Data may be delayed, corrupted (i.e., have errors), or be totally lost. Significant delays or losses of data are rare when wireless devices such as the RipEX2 are used in an appropriate manner within a well‐constructed network. RipEX2 should not be used in situations where failure to transmit or receive data could result in damage of any kind to the user or any other party, including but not limited to personal injury, death, or loss of property.
When accessing over the optional “W2” Wifi adapter, connect your PC (tablet, smart phone) to the RipEX2 Wifi AP first. Its default SSID is “RipEX2 + Unit name + S/N”. By default, the WPA2 PSK secured connection with password "123456789" is used.
Page 7
Your PC will get its IP settings from the built-in DHCP server and you have to type http://10.9.8.7 in your browser. Remaining steps are the same and you do not need to worry about other RipEX2 units, since you will be connected to the local unit in all cases.
1. Product RipEX2 is a radio modem platform renowned for overall data throughput in any real-time environment. RipEX2 radio modems are native IP devices, Software Defined with Linux OS that have been designed with attention to detail, performance and quality.
Page 13
This rugged connector connects to a power supply and it contains control signals. A Plug with screw- terminals and retaining screws for power and control connector is supplied with each RipEX2. It is Tyco 7 pin terminal block plug, part No. 1776192-7, contact pitch 3.81 mm. The connector is designed for electric wires with a cross section of 0.5 to 1.5 mm...
Page 15
The SFP modules listed in Accessories are thoroughly tested by RACOM and are guaranteed to function with RipEX2 units. It is possible to use any other SFP module, but RACOM cannot guarantee they will be completely compatible with RipEX2 units.
Page 16
RipEX2 unit should be DTE (Data Terminal Equipment) and a straight-through cable should be used. If a DCE device is connected to the serial port of RipEX2, a null modem adapter or cross cable has to be used.
Page 17
The USB interface is designed for the connection to an external ETH/USB adapter or a Wifi adapter. They are optional accessories to RipEX2, for more details see Section 3.3, “Connecting RipEX2 to a programming PC”. The adapters are used for service access to web configuration interface of RipEX2 unit.
Page 18
Product RipEX2 can be equipped with an internal GPS. The GPS module is used for time synchronization of the NTP server inside RipEX2. In this case the AUX connector serves for connecting the GPS antenna: • active antenna • 3.3 VDC supply 1.2.8.
Page 20
Adaptive mode of receiver opera- Cognitive function of receiving mode selection is implemented in tion RipEX2. When exposed in a radio environment where strong inter- fering signals (stronger than -45 dBm) are present, RipEX2 senses them and adaptively increases its resistance to interference (and lowers its sensitivity by 3 dB).
Product 1.4. Ordering codes RipEX2 radio modem has been designed to have minimum possible number of hardware variants. Different HW models are determined by frequency, internal GPS and separate connectors for RX and TX antennas. All ordering codes are available on RACOM website. See Ordering information •...
Page 22
S/N anytime later on. Possible values: Master – enables all functionalities of all possible SW feature keys, Part No. RipEX2-SW-MASTER • Type – specific product type for which type approvals like CE, FCC etc. are issued.
RipEX2-HS is redundant Hot Standby chassis. There are two Hot Standby standard RipEX2 units inside. In case of a detection of failure, automatic switchover between RipEX2 units is performed. RipEX2-HS is suitable for Central sites, Repeaters or Important remote sites where no single point of failure is required.
Page 26
6. Demo case A rugged plastic case for carrying up to three RipEX2 units and one M!DGE2 4G SCADA router. It can be used to perform an on-site signal measurement, complete application bench-test or a func- tional demonstration of both radio modems and the 4G router.
Page 27
Accessories Fig. 2.7: Demo case Content: • Brackets and cabling for installation of three RipEX2 units and one M!DGE2 (units are not part of the delivery) • 1× power supply Mean Well GST160A24-R7B (100-240 V AC 50-60 Hz/24 V DC) •...
3. Step-by-step guide 3.1. Connecting the hardware Before installing a RipEX2 network in the field, a bench-test should be performed in the lab. The RipEX2 Demo case is great for this as it contains everything necessary: 3× RipEX2 unit, Power supply, dummy load antennas, etc.
3.2. Powering up your RipEX2 Switch on your power supply. LED SYS shines orange and after approximately 30 seconds your RipEX2 will have booted and will be ready, the SYS LED shines green. You’ll find the description of the individual LED states in Section 1.3, “Indication LEDs”.
Any other adapter will not work correctly when connected to RipEX2 unit. Connect your PC, tablet or smartphone to RipEX2 Wifi AP first. Its default SSID is “RipEX2 + Unit name + S/N”. By default, the WPA2 PSK secured connection with password "123456789" is used. The Wifi adapter contains a built-in DHCP server, so if you have a DHCP client in your PC (as most users do), you do not need to set anything up.
Page 34
The ETH/USB contains a built-in DHCP server, so if you have a DHCP client in your PC as most users, you do not need to set anything up. The IP address of RipEX2 unit, for access over the ETH/USB adapter, is fixed: 10.9.8.7.
Page 36
You must install this certificate into your web browser. The first time you connect to the RipEX2, your computer will ask you for authorisation to import the certificate into your com- puter. The certificate is signed by the certification authority RACOM s.r.o. It meets all security regulations and you need not to be concerned about importing it into your computer.
5. Run cables and plug-in all connectors except from the SCADA equipment (Section 1.2, “Connectors”). 6. Apply power supply to RipEX2. 7. Connect configuration PC (Section 3.3, “Connecting RipEX2 to a programming PC”). 8. Configure RipEX2. 9. Test radio link quality (e.g. using Monitoring tool).
(recommended) or widthwise; in both cases with the RipEX2 lying flat. The choice is made by mounting the clips, one M4 screw per clip. RipEX2 is delivered with two clips, two screws and four threaded holes. Use solely the M4×5 mm screws that are supplied.
Use 50 Ω impedance cables only. The shorter the feed line, the better. If RipEX2 is installed close to antenna, the data cable can be re- placed by an Ethernet cable for other protocols utilizing the serial port, see Section 7.1.4, “Terminal servers”.
You will find the pin-outs of connectors in Section 1.2, “Connectors”. 4.6. Power supply We do not recommend switching on power supply of the RipEX2 unit before connecting the antenna and other devices. Connecting the RTU and other devices to RipEX2 while powered increases the likelihood of damage due to the discharge of difference in electric potentials.
LAN (the LAN to which the respective ETH interface is connected). One has to be very careful when RipEX2 in Bridge mode is connected to LAN, because all LAN traffic is then broadcasted to the Radio channel.
Page 45
The COM port needs to be Enabled and a Protocol needs to be selected to transfer any data. "Trans- parent" type of COM protocol is dedicated for Bridge mode purposes. This protocol transfers data between the COM port and the RipEX2 network transparently. Any other Protocol can be selected when needed.
Page 46
RipEX2 C and RipEX2 A send the received packet to their COM ports. Packet is addressed to RTU C, so only RTU C responds. RipEX2 A is set as a repeater, so it retransmits the packet on Radio channel. Packet is received by all RipEX2 units. Step 4 RipEX2 B sends repeated packet to its COM.
Page 47
You can see an example of IP addresses of the SCADA equipment and RipEX2 ETH interfaces in the picture below. In Bridge mode, the IP address of the ETH interface of RipEX2 is not relevant for user data communic- ation. However it is strongly recommended to assign a unique IP address to each RipEX2 ETH interface, since it allows for easy local as well as remote service access.
5.2. Router mode 5.2.1. Detailed Description RipEX2 works as a standard IP router with multiple independent interfaces: Radio and Ethernets. Each interface has its own MAC address, IP address and mask. IP packets are processed according to routing table rules. You can also set the router’s default gateway (applies to both interfaces) in the routing table.
Page 49
As already mentioned, RipEX2 works as a standard IP router with multiple independent interfaces: Radio and Ethernets. Each interface has its own MAC address, IP address and mask. When Base driven protocol is used, Radio IP addresses for all RipEX2 units must share the same IP subnet.
5.3.1. Detailed Description Generally, a Terminal server (also referred to as Serial server) enables connection of devices with a serial interface to a RipEX2 over the local area network (LAN). It is a virtual substitute for the devices used as serial-to-TCP(UDP) converters.
Page 52
Terminal server in RipEX2. User data are extracted from the TCP messages and processed as if it came from a COM port. When the data reaches the destination RipEX2, it can be transferred to the RTU either via the serial interface or via TCP (UDP), using the Terminal server again.
(via LAN) or a high-speed WAN (e.g. Internet). The RipEX2 which you are logged-in to in this way is called Local. Then you can manage any remote RipEX2 in the network over-the-air in a throughput-saving way: all the static data (e.g. Web page graphic objects) is downloaded from the Local RipEX2 and only information specific to the remote unit is transferred over the Radio channel.
• Chrome for android 6.2. Remote access RipEX2 unit management is designed to work smoothly even when the unit under configuration is connected via relatively slow radio channel. In case of locally connected unit - direct configuration of the unit (accessing the unit IP address directly from the web browser) works fine. If the unit should be connected remotely via the radio network, the so-called "Remote access"...
Remote access can be activated via click on the Remote access button. The connection to remote radio proceeds... The IP address of the actually connected RipEX2 unit is displayed as part of the Remote access button. All the configuration settings are remotely available using standard web interface. Some of the Diagnostic features are available via local connection only.
7.1. Interfaces 7.1.1. Ethernet RipEX2 provides 5 physical Ethernet ports ETH1, ETH2, ETH3, ETH4 and ETH5. First 4 ETH ports are metallic, the 5th port is a SFP port. There is a possibility to define an Ethernet bridge - a logical Network interface - by bridging (joining) together multiple physical Ethernet interfaces.
Page 61
○ Unit is repeater List box {On, Off}, default Off Each RipEX2 may work simultaneously as a Repeater (Relay) in addition to the standard Bridge operation mode. If “On”, every frame received from Radio channel is transmitted to the respective user interface (ETH, COM) and to the Radio channel again.
Page 62
In such case massive collisions would ensue because all substations (RTU) would reply at nearly the same time. To prevent such collision, TX delay should be set individually in each slave RipEX2. The length of responding frame, the length of Radio protocol overhead, modulation rate have to be taken into account.
Page 65
Such UDP frames received by the RipEX2 unit from the RipEX2 network (based on the unit IP address and UDP port of the Protocol module) are translated into original frame format (by the Protocol module) and send out through the COM port.
Page 66
Settings Each SCADA protocol used on serial interface is more or less unique. The COM port protocol module performs conversion to standard UDP datagrams to travel across RipEX2 Radio network. • Type List box {possible values}, default = RS232 COM port can be configured to either RS232 or RS485.
Page 67
RTS/CTS (Request To Send / Clear To Send) hardware flow control (handshake) between the DTE (Data Terminal Equipment) and RipEX2 (DCE - Data Communications Equipment) can be enabled in order to pause and resume the transmission of data. If RX buffer of RipEX2 is full, the CTS goes down.
Page 68
Some Master SCADA units sends broadcast messages to all Slave units. SCADA application typically uses a specific address for such messages. RipEX2 (Protocol module) converts such message to a customized IP broadcast and broadcasts it to all RipEX2 units resp. to all SCADA units within the network.
Page 70
COM is encapsulated. Default UDP ports for COM or Terminal servers can be used or UDP port can be set manually. If the destination IP address belongs to a RipEX2 and the UDP port is not assigned to COM or to a Terminal server or to any other special SW module running in the destination RipEX2, the packet is discarded.
Page 71
Individual parameters • Async link Async link creates an asynchronous link between two COM ports on different RipEX2 units. Received frames from COM port or from a Terminal server are sent without any processing transparently to Radio channel to set IP destination and UDP port. Received frames from Radio channel are sent to COM or Terminal server according to Destination (UDP port) parameter.
Page 72
Each frame in the DNP3 protocol contains the source and destination addresses in its header, so there is no difference between Master and Slave in terms of the RipEX2 configuration. The DNP3 allows both Master-Slave polling as well as spontaneous communication from the remote units.
Page 73
7.1.4. Terminal servers Generally, a Terminal Server (also referred to as a Serial Server) enables connection of devices with serial interface to a RipEX2 over the local area network (LAN). It is a virtual substitute for devices used as serial-to-TCP(UDP) converters.
Page 74
Up to 5 independent Terminal servers can be set up. Each one can be either TCP or UDP Type, TCP Inactivity is the timeout in seconds for which the TCP socket in RipEX2 is kept active after the last data reception or transmission. As source IP address of a Terminal server will be used the IP address of the RipEX2 ETH interface (Local preferred source address if exists see chap.
Switches the rule on / off • Destination IP / mask Each IP packet, received by RipEX2 through any interface (Radio, ETH, COM, ...), has got a destin- ation IP address. RipEX2 (router) forwards the received packet either directly to the destination IP address or to the respective Gateway, according to the Routing table.
Page 76
Local preferred source address: (Routing_LocalUseSrcAddr) Local IP address used as a source address for packets originating in the local RipEX2 unit being routed by this routing rule. It might be for example packets originating from the COM port or from the Terminal Server. If the address is set to 0.0.0.0 it is not considered active.
Page 78
• Connection state New list box {Off, On} active only for TCP protocol Relates to the first packet when a TCP connection starts (Request from TCP client to TCP server for opening a new TCP connection). Used e.g. for allowing to open TCP only from RipEX2 network to outside.
Page 80
Although there are 2 modes of operation RipEX2 only offers Tunnel mode. In Tunnel mode, the entire IP packet is encrypted and authenticated. It is then encapsulated into a new IP packet (ESP – Encap- sulating Security Payloads) with a new IP header.
Page 84
The PFS (Perfect Forward Secrecy) feature is performed using the Diffie-Hellman group method. PFS increases IKE SA key exchange security. The RipEX2 unit load is seriously affected when key exchange is in process. The "legacy" marked methods are recognized as unsafe. Peer configuration must match.
Page 85
The PFS (Perfect Forward Secrecy) feature is performed using the Diffie-Hellman group method. PFS increases IKE CHILD SA key exchange security. The RipEX2 unit load is seriously affected when key exchange is in process. The "legacy" marked methods are recognized as unsafe.
TSs), some internal interfaces between software modules can be monitored when such advanced diagnostics is needed. Monitoring output can be viewed on-line or saved to a file in the RipEX2 (e.g. a remote RipEX2) and downloaded later on. Fig. 8.1: Interfaces 8.1.1.
Page 92
Terminal Server) and vice versa. When an external interface (e.g. Interface COM) is monitored, the Tx also means packets being transmitted from the RipEX2 over the respective interface (Rx means "received"). Understanding the directions over the internal interfaces may not be that straightforward, please consult Fig.
Page 94
When Promiscuous mode is enabled, the unit is capable to monitor (receive) frames from the other RipEX2 units even if the other unit(s) is(are) working in the other Unit mode (Bridge versus Router). Frames transmitted under another Unit mode may not be properly 'analyzed'. In such a case frames are displayed in raw data format.
10.3. High temperature If the RipEX2 is operated in an environment where the ambient temperature exceeds 55 °C, the RipEX2 must be installed within a restricted access location to prevent human contact with the enclosure heatsink. 10.4. RoHS and WEEE compliance...
• Only undermentioned manufacturer is entitled to repair any devices. 10.6. Important Notifications Sole owner of all rights to this User manual is the company RACOM s. r. o. (in this manual referred to under the abbreviated name RACOM). All rights reserved. Drawing written, printed or reproduced copies of this manual or records on various media or translation of any part of this manual to foreign languages (without written consent of the rights owner) is prohibited.
• any requirements for authorisation of use. Fig. 10.2: EU restrictions or requirements RipEX2 radio modem predominantly operates within frequency bands that require a site license be issued by the radio regulatory authority with jurisdiction over the territory in which the equipment is being op- erated.
С настоящото RACOM s.r.o. декларира, че този тип радиосъоръжение RipEX2 е в съответствие с Директива 2014/53/ЕС. Por la presente, RACOM s.r.o. declara que el tipo de equipo radioeléctrico RipEX2 es conforme con la Directiva 2014/53/UE. Tímto RACOM s.r.o. prohlašuje, že typ rádiového zařízení RipEX2 je v souladu se směrnicí 2014/53/EU.
Page 123
RACOM s.r.o. niniejszym oświadcza, że typ urządzenia radiowego RipEX2 jest zgodny z dyrektywą 2014/53/UE. O(a) abaixo assinado(a) RACOM s.r.o. declara que o presente tipo de equipamento de rádio RipEX2 está em conformidade com a Diretiva 2014/53/UE. Prin prezenta, RACOM s.r.o. declară că tipul de echipamente radio RipEX2 este în conformitate cu Directiva 2014/53/UE.
10.10. Compliance Federal Communications Commission and Innovation, Science and Economic Development Canada Installation and usage of RipEX2 radio modems must be done by qualified and experienced person with proper training and technical knowledge such as path planning, licensing and regulatory require- ments.
The serviced equipment shall be returned by RACOM to the customer by prepaid freight. If circumstances do not permit the equipment to be returned to RACOM, then the customer is liable and agrees to reim- burse RACOM for expenses incurred by RACOM during servicing the equipment on site. When equipment does not qualify for servicing under warranty, RACOM shall charge the customer and be reimbursed for costs incurred for parts and labour at prevailing rates.