Related Manuals for Amit VHG87B-0T1B0
Summary of Contents for Amit VHG87B-0T1B0
- Page 1 In-Vehicle Cellular Gateway VHG87B-0T1B0 (LTE cat.4) VHG87B-061B0 (LTE cat.6) User Manual...
-
Page 2: Table Of Contents
In-Vehicle Cellular Gateway Chapter 1 Introduction ............................7 1.1 Introduction .............................. 7 1.2 Contents List ............................8 1.2.1 Package Contents ........................... 8 1.3 Hardware Configuration .......................... 9 1.4 LED Indication ............................12 1.5 Installation & Maintenance Notice ......................13 1.5.1 SYSTEM REQUIREMENTS ..................... 13 1.5.2 WARNING .......................... - Page 3 In-Vehicle Cellular Gateway 2.3.3 Advanced Configuration ......................102 2.3.4 Uplink Profile..........................104 2.4 IPv6 ..............................108 2.4.1 IPv6 Configuration........................108 2.5 Port Forwarding ..........................117 2.5.1 Configuration ..........................118 2.5.2 Virtual Server & Virtual Computer ................... 119 2.5.3 DMZ & Pass Through ....................... 125 2.5.4 Special AP &...
- Page 4 In-Vehicle Cellular Gateway Chapter 4 Field Communication ........................190 4.1 Bus & Protocol ............................. 190 4.1.1 Port Configuration ........................190 4.1.2 Virtual COM ..........................192 Chapter 5 Security .............................. 203 5.1 VPN ..............................203 5.1.1 IPSec ............................204 5.1.2 OpenVPN ..........................218 5.1.3 L2TP ............................
- Page 5 In-Vehicle Cellular Gateway 6.2.3 System Time..........................319 6.2.4 System Log ..........................324 6.2.5 Backup & Restore ........................329 6.2.6 Reboot & Reset ........................330 6.3 FTP ............................... 331 6.3.1 Server Configuration ......................... 332 6.3.2 User Account ..........................334 6.4 Diagnostic ............................335 6.4.1 Diagnostic Tools ........................
- Page 6 In-Vehicle Cellular Gateway 8.2.3 WiFi Status ..........................393 8.2.4 DDNS Status ..........................397 8.3 Security ..............................398 8.3.1 VPN Status ..........................398 8.3.2 Firewall Status .......................... 402 8.4 Administration............................406 8.4.1 Configure & Manage Status...................... 406 8.4.2 Log Storage Status ........................408 8.4.3 GNSS Status..........................
-
Page 7: Chapter 1 Introduction
Work with internal / external portal and RADIUS server for user authentication or push • advertisements. Before you install and use this product, please read this manual in detail for fully exploiting the functions of this product. 1 VHG87B-0T1B0 for LTE cat.4, and VHG87B-061B0 for LTE cat. 6. -
Page 8: Contents List
In-Vehicle Cellular Gateway 1.2 Contents List 1.2.1 Package Contents #Standard Package Items Description Contents Quantity VHG87B-0x1B0 1pcs In-Vehicle Cellular Gateway Cellular Antenna 2pcs 2.4G/5GHz WiFi Antenna 2pcs 8 pin Terminal Block 1pcs 1pcs (Manual) Mounting Bracket 2pcs 2 The maximum power consumption of VHG87B series product is 20.0W. -
Page 9: Hardware Configuration
In-Vehicle Cellular Gateway 1.3 Hardware Configuration Front View SIM A Slot Reset USB Port SIM B Slot Indicators Button ※Reset Button The RESET button provides user with a quick and easy way to resort the default setting. Press the RESET button continuously for 6 seconds, and then release it. - Page 10 In-Vehicle Cellular Gateway Rear View 3G/4G (Main) 2.4G/5GHz 3G/4G (Aux) 2.4G/5GHz Antenna WiFi Ant. Antenna WiFi Ant. Auto MDI/MDIX RJ45 Ports GPS Antenna 2(3)xGE LAN to connect local (Optional) devices Power Terminal Block ※ GNSS Antenna The GNSS Antenna is an optional accessory, and not included in the standard package. If you intend to use the provided GNSS function, please purchase required GPS antenna and install it to the corresponding SMA connector in advance.
- Page 11 In-Vehicle Cellular Gateway If the label shows “EC25-x”, or “EP06-E”, “MC7430” please use an active GNSS antenna to get the best sensitivity. EC25-E VHG87B-061B0 MC7430 EP06-E VHG87B-061B0 VHG87B-061B0 If the label shows “ME3630-xxx”, please use a passive GNSS antenna.
-
Page 12: Led Indication
In-Vehicle Cellular Gateway 1.4 LED Indication LED Color LED Icon Indication Description OFF: GNSS function is disabled. Green Steady ON: Location is fixed. Fast Flashing: Location is fixing. OFF: Device is powered OFF or in standby mode. Steady ON: Device is powered ON. Power Source Green Flash once a second: Device is at “Delay OFF”... -
Page 13: Installation & Maintenance Notice
In-Vehicle Cellular Gateway 1.5 Installation & Maintenance Notice 1.5.1 SYSTEM REQUIREMENTS A Gigabit Ethernet RJ45 cable or DSL modem • 3G/4G cellular service subscription • Network Requirements IEEE 802.11b/g/n/ac wireless clients • 10/100/1000 Ethernet adapter on PC • Computer with the following: Windows®, Macintosh, or Linux-based operating •... - Page 14 In-Vehicle Cellular Gateway Federal Communication Commission Interference Statement This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation.
-
Page 15: Hot Surface Caution
In-Vehicle Cellular Gateway 1.5.3 HOT SURFACE CAUTION CAUTION: The surface temperature for the metallic enclosure can be very high! Especially after operating for a long time, installed at a closed cabinet without air conditioning support, or in a high ambient temperature space. -
Page 16: Product Information For Ce Red Requirements
In-Vehicle Cellular Gateway 1.5.4 Product Information for CE RED Requirements The following product information is required to be presented in product User Manual for latest CE RED requirements. (1) Frequency Band & Maximum Power 1.a Frequency Band for Cellular Connection (for EC25-E version) Band number Operating Frequency Max output power... - Page 17 In-Vehicle Cellular Gateway Downlink: 925-960 MHz LTE FDD BAND 20 Uplink: 832-862 MHz Downlink: 791-821 MHz WCDMA BAND 1 Uplink: 1920-1980 MHz Downlink: 2110-2170 MHz 24 +1/-3 dBm WCDMA BAND 8 Uplink: 880-915 MHz Downlink: 925-960 MHz E-GSM Uplink: 880-915 MHz 33 ±2 dBm Downlink: 925-960 MHz Uplink:...
- Page 18 Ensure the unit is fixed tightly to reduce the likelyhood of injury due to exposure to mechanical hazards if dropped. (7) Manufacture Information Manufacture Name: AMIT Wireless Inc. Manufacture Address: No. 28, Lane 31, Sec. 1, Huandong Rd., Sinshih Dist., Tainan 74146, Taiwan (R.O.C.)
-
Page 19: Hardware Installation
In-Vehicle Cellular Gateway 1.6 Hardware Installation This chapter describes how to install and configure the hardware 1.6.1 Mount the Unit The VHG87B series products can be mounted on a wall, or horizontal plane with the mounting accessories (brackets). The mounting accessories are not screwed on the product when out of factory. Please screw the mounting brackets on the product first. -
Page 20: Install The External Rf Cable And Antenna
In-Vehicle Cellular Gateway 1.6.3 Install the External RF Cable and Antenna As illustrated in Section 1.3, there are several SMA antenna Jacks for you to install the required RF cables and antennas for the RF signal transmission and receiving. You have to purchase required RF cables and antennas separately for a specific project or installation site to get excellent RF performance. -
Page 21: Connecting Di/Do Devices
In-Vehicle Cellular Gateway 1.6.4 Connecting DI/DO Devices There are two DI, and one DO ports together with power terminal block. Please refer to following specification to connect DI and DO devices. Mode Specification Trigger Voltage (high) Logic level 1: 5V~30V Digital Input Normal Voltage (low) Logic level 0: 0V~1.0V... -
Page 22: Connecting Serial Device
In-Vehicle Cellular Gateway 1.6.5 Connecting Serial Device The VHG87B series products provide one RS-232 port with TX and RX signals located in the terminal block connector, as shown below. Connect the serial device to the unit TX/RX ports with the right pin assignments of a RS-232 cable. -
Page 23: Connecting Power
In-Vehicle Cellular Gateway 1.6.6 Connecting Power VHG87B series product can be powered by connecting a power source to the terminal block. It supports 9V to 36V DC power input. Following picture is the power terminal block pin assignments. Please check carefully and connect to the right power requirements and polarity. - Page 24 In-Vehicle Cellular Gateway Besides, with a provision of IGN (Ignition Sense) Power Control function, the VHG87B series product can be powered by Car battery and operates with the benefits for delay OFF, and low battery shutdown feature. That is, the gateway can still operate for a certain time period even the vehicle powerhas been switched off. To use such function, please properly concect the PWR / GND / IGN ports to the pads located in vehicle fuse panel (refer the the following diagram), and activate the Power Control function through web UI...
-
Page 25: Connecting To The Network Or A Host
In-Vehicle Cellular Gateway 1.6.7 Connecting to the Network or a Host The VHG87B series products provide three RJ45 ports to connect 10/100/1000Mbps Ethernet. It can auto detect the transmission speed on the network and configure itself automatically. Connect one Ethernet cable to the RJ45 port (LAN) of the device and plug another end of the Ethernet cable into your computer’s network port. -
Page 26: Chapter 2 Basic Network
In-Vehicle Cellular Gateway Chapter 2 Basic Network 2.1 WAN & Uplink The gateway provides multiple WAN interfaces to let all client hosts in Intranet of the gateway access the Internet via ISP. But ISPs in the world apply various connection protocols to let gateways or user's devices dial in ISPs and then link to the Internet via different kinds of transmit media. -
Page 27: Physical Interface
In-Vehicle Cellular Gateway 2.1.1 Physical Interface M2M gateways are usually equipped with various WAN interfacess to support different WAN connection scenario for requirement. You can configure the WAN interface one by one to get proper internet connection setup. Refer to the product specification for the available WAN interfaces in the product you purchased. The first step to configure one WAN interface is to specify which kind of connection media to be used for the WAN connection, as shown in "Physical Interface"... - Page 28 In-Vehicle Cellular Gateway Please MUST POWER OFF the gateway before you insert or remove SIM card. The SIM card can be damaged if you insert or remove SIM card while the gateway is in operation. Attention Operation Mode: There are three option items “Always on”, “Failover”, and “Disable”...
- Page 29 In-Vehicle Cellular Gateway Seamless Failover: In addition, there is a "Seamless" option for Failover operation mode. When seamless option is activated by checking on the "Seamless" box in configuration window, both the primary connection and the failover connection are started up after system rebooting.
- Page 30 In-Vehicle Cellular Gateway Physical Interface Setting Go to Basic Network > WAN > Physical Interface tab. The Physical Interface allows user to setup the physical WAN interface and to adjust WAN’s behavior. Note: Numbers of available WAN Interfaces can be different for the purchased gateway. When Edit button is applied, an Interface Configuration screen will appear.
- Page 31 In-Vehicle Cellular Gateway Select Always on to make this WAN always active. Select Disable to disable this WAN interface. Select Failover to make this WAN a Failover WAN when the primary or the secondary WAN link failed. Then select the primary or the existed secondary WAN interface to switch Failover from.
-
Page 32: Internet Setup
In-Vehicle Cellular Gateway 2.1.2 Internet Setup After specifying the physical interface for each WAN connection, administrator must configure their connection profile to meet the dial in process of ISP, so that all client hosts in the Intranet of the gateway can access the Internet. - Page 33 In-Vehicle Cellular Gateway Internet Connection List - Ethernet WAN WAN Type for Ethernet Interface: Ethernet is the most common WAN and uplink interface for M2M gateways. Usually it is connected with xDSL or cable modem for you to setup the WAN connection. There are various WAN types to connect with ISP. •...
- Page 34 In-Vehicle Cellular Gateway WAN Type = Dynamic IP When you select it, "Dynamic IP WAN Type Configuration" will appear. Items and setting is explained below Dynamic IP WAN Type Configuration Item Value setting Description Host Name Enter the host name provided by your Service Provider. An optional setting Enter the MAC address that you have registered with your service provider.
- Page 35 In-Vehicle Cellular Gateway Static IP WAN Type Configuration Item Value setting Description WAN IP Address A Must filled setting Enter the WAN IP address given by your Service Provider WAN Subnet Mask A Must filled setting Enter the WAN subnet mask given by your Service Provider WAN Gateway A Must filled setting Enter the WAN gateway IP address given by your Service Provider...
- Page 36 In-Vehicle Cellular Gateway WAN Type= PPTP When you select it, "PPTP WAN Type Configuration" will appear. Items and setting is explained below PPTP WAN Type Configuration Item Value setting Description Select either Static or Dynamic IP address for PPTP Internet connection. When Static IP Address is selected, you will need to enter the WAN IP ...
- Page 37 In-Vehicle Cellular Gateway WAN Type= L2TP When you select it, "L2TP WAN Type Configuration" will appear. Items and setting is explained below L2TP WAN Type Configuration Item Value setting Description Select either Static or Dynamic IP address for L2TP Internet connection. When Static IP Address is selected, you will need to enter the WAN IP ...
- Page 38 In-Vehicle Cellular Gateway Ethernet Connection Common Configuration There are some important parameters to be setup no matter which Ethernet WAN type is selected. You should follow up the rule to configure. Connection Contro Auto-reconnect: This gateway will establish Internet connection automatically once it has been booted up, and try to reconnect once the connection is down.
- Page 39 In-Vehicle Cellular Gateway Manually: This gateway won’t start to establish WAN connection until you press “Connect” button on web UI. After normal data transferring between LAN and WAN sides, this gateway will disconnect WAN connection if idle time reaches value of Maximum Idle Time. Please be noted, if the WAN interface serves as the primary one for another WAN interface in Failover role, the Connection Control parameter will not be available to you to configure as the system must set it to “Auto- reconnect (Always on)”.
- Page 40 In-Vehicle Cellular Gateway Set up “Ethernet Common Configuration” Ethernet WAN Common Configuration Item Value setting Description There are three connection modes. • Auto-reconnect enables the router to always keep the Internet connection on. • Connect-on-demand enables the router to automatically re- establish Internet connection as soon as user attempts to access Connection Control A Must filled setting...
- Page 41 In-Vehicle Cellular Gateway disconnection times to be the threshold before disconnection is acknowledged. Target1 (DNS1 set by default) specifies the first target of sending DNS query/ICMP request. DNS1: set the primary DNS to be the target. DNS2: set the secondary DNS to be the target. ...
- Page 42 In-Vehicle Cellular Gateway Internet Connection – 3G/4G WAN Preferred SIM Card – Dual SIM Fail Over For 3G/4G embedded device, one embedded cellular module can create only one WAN interface. This device has featured by using dual SIM cards for one module with special fail-over mechanism. It is called Dual SIM Failover.
- Page 43 In-Vehicle Cellular Gateway SIM-A/SIM-B only: When “SIM-A Only” or “SIM-B Only” is used, the specified SIM slot card is the only one to be used for negotiation parameters between gateway device and cellular ISP. SIM-A / SIM-B first without enable Failback By default, “SIM-A First”...
- Page 44 In-Vehicle Cellular Gateway 3G/4G Connection Configuration Item Value setting Description 1. A Must filled setting From the dropdown box, select Internet connection method for 3G/4G WAN Type 2. 3G/4G is set by WAN Connection. Only 3G/4G is available. default. Choose which SIM card you want to use for the connection. When SIM-A First or SIM-B First is selected, it means the connection is built first by using SIM A/SIM B.
- Page 45 In-Vehicle Cellular Gateway Note_1: Configurations of SIM-B Card follows the same rule of Configurations of SIM-A Card, here we list SIM- A as the example. Note_2: Both Connection with SIM-A Card and Connection with SIM-B Card will pop up only when the SIM-A First or SIM-B First is selected, otherwise it only pops out one of them.
- Page 46 In-Vehicle Cellular Gateway Select Auto-detection to automatically bring out all configurations needed while dialing-up, by comparing the IMSI of the SIM card to the record listed in the manufacturer’s database. Note_1: You are highly recommended to select the Manual or APN Profile List to specify the network for your subscription.
- Page 47 In-Vehicle Cellular Gateway List all the APN profile you created, easily for you to check and modify. It is available only when you select Dial-Up Profile as APN Profile List. When Add button is applied, an APN Profile Configuration screen will appear. SIM-A/-B APN Profile Configuration Item Value setting...
- Page 48 In-Vehicle Cellular Gateway When the Back button is clicked, the screen will return to the previous Back page. Setup 3G/4G Connection Common Configuration Here you can change common configurations for 3G/4G WAN. 3G/4G Connection Common Configuration Item Value setting Description When Auto-reconnect is selected, it means it will try to keep the Internet connection on all the time whenever the physical link is connected.
- Page 49 In-Vehicle Cellular Gateway Value Range: 1200 ~ 1500. When Enable box is checked, it means the device will directly assign the 1. The box is unchecked WAN IP to the first connected local LAN client. by default However, when an optional Fixed MAC is filled-in a non-zero value, it IP Pass-through 2.
- Page 50 In-Vehicle Cellular Gateway Fail Threshold specifies the detected disconnection before the router recognize the WAN link down status. Enter a number of detecting disconnection times to be the threshold before disconnection is acknowledged. Target1 specifies the first target of sending DNS query/ICMP request. 1.
- Page 51 In-Vehicle Cellular Gateway Internet Connection – WFi Uplink WAN If the device connects to Internet through WiFi Uplink, this section will help you to complete WiFi Uplink connection setup. Go to Basic Network > WAN & Uplink > Internet Setup tab. WiFi Uplink interface: The Uplink network is a wireless network, and the gateway can connect to the Uplink network through WiFi connection.
- Page 52 In-Vehicle Cellular Gateway WiFi Uplink WiFi Uplink WAN Type Configuration Item Value setting Description Display the information of AP for connecting. You can Click the Scan button and select a AP for the uplink network. Connect to AP Besides, you can also create uplink profile(s) for ease of connecting to an available Uplink network.
- Page 53 In-Vehicle Cellular Gateway Specify the maximum Idle time setting to disconnect the internet 1. An Optional setting connection when the connection idle timed out. Maximum Idle Time 2. By default 600 Value Range: 300 ~ 86400. seconds is filled-in Note: This field is available only when Connect-on-demand or Connect Manually is selected as the connection control scheme.
- Page 54 In-Vehicle Cellular Gateway recognize the WAN link down status. Enter a number of detecting disconnection times to be the threshold before disconnection is acknowledged. Specify a time interval as the DNS Query Interval. Query Interval defines the transmitting interval between two DNS Query or 1.
-
Page 55: Load Balance
In-Vehicle Cellular Gateway 2.1.3 Load Balance When there aremultiple WAN interfaces, and when the bandwidth of one WAN connection is not enough for the traffic loads from the Intranet to the Internet, the WAN load balance function can be considered to enlarge the total WAN bandwidth. - Page 56 In-Vehicle Cellular Gateway By Specific Weight When you select "By Specific Weight", you need to set up ratio of WAN-1/WAN-2 to decide sessions sent ratio. Total ratio should be 100%. Ratio is usually defined based on practical WAN speed of environment.
- Page 57 In-Vehicle Cellular Gateway Load Balance Setting Go to Basic Network > WAN & Uplink > Load Balance Tab. The Load Balance function is used to manage balance bandwidth usage among multiple WAN connections When you choose "By Smart Weight" strategy, system will operate load balance function automatically based on the embedded Smart Weight algorithm.
- Page 58 In-Vehicle Cellular Gateway Weight Definition Item Value setting Description WAN ID The Identifier for each available WAN interface.. Enter the weight ratio for each WAN interface. 1. A Must filled setting Initially, the bandwidth ratio of each WAN is set by default. Weight 2.
- Page 59 In-Vehicle Cellular Gateway User Policy Configuration Item Value setting Description There are four options can be selected : Any: No specific Source IP is provided. The traffic may come from any source Subnet: Specify the Subnet for the traffics come from the subnet. Input format Source IP 1.
-
Page 60: Lan & Vlan
In-Vehicle Cellular Gateway 2.2 LAN & VLAN This section provides the configuration of LAN and VLAN. VLAN is an optional feature, and it depends on the product specification of the purchased gateway. 2.2.1 Ethernet LAN The Local Area Network (LAN) can be used to share data or files among computers attached to a network. - Page 61 In-Vehicle Cellular Gateway by default The default subnet mask is 255.255.255.0 (/24), and it means maximum 254 IP addresses are allowed in this subnet. However, one of them is occupied by LAN IP address of this gateway, so there are maximum 253 clients allowed in LAN network.
- Page 62 In-Vehicle Cellular Gateway network. Value Range: 255.0.0.0 (/8) ~ 255.255.255.255 (/32). Save Click the Save button to save the configuration...
-
Page 63: Vlan
In-Vehicle Cellular Gateway 2.2.2 VLAN VLAN (Virtual LAN) is a logical network under a certain switch or router device to group client hosts with a specific VLAN ID. This gateway supports both Port-based VLAN and Tag-based VLAN. These functions allow you to divide local network into different “virtual LANs”. - Page 64 In-Vehicle Cellular Gateway Staff) with NAT mode and DHCP-2 server equipped. At last, administrator also configure Data Center segment with VLAN ID 1. The VLAN group includes Port-1 with NAT mode to WAN interface as shown in following diagram. Above is the general case for 3 Ethernet LAN ports in the gateway. But if the device just has one Ethernet LAN port, there will be only one VLAN group for the device.
- Page 65 In-Vehicle Cellular Gateway For example, in a company, administrator schemes out 3 network segments, Lab, Meeting Rooms, and Office. In a Security VPN Gateway, administrator can configure Office segment with VLAN ID 12. The VLAN group is equipped with DHCP-3 server to construct a 192.168.12.x subnet. He also configure Meeting Rooms segment with VLAN ID 11.
- Page 66 In-Vehicle Cellular Gateway VLAN Groups Access Control Administrator can specify the Internet access permission for all VLAN groups. He can also configure which VLAN groups are allowed to communicate with each other. VLAN Group Internet Access Administrator can specify members of one VLAN group to be able to access Internet or not. Following is an example that VLAN groups of VID is 2 and 3 can access Internet but the one with VID is 1 cannot access Internet.
- Page 67 In-Vehicle Cellular Gateway Inter VLAN Group Routing: In Port-based tagging, administrator can specify member hosts of one VLAN group to be able to communicate with the ones of another VLAN group or not. This is a communication pair, and one VLAN group can join many communication pairs.
- Page 68 In-Vehicle Cellular Gateway VLAN Setting Go to Basic Network > LAN & VLAN > VLAN Tab. The VLAN function allows you to divide local network into different virtual LANs. There are Port-based and Tag-based VLAN types. Select one that applies. Configuration Item Value setting...
- Page 69 In-Vehicle Cellular Gateway button) Port-based VLAN - Configuration Port-based VLAN Configuration (part-I) Item Value setting Description Define the Name of this rule. It has a default text and cannot be modified. 1. A Must filled setting Name 2. String format: already have default texts VLAN ID A Must filled setting...
- Page 70 In-Vehicle Cellular Gateway Port-based VLAN Configuration (part-II) Item Value setting Description WAN & WAN All WANs is selected by Select which WAN or All WANs that allow accessing Internet. VID to Join default. Note: If Bridge mode is selected, you need to select a WAN and enter a VID. LAN IP Assign an IP Address for the DHCP Server that the rule used, this IP address is a A Must filled setting...
- Page 71 In-Vehicle Cellular Gateway There are Starting Address and Ending Address fields. If a client requests an IP address from this DHCP Server, it will assign an IP address in the range of IP pool. Define a period of time for an IP Address that the DHCP Server leases to a new Lease Time A Must filled setting device.
- Page 72 In-Vehicle Cellular Gateway Besides, you can add some IP rules in the IP Fixed Mapping Rule List if DHCP Server for the VLAN groups is required. When Add button is applied, Mapping Rule Configuration screen will appear. Mapping Rule Configuration Item Value setting Description...
- Page 73 In-Vehicle Cellular Gateway Port-based VLAN – Inter VLAN Group Routing Click VLAN Group Routing button, the VLAN Group Internet Access Definition and Inter VLAN Group Routing screen will appear. When Edit button is applied, a screen similar to this will appear. Inter VLAN Group Routing Item Value setting...
- Page 74 In-Vehicle Cellular Gateway Tag-based VLAN – Create/Edit VLAN Rules The Tag-based VLAN allows you to customize each LAN port according to VLAN ID. There is a default rule shows the configuration of all LAN ports and all VAPs. Also, if your device has a DMZ port, you will see DMZ configuration, too.
- Page 75 In-Vehicle Cellular Gateway Tag-based VLAN Configuration (part-II) Item Value setting Description Assign an IP Address for the DHCP Server that the rule used, this IP address is a IP Address A Must filled setting gateway IP. 255.255.255.0(/24) is Select a Subnet Mask for the DHCP Server. Subnet Mask selected by default.
-
Page 76: Dhcp Server
In-Vehicle Cellular Gateway 2.2.3 DHCP Server DHCP Server The gateway supports up to 4 DHCP servers to fulfill the DHCP requests from different VLAN groups (please refer to VLAN section for getting more usage details). And there is one default setting for whose LAN IP Address is the same one of gateway LAN interface, with its default Subnet Mask setting as “255.255.255.0”, and its default IP Pool ranges is from “.100”... - Page 77 In-Vehicle Cellular Gateway Fixed Mapping User can assign fixed IP address to map the specific client MAC address by select them then copy, when targets were already existed in the DHCP Client List, or to add some other Mapping Rules by manually in advance, once the target's MAC address was not ready to connect.
- Page 78 In-Vehicle Cellular Gateway DHCP Server Setting Go to Basic Network > LAN & VLAN > DHCP Server Tab. The DHCP Server setting allows user to create and customize DHCP Server policies to assign IP Addresses to the devices on the local area network (LAN) Create / Edit DHCP Server Policy The gateway allows you to custom your DHCP Server Policy.
- Page 79 In-Vehicle Cellular Gateway DHCP Server Configuration Item Value setting Description 1. String format can be any DHCP Server text Enter a DHCP Server name. Enter a name that is easy for you to understand. Name 2. A Must filled setting LAN IP 1.
- Page 80 In-Vehicle Cellular Gateway Mapping Rule Configuration Item Value setting Description 1. MAC Address string MAC Address format The MAC Address of this mapping rule. 2. A Must filled setting 1. IPv4 format. IP Address The IP Address of this mapping rule. 2.
- Page 81 In-Vehicle Cellular Gateway Option Meaning TFTP server name [RFC 2132] Default World Wide Web Server [RFC 2132] [RFC 3679] Create / Edit DHCP Server Options The gateway supports up to a maximum of 99 option settings. When Add/Edit button is applied, DHCP Server Option Configuration screen will appear. DHCP Server Option Configuration Item Value setting...
- Page 82 In-Vehicle Cellular Gateway Option 144 for url; Each different options has different value types. Single IP Address Single FQDN IP Addresses List, separated by “,” Dropdown list DHCP Single URL Type server option value’s type IP Addresses List, separated by “,” IP Addresses List, separated by “,”...
- Page 83 In-Vehicle Cellular Gateway DHCP Relay Configuration Item Value setting Description 1. String format can be any Enter a DHCP Relay name. Enter a name that is easy for you to understand. Agent Name text Value Range: 1~64 characters. 2. A Must filled setting. 1.
-
Page 84: Wifi
In-Vehicle Cellular Gateway 2.3 WiFi The gateway provides WiFi interface for mobile devices or BYOD devices to connect for Internet/Intranet accessing. WiFi function is usually modulized design in a gateway, and there can be single or dual modules within a gateway. The WiFi system in the gateway complies with IEEE 802.11ac/11n/11g/11b standard in 2.4GHz or 5GHz single band or 2.4G/5GHz concurrent dual bands of operation. -
Page 85: Wifi Configuration
In-Vehicle Cellular Gateway 2.3.1 WiFi Configuration Due to optional module(s) and frequency band, you need to setup module one by one. For each module, you need to specify the operation mode, and then setup the virtual APs for wireless access. In addition, if you configured the WiFi Uplink function in the Basic Network >... - Page 86 In-Vehicle Cellular Gateway AP Router Mode This mode allows you to get your wired and wireless devices connected to form the Intranet of the wireless gateway, and the Intranet will link to the Internet with NAT mechanism of the gateway. So, this gateway is working as a WiFi AP, but also a WiFi hotspot for Internet accessing service.
- Page 87 In-Vehicle Cellular Gateway WDS Hybrid Mode WDS hybrid mode includes both WDS and AP Router mode. WDS Hybrid mode can act as an access point for its WiFi Intranet and a WiFi bridge for its wired and WiFi Intranets at the same time. Users can thus use the features to build up a large wireless network in a large space like airports, hotels or campus.
- Page 88 In-Vehicle Cellular Gateway Wi-Fi Security - Authentication & Encryption Wi-Fi security provides complete authentication encryption mechanisms to enhance the data security while your data is transferred wirelessly over the air. The wireless gateway supports Shared, WPA-PSK / WPA2-PSK and WPA / WPA2 authentication. You can select one authentication scheme to validate the wireless clients while they are connecting to the AP.
- Page 89 In-Vehicle Cellular Gateway WiFi Configuration Setting The WiFi configuration allows user to configure 2.4GHz or 5GHz WiFi settings. Go to Basic Network > WiFi > WiFi Module One Tab. If the gateway is equipped with two WiFi modules, there will be another WiFi Module Two. You can do the similar configurations on both WiFi modules. Basic Configuration Basic Configuration Item...
- Page 90 In-Vehicle Cellular Gateway The channel will be selected according to AP numbers (The less, the better). By Less Interference The channel will be selected according to interference. (The lower, the better). Specify the preferred WiFi System. The dropdown list of WiFi system is based on IEEE 802.11 standard.
- Page 91 In-Vehicle Cellular Gateway VAPs cannot communicate with each other. Check the Enable box to enable the activate profile setting. The box is unchecked Profile by default. Note: This setting is only available in WiFi Uplink operation mode. Apply a specific Time Schedule to this rule; otherwise leave it as (0) Always. Object Time Schedule A Must filled setting...
- Page 92 In-Vehicle Cellular Gateway VAP Configuration Item Value setting Description Enter the SSID for the VAP, and decide whether to broadcast the SSID or not. 1. String format : Any SS ID The SSID is used for identifying from another AP, and client stations will associate text with AP according to SSID.
- Page 93 In-Vehicle Cellular Gateway 802.11i, but owns the better compatibility. WPA2 had fully implemented 802.11i standard, and owns the highest security. RADIUS Server The client stations will be authenticated by RADIUS server. RADIUS Server IP (The default IP is 0.0.0.0) RADIUS Server Port (The default value is 1812) RADIUS Shared Key When WPA / WPA2 is selected...
- Page 94 In-Vehicle Cellular Gateway Apply Click the Apply button to apply the saved configuration.
- Page 95 In-Vehicle Cellular Gateway WDS Only Mode For the WDS Only mode, the device only bridges the connected wired clients to another WDS-enabled WiFi device which the device associated with. That is, it also means the no wireless clients stat can connect to this device while WDS Only Mode is selected.
- Page 96 In-Vehicle Cellular Gateway Under WDS Only mode, only VAP1 is available for further specifying the required authentication and Encryption settings. Click Edit button in the VAP List screen and a VAP Configuration screen will appear for you to configure the required settings For the detail description about VAP configuration, please refer to the description stated in AP-Router section.
- Page 97 In-Vehicle Cellular Gateway WDS Hybrid Mode For the WDS Hybrid mode, the device bridges all the wired LAN and WLAN clients to another WDS or WDS hybrid enabled WiFi devices which the device associated with. WDS Hybrid Mode Item Value setting Description Check the Enable box to activate this function.
- Page 98 In-Vehicle Cellular Gateway security level and prevent unexpected access of un-authorized devices. The default wifi key is printed on both the device label and the Security Card. It is created randomly and differs from devices. So, you can connected to the VAP1 (SSID: Staff_2.4G) with the provided key. However, it is strongly recommanded that you have to change the security key to a easy-to-remember one by clicking the Edit button.
- Page 99 In-Vehicle Cellular Gateway For others: For the detail description about VAP configuration, please refer to the description stated in AP-Router section.
-
Page 100: Wireless Client List
In-Vehicle Cellular Gateway 2.3.2 Wireless Client List The Wireless Client List page shows the information of wireless clients which are associated with this device. Go to Basic Network > WiFi > Wireless Client List Tab. Select Target WiFi Target Configuration Item Value setting Description... - Page 101 In-Vehicle Cellular Gateway Mode It shows what kind of Wi-Fi system the client used to associate with this device. Rate It shows the data rate between client and this device. RSSI0, RSSI1 It shows the RX sensitivity (RSSI) value for each radio path. Signal The signal strength between client and this device.
-
Page 102: Advanced Configuration
In-Vehicle Cellular Gateway 2.3.3 Advanced Configuration This device provides advanced wireless configuration for professional user to optimize the wireless performance under the specific installation environment. Please note that if you are not familiar with the WiFi technology, just leave the advanced configuration with its default values, or the connectivity and performance may get worse with improper settings. - Page 103 In-Vehicle Cellular Gateway Advanced Configuration Item Value setting Description The default setting is It limits the available radio channel of this device. Regulatory Domain according to where The permissible channels depend on the Regulatory Domain. the product sale to It shows the time interval between each beacon packet broadcasted. Beacon Interval The beacon packet contains SSID, Channel ID and Security setting.
-
Page 104: Uplink Profile
In-Vehicle Cellular Gateway 2.3.4 Uplink Profile This device provides WiFi Uplink function for connecting to a wireless access point just like connected to a wired WAN or cellular WAN connection. It can operate as a NAT gateway and link the devices wirelessly to the uplink network or hosts. - Page 105 In-Vehicle Cellular Gateway Note: to apply the defined Uplink profile(s) for the gateway to find a best fit profile for connecting to a certain uplink network, user has to Enable the Profile auto-connect function (Refer to Basic Network > WiFi > (Module 1/ Module 2) WiFi Configuration tab.
- Page 106 In-Vehicle Cellular Gateway The channel will be selected according to AP numbers (The less, the better). By Less Interference The channel will be selected according to interference. (The lower, the better). Specify the authentication method for connecting with the uplink network. It can be Open, Shared, WPA-SPK, or WPA2-PSK.
- Page 107 In-Vehicle Cellular Gateway Once you selected an AP from the AP list, the channel, SSID, Authentication, Encryption, and MAC address will be automatically filled into the profile, you just have to enter a key for the uplink connection, if required.
-
Page 108: Ipv6
In-Vehicle Cellular Gateway 2.4 IPv6 The growth of the Internet has created a need for more addresses than are possible with IPv4. IPv6 (Internet Protocol version 6) is a version of the Internet Protocol (IP) intended to succeed IPv4, which is the protocol currently used to direct almost all Internet traffic. - Page 109 In-Vehicle Cellular Gateway IPv6 WAN Connection Type Static IPv6 Static IPv6 does the same function as static IPv4. The static IPv6 provides manual setting of IPv6 address, IPv6 default gateway address, and IPv6 DNS. Above diagram depicts the IPv6 IP addressing, type in the information provided by your ISP to setup the IPv6 network.
- Page 110 In-Vehicle Cellular Gateway PPPoEv6 PPPoEv6 in IPv6 does the same function as PPPoE in IPv4. The PPPoEv6 server provides configuration parameters based on PPPoEv6 client request. When PPPoEv6 server gets client request and successfully authenticates it, the server sends IP address, DNS server addresses and other required parameters to automatically configure the client.
- Page 111 In-Vehicle Cellular Gateway IPv6 Configuration Setting Go to Basic Network > IPv6 > Configuration Tab. The IPv6 Configuration setting allows user to set the IPv6 connection type to access the IPv6 network. IPv6 Configuration Item Value setting Description The box is unchecked IPv6 Check the Enable box to activate the IPv6 function.
- Page 112 In-Vehicle Cellular Gateway IPv6 Address A Must filled setting Enter the WAN IPv6 Address for the router. Subnet Prefix A Must filled setting Enter the WAN Subnet Prefix Length for the router. Length Default Gateway Enter the WAN Default Gateway IPv6 address. A Must filled setting Primary DNS An optional setting...
- Page 113 In-Vehicle Cellular Gateway DHCPv6 WAN Type Configuration DHCPv6 WAN Type Configuration Item Value setting Description The option [From Select the [Specific DNS] option to active Primary DNS and Secondary DNS. Then Server] is selected by fill the DNS information. default Can not modified by Primary DNS Enter the WAN primary DNS Server.
- Page 114 In-Vehicle Cellular Gateway PPPoEv6 WAN Type Configuration PPPoEv6 WAN Type Configuration Item Value setting Description Enter the Account for setting up PPPoEv6 connection. If you want more Account A Must filled setting information, please contact your ISP. Value Range: 0 ~ 45 characters. Enter the Password for setting up PPPoEv6 connection.
- Page 115 In-Vehicle Cellular Gateway the router. Then go to Address Auto-configuration (summary) for setting LAN environment. If above setting is configured, click the save button to save the configuration and click reboot button to reboot the router. Address Auto-configuration Address Auto-configuration Item Value setting Description...
- Page 116 In-Vehicle Cellular Gateway IPv6 Address Lifetime (A Must filled setting): Enter the DHCPv6 lifetime for your local computers. 36000 is set by default. Value Range: 0 ~ 65535.
-
Page 117: Port Forwarding
In-Vehicle Cellular Gateway 2.5 Port Forwarding Network address translation (NAT) is a methodology of remapping one IP address space into another by modifying network address information in Internet Protocol (IP) datagram packet headers while they are in transit across a traffic routing device. The technique was originally used for ease of rerouting traffic in IP networks without renumbering every host. -
Page 118: Configuration
In-Vehicle Cellular Gateway 2.5.1 Configuration NAT Loopback This feature allows you to access the WAN global IP address from your inside NAT local network. It is useful when you run a server inside your network. For example, if you set a mail server at LAN side, your local devices can access this mail server through gateway’s global IP address when enable NAT loopback feature. -
Page 119: Virtual Server & Virtual Computer
In-Vehicle Cellular Gateway 2.5.2 Virtual Server & Virtual Computer There are some important Pot Forwarding functions implemented within the gateway, including "Virtual Server", "NAT loopback" and "Virtual Computer". It is necessary for cooperate staffs who travel outside and want to access various servers behind office gateway. - Page 120 In-Vehicle Cellular Gateway Virtual Server & NAT Loopback "Virtual Server" allows you to access servers with the global IP address or FQDN of the gateway as if they are servers existed in the Internet. But in fact, these servers are located in the Intranet and are physically behind the gateway.
- Page 121 In-Vehicle Cellular Gateway Virtual Server & Virtual Computer Setting Go to Basic Network > Port Forwarding > Virtual Server & Virtual Computer tab. Enable Virtual Server and Virtual Computer Configuration Item Value setting Description The box is unchecked by Virtual Server Check the Enable box to activate this port forwarding function default The box is checked by...
- Page 122 In-Vehicle Cellular Gateway Virtual Server Rule Configuration Item Value setting Description Define the selected interface to be the packet-entering interface of the gateway. If the packets to be filtered are coming from WAN-x then select WAN-x for this 1. A Must filled setting field.
- Page 123 In-Vehicle Cellular Gateway Port is the same with Public Port number. Public Port is selected Single Port and specify a port number, and Private Port can be set a Single Port number. Public Port is selected Port Range and specify a port range, and Private Port can be selected Single Port or Port Range.
- Page 124 In-Vehicle Cellular Gateway Create / Edit Virtual Computer The gateway allows you to custom your Virtual Computer rules. It supports up to a maximum of 20 rule-based Virtual Computer sets. When Add button is applied, Virtual Computer Rule Configuration screen will appear. Virtual Computer Rule Configuration Item Value setting...
-
Page 125: Dmz & Pass Through
In-Vehicle Cellular Gateway 2.5.3 DMZ & Pass Through DMZ (De Militarized Zone) Host is a host that is exposed to the Internet cyberspace but still within the protection of firewall by gateway device. So, the function allows a computer to execute 2-way communication for Internet games, Video conferencing, Internet telephony and other special applications. - Page 126 In-Vehicle Cellular Gateway VPN Pass through Scenario Since VPN traffic is different from that of TCP or UDP connection, it will be blocked by NAT gateway. To support the pass through function for the VPN connections initiating from VPN clients behind NAT gateway, the gateway must implement some kind of VPN pass through function for such application.
- Page 127 In-Vehicle Cellular Gateway It can be selected WAN-x box when WAN-x enabled. Note: The available check boxes (WAN-1 ~ WAN-4) depend on the number of WAN interfaces for the product. Pass Through Enable The boxes are checked by Check the box to enable the pass through function for the IPSec, PPTP, and default L2TP.
-
Page 128: Special Ap & Alg
In-Vehicle Cellular Gateway 2.5.4 Special AP & ALG As a NAT gateway, it doesn't allow an active connection request from outside world. All this kind of requests will be ignored by the NAT gateway. But at the client hosts in the Intranet, users may use applications that need more service ports to be allowed for passing through the NAT gateway. - Page 129 In-Vehicle Cellular Gateway SIP ALG This gateway supports the SIP ALG feature to allow one SIP phone behind the NAT gateway can call another SIP phone in the Internet, even the gateway executes its NAT mechanism between the Intranet and the Internet.
- Page 130 In-Vehicle Cellular Gateway Special AP & ALG Setting Go to Basic Network > Port Forwarding > Special AP & ALG tab. The Special AP setting allows some applications require multiple connections. The ALG setting allows user to Support some SIP ALG, like STUN. Enable Special AP &...
- Page 131 In-Vehicle Cellular Gateway IP Translation Configuration Item Value setting Description WAN Interface 1. A Must filled setting Check the interface box(es) to apply the Special AP rule. 2.All is checked by default. By default, All is checked, and the Special AP rule will be applied to all WAN interfaces.
-
Page 132: Routing
In-Vehicle Cellular Gateway 2.6 Routing If you have more than one router and subnet, you will need to enable routing function to allow packets to find proper routing path and allow different subnets to communicate with each other. Routing is the process of selecting best paths in a network. -
Page 133: Static Routing
In-Vehicle Cellular Gateway 2.6.1 Static Routing "Static Routing" function lets you define the routing paths for some dedicated hosts/servers or subnets to store in the routing table of the gateway. The gateway routes incoming packets to different peer gateways based on the routing table. - Page 134 In-Vehicle Cellular Gateway Static Routing Setting Go to Basic Network > Routing > Static Routing Tab. There are three configuration windows for static routing feature, including "Configuration", "Static Routing Rule List" and "Static Routing Rule Configuration" windows. "Configuration" window lets you activate the global static routing feature.
- Page 135 In-Vehicle Cellular Gateway of each static routing rule can let you modify the rule. IPv4 Static Routing Item Value setting Description 1. IPv4 Format Destination IP Specify the Destination IP of this static routing rule. 2. A Must filled setting 255.255.255.0 (/24) is set by Subnet Mask Specify the Subnet Mask of this static routing rule.
-
Page 136: Dynamic Routing
In-Vehicle Cellular Gateway 2.6.2 Dynamic Routing Dynamic Routing, also called adaptive routing, describes the capability of a system, through which routes are characterized by their destination, to alter the path that the route takes through the system in response to a change in network conditions. - Page 137 In-Vehicle Cellular Gateway RIP Scenario The Routing Information Protocol (RIP) is one of the oldest distance-vector routing protocols, which employs the hop count as a routing metric. RIP prevents routing loops by implementing a limit on the number of hops allowed in a path from the source to a destination.
- Page 138 In-Vehicle Cellular Gateway BGP Scenario Border Gateway Protocol (BGP) is a standard exterior gateway protocol designed to exchange routing and reachability information between autonomous systems (AS) on the Internet. It usually makes routing decisions based on paths, network policies, or rule-sets. Most ISPs use BGP to establish routing between one another (especially for multi-homed).
- Page 139 In-Vehicle Cellular Gateway Dynamic Routing Setting Go to Basic Network > Routing > Dynamic Routing Tab. The dynamic routing setting allows user to customize RIP, OSPF, and BGP protocol through the router based on their office setting. In the "Dynamic Routing" page, there are several configuration windows for dynamic routing feature. They are the "RIP Configuration"...
- Page 140 In-Vehicle Cellular Gateway OSPF Configuration Item Value setting Description OSPF Disable is set by default Click Enable box to activate the OSPF protocol. 1. IPv4 Format Router ID The Router ID of this router on OSPF protocol 2. A Must filled setting The Authentication method of this router on OSPF protocol.
- Page 141 In-Vehicle Cellular Gateway OSPF Area Configuration Item Value setting Description 1. Classless Inter Domain Routing (CIDR) Subnet Area Subnet Mask Notation. (Ex: The Area Subnet of this router on OSPF Area List. 192.168.1.0/24) 2. A Must filled setting 1. IPv4 Format Area ID The Area ID of this router on OSPF Area List.
- Page 142 In-Vehicle Cellular Gateway BGP Configuration The BGP configuration setting allows user to customize BGP protocol through the router setting. BGP Network Configuration Item Value setting Description The box is unchecked by Check the Enable box to activate the BGP protocol. default 1.
- Page 143 In-Vehicle Cellular Gateway 2. A Must filled setting the IP address in this field and the selected subnet mask. The box is unchecked by Network Click Enable box to activate this rule. default. Save Click the Save button to save the configuration Create / Edit BGP Neighbor Rules The gateway allows you to custom your BGP Neighbor rules.
-
Page 144: Routing Information
In-Vehicle Cellular Gateway 2.6.3 Routing Information The routing information allows user to view the routing table and policy routing information. Policy Routing Information is only available when the Load Balance function is enabled and the Load Balance Strategy is By User Policy Go to Basic Network >... -
Page 145: Dns & Ddns
In-Vehicle Cellular Gateway 2.7 DNS & DDNS How does user access your server if your WAN IP address changes all the time? One way is to register a new domain name, and maintain your own DNS server. Another simpler way is to apply a domain name to a third- party DDNS service provider. - Page 146 In-Vehicle Cellular Gateway DNS & DDNS Setting Go to Basic Network > DNS & DDNS > Configuration Tab. The DNS & DDNS setting allows user to setup Dynamic DNS feature and DNS redirect rules. Setup Dynamic DNS The gateway allows you to custom your Dynamic DNS settings. DDNS (Dynamic DNS) Configuration Item Value setting...
- Page 147 In-Vehicle Cellular Gateway Setup DNS Redirect DNS redirect is a special function to redirect certain traffics to a specified host. Administator can manage the internet / intranet traffics that are going to access some restricted DNS and force those traffics to be redirected to a specified host.
- Page 148 In-Vehicle Cellular Gateway 2. A Must filled setting Value Range: at least 1 character is required; ‘*’ for any. 1. IPv4 format Enter an IP Address as the target for the DNS redirect. 2. A Must filled setting Specify when will the DNS redirect action can be applied. It can be Always, or WAN Block.
-
Page 149: Qos
It is indeed required that an access gateway satisfies the requirements of latency-critical applications, minimum access right guarantee, fair bandwidth usage for same subscribed condition and flexible bandwidth management. AMIT Security Gateway provides a Rule-based QoS to carry out the requirements. - Page 150 In-Vehicle Cellular Gateway In above diagram, a QoS rule is organized by the premise part and the conclusion part. In the premise part, you must specify the WAN interface, host group, service type in the packets, packet flow direction to be watched and the sharing method of group control or individual control.
- Page 151 In-Vehicle Cellular Gateway For bandwidth resource, control functions include guaranteeing bandwidth and limiting bandwidth. For priority queue resource, control function is setting priority. For DSCP resource, control function is DSCP marking. The last resource is Connection Sessions; the related control function is limiting connection sessions. Individual / Group Control One QoS rule can be applied to individual member or whole group in the target group.
- Page 152 In-Vehicle Cellular Gateway QoS Rule Example #2 – DifferServ Code Points When the administrator of the gateway wants to convert the code point value, "IP Precedence 4(CS4)", in the packets from some client hosts (IP 10.0.75.196~199) to the code value, "AF Class2(High Drop)", he can use the "Rule-based QoS"...
- Page 153 In-Vehicle Cellular Gateway QoS Configuration Setting Go to Basic Network > QoS > Configuration tab. In "QoS Configuration" page, there are some configuration windows for QoS function. They are the "Configuration" window, “System Resource Configuration” window, "QoS Rule List" window, and "QoS Rule Configuration"...
- Page 154 In-Vehicle Cellular Gateway Setup System Resource System Resource Configuration Item Value Setting Description Define the system queues that are available for the QoS settings. 1. A Must filled setting. Type of System The supported type of system queues are Bandwidth Queue and Priority 2.
- Page 155 In-Vehicle Cellular Gateway Create / Edit QoS Rules After enabled the QoS function and configured the system resources, you have to further specify some QoS rules for provide better service on the interested traffics. The gateway supports up to a maximum of 128 rule- based QoS rule sets.
- Page 156 In-Vehicle Cellular Gateway Group option become available. Refer to Object Definition > Grouping > Host Grouping. Service 1. A Must filled Specify the service type of traffics that have to be applied with the QoS rule. It setting. can be All, DSCP, TOS, User-defined Service, or Well-known Service. 2.
- Page 157 In-Vehicle Cellular Gateway setting. selected group. It can be Individual Control or Group Control. 2. Group Control is selected by default. Individual Control: If Individual Control is selected, each host in the group will have his own QoS service resource as specified in the rule. Group Control: If Group Control is selected, all the group hosts share the same QoS service resource.
-
Page 158: Chapter 3 Object Definition
In-Vehicle Cellular Gateway Chapter 3 Object Definition 3.1 Scheduling Scheduling provides ability of adding/deleting time schedule rules, which can be applied to other functionality. 3.1.1 Scheduling Configuration Go to Object Definition > Scheduling > Configuration tab. Button description Item Value setting Description Click the Add button to configure time schedule rule Delete... - Page 159 In-Vehicle Cellular Gateway Time Period Definition Item Value Setting Description Week Day Select from menu Select everyday or one of weekday Start Time Time format (hh :mm) Start time in selected weekday End Time Time format (hh :mm) End time in selected weekday Save Click Save to save the settings Undo...
-
Page 160: User
In-Vehicle Cellular Gateway 3.2 User You can manage user account in this section, including user list, user profile and user group. User List shows out all user accounts, and User Profile can let you add one new account or edit it. User Group offers you to collect several user accounts to one group to own same properties and bound services. - Page 161 In-Vehicle Cellular Gateway Edit: Click on the button to edit the user profile. Disable: Click the button to disable the user account. Logout: Click the button to logout the user account. Detail: Click the button to show additional detail information except the ones in User List about the user account, including Last Login Time, Lease Time, Expired Time, Idle Timeout and current Idle Time.
-
Page 162: User Profile
In-Vehicle Cellular Gateway 3.2.2 User Profile User Profile supports the adding of one new user account or the editing of existed user profiles. There are some parameters need to be specified in one user profile. They are User Name, Password, User Level, Lease Time, Idle Timeout, Group to, and the user profile enable. - Page 163 In-Vehicle Cellular Gateway be any integer The device will logout the user account if he is idle for the time longer than the number. Idle Timeout. 2. An Optional setting 1. String format can Group to be any text Enter a group name if you would like to collect the user in a certain user group. 2.
-
Page 164: User Group
In-Vehicle Cellular Gateway 3.2.3 User Group User Group supports the grouping of several user accounts to be one user group with common properties. There are some parameters need to be specified in one user group. They are Group Name, Group Members, Bound Services, QoS&BWM Property, Policy Routing Property and finally, the user group enable. - Page 165 In-Vehicle Cellular Gateway same QoS service resource. 1. A Must filled setting. Policy Routing Specify the routing interface. All packets from the group members will be routed Property 2. WAN-1 is selected via the specified interface. by default. 1. The box is checked Group Check the Enable box to activate the user group.
-
Page 166: Grouping
In-Vehicle Cellular Gateway 3.3 Grouping The Grouping function allows user to make group for some services. 3.3.1 Host Grouping Go to Object Definition > Grouping > Host Grouping tab. The Host Grouping function allows user to make host group for some services, such as QoS, Firewall, and Communication Bus. - Page 167 In-Vehicle Cellular Gateway When MAC Address-based is selected, only MAC address can be added in Member to Join. When Host Name-based is selected, only host name can be added in Member to Join. Note: The available Group Type can be different for the purchased model. Add the members to the group in this field.
-
Page 168: External Server
In-Vehicle Cellular Gateway 3.4 External Server Go to Object Definition > External Server > External Server tab. The External Server setting allows user to add external server. Create External Server When Add button is applied, External Server Configuration screen will appear. - Page 169 In-Vehicle Cellular Gateway External Server Configuration Item Value setting Description 1. String format can be Sever Name any text Enter a server name. Enter a name that is easy for you to understand. 2. A Must filled setting Specify the Server Type of the external server, and enter the required settings for the accessing the server.
- Page 170 In-Vehicle Cellular Gateway TACACS+ Server (A Must filled setting) : When TACACS+ Server is selected, the following settings are also required. Shared Key (String format: any text) Session Timeout (String format: any number) The values must be between 1 and 60. SCEP Server (A Must filled setting) : When SCEP Server is selected, the following settings are also required.
-
Page 171: Certificate
In-Vehicle Cellular Gateway 3.5 Certificate In cryptography, a public key certificate (also known as a digital certificate or identity certificate) is an electronic document used to prove ownership of a public key. The certificate includes information about the key, information about its owner's identity, and the digital signature of an entity that has verified the certificate's contents are genuine. - Page 172 In-Vehicle Cellular Gateway Root CA Certificate Configuration Item Value setting Description 1. String format can be any Name text Enter a Root CA Certificate name. It will be a certificate file name 2. A Must filled setting This field is to specify the key attribute of certificate. Key Type to set public-key cryptosystems.
- Page 173 In-Vehicle Cellular Gateway Setup SCEP SCEP Configuration Item Value setting Description The box is unchecked by SCEP Check the Enable box to activate SCEP function. default When SCEP is activated, check the Enable box to activate this function. Automatically The box is unchecked by re-enroll aging It will be automatically check which certificate is aging.
-
Page 174: My Certificate
In-Vehicle Cellular Gateway 3.5.2 My Certificate My Certificate includes a Local Certificate List. Local Certificate List shows all generated certificates by the root CA for the gateway. And it also stores the generated Certificate Signing Requests (CSR) which will be signed by other external CAs. - Page 175 HQRootCA Key Type: RSA Key Length: 1024-bits Subject Name Country(C): TW State(ST): Taiwan Location(L): Tainan Organization(O): AMITHQ Organization Unit(OU): HQRD Common Name(CN): HQRootCA E-mail: hqrootca@amit.com.tw Configuration Path [My Certificate]-[Local Certificate Configuration] Name HQCRT Self-signed: ■ Key Type: RSA Key Length: 1024-bits...
- Page 176 [My Certificate]-[Local Certificate Configuration] BranchCRT Self-signed: □ Name Key Type: RSA Key Length: 1024-bits Subject Name Country(C): TW State(ST): Taiwan Location(L): Tainan Organization(O): AMITBranch Organization Unit(OU): BranchRD Common Name(CN): BranchCRT E-mail: branchcrt@amit.com.tw Configuration Path [IPSec]-[Configuration] ■ Enable IPSec Configuration Path [IPSec]-[Tunnel Configuration] Tunnel ■...
- Page 177 In-Vehicle Cellular Gateway Remote Netmask 255.255.255.0 Remote Gateway 203.95.80.22 Configuration Path [IPSec]-[Authentication] Key Management IKE+X.509 Local Certificate: BranchCRT Remote Certificate: HQCRT Local ID User Name Network-B Remote ID User Name Network-A Configuration Path [IPSec]-[IKE Phase] Negotiation Mode Main Mode X-Auth None Scenario Operation Procedure In above diagram, "Gateway 1"...
- Page 178 In-Vehicle Cellular Gateway My Certificate Setting Go to Object Definition > Certificate > My Certificate tab. The My Certificate setting allows user to create local certificates. In "My Certificate" page, there are two configuration windows for the "My Certificate" function. The "Local Certificate List" window shows the stored certificates or CSRs for representing the gateway.
- Page 179 In-Vehicle Cellular Gateway Local Certificate Configuration Item Value setting Description Name 1. String format can be any Enter a certificate name. It will be a certificate file name text If Self-signed is checked, it will be signed by root CA. If Self-signed is not 2.
- Page 180 In-Vehicle Cellular Gateway When Import button is applied, an Import screen will appear. You can import a certificate from an existed certificate file, or directly paste a PEM encoded string as the certificate. Import Item Value setting Description Import A Must filled setting Select a certificate file from user’s computer, and click the Apply button to import the specified certificate file to the gateway.
-
Page 181: Trusted Certificate
In-Vehicle Cellular Gateway 3.5.3 Trusted Certificate Trusted Certificate includes Trusted CA Certificate List, Trusted Client Certificate List, and Trusted Client Key List. The Trusted CA Certificate List places the certificates of external trusted CAs. The Trusted Client Certificate List places the others' certificates what you trust. And the Trusted Client Key List places the others’ keys what you trusted. - Page 182 In-Vehicle Cellular Gateway For Network-A at HQ Following tables list the parameter configuration as an example for the "Trusted Certificate" function used in the user authentication of IPSec VPN tunnel establishing, as shown in above diagram. The configuration example must be combined with the ones in "My Certificate" and "Issue Certificate"...
- Page 183 In-Vehicle Cellular Gateway Import the obtained BranchCRT certificate (the derived BranchCSR certificate after Gateway 1’s root CA signature) into the "Trusted Client Certificate List" of the Gateway 1 and the "Local Certificate List" of the Gateway 2. For more details, refer to the Network-B operation procedure in "My Certificate"...
- Page 184 In-Vehicle Cellular Gateway Trusted Certificate Setting Go to Object Definition > Certificate > Trusted Certificate tab. The Trusted Certificate setting allows user to import trusted certificates and keys. Import Trusted CA Certificate When Import button is applied, a Trusted CA import screen will appear. You can import a Trusted CA certificate from an existed certificate file, or directly paste a PEM encoded string as the certificate.
- Page 185 In-Vehicle Cellular Gateway Get CA Configuration Item Value setting Description SCEP Server Select a SCEP Server to identify the SCEP server for use. The server detailed A Must filled setting information could be specified in External Servers. Refer to Object Definition > External Server >...
- Page 186 In-Vehicle Cellular Gateway Item Value setting Description Import from a A Must filled setting Select a certificate file from user’s computer, and click the Apply button to import the specified certificate file to the gateway. File Import from a 1. String format can be any This is an alternative approach to import a certificate.
-
Page 187: Issue Certificate
In-Vehicle Cellular Gateway 3.5.4 Issue Certificate When you have a Certificate Signing Request (CSR) that needs to be certificated by the root CA of the device, you can issue the request here and let Root CA sign it. There are two approaches to issue a certificate. One is from a CSR file importing from the managing PC and another is copy-paste the CSR codes in gateway’s web- based utility, and then click on the "Sign"... - Page 188 In-Vehicle Cellular Gateway also imports the certificates of the root CA of the Gateway 1 into the Gateway 2 as the trusted ones. (Please also refer to "My Certificate" and "Trusted Certificate" sections). Establish an IPSec VPN tunnel with IKE and X.509 protocols by starting from either peer, so that all client hosts in these both subnets can communicate with each other.
- Page 189 In-Vehicle Cellular Gateway Issue Certificate Setting Go to Object Definition > Certificate > Issue Certificate tab. The Issue Certificate setting allows user to import Certificate Signing Request (CSR) to be signed by root CA. Import and Issue Certificate Certificate Signing Request (CSR) Import from a File Item Value setting Description...
-
Page 190: Chapter 4 Field Communication
In-Vehicle Cellular Gateway Chapter 4 Field Communication 4.1 Bus & Protocol The gateway may equip a serial port for various serial communication use through connecting the RS-232 or RS-485 serial device to an IP-based Ethernet LAN. These communication protocols make user access serial devices anywhere over a local LAN or the Internet easily. - Page 191 In-Vehicle Cellular Gateway It can be Disable or Virtual COM. Interface RS-232 is set by default Select the physical interface type for connecting to the access device(s) with the same interface specification. Depending on the purchase model, the supported interface type could be RS- 232 or RS-485.
-
Page 192: Virtual Com
In-Vehicle Cellular Gateway 4.1.2 Virtual COM Create a virtual COM port on user’s PC/Host to provide access to serial device connected to the serial port on gateway. Therefore, users can access, control, and manage the connected serial device through Internet (fixed line, or cellular network) anywhere. - Page 193 In-Vehicle Cellular Gateway TCP Server Mode When the administrator expects the gateway to wait passively for the serial data requests from the Host Device (usually we use a computer to play as a Host), and the Host will establish a TCP connection to get data from the serial device, the operation mode for the "Virtual COM"...
- Page 194 In-Vehicle Cellular Gateway RFC-2217 Mode RFC-2217 defines general COM port control options based on telnet protocol. A host computer with RFC-2217 driver installed can monitor and manage the remote serial device attached to the gateway’s serial port, as though they were connected to the local serial port.
- Page 195 In-Vehicle Cellular Gateway Virtual COM Setting Virtual COM setting screen enables user to connect a Virtual COM port based device to the Internet. It allows user to access serial data remotely. There are Disable, TCP Client, TCP Server, UDP, and RFC2217 modes for remote accessing the connected serial device.
- Page 196 In-Vehicle Cellular Gateway...
- Page 197 In-Vehicle Cellular Gateway Specify Data Packing Parameters Data Packing Configuration Item Value setting Description Data Buffer 1.An optional filled setting Enter the data buffer length for the serieal port. Length 2.Default value is 0 Value Range: 0 ~ 1024. Delimiter Check the Enable box to activate the Delimiter character 1, and enter the Hex 1.An optional filled setting Character 1...
- Page 198 In-Vehicle Cellular Gateway Definition The box is unchecked by Check the Enable box to enable the TCP server configuration. Enable default Save Click the Save button to save the configuration Enable TCP Server Mode Configure the gateway as the TCP (Transmission Control Protocol) Server. The TCP Server waits for connections to be initiated by a remote TCP client device to receive serial data.
- Page 199 In-Vehicle Cellular Gateway Specify TCP Clients for TCP Server Access If you selected Specific IPs as the trust Type, the Trusted IP Definition window appears. The settings are valid for both TCP Server and RFC-2217 modes. Specify TCP Clients Window Item Value setting Description...
- Page 200 In-Vehicle Cellular Gateway Enable UDP Mode Window Item Value setting Description Operation Mode A Must filled setting Select UDP mode. Listen Port 4001 is set by default Indicate the listening port of UDP connection. Value Range: 1 ~ 65535 Enable The box is unchecked by Check the Enable box to activate the corresponding serial port in specified default.
- Page 201 In-Vehicle Cellular Gateway Enable RFC-2217 Mode RFC-2217 defines general COM port control options based on telnet protocol. With the RFC-2217 mode, remote host can monitor and manage remote serially attached devices, as though they were connected to the local serial port. When a virtual serial port on the local serial device is being created, it is required to specify the IP-address of the remote hosts to establish connection with.
- Page 202 In-Vehicle Cellular Gateway Specify Remote Host for Access If you selected Specific IPs as the trust Type, the Trusted IP Definition window appears. The settings are valid for both TCP Server and RFC-2217 modes. Specify RFC-2217 Clients for Access Window Item Value setting Description...
-
Page 203: Chapter 5 Security
In-Vehicle Cellular Gateway Chapter 5 Security 5.1 VPN A virtual private network (VPN) extends a private network across a public network, such as the Internet. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefitting from the functionality, security and management policies of the private network. -
Page 204: Ipsec
In-Vehicle Cellular Gateway 5.1.1 IPSec Internet Protocol Security (IPSec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPSec includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session. - Page 205 In-Vehicle Cellular Gateway As in the diagram, the clients behind the M2M gateway can access to the host "Host-DC" located in the control center through Site to Host VPN tunnel. Host to Site: On the contrast, for a single host (or mobile user to) to access the resources located in an intranet, the Host to Site scenario can be applied.
- Page 206 In-Vehicle Cellular Gateway Dynamic VPN Server Scenario Dynamic VPN Server Scenario is an efficient way to build multiple tunnels with remote sites, especially for mobile clients with dynamic IP. In this scenario, gateway can only be role of server (responder), and it must have a “Static IP”...
- Page 207 In-Vehicle Cellular Gateway IPSec Setting Go to Security > VPN > IPSec tab. The IPSec Setting allows user to create and configure IPSec tunnels. Enable IPSec Configuration Window Item Value setting Description IPsec Unchecked by default Click the Enable box to enable IPSec function. NetBIOS over IPSec Unchecked by default Click the Enable box to enable NetBIOS over IPSec function.
- Page 208 In-Vehicle Cellular Gateway Tunnel Configuration Window Item Value setting Description Tunnel Unchecked by default Check the Enable box to activate the IPSec tunnel 1. A Must fill setting Enter a tunnel name. Enter a name that is easy for you to identify. Tunnel Name 2.
- Page 209 In-Vehicle Cellular Gateway by default tunnel from which to failover to. Note: Failover mode is not available for the gateway with single WAN. 1. A Must fill setting Encapsulation Select the Encapsulation Protocol from the dropdown box for this IPSec tunnel. 2.
- Page 210 In-Vehicle Cellular Gateway Specify the Remote Subnet IP address and Subnet Mask. Remote Subnet List A Must fill setting Click the Add or Delete button to add or delete Remote Subnet setting. 1. A Must fill setting. Remote Gateway 2. Format can be a Specify the Remote Gateway.
- Page 211 In-Vehicle Cellular Gateway IKE Phase Window Item Value setting Description 1. A must fill setting Specify the IKE version for this IPSec tunnel. Select v1 or v2 IKE Version 2. v1 is selected by Note: IKE versions will not be available when Dynamic VPN option in Tunnel default Scenario is selected, or AH option in Encapsulation Protocol is selected.
- Page 212 In-Vehicle Cellular Gateway IKE Proposal Definition Window Item Value setting Description Specify the Phase 1 Encryption method. It can be DES / 3DES / AES-auto / AES- 128 / AES-192 / AES-256. Specify the Authentication method. It can be None / MD5 / SHA1 / SHA2-256. IKE Proposal A Must fill setting Definition...
- Page 213 In-Vehicle Cellular Gateway IPSec Proposal Definition Window Item Value setting Description Specify the Encryption method. It can be None / DES / 3DES / AES-auto / AES- 128 / AES-192 / AES-256. Note: None is available only when Encapsulation Protocol is set as AH; it is not available for ESP Encapsulation.
- Page 214 In-Vehicle Cellular Gateway Select Key Management from the dropdown box for this IPSec tunnel. Key Management A Must fill setting In this section Manually is the option selected. Specify the Local ID for this IPSec tunnel to authenticate. Local ID An optional setting Select the Key ID for Local ID and enter the Key ID (English alphabet or number).
- Page 215 In-Vehicle Cellular Gateway Value Range: 0 ~ FFFF. Specify the Inbound SPI for this IPSec tunnel. Inbound SPI Hexadecimal format Value Range: 0 ~ FFFF. Specify the Encryption Method and Encryption key. Available encryption methods are DES/3DES/AES-128/AES-192/AES-256. 1. A Must fill setting The key length for DES is 16, 3DES is 48, AES-128 is 32, AES-192 is 48, and AES- Encryption 2.
- Page 216 In-Vehicle Cellular Gateway Tunnel Configuration Window Item Value setting Description Tunnel Unchecked by default Check the Enable box to activate the Dynamic IPSec VPN tunnel. 1. A Must fill setting Enter a tunnel name. Enter a name that is easy for you to identify. Tunnel Name 2.
- Page 217 In-Vehicle Cellular Gateway 2. Pre-shared Key 8 to IKE+Pre-shared Key: user needs to set a key (8 ~ 32 characters). 32 characters. Specify the Local ID for this IPSec tunnel to authenticate. Select User Name for Local ID and enter the username. The username may include but can’t be all numbers.
-
Page 218: Openvpn
In-Vehicle Cellular Gateway 5.1.2 OpenVPN OpenVPN is an application that implements virtual private network (VPN) techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses a custom security protocol that utilizes SSL/TLS for key exchange. It is capable of traversing network address translators (NATs) and firewalls. - Page 219 In-Vehicle Cellular Gateway assigned a virtual IP (10.8.0.2) which is belong to a virtual subnet that is different to the local subnet in Control Center. With such connection, the local networked devices will get a virtual IP 10.8.0.x if its traffic goes through the OpenVPN TUN connection when Redirect Internet Traffic settings is enabled;...
- Page 220 In-Vehicle Cellular Gateway Open VPN Setting Go to Security > VPN > OpenVPN tab. The OpenVPN setting allows user to create and configure OpenVPN tunnels. Enable OpenVPN Enable OpenVPN and select an expected configuration, either server or client, for the gateway to operate. Configuration Item Value setting...
- Page 221 In-Vehicle Cellular Gateway As an OpenVPN Server If Server is selected, an OpenVPN Server Configuration screen will appear. OpenVPN Server Configuration window can let you enable the OpenVPN server function, specify the virtual IP address of OpenVPN server, when remote OpenVPN clients dial in, and the authentication protocol. The OpenVPN Server supports up to 4 TUN / TAP tunnels at the same time.
- Page 222 In-Vehicle Cellular Gateway Item Value setting Description OpenVPN Server The box is unchecked by Click the Enable to activate OpenVPN Server functions. default. Protocol 1. A Must filled setting Define the selected Protocol for connecting to the OpenVPN Server. 2. By default TCP is •...
- Page 223 In-Vehicle Cellular Gateway Gateway A Must filled setting Specify the Gateway setting for the OpenVPN server. It will be assigned to the connected OpenVPN clients. Note: Gateway will be available only when TAP is chosen in Tunnel Device, and DHCP-Proxy Mode is unchecked (disabled). Netmask By default - select one - is Specify the Netmask setting for the OpenVPN server.
- Page 224 In-Vehicle Cellular Gateway When Advanced Configuration is selected, an OpenVPN Server Advanced Configuration screen will appear. OpenVPN Server Advanced Configuration Item Value setting Description TLS Cipher 1. A Must filled setting. Specify the TLS Cipher from the dropdown list. 2. TLS-RSA-WITH-AES128- It can be None / TLS-RSA-WITH-RC4-MD5 / TLS-RSA-WITH-AES128-SHA / TLS- SHA is selected by default RSA-WITH-AES256-SHA / TLS-DHE-DSS-AES128-SHA / TLS-DHE-DSS-AES256-...
- Page 225 In-Vehicle Cellular Gateway Protocol. Tunnel UDP 1. An Optional setting. Check the Enable box to activate the Tunnel UDP MSS-Fix Function. MSS-Fix 2. The box is unchecked by Note: Tunnel UDP MSS-Fix will be available only when UDP is chosen in default.
- Page 226 In-Vehicle Cellular Gateway As an OpenVPN Client If Client is selected, an OpenVPN Client List screen will appear. When Add button is applied, OpenVPN Client Configuration screen will appear. OpenVPN Client Configuration window let you specify the required parameters for an OpenVPN VPN client, such as "OpenVPN Client Name", "Interface", "Protocol", "Tunnel Scenario", "Remote IP/FQDN", "Remote Subnet", "Authorization Mode", "Encryption Cipher", "Hash Algorithm"...
- Page 227 In-Vehicle Cellular Gateway OpenVPN Client Configuration Item Value setting Description OpenVPN Client The OpenVPN Client Name will be used to identify the client in the tunnel list. A Must filled setting Name Value Range: 1 ~ 32 characters. Interface 1. A Must filled setting Define the physical interface to be used for this OpenVPN Client tunnel.
- Page 228 In-Vehicle Cellular Gateway Remote Endpoint IP A Must filled setting Specify the virtual Remote Endpoint IP Address of the peer OpenVPN gateway. Address Value Range: The IP format is 10.8.0.x, the range of x is 1~254. Note: Remote Endpoint IP Address will be available only when Static Key is chosen in Authorization Mode.
- Page 229 In-Vehicle Cellular Gateway When Advanced Configuration is selected, an OpenVPN Client Advanced Configuration screen will appear. OpenVPN Advanced Client Configuration Item Value setting Description TLS Cipher 1. A Must filled setting. Specify the TLS Cipher from the dropdown list. 2. TLS-RSA-WITH- It can be None / TLS-RSA-WITH-RC4-MD5 / TLS-RSA-WITH-AES128-SHA / TLS- AES128-SHA is selected RSA-WITH-AES256-SHA / TLS-DHE-DSS-AES128-SHA / TLS-DHE-DSS-AES256-...
- Page 230 In-Vehicle Cellular Gateway User Name An Optional setting. Enter the User account for connecting to an OpenVPN server, if the server required it. Note: User Name will be available only when TLS is chosen in Authorization Mode. Password An Optional setting. Enter the Password for connecting to an OpenVPN server, if the server required it.
-
Page 231: L2Tp
In-Vehicle Cellular Gateway 5.1.3 L2TP Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support virtual private networks (VPNs) or as part of the delivery of services by ISPs. It does not provide any encryption or confidentiality by itself. Rather, it relies on an encryption protocol that it passes within the tunnel to provide privacy. - Page 232 In-Vehicle Cellular Gateway Besides, for the L2TP client peer, a Remote Subnet item is required. It is for the Intranet of L2TP server peer. So, at L2TP client peer, the packets whose destination is in the dedicated subnet will be transferred via the L2TP tunnel. Others will be transferred based on current routing policy of the gateway at L2TP client peer.
- Page 233 In-Vehicle Cellular Gateway L2TP Setting Go to Security > VPN > L2TP tab. The L2TP setting allows user to create and configure L2TP tunnels. Enable L2TP Enable L2TP Window Item Value setting Description L2TP Unchecked by default Click the Enable box to activate L2TP function. Specify the role of L2TP.
- Page 234 In-Vehicle Cellular Gateway L2TP Server Configuration Item Value setting Description The box is unchecked When click the Enable box L2TP Server by default It will active L2TP server When click the Enable box. The box is unchecked L2TP over IPSec It will enable L2TP over IPSec and need to fill in the Pre-shared Key (8~32 by default...
- Page 235 In-Vehicle Cellular Gateway User Account List Window Item Value setting Description This is the L2TP authentication user account entry. You can create and add accounts for remote clients to establish L2TP VPN connection to the gateway device. Click Add button to add user account. Enter User name and password. Then Max.of 10 user User Account List check the enable box to enable the user.
- Page 236 In-Vehicle Cellular Gateway Create/Edit L2TP Client When Add/Edit button is applied, a series of configuration screen will appear. You can add up to 8 L2TP Clients. L2TP Client Configuration Item Setting Value setting Description Enter a tunnel name. Enter a name that is easy for you to identify. Tunnel Name A Must filled setting Value Range: 1 ~ 32 characters.
- Page 237 In-Vehicle Cellular Gateway (WAN-1 is available only when WAN-1 interface is enabled) The same applies to other WAN interfaces (e.g. WAN-2). 1. A Must filled setting Define operation mode for the L2TP Tunnel. It can be Always On, or Failover. 2.
- Page 238 In-Vehicle Cellular Gateway Value Range: 1 ~ 99999 for Interval Time, 1~999 for Failure Time. Specify the Service Port for this L2TP tunnel to use. It can be Auto, (1701) for Cisco), or User-defined. Auto: The system determines the service port. Service Port 1701 (for Cisco): The system use port 1701 for connecting with CISCO L2TP A Must filled setting...
-
Page 239: Pptp
In-Vehicle Cellular Gateway 5.1.4 PPTP Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private networks. PPTP uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets. It is a client-server based technology. There are various levels of authentication and encryption for PPTP tunneling, usually natively as standard features of the Windows PPTP stack. - Page 240 In-Vehicle Cellular Gateway get “user name”, “password” and server’s global IP. In addition, it is required to identify the operation mode for each tunnel as main connection, failover for another tunnel, or load balance tunnel to increase overall bandwidth. It needs to decide “Default Gateway” or “Remote Subnet” for packet flow. Moreover, you can also define what kind of traffics will pass through the PPTP tunnel in the “Default Gateway / Remote Subnet”...
- Page 241 In-Vehicle Cellular Gateway PPTP Setting Go to Security > VPN > PPTP tab. The PPTP setting allows user to create and configure PPTP tunnels. Enable PPTP Enable PPTP Window Item Value setting Description PPTP Unchecked by default Click the Enable box to activate PPTP function. Specify the role of PPTP.
- Page 242 In-Vehicle Cellular Gateway PPTP Server Configuration Window Item Value setting Description PPTP Server Unchecked by default Check the Enable box to enable PPTP server role of the gateway. 1. A Must fill setting Specify the PPTP server Virtual IP address. The virtual IP address will serve as Server Virtual IP 2.
- Page 243 In-Vehicle Cellular Gateway User Account List Window Item Value setting Description This is the PPTP authentication user account entry. You can create and add accounts for remote clients to establish PPTP VPN connection to the gateway device. Click Add button to add user account. Enter User name and password. Then Max.of 10 user User Account List check the enable box to enable the user.
- Page 244 In-Vehicle Cellular Gateway PPTP Client Configuration Window Item Value setting Description A Must fill setting Enter a tunnel name. Enter a name that is easy for you to identify. Tunnel Name Value Range: 1 ~ 32 characters. 1. A Must fill setting Define the selected interface to be the used for this PPTP tunnel Interface 2.
- Page 245 In-Vehicle Cellular Gateway VPN tunnel. Others will be transferred based on current routing policy of the security gateway at PPTP client peer. If you entered 0.0.0.0/0 in the Remote Subnet field, it will be treated as a default gateway setting for the PPTP client peer, all packets, including the Internet accessing of PPTP Client peer, will go through the established PPTP VPN tunnel.
-
Page 246: Gre
In-Vehicle Cellular Gateway 5.1.5 GRE Generic Routing Encapsulation (GRE) is a tunneling protocol developed by Cisco Systems that encapsulates a wide variety of network layer protocols inside virtual point-to-point links over an Internet Protocol internetwork. Deploy a M2M gateway for remote site and establish a virtual private network with control center by using GRE tunneling. - Page 247 In-Vehicle Cellular Gateway If the GRE server supports DMVPN Hub function, like Cisco router as the VPN concentrator, the GRE client can active the DMVPN spoke function here since it is implemented by GRE over IPSec tunneling. GRE Setting Go to Security > VPN > GRE tab. The GRE setting allows user to create and configure GRE tunnels.
- Page 248 In-Vehicle Cellular Gateway GRE Rule Configuration Window Item Value setting Description Enter a tunnel name. Enter a name that is easy for you to identify. Tunnel Name A Must fill setting Value Range: 1 ~ 9 characters. 1. A Must fill setting Select the interface on which GRE tunnel is to be established.
- Page 249 In-Vehicle Cellular Gateway connection performance. Value Range: 0 ~ 1500. Enter the Key for the GRE connection. An Optional setting Value Range: 0 ~ 9999999999. 1. A Must fill setting Specify TTL hop-count value for this GRE tunnel. Value Range: 1 ~ 255. 2.
-
Page 250: Eogre
In-Vehicle Cellular Gateway 5.1.6 EoGRE The Generic Routing Encapsulation (GRE) is a tunneling protocol developed by Cisco Systems that encapsulates a wide variety of network layer protocols inside virtual point-to-point links over an Internet Protocol internetwork. Ethernet over GRE (EoGRE) is a tunnel protocol that enables tunneling of layer 2 packets encapsulated in a GRE header over IP core networks. - Page 251 In-Vehicle Cellular Gateway specification. tunnel connections. The default value can be different for the purchased model. Save Click Save button to save the settings Undo Click Undo button to cancel the settings Create/Edit EoGRE tunnel When Add/Edit button is applied, EoGRE Rule Configuration screens will appear. EoGRE Rule Configuration Window Item Value setting...
- Page 252 In-Vehicle Cellular Gateway Interface 2. None is selected by can be None, or all available Port –based VLAN IDs. For creating the Port-based default VLAN ID, refer to Basic Network > LAN & VLAN > VLAN. If VLAN type is tag-based VLAN, it will be grayed out. You can also aggregate tag-based VLAN group to an EoGRE tunnel with specifying additional TAG ID listing below.
- Page 253 In-Vehicle Cellular Gateway Save Click Save button to save the settings. Undo Click Undo button to cancel the settings. Back Click Back button to return to the previous page.
-
Page 254: Firewall
In-Vehicle Cellular Gateway 5.2 Firewall The firewall functions include Packet Filter, URL Blocking, Content Filter, MAC Control, Application Filter, IPS and some firewall options. The supported function can be different for the purchased gateway. 5.2.1 Packet Filter... - Page 255 In-Vehicle Cellular Gateway "Packet Filter" function can let you define some filtering rules for incoming and outgoing packets. So the gateway can control what packets are allowed or blocked to pass through it. A packet filter rule should indicate from and to which interface the packet enters and leaves the gateway, the source and destination IP addresses, and destination service port type and port number.
- Page 256 In-Vehicle Cellular Gateway default When Deny those match the following rules is selected, as the name suggest, Deny those match the Black List / packets specified in the rules will be blocked –black listed. In contrast, with following rules is set by White List Allow those match the following rules, you can specifically white list the default...
- Page 257 In-Vehicle Cellular Gateway any text Value Range: 1 ~ 30 characters. 2. A Must filled setting Define the selected interface to be the packet-entering interface of the router. If the packets to be filtered are coming from LAN to WAN then select LAN for this field.
- Page 258 In-Vehicle Cellular Gateway Then for Destination Port, select a predefined port dropdown box when Well- known Service is selected, otherwise select User-defined Service and specify a port range. Value Range: 1 ~ 65535 for Source Port, Destination Port. For Protocol, select ICMPv4 to filter ICMPv4 packets For Protocol, select TCP to filter TCP packets Then for Source Port, select a predefined port dropdown box when Well-known Service is selected, otherwise select User-defined Service and specify a port...
-
Page 259: Url Blocking
In-Vehicle Cellular Gateway 5.2.2 URL Blocking "URL Blocking" function can let you define blocking or allowing rules for incoming and outgoing Web request packets. With defined rules, gateway can control the Web requests containing the complete URL, partial domain name, or pre-defined keywords. For example, one can filter out or allow only the Web requests based on domain input suffixes like .com or .org or keywords like “bct”... - Page 260 In-Vehicle Cellular Gateway URL Blocking Setting Go to Security > Firewall > URL Blocking Tab. In "URL Blocking" page, there are three configuration windows. They are the "Configuration" window, "URL Blocking Rule List" window, and "URL Blocking Rule Configuration" window. The "Configuration"...
- Page 261 In-Vehicle Cellular Gateway When Add button is applied, the URL Blocking Rule Configuration screen will appear. URL Blocking Rules Configuration Item Value setting Description 1. String format can be any Specify an URL Blocking rule name. Enter a name that is easy for you to Rule Name text understand.
- Page 262 In-Vehicle Cellular Gateway delimiter “;”. This field is to specify the Destination Port number. Destination 1. A Must filled setting • Select Any to filter packets going to any Port. Port 2. Any is set by default • Select Specific Service Port to filter packets going to a specific Port entered in this field. •...
-
Page 263: Mac Control
In-Vehicle Cellular Gateway 5.2.3 MAC Control "MAC Control" function allows you to assign the accessibility to the gateway for different users based on device’s MAC address. When the administrator wants to reject the traffics from some client hosts with specific MAC addresses, he can use the "MAC Control"... - Page 264 In-Vehicle Cellular Gateway MAC Control Setting Go to Security > Firewall > MAC Control Tab. The MAC control setting allows user to create and customize MAC address policies to allow or reject packets with specific source MAC address. Enable MAC Control Configuration Window Item Value setting...
- Page 265 In-Vehicle Cellular Gateway Create/Edit MAC Control Rules The gateway supports up to a maximum of 20 filter rule sets. Ensure that the MAC Control is enabled before we can create control rules. When Add button is applied, Filter Rule Configuration screen will appear. MAC Control Rule Configuration Item Value setting...
-
Page 266: Content Filter
In-Vehicle Cellular Gateway 5.2.4 Content Filter "Content Filter" function can block HTML requests with some specific extension file names, like ".exe", ".bat" (applications), "mpeg” (video), and so on. It also blocks HTML requests with some script types, like Java Applet, Java Scripts, cookies and Active X. - Page 267 In-Vehicle Cellular Gateway Content Filter Setting Go to Security > Firewall > Content Filter Tab There are three configuration windows for the filtering function. They are the "Configuration" window, "Content Filter List" window, and "Content Filter Configuration" window. The "Configuration" window can let you activate the web content filtering function. Besides, some popular script types, like Java Applet, Java Scripts, cookies and Active X are in the window and you can check their boxes to enable the gateway to filter out the web requests with corresponding patterns.
- Page 268 In-Vehicle Cellular Gateway When Add button is applied, Content Filter Configuration screen will appear. Content Filter Configuration Item Value setting Description 1. String format can be any Enter a content filter rule name that is easy for you to understand. Rule Name text.
- Page 269 In-Vehicle Cellular Gateway Note: Group must be pre-defined before this selection become available. Refer to Object Definition > Grouping > Host Grouping Tab. You may also access to create a group by the Add Rule shortcut button. Setting done through the Add Rule button will also appear in the Host grouping setting screen.
-
Page 270: Application Filter
In-Vehicle Cellular Gateway 5.2.5 Application Filter Application Filter function can categorize Internet Protocol packets based on their application layer data and allow or deny their passing of gateway. It supports the application filters for various Internet chat software, P2P download, Proxy, and A/V streaming. You can select the applications to be blocked after the function is enabled, and may also specify schedule rule to apply. - Page 271 In-Vehicle Cellular Gateway Application The box is unchecked by Check the Enable box to activate this application filter function. Filter default. The box is unchecked by Log Alert Check the Enable box to activate Event Log. default. Create/Edit Application Filter Rules The gateway supports up to a maximum of 20 filter rule sets.
- Page 272 In-Vehicle Cellular Gateway 2. A Must filled setting. Specify the Source IP address to apply with the application filter rule. It can be Any, Specific IP Address, IP Range, or IP Address-based Group. Select Any to filter packets coming from any IP addresses. Select Specific IP Address to filter packets coming from an IP address entered in this field.
- Page 273 In-Vehicle Cellular Gateway When the Back button is clicked, the screen will return to the Application Filter Back Configuration page.
-
Page 274: Ips
In-Vehicle Cellular Gateway 5.2.6 IPS To provide application servers in the Internet, administrator may need to open specific ports for the services. However, there are some risks to always open service ports in the Internet. In order to avoid such attack risks, it is important to enable IPS functions. - Page 275 In-Vehicle Cellular Gateway IPS Setting Go to Security > Firewall > IPS Tab. The Intrusion Prevention System (IPS) setting allows user to customize intrusion prevention rules to prevent malicious packets. Enable IPS Firewall Configuration Window Item Value setting Description The box is unchecked by Check the Enable box to activate IPS function default The box is unchecked by...
- Page 276 In-Vehicle Cellular Gateway Setup Intrusion Prevention Rules Item Name Value setting Description SYN Flood Click Enable box to activate this intrusion prevention rule and Defense 1. A Must filled setting enter the traffic threshold in this field. UDP Flood 2. The box is unchecked by default. Click Enable box to activate this intrusion prevention rule and Defense 3.
- Page 277 In-Vehicle Cellular Gateway Block Traceroute Block Fraggle Attack 1. A Must filled setting 2. The box is unchecked by default. Click Enable box to activate this intrusion prevention rule and ARP Spoofing 3. Traffic threshold is set to 300 by default enter the traffic threshold in this field.
-
Page 278: Options
In-Vehicle Cellular Gateway 5.2.7 Options There are some additional useful firewall options in this page. “Stealth Mode” lets gateway not to respond to port scans from the WAN so that makes it less susceptible to discovery and attacks on the Internet. ”SPI” enables gateway to record the packet information like IP address, port address, ACK, SEQ number and so on while they pass through the gateway, and the gateway checks every incoming packet to detect if this packet is valid. - Page 279 In-Vehicle Cellular Gateway Enable SPI Scenario As shown in the diagram, Gateway has the IP address of 118.18.81.200 for WAN interface and 192.168.1.253 for LAN interface. It serves as a NAT gateway. Users in Network-A initiate to access cloud server through the gateway. Sometimes, unknown users will simulate the packets but use different source IP to masquerade.
- Page 280 In-Vehicle Cellular Gateway Firewall Options Item Value setting Description The box is unchecked by Stealth Mode Check the Enable box to activate the Stealth Mode function default The box is checked by Check the Enable box to activate the SPI function default Discard Ping The box is unchecked by...
- Page 281 In-Vehicle Cellular Gateway 1. 80 for HTTP by default This field is to specify a Service Port to HTTP or HTTPS connection. Service Port 2. 443 for HTTPS by Value Range: 1 ~ 65535. default Enabling the The box is unchecked by Click Enable box to activate this rule.
-
Page 282: Authentication
In-Vehicle Cellular Gateway 5.3 Authentication To approve or confirm the truth of a certain object, you have to configure the required settings in the Authentication page. The supported functions could be Captive Portal and MAC Authentication, and the available function might be different for the purchased gateway. - Page 283 In-Vehicle Cellular Gateway Internal Captive Portal In contrast, for internal captive portal, you will only select “Internal RADIUS Server” option for user authentication. The user account database can be an embedded database, an external AD database or an external LDAP database. However, the UAM server is not necessary for this case and that the captive portal Web site is embedded in the device.
- Page 284 In-Vehicle Cellular Gateway Captive Portal Setting Go to Security > Authentication > Captive Portal tab. The gateway supports the Captive Portal function to ask connecting users to pass the authentication process before they can surf the Internet via the gateway. The Captive Portal will re-direct user to a login page when user try to access the Internet.
- Page 285 In-Vehicle Cellular Gateway default. Basic Network > LAN & VLAN > DHCP Server. If DHCP-1 is selected, users connected to the physical LAN port which bound the DHCP-1 server, will be re-directed to a login page when accessing the Internet. Web Portal 1.
- Page 286 In-Vehicle Cellular Gateway Save Click the Save button to save changes Refresh Click the Refresh button to refresh current page...
-
Page 287: Mac Authentication
In-Vehicle Cellular Gateway 5.3.2 MAC Authentication For some application, a RADIUS server is used to authenticate the Internet accessing permission. For those authorized devices (MACs), they are allowed to access internet, and on the other hand, for those not authorized devices, the internet accessing traffics will be blocked. This gateway supports such MAC authentication function, the administrator has to configure the settings and create a permissible user account list for those authorized devices. - Page 288 In-Vehicle Cellular Gateway User List Item Value setting Description Nickname It displays the nickname for a user. User Name It displays the MAC address for a user. Password It displays the password for a user. Add information of new device authentication Delete Delete information of exists device authentication Filter...
-
Page 289: Chapter 6 Administration
In-Vehicle Cellular Gateway Chapter 6 Administration 6.1 Configure & Manage Configure & Manage refers to enterprise-wide administration of distributed systems including (and commonly in practice) computer systems. Centralized management has a time and effort trade-off that is related to the size of the company, the expertise of the IT staff, and the amount of technology being used. -
Page 290: Command Script
In-Vehicle Cellular Gateway 6.1.1 Command Script Command script configuration is the application that allows administrator to setup the pre-defined configuration in plain text style and apply configuration on startup. Go to Administration > Command Script > Configuration Tab. Enable Command Script Configuration Configuration Item Value setting... - Page 291 In-Vehicle Cellular Gateway Edit/Backup Plain Text Command Script You can edit the plain text configuration settings in the configuration screen as above. Plain Text Configuration Item Value setting Description Clean Clean text area. (You should click Save button to further clean the configuration already saved in the system.) Backup Backup and download configuration.
- Page 292 In-Vehicle Cellular Gateway • TLS ->The OpenVPN will use TLS authorization mode, and the following items CA Cert., Client Cert. and Client Key need to specify as well. OPENVPN_CA_CERT A Must filled Specify the Trusted CA certificate for the OpenVPN client. It will go Setting through Base64 Conversion.
- Page 293 In-Vehicle Cellular Gateway (ex: txtConfig enable) disable Disable plain text system config. (ex: txtConfig disable) run_immediately Apply the configuration content that has been committed in database. (ex: txtConfig run_immediately) run_immediately a existing file Assign a configuration file to apply. (ex: txtConfig run_immediately /tmp/config)
-
Page 294: 294
In-Vehicle Cellular Gateway 6.1.2 TR-069 TR-069 (Technical Report 069) is a Broadband Forum technical specification entitled CPE WAN Management Protocol (CWMP). It defines an application layer protocol for remote management of end-user devices, like this gateway device. As a bidirectional SOAP/HTTP-based protocol, it provides the communication between customer-premises equipment (CPE) and Auto Configuration Servers (ACS). - Page 295 In-Vehicle Cellular Gateway Following tables list the parameter configuration as an example for the Gateway 1 in above diagram with "TR-069" enabling. Use default value for those parameters that are not mentioned in the tables. Configuration Path [TR-069]-[Configuration] ■ Enable TR-069 ACS URL http://qa.acslite.com/cpe.php...
- Page 296 In-Vehicle Cellular Gateway TR-069 Setting Go to Administration > Configure & Manage > TR-069 tab. In "TR-069" page, there is only one configuration window for TR-069 function. In the window, you must specify the related information for your security gateway to connect to the ACS. Drive the function to work by specifying the URL of the ACS server, the account information to login the ACS server, the service port and the account information for connection requesting from the ACS server, and the time interval for job inquiry.
- Page 297 In-Vehicle Cellular Gateway The box is unchecked by TR-069 Check the Enable box to activate TR-069 function. default When you finish set basic network WAN-1 ~ WAN-n, you can choose WAN-1 ~ WAN-n WAN-1 is selected by Interface When you finish set Security > VPN > IPSec/OpenVPN/PPTP/L2TP/GRE, you default.
- Page 298 In-Vehicle Cellular Gateway STUN Settings Configuration Item Value setting Description The box is checked by STUN Check the Enable box to activate STUN function. default 1. String format: any Specify the IP address for the expected STUN Server. Server Address IPv4 address 2.
-
Page 299: Snmp
In-Vehicle Cellular Gateway 6.1.3 SNMP In brief, SNMP, the Simple Network Management Protocol, is a protocol designed to give a user the capability to remotely manage a computer network by polling and setting terminal values and monitoring network events. In typical SNMP uses, one or more administrative computers, called managers, have the task of monitoring or managing a group of hosts or devices on a computer network. - Page 300 In-Vehicle Cellular Gateway the Intranet and manage all devices that support SNMP protocol in the Intranet. Another one is the Remote NMS to manage some devices whose WAN interfaces are connected together by using a switch or a router with UDP forwarding. If you want to manage some devices and they all have supported SNMP protocol, use either one application scenario, especially the management of devices in the Intranet.
- Page 301 In-Vehicle Cellular Gateway At first stage, the NMS manager prepares related information for all managed devices and records them in the NMS system. Then NMS system gets the status of all managed devices by using SNMP get commands. When the manager wants to configure the managed devices, the NMS system allows him to do that by using SNMP set commands.
- Page 302 In-Vehicle Cellular Gateway SNMP Setting Go to Administration > Configure & Manage > SNMP tab. The SNMP allows user to configure SNMP relevant setting which includes interface, version, access control and trap receiver. Enable SNMP SNMP Item Value setting Description Select the interface for the SNMP and enable SNMP functions.
- Page 303 In-Vehicle Cellular Gateway 1. String format: any Specify the SNMP Port. port number You can fill in any port number. But you must ensure the port number is not to SNMP Port 2. The default SNMP be used. port is 161. Value Range: 1 ~ 65535.
- Page 304 In-Vehicle Cellular Gateway Create/Edit User Privacy The SNMP allows you to custom your access control for version 3 user. The router supports up to a maximum of 128 User Privacy sets. When Add button is applied, User Privacy Rule Configuration screen will appear. User Privacy Rule Configuration Item Value setting...
- Page 305 In-Vehicle Cellular Gateway Privacy Mode 1. noAuthNoPriv is Specify the Privacy Mode for this version 3 user. selected by default Selected the noAuthNoPriv. You do not use any authentication types and encryption protocols. Selected the authNoPriv. You must specify the Authentication and Password. Selected the authPriv.
- Page 306 In-Vehicle Cellular Gateway When you selected v2c, the configuration screen is exactly the same as that of v1, except the version. When you selected v3, the configuration screen will provide more setting items for the version 3 Trap. Trap Event Receiver Rule Configuration Item Value setting Description...
- Page 307 In-Vehicle Cellular Gateway Select the version for the trap Selected the v1. The configuration screen will provide the version 1 must filled items. 1. v1 is selected by SNMP Version Selected the v2c. default The configuration screen will provide the version 2c must filled items. Selected the v3.
- Page 308 In-Vehicle Cellular Gateway Specify SNMP MIB-2 System If required, you can also specify the required onformation the the MIB-2 System. SNMP MIB-2 System Configuration Item Value setting Description sysContact 1. An Optional filled Specify the contact information forMIB-2 system. setting Value Range: 0 ~ 64 characters.
- Page 309 In-Vehicle Cellular Gateway Item Value setting Description 1. The default value is Default Specify the Enterprise Name for the particular private MIB. Enterprise Name 2. A Must filled setting Value Range: 1 ~ 10 characters, and only string with A~Z, a~z, 0~9, ’–‘, ‘_’. 3.
-
Page 310: Telnet & Ssh
In-Vehicle Cellular Gateway 6.1.4 Telnet & SSH A command-line interface (CLI), also known as command-line user interface, and console user interface are means of interacting with a computer program where the user (or client) issues commands to the program in the form of successive lines of text (command lines). - Page 311 In-Vehicle Cellular Gateway utility. Parameter Setup Example Following table lists the parameter configuration as an example for the Gateway in above diagram with "Telnet with CLI" enabling at LAN and WAN interfaces. Use default value for those parameters that are not mentioned in the table. Configuration Path [Telnet &...
- Page 312 In-Vehicle Cellular Gateway Telnet & SSH Setting Go to Administration > Configure & Manage > Telnet & SSH tab. The Telnet & SSH setting allows administrator to access this device through the traditional Telnet or SSH Telnet program. Before you can telnet (login) to the device, please configure the related settings and password with care.
- Page 313 In-Vehicle Cellular Gateway Configuration Item Value setting Description root 1. String: any text but no Type old password and specify new password to change root password. Note_1: You are highly recommended to change the default telnet password with blank character yours before the device is deployed.
-
Page 314: System Operation
In-Vehicle Cellular Gateway 6.2 System Operation System Operation allows the network administrator to manage system, settings such as web-based utility access password change, system information, system time, system log, firmware/configuration backup & restore, and reset & reboot. 6.2.1 Password & MMI Go to Administration >... - Page 315 In-Vehicle Cellular Gateway Username Configuration Item Value setting Description 1. The default Username Username for web-based MMI is Display the current MMI login account (Username). ‘admin’. New Username String: any text Enter new Username to replace the current setting. Enter current password to verify if you have the permission to change the Password String: any text username setting.
- Page 316 In-Vehicle Cellular Gateway is disabled, the system won’t logout the administrator automatically. MMI Configuration Item Value setting Description Enter the login trial counting value. Value Range: 3 ~ 10. If someone tried to login the web GUI with incorrect password for more Login 3 times is set by default than the counting value, an warning message “Already reaching maximum...
- Page 317 In-Vehicle Cellular Gateway by default. Normal Mode: It takes longer boot up time, about 200 seconds, with complete firmware image check during the device booting. Fast Mode: It takes shorter boot up time, about 120 seconds, without checking the firmwareimage during the device booting. Quick Mode: It takes shorter boot up time, about 90 seconds, without checking the firmware image and create the internal database for User/Group/Captive Portal functions.
-
Page 318: System Information
In-Vehicle Cellular Gateway 6.2.2 System Information System Information screen gives network administrator a quick look up on the device information for the purchades gateway. Go to Administration > System Operation > System Information tab. System Information Item Value Setting Description Model Name It displays the model name of this product. -
Page 319: System Time
In-Vehicle Cellular Gateway 6.2.3 System Time The gateway provides manually setup and auto-synchronized approaches for the administrator to setup the system time for the gateway. The time supported synchronization methods can be Time Server, Manual, PC, Cellular Module, or GPS Signal. Select the method first, and then configure rest settings. Instead of manually configuring the system time for the gateway, there are two simple and quick solutions for you to set the correct time information and set it as the system time for the gateway. - Page 320 In-Vehicle Cellular Gateway Check the Enable button to activate the daylight saving function. Daylight Saving 1. It is an optional item. When you enabled this function, you have to specify the start date and end date Time 2. Un-checked by default for the daylight saving time duration.
- Page 321 In-Vehicle Cellular Gateway its local connected devices. Save Click the Save button to save the settings. Synchronize with PC System Time Information Item Value Setting Description 1. A Must-filled item. Synchronization Select PC as the synchronization method for the system time to let system 2.
- Page 322 In-Vehicle Cellular Gateway Synchronize with Cellular Time Service System Time Information Item Value Setting Description Select Cellular Module as the synchronization method for the system time to let 1. A Must-filled item. Synchronization system synchronize its date and time to the time provided from the connected 2.
- Page 323 In-Vehicle Cellular Gateway Synchronize with GPS Time Service System Time Information Item Value Setting Description Select GPS Signal as the synchronization method for the system time to let 1. A Must-filled item. Synchronization system synchronize its date and time to the time provided from the GNSS 2.
-
Page 324: System Log
In-Vehicle Cellular Gateway 6.2.4 System Log System Log screen contains various event log tools facilitating network administrator to perform local event logging and remote reporting. Go to Administration > System Operation > System Log tab. View & Email Log History View button is provided for network administrator to view log history on the gateway. - Page 325 In-Vehicle Cellular Gateway Web Log List Window Item Value Setting Description Time column It displays event time stamps Log column It displays Log messages Web Log List Button Description Item Value setting Description Previous Click the Previous button to move to the previous page. Next Click the Next button to move to the next page.
- Page 326 In-Vehicle Cellular Gateway Web Log Type Category Setting Window Item Value Setting Description System Checked by default Check to log system events and to display in the Web Log List window. Attacks Checked by default Check to log attack events and to display in the Web Log List window. Drop Checked by default Check to log packet drop events and to display in the Web Log List window.
- Page 327 In-Vehicle Cellular Gateway Syslogd Syslogd screen allows network administrator to select the type of event to log and be sent to the designated Syslog server. Syslogd Setting Window Item Value Setting Description Enable Un-checked by default Check Enable box to activate the Syslogd function, and send event logs to a syslog server Select one syslog server from the Server dropdown box to sent event log to.
- Page 328 In-Vehicle Cellular Gateway Log to Storage Button Description Item Value setting Description Download log Click the Download log file button to download log files to a log.tar file. file...
-
Page 329: Backup & Restore
In-Vehicle Cellular Gateway 6.2.5 Backup & Restore In the Backup & Restore window, you can upgrade the device firmware when new firmware is available and also backup / restore the device configuration. In addition to the factory default settings, you can also customize a special configuration setting as a customized default value. -
Page 330: Reboot & Reset
In-Vehicle Cellular Gateway 6.2.6 Reboot & Reset For some special reason or situation, you may need to reboot the gateway or reset the device configuration to its default value. In addition to perform these operations through the Power ON/OFF, or pressing the reset button on the device panel, you can do it through the web GUI too. -
Page 331: Ftp
In-Vehicle Cellular Gateway 6.3 FTP The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files between a client and server on a computer network. FTP is built on a client-server model architecture and uses separate control and data connections between the client and the server. -
Page 332: Server Configuration
In-Vehicle Cellular Gateway 6.3.1 Server Configuration This section allows user to setup the embedded FTP and SFTP server for retrieving the interested fog files. Go to Administration > FTP > Server Configuration tab. Enable FTP Server Configuration Item Value setting Description Check Enable box to activate the embedded FTP Server function. - Page 333 In-Vehicle Cellular Gateway Check the Enable box to activate the support of PASV mode for a FTP PASV Mode Optional setting connection from FTP clients. Port Range of Port 50000 ~ 50031 is set Specify the port range to allocate for PASV style data connection. PASV Mode by default.
-
Page 334: User Account
In-Vehicle Cellular Gateway 6.3.2 User Account This section allows user to setup user accounts for logging to the embedded FTP and SFTP server to retrieve the interested fog files. Go to Administration > FTP > User Account tab. Create/Edit FTP User Accounts When Add button is applied, User Account Configuration screen will appear. -
Page 335: Diagnostic
In-Vehicle Cellular Gateway 6.4 Diagnostic This gateway supports simple network diagnosis tools for the administrator to troubleshoot and find the root cause of the abnormal behavior or traffics passing through the gateway. There can be a Packet Analyzer to help record the packets for a designated interface or specific source/destination host, and another Ping and Tracert tools for testing the network connectivity issues. -
Page 336: Packet Analyzer
In-Vehicle Cellular Gateway 6.4.2 Packet Analyzer The Packet Analyzer can capture packets depend on user settings. User can specify interfaces to capture packets and filter by setting rule. Ensure the log storage is available (either embedded SD-Card or external USB Storage), otherwise Packet Analyzer cannot be enabled. - Page 337 In-Vehicle Cellular Gateway Select Binary mode or String mode for the serial interface. VAP: This means the virtual AP. When WiFi and VAP are enabled, it can be selected here. Save Click the Save button to save the configuration. Click the Undo button to restore what you just configured back to the Undo previous setting.
- Page 338 In-Vehicle Cellular Gateway Source IPs Optional setting Define the filter rule with Source IPs, which means the source IP address of packets. Packets which match the rule will be captured. Up to 10 IPs are supported, but they must be separated with “;”, e.g.
-
Page 339: Chapter 7 Service
In-Vehicle Cellular Gateway Chapter 7 Service 7.1 Cellular Toolkit Besides cellular data connection, you may also like to monitor data usage of cellular WAN, sending text message through SMS, changing code card, communicating with carrier/ISP by USSD command, or doing a cellular network scan for diagnostic purpose. -
Page 340: Data Usage
In-Vehicle Cellular Gateway 7.1.1 Data Usage Most of data plan for cellular connection is with a limited amount of data usage. If data usage has been over limited quota, either you will get much lower data throughput that may affect your daily operation, or you will get a ‘bill shock’... - Page 341 In-Vehicle Cellular Gateway Data Usage Setting Go to Service > Cellular Toolkit > Data Usage tab. Before finished settings for Data Usage, you need to know bill start date, bill period, and quota limit of data usage according to your data plan. You can ask this information from your carrier or ISP. Create / Edit 3G/4G Data Usage Profile When Add button is applied, 3G/4G Data Usage Profile Configuration screen will appear.
- Page 342 In-Vehicle Cellular Gateway Data Limitation Specify the allowable data limitation for the defined cycle period. Connection Un-Checked by default. Check the Enable box to activate the connection restriction function. Restrict During the specified cycle period, if the actual data usage exceeds the allowable data limitation, the cellular connection will be forced to disconnect.
-
Page 343: Sms
In-Vehicle Cellular Gateway 7.1.2 SMS Short Message Service (SMS) is a text messaging service, which is used to be widely-used on mobile phones. It uses standardized communications protocols to allow mobile phones or cellular devices to exchange short text messages in an instant and convenient way. SMS Setting Go to Service >... - Page 344 In-Vehicle Cellular Gateway SMS Summary Show Unread SMS, Received SMS, Sent SMS, Remaining SMS, and edit SMS context to send, read SMS from SIM card. SMS Summary Item Value setting Description If SIM card insert to router first time, unread SMS value is zero. When received the Unread SMS new SMS but didn’t read, this value plus one.
- Page 345 In-Vehicle Cellular Gateway New SMS You can set the SMS setting from this screen. New SMS Item Value setting Description Write the receivers to send SMS. User need to add the semicolon and compose Receivers multiple receivers that can group send SMS. Write the SMS context to send SMS.
- Page 346 In-Vehicle Cellular Gateway Click the Detail button to read the SMS detail; Click the Reply / Forward button The box is unchecked by to reply/forward SMS. Action default Besides, you can check the box(es), and then click the Delete button to delete the checked SMS(s).
-
Page 347: Sim Pin
In-Vehicle Cellular Gateway 7.1.3 SIM PIN With most cases in the world, users need to insert a SIM card (a.k.a. UICC) into end devices to get on cellular network for voice service or data surfing. The SIM card is usually released by mobile operators or service providers. - Page 348 In-Vehicle Cellular Gateway SIM PIN Setting Go to Service > Cellular Toolkit > SIM PIN Tab With the SIM PIN Function window, it allows you to enable or disable SIM lock (which means protected by PIN code), or change PIN code. You can also see the information of remaining times of failure trials as we mentioned earlier.
- Page 349 In-Vehicle Cellular Gateway Enable / Change PIN Code Enable or Disable PIN code (password) function, and even change PIN code function. SIM function Window Item Setting Value setting Description SIM lock Depend on SIM card Click the Enable button to activate the SIM lock function. For the first time you want to enable the SIM lock function, you have to fill in the PIN code as well, and then click Save button to apply the setting.
- Page 350 In-Vehicle Cellular Gateway specified in the Basic Network > WAN & Uplink > Internet Setup > Connection with SIM Card page. Otherwise, it may result in wrong SIM PIN trials with invalid (old) PIN code. Unlock with a PUK Code The PUK Function window is only available for configuration if that SIM card is locked by PUK code.
-
Page 351: Ussd
In-Vehicle Cellular Gateway 7.1.4 USSD Unstructured Supplementary Service Data (USSD) is a protocol used by GSM cellular telephones to communicate with the service provider's computers. USSD can be used for WAP browsing, prepaid callback service, mobile-money services, location-based content services, menu-based information services, and as part of configuring the phone on the network. - Page 352 In-Vehicle Cellular Gateway USSD Setting Go to Service > Cellular Toolkit > USSD tab. In "USSD" page, there are four windows for the USSD function. The "Configuration" window can let you specify which 3G/4G module (physical interface) is used for the USSD function, and system will show which SIM card in the module is the current used one.
- Page 353 In-Vehicle Cellular Gateway USSD Profile Configuration Item Value setting Description Profile Name Enter a name for the USSD profile. Enter the USSD command defined for the profile. Normally, it is a command string composed with numeric keypad “0~9”, “*”, USSD Command and “#”.
-
Page 354: Network Scan
In-Vehicle Cellular Gateway 7.1.5 Network Scan "Network Scan" function can let administrator specify the device how to connect to the mobile system for data communication in each 3G/4G interface. For example, administrator can specify which generation of mobile system is used for connection, 2G, 3G or LTE. Moreover, he can define their connection sequence for the gateway device to connect to the mobile system automatically. - Page 355 In-Vehicle Cellular Gateway Save Click Save to save the settings The second window is the "Network Provider List" window and it appears when the Manually Scan Approach is selected in the Configuration window. By clicking on the "Scan" button and wait for 1 to 3 minutes, the found mobile operator system will be displayed for you to choose.
-
Page 356: Sms & Event
In-Vehicle Cellular Gateway 7.2 SMS & Event SMS & Event handling is the application that allows administrator to setup the pre-defined events, handlers, or response behavior with individual profiles. With properly configuring the event handling function, administrator can easily and remotely obtain the status and information via the purchased gateway. Moreover, he can also handle and manage some important system related functions, even the field bus devices and D/O devices which are already well connected to. - Page 357 In-Vehicle Cellular Gateway field bus device status monitoring, digital sensors detection controlling, and so on. All of such management and notification function can be realized effectively via the Event Handling feature. The following is the summary lists for the provided profiles, and events: (Note: The available profiles and events could be different for the purchased product.) ...
-
Page 358: Configuration
In-Vehicle Cellular Gateway 7.2.1 Configuration Go to Service > SMS & Event > Configuration Tab. Event handling is the service that allows administrator to setup the pre-defined events, handlers, or response behavior with individual profiles. Enable Event Management Configuration Item Value setting Description Event... - Page 359 In-Vehicle Cellular Gateway Physical Interface Choose a cellular interface (3G/4G-1 or 3G/4G-2) to configure the SMS The box is 3G/4G-1 by management setting. default. Note: 3G/4G-2 is only available for for the product with dual cellular module. SIM Status Show the connected cellular service (identified with SIM_A or SIM_B). Delete Managed The box is unchecked Check the Enable box to delete the received managing event SMS after it has...
- Page 360 In-Vehicle Cellular Gateway default. received a SMS managing event. The confirmed message is similar to following format: “Device received a SMS with command xxxxx.” Enable The box is unchecked by Click Enable box to activate this account. default. Save Click the Save button to save the configuration. Create / Edit Email Service Account Setup the Email Service Account for event notification.
- Page 361 In-Vehicle Cellular Gateway Create / Edit Digital Input (DI) Profile Rule (DI/DO support required) Setup the Digital Input (DI) Profile rules. It supports up to a maximum of 10 profiles. When Add button is applied, the Digital Input (DI) Profile Configuration screen will appear. Digital Input (DI) Profile Configuration Item Value setting...
- Page 362 In-Vehicle Cellular Gateway Value Range: 1 ~ 10 seconds. Profile The box is unchecked by Click Enable box to activate this profile setting. default. Save Click the Save button to save the configuration. Create / Edit Digital Output (DO) Profile Rule (DI/DO support required) Setup the Digital Output (DO) Profile rules.
- Page 363 In-Vehicle Cellular Gateway Duty Cycle 1. Numberic String format Specify the Duty Cycle for the Digital Output. 2. A Must filled setting Value Range: 1 ~100 %. Profile The box is unchecked by Click Enable box to activate this profile setting. default.
- Page 364 In-Vehicle Cellular Gateway Message 2. An Optional filled setting remote host, if required. Value Range: -1 ~ 64 characters. Enable The box is unchecked by Click Enable box to activate this profile setting. default. Save Click the Save button to save the configuration Undo Click the Undo button to restore what you just configured back to the previous setting.
-
Page 365: Managing Events
In-Vehicle Cellular Gateway 7.2.2 Managing Events Managing Events allow administrator to define the relationship (rule) among event trigger, handlers and response. Go to Service > SMS & Event > Managing Events Tab. Enable Managing Events Configuration Item Value setting Description Managing The box is unchecked by Check the Enable box to activate the Managing Events function. - Page 366 In-Vehicle Cellular Gateway Managing Event Configuration Item Value setting Description Event None by default Specify the Event type (SMS, SNMP Trap, or Digital Input) and an event identifier / profile. Up to 3 event conditions can be specified for defining an event, and the event will be triggered when all the conditions hold simutaneously (AND relation).
- Page 367 In-Vehicle Cellular Gateway Network Status: Select Network Status Checkbox to get the network status as the action for the event; LAN&VLAN: Select LAN&VLAN Checkbox and the interested sub-items (Port link On/Off), the gateway will change the settings as the action for the event; WiFi: Select WiFi Checkbox and the interested sub-items (WiFi radio On/Off), the gateway will change the settings as the action for the event;...
-
Page 368: Notifying Events
In-Vehicle Cellular Gateway 7.2.3 Notifying Events Go to Service > SMS & Event > Notifying Events Tab. Notifying Events Setting allows administrator to define the relationship (rule) between event trigger and handlers. Enable Notifying Events Configuration Item Value setting Description Notifying Events Check the Enable box to activate the Notifying Events function. - Page 369 In-Vehicle Cellular Gateway Notifying Event Configuration Item Value setting Description Event None by default Specify the Event type and corresponding event configuration. Up to 3 event conditions can be specified for defining an event, and the event will be triggered when all the conditions hold simutaneously (AND relation). The supported Event Type could be: Digital Input: Select Digital Input and a DI profile you defined to specify a certain Digital Input Event;...
- Page 370 In-Vehicle Cellular Gateway SNMP Trap: Select SNMP Trap, and the gateway will send out SNMP Trap to the defined SNMP Event Receivers as the action for the event; Email Alert: Select Email Alert, and the gateway will send out an Email to the defined Email accounts as the action for the event;...
-
Page 371: Location Tracking
In-Vehicle Cellular Gateway 7.3 Location Tracking Location tracking applications are usually referred to applications that take benefits from Global Navigation Satellite System (GNSS). GNSS is the infrastructure that allows devices to determine its position, velocity, and time by processing satellites signals from outer space. GNSS includes varieties of satellite systems and Satellite-Based Augmentation Systems (SBAS). -
Page 372: Gnss
In-Vehicle Cellular Gateway • Retrieve GNSS data from satellites and send to remote operation center periodically or save in local storage. • Global positioning with multiple GNSS systems, including GPS, and optional for GLONASS, Galileo, or BeiDou. • Mandatory for varieties of LBS (Location-Based Service) applications, such as advertisement, emergent call. - Page 373 In-Vehicle Cellular Gateway Detailed Satellite Data $GPGSV,2,1,08,01,40,083,46,02,17,308,41,12,07,344,39,14,22,228,45*75 Recommended $GPRMC,123519,A,4807.038,N,01131.000,E,022.4,084.4,230394,003.1,W*6A Minimum Data Vector Track and $GPVTG,054.7,T,034.4,M,005.5,N,010.2,K*48 Speed Over the Ground Please note this option is hardware dependent. The available options of GPS message type show on this page is according to product specification. You may not see all options if your product doesn’t support all of them. SBAS ...
- Page 374 In-Vehicle Cellular Gateway Scenario of location tracking for fleet management A fleet owner would like to see the locations of his trucks in real time. He also likes to know where his trucks have been passed through with time information. In his operation office, there is a server (IP: 100.100.100.1) which can interpret NMEA RMC data format and shows truck’s location and track on map.
- Page 375 In-Vehicle Cellular Gateway GNSS Setting Go to Service > Location Tracking > GNSS Tab. The GNSS allows user to set the configuration of GNSS, log NMEA data to storage, and send data to remote host. Ensure GNSS is enabled and saved Setup GNSS Configuration GNSS Configuration Item...
- Page 376 In-Vehicle Cellular Gateway SBAS The box is unchecked Check Enable box to activate satellite-based augmentation system (SBAS). by default Note: Some devices do not support this function. Assisted GPS The box is checked by Check Enable box to activate Assisted GPS (A-GPS). default Select the duration for downloading the Differential Almanac Corrections data...
- Page 377 In-Vehicle Cellular Gateway Remote Host Configuration Item Value setting Description Host Name String format: any text Enter the host name for the designated remote host. Value Range: -1 ~ 64 characters. Host IP A Must filled setting Specify the IP Address of remote host. It will be use as destination IP for sending NMEA packets.
-
Page 378: Track Viewer
In-Vehicle Cellular Gateway 7.3.2 Track Viewer Track Viewer allows user to see the track in Google Map from GPX file recorded by GNSS. In addition, when GNSS is enabled, current position will also be displayed in Track Viewer. Go to Service > Location Tracking > Track Viewer Tab. Setup Google Maps API Key When user uses Track Viewer for the first time, UI will request Google Maps API key from user. - Page 379 In-Vehicle Cellular Gateway If user remains empty in the field of Google Maps API key and clicks “Save”, user can load and use Google map normally. However, we can’t guarantee the number of loading times user can reach if you don’t input the API key.
- Page 380 In-Vehicle Cellular Gateway When Show from GPX file button is clicked, then the following screen will appear. Show from GPX file Item Value setting Description From 1. A Must filled setting. Specify the storage where the GPX file located. It can be Internal or External, it 2.
- Page 381 In-Vehicle Cellular Gateway Show Detail When Detail button is clicked, then the following screen will appear. Detail Item Value setting Description File name Show the file name of current used GPX file. Showing the text Current Track if the map loads current track instead of GPX file. Start time Show the time of the start position.
- Page 382 In-Vehicle Cellular Gateway...
-
Page 383: Power Control
In-Vehicle Cellular Gateway 7.4 Power Control In Power Control section, the device may support Ignition Sense function for In-vehicle gateway products, or Power Outlet control function for the products supporting external PDU function. With such kind of power control function, you can easily setup the gateway to properly operate with the external power source supplying from a vehicle battery, or manage the external device’s ON/OFF with a remote PDU. - Page 384 In-Vehicle Cellular Gateway Cellular gateway would enter standby mode automatically if lower input power voltage is detected. Cellular gateway will be back from standby mode to operation mode when car is started. Delay Off and Low Power Detection In this example, the surveillance system on buse will transmit video files back to back-end server when buse is back to depot.
- Page 385 In-Vehicle Cellular Gateway Ignition Sense Setting Go to Service > Power Control > Ignition Sense Tab. With Ignition Sense configuration page, you can configure those functions that are mentioned above. Please note this feature is only available on specific models. Please check product datasheet for details. *ATTENTION* The ignition sense feature is disabled by defult.
-
Page 386: Chapter 8 Status
In-Vehicle Cellular Gateway Chapter 8 Status 8.1 Dashboard 8.1.1 Device Dashboard The Device Dashboard window shows the current status in graph or tables for quickly understanding the operation status for the gateway. They are the System Information, System Information History, and Network Interface Status. - Page 387 In-Vehicle Cellular Gateway System Information History The System Information History screen shows the statistic graphs for the CPU and memory. Network Interface Status The Network Interface Status screen shows the statistic information for each network interface of the gateway. The statistic information includes the Interface Type, Upload Traffic, Download Traffic, and Current Upload / Download Traffic.
-
Page 388: Basic Network
In-Vehicle Cellular Gateway 8.2 Basic Network 8.2.1 WAN & Uplink Status Go to Status > Basic Network > WAN & Uplink tab. The WAN & Uplink Status window shows the current status for different network type, including network configuration, connecting information, modem status and traffic statistics. The display will be refreshed on every five seconds. - Page 389 In-Vehicle Cellular Gateway Status are Connected or disconnected. This area provides functional buttons. Renew button allows user to force the device to request an IP address from the DHCP server. Note: Renew button is available when DHCP WAN Type is used and WAN connection is disconnected.
- Page 390 In-Vehicle Cellular Gateway Edit Button when pressed, web-based utility will take you to the IPv6 configuration page. (Basic Network > IPv6 > Configuration.) LAN Interface Network Status LAN Interface Network Status screen shows IPv4 and IPv6 information of LAN network. LAN Interface Network Status Item Value setting...
- Page 391 In-Vehicle Cellular Gateway name will be 3G/4G-1 and 3G/4G-2. Card It displays the vendor’s 3G/4G modem model name. Information It displays the 3G/4G connection status. The status can be Connecting, Connected, Link Status Disconnecting, and Disconnected. Signal It displays the 3G/4G wireless signal level. Strength Network It displays the name of the service network carrier.
-
Page 392: Lan & Vlan Status
In-Vehicle Cellular Gateway 8.2.2 LAN & VLAN Status Go to Status > Basic Network > LAN & VLAN tab. Client List The Client List shows you the LAN Interface, IP address, Host Name, MAC Address, and Remaining Lease Time of each device that is connected to this gateway. LAN Client List Item Value setting... -
Page 393: Wifi Status
In-Vehicle Cellular Gateway 8.2.3 WiFi Status Go to Status > Basic Network > WiFi tab. The WiFi Status window shows the overall statistics of WiFi VAP entries. WiFi Virtual AP List The WiFi Virtual AP List shows all of the virtual AP information on each WiFi module. The Edit button allows for quick configuration changes. - Page 394 In-Vehicle Cellular Gateway...
- Page 395 In-Vehicle Cellular Gateway WiFi Uplink Status The WiFi Uplink Status shows all information of connected WiFi uplink network on each WiFi module.. WiFi Module One Uplink Status Item Value setting Description SSID It displays the network ID of VAP. BSSID It displays the theBSSID for the connected wireless network.
- Page 396 In-Vehicle Cellular Gateway Ensure WIDS function is enabled Go to Basic Network > WiFi > Advanced Configuration tab Note that the WIDS of 2.4GHz or 5GHz WiFi should be configured separately. WiFi Traffic Statistic The WiFi Traffic Statistic shows all the received and transmitted packets on each WiFi module. WiFi Traffic Statistic Item Value setting...
-
Page 397: Ddns Status
In-Vehicle Cellular Gateway 8.2.4 DDNS Status Go to Status > Basic Network > DDNS tab. The DDNS Status window shows the current DDNS service in use, the last update status, and the last update time to the DDNS service server. DDNS Status DDNS Status Item... -
Page 398: Security
In-Vehicle Cellular Gateway 8.3 Security 8.3.1 VPN Status Go to Status > Security > VPN tab. The VPN Status widow shows the overall VPN tunnel status. IPSec Tunnel Status IPSec Tunnel Status windows show the configuration for establishing IPSec VPN connection and current connection status. - Page 399 In-Vehicle Cellular Gateway OpenVPN Server Status According to OpenVPN configuration, the OpenVPN Server/Client Status shows the status and statistics for the OpenVPN connection from the server side or client side. OpenVPN Server Status Item Value setting Description User Name It displays the Client name you have entered for identification. Remote It displays the public IP address (the WAN IP address) of the connected IP/FQDN...
- Page 400 In-Vehicle Cellular Gateway L2TP Server/Client Status LT2TP Server/Client Status shows the configuration for establishing LT2TP tunnel and current connection status. L2TP Server Status Item Value setting Description User Name It displays the login name of the user used for the connection. It displays the public IP address (the WAN IP address) of the connected L2TP Remote IP client.
- Page 401 In-Vehicle Cellular Gateway PPTP Server/Client Status PPTP Server/Client Status shows the configuration for establishing PPTP tunnel and current connection status. PPTP Server Status Item Value setting Description User Name It displays the login name of the user used for the connection. It displays the public IP address (the WAN IP address) of the connected PPTP Remote IP client.
-
Page 402: Firewall Status
In-Vehicle Cellular Gateway 8.3.2 Firewall Status Go to Status > Security > Firewall Status Tab. The Firewall Status provides user a quick view of the firewall status and current firewall settings. It also keeps the log history of the dropped packets by the firewall rule policies, and includes the administrator remote login settings specified in the Firewall Options. - Page 403 In-Vehicle Cellular Gateway The Source IP (IPv4) of the logged packet. The Date and Time stamp of the logged packet. Date & time format. ("Month" Time "Day" "Hours":"Minutes":"Seconds") Note: Ensure URL Blocking Log Alert is enabled. Refer to Security > Firewall > URL Blocking tab. Check Log Alert and save the setting. Web Content Filter Status Web Content Filter Status Item...
- Page 404 In-Vehicle Cellular Gateway MAC Control Status MAC Control Status Item Value setting Description Activated This is the MAC Control Rule name. Control Rule Blocked MAC This is the MAC address of the logged packet. Addresses The Source IP (IPv4) of the logged packet. The Date and Time stamp of the logged packet.
- Page 405 In-Vehicle Cellular Gateway IPS Status IPS Firewall Status Item Value setting Description Detected This is the intrusion type of the packets being blocked. Intrusion The Source IP (IPv4) of the logged packet. The Date and Time stamp of the logged packet. Date & time format. ("Month" "Day" Time "Hours":"Minutes":"Seconds") Note: Ensure IPS Log Alert is enabled.
-
Page 406: Administration
In-Vehicle Cellular Gateway 8.4 Administration 8.4.1 Configure & Manage Status Go to Status > Administration > Configure & Manage tab. The Configure & Manage Status window shows the status for managing remote network devices. The type of management available in your device is depended on the device model purchased. The commonly used ones are the SNMP, TR-069, and UPnP. - Page 407 In-Vehicle Cellular Gateway TR-069 Status TR-069 Status screen shows the current connection status with the TR-068 server. TR-069 Status Item Value setting Description It displays the current connection status with the TR-068 server. The connection Link Status status is either On when the device is connected with the TR-068 server or Off when disconnected.
-
Page 408: Log Storage Status
In-Vehicle Cellular Gateway 8.4.2 Log Storage Status Go to Status > Administration > Log Storage tab. The Log Storage Status screen shows the status for selected device storage. Log Storage Status Log Storage Status screen shows the status of current the selected device storage. The status includes Device Description, Usage, File System, Speed, and status. -
Page 409: Gnss Status
In-Vehicle Cellular Gateway 8.4.3 GNSS Status Go to Status > Administration > GNSS tab. The GNSS Information screen shows the status for current GNSS positioning information for the gateway. The available GNSS information includes GNSS Condition, No. of Satellites, Satellites ID / Signal Strength, Position (Lat., Long.), Altitude (meters), True Course, and the equivalent Ground Speed (km/h). -
Page 410: Statistics & Report
In-Vehicle Cellular Gateway 8.5 Statistics & Report 8.5.1 Connection Session Go to Status > Statistics & Reports > Connection Session tab. Internet Surfing Statistic shows the connection tracks on this router. Internet Surfing Statistic Item Value setting Description Previous Click the Previous button; you will see the previous page of track list. Next Click the Next button;... -
Page 411: Network Traffic
In-Vehicle Cellular Gateway 8.5.2 Network Traffic Go to Status > Statistics & Reports > Network Traffic tab. Network Traffic Statistics screen shows the historical graph for the selected network interface. You can change the interface drop list and select the interface and sampling time interval you want to monitor. -
Page 412: Device Administration
In-Vehicle Cellular Gateway 8.5.3 Device Administration Go to Status > Statistics & Reports > Device Administration tab. Device Administration shows the login information. Device Manager Login Statistic Item Value setting Description Previous Click the Previous button; you will see the previous page of login statistics. Next Click the Next button;... -
Page 413: Cellular Usage
In-Vehicle Cellular Gateway 8.5.4 Cellular Usage Go to Status > Statistics & Reports > Cellular Usage tab. Cellular Usage screen shows data usage statistics for the selected cellular interface. The cellular data usage can be accumulated per hour or per day. -
Page 414: Portal Usage
In-Vehicle Cellular Gateway 8.5.5 Portal Usage Go to Status > Statistics & Reports > Portal Usage tab. Portal Usage shows the information about internal Captive Portal user login statistics. Captive Portal User Login Statistics Item Value setting Description It displays the User Name of user account created in Object Define > User > User Name User Profile. -
Page 415: Appendix A Gpl Written Offer
In-Vehicle Cellular Gateway Appendix A GPL WRITTEN OFFER This product incorporates open source software components covered by the terms of third party copyright notices and license agreements contained below. GPSBabel Version 1.4.4 Copyright (C) 2002-2005 Robert Lipe<robertlipe@usa.net> GPL License: https://www.gpsbabel.org/ Curl Version 7.19.6 Copyright (c) 1996-2009, Daniel Stenberg, <daniel@haxx.se>. - Page 416 In-Vehicle Cellular Gateway socat - Multipurpose relay Version: 2.0.0-b8 GPLv2 http://www.dest-unreach.org/socat/ LibModbus Version: 3.0.3 LGPL v2 http://libmodbus.org/news/ LibIEC60870 GPLv2 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111- 1307 USA https://sourceforge.net/projects/mrts/ Openswan Version: v2.6.38 GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc.
- Page 417 In-Vehicle Cellular Gateway Copyright (C) 1989, 1991 Free Software Foundation, Inc. 675 Mass Ave, Cambridge, MA 02139, USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. http://pptpclient.sourceforge.net/ PPTPServ Version: 1.3.4 GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc.
- Page 418 In-Vehicle Cellular Gateway CoovaChilli is an open-source software access controller for captive portal (UAM) and 802.1X access provisioning. Version: 1.3.0 Copyright: (C) 2007-2012 David Bird (Coova Technologies) <support@coova.com> Krb5: Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography.
- Page 419 In-Vehicle Cellular Gateway Version: 20080615 Copyright (C) 1998-2004 WIDE Project. BSD License: https://sourceforge.net/projects/wide-dhcpv6/...
Need help?
Do you have a question about the VHG87B-0T1B0 and is the answer not in the manual?
Questions and answers