Page 1
InHand VG710 InVehicle Gateway User Manual InHand VG710 InVehicle Gateway User Manual Issue: V1.0 — January, 2020...
Page 2
The contents of this manual cannot be copied or reproduced in any form without the written permission of InHand. Due to continuous updating, InHand cannot promise that the contents are consistent with the actual product information, and does not assume any disputes caused by the inconsistency of technical parameters.
InHand VG710 InVehicle Gateway User Manual 1 Overview InHand VG710 is a new-generation 4G in-vehicle gateway oriented at the Internet of Vehicles (IoV). It provides fast and safe networks for automobiles and transport service vehicles, meeting the requirements of police vehicles, emergency command vehicles, engineering vehicles, medical vehicles, and logistics vehicles for fast mobile networks.
InHand VG710 InVehicle Gateway User Manual 2 Hardware 2.1 Indicator Description VG710 Indicator Status and Definition Steady off --- The device is powered off. Steady --- The system is starting. Blinking green --- The system operates properly. System Blinking --- The system is faulty.
InHand VG710 InVehicle Gateway User Manual Used as an AP: Steady off --- The AP is disabled. Blinking blue --- The AP operates properly. Wi-Fi 5G Used as a STA: Steady off --- The STA is disabled, or no AP is associated.
The OBD protocol is automatically detected. − OBD data is automatically scanned. − The Wi-Fi 2.4G AP is enabled. The SSID starts with VG710-, followed by six digits. − The Wi-Fi 5G AP is enabled. The SSID starts with VG710-5G-,...
Page 10
InHand VG710 InVehicle Gateway User Manual − Telnet is disabled. − SSH is disabled. − Access from the cellular network is allowed only over HTTPS. User name and − adm/123456 (super administrator) password − shutdown-delay 30: The power-off delay is 30s.
InHand VG710 InVehicle Gateway User Manual 4 Login and Network Access 4.1 Network Access via the Dialup Card 1. Insert the SIM card, connect the GNSS and cellular antennas, and connect the power supply and PC. Insert the diversity dialup antenna when the dialup card has poor signals.
Page 12
InHand VG710 InVehicle Gateway User Manual 255.255.255.0, the default gateway address 192.168.2.1, and enter DNS server address, and then click Obtain an IP address automatically Use a fixed IP address Open the browser, enter the default IP address 192.168.2.1 of the gateway in the address bar, and press Enter.
Page 13
InHand VG710 InVehicle Gateway User Manual Ping a common website in China with a ping detection tool. If there is data transmission, the device has been successfully connected to the network. Enable the dual-SIM function when two SIM cards are used.
InHand VG710 InVehicle Gateway User Manual 4.2 Network Access via Wi-Fi Complete the connection shown in the following figure. Power supply Connect the PC GNSS antenna Wi-Fi antenna Assign an IP address to the PC, which is on the same network segment as the IP address of the gateway.
Page 15
InHand VG710 InVehicle Gateway User Manual Click "Status". The current network status is "Connected", and an IP address is obtained successfully, indicating that the device has been successfully connected to the network via Wi-Fi.
InHand VG710 InVehicle Gateway User Manual 5 Network Management In parameter settings, a green text box indicates a mandatory item, and a pure white text indicates an optional item. 5.1 Network 5.1.1Bridge Port A bridge port is intended to connect two different physical LANs over a bridge, to enable storage and forwarding across LANs at the link layer.
InHand VG710 InVehicle Gateway User Manual 5.1.2 VLAN Port A virtual LAN (VLAN) comprises a group of logical devices and users. These devices and users are not limited by physical locations, but can be organized based on functions, departments, applications, and other factors.
5.1.3 ADSL Dialup (PPPoE) Method for connecting the gateway to the PPPoE server: 1. Click "Network > > ADSL Dialup (PPPoE)", select the VG710 interface for connecting to the PPPoE server in the "Dial Pool" bar, and click Add. 2. Enter the user name, password, and pool ID of the PPPoE server in the "PPPoE List" bar. The pool ID must be the same as that in the "Dial Pool"...
Page 19
AP. Click Apply & Save. Method for connecting to an AP for Internet access when VG710 is used as a client: Select "Client", enter the Wi-Fi SSID and key, and click Apply & Save.
InHand VG710 InVehicle Gateway User Manual 5.1.5 Loopback Port Method for adding Multi-IP Settings: Click "Network >> Loopback >> Multi-IP Settings", configure any IP address for the gateway, click Add, and then click Apply & Save. 5.1.6 Layer 2 Switch Check the network connection status of GE 1 to GE 4.
OBD-II or J1939 cable. The cable accessories can be selected or customized during purchasing. For details about the access method, see Section 4.4 in the VG710 Quick Start Guide. After the gateway starts, the OBD service is automatically enabled to collect key vehicle condition data and fault code information.
Page 22
InHand VG710 InVehicle Gateway User Manual Scan OBD Data and Export OBD Report: Click the Scan OBD Data button to generate a OBD data report containing detailed vehicle condition data and diagnostic information. Click the Export OBD Report button to save the generated OBD data report to the local storage.
InHand VG710 InVehicle Gateway User Manual 5.3 VPN Application The VPN is intended to establish a private network on the public network for encrypted communication. A VPN gateway enables remote access by encrypting data packets and converting the destination address of data packets. The VPN can be realized by a server, hardware, or software, or in other ways.
Page 24
InHand VG710 InVehicle Gateway User Manual security of data transmission between communication parties on the Internet. This reduces the risk of leakage and eavesdropping, ensures the integrity and confidentiality of data, and ensures the security of service transmission for users.
Page 25
InHand VG710 InVehicle Gateway User Manual Encryption Encryption AES128 algorithm algorithm Authentication Authentication SHA1 method method IPsec mode Tunnel mode IPsec mode IPsec tunnel configuration IPsec tunnel configuration Address where gateway B Address where gateway A Peer address Peer address...
Page 26
InHand VG710 InVehicle Gateway User Manual 2. Access the IPsec status page. The IPsec VPN is established successfully if the page is shown as below. Note: The IPsec profile does not need to be configured for establishing an IPsec VPN, but needs to be configured...
InHand VG710 InVehicle Gateway User Manual 5.3.2 GRE The Generic Routing Encapsulation (GRE) protocol can be used to encapsulate datagrams of some network layer protocols, so that these encapsulated datagrams can be transmitted on the IPv4 network. Scenario: GRE is enabled for VG710_A and VG710_B through the public network.
InHand VG710 InVehicle Gateway User Manual 3. Set VG710_B in the same way. The virtual and peer IP addresses of VG710_B must correspond to those of VG710_A, and the key must be the same as that of VG710_A. 5.3.3 L2TP The Layer 2 Tunneling Protocol (L2TP) is an industrial-standard Internet tunneling protocol used to encrypt network data streams.
Page 29
InHand VG710 InVehicle Gateway User Manual 3. Set L2TPV2 tunnel parameters: Enter the server's domain name or IP address for "L2TP Server". "Pseudowire Class" is the same as that on the "Pseudowire Class" page. Enter the user name and password created on the server. Set other parameters as required. Click Apply & Save.
InHand VG710 InVehicle Gateway User Manual 5.3.4 OpenVPN OpenVPN is realized based on the application-layer VPN of the OpenSSL library. It supports multiple authentication methods such as the certificate, key, and user name/password. Compared with the traditional VPN, it is simpler and easier to use.
InHand VG710 InVehicle Gateway User Manual 2. Select a digital certificate for "Authentication Type", click "VPN >> Certificate Management", and import the CA certificate, public key, and private key. 3. Click Apply & Save. Return to the "Status" page and view the tunnel status.
Page 32
InHand VG710 InVehicle Gateway User Manual If no local certificate is available, check "Enable SCEP (Simple Certificate Enrollment Protocol)" to apply for a certificate online. Method for applying for a certificate for the gateway online: 1. Click "VPN >> Certificate Management". Check "Enable SCEP (Simple Certificate Enrollment Protocol)"...
InHand VG710 InVehicle Gateway User Manual 5.4 Services 5.4.1 DHCP (Automatic IP Address Allocation) DHCP uses the client/server communication mode. The client submits a configuration application to the server, and the server returns the IP address assigned to the client to realize the dynamic configuration of the IP address.
InHand VG710 InVehicle Gateway User Manual Method for settings when the gateway is used as a DHCP client: Click "Services >> DHCP >> DHCP Client", select the gateway interface, and click Apply & Save. Method for enabling DHCP forwarding for the gateway: DHCP forwarding is also referred to as a DHCP relay agent.
InHand VG710 InVehicle Gateway User Manual Method for enabling DNS forwarding for the gateway: As a DNS agent, the gateway forwards DNS request and response messages between the DNS client and the DNS server, and replaces the DNS client for domain name resolution.
Page 36
InHand VG710 InVehicle Gateway User Manual Method for enabling the DDNS service for the gateway: 1. If the Custom service is used, set "Method Name" as required, select "Custom" for "Service Type", and enter the DDNS expression "http://user name:password@ddns.oray.com/ph/update?hostname=host name" of the server for "Url". This expression is only for reference.
InHand VG710 InVehicle Gateway User Manual 5.4.4 SMS The short message service (SMS) is enabled for gateway restart and manual dialup via SMS messages. Some gateways can receive alarm information in the SMS whitelist. Method for controlling gateway restart and manual dialup via SMS messages When the cellular selects SMS activation mode, Click "Services >>...
Click "Services >> Enable GPS", check "Enable", and click Apply & Save. By default, GPS is enabled for the gateway. Method for forwarding GPS data to the server over IP when VG710 is used as a client: Click "Services >> GPS IP Forwarding", check "Enable", select "Client" for "Type", enter the server...
Page 39
InHand VG710 InVehicle Gateway User Manual Method for forwarding GPS data over IP when VG710 is used as a server: Click "Services >> GPS IP Forwarding", check "Enable", select "Server" for "Type", and click Apply & Save. Method for forwarding GPS data by VG710 through a serial port:...
InHand VG710 InVehicle Gateway User Manual Click "Services >> GPS Serial Forwarding", check "Enable", and select a serial port type based on the data transmission port used. Ensure that the baud rate, data bits, parity bit, and stop bit are the same as the current settings.
InHand VG710 InVehicle Gateway User Manual 2. Set transmission policies. Click "QoS >> Traffic Control >> Policy", enter a custom policy name for "Name", enter the classifier name for "Classifier", set the guaranteed bandwidth, maximum bandwidth, and policy priority, and click Add.
InHand VG710 InVehicle Gateway User Manual 5.5 Firewall 5.5.1 ACL The access control list (ACL) is an access control technology based on packet filtering. It can filter the packets on the interface based on preset conditions and allow them to pass or discard them.
InHand VG710 InVehicle Gateway User Manual 5.5.2 NAT Network address translation (NAT) can be used when some hosts on a private network have been assigned with local IP addresses (that is, private IP addresses used only on the private network), but expect to communicate with hosts on the Internet (without encryption).
InHand VG710 InVehicle Gateway User Manual 5.5.3 MAC-IP Binding After MAC-IP binding, the PC can access the public network through the gateway only by using the IP address bound to the MAC address of the PC. Method for binding the MAC address and IP address of a connected device: 1.
InHand VG710 InVehicle Gateway User Manual 5.6 Routing 5.6.1 Static Routing Set the destination network, subnet mask, and interface or gateway as required. 5.6.2 Dynamic Routing Scenario: Enable dynamic routing between two LANs for mutual communication between them. The topology is shown below.
Page 46
InHand VG710 InVehicle Gateway User Manual 5.6.2.1 RIP The Routing Information Protocol (RIP) is a simple internal dynamic routing protocol mainly used on small-scale networks. Method for enabling dynamic routing between VG710_A and VG710_B over RIP in the scenario: 1. Configure VG710_A. Click "Routing >> Dynamic Routing >> RIP", check "Enable", and configure VG710_A in the "Network"...
Page 47
InHand VG710 InVehicle Gateway User Manual 3. After the configuration is completed, check whether PC 1 can communicate with PC 2. If yes, the dynamic route is added successfully. The RIP route learned by VG710_B is shown in the figure below.
Page 48
InHand VG710 InVehicle Gateway User Manual 2. Set parameters for VG710_B. 3. After the configuration is completed, check whether PC 1 can communicate with PC 2. If yes, the dynamic route is added successfully. The OSPF route learned by VG710_B is shown in the figure...
Page 49
InHand VG710 InVehicle Gateway User Manual 5.6.2.3 BGP Method for enabling dynamic routing between VG710_A and VG710_B over BGP in the scenario: 1. Configure VG710_A. Click "Routing >> Dynamic Routing >> BGP", check "Enable", and set "AS number" as required.
InHand VG710 InVehicle Gateway User Manual 5. After the configuration is completed, check whether PC 1 can communicate with PC 2. If yes, the dynamic route is added successfully. The BGP route learned by VG710_B is shown in the figure below.
Negative Delay (s): In case of an abnormal state, switching can be delayed based on the delay setting (0 indicates immediate switching). Positive Delay (s): When a failure is recovered, switching can be delayed based on the delay setting (0 indicates immediate switching). Method for adding an IPsec track entry for VG710:...
InHand VG710 InVehicle Gateway User Manual Click "Link Backup >> Track >> Track" and set "Index" as required. "positive-start/negative-stop" means starting the IPsec service when the track detection state is Positive and stopping the IPsec service when the track detection state is Negative.
Page 53
InHand VG710 InVehicle Gateway User Manual 2. Networking diagram Ethernet port IP address of the port Gateway Priority Work mode connected to host A connected to host A VG710_A bridge 1 10.5.16.80 Preemption VG710_B bridge 1 10.5.16.81 Preemption Method for settings when VG710_A acts as the master gateway and VG710_B as a backup gateway: 1.
5.7.4 Interface Backup Scenario: VG710 accesses the Internet via Wi-Fi, and an interface backup is created to enable VG710 to access the Internet through dial-up upon Wi-Fi failure. The topology is shown below.
Page 55
InHand VG710 InVehicle Gateway User Manual 2. Click "Link Backup >> SLA >> SLA >> Add" to add an ICMP detection entry. Set the IP address to the host address that can be detected over ICMP on the public or private network, for example, the public IP address 118.122.120.22.
"dot11radio1" and "cellular1" interfaces. A smaller value of "Distance" indicates a higher priority. 6. Trigger a Wi-Fi failure. According to the preset link detection policy, VG710 accesses the Internet through dial-up via the cellular port, and when Wi-Fi recovers, immediately switches to Wi-Fi for Internet access.
InHand VG710 InVehicle Gateway User Manual 5.8.2 New IPsec Tunnel A dedicated virtual tunnel is established between the gateway and other devices or cloud platforms on the network. Method for establishing an IPsec tunnel for the gateway: Click "Wizards >> New IPsec Tunnel", set "Map Interface" to an interface ("bridge": bridge interface;...
InHand VG710 InVehicle Gateway User Manual 5.8.3 IPsec Experts' Configuration This function is available only for specific users. To activate this function, contact the technical support personnel. 5.8.4 New L2TPv2 Tunnel Method for creating an L2TPv2 tunnel for the gateway:...
InHand VG710 InVehicle Gateway User Manual 5.8.5 New Port Mapping Port mapping is to map a port of a host on the intranet to a port of a host on the extranet to provide corresponding services. When a user accesses the port on the extranet, the server automatically maps the request to the internal machine on the corresponding LAN.
Page 60
InHand VG710 InVehicle Gateway User Manual...
InHand VG710 InVehicle Gateway User Manual 7 Connecting the Gateway to a Cloud Platform 1. Click "Administration >> Device Manager >> Device Manager", check "Device Manager Enable", select the server address of the cloud platform, enter the registered account and license plate number of the cloud platform, and click Apply &...
InHand VG710 InVehicle Gateway User Manual 8 Industrial Ports (Serial Ports) The industrial ports of VG710 include RS232 serial ports, RS485 serial ports, and IO ports. 8.1 DTU RS232 provides full-serial communication, enabling hardware-based traffic control. RS485 provides half-duplex communication, enabling remote transmission of serial communication data.
Page 64
InHand VG710 InVehicle Gateway User Manual 4. Check that the gateway-connected PC and the server exchange data through DTU.
InHand VG710 InVehicle Gateway User Manual 8.2 IO Ports IO ports provide six analog inputs, six digital inputs, and four digital outputs. The analog and digital inputs share the ports. The digital parameters correspond to two states: HIGH (1) and LOW (0).
InHand VG710 InVehicle Gateway User Manual 9 System Management 9.1 System Click "Administration >> System >> Status" and view the current system and network status of the device. Click "Basic Setup" and modify the system language and device name. 9.2 System Time To ensure the coordination between the device and other devices, set the system time accurately.
Page 67
InHand VG710 InVehicle Gateway User Manual Alternatively, click "Administration >> System >> Status" to synchronize the time. Automatic time synchronization: Click "Administration >> System Time >> SNTP Client or NTP Server" and check "Enable" to synchronize the time between the gateway and the SNTP or NTP server.
InHand VG710 InVehicle Gateway User Manual 9.3 Management Services When the gateway requires the HTTP, HTTPS, TELNET, and SSH functions, click "Administration >> Management Services", enable the services, and click Apply & Save.
InHand VG710 InVehicle Gateway User Manual 9.4 User Management Click "Administration >> User Management" and create users, modify passwords, or delete users on the user management page. Superuser and common user: ● Superuser: By default, only one superuser is automatically created by the system, with the user name of adm and the default password of 123456.
InHand VG710 InVehicle Gateway User Manual You can use only one or two of the security services provided by AAA. For example, if a company only expects to authenticate employees when they access specific resources, the network administrator only needs to configure the authentication server. However, if the company expects to record the network usage of employees, the accounting server must be configured.
InHand VG710 InVehicle Gateway User Manual 9.5.2 Tacacs+ The Terminal Access Controller Access Control System + (Tacacs+) protocol is similar to the Radius protocol. It uses the client/server mode for communication between the network access server (NAS) and the Tacacs+ server. However, Tacacs+ works based on TCP, and Radius works based on UDP.
InHand VG710 InVehicle Gateway User Manual simple authentication requirement, the database must be searched each time, along with synthesis and filtering. This results in low efficiency. LDAP is equivalent to one table, and requires only the user name and password, with some other parameters, which is quite simple. It can meet the authentication requirement regarding the efficiency and structure.
InHand VG710 InVehicle Gateway User Manual and cannot be performed independently over Radius. ● LDAP authorization Method for enabling authentication and authorization for the gateway: Click "Administration >> AAA >> AAA Settings". 1, 2, and 3 are corresponding to Radius, Tacacs, ad LDAP respectively.
InHand VG710 InVehicle Gateway User Manual 9.7 SNMP 9.7.1 SNMP Currently, the SNMP Agent of VG710 supports SNMPv1, SNMPv2c, and SNMPv3. ● SNMPv1 and SNMPv2c use community names for authentication. ● SNMPv3 uses user names and passwords for authentication. Method for enabling SNMP for VG710: Click "Administration >>...
InHand VG710 InVehicle Gateway User Manual 9.7.2 SnmpTrap (Alarm) The SNMP trap is a type of entrance. When this entrance is reached, the SNMP managed devices actively notify the NMS, instead of waiting for the polling of NMS. On an SNMP-enabled network, the agents on managed devices can report errors to the NMS anytime, without the need of waiting for the polling of NMS.
InHand VG710 InVehicle Gateway User Manual 9.7.3 SnmpMibs In SNMP messages, management variables are used to describe the managed objects on the device. To uniquely identify the managed objects on the device, SNMP uses a hierarchical naming scheme to identify the managed objects The entire hierarchical structure is like a tree. The nodes of the tree represent the managed objects, as shown in the figure below.
InHand VG710 InVehicle Gateway User Manual 9.8 Alarm The alarm function enables users to identify gateway abnormalities in time. When an abnormality occurs, the gateway reports an alarm. You can select system-defined abnormalities and choose an appropriate notification way to obtain the abnormality information. All alarms are recorded in alarm logs so that users can identify abnormalities and perform troubleshooting in time.
InHand VG710 InVehicle Gateway User Manual (4) Alarm Map: Alarms can be received in two ways: command line interface (CLI) (console interface) and Email. Some devices support SMS alarms. To enable email-based mapping, enable and set the email address on the "Alarm Output" page.
InHand VG710 InVehicle Gateway User Manual The storage capacity of the gateway is limited (512 KB by default). To save all the logs, you need to use a remote log server (for example, Kiwi Syslog Daemon). Set the address and port of the log server on the web page.
InHand VG710 InVehicle Gateway User Manual Note: During the software upgrade, do not perform any operation on the web page; otherwise, the software upgrade may be interrupted. 9.11 System Reboot Click "Administration >> Reboot >> OK to reboot the system.
InHand VG710 InVehicle Gateway User Manual 10 Diagnostic Tools Diagnostic tools are used to detect the network connection of the gateway: Ping, Traceroute, Tcpdump, and Link Speed Test. Ping: It is used to detect the external network connection of the device. Enter any common website in China for "Host"...
Page 82
InHand VG710 InVehicle Gateway User Manual Download wireshark from the browser to open the downloaded file and analyze the messages to understand the network connection of the interface. Link Speed Test: Upload and download files to test the link speed.
Need help?
Do you have a question about the VG710 and is the answer not in the manual?
Questions and answers