort WR Routers User Guide...

  • Page 181: Web Filtering (Opendns)

    December 7, 2017, you cannot use the token with a TransPort device. Regenerate a token from your Umbrella console. Once you have completed your Cisco Umbrella configuration, you can verify that your setup is working by following the steps outlined in How-to-test-for-successful-OpenDNS-configuration. Digi TransPort WR Routers User Guide...

  • Page 182: Clear Device Id

    1. On the menu, click Network > Services > DMNR. The DMNR page appears. 2. Provide DMNR configuration options. See DMNR page for field descriptions. 3. Click Apply.    Command line To configure DMNR, use the dmnr command. For example: Digi TransPort WR Routers User Guide...

  • Page 183: Show Dmnr Status

    Registration Status : Registered Home Agent : 66.174.161.160 Care of Address : 10.251.193.245 Interface : cellular1 Lifetime (actual) : 570 Local Network Subnet Status _____________ ______ _______ lan1 10.251.80.140/30 Registered lan2 10.251.80.128/30 Registered digi.router> Digi TransPort WR Routers User Guide...

  • Page 184: Quality Of Service (Qos)

    Add one or more filters for each configured queue. You can configure a total of 32 filters for all queues. c. When you have finished configuring filters, click Apply.    Command line To enable QoS on a configured WAN, use the command. For example, to enable QoS on Digi TransPort WR Routers User Guide...
  • Page 185 For example: digi.router> qos-filter 1 queue 1 qos-queue 1: digi.router> qos-queue qos-queue 1: bandwidth-upstream 2000 borrow-upstream description VoIP Queue dscp-class do-not-set state qos-queue 2: bandwidth-upstream borrow-upstream description Video Streaming dscp-class state digi.router> qos-filter Digi TransPort WR Routers User Guide...

  • Page 186: Show Qos Configuration And Status

    3: description Netflix traffic dscp cs0,cs1,cs2,cs3,cs4 dst-ip-address dst-ip-port protocol tcp,udp queue lan2 src-ip-address 192.168.2.1 src-ip-port 9000 state Show QoS configuration and status    Web Digi TransPort WR Routers User Guide...

  • Page 187: Virtual Router Redundancy Protocol (Vrrp)

    Configure the default gateway and DNS server addresses for VRRP. 2. On the menu, click Network > Services> VRRP. The VRRP page appears. 3. Click the State toggle switch to "on" to turn on the VRRP instance. Digi TransPort WR Routers User Guide...
  • Page 188 The value 0.0.0.0 allows the router to automatically use the VRRP virtual IP address when VRRP is enabled for that LAN, or the IP address if VRRP is not enabled for that LAN. You can use one of the following methods to reconfigure the DHCP server: Digi TransPort WR Routers User Guide...

  • Page 189: Show Vrrp Status And Statistics

    This section describes how to display VRRP status and statistics for a TransPort device.    Web On the menu, click Network > Services> VRRP. The VRRP page appears.    Command line Enter the following command: digi.router> show vrrp Digi TransPort WR Routers User Guide...
  • Page 190 Virtual Private Networks (VPN) Virtual Private Networks (VPNs) are used to securely connect two private networks together so that devices can connect from one network to the other using secure channels. IPsec OpenVPN Generic Routing Encapsulation (GRE) Digi TransPort WR Routers User Guide...

  • Page 191: Virtual Private Networks (Vpn)

    Main mode Main mode is the default mode. It is slower than aggressive mode, but more secure, in that all sensitive information sent between the device and its peer is encrypted. Aggressive mode Digi TransPort WR Routers User Guide...

  • Page 192: Configure An Ipsec Tunnel

    Hellman group configured on the remote device. The larger the number of bits, the more secure the IPsec tunnel. However, a larger bit length requires more computing power, which can slow down the tunnel negotiation and performance. Digi TransPort WR Routers User Guide...
  • Page 193 This setting would be used if the device has a number of IPsec tunnels configured to ensure that the IPsec tunnels are not renegotiated at the same time which could put excessive load on the device. Digi TransPort WR Routers User Guide...
  • Page 194 Identifier must match the value for the Remote Identifier on the remote device at the other end of the tunnel. Remote Peer IP Address or Name: Enter the IP address or name of the remote device, also known as the peer, at the other end of the IPsec tunnel. Digi TransPort WR Routers User Guide...
  • Page 195 3. Modify the Network, Encryption, Negotiation, and Lifetime settings as needed. 4. Click Apply.    Command line 1. Enable the IPsec tunnel. digi.router> ipsec 1 state on 2. Enter the IP address or name of the remote device. digi.router> ipsec 1 peer 47.23.78.32 Digi TransPort WR Routers User Guide...

  • Page 196: Example: Ipsec Tunnel Between A Transport Lr54 And Transport Wr44

    Example: IPsec tunnel between a TransPort LR54 and TransPort WR44 The following figure shows a sample IPsec configuration between a TransPort LR54 and a TransPort WR44. Here are the configuration settings for both devices. TransPort LR54 configuration digi.router>...
  • Page 197 3600 lifebytes margintime marginbytes random ike-mode aggressive ike-encryption aes128 ike-authentication sha1 ike-diffie-hellman group5 ike-lifetime 3600 ike-tries dpddelay dpdtimeout TransPort WR44 configuration # Link to TransPort LR54 eth 0 IPaddr "10.0.0.44" eth 0 ipsec 1 Digi TransPort WR Routers User Guide...

  • Page 198: Debug An Ipsec Configuration

    2 — More detailed debugging control flow. 3 — Includes RAW data dumps in hexadecimal format. 4 — Also includes sensitive material in dumps (for example, encryption keys).    Command line digi.router> system ipsec-debug <debug_level> Digi TransPort WR Routers User Guide...

  • Page 199: Show Ipsec Status And Statistics

    Dead Peer Detection is off Bytes In Bytes Out digi.router> IPsec XAuth authentication XAuth (eXtended Authentication) pre-shared key authentication mode provides additional security using client authentication credentials in addition to the standard pre-shared key. TransPort devices Digi TransPort WR Routers User Guide...
  • Page 200 5. For XAuth Identity and XAuth Password, type your XAuth credentials. 6. Click Apply    Command line Note These instructions assume an IPsec tunnel has already been created. For more information, see Configure an IPsec tunnel. Digi TransPort WR Routers User Guide...
  • Page 201 4. For Confirm Password, retype the password. 5. Click Apply Up to ten XAuth clients can be configured.    Command line Note These instructions assume an IPsec tunnel has already been created. For more information, see Configure an IPsec tunnel. Digi TransPort WR Routers User Guide...
  • Page 202 3. Configure the credentials that the XAuth client will use to authenticate to the device's XAuth server digi.router> xauth-user 1 username <user> digi.router> xauth-user 1 password <password> Up to ten XAuth clients can be configured. 4. Save the configuration: digi.router> save config Digi TransPort WR Routers User Guide...

  • Page 203: Openvpn

    Windows clients. subnet Each OpenVPN client connected to the OpenVPN server is assigned an IP address within the IP subnet specified in the OpenVPN server configuration. For more information on OpenVPN topologies, see OpenVPN topology. Digi TransPort WR Routers User Guide...

  • Page 204: Configure An Openvpn Server For Routing Mode And Certificate Authentication

    A subnet mask for the network when in routing mode. A primary and secondary DNS server. The ciphers and digest used by the OpenVPN server. For more information, see Configure ciphers and digests for use on the OpenVPN tunnel. Digi TransPort WR Routers User Guide...
  • Page 205 1. Enable the OpenVPN server. digi.router> openvpn-server state on 2. Configure the IP network of the OpenVPN server. digi.router> openvpn-server network 192.168.54.0 3. (Optional) Configure the IP subnet mask of the OpenVPN server. digi.router> openvpn-server mask 255.255.255.128 Digi TransPort WR Routers User Guide...
  • Page 206 11. (Optional) Configure the TCP/UDP port. digi.router> openvpn-server port 8894 12. (Optional) Enable compression. digi.router> openvpn-server compression lzo 13. (Optional) Configure a description. digi.router> openvpn-server description “LA OpenVPN server” 14. Save the configuration. digi.router> save config Digi TransPort WR Routers User Guide...

  • Page 207: Configure An Openvpn Server To Use Username And Password Authentication

    2. Configure a user name and password. For example, to configure a username ny-office and password abcdefgh, the commands would be. digi.router> openvpn-user 1 username ny-office digi.router> openvpn-user 1 password abcdefgh 3. Save the configuration. digi.router> save config Digi TransPort WR Routers User Guide...

  • Page 208: Configure An Openvpn Server To Use Radius Authentication

    4. Configure the RADIUS server secret. digi.router> openvpn-server radius-server-secret mysecret 5. (Optional) Configure the RADIUS server port. For example, to change the port to 8812, the command is: digi.router> openvpn-server radius-server-port 8812 6. Save the configuration. digi.router> save config Digi TransPort WR Routers User Guide...

  • Page 209: Configure An Openvpn Client For Routing Mode And Certificate Authentication

    OpenVPN Client page appears. 2. Click New OpenVPN Client. The OpenVPN client page displays the settings for a new OpenVPN tunnel. 3. In the Select OpenVPN Client setting, select a number to assign to the OpenVPN client. Digi TransPort WR Routers User Guide...
  • Page 210 1 cert ovpnc1.pem 5. Configure the server key. digi.router> openvpn-client 1 key ovpnc1.key 6. (Optional) Configure the IP protocol. digi.router> openvpn-client 1 protocol tcp 7. (Optional) Configure the TCP/UDP port. digi.router> openvpn-client 1 port 8894 Digi TransPort WR Routers User Guide...

  • Page 211: Configure An Openvpn Client To Use Username And Password Authentication

    9. (Optional) Configure the connection retry interval. digi.router> openvpn-client 1 connect-retry 10 10. (Optional) Configure a description. digi.router> openvpn-server description “OpenVPN to LA office” 11. Save the configuration. digi.router> save config Configure an OpenVPN client to use username and password...

  • Page 212: Configure Ciphers And Digests For Use On The Openvpn Tunnel

    Cipher: Select the desired ciphers that the OpenVPN can use for an OpenVPN tunnel. Note The order of the ciphers is important for cipher negotiation. The first cipher in the list will be used if both the OpenVPN client and server support cipher negotiation. 4. Click Apply. Digi TransPort WR Routers User Guide...

  • Page 213: Configure Keepalives On The Openvpn Tunnels

    The keepalive interval and timeout is only configured on the OpenVPN server and is pushed up to the OpenVPN client during the tunnel negotiation. The OpenVPN server automatically doubles the configured keepalive timeout to ensure that the OpenVPN client times out first. Digi TransPort WR Routers User Guide...

  • Page 214: Configure Renegotiation On The Openvpn Tunnels

      Web 1. On the menu, click Network > Networks > OpenVPN and select OpenVPN Server. The OpenVPN Server page appears. 2. Click Edit. The OpenVPN server page displays the settings for the OpenVPN server. Digi TransPort WR Routers User Guide...

  • Page 215: Configure Pushing Routes To Openvpn Clients

      Command line 1. OpenVPN routes are configured using the openvpn-route command. For example to configure routes for 10.123.1.0/24 and 10.222.33.0/24 networks, the commands are: digi.router> openvpn-route 1 destination 10.123.1.0 digi.router> openvpn-route 1 mask 255.255.255.0 Digi TransPort WR Routers User Guide...

  • Page 216: Configure An Openvpn Client And Server For Bridge Mode

      Command line 1. Configure the LAN interface to be assigned with the OpenVPN server. digi.router> openvpn-server bridge-mode lan1 2. Configure the LAN interface to be assigned with the OpenVPN client. digi.router> openvpn-client 1 bridge-mode lan1 Digi TransPort WR Routers User Guide...

  • Page 217: Show Openvpn Server Status And Statistics

      Command line Display all enabled OpenVPN clients The show openvpn-client command displays a summary of the OpenVPN clients configured on the device. digi.router> show openvpn-client Status Remote Server IP Address Mask Description -------------------------------------------------------------------------------- ---------------------- Digi TransPort WR Routers User Guide...

  • Page 218: Debug An Openvpn Tunnel

    5. On the menu, click Network > Networks > OpenVPN > Client. The OpenVPN Client page appears. 6. Select the OpenVPN client to configure. 7. Set the Logging Level to 3. 8. Click Apply. Digi TransPort WR Routers User Guide...

  • Page 219: Example: Openvpn Tunnel In Routing Mode With Username And Password Authentication

    # Client’s username and password openvpn-user 1 username client1 openvpn-user 1 password 12345678 # Route to server’s LAN to be pushed to client openvpn-route 1 destination 192.168.1.0 openvpn-route 1 mask 255.255.255.0 Digi TransPort WR Routers User Guide...

  • Page 220: Example: Openvpn Tunnel In Bridging Mode Using Certificate Authentication

    OpenVPN client configuration openvpn-client 1 state on openvpn-client 1 server 212.87.112.1 openvpn-client 1 bridge-mode lan1 openvpn-client 1 protocol udp openvpn-client 1 cipher aes-256-gcm openvpn-client 1 ca ca.crt openvpn-client 1 cert client1.crt openvpn-client 1 key client1.key Digi TransPort WR Routers User Guide...

  • Page 221: Generic Routing Encapsulation (Gre)

    10.10.0.2 and a remote device with a WAN IP address of 47.23.78.32 and a GRE address of 10.10.0.1:    Web Configure a new GRE tunnel 1. On the menu, click Network > Services > GRE. The GRE page appears. 2. Click New GRE tunnel. Digi TransPort WR Routers User Guide...
  • Page 222 Modify an existing GRE tunnel 1. On the menu, click Network > Services > GRE. The GRE page appears. 2. Click to expand an existing GRE tunnel. 3. Modify the GRE tunnel settings as needed. 4. Click Apply Digi TransPort WR Routers User Guide...
  • Page 223 6. Add an IP filter to allow packets to be forwarded to the local network: digi.router> ip-filter 1 description “Forward rule for GRE 1” digi.router> ip-filter 1 src gre1 digi.router> ip-filter 1 dst lan1 digi.router> ip-filter 1 protocol any digi.router>...

  • Page 224: Show Gre Tunnels

    1 GRE 1 Status and Statistics --------------------------- Admin Status : Up Oper Status : Up IPv4 Address : 10.10.0.2 Mask : 255.255.255.252 Peer : 37.85.231.45 Received Sent -------- ---- Packets Bytes 4620 3456 digi.router> Digi TransPort WR Routers User Guide...

  • Page 225: Example: Gre Tunnel Over An Ipsec Tunnel

    Remote IP Network: 172.168.0.2 Remote IP Network Mask: 255.255.255.255 Remote Identifier: lr54-2 d. Click Apply. 3. Configure the GRE tunnel: a. On the menu, click Network > Services > GRE. b. Click New GRE Tunnel. Digi TransPort WR Routers User Guide...
  • Page 226 2. Configure the IPsec tunnel: Note This example uses the default authentication and encryption options. a. On the menu, click Network> Networks > IPsec. b. Click New IPsec Tunnel. c. Complete the following fields: Digi TransPort WR Routers User Guide...
  • Page 227 On the menu, click Security > Firewall > Routing IP Filters. b. Within the Routing IP Filters section, click  (Add Filter) to create a new filter and complete the following: Enable: On. Action: ACCEPT. Source: GRE tunnel 1. Protocol: Any. Click OK. Digi TransPort WR Routers User Guide...
  • Page 228 1. Configure the LAN 10 interface: digi.router> lan 10 ip-address 172.168.0.2 digi.router> lan 10 mask 255.255.255.255 digi.router> lan 10 state on 2. Configure the IPsec tunnel: Note This example uses the default authentication and encryption options. Digi TransPort WR Routers User Guide...
  • Page 229 5. Add a filter to allow data from the remote network to be forwarded to LAN 1: digi.router> ip-filter 1 src gre1 digi.router> ip-filter 1 dst lan1 digi.router> ip-filter 1 protocol any digi.router> ip-filter 1 state on 6. Save the configuration: digi.router> save config Digi TransPort WR Routers User Guide...
  • Page 230 Show system date and time Configure Power button power down behavior Configure power delays for power ignition sensor Update system firmware Update cellular module firmware Reboot the device Reset the device to factory defaults Digi TransPort WR Routers User Guide...

  • Page 231: System Settings

    System prompt for CLI: The default system prompt is digi.router>. You can configure the system prompt to be any value of up to 16 characters. To use the device's serial number in the system prompt, include %s in the prompt parameter value.
  • Page 232 Set the page size for command-line interface output. For example, to set the output to 30 lines: digi.router> system page 30 digi.router> save config Disable the Getting Started Wizard. digi.router> system wizard off digi.router> save config Digi TransPort WR Routers User Guide...

  • Page 233: Show System Information

    NTP servers. See Network Time Protocol for further information. SNTP client: In this configuration, the device synchronizes its system date and time to an NTP server. See Network Time Protocol for further information. Digi TransPort WR Routers User Guide...

  • Page 234: Network Time Protocol

    This can be repeated for up to 4 servers. For example: digi.router> ntp 1 server2 1.time.devicecloud.com 2. Select the LAN interfaces from which the TransPort device will accept incoming NTP synchronization requests. This is a comma-separated list: digi.router> ntp 1 interfaces lan1,lan2 Digi TransPort WR Routers User Guide...
  • Page 235 Show NTP server status and statistics    Command line To display basic information about the NTP server configuration: digi.router> ntp ntp 1: interfaces lan1,lan2 server1 0.time.devicecloud.com server2 1.time.devicecloud.com server3 server4 state Digi TransPort WR Routers User Guide...
  • Page 236 St — Stratum or steps from reference clock. T — Type of addressing used: l — local u — unicast m — multicast b — broadcast – — netaddr When — Number of seconds since last response. Digi TransPort WR Routers User Guide...
  • Page 237 Jitter — Difference between two samples in milliseconds. Configure the device as an SNTP client Required Configuration Items The SNTP server. By default, SNTP is configured to use the Digi SNTP server time.devicecloud.com. Additional Configuration Options The SNTP update interval. This is the interval at which TransPort checks the SNTP server for date and time.

  • Page 238: Set The Date And Time Manually

    You can view the system data and time from either the Dashboard of the Web interface, or from the command line:    Web On the menu, click Dashboard. The System Time field in the Device panel displays the system time.    Command line Digi TransPort WR Routers User Guide...

  • Page 239: Configure Power Button Power Down Behavior

    Configure power delays for power ignition sensor The Digi TransPort device automatically powers on and powers off when it detects power on the ignition sensor. By default, there is no delay for either power on or power off based on the power ignition sensor.

  • Page 240: Update System Firmware

    To update the system firmware, use one of the following procedures:    Web Digi maintains a repository of available TransPort firmware versions. You can update system firmware to one of these versions, or upload a previously downloaded firmware file. Update firmware from available versions in the Digi repository 1.

  • Page 241: Certificate Management For Firmware Images

    Certificate management for firmware images The system firmware files are signed to ensure that only Digi-approved firmware load onto the device. The TransPort device validates the system firmware image as part of the update process and only successfully updates if the system firmware image can be authenticated.

  • Page 242: Manage Firmware Updates Using Digi Remote Manager

    Update system firmware Manage firmware updates using Digi Remote Manager If you have a network of many devices, you can use Digi Remote Manager Profiles to manage firmware updates. Profiles ensures all your devices are running the correct firmware version and that all newly installed devices are updated to that same version.

  • Page 243: How To Recover A Wr54, Lr54, Or Lr54-Fips That Will Not Boot

    The recovery image is a fully functional release of the firmware; however, a newer firmware release may be available. Once the device is recovered, you should update to the latest firmware release. Any configuration on the WR54/LR54/LR54-FIPS will not be modified as part of the recovery process. Digi TransPort WR Routers User Guide...

  • Page 244: Update Cellular Module Firmware

    CLI. See Update system firmware for instructions. Update cellular module firmware Digi provides the cellular module files for all certified cellular carriers for TransPort devices on the Digi repository of cellular module firmware files. Enter the update module command, specifying your carrier name: att, verizon, or generic.
  • Page 245 The time is in 24-hour format. digi.router> reboot at HH:MM For example, to reboot at 6:30 PM (18:30 hours): digi.router> reboot at 18:30 Cancel a scheduled reboot To cancel a scheduled reboot, enter: digi.router> reboot cancel Digi TransPort WR Routers User Guide...

  • Page 246: Reset The Device To Factory Defaults

    To reset the device to factory defaults: 1. Locate the reset button on your device. For the TransPort LR54, the Reset button is located beneath the SIM card slot cover on the front panel, to the right of SIM slot 2. Remove the SIM cover to access the Reset button.
  • Page 247 Default configuration files Configuration file sections Shared configuration files and device-specific passwords Save configuration settings to a file Switch configuration files Use multiple configuration files to test configurations on remote devices Digi TransPort WR Routers User Guide...

  • Page 248: Configuration Files

    Configuration files Default configuration files Default configuration files As released, the Digi TransPort firmware provides the following configuration files. Configuration Name Description Default config.da0 The default configuration file is named config.da0. If configuration needed, you can change the default configuration file. See Switch configuration files.

  • Page 249: Shared Configuration Files And Device-Specific Passwords

    Step 1: Identify the current configuration file To identify the current configuration file, use the show system command. For example: digi.router> show system Model : LR54W Part Number : LR54-AW401 Serial Number : LR000038 Digi TransPort WR Routers User Guide...

  • Page 250: Use Multiple Configuration Files To Test Configurations On Remote Devices

    The test.cfg file changes the cellular 1 apn parameter and executes two autorun commands to automatically revert the device back to use the config.da0 configuration file and to reboot in 5 minutes. It then saves the configuration to test.cfg and reboots the device. Digi TransPort WR Routers User Guide...
  • Page 251 Using the copy update commands, you can copy the configuration file to the final configuration file, and change the configuration file name. digi.router> copy test.cfg config.da0 digi.router> update config config.da0 Digi TransPort WR Routers User Guide...
  • Page 252 File system File system Create a directory Display directory contents Change the current directory Delete a directory Display file contents Copy a file Rename a file Delete a file Upload and download files Digi TransPort WR Routers User Guide...

  • Page 253: File System

    For example: digi.router> mkdir test digi.router> dir File Size Last Modified ------------------------------------------------------- test Directory config.da0 Sun Mar 5 12:36:20 config.fac Mon Feb 21 03:00:17 Remaining User Space: 102,457,344 bytes digi.router> Digi TransPort WR Routers User Guide...

  • Page 254: Display Directory Contents

    For example: digi.router> dir File Size Last Modified --------------------------------------------------------- test Directory config.da0 Sun Mar 5 12:36:20 config.fac Mon Feb 21 03:00:17 Remaining User Space: 102,457,344 bytes digi.router> digi.router> cd test digi.router> dir Digi TransPort WR Routers User Guide...

  • Page 255: Delete A Directory

    Directory test is not empty ERROR digi.router> digi.router> dir test File Size Last Modified --------------------------------------------------------- config.tst Wed Apr 5 07:10:41 Remaining User Space: 102,457,344 bytes digi.router> digi.router> del test/config.tst digi.router> digi.router> rmdir test digi.router> Digi TransPort WR Routers User Guide...

  • Page 256: Display File Contents

    For example, to copy file config.da0 to a file in the main directory named backup.da0, and then to a file named test.cfg in the test directory, enter the following:    Command line > digi.router> dir File Size Last Modified --------------------------------------------------------- test Directory config.da0 Sun Mar 5 12:36:20 Digi TransPort WR Routers User Guide...

  • Page 257: Rename A File

    Sun Mar 5 12:36:20 config.fac Mon Feb 21 03:00:17 backup.da0 Wed Apr 5 07:22:29 Remaining User Space: 102,457,344 bytes digi.router> digi.router> rename backup.da0 test.da0 digi.router> digi.router> dir File Size Last Modified --------------------------------------------------------- test Directory Digi TransPort WR Routers User Guide...

  • Page 258: Delete A File

    File Size Last Modified --------------------------------------------------------- test.cfg Wed Apr 5 07:24:45 Remaining User Space: 102,453,248 bytes digi.router> digi.router> del test/test.cfg digi.router> dir test File Size Last Modified --------------------------------------------------------- Digi TransPort WR Routers User Guide...

  • Page 259: Upload And Download Files

    For example, to download a file named config.da0 to the local directory from a device at IP address 192.168.1.1 using the username john: $ scp john@192.168.1.1:config.da0 config.da0 Password: config.da0 100% 0.3KB/s 00:00 Digi TransPort WR Routers User Guide...
  • Page 260 This example downloads a file named config.da0 from TransPort device 192.168.1.1 using the username john to the local directory: $ sftp john@192.168.1.1 Password: Connected to 192.168.1.1 sftp> get config.da0 Fetching config.da0 to config.da0 config.da0 100% 0.3KB/s 00:00 sftp> exit Digi TransPort WR Routers User Guide...
  • Page 261 Diagnostics and troubleshooting Logs Analyze traffic Use the "ping" command to troubleshoot network connections Use the "traceroute" command to diagnose IP routing problems Use the "show tech-support" command Troubleshooting Digi TransPort WR Routers User Guide...

  • Page 262: Diagnostics And Troubleshooting

    The system log contains events related to the low-level system. While these events are typically not useful to end users, they are useful to Digi support and engineering when diagnosing device issues. You can view logs from either the web interface or the command line.

  • Page 263: Configure Syslog Servers

    To configure syslog server 1: syslog 1 server my_syslog1.company.com syslog 1 server-port 516 syslog 1 mode udp To configure syslog server 2: syslog 2 server my_syslog2.company.com syslog 2 server-port 517 syslog 2 mode udp Digi TransPort WR Routers User Guide...

  • Page 264: Display Logs

    2017-01-26 00:22:36.042255 kern.info kernel:device eth4 entered promiscuous mode 2017-01-26 00:22:33.312014 kern.info kernel:lan1: port 2(eth3) entering forwarding state 2017-01-26 00:22:33.311843 kern.info kernel:lan1: port 2(eth3) entering forwarding state 2017-01-26 00:22:33.297835 kern.info kernel:device eth3 entered promiscuous mode digi.router> Digi TransPort WR Routers User Guide...

  • Page 265: Find And Filter Log File Entries

    To log events to the file event.log and system.log, use the system command, specifying the log-to-file parameter: system log-to-file on To log system events to the file system.log, use the system command, specifying the log-system-to-file parameter: system log-system-to-file on Digi TransPort WR Routers User Guide...

  • Page 266: Download Log Files

    A feature may not be working correctly. Error An error has occurred with a particular feature. Warning An error will occur if no action is taken. Notification Events that are unusual, but are not error conditions. Digi TransPort WR Routers User Guide...

  • Page 267: Analyze Traffic

    Informational Normal operational messages that require no action. Debugging Useful information for Digi Technical Support and Engineering to use in debugging the device. The default level at which events are logged is info, which means that any event of a level info or higher is logged.

  • Page 268: Example Filters For Capturing Data Traffic

    \tcp and port 80 Capture traffic to UDP port 53: digi.router> analyzer filter ip proto \udp and dst port 53 Capture traffic from UDP port 53: digi.router> analyzer filter ip proto \udp and src port 53...

  • Page 269: Show Captured Data Traffic

    Analyze traffic Capture to and from IP host 10.0.0.1 but filter out ports 22 and 80: digi.router> analyzer filter ip host 10.0.0.1 and not (port 22 or port Example Ethernet capture filters Capture Ethernet packets to and from host 00:40:FF:0F:45:94: digi.router>...

  • Page 270: Clear Captured Data Traffic

    Data traffic is captured to RAM and not saved when the device reboots. To upload the file to a PC, you must first save the captured data to a file.    Command line Use the save command. For example: digi.router> save analyzer lan1.pcapng digi.router> Digi TransPort WR Routers User Guide...

  • Page 271: Use The "Ping" Command To Troubleshoot Network Connections

    3 96.34.84.22 (96.34.84.22) 19.279 ms 25.487 ms 27.848 ms 4 96.34.80.240 (96.34.80.240) 32.560 ms 96.34.80.238 (96.34.80.238) 32.593 ms 96.34.80.230 (96.34.80.230) 32.688 5 96.34.2.12 (96.34.2.12) 32.494 ms 42.865 ms 96.34.81.23 (96.34.81.23) 32.418 ms 6 96.34.81.190 (96.34.81.190) 32.590 ms 31.993 ms 31.993 ms Digi TransPort WR Routers User Guide...

  • Page 272: Use The "Show Tech-Support" Command

    To stop the traceroute process, enter Ctrl-C. Use the "show tech-support" command show tech-support command displays information useful for Digi Technical Support when handling issues with your device. You can execute this command from the command-line interface or from the Device Console in the web interface.
  • Page 273 Diagnostics and troubleshooting Use the "show tech-support" command show log system show firewall show firewall6 show tech-support In the output, each executed command output is prefixed with the command name; for example: show system =========== Digi TransPort WR Routers User Guide...

  • Page 274: Troubleshooting

    Diagnostics and troubleshooting Troubleshooting Troubleshooting There are several tools and resources available within your TransPort device and on the Digi website for dealing with configuration or other device issues. Logs Analyze traffic Use the "ping" command to troubleshoot network connections Use the "traceroute"...

  • Page 275: Device Cannot Communicate On Wan/Eth1 Port

    The following steps assume you are using WAN/ETH1 as a WAN port, which is the default configuration. If you are using WAN/ETH1 as a LAN port, see the steps in Device cannot communicate on ETH2, ETH3, or ETH4 ports. Digi TransPort WR Routers User Guide...
  • Page 276 WAN is set to the Ethernet port. Set the correct interface if necessary. For example: digi.router> wan 1 activate-after allow-https-access allow-ssh-access dhcp dns1 dns2 gateway interface eth1 ip-address mask 255.255.255.0 probe-host probe-interval probe-size probe-timeout retry-after timeout Digi TransPort WR Routers User Guide...

  • Page 277: Device Cannot Communicate On Eth2, Eth3, Or Eth4 Ports

    LAN is not correctly configured. Solution 1. Check the Ethernet LED for the Ethernet port. If the LED is not lit, verify the physical connection, following the steps in Ethernet LED does not illuminate. Digi TransPort WR Routers User Guide...
  • Page 278 5. Verify that the LAN is configured with an IP address. Use the lan n ip-addresscommand to set the IP address if necessary. digi.router> lan 1 description Ethernet and Wi-Fi LAN network dhcp-client dns1 dns2 interfaces eth2,eth3,eth4,wifi1,wifi5g1 ip-address 192.168.1.1 mask 255.255.255.0 1500 state Digi TransPort WR Routers User Guide...

  • Page 279: Verify Cellular Connectivity

    1. With the router powered off, insert a SIM card into the SIM 1 (LR models) or 1-1 (WR models) slot of the TransPort device. 2. Power on the TransPort device. 3. Access the TransPort command line interface. See Access the command line interface. Digi TransPort WR Routers User Guide...
  • Page 280 If a valid IP address is not found, issue the show tech-support command from the device and email the command output to Digi Technical Support for assistance. To extract the show tech- support output from the device, see the following application note: http://ftp1.digi.com/support/documentation/TLR_QN04_show_tech_support.PDF Digi TransPort WR Routers User Guide...
  • Page 281 : 255.255.255.0 DNS servers : 192.168.1.1, 192.168.1.2 If a valid IP address is not found, issue the show tech-support command from the device and email the command output to Digi Technical Support for assistance. Digi TransPort WR Routers User Guide...
  • Page 282 2 in place of cellular 1 at the command line to verify SIM connectivity for the second modem. For example: digi.router> show cellular 2 Cellular Status and Statistics ------------------------------ Oper status : Up SIM status : Using SIM1 (Ready) ICCID : 89014104278007194834 Digi TransPort WR Routers User Guide...

  • Page 283: Check Cellular Signal Strength

    1. Using a straight-through serial cable, connect a PC serial port to the TransPort device. For pinout details, see the hardware reference guide for your model. 2. Open a terminal application such as PuTTy, with the following serial port configuration: Digi TransPort WR Routers User Guide...
  • Page 284 Serial Port: COM X, where X is the serial port number of the computer, usually 1. Speed: 115200 Connection type: depending on the application, make sure Serial is selected for the connection type. 3. Click Open. A terminal window appears. 4. When prompted, enter your current username and password. Digi TransPort WR Routers User Guide...
  • Page 285 8. On the web interface, click  System and select Device Console. The Device Console displays. 9. In the Device Console, enter the command serial 1. The serial settings display. Digi TransPort WR Routers User Guide...
  • Page 286 13. If serial issues persist after following these steps, contact Digi Technical Support, with the subject line Serial connectivity issues. Digi TransPort WR Routers User Guide...

  • Page 287: Web Reference

    Quality of Service (QoS) WANs page RADIUS page Digi Remote Manager page Syslog server configuration page User Management page VRRP page Wide Area Network (WAN) page—Cellular Wide Area Network (WAN) page—Ethernet Wide Area Network (WAN) page Digi TransPort WR Routers User Guide...

  • Page 288: Dashboard

    Wide Area Networks (WANs) and Local Area Networks (LANs), including all WANs/LANs activity configured and active, disabled, and/or disabled. Displays the device connection status for Digi Remote Manager, the amount of time Digi the connection has been up, and the Digi Remote Manager device ID.

  • Page 289: Dmnr Page

    Shows the current point of attachment IP address for DMNR. Interface Shows the interface for DMNR. Lifetime (actual) Shows the actual lifetime in seconds for the current DMNR authorization. Networks Shows the networks currently being advertised by DMNR. Digi TransPort WR Routers User Guide...

  • Page 290: File System Page

    Initially, all directories and files listed alphabetically, starting with directories first. All columns are sortable. The directory or file name. Name File size. Size Date the directory or file was last modified. Last modified Digi TransPort WR Routers User Guide...

  • Page 291: Firewall Page

    If you do not specify a port, the filter is applied to all ports. Protocol Specifies the protocol for incoming packets: tcp, udp, and icmp. If you do not specify a protocol, the filter is applied to all protocols. Digi TransPort WR Routers User Guide...
  • Page 292 If you do not specify a port, the filter is applied to all ports. Protocol Specifies the protocol for incoming packets: tcp, udp, and icmp. If you do not specify a protocol, the filter is applied to all protocols. Digi TransPort WR Routers User Guide...

  • Page 293: Gre Page

    Shows the IP address for the GRE peer. Shows the key for the GRE tunnel. Packets Shows the number of received and sent packets for the GRE tunnel. Bytes Shows the number of received and sent bytes for the GRE tunnel. Digi TransPort WR Routers User Guide...

  • Page 294: Cellular Locked Pin Page

    12345678 1234 When the command operations are complete, the unlock command displays one of the following messages to indicate the state of the SIM: SIM x is permanently locked and must be replaced. Digi TransPort WR Routers User Guide...
  • Page 295 Please use the "save config" command to save the new PIN to the configuration. 2. If the SIM remains in a locked state after using the unlock command, contact your cellular carrier. 3. Save the configuration. digi.router> save config Digi TransPort WR Routers User Guide...

  • Page 296: Device Preferences Page

    Shows the current device temperature in celsius. Model Shows the device model. Part number Shows the device part number. Serial number Shows the device serial number. Hardware version Shows the device hardware version. Boot version Shows the device boot version. Digi TransPort WR Routers User Guide...

  • Page 297: Hotspot Page

    This IPv4 address must not exist within a current subnet. Specify the IPv4 address. The default is 10.1.0.1. Subnet mask Specifies IPv4 subnet mask for the hotspot to assign addresses within. Specify the subnet mask. The default is 255.255.255.0. Digi TransPort WR Routers User Guide...
  • Page 298 RADIUS attributes when Auth mode is set to RADIUS shared Octets password or RADIUS Users. This can fix issues if the data limits and/or accounting reports appear to be reversed on the RADIUS server. The default is disabled. Digi TransPort WR Routers User Guide...
  • Page 299 Enter a string that is a comma-separated list of domains up to 999 Domains characters. Allowed Specifies the subnets to which hotspot users have access before hotspot Subnets authentication. Enter a string that is a comma-separated list of domains up to 999 characters. Digi TransPort WR Routers User Guide...

  • Page 300: Interfaces-Cellular Page

    DNS servers Displays the DNS server(s) associated with the cellular interface. TX bytes Displays the number of bytes transmitted by the cellular interface. RX bytes Displays the number of bytes received by the cellular interface. Digi TransPort WR Routers User Guide...
  • Page 301 IMSI Displays the International Mobile Subscriber identity (IMSI). ICCID Displays the Integrated Circuit Card Identifier (ICCID). This identifier is unique to each SIM card. Digi TransPort WR Routers User Guide...

  • Page 302: Interfaces-Ethernet Page

    Specifies the speed in Mbps for the Ethernet interface: Automatic, 10Mbps, 100Mbps, or 1000Mbps. The default is Automatic. Duplex Specifies the duplex mode for the Ethernet interface: Automatic, Full, or Half. The default is Automatic. Digi TransPort WR Routers User Guide...

  • Page 303: Interfaces-Wi-Fi Page

    SSID to use the device serial number by including the percent (%) symbol in the SSID. For example, an SSID value WR64_%s resolves to WR64_LR123456. Enter a string up to 32 characters long. Description Description for the interface. Specify a string value up to 255 characters long. Digi TransPort WR Routers User Guide...
  • Page 304 Enter a string up to 64 characters long. Hidden Enables or disables whether to scan for hidden SSID. The default is off. In general, for both security and performance issues, Digi recommends you do not SSID enable the Hidden option.
  • Page 305 Shows whether the WAN is available. Admin status Shows whether the Wi-Fi client is sufficiently configured to be brought up. Oper status Shows whether the Wi-Fi client is up or down. SSID Shows the SSID for the Wi-Fi client. Digi TransPort WR Routers User Guide...
  • Page 306 Shows the number of received and sent missed errors on the Wi-Fi client. Window errors Shows the number of received and sent window errors on the Wi-Fi client. Over errors Shows the number of received and sent over errors on the Wi-Fi client. Digi TransPort WR Routers User Guide...
  • Page 307 XAuth Identity If Client Role is selected for XAuth Role , enter the username to use for XAuth authentication. XAuth If Client Role is selected for XAuth Role , enter the password to use for XAuth Password authentication Digi TransPort WR Routers User Guide...
  • Page 308 1 to 3600. The default value is 3600. max (seconds) Specifies the dead peer detection transmit delay. Enter an integer from 1 to Data threshold max 3600. The default value is 0. (bytes) Digi TransPort WR Routers User Guide...

  • Page 309: Ipsec Xauth Users Page

    (Network > Networks > IPsec > Tunnels). Option Description Username The username that an XAuth client will use for XAuth authentication. Password The password that an XAuth client will use for XAuth authentication. Confirm Password Retype the password to confirm. Digi TransPort WR Routers User Guide...

  • Page 310: Local Networks Page

    Server Secondary (Optional) If Relay is selected for DHCP Server , specifies the IP address of the Relay secondary relay server. Server IPv6 Enable IPv6 Enables or disables IPv6 addressing. The default is disabled. Digi TransPort WR Routers User Guide...
  • Page 311 Shows the status of the DHCP client: On or Off. IPv6 Shows whether IPv6 is enabled or disabled. Packets Shows packets received and sent on the LAN. Bytes Shows bytes received and sent on the LAN. Digi TransPort WR Routers User Guide...

  • Page 312: Location Page

    Use the Location Client page to configure location clients on the TransPort device that forward location messages in either NMEA or TAIP format to a remote host. You can configure up to ten location clients on the device to forward location information to up to ten different remote hosts. Digi TransPort WR Routers User Guide...
  • Page 313 %s — Includes the TransPort device's serial number in the prepended text. %v — Includes the vehicle ID in the prepended text. See Configure the Vehicle for information about configuring the vehicle ID. Digi TransPort WR Routers User Guide...

  • Page 314: Log Configuration Page

    Log to Syslog system log is not saved on a syslog server. WARNING! Digi recommends that you do not download log files to your device. Keeping log files on your device during normal operations can cause unnecessary wear on the device flash memory.

  • Page 315: Log Viewer Page

    Message Message text. Find Search or filter log messages. All fields in the message display are included in the search, such as the Date, Level, and so on. Find and filter log file entries. Digi TransPort WR Routers User Guide...

  • Page 316: New Gre Tunnel Page

    Shows the IP address for the GRE peer. Shows the key for the GRE tunnel. Packets Shows the number of received and sent packets for the GRE tunnel. Bytes Shows the number of received and sent bytes for the GRE tunnel. Digi TransPort WR Routers User Guide...

  • Page 317: New Wide Area Network (Wan) Page

    Probe timeout value. If not, the WAN failover configuration is interval considered invalid, and an error message is written to the system log. Accepted value is any integer from 2 to 3600. The default value is 60. Digi TransPort WR Routers User Guide...
  • Page 318 WAN. The size of the prefix determines how many LANs can support prefix IPv6. Request a prefix length of 60 bits or less to support up to 16 LANs. Enter an length integer from 48 to 64. The default value is 60. Digi TransPort WR Routers User Guide...
  • Page 319 Shows the operational status for the WAN: Up or Down. Oper status Shows the IP address for the WAN. IP address Shows the Netmask for the WAN. Netmask Shows the Gateway for the WAN. Gateway Digi TransPort WR Routers User Guide...
  • Page 320 Shows whether IPv6 is enabled or disabled for the WAN. IPv6 Shows the number of received and sent packets for the WAN. Packets Shows the number of received and sent bytes for the WAN. Bytes Digi TransPort WR Routers User Guide...

  • Page 321: Openvpn Client Page

    Although using Bridge mode eliminates the need for routing between networks (required by TUN mode), Bridge mode can cause scalability issues since all broadcast traffic flows over the OpenVPN tunnel. The default is Off. Digi TransPort WR Routers User Guide...
  • Page 322 Password the OpenVPN client uses to authenticate with the OpenVPN server. A Password password is a string up to 128 characters long. A string of up to 128 characters long that should exactly match the value used for Confirm the password parameter. Password Digi TransPort WR Routers User Guide...
  • Page 323 300 seconds. Accepted value is any integer from 1 to 60. The default value is 5. Digi TransPort WR Routers User Guide...

  • Page 324: Openvpn Route Management Page

    Description Description for the OpenVPN route. Users cannot modify this description. It will always be Route1, Route2, etc. Destination IP address in IPv4 format for the destination. Mask Mask for the destination address in IPv4 format. The default is 255.255.255.0. Digi TransPort WR Routers User Guide...

  • Page 325: Openvpn Server Page

    IP address in IPv4 format of the primary DNS server. This value is pushed to OpenVPN clients if Bridge mode is disabled. Secondary IP address in IPv4 format of the secondary DNS server. This value is pushed to OpenVPN clients if Bridge mode is off. Digi TransPort WR Routers User Guide...
  • Page 326 Radius Server Port for the RADIUS server. Specify an integer from 1 to 65535. The default is Port 1812. Radius Server Secret for the RADIUS server. Specify a string up to 64 characters long. Secret Digi TransPort WR Routers User Guide...
  • Page 327 Number of bytes sent/received before the data channel encryption key is Tunnel renegotiated. To disable data channel encryption key renegotiation, set this Renegotiation parameter to 0. Specify an integer from 0 to 4000000000. The default is 0. Digi TransPort WR Routers User Guide...

  • Page 328: Openvpn User Management Page

    Username for OpenVPN user. Specify a string up to 32 characters long. Password Password for OpenVPN user. Specify a string up to 128 characters long. Confirm password Re-enter the password for the OpenVPN user. Digi TransPort WR Routers User Guide...

  • Page 329: Port Forwarding Page

    Port to forward packets to. A port is an integer value from 0 to 65535. Enter a port number or the Use from port(s) option to map the ports specified by From Port as the To Port. The default is Use from port(s). Digi TransPort WR Routers User Guide...

  • Page 330: Python Autostart Page

    Filepath Specifies the Python file to run when the device reboots. Files are run in the order listed. Args Specifies arguments to pass to the Python script. On exit Specifies the action to take when the script completes. Select None, Restart, or Reboot. the default is None. Digi TransPort WR Routers User Guide...

  • Page 331: Quality Of Service (Qos) Queues Page

    LANs. The default is any. Specifies the IPv4 or IPv6 source address of incoming packets. Use a Src IP simple IPv4 or IPv6 address or use CIDR notation. For example, 192.168.100.0/24, fe80::/10. Digi TransPort WR Routers User Guide...
  • Page 332 For example: 22:31. The default is 0. Specifies one or more DSCP tags to filter incoming packets. Select one or DSCP more DSCP categories or any. The default is any. Digi TransPort WR Routers User Guide...

  • Page 333: Quality Of Service (Qos) Wans Page

    Sets the upstream bandwidth of the WAN interface in Kbps or Mbps. Bandwidth upstream For Kbps, enter an integer from 1 to 1000000; for Mbps, enter an integer from 1 to 1000. The default is 1000 Mbps. Digi TransPort WR Routers User Guide...

  • Page 334: Radius Page

    The accepted value is any string up to 64 characters. Primary Server Timeout The amount of time in seconds to wait for the RADIUS server to respond. The accepted value is any integer from 1 to 10. The default value is 3. Digi TransPort WR Routers User Guide...
  • Page 335 The accepted value is any string up to 64 characters. Backup Server Timeout The amount of time in seconds to wait for the backup RADIUS server to respond. The accepted value is any integer from 1 to 10. The default value is 3. Digi TransPort WR Routers User Guide...

  • Page 336: Digi Remote Manager Page

    Web reference Digi Remote Manager page Digi Remote Manager page Use the Digi Remote Manager page to configure the TransPort device connection to Digi Remote Manager. For information on Digi Remote Manager, see Digi Remote Manager. Administration options Option Description Enables or disables connection to Digi Remote Manager for this device.

  • Page 337: Syslog Server Configuration Page

    Specify the IP address for the server. Server Specify the listening port for the server. The default is port 514. Port Specify the mode for syslog traffic: UDP or TCP. The default is UDP. Mode Digi TransPort WR Routers User Guide...

  • Page 338: User Management Page

    Specifies the password for the user. A password can be any string up to 128 characters Password long. Re-enter the password for the user. The value you enter for Confirm password must Confirm match the Password value. password Digi TransPort WR Routers User Guide...

  • Page 339: Vrrp Page

    The current VRRP priority of this router. Last Transition The most recent date this router transitioned between VRRP states. Became Master The total number of times this router has transitioned into the VRRP master state. Digi TransPort WR Routers User Guide...
  • Page 340 Priority Zero Sent The total number of VRRP packets with a priority of '0' sent by this router. Priority Zero Received The total number of VRRP packets with a priority of '0' received by this router. Digi TransPort WR Routers User Guide...

  • Page 341: Wide Area Network (Wan) Page-Cellular

    Specifies the time, in seconds, to wait before retrying this interface after failing over to Retry a lower priority one. Use a large retry timeout when both interfaces are cellular after interfaces. Accepted value is any integer from 10 to 3600. The default value is 180. Digi TransPort WR Routers User Guide...
  • Page 342 Shows whether IPv6 is enabled or disabled for the WAN. IPv6 Shows the number of received and sent packets for the WAN. Packets Shows the number of received and sent bytes for the WAN. Bytes Digi TransPort WR Routers User Guide...

  • Page 343: Wide Area Network (Wan) Page-Ethernet

    Probe timeout value. If not, the WAN failover configuration is interval considered invalid, and an error message is written to the system log. Accepted value is any integer from 2 to 3600. The default value is 60. Digi TransPort WR Routers User Guide...
  • Page 344 Shows whether IPv6 is enabled or disabled for the WAN. IPv6 Shows the number of received and sent packets for the WAN. Packets Shows the number of received and sent bytes for the WAN. Bytes Digi TransPort WR Routers User Guide...

  • Page 345: Wide Area Network (Wan) Page

    Specifies the time, in seconds, to wait before retrying this interface after failing over to Retry a lower priority one. Use a large retry timeout when both interfaces are cellular after interfaces. Accepted value is any integer from 10 to 3600. The default value is 180. Digi TransPort WR Routers User Guide...
  • Page 346 Probe timeout value. If not, the WAN failover configuration is interval considered invalid, and an error message is written to the system log. Accepted value is any integer from 2 to 3600. The default value is 60. Digi TransPort WR Routers User Guide...
  • Page 347 Shows whether IPv6 is enabled or disabled for the WAN. IPv6 Shows the number of received and sent packets for the WAN. Packets Shows the number of received and sent bytes for the WAN. Bytes Digi TransPort WR Routers User Guide...

  • Page 348: Command Reference

    ! (Revert command settings) analyzer atcommand autorun cellular clear cloud copy date defroute dhcp-host dhcp-option dhcp-server dmnr dynamic-dns exit firewall firewall6 gpio-analog gpio-digital gpio-calibrate hotspot ip-filter ipsec location location-client mkdir more openvpn-client openvpn-route openvpn-server Digi TransPort WR Routers User Guide...

  • Page 349: (Display Command Help)

    To use the ? character in a parameter value, enclose it within " characters. For example, to display the help text for the system command's description parameter: system 1 description ? To set the system command description parameter to ?: system 1 description "?" Digi TransPort WR Routers User Guide...

  • Page 350: (Revert Command Settings)

    To use the ! character in a parameter value, enclose it within " characters. For example, to reset the Wi-Fi SSID to the default (blank): wifi 1 ssid ! To set the Wi-Fi SSID to !abc: wifi 1 ssid "!abc" Digi TransPort WR Routers User Guide...

  • Page 351: Analyzer

    The filter for capturing data packets, in BPF format. If you do not specify a filter, the capture operation captures all incoming and outgoing packets. Accepted value is any string up to 255 characters. Digi TransPort WR Routers User Guide...

  • Page 352: Atcommand

    Command reference atcommand atcommand Send AT command This command is available to super users only. Syntax atcommand [module] command Parameters module Which module to send the AT command to cellular module. command AT command Digi TransPort WR Routers User Guide...

  • Page 353: Autorun

    This command is available to super users only. Syntax autorun <1 - 10> <parameter> <value> Parameters command Command to run. Accepted value is any string up to 100 characters. Examples autorun 1 command "copy config.da0 config.backup" Automatically copy a file. Digi TransPort WR Routers User Guide...
  • Page 354 Command reference Changes the current directory. Syntax cd [dir] Parameters When a directory name is specified, 'cd' changes the current directory to it. Digi TransPort WR Routers User Guide...

  • Page 355: Cellular

    Accepted value is any integer from 10 to 500. The default value is 20. sim1-registration-timeout Number of seconds to wait for registration before rebooting the module. Accepted value is any integer from 60 to 10000. The default value is 180. Digi TransPort WR Routers User Guide...
  • Page 356 1 sim1-username my-username Set the SIM slot 1 username to 'my-username.' cellular 1 sim1-password my-password Set the SIM slot 1 password to 'my-password.' cellular 1 sim2-username my-username Set the SIM slot 2 username to 'my-username.' Digi TransPort WR Routers User Guide...
  • Page 357 Command reference cellular cellular 2 sim2-password my-password Set the SIM slot 2 password to 'my-password.' Digi TransPort WR Routers User Guide...

  • Page 358: Clear

    Clear the packet and byte counters in all firewall rules. clear firewall6 Clear the packet and byte counters in all IPv6 firewall rules. clear log Clear the event log and leaves an entry in the log after clearing. Digi TransPort WR Routers User Guide...
  • Page 359 Command reference clear clear log system Clear the system/kernel event log and leaves an entry in the log after clearing. clear analyzer Clear the traffic analyzer log. clear web-filter-id Clear the Cisco Umbrella device ID. Digi TransPort WR Routers User Guide...

  • Page 360: Cloud

    Value should be a fully qualified domain name. The default value is my.devicecloud.com. reconnect The time, in seconds, between the device's attempts to connect to Digi Remote Manager. Accepted value is any integer from 10 to 3600. The default value is 30.
  • Page 361 Command reference cloud watchdog Enable or disable the Digi Remote Manager watchdog feature. Value is either on or off. The default value is on. Digi TransPort WR Routers User Guide...

  • Page 362: Copy

    This command is available to all users. Syntax copy source dest Parameters source The source file to be copied to the location specified by 'dest.' dest The destination file, or file to which the source file is copied. Digi TransPort WR Routers User Guide...

  • Page 363: Date

    Parameters time System time, specified in the 24-hour format HH:MM:SS. date System date, specified in the format DD:MM:YYYY. Examples date 14:55:00 03:05:2016 Set the system date and time to 14:55:00 on May 3, 2016. Digi TransPort WR Routers User Guide...

  • Page 364: Defroute

    1 interface cellular1 Set the default route to cellular1 (SIM1). defroute 1 metric 1 Set the metric to 1 for defroute 1. defroute 2 gateway 192.168.1.10 Set the default Ethernet gateway to 192.168.1.10. Digi TransPort WR Routers User Guide...

  • Page 365: Del

    Value should be a MAC address. ip-address The IP address to be assigned to the host Value should be an IPv4 address. dhcp-option Configures a DHCP server option Syntax dhcp-option <1 - 32> <parameter> <value> Digi TransPort WR Routers User Guide...
  • Page 366 Accepted values can be one of all, lan1, lan2, lan3, lan4, lan5, lan6, lan7, lan8, lan9 or lan10. The default value is all. force Forces the DHCP option to be sent even if not requested Value is either on or off. The default value is off. Digi TransPort WR Routers User Guide...

  • Page 367: Dhcp-Server

    LAN or VRRP IP address. Value should be an IPv4 address. dns2 Alternate DNS server address given to clients. Value should be an IPv4 address. Digi TransPort WR Routers User Guide...
  • Page 368 Accepted value is any integer from 2 to 10080. The default value is 1440. relay-server1 The Primary DHCP Relay Server Value should be an IPv4 address. relay-server2 The Secondary DHCP Relay Server Value should be an IPv4 address. Digi TransPort WR Routers User Guide...

  • Page 369: Dir

    Command reference Displays the contents of the current directory. Syntax dir [dir] Parameters Lists information about the directory (by default, the current directory). Digi TransPort WR Routers User Guide...

  • Page 370: Dmnr

    Accepted value is any integer from 68 to 1476. The default value is 1476. local-networks Allows you to select the lans to advertise. Accepted values can be multiple values of none, lan1, lan2, lan3, lan4, lan5, lan6, lan7, lan8, lan9 and lan10. The default value is none. Digi TransPort WR Routers User Guide...

  • Page 371: Dsl

    Command reference UNUSED Syntax dsl <parameter> <value> Parameters unused UNUSED Accepted value is any string up to 63 characters. Digi TransPort WR Routers User Guide...

  • Page 372: Dynamic-Dns

    Specify wheather dynamic DNS client monitors the IP address of this device or monitors a web service that returns a public IP address. Accepted values can be one of wan or public. The default value is public. Digi TransPort WR Routers User Guide...

  • Page 373: Eth

    Accepted value is any integer from 64 to 1500. The default value is 1500. Examples eth 3 mask 255.255.255.0 Set network mask of Ethernet interface 3 to 255.255.255.0. eth 3 state on Enable Ethernet interface 3. eth 3 state off Disable Ethernet interface 3. Digi TransPort WR Routers User Guide...

  • Page 374: Exit

    Command reference exit exit Exits the TransPort command-line interface. Syntax exit Digi TransPort WR Routers User Guide...

  • Page 375: Firewall

    Firewall section of the TransPort User Guide and these external sources: http://www.netfilter.org/documentation and https://help.ubuntu.com/community/IptablesHowTo This command is available to super users only. Syntax firewall rule Parameters rule Firewall rule. Digi TransPort WR Routers User Guide...

  • Page 376: Firewall6

    Firewall section of the TransPort User Guide and these external sources: http://www.netfilter.org/documentation and https://help.ubuntu.com/community/IptablesHowTo This command is available to super users only. Syntax firewall6 rule Parameters rule Firewall rule. Digi TransPort WR Routers User Guide...

  • Page 377: Gpio-Analog

    Command reference gpio-analog gpio-analog Configures the Analog IO ports Syntax gpio-analog <parameter> <value> Parameters mode Configures the analog IO mode. Accepted values can be one of voltage or current. The default value is voltage. Digi TransPort WR Routers User Guide...

  • Page 378: Gpio-Digital

    Accepted values can be one of off or on. The default value is on. output-state Enables or disables the output state. Accepted values can be one of off or on. The default value is off. Digi TransPort WR Routers User Guide...

  • Page 379: Gpio-Calibrate

    Command reference gpio-calibrate gpio-calibrate Calibrates the analog input port This command is available to super users only. Syntax gpio-calibrate Parameters Digi TransPort WR Routers User Guide...

  • Page 380: Gre

    Value should be an IPv4 address. peer Remote peer for this GRE interface. Value should be an IPv4 address. The key to use for this GRE tunnel. Accepted value is any string up to 10 characters. Digi TransPort WR Routers User Guide...

  • Page 381: Hotspot

    The IP address or fully-qualified domain name of the backup RADIUS server to use to authenticate hotspot users. Value should be a fully qualified domain name. radius-server-port The UDP port number for the RADIUS server. Accepted value is any integer from 1 to 65535. The default value is 1812. Digi TransPort WR Routers User Guide...
  • Page 382 Accepted value is any integer from 0 to 100000. The default value is 10000. allowed-domains A comma-separated list of domains that are accessible to users that are not currently authenticated. This list might include the remote server hosting the login page, payment handlers, social media sites Digi TransPort WR Routers User Guide...
  • Page 383 Individual IP addresses can also be specified in this list. If a domain name is specified in this list, the hotspot performs a DNS lookup to convert it to an IP address. Accepted value is any string up to 999 characters. Digi TransPort WR Routers User Guide...
  • Page 384 Administrative distance value for static routes. See 'admin-conn' for how routers use administrative distance. Accepted value is any integer from 0 to 255. The default value is 1. hostname IP hostname for this device. Accepted value is any string up to 63 characters. Digi TransPort WR Routers User Guide...

  • Page 385: Ip-Filter

    The destination port(s) of the incoming packet. Use a simple port, a range (lowport:highport) or a list (port1,port2...,portn). Default '0' implies 'Any'. Dest port is ignored when protocol does not explicitly include tcp or udp. Accepted value is any string up to 255 characters. The default value is 0. Digi TransPort WR Routers User Guide...
  • Page 386 The protocol of the incoming packet. Use a single protocol, a list (tcp,udp,icmp), or exclusive value (any). When set to 'any', src-ip-port and dst-ip-port values are ignored. Accepted values can be multiple values of tcp, udp, icmp and any. The default value is tcp,udp. Digi TransPort WR Routers User Guide...

  • Page 387: Ipsec

    The authentication type for the IPsec tunnel Accepted values can be one of psk or xauth-psk. The default value is psk. The preshared key for the IPsec tunnel. Accepted value is any string up to 128 characters. Digi TransPort WR Routers User Guide...
  • Page 388 The IKE encryption type for this IPsec tunnel. Accepted values can be multiple values of aes128, aes192, aes256, aes128gcm64, aes192gcm64, aes256gcm64, aes128gcm96, aes192gcm96, aes256gcm96, aes128gcm128, aes192gcm128 and aes256gcm128. The default value is aes128. Digi TransPort WR Routers User Guide...
  • Page 389 Accepted value is any integer from 0 to 255. The default value is 10. xauth-username XAuth identity used to reply to XAuth requests Accepted value is any string up to 128 characters. xauth-password XAuth password used to reply to XAuth requests Digi TransPort WR Routers User Guide...
  • Page 390 Set ESP authentication for IPsec tunnel 3 to SHA256. ipsec 3 esp-encryption aes256 Set ESP encryption for IPsec tunnel 3 to AES 256 bit keys. ipsec 3 esp-diffie-hellman group15 Set IPsec tunnel 3 to use ESP Diffie-Hellman group 15 for negotiation. Digi TransPort WR Routers User Guide...

  • Page 391: Lan

    IPv4 subnet mask for the LAN. Value should be an IPv4 address. The default value is 255.255.255.0. dns1 Preferred DNS server. Value should be an IPv4 address. dns2 Alternate DNS server. Value should be an IPv4 address. Digi TransPort WR Routers User Guide...
  • Page 392 Value is either on or off. The default value is off. ipv6-mode Selects configuration method to provision clients on this LAN. Currently only DHCPv6 is supported. Accepted values can be one of dhcpv6. The default value is dhcpv6. Digi TransPort WR Routers User Guide...

  • Page 393: Location

    Accepted value is any integer from 0 to 65535. The default value is 0. state Enable or disable location information. Accepted values can be one of off, gnss or server. The default value is gnss. Digi TransPort WR Routers User Guide...

  • Page 394: Location-Client

    Text to prepend to outgoing messages. '%s' translates to this device's serial number. '%v' translates to the configured vehicle ID. Accepted value is any string up to 32 characters. The default value is . Digi TransPort WR Routers User Guide...

  • Page 395: Mkdir

    Command reference mkdir mkdir Creates a directory. This command is available to all users. Syntax mkdir dir Parameters The directory to be created. Digi TransPort WR Routers User Guide...

  • Page 396: More

    Command reference more more Displays the contents of a file. Syntax more [file] Parameters file File to be displayed. Digi TransPort WR Routers User Guide...

  • Page 397: Openvpn-Client

    TUN mode, but may have scalability issues, since all broadcast traffic will flow over the OpenVPN tunnel. Accepted values can be one of off, lan1, lan2, lan3, lan4, lan5, lan6, lan7, lan8, lan9 or lan10. The default value is off. Digi TransPort WR Routers User Guide...
  • Page 398 The username the OpenVPN client uses to authenticate with the OpenVPN server. Accepted value is any string up to 32 characters. password The password the OpenVPN client uses to authenticate with the OpenVPN server. Accepted value is any string up to 128 characters. Digi TransPort WR Routers User Guide...
  • Page 399 Value is either on or off. The default value is on. compression The compression algorithm this OpenVPN client uses to compress data channel packets. Accepted values can be one of off, lzo, lz4 or any. The default value is off. Digi TransPort WR Routers User Guide...

  • Page 400: Openvpn-Route

    Destination network for the route. This value typically ends with '.0' to match the subnet mask. Value should be an IPv4 address. mask Subnet mask for the route. Value should be an IPv4 address. The default value is 255.255.255.0. Digi TransPort WR Routers User Guide...

  • Page 401: Openvpn-Server

    Accepted value is any integer from 1 to 65535. The default value is 1194. topology The network topology this OpenVPN server uses to assign IP addresses to OpenVPN clients. This value is only used if 'bridge-mode' is set to off. Digi TransPort WR Routers User Guide...
  • Page 402 The CA and CRL directory path for this OpenVPN server. This allows you to provide multiple CA and CRL files. You should use the c_rehash tool to create CA certificates with a '.0' filename extension and CRLs with a '.r0' filename extension. Accepted value is any string up to 63 characters. Digi TransPort WR Routers User Guide...
  • Page 403 Sends a ping message if no other traffic is sent in either direction between the OpenVPN client and server. This value is also pushed to the client. To disable the ping-based keepalive mechanism, set this Digi TransPort WR Routers User Guide...
  • Page 404 Accepted value is any integer from 0 to 4000000000. The default value is 0. reneg-sec Number of seconds before the data channel encryption key is renegotiated. Accepted value is any integer from 60 to 86400. The default value is 3600. Digi TransPort WR Routers User Guide...

  • Page 405: Openvpn-User

    <1 - 10> <parameter> <value> Parameters username Username for OpenVPN user. Accepted value is any string up to 32 characters. password Password for OpenVPN user. Accepted value is any string up to 128 characters. Digi TransPort WR Routers User Guide...

  • Page 406: Ping

    Ping the ipv6 host 'ipv6.google.com' ping 8.8.8.8 Ping IP address 8.8.8.8 with packets of default size 56 bytes ping count 10 size 8 8.8.8.8 Ping IP address 8.8.8.8 for 10 times Digi TransPort WR Routers User Guide...
  • Page 407 Ping IP address 8.8.8.8 for 5 times via Ethernet interface 2 ping size 8192 dont-fragment 8.8.8.8 Ping IP address 8.8.8.8 with packs of size 8192 and prevent fragmentation ping broadcast 192.168.1.255 Ping IP broadcast address 192.168.1.255 Digi TransPort WR Routers User Guide...

  • Page 408: Pki

    Generate a Diffie Hellman parameter file using the PEM format. Examples privkey mykeyfile.key 2048 Generates an unencrypted mykeyfile.key with 2048 bits rsa privkey mykeyfile.key 4096 aes256 "my secret phrase" Generates an encrypted mykeyfile.key with 4096 bits rsa Digi TransPort WR Routers User Guide...
  • Page 409 Deletes mykeyfile.key from the list of key files addkey mykeyfile.key Moves the externally-generated file mykeyfile.key from the upload folder into the list of private key files csr common-name www.example.com mykeyfile.key my.csr sha256 Create a Certificate Signing Request with a common name Digi TransPort WR Routers User Guide...

  • Page 410: Port-Forward

    Accepted values can be one of any, any-lan, lan1, lan2, lan3, lan4, lan5, lan6, lan7, lan8, lan9, lan10, any- wan, wan1, wan2, wan3, wan4, wan5, wan6, wan7, wan8, wan9 or wan10. The default value is any. Digi TransPort WR Routers User Guide...
  • Page 411 Forward port 80 to the to-port and to-ip-address port-forward 4 port 1000:2000 Forward all ports in the range 1000-2000 port-forward 4 port 23,24,25 Forward ports in the list 23,24,25 port-forward 4 src any-wan Forwards traffic from WANs only Digi TransPort WR Routers User Guide...

  • Page 412: Power

    Use Disable All to disable the power button completely. In any case, powering up the device using the power button is allowed. Accepted values can be one of enable-power-down, disable-power-down or disable-all-power-down. The default value is enable-power-down. Digi TransPort WR Routers User Guide...

  • Page 413: Pwd

    Displays the current directory name. Syntax Parameters Digi TransPort WR Routers User Guide...

  • Page 414: Python

    This command is available to super users only. Syntax python python <filepath> [args] python stop <id> Parameters filepath The path to the python file. args Arguments to send to the python file. The id of the python file to be stopped. Digi TransPort WR Routers User Guide...

  • Page 415: Python-Autostart

    Arguments sent to the application. Accepted value is any string up to 255 characters. state Enables or disable application startup. Accepted values can be one of on or off. The default value is on. Digi TransPort WR Routers User Guide...

  • Page 416: Qos-Filter

    The destination port(s) of the incoming packet. Use a simple port, a range (lowport:highport) or a list (port1,port2...,portn). Default '0' implies 'Any'. Dest port is ignored when protocol does not explicitly include tcp or udp. Accepted value is any string up to 255 characters. The default value is 0. Digi TransPort WR Routers User Guide...
  • Page 417 Accepted values can be multiple values of any, be, af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, ef, cs0, cs1, cs2, cs3, cs4, cs5, cs6 and cs7. The default value is any. Digi TransPort WR Routers User Guide...

  • Page 418: Qos-Queue

    Accepted values can be one of do-not-set, be, af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, ef, cs0, cs1, cs2, cs3, cs4, cs5, cs6 or cs7. The default value is do-not-set. Digi TransPort WR Routers User Guide...

  • Page 419: Radius

    Accepted value is any integer from 3 to 10. The default value is 3. local-auth Whether to use local authentication if the RADIUS server does not respond before the timeout expires. Value is either on or off. The default value is on. Digi TransPort WR Routers User Guide...
  • Page 420 Accepted value is any string up to 64 characters. backup-server-timeout The amount of time in seconds to wait for the backup RADIUS server to respond. Accepted value is any integer from 3 to 10. The default value is 3. Digi TransPort WR Routers User Guide...

  • Page 421: Reboot

    [[in M][at HH:MM][cancel]] Parameters For a scheduled reboot, the minutes before the device is rebooted. For a scheduled reboot, the time to reboot the device, specified in the format HH:MM. cancel Cancels a scheduled reboot. Digi TransPort WR Routers User Guide...

  • Page 422: Rename

    Renames a file. This command is available to all users. Syntax rename oldName newName Parameters oldName Old file name. newName New file name. Digi TransPort WR Routers User Guide...

  • Page 423: Rmdir

    Deletes a directory. This command is available to all users. Syntax rmdir dir Parameters The directory to be removed. Digi TransPort WR Routers User Guide...

  • Page 424: Route

    Accepted values can be one of none, eth1, eth2, eth3, eth4, wifi-client1, wifi-client2, cellular1-sim1, cellular1-sim2, cellular2-sim1, cellular2-sim2, ovpn1, ovpn2, ovpn3, ovpn4, ovpn5, ovpn6, ovpn7, ovpn8, ovpn9, ovpn10, gre1, gre2, gre3, gre4, gre5, gre6, gre7, gre8, gre9 or gre10. The default value is none. Digi TransPort WR Routers User Guide...

  • Page 425: Routing-Rule

    Accepted value is any string up to 255 characters. The default value is 0. The source interface of the incoming traffic. Accepted values can be one of any, any-lan, lan1, lan2, lan3, lan4, lan5, lan6, lan7, lan8, lan9, lan10 or hotspot. The default value is any. Digi TransPort WR Routers User Guide...
  • Page 426 Accepted values can be multiple values of tcp, udp, icmp and any. The default value is any. The WAN packets that match this rule should be routed to. Accepted value is any integer from 1 to 10. The default value is 1. Digi TransPort WR Routers User Guide...

  • Page 427: Save

    Saves all configuration to flash memory. analyzer Saves the current captured traffic to a file. Examples save config Save the current configuration to flash memory. save analyzer packets.pcapng Saves the current captured traffic to packets.pcapng. Digi TransPort WR Routers User Guide...

  • Page 428: Serial

    XON/XOFF characters, hardware flow control using the RS232 RTS and CTS signals, or no flow control signals. Accepted values can be one of none, software or hardware. The default value is none. Digi TransPort WR Routers User Guide...

  • Page 429: Show Analyzer

    Displays the traffic analyzer log. Parameters description Displays the traffic analyzer log. Digi TransPort WR Routers User Guide...

  • Page 430: Show Cellular

    The status of the cellular module's connection to a cellular network. network-provider Network provider for the cellular network. temperature Current temperature of the cellular module, as read and reported by the temperature sensor on the cellular module. Digi TransPort WR Routers User Guide...
  • Page 431 Number of bytes received by the cellular module during the current data session. tx-bytes Number of bytes transmitted by the cellular module during the current data session. attachment-status The status of the cellular module's attachment to a cellular network. Digi TransPort WR Routers User Guide...
  • Page 432 A PLMN is identified by the Mobile Country Code (MCC) and the Mobile Network Code (MNC). roaming-status Roaming or Home (not roaming) location LAC - Location Area Code and CellID (CID) preferred-technology Radio technology the modem is using. Digi TransPort WR Routers User Guide...

  • Page 433: Show Cloud

    The URL of the connected Digi Remote Manager. deviceid Device ID for Digi Remote Manager connection. uptime Amount of time, in seconds, that the Digi Remote Manager connection has been established. rx-bytes Number of bytes received from Digi Remote Manager. rx-packets Number of packets received from Digi Remote Manager.

  • Page 434: Show Config

    Displays the current device configuration. Parameters config The current configuration running on the device. Digi TransPort WR Routers User Guide...

  • Page 435: Show Dhcp

    Displays the IP address of DMNR Care of Address. interface Displays the interface used by the DMNR tunnel. lifetime Displays the actual lifetime status. local-networks Displays the local networks and their DMNR status. Digi TransPort WR Routers User Guide...

  • Page 436: Show Eth

    The number of unicast packets transmitted on the Ethernet interface. rx-broadcast-packets The number of broadcast packets received on the Ethernet interface. tx-broadcast-packets The number of broadcast packets transmitted on the Ethernet interface. rx-multicast-packets The number of multicast packets received on the Ethernet interface. Digi TransPort WR Routers User Guide...
  • Page 437 The number of received packets that contain fewer than the required minimum of 64 bytes, and have a bad CRC. Fragments are generally caused by collisions. rx-oversize-error The number of received packets that are larger than the maximum 1518 bytes and have a good CRC. Digi TransPort WR Routers User Guide...
  • Page 438 The number of events in which the Ethernet driver detects an inability to service the receive packet queue, as with processor congestion. tx-fifo-error The number of events in which the Ethernet driver detects an inability to service the transmit packet queue, as with processor or network congestion. Digi TransPort WR Routers User Guide...

  • Page 439: Show Firewall

    'clear firewall' command. Parameters filter The currently defined filter table for IPv4. mangle The currently defined mangle table for IPv4. The currently defined raw table for IPv4. The currently defined nat table for IPv4. Digi TransPort WR Routers User Guide...

  • Page 440: Show Firewall6

    This is a useful tool to determine if a rule is correctly detecting packets. To clear the counters, use the 'clear firewall6' command. Parameters filter The currently defined filter table for IPv6. mangle The currently defined mangle table for IPv6. Digi TransPort WR Routers User Guide...

  • Page 441: Show Gre

    Number of bytes received by the GRE tunnel. rx-packets Number of packets received by the GRE tunnel. tx-bytes Number of bytes transmitted by the GRE tunnel. tx-packets Number of packets transmitted by the GRE tunnel. Digi TransPort WR Routers User Guide...

  • Page 442: Show Hotspot

    The number of clients that are currently authenticated to the hotspot. unauth-clients The number of clients that are connected to the hotspot but have not successfully authenticated. These clients may be authenticating and/or accessing sites available within the walled garden. Digi TransPort WR Routers User Guide...

  • Page 443: Show Ip-Filter

    The WAN or LAN that is the destination of outgoing traffic. protocol The protocol of the incoming packet. Use a single protocol, a list (tcp,udp,icmp), or exclusive value (any). When set to 'any', src-ip-port and dst-ip-port values are ignored. Digi TransPort WR Routers User Guide...

  • Page 444: Show Ipsec

    Remote network mask for this IPsec tunnel. key-negotiation Key negotiation used for this IPsec tunnel. rekeying-in Amount of time before the keys are renegotiated. ah-ciphers Authentication Header (AH) Ciphers. esp-ciphers Encapsulating Security Payload (ESP) Ciphers. Digi TransPort WR Routers User Guide...
  • Page 445 Outbound ESP Security Associations (SA). inbound-esp-sas Inbound ESP Security Associations (SA). rx-bytes Number of bytes received over the IPsec tunnel. tx-bytes Number of bytes transmitted over the IPsec tunnel. ike-spis IKE Security Parameter Indexes. Digi TransPort WR Routers User Guide...

  • Page 446: Show Ipstats

    Number of received packets for which reassembly failed. rx-discards Number of received IP packets that have been discarded. rx-no-routes Number of received packets that have no routing information associated with them. rx-address-errors Number of received packets containing IP address errors. Digi TransPort WR Routers User Guide...
  • Page 447 Number of transmitted IP packets for which fragmentation failed. tx-frag-creates Number of IP fragments created. tx-discards Number of transmitted IP packets that were discarded. tx-no-routes Number of transmitted IP packets that had no routing information associated with them. Digi TransPort WR Routers User Guide...

  • Page 448: Show Lan

    Subnet mask for the LAN. dns1 Preferred DNS server. dns2 Alternate DNS server. rx-bytes Number of bytes received by the LAN. rx-packets Number of packets received by the LAN. tx-bytes Number of bytes transmitted by the LAN. Digi TransPort WR Routers User Guide...
  • Page 449 Number of packets transmitted by the LAN. ipv6-address The IPv6 address or addresses assigned to the LAN. Digi TransPort WR Routers User Guide...

  • Page 450: Show Location

    Current number of visible satellites. horizontal-velocity Current horizontal velocity in meters per second. vertical-velocity Current vertical velocity in meters per second. direction Current direction of heading in degrees. recv-state Current state of location data receival Digi TransPort WR Routers User Guide...

  • Page 451: Show Log

    Displays log (event or system/kernel). Parameters system Displays the system/kernel log. Digi TransPort WR Routers User Guide...

  • Page 452: Show Openvpn-Client

    The number of bytes transmitted on the local virtual network interface (TUN/TAP adapter) that this OpenVPN client uses. interface-rx-packets The number of packets received on the local virtual network interface (TUN/TAP adapter) that this OpenVPN client uses. Digi TransPort WR Routers User Guide...
  • Page 453 OpenVPN client uses. socket-rx-bytes The number of bytes received on the local UDP/TCP socket that this OpenVPN client uses. socket-tx-bytes The number of bytes transmitted on the local UDP/TCP socket that this OpenVPN client uses. Digi TransPort WR Routers User Guide...

  • Page 454: Show Openvpn-Server

    The number of packets received on the local virtual network interface (TUN/TAP adapter) that this OpenVPN server uses. interface-tx-packets The number of packets transmitted on the local virtual network interface (TUN/TAP adapter) that this OpenVPN server uses. Digi TransPort WR Routers User Guide...

  • Page 455: Show Port-Forward

    Enables or disables a port forward rule. Invalid rules are not enabled. protocol The protocol or protocols of the packets to forward. The WAN or LAN that is the source of incoming traffic to be forwarded. Digi TransPort WR Routers User Guide...

  • Page 456: Show Python

    Displays running Python applications Parameters applications Displays running Python applications Digi TransPort WR Routers User Guide...

  • Page 457: Show Route

    The gateway for the route. metric The metric assigned to the route. protocol The protocol for the route. The index number for the route. interface The interface for the route. status Status of the route. Digi TransPort WR Routers User Guide...

  • Page 458: Show Routing-Rule

    Displays routing rule status Parameters oper-status Whether the routing rule is up or down. description The description of this routing rule. The WAN of the routing rule. Digi TransPort WR Routers User Guide...

  • Page 459: Show Serial

    Number of times the next data character arrived before the hardware could move the previous character. overflow Number of times the received buffer was full when additional data was received. line-status The current signal detected on the serial line. Digi TransPort WR Routers User Guide...

  • Page 460: Show System

    The current configuration file loaded on the device. uptime The time the device has been up. system-time The current time on the device. cpu-usage Current CPU usage. cpu-min Minimum CPU usage. cpu-max Maximum CPU usage. Digi TransPort WR Routers User Guide...
  • Page 461 Average CPU usage. description Description for this device. location Location details for this device. contact Contact information for this device. temperature The current temperature of the device. core-temperature The current temperature of the CPU core. Digi TransPort WR Routers User Guide...

  • Page 462: Show Tech-Support

    Displays information needed by Digi Technical Support when diagnosing device issues. Parameters output-file The name of the file to which the command output is written. Optional. Digi TransPort WR Routers User Guide...

  • Page 463: Show Usb

    Displays Vendor ID, Product ID, Manufacturer, Product Name, and USB Port of USB devices. Parameters vendor-id Vendor ID of the USB Device product-id Product ID of the USB Device manufacturer Manufacturer of USB Device product Product Name of USB Device Digi TransPort WR Routers User Guide...

  • Page 464: Show Vrrp

    The total number of VRRP advertisements received by this router. priority-sent The total number of VRRP packets with a priority of '0' sent by this router. priority-received The total number of VRRP packets with a priority of '0' received by this router. Digi TransPort WR Routers User Guide...

  • Page 465: Show Wan

    Number of packets received by the WAN. tx-bytes Number of bytes transmitted by the WAN. tx-packets Number of packets transmitted by the WAN. probe-host The IPv4 address or fully qualified domain name (FQDN) of the device to send probes to. Digi TransPort WR Routers User Guide...
  • Page 466 A value of -2 indicates the device has not received any probe responses yet. ipv6-address The IPv6 address or addresses assigned to the WAN. ipv6-dns1 Preferred IPv6 DNS server. ipv6-dns2 Alternate IPv6 DNS server. Digi TransPort WR Routers User Guide...

  • Page 467: Show Web-Filter

    Displays status for the web filtering service used for all WAN traffic. Parameters state Whether web filtering is enabled. device-id Device ID from the Cisco Umbrella Network Device Registration API. Digi TransPort WR Routers User Guide...

  • Page 468: Show Wifi-Ap

    The number of bytes transmitted by the Wi-Fi Access Point interface. rx-packets The number of packets transmitted by the Wi-Fi Access Point interface. tx-packets The number of packets transmitted by the Wi-Fi Access Point interface. Digi TransPort WR Routers User Guide...
  • Page 469 The number of receive length errors by the Wi-Fi Access Point interface. tx-heartbeat-errors The number of transmit heartbeat errors by the Wi-Fi Access Point interface. rx-missed-errors The number of receive missed errors by the Wi-Fi Access Point interface. Digi TransPort WR Routers User Guide...
  • Page 470 The number of transmit window errors by the Wi-Fi Access Point interface. rx-over-errors The number of receive over errors by the Wi-Fi Access Point interface. Digi TransPort WR Routers User Guide...

  • Page 471: Show Wifi-Client

    Wi-Fi Client Connection rate in Mbps. rx-bytes The number of bytes received by the Wi-Fi Client interface. tx-bytes The number of bytes transmitted by the Wi-Fi Client interface. rx-packets The number of packets transmitted by the Wi-Fi Client interface. Digi TransPort WR Routers User Guide...
  • Page 472 The number of transmit carrier errors by the Wi-Fi Client interface. rx-length-errors The number of receive length errors by the Wi-Fi Client interface. tx-heartbeat-errors The number of transmit heartbeat errors by the Wi-Fi Client interface. Digi TransPort WR Routers User Guide...
  • Page 473 The number of receive missed errors by the Wi-Fi Client interface. tx-window-errors The number of transmit window errors by the Wi-Fi Client interface. rx-over-errors The number of receive over errors by the Wi-Fi Client interface. Digi TransPort WR Routers User Guide...

  • Page 474: Snmp

    Value is either on or off. The default value is off. Examples snmp v1 on Enable SNMPv1 support. snmp v2c on Enable SNMPv2c support. snmp port 161 Set the SNMP listening port to 161. Digi TransPort WR Routers User Guide...

  • Page 475: Snmp-Community

    Accepted values can be one of read-only or read-write. The default value is read-only. Examples snmp-community 1 community public Set the first SNMPv1 or SNMPv2c community name to 'public.' snmp-community 1 access read-write Set the first SNMPv1 or SNMPv2c community access level to 'read-write.' Digi TransPort WR Routers User Guide...

  • Page 476: Snmp-User

    SNMPv3 authentication password. The password is stored in encrypted form. Accepted value is any string up to 64 characters. privacy-password SNMPv3 privacy password. The password is stored in encrypted form. Accepted value is any string up to 64 characters. Digi TransPort WR Routers User Guide...

  • Page 477: Sntp

    Value should be a fully qualified domain name. The default value is time.devicecloud.com. update-interval The interval, in minutes, at which the device checks the SNTP server for date and time. Accepted value is any integer from 1 to 10080. The default value is 1440. Digi TransPort WR Routers User Guide...

  • Page 478: Ssh

    The key type of the CA public key This element is available to super users only. Accepted values can be one of none, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, ssh-ed25519 or ssh-rsa. The default value is none. Digi TransPort WR Routers User Guide...

  • Page 479: Syslog

    Accepted value is any integer from 0 to 65535. The default value is 514. mode This allows you to send syslog messages with either TCP or UDP. Accepted values can be one of udp or tcp. The default value is udp. Digi TransPort WR Routers User Guide...

  • Page 480: System

    '%s' in prompt value. For example, a 'prompt' parameter value of 'WR64_%s' resolves to 'WR64_WR123456.' Accepted value is any string up to 16 characters. The default value is digi.router>. timeout The time, in seconds, after which a web or command-line interface session times out if there is no activity.
  • Page 481 Enables logging events to a syslog server Accepted values can be multiple values of syslog1, syslog2 and off. The default value is off. log-system-to-syslog Enables logging system events to a syslog server Digi TransPort WR Routers User Guide...
  • Page 482 Accepted values can be multiple values of syslog1, syslog2 and off. The default value is off. hw-crypto Enables or disables the HW crypto accelerator for the IPsec connections. Value is either on or off. The default value is on. Digi TransPort WR Routers User Guide...

  • Page 483: Traceroute

    The maximum number of seconds to wait for a response from a hop. size The size, in bytes, of the message to send. host The IP address of the destination host. Examples traceroute 8.8.8.8 Finds the network route to IP address 8.8.8.8 Digi TransPort WR Routers User Guide...

  • Page 484: Unlock

    Unlock the SIM card in cellular1 SIM2 with PUK code 12345678 and set the new SIM PIN to 1234. unlock cellular2-sim1 12345678 1234 Unlock the SIM card in cellular2 SIM1 with PUK code 12345678 and set the new SIM PIN to 1234. Digi TransPort WR Routers User Guide...

  • Page 485: Update

    1 Initiate the cellular module firmware update process. This process retrieves image files from Digi International site and downloads the images to the module. update module 1 ./module_fw Initiate the cellular module firmware update process. This process uploads firmware files from the directory ./module_fw to the cellular module.
  • Page 486 1 verizon Initiate the cellular module firmware update process. This process retrieves firmware files from the Digi repository of cellular module firmware files and uploads the images to the module. Digi TransPort WR Routers User Guide...

  • Page 487: User

    The default value is none. Examples user 1 username _Username1234$ Valid user 1 username starting with _ and ending with $. user 3 username userName-1234 Valid user 3 username containing a dash. Digi TransPort WR Routers User Guide...

  • Page 488: Vrrp

    The time in seconds betweeen VRRP advertisement packets. All of the routers in the VRRP group should use the same interval. Accepted value is any integer from 1 to 60. The default value is 1. Digi TransPort WR Routers User Guide...

  • Page 489: Wan

    If not, the WAN failover configuration is considered invalid, and an error message is written to the system log. Accepted value is any integer from 2 to 3600. The default value is 60. Digi TransPort WR Routers User Guide...
  • Page 490 Value should be an IPv4 address. allow-ssh-access Allow SSH access on this WAN interface. Custom firewall rules may affect the behavior of this parameter. Value is either on or off. The default value is off. Digi TransPort WR Routers User Guide...
  • Page 491 The time in seconds to wait for a response to probes before resetting the router. This is only done for cellular modules using a single SIM. Set to 0 to disable, minimum timeout is 300 seconds. Accepted value is any integer from 0 to 86400. The default value is 0. Digi TransPort WR Routers User Guide...

  • Page 492: Web-Filter

    Use the specified DNS server instead the default primary DNS server for the web filtering service. This value should only be set if the web filtering service changes the IP addresses of their DNS servers before Digi can release a software update that includes the new IP addresses. Value should be an IPv4 address.

  • Page 493: Wifi-Ap

    Accepted values can be one of off or on. The default value is on. isolate-ap Enables or disables clients on a Wi-Fi access point from communicating with clients on other Access Points. Accepted values can be one of off or on. The default value is on. Digi TransPort WR Routers User Guide...
  • Page 494 The port for the RADIUS server. Accepted value is any integer from 1 to 65535. The default value is 1812. radius-password The password for the RADIUS server. Accepted value is any string up to 64 characters. Digi TransPort WR Routers User Guide...

  • Page 495: Wifi-Client

    Accepted value is any integer from 0 to 2147483647. The default value is 3600. connect-interval How often in seconds the client will scan for an access point to connect to when not connected. Accepted value is any integer from 1 to 2147483647. The default value is 30. Digi TransPort WR Routers User Guide...

  • Page 496: Wifi-Client-Network

    Accepted values can be one of none, 1 or 2. The default value is none. hidden-network Wi-Fi network SSID is hidden (not broadcast). Enabling this will add latency to scanning. Value is either on or off. The default value is off. Digi TransPort WR Routers User Guide...

  • Page 497: Wifi-Module

    Accepted values can be one of auto, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 36, 40, 44, 48, 52, 56, 60, 64, 100, 104, 108, 112, 116, 132, 136 or 140. The default value is auto. Digi TransPort WR Routers User Guide...

  • Page 498: Xauth-User

    <1 - 10> <parameter> <value> Parameters username Username for IPsec XAuth authentication Accepted value is any string up to 128 characters. password Password for IPsec XAuth authentication Accepted value is any string up to 128 characters. Digi TransPort WR Routers User Guide...

  • Page 499: Advanced Topics

    Advanced topics Using firewall and firewall6 commands Using the firewall command Understanding system firewall rules Digi TransPort WR Routers User Guide...

  • Page 500: Using Firewall And Firewall6 Commands

    The filter table filters packets being sent, received, and forwarded by the device. This is the default table if one is not specified in the firewall rule. The filter table supports these chains: INPUT, OUTPUT, FORWARD. Digi TransPort WR Routers User Guide...

  • Page 501: Policy Rules

    Reserved for use by the TransPort system only. Do not modify these rules. Policy rules A policy rule defines the default action for a chain; for example ACCEPT or DROP. Digi TransPort WR Routers User Guide...

  • Page 502: Default Firewall Configuration

    0 ACCEPT lan+ anywhere anywhere tcp dpt:443 /* (autogenerated) lan */ 0 ACCEPT lan+ anywhere anywhere udp dpt:67 /* (autogenerated) lan */ 0 ACCEPT lan+ anywhere anywhere udp dpt:53 /* (autogenerated) lan */ [..snip..] Digi TransPort WR Routers User Guide...

  • Page 503: Allow Ssh Access On A Wan

    10.20 network to SSH (port 22). For example, assuming port 22 is the SSH port, enter commands similar to the following: digi.router> ip-filter 1 description Allow WAN SSH only from 10.20 network digi.router> ip-filter 1 action accept digi.router> ip-filter 1 src any-wan digi.router>...

  • Page 504: Allow Https Access On A Wan

    10.20 network to HTTPS (port 443). For example, assuming port 443 is the HTTPS port, enter commands similar to the following: digi.router> ip-filter 1 description Allow WAN HTTPS only from 10.20 network digi.router> ip-filter 1 action accept digi.router>...
  • Page 505 Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in source destination digi.router> digi.router> firewall -I INPUT 2 -i cellular1 -p udp --dport 7 -j ACCEPT digi.router> digi.router> show firewall filter Filter Table ------------ Chain INPUT (policy DROP 4 packets, 256 bytes)

  • Page 506: Update A Firewall Rule

    [-t table] –R <chain> <position> <rule> For example, to update the second rule, specify a position of 2. digi.router> firewall -R INPUT 2 -i cellular1 -p udp --dport 123 -j ACCEPT show firewall output for the filter table created by the above command looks like this: digi.router>...

  • Page 507: Show Firewall Rules And Counters

    /* (autogenerated) lan */ Chain OUTPUT (policy ACCEPT 8 packets, 576 bytes) pkts bytes target prot opt in source destination Chain tlr_wan_input (1 references) pkts bytes target prot opt in source destination Raw Table --------- Digi TransPort WR Routers User Guide...
  • Page 508 ------------ Chain INPUT (policy ACCEPT 1732 packets, 117K bytes) pkts bytes target prot opt in source destination 152 DROP cellular1 any anywhere anywhere tcp dpt:22 1380 DROP icmp -- lan1 anywhere anywhere icmp echo-request Digi TransPort WR Routers User Guide...
  • Page 509 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in source destination Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in source destination digi.router> Digi TransPort WR Routers User Guide...

  • Page 510: Understanding System Firewall Rules

    User priority chains WARNING! Take extreme care when using user priority chain rules. If you implement user priority chain rules incorrectly, you can expose your device to security threats or disable remote access to the device. Digi TransPort WR Routers User Guide...

  • Page 511: Testing New Firewall Rules

    Before you manually create firewall rules using custom user priority chains, Digi recommends you allow the system to automatically generate firewall rules using standard built-in chains and/or the...

  • Page 512: System Chains

    System firewall rules will continue to change and be restructured as subsequent versions of the TransPort firmware are released. If you create or modify firewall rules using the firewall command, be aware of the relationship between system-managed rules and the rules you create. Digi TransPort WR Routers User Guide...

This manual is also suitable for:

Transport wr64Transport wr54

Table of Contents