virtual access GW2021 User Manual
  1. Manuals
  2. Brands
  3. virtual access Manuals
  4. Router
  5. GW2021
  6. User manual

virtual access GW2021 User Manual

Gw2020 series
Hide thumbs Also See for GW2021:
1
Table Of Contents
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
Table of Contents

Advertisement

Quick Links

Download this manual
GW2020 Series User Manual
Issue:
2.1
Date:
01 February 2018

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the GW2021 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for virtual access GW2021

Summary of Contents for virtual access GW2021

  • Page 1 GW2020 Series User Manual Issue: Date: 01 February 2018...

  • Page 2: Table Of Contents

    Accessing the device using TACACS+ authentication ........26 5.11 SSH ...................... 29 5.12 Package dropbear using UCI ..............31 5.13 Certs and private keys ................32 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 2 of 423...
  • Page 3 11.3 Configuring VLAN using the web interface ..........95 11.4 Viewing VLAN interface settings ..............98 11.5 Configuring VLAN using the UCI interface ........... 99 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 3 of 423...
  • Page 4 Introduction ..................138 17.2 Configuration package used ..............143 17.3 Configuring OSPF using the web interface ..........144 17.4 Configuring OSPF using the command line ..........147 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 4 of 423...
  • Page 5 Configuring DHCP pools using UCI ............235 23.5 Configuring static leases using UCI ............236 24 Configuring DHCP client ................237 24.1 Configuration packages used ..............237 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 5 of 423...
  • Page 6 30.1 Prerequisites for configuring DMVPN ............312 30.2 Advantages of using DMVPN ..............312 30.3 DMVPN scenarios .................. 313 30.4 Configuration packages used ..............315 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 6 of 423...
  • Page 7 Reporting syslog to Monitor ..............353 35.5 Configuring ISAD .................. 355 36 Configuring SNMP ..................358 36.1 Configuration package used ..............358 36.2 Configuring SMNP using the web interface..........358 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 7 of 423...
  • Page 8 41 Serial interface ..................421 41.1 Overview ..................... 421 41.2 Monitoring serial interfaces using the web interface ........421 41.3 Monitoring serial interfaces using command line ........422 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 8 of 423...

  • Page 9: Introduction

    1: Introduction _______________________________________________________________________________________________________ 1 Introduction This user manual describes the features and how to configure the range of Virtual Access routers in the GW2020 Series. The Virtual Access GW2020 Series routers are arrange of versatile 3G/LTE/CDMA450 wireless routers suitable for a variety of business and industrial deployments. The...
  • Page 10 However the documentation usually assumes that a section label is not configured. The table below shows fields from a variety of chapters to illustrate the explanations above. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 10 of 423...
  • Page 11 Diagnostics are explained at the end of each feature’s chapter. 1.2.4 UCI commands For detailed information on using UCI commands, read chapters ‘Router File Structure’ and ‘Using Command Line Interface’. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 11 of 423...

  • Page 12: Gw2020 Series Router Hardware Specification

    • Port 1: ‘/dev/ttySC1’ • Each serial port has a number of configurable settings, such as baud rate, word size, parity, flow control mode, etc. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 12 of 423...
  • Page 13 2.3.1.2 RS485 pinout for the GW2020 Series router Half Duplex Mode Full Duplex Mode Name Direction Name Direction (From GW2020 Series router) (From GW2020 Series router) Tx/Rx+ In/Out Tx/Rx- In/Out _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 13 of 423...

  • Page 14: Gsm And Lte Technology

    The user is responsible for ensuring the equipment is installed, operated and used for its intended function in the manner specified by Virtual Access. Failure to do so may invalidate safety features of the equipment.

  • Page 15: Gw2020 Series Router Environmental Conditions

    Before you can access the internal web server and start the configuration, ensure the components are correctly connected and that your PC has the correct networking setup. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 15 of 423...

  • Page 16: Inserting A Sim Card

    Table 3: GW2020 Series router standard components Optional components include: 1 x lockable SIM cover. 1 x extra antenna Virtual Access supplies a wide range of antennas. Please visit our website: www.virtualaccess.com or contact Virtual Access for more information. Table 4:GW2020 Series router optional components 2.13...

  • Page 17: Connecting The Antenna

    You can use recovery mode to manipulate the config files, but should only be used if all other configs files are corrupt. If your router has entered recovery mode, contact your local reseller for access information. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 17 of 423...

  • Page 18: Gw2020 Series Router Led Behaviour

    Table 6: LED behaviour and descriptions Note: when a data connection does not exist, none of the signal LEDs will light regardless of signal strength. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 18 of 423...

  • Page 19: Gw2020 Ethernet Port Led Behaviour

    Link LED (green) Physical Ethernet link detected. No data is being transmitted/received over the link. ACT LED (amber) Flashing Data is being transmitted/received over the link. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 19 of 423...

  • Page 20: Factory Configuration Extraction From Sim Card

    4: Factory configuration extraction from SIM card _______________________________________________________________________________________________________ 4 Factory configuration extraction from SIM card Virtual Access routers have a feature to update the factory configuration from a SIM card. This allows you to change the factory configuration of a router when installing the SIM.

  • Page 21: Accessing The Router

    The default settings are shown below. The username and password are case sensitive. In the username field, type root. In the Password field, type admin. Click Login. The Status page appears. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 21 of 423...

  • Page 22: Accessing The Router Over Ethernet Using An Ssh Client

    SCP server. No dedicated SPC client is supported; select the SCP client software of your own choice. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 22 of 423...

  • Page 23: Accessing The Router Over Ethernet Using A Telnet Client

    In the Router Password section, type your new password in the password field and then retype the password in the confirmation field. Scroll down the page and click Save & Apply. Note: the username ‘root’ cannot be changed. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 23 of 423...

  • Page 24: Configuring The Password Using Uci

    '$1$wRYYiJOz$EeHN.GQcxXhRgNPVbqxVw option password ‘newpassword’ The new password will take effect after reboot and will now be displayed in encrypted format via the hashpassword option. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 24 of 423...

  • Page 25: Accessing The Device Using Radius Authentication

    'radius' option servers '192.168.0.1:3333|test|20 192.168.2.5|secret|10' config 'pam_auth' option enabled 'yes' option pamservice 'luci" option pammodule 'auth' option pamcontrol 'sufficient' option type 'radius' servers '192.168.0.1:3333|test|20 192.168.2.5|secret|10' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 25 of 423...

  • Page 26: Accessing The Device Using Tacacs+ Authentication

    TACACS+ authentication can be configured for accessing the router over SSH, web or local console interface. package system config system 'main' option hostname 'VirtualAccess' option timezone 'UTC' config pam_auth option enabled 'yes' option pamservice 'sshd' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 26 of 423...
  • Page 27 'sufficient' option type 'tacplus' option servers '192.168.0.1:49|secret' config pam_auth option enabled 'yes' option pamservice 'luci' option pammodule 'account' option pamcontrol 'sufficient' option type 'tacplus' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 27 of 423...
  • Page 28 'service=ppp' config pam_auth option enabled 'yes' option pamservice 'login' option pammodule 'session' option pamcontrol 'sufficient' option type 'tacplus' option servers '192.168.0.1:49|secret' option args 'service=ppp' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 28 of 423...

  • Page 29: Ssh

    SSH allows you to access remote machines over text-based shell sessions. SSH uses public key cryptography to create a secure connection. These connections allow you to issue commands remotely via a command line. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 29 of 423...
  • Page 30 In the top menu, click System -> Administration. The Administration page appears. Scroll down to the SSH Access section. Figure 9: The SSH access section _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 30 of 423...

  • Page 31: Package Dropbear Using Uci

    Table 8: Information table for SSH access settings 5.12 Package dropbear using UCI root@VA_router:~# uci show dropbear dropbear.@dropbear[0]=dropbear dropbear.@dropbear[0].PasswordAuth=on dropbear.@dropbear[0].RootPasswordAuth=on dropbear.@dropbear[0].GatewayPorts=0 dropbear.@dropbear[0].IdleTimeout=30 dropbear.@dropbear[0].Port=22 dropbear.@dropbear[0].MaxLoginAttempts=3 Package dropbear using package options _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 31 of 423...

  • Page 32: Certs And Private Keys

    There is support for IPSec, OpenVPN and VA certificates and keys. If you have generated your own SSH public keys, you can input them in the SSH Keys section, for SSH public key authentication. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 32 of 423...

  • Page 33: Configuring A Router's Web Server

    To configure the router’s HTTP server parameters, in the top menu, select Services -> HTTP Server. The HTTP Server page has two sections. Main Settings Server configurations Certificate Settings SSL certificates. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 33 of 423...
  • Page 34 ASN.1/DER private key used to serve HTTPS connections. If no listen_https options are given the key options are ignored. UCI: uhttpd.main.key /etc/uhttpd.key Opt: key Range _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 34 of 423...
  • Page 35 Does not follow symbolic links if enabled. UCI: uhttpd.main.no_symlinks Disabled. Opt: no_symlinks Enabled. Web: N/A Does not generate directory listings if enabled. UCI: uhttpd.main.no_dirlists Disabled. Opt: no_symlinks Enabled. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 35 of 423...
  • Page 36 '0.0.0.0:443' option home '/www' option rfc1918_filter '1' option cert '/etc/uhttpd.crt' option key '/etc/uhttpd.key' option cgi_prefix '/cgi-bin' option script_timeout '60' option network_timeout '30' option config '/etc/http.conf' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 36 of 423...
  • Page 37 Activation, this must be set to the serial number (Eth0 UCI: uhttpd.commonname MAC address) of the device. Opt: commonname Table 10: Information table for HTTP server certificate settings _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 37 of 423...

  • Page 38: Basic Authentication (Httpd Conf)

    /etc/shadow or /etc/passwd. If you use $p$… format, uhttpd will compare the client provided password against the one stored in the shadow or passwd database. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 38 of 423...

  • Page 39: Securing Uhttpd

    The following example shows how to display serial number and mobile signal strength. Note: this can only be configured via the command line. Figure 14: Example login screen displaying serial and signal strength _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 39 of 423...
  • Page 40 'local hue = (sig + 113) * 2' list text 'local hue = math.min(math.max(hue, 0), 120) %>' list text 'Signal strength: <h3 style="color:hsl(<%=hue%>, 90%, 50%); display:inline;"><%=sig%></h3> dBm _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 40 of 423...

  • Page 41: Router File Structure

    Figure 15: Example of the status page System information is also available from the CLI if you enter the following command: root@VA_router:~# va_vars.sh _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 41 of 423...

  • Page 42: Identify Your Software Version

    In the Firmware Version row, the first two digits of the firmware version identify the hardware platform, for example LIS-15; while the remaining digits: .00.72.002, show the software version. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 42 of 423...

  • Page 43: Image Files

    To show the configuration to run after the next reboot, enter: root@VA_router:~# va_config.sh next To set the configuration to run after the next reboot, enter: root@VA_router:~# va_config.sh -s [factconf|config1|config2|altconfig] _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 43 of 423...

  • Page 44: Configuration File Syntax

    Configurations can also be managed using directory manipulation. To remove the contents of the current folder, enter: root@VA_router:/etc/config1# rm –f * Warning: the above command makes irreversible changes. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 44 of 423...

  • Page 45: Exporting A Configuration File

    In the top menu, select System > Backup/Flash Firmware. The Flash operations page appears. Figure 18: The flash operations page In the Backup/Restore section, select Generate Archive. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 45 of 423...

  • Page 46: Importing A Configuration File

    6.9.1. If you have software version 72.002 or above, export a configuration file using the web interface go to section 6.9.2. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 46 of 423...
  • Page 47 Upload archive. Figure 21: The system – restoring…page When the ‘waiting for router’ icon disappears, the upgrade is complete, and the login homepage appears. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 47 of 423...
  • Page 48 OK to return to the Flash Operations page. There you can manually select Made Active (after reboot). Then click Reboot Now in the ‘Reboot using Active Configuration’ section. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 48 of 423...
  • Page 49 <paste in config file> <CTRL-D> Note: it is very important that the config file is in the correct format otherwise it will not import correctly. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 49 of 423...

  • Page 50: Using The Command Line Interface

    _______________________________________________________________________________________________________ 7 Using the Command Line Interface This chapter explains how to view Virtual Access routers' log files and edit configuration files using a Command Line Interface (CLI) and the Unified Configuration Interface (UCI) system. Some commands may vary between router models.
  • Page 51 0 Jul 3 11:37 usr lrwxrwxrwx 1 root root 4 Jul 16 2012 var -> /tmp drwxr-xr-x 4 root root 67 Jul 16 2012 www _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 51 of 423...
  • Page 52 444 S -ash 374 root 344 R ps ax 375 root 400 S /bin/sh /sbin/hotplug button 384 root 396 R /bin/sh /sbin/hotplug button 385 root [keventd] _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 52 of 423...

  • Page 53: Using Unified Configuration Interface (Uci)

    -f <file> use <file> as input instead of stdin when importing, merge data into an existing package _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 53 of 423...
  • Page 54 Note: all operations do not act directly on the configuration files. A commit command is required after you have finished your configuration. root@VA_router:~# uci commit _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 54 of 423...
  • Page 55 To show the configuration ‘tree’ for a given config, enter: root@VA_router:/# uci show network network.loopback=interface network.loopback.ifname=lo network.loopback.proto=static network.loopback.ipaddr=127.0.0.1 network.loopback.netmask=255.0.0.0 network.lan=interface network.lan.ifname=eth0 network.lan.proto=dhcp network.wan=interface network.wan.username=foo _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 55 of 423...
  • Page 56 To show the image running currently, enter: root@VA_router:~# vacmd show current image To set the image to run on next reboot, enter: root@VA_router:~# vacmd set next image [image1|image2|altimage] root@VA_router:~# reboot _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 56 of 423...
  • Page 57 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 57 of 423...

  • Page 58: Configuration Files

    7.3 Configuration files The table below lists common package configuration files that can be edited using uci commands. Other configuration files may also be present depending on the specific options available on the Virtual Access router. File Description Management...
  • Page 59 It is important to note that identifiers and config file names may only contain the characters a-z, A-Z, 0-9 and _. However, option values may contain any character, as long they are properly quoted. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 59 of 423...

  • Page 60: Upgrading Router Firmware

    To check which software version your router is running, in the top menu, browse to Status -> Overview. Figure 24: The status page showing a software version prior to 72.002 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 60 of 423...
  • Page 61 8.1.2 Upgrading router firmware for software versions pre- 72.002 Copy the new firmware issued by Virtual Access to a PC connected to the router. In the top menu, select System tab -> Backup/Flash Firmware. The Flash operations page appears.
  • Page 62 To verify that the router has been upgraded successfully, click Status in the top menu. The Firmware Version shows in the system list. Figure 29: The system status list _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 62 of 423...
  • Page 63 8.1.3 Upgrading router firmware for software version 72.002 and above Copy the new firmware issued by Virtual Access to a PC connected to the router. In the top menu, select System tab > Flash operations. The Flash operations page appears.
  • Page 64 To regain access to the router you must login again. If any part of the processes encounters an error the reboot does not occur and a report is given. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1...
  • Page 65 Version shows in the system list and also in the right top corner of the menu bar. Figure 35: The system status list showing current firmware version _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 65 of 423...

  • Page 66: Upgrading Firmware Using Cli

    Windows it requires an additional application. The usage example below is for a Unix machine and therefore assumes the image file is in the current folder. scp LIS-15.00.72.002.image root@x.x.x.x:/tmp/LIS-15.00.72.002.image _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 66 of 423...
  • Page 67 After the write process has finished, you must complete a post verification of the firmware. To verify the checksum of downloaded firmware, enter: va_image_csum.sh /tmp/LIS-15.00.72.002.image The checksum of the downloaded binary is shown: 08761cd03e33c569873bcc24cf2b7389 7006920 LIS-15.00.72.002 This MD5 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 67 of 423...
  • Page 68 Provided the programming has succeeded, you can set it as the next image to use after reboot; enter: vacmd set next image altimage To reboot using the new firmware, enter: reboot _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 68 of 423...

  • Page 69: System Settings

    Configure the router’s web language and style. Time synchronization Configure the NTP server in this section. 9.2.1 General settings Figure 36: General settings in system properties _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 69 of 423...
  • Page 70 External syslog server IP address. UCI: system.main.log_ip Range Opt: log_ip 0.0.0.0 Web: External system log server port External syslog server port number. UCI: system.main.log_port Range Opt: log_port _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 70 of 423...
  • Page 71 Stores 1 archive log file in flash Table 13: Information table for the logging section 9.2.3 Language and style Figure 38: The language and style section in system properties _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 71 of 423...
  • Page 72 NTP Server will derive the stratum from the NTP dialogue. Blank NTP server will derive stratum Range Table 15: Information table for time synchronization section _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 72 of 423...

  • Page 73: System Settings Using Uci

    10.10.10.10 System settings using package options root@VA_router:~# uci export system package 'system' config 'system' 'main' option 'hostname' "VA_router" option 'timezone' "UTC" _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 73 of 423...

  • Page 74: System Diagnostics

    To stop this option, type fg to view the current jobs, then press ctrl-c to kill those jobs. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 74 of 423...
  • Page 75 Shows end of the events stored flash. root@VA_router:~# tail –f /root/syslog.messages & Shows the log on an ongoing basis. To stop this option, press ctrl-c. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 75 of 423...

  • Page 76: Configuring An Ethernet Interface

    To create and edit interfaces via the web interface, in the top menu, click Network -> Interfaces. The Interfaces overview page appears. Figure 41: The interfaces overview page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 76 of 423...
  • Page 77 To create a new interface, in the Interface Overview section, click Add new interface. The Create Interface page appears. Figure 42: The create interface page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 77 of 423...
  • Page 78 'Bring up on boot', 'Monitor interface state', Override MAC address, Override MTU and 'Use gateway metric' Physical Settings Bridge interfaces, VLAN PCP to SKB priority mapping, Firewall settings Assign a firewall zone to the interface _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 78 of 423...
  • Page 79 10: Configuring an Ethernet interface _______________________________________________________________________________________________________ 10.2.3.1 Common configuration – general setup Figure 43: The Ethernet connection common configuration settings page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 79 of 423...
  • Page 80 Web: IPv6 gateway Assign given IPv6 default gateway to this interface (optional). UCI: network.<if name>.ip6gw Opt: ip6gw Table 17: Information table for LAN interface common configuration settings _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 80 of 423...
  • Page 81 1500 bytes Opt: mtu Web: Use gateway metric Specifies the default route metric to use for this interface (optional). UCI: network.<if name>.metric Opt: metric Range _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 81 of 423...
  • Page 82 0 - 4294966295 Table 18: Information table for common configuration advanced settings 10.2.3.3 Common configuration: physical settings Figure 45: The common configuration physical settings page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 82 of 423...
  • Page 83 Select unspecified to remove the interface from the associated zone or fill out the create field to define a new zone and attach the interface to it. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 83 of 423...
  • Page 84 To use IP-aliases, enter a name for the alias and click Add. This name will be assigned to the alias section for this IP-alias. In this example, we use the name ‘ethalias1’. Figure 47: The IP-Aliases section _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 84 of 423...
  • Page 85 Opt: netmask Web: IPv4-Gateway Defines the gateway for the IP alias. UCI: network.<alias name>.gateway Opt: gateway Table 21: Information table for IP-Alias general setup page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 85 of 423...
  • Page 86 Figure 50: The DHCP Server settings section The DHCP Server configuration options will appear. The DHCP Server is divided into two sub sections – general setup and advanced. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 86 of 423...
  • Page 87 Opt: leasetime Range Table 23: Information table for DHCP server general setup page 10.2.5.3 DHCP server: advanced settings Figure 52: The DHCP server advanced settings section _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 87 of 423...

  • Page 88: Interface Configuration Using Uci

    The configuration files are stored on /etc/config/network, /etc/config/firewall and /etc/config/dhcp root@VA_router:~# uci show network ….. network.newinterface=interface network.newinterface.proto=static network.newinterface.ifname=eth0 network.newinterface.monitored=0 network.newinterface.ipaddr=2.2.2.2 network.newinterface.netmask=255.255.255.0 network.newinterface.gateway=2.2.2.10 network.newinterface.broadcast=2.2.2.255 network.newinterface.vlan_qos_map_ingress=1:2 2:1 network.ethalias1=alias network.ethalias1.proto=static network.ethalias1.interface=newinterface network.ethalias1.ipaddr=10.10.10.1 network.ethalias1.netmask=255.255.255.0 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 88 of 423...
  • Page 89 'newinterface' option proto 'static' option ifname 'eth0' option monitored '0' option ipaddr '2.2.2.2' option netmask '255.255.255.0' option gateway '2.2.2.10' option broadcast '2.2.2.255' list vlan_qos_map_ingress '1:2' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 89 of 423...
  • Page 90 Note: There is no software limitation as to how many loopback interfaces can exist on the router. An example showing a partial uci export of a loopback interface configuration is shown below. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 90 of 423...

  • Page 91: Configuring Port Maps

    Ethernet switch physical port to logical interface mappings, go to the Port Map section at Network->Interfaces. Figure 53: The Interface port map section _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 91 of 423...
  • Page 92 The configuration files are stored on /etc/config/network root@VA_router:~# uci show network …… network.@va_switch[0]=va_switch network.@va_switch[0].eth0=A network.@va_switch[0].eth1=B network.@va_switch[0].eth2=C network.@va_switch[0].eth3=D To change any of the above values use uci set command. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 92 of 423...

  • Page 93: Interface Diagnostics

    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:6645 errors:0 dropped:0 overruns:0 frame:0 TX packets:523 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:569453 (556.1 KiB) TX bytes:77306 (75.4 KiB) _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 93 of 423...
  • Page 94 Flags Metric Ref Use Iface 192.168.100.0 255.255.255.0 0 eth0 Note: a route will only be displayed in the routing table when the interface is up. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 94 of 423...

  • Page 95: Configuring Vlan

    11: Configuring VLAN _______________________________________________________________________________________________________ 11 Configuring VLAN 11.1 Maximum number of VLANs supported Virtual Access’ routers support up to 4095 VLANs. 11.2 Configuration package used Package Sections Network 11.3 Configuring VLAN using the web interface 11.3.1 Create a VLAN interface To configure VLAN using the web interface, in the top menu, select Network - >Interfaces.
  • Page 96 Enter a name, for example eth0.100. This will assign VLAN 100 to the eth0 interface. Opt: ifname Table 26: Information table for the create interface page Click Submit. The Interfaces page for VLAN1 appears. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 96 of 423...
  • Page 97 The IPv4 address of the interface. This is optional if an IPv6 address is provided. UCI: network.VLAN1.ipaddr Opt: ipaddr Web: IPv4 netmask Subnet mask to be applied to the IP address of this interface. UCI: network.VLAN1.netmask Opt: netmask _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 97 of 423...

  • Page 98: Viewing Vlan Interface Settings

    To view the new VLAN interface settings, in the top menu, select Network -> Interfaces. The Interfaces Overview page appears. The example below shows two VLAN interfaces configured. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 98 of 423...

  • Page 99: Configuring Vlan Using The Uci Interface

    When specifying the ifname ensure that it is written in dotted mode, that is, eth1.100 where eth1 is the physical interface assigned to VLAN tag 100. Note: VLAN1 is, by default the native VLAN and will not be tagged. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 99 of 423...

  • Page 100: Configuring A Mobile Connection

    To create a new mobile interface, in the Interface Overview section, click Add new interface. The Create Interface page appears. In the examples below, 3G has been used for the interface name. Figure 58: The create interface page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 100 of 423...
  • Page 101 Set up more in-depth features such as initialisation timeout, LCP echo failure thresholds and inactivity timeouts. Firewall settings Assign a firewall zone to the connection. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 101 of 423...
  • Page 102 Allows GSM module to only connect to LTE network. cdma Allows GSM module to only connect to CDMA network. auto GSM module will automatically detect the best available technology code. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 102 of 423...
  • Page 103 The Modem Configuration link at the bottom of the page is used for SIM pin code and SMS configuration. For more information, read the chapter ‘Configuring mobile manager’. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 103 of 423...
  • Page 104 Web: Use gateway metric Defines the metric for the default route. Lower number metrics are used first when route is up. UCI: network.3G.metric Opt: metric Range _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 104 of 423...
  • Page 105 Example: option dependants ‘PPPADSL MOBILE’ This replaces the following previous options in child interfaces. option local_interface lt2p option src_ipaddr option wan1 wan2 6in4 option ipaddr 6to4 option ipaddr _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 105 of 423...

  • Page 106: Configuring A Mobile Connection Using Cli

    12.3.1 UCI To establish a basic mobile connection, enter: root@VA_router:~# uci show network network.3G=interface network.3G.proto=3g network.3G.monitored=0 network.3G.sim=any network.3G.auto=1 network.3G.defaultroute=1 network.3G.metric=1 network.3G.service=autonetwork.3G.apn=test.apn network.3G.username=username network.3G.password=password network.3G.ipv4mode=dhcp network.3G.ipv6mode=none _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 106 of 423...

  • Page 107: Diagnositcs

    Information. The Mobile Information page appears. The information presented depends on the actual mobile hardware used; it might therefore differ from the samples shown here. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 107 of 423...
  • Page 108 12: Configuring a mobile connection _______________________________________________________________________________________________________ Figure 62: The mobile information page Figure 63: The advanced information page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 108 of 423...
  • Page 109 : 272017113618040 For more advanced information, enter mobile_status –a: root@ VA_router:~# mobile_status -a Mobile Interface : WAN Status : idle CS Network Status : Home network _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 109 of 423...
  • Page 110 SIM In : yes SIM Slot SIM1 ICCID : 8935301140701270414 Signal (dBm) : -107 Technology : UMTS Temperature (C) : 28 Hardware Revision : R1C08 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 110 of 423...

  • Page 111: Configuring Mobile Manager

    Configure Preferred Roaming List options. Template *Option available only for Telit CE910-SL module. 13.2.1 Mobile manager: basic settings Figure 65: The mobile manager basic page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 111 of 423...
  • Page 112 Defines whether to use time obtained from the mobile carrier to update the system clock when NTP is enabled. UCI: mobile.main.disable_time Disabled. Opt: disable_time Enabled. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 112 of 423...
  • Page 113 Table 31: Information table for mobile manager basic settings 13.2.2 Mobile manager: CDMA settings This configuration page is only supported for the Telit CE910-SL CDMA module. Figure 66: The mobile manager CDMA page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 113 of 423...
  • Page 114 Web: Preferred Serving System The CDMA Preferred Serving System(A/B) UCI: mobile.main.cdma_preferred_serving_system Opt: cdma_preferred_serving_system Web: Digital Analog Mode Preference Digital/Analog Mode Preference. UCI: cdma_digital_analog_mode_preference Opt: cdma_digital_analog_mode_preference _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 114 of 423...
  • Page 115 Format: SID1 (0-65535),NID (0-65535) Default: 0,65535 Table 32: Information table for mobile manager CDMA settings 13.2.3 Mobile manager: callers Figure 67: The mobile manager CDMA page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 115 of 423...

  • Page 116: Configuring Mobile Manager Using Command Line

    _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 116 of 423...

  • Page 117: Monitoring Sms

    To monitor SMS using the web browser, login and select Status >system log. Scroll to the bottom of the log to view the SMS message. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 117 of 423...

  • Page 118: Sending Sms From The Router

    An example would be to SMS the SIM card number by typing the following command on the phone and checking the SMS received from the router. uci show mobile.@caller[0].number _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 118 of 423...

  • Page 119: Configuring A Gre Interface

    DHCP or PPP to dial into the provider network. In the Interface Overview section, click Add new interface. The Create Interface page appears. Figure 69: The create interface page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 119 of 423...
  • Page 120 IP address, TTL, tunnel key and MTU. Advanced Settings 'Bring up on boot' and 'monitor interface state' settings. Firewall settings Assign a firewall zone to the connection. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 120 of 423...
  • Page 121 Subnet mask, in CIDR notation, to be applied to the tunnel. Typically '30' for point-to-point tunnels. UCI: network.<if name>.mask_length Opt: mask_length Range 0 - 30 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 121 of 423...
  • Page 122 UCI: network.<if name>.mtu 1472 Opt: mtu Range Table 35: Information table for GRE 14.2.2 GRE connection: common configuration-advanced settings Figure 71: GRE advanced settings page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 122 of 423...
  • Page 123 Select unspecified to remove the interface from the associated zone or fill out the create field to define a new zone and attach the interface to it. Figure 72: GRE firewall settings _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 123 of 423...

  • Page 124: Gre Configuration Using Command Line

    'tunnel1' option proto 'gre' option monitored ‘0’ option ipaddr '172.255.255.2' option mask_length '24' option local_interface 'wan' option remote_ip ‘172.255.255.100’ option ttl '128' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 124 of 423...

  • Page 125: Gre Diagnostics

    TX packets:7 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:912 (912.0 B) TX bytes:884 (884.0 B) Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 125 of 423...
  • Page 126 Tunnel1 172.19.101.3 13.13.13.1 255.255.255.255 UGH 0 gre- Tunnel1 Note: a GRE route will only be displayed in the routing table when the interface is up. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 126 of 423...

  • Page 127: Configuring Static Routes

    UCI: network.@route[0].target Opt: target Web: netmask Defines the route netmask. If omitted, 255.255.255.255 is assumed, which makes the target a host address. UCI: network.@route[0].netmask Opt: netmask _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 127 of 423...

  • Page 128: Configuring Ipv6 Routes Using The Web Interface

    By default all routes are named ‘route’, it is identified by @route then the route’s position in the package as a number. For example, for the first route in the package using UCI: network.@route[0]=route network.@route[0].interface=lan _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 128 of 423...

  • Page 129: Ipv4 Routes Using Uci

    The command line example routes in the subsections below do not have a configured name. root@VA_router:~# uci show network network.@route[0]=route network.@route[0].interface=lan network.@route[0].target=3.3.3.10 network.@route[0].netmask=255.255.255.255 network.@route[0].gateway=10.1.1.2 network.@route[0].metric=3 network.@route[0].mtu=1400 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 129 of 423...

  • Page 130: Ipv4 Routes Using Package Options

    IPv6 routes using packages options root@VA_router:~# uci export network package network …. config route option interface 'lan' option target '2001:0DB8:100:F00:BA3::1/64' option gateway '2001:0DB8:99::1' option metric ‘1’ option mtu '1500' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 130 of 423...

  • Page 131: Static Routes Diagnostics

    Flags Metric Ref Use Iface 192.168.100.0 255.255.255.0 0 eth0 Note: a route will only be displayed in the routing table when the interface is up. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 131 of 423...

  • Page 132: Configuring Bgp (Border Gateway Protocol)

    In the top menu, select Network -> BGP. BGP configuration page appears. The page has three sections: Global Settings, BGP Neighbours and BGP Route Map. Figure 74: The BGP page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 132 of 423...
  • Page 133 Type in a name for the BGP route map name and then click Add. The ROUTEMAP configuration section appears. You can configure multiple route maps. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 133 of 423...
  • Page 134 Defines the set value when a match occurs. Value format depends on the set option you have selected. UCI: bgpd.ROUTEMAP.set Opt: set Table 40: Information table for routemap _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 134 of 423...

  • Page 135: Configuring Bgp Using Uci

    You can also configure BGP using UCI. The configuration file is stored on /etc/config/bgpd root@VA_router:~# uci show bgpd bgpd.bgpd=routing bgpd.bgpd.enabled=yes bgpd.bgpd.router_id=3.3.3.3 bgpd.bgpd.asn=1 bgpd.bgpd.network=11.11.11.0/29 192.168.103.1/32 bgpd.@peer[0]=peer bgpd.@peer[0].route_map_in=yes bgpd.@peer[0].ipaddr=11.11.11.1 bgpd.@peer[0].asn=1 bgpd.@peer[0].route_map=ROUTEMAP bgpd.ROUTEMAP=routemap _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 135 of 423...

  • Page 136: Configuring Bgp Using Packages Options

    'ROUTEMAP' config routemap 'ROUTEMAP' option order '10' option permit 'yes' option match_type 'ip address' option match '192.168.101.1/32' option set_type 'ip next-hop' option set '192.168.101.2/32' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 136 of 423...

  • Page 137: View Routes Statistics

    To view routes via the command line, enter: root@support:~# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.1.0.0 0.0.0.0 255.255.0.0 0 br-lan2 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 137 of 423...

  • Page 138: Configuring Ospf (Open Shortest Path First)

    A topology table containing a list of all possible routes to all known networks • within an area A routing table containing the best route for each known network • _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 138 of 423...
  • Page 139 Dead Interval is 40 seconds for broadcast and point-to-point interfaces, and 120 seconds for non-broadcast and point-to-multipoint interfaces. By default, the Dead Interval timer is four times the Hello interval. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 139 of 423...
  • Page 140 The router with the highest priority becomes the DR; second highest becomes the BDR. If there is a tie in priority, whichever router has the highest Router ID will become the DR. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 140 of 423...
  • Page 141 OSPF characteristics are: OSPF will not elect DRs and BDRs. All OSPF traffic is multicast to 224.0.0.5. Neighbours do not need to be manually specified. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 141 of 423...
  • Page 142 Figure 80: OSPF hierarchy In the above example three areas exist: Area 0, Area 1, and Area 2. Area 0 is the backbone area for this autonomous system. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 142 of 423...

  • Page 143: Configuration Package Used

    Have at least one interface in area 0. Autonomous System Have a connection to a separate autonomous system. Border Router (ABR) 17.2 Configuration package used Package Sections ospfd routing network interface _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 143 of 423...

  • Page 144: Configuring Ospf Using The Web Interface

    Opt: default_info_originate Disabled. Enabled. Web: n/a Enable vty for OSPFd (telnet to localhost:2604) UCI: ospfd.ospfd.vty_enabled Opt: vty_enabled Table 45: Information table for OSPF global settings _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 144 of 423...
  • Page 145 OSPFv2 allows packets to be authenticated using either an insecure plain text password, included with the packet, or by a more secure MD5 based HMAC (keyed-Hashing for Message AuthentiCation). Enabling authentication prevents routes being updated by _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 145 of 423...
  • Page 146 OSPF. This is the only way to advertise non-OSPF links into stub areas. Disabled. Enabled. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 146 of 423...

  • Page 147: Configuring Ospf Using The Command Line

    By default, all OSPF interface instances are named interface, instances are identified by @interface then the interface position in the package as a number. For example, for the first interface in the package using UCI: ospfd.@interface[0]=interface ospfd.@interface[0].ospf_interface=lan _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 147 of 423...

  • Page 148: Ospf Using Uci

    _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 148 of 423...

  • Page 149: Ospf Using Package Options

    'yes' option auth_mode 'text' option text_auth_key 'secret' config interface option ospf_interface 'lan7' option network_type 'point-to-point' option passive 'no' option hello_interval '30' option dead_interval '120' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 149 of 423...

  • Page 150: Ospf Diagnostics

    -i any -n proto ospf & root@VA_router:~# tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 150 of 423...

  • Page 151: Quagga/Zebra Console

    O - OSPF, I - IS-IS, B - BGP, P - PIM, H - HSLS, o - OLSR, b - BATMAN, A - Babel, > - selected route, * - FIB route _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 151 of 423...
  • Page 152 Password: To see OSPF routing from OSPF debug console, enter: sh ip ospf route UUT> sh ip ospf route ============ OSPF network routing table ============ _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 152 of 423...
  • Page 153 OSPF not enabled on this interface eth1 is up ifindex 10, MTU 1500 bytes, BW 0 Kbit <UP,BROADCAST,RUNNING,PROMISC,MULTICAST> OSPF not enabled on this interface eth2 is down _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 153 of 423...
  • Page 154 2, MTU 1500 bytes, BW 0 Kbit <BROADCAST,NOARP> OSPF not enabled on this interface ifb1 is down ifindex 3, MTU 1500 bytes, BW 0 Kbit <BROADCAST,NOARP> _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 154 of 423...
  • Page 155 Router Link States (Area 0.0.0.0) Link ID ADV Router Seq# CkSum Link count 1.1.1.1 1.1.1.1 873 0x80006236 0xd591 3 192.168.104.1 192.168.104.1 596 0x8000000a 0x3a2d 2 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 155 of 423...
  • Page 156 17: Configuring OSPF (Open Shortest Path First) _______________________________________________________________________________________________________ 192.168.105.1 192.168.105.1 879 0x8000000b 0x4919 2 Net Link States (Area 0.0.0.0) Link ID ADV Router Seq# CkSum 11.11.11.1 1.1.1.1 595 0x80000004 0x5712 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 156 of 423...

  • Page 157: Configuring Vrrp

    VRRP Group Configuration Configures the VRRP group settings. 18.3.1 Global settings The Global Settings section configures vrrp package main section. To access configuration settings, click ADD. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 157 of 423...
  • Page 158 Disabled. Opt: Enabled Enabled. 18.3.2 VRRP group configuration settings The VRRP Group Configuration section configures vrrp package vrrp_group section. To access configuration settings, click ADD. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 158 of 423...
  • Page 159 For example, ‘lan’. The interface name is taken from the UCI: vrrp.@vrrp_group[X].interface network package and all configured interfaces will be displayed.. Opt: interface Range _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 159 of 423...
  • Page 160 Web: Advert intvl Sets the VRRP hello value in seconds. This value must match the value set on a peer. UCI: vrrp.@vrrp_group[X].advert_int_sec 120 seconds Opt: advert_int_sec Range _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 160 of 423...

  • Page 161: Configuring Vrrp Using Command Line

    However, to better identify, it is recommended to give the vrrp_group instance a name. For example, to define a vrrp_group instance named ‘g1’ using UCI, enter: vrrp.g1.vrrp_group vrrp.g1.enabled=1 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 161 of 423...
  • Page 162 'main' option enabled 'yes' config vrrp_group 'g1' option enabled 'yes' option interface 'lan' list track_iface 'WAN' list track_iface 'MOBILE' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 162 of 423...
  • Page 163 '1' option priority '100' option advert_int_sec '120' option password 'secret' option virtual_ipaddr '10.1.10.150/16' option garp_delay_sec '5' option ipsec_connection 'Test' list track_ipsec 'conn1' list track_ipsec 'conn2' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 163 of 423...

  • Page 164: Configuring Routing Information Protocol (Rip)

    4, only if the metric (hopcount) is equal. RIP uses a round-robin system of load-balancing between equal metric routes, which can lead to pinhole congestion. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 164 of 423...

  • Page 165: Configuration Package Used

    RIPv2 routers will both send and receive only Version 2 updates • Virtual Access ripd package supports RIP version 2 as described in RFC2453 and RIP version 1 as described in RFC1058. It is part of Quagga suite of applications for routing.

  • Page 166: Configuring Rip Using The Web Interface

    Configures the key_chain sections. Defines MD5 authentication settings. Chains 19.3.1 Global settings The web browser automatically names the routing section ‘ripd’. Figure 86: The RIP global settings configuration page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 166 of 423...
  • Page 167 Garbage- Collection timer is cleared, the route is marked as valid again, and a new Timeout timer starts. Range _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 167 of 423...
  • Page 168 Defines the prefixes to match. UCI: ripd.@offset[0].match_network Format: A.B.C.D/mask Opt: match_network Table 50: Information table for RIP offset commands 19.3.3 Interfaces configuration Figure 88: The RIP interfaces configuration page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 168 of 423...
  • Page 169 RIP routing table, to be queried remotely, potentially by anyone on the internet, using RIPv1. This section defines key_chains to be used for MD5 authentication. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 169 of 423...

  • Page 170: Configuring Rip Using Command Line

    By default, all RIP key_chain instances are named key_chain, it is identified by @key_chain then the key_chain position in the package as a number. For example, for the first key_chain in the package using UCI: ripd.@key_chain[0]=key_chain ripd.@key_chain[0].key_chain_name=Keychain1 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 170 of 423...
  • Page 171 10.1.2.100 ripd.ripd.tb_update_sec=30 ripd.ripd.tb_timeout_sec=180 ripd.ripd.tb_garbage_sec=120 ripd.ripd.default_info_originate=yes ripd.ripd.redistribute_kernel_routes=yes ripd.@interface[0]=interface ripd.@interface[0].rip_interface=lan ripd.@interface[0].auth_mode=no ripd.@interface[0].split_horizon=1 ripd.@interface[0].poison_reverse=0 ripd.@interface[0].passive=0 ripd.@interface[1]=interface ripd.@interface[1].rip_interface=lan2 ripd.@interface[1].split_horizon=1 ripd.@interface[1].poison_reverse=0 ripd.@interface[1].passive=0 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 171 of 423...
  • Page 172 '10.1.1.100' list neighbor '10.1.2.100' option tb_update_sec '30' option tb_timeout_sec '180' option tb_garbage_sec '120' option default_info_originate 'yes' option redistribute_kernel_routes 'yes' config interface option rip_interface 'lan' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 172 of 423...
  • Page 173 'md5' option key_chain 'keychain1' config key_chain option key_chain_name 'Keychain1' option key_id '1' option auth_key '123' config offset option metric '1' option match_network '10.1.1.1/24' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 173 of 423...

  • Page 174: Rip Diagnostics

    To stop tracing enter fg to bring tracing task to foregraound, and then <CTRL- C> to stop the trace. root@VA_router:~# fg tcpdump -i any -n -p port 67 33 packets captured 33 packets received by filter _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 174 of 423...
  • Page 175 C>* 10.1.0.0/16 is directly connected, eth1 C>* 10.205.154.64/30 is directly connected, usb0 C>* 11.11.11.0/29 is directly connected, gre-GRE K>* 89.101.154.151/32 via 10.205.154.65, usb0 C>* 127.0.0.0/8 is directly connected, lo _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 175 of 423...
  • Page 176 C(i) 192.168.105.1/32 0.0.0.0 1 self R(n) 192.168.154.154/32 11.11.11.1 2 11.11.11.1 0 02:48 To see RIP status from RIP debug console, enter: sh ip rip status _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 176 of 423...
  • Page 177 Interface Send Recv Key-chain gre-GRE Routing for Networks: 11.0.0.0/8 192.168.105.1/32 Routing Information Sources: Gateway BadPackets BadRoutes Distance Last Update 11.11.11.1 00:00:20 Distance: (default is 120) _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 177 of 423...

  • Page 178: Configuring Multi-Wan

    20.2 Configuring Multi-WAN using the web interface In the top menu, select Network -> Multi-Wan. The Multi-WAN page appears. Figure 90: The multi-WAN page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 178 of 423...
  • Page 179 In the WAN interfaces section, enter the name of the WAN interface to configure, and then click Add. The new section for configuring specific parameters appears. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 179 of 423...
  • Page 180 20: Configuring Multi-WAN _______________________________________________________________________________________________________ Figure 91: Example interface showing failover traffic destination as the added multi-WAN interface _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 180 of 423...
  • Page 181 Opt: health_recovery_retries Range Web: Priority Specifies the priority of the interface. The higher the value, the higher the priority. UCI: multiwan.wan.priority Opt: priority Range _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 181 of 423...

  • Page 182: Configuring Multi-Wan Using Uci

    Multi-WAN UCI configuration settings are stored on /etc/config/multiwan Run UCI export or show commands to see multiwan UCI configuration settings. A sample is shown below. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 182 of 423...
  • Page 183 '- 111' option rscp_threshold '-90' option ecio_threshold '-15' option ifup_timeout_sec '120' root@VA_router:~# uci show multiwan multiwan.config=multiwan multiwan.config.preempt=yes multiwan.config.alt_mode=no multiwan.config.enabled=yes multiwan.wan=interface multiwan.wan.disabled=0 multiwan.wan.health_interval=10multiwan.wan.health_fail_retries=3 multiwan.wan.health_recovery_retries=5 multiwan.wan.priority=2 multiwan.wan.manage_state=yes _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 183 of 423...

  • Page 184: Multi-Wan Diagnostics

    'dns' option timeout '3' option health_fail_retries '3' option health_recovery_retries '5' option priority '1' option manage_state 'yes' option exclusive_group '0' option ifup_retry_sec '300' option ifup_timeout_sec '40' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 184 of 423...
  • Page 185 CLI). Enter the name of the WAN interface to configure, and then click Add. The new section for configuring specific parameters will appear. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 185 of 423...

  • Page 186: Automatic Operator Selection

    21 Automatic operator selection This section describes how to configure and operate the Automatic Operator Selection feature of a Virtual Access router. When the roaming SIM is connected, the radio module has the ability to scan available networks. The router, using mobile and multi-WAN packages, finds available networks to create and sort interfaces according to their signal strength.
  • Page 187 21.2.1.3 Create a primary predefined interface In the web interface top menu, go to Network ->Interfaces. The Interfaces page appears. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 187 of 423...
  • Page 188 Type the short operator name in lower case, for example: Operator name First four alphanumeric numbers Vodafone UK voda O2 – UK o2uk Orange oran _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 188 of 423...
  • Page 189 UCI: network.[..x..].ifname Opt: ifname Table 55: Information table for the create interface page Click Submit. The Common Configuration page appears. Figure 94: The common configuration page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 189 of 423...
  • Page 190 Click the link if you need to configure additional options from Mobile Manager. UCI: N/A Opt: N/A Table 56: Information table for the general set up section Click Save & Apply. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 190 of 423...
  • Page 191 On the web interface go to Network ->Multi-Wan. The Multi-WAN page appears. Figure 95: The multi-WAN page In the WAN Interfaces section, type in the name of the Multi-WAN interface. Click Add. The Multi-WAN page appears. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 191 of 423...
  • Page 192 Opt: alt Enabled. Web: WAN Interfaces Provide the same interface name as chosen in multiwan section below and click Add. UCI: multiwan.3g_s<sim- number>_<short-operator-name> Opt: 3g_s<sim-number>_<short- operator-name> _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 192 of 423...
  • Page 193 Range Web: Exclusive Group Defines the group to which the interface belongs; only one interface can be active. UCI: multiwan.[..x..].exclusive_group Opt: exclusive_group Range _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 193 of 423...
  • Page 194 From the top menu on the web interface page, select Services ->Mobile Manager. The Mobile Manager page appears. There are four sections in the mobile manager page: _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 194 of 423...
  • Page 195 Configure Preferred Roaming List options Template *Option available only for Telit CE910-SL module. 21.2.3 Mobile manager: basic settings Figure 97: The mobile manager basic page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 195 of 423...
  • Page 196 Defines whether to use time obtained from the mobile carrier to update the system clock when NTP is enabled. UCI: mobile.main.disable_time Disabled. Opt: disable_time Enabled. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 196 of 423...
  • Page 197 Table 58: Information table for mobile manager basic settings 21.2.4 Mobile manager: CDMA settings This configuration page is only supported for the Telit CE910-SL CDMA module. Figure 98: The mobile manager CDMA page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 197 of 423...
  • Page 198 Web: Preferred Serving System The CDMA Preferred Serving System(A/B) UCI: mobile.main.cdma_preferred_serving_system Opt: cdma_preferred_serving_system Web: Digital Analog Mode Preference Digital/Analog Mode Preference. UCI: cdma_digital_analog_mode_preference Opt: cdma_digital_analog_mode_preference _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 198 of 423...
  • Page 199 Format: SID1 (0-65535),NID (0-65535) Default: 0,65535 Table 59: Information table for mobile manager CDMA settings 21.2.5 Mobile manager: callers Figure 99: The mobile manager CDMA page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 199 of 423...
  • Page 200 If checked, the router will return an SMS. Select Respond if you want the router to reply. UCI: mobile.@caller[0].respond Disabled. Opt: respond Enabled. Table 60: Information table for mobile manager callers settings _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 200 of 423...
  • Page 201 21: Automatic operator selection _______________________________________________________________________________________________________ 21.2.6 Roaming interface template Figure 100: The roaming interface template page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 201 of 423...
  • Page 202 Sets ping timeout in seconds. Choose the time in seconds that the health monitor ICMP will timeout at. Opt: timeout Wait 3 seconds for ping reply. Range _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 202 of 423...
  • Page 203 In the top menu, select System -> Reboot. The System page appears. Figure 101: The reboot page Check the Reboot now check box and then click Reboot. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 203 of 423...
  • Page 204 In the top menu, select System -> Reboot. The System Reboot page appears. Figure 103: The system reboot page Check the Reboot now check box and then click Reboot. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 204 of 423...
  • Page 205 Blank range Web: PIN code for SIM2 Depending on the SIM card specify the pin code for UCI: mobile.main.sim2pin SIM 2. Opt: sim2pin Blank Range _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 205 of 423...
  • Page 206 If checked, the router will return an SMS. Select Respond if you want the router to reply. UCI: mobile.@caller[0].respond Disabled. Opt: respond Enabled. Table 63: Information table for mobile manager caller settings _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 206 of 423...
  • Page 207 Web: Firewall Zone Adds all generated interfaces to this zone. UCI: Select existing zone or click unspecified or create to create a new mobile.@roaming_template[0].firewall_zo zone. Opt: firewall_zone _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 207 of 423...
  • Page 208 This field is not used for a roaming template. UCI: mobile.@roaming_template[0].health_rec overy_retries Opt: health_recovery_retries Web: Priority Type the priority number. The higher the value, the higher the priority. UCI: mobile.@roaming_template[0].priority Opt: priority Range _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 208 of 423...
  • Page 209 UCI: multiwan.config.alt Leave this option unselected. Opt: alt Disabled. Enabled. Table 65: Information table for multi-WAN operation _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 209 of 423...

  • Page 210: Configuring Via Uci

    'test' option password 'test' option sim '1' option operator 'vodafone IE' To view uci commands, enter: root@VA_router:~# uci show network network.loopback=interface network.loopback.ifname=lo network.loopback.proto=static network.loopback.ipaddr=127.0.0.1 network.loopback.netmask=255.0.0.0 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 210 of 423...
  • Page 211 '1' option firewall_zone 'wan' option apn 'test IE' option username 'test' option password 'test' option service 'umts' option health_interval '4' option icmp_hosts 'disable' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 211 of 423...
  • Page 212 IE mobile.@roaming_template[0].username=test mobile.@roaming_template[0].password=test mobile.@roaming_template[0].service=umts mobile.@roaming_template[0].health_interval=4 mobile.@roaming_template[0].icmp_hosts=disable mobile.@roaming_template[0].timeout=disable mobile.@roaming_template[0].health_fail_retries=3 mobile.@roaming_template[0].signal_threshold=-95 mobile.@roaming_template[0].priority=5 mobile.@roaming_template[0].ifup_retry_sec=120 mobile.@roaming_template[0].ifup_timeout_sec=180 mobile.@roaming_template[0].defaultroute=yes mobile.@roaming_template[0].sort_sig_strength=yes _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 212 of 423...
  • Page 213 To view the uci command of package multiwan, enter: root@VA_router:~# uci show multiwan multiwan.config=multiwan multiwan.config.enabled=1 multiwan.config.preempt=1 multiwan.main_voda=interface multiwan.main_voda.health_fail_retries=3 multiwan.main_voda.health_interval=3 multiwan.3g_s1_voda.timeout=1 multiwan.3g_s1_voda.icmp_hosts=disable multiwan.3g_s1 main _voda.priority=10 multiwan.3g_s1_voda.exclusive_group=3g multiwan.3g_s1_voda.signal_threshold=-95 multiwan.3g_s1_voda.ifup_retry_sec=350 multiwan.3g_s1_voda.ifup_timeout_sec=180 multiwan.3g_s1_voda.manage_state=1 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 213 of 423...

  • Page 214: Configuring No Pmp + Roaming Using Uci

    'test IE' option username 'test' option password 'test' option service 'umts' option health_fail_retries '2' option signal_threshold '-100' option priority '5' option ifup_timeout_sec '180' option defaultroute 'yes' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 214 of 423...
  • Page 215 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 215 of 423...

  • Page 216: Automatic Operator Selection Diagnostics Via The Web Interface

    To check interfaces created in the Multi-WAN package, from the top menu, select Network -> Multi-WAN. To check interfaces that have been created in the network package, from the top menu, select Network -> Interfaces. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 216 of 423...
  • Page 217 Status. The Interface Status page appears. Scroll down to the bottom of the page to view Multi-WAN Stats. Figure 107: The status page: multi-WAN status section page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 217 of 423...

  • Page 218: Automatic Operator Selection Diagnostics Via Uci

    /var/const_state/multiwan Figure 108: Example of output from the command: cat /var/const_stat/multiwan To check interfaces created in the network package, enter: root@VA_router:~# cat /var/const_state/network _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 218 of 423...
  • Page 219 21: Automatic operator selection _______________________________________________________________________________________________________ Figure 109: Example of output from the command cat /var/const_state/network _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 219 of 423...
  • Page 220 To check the status of the interface you are currently using, enter: root@VA_router:~# cat /var/const_state_/mobile Figure 110: Example of output from the command cat /vat/const_state_/mobile _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 220 of 423...

  • Page 221: Configuring Connection Watch (Cwatch)

    If no Connection Watch configuration exists in the configuration file, first enter a name for the Connection Watch instance and select Add. Figure 111: The add connection watch configuration page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 221 of 423...
  • Page 222 Web: Failure Action 1 Defines the failure action associated with failure_time_1. Example to force up interface: UCI: cwatch.@watch[0].failure_action_1 option failure_action_1 ‘ifup wan’ Opt: failure_action_1 blank Range _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 222 of 423...

  • Page 223: Configuring Cwatch Using Command Line

    To define a named cwatch instance using UCI, enter: cwatch.WATCH_MOBILE=watch cwatch.WATCH_MOBILE.enabled=1 To define a named cwatch instance using package options, enter: config watch 'WATCH_MOBILE' option 'enabled' '1' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 223 of 423...

  • Page 224: Cwatch Diagnostics

    Syslog messages will be generated when the failure action is triggered: cwatch[x]: Watch WATCH_MOBILE executed action 1 cwatch[x]: Watch WATCH_MOBILE executed action 2 cwatch[x]: Watch WATCH_MOBILE executed action 3 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 224 of 423...

  • Page 225: Configuring Dhcp Server And Dns (Dnsmasq)

    In the top menu, select Network -> DHCP and DNS. The DHCP and DNS page appears. There are three sections: Server Settings, Active Leases, and Static Leases. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 225 of 423...
  • Page 226 23: Configuring DHCP server and DNS (Dnsmasq) _______________________________________________________________________________________________________ Figure 113: The DHCP and DNS page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 226 of 423...
  • Page 227 Opt: list rebind_domain No list configured. Range Table 67: Information table for general server settings _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 227 of 423...
  • Page 228 Defines local host’s files. When using UCI multiple servers should be entered with a space between them. UCI: dhcp.@dnsmasq[0].addnhosts Opt: list addnhosts Table 68: Information table for resolv and host files section _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 228 of 423...
  • Page 229 Defines the filename of the boot image advertised to clients. This specifies BOOTP options, in most cases just the file name. UCI: dhcp.@dnsmasq[0].dhcp_boot Opt: dhcp_boot Table 69: Information table for TFTP settings _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 229 of 423...
  • Page 230 Enables disallow option for forwarding requests that cannot be answered by public name servers. Normally enabled for dial on UCI: dhcp.@dnsmasq[0].filterwin2k demand interfaces. Opt: filterwin2k Enabled. Disabled. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 230 of 423...
  • Page 231 Opt: dnsforwardmax Range Table 70: Information table for advanced settings 23.2.5 Active leases This section displays all currently active leases. Figure 117: The active leases section _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 231 of 423...
  • Page 232 Web: IPv4 Address The IPv4 address specifies the fixed address to use for this host. UCI: dhcp.@host[0].ip Opt: ip Table 72: Information table for static leases _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 232 of 423...

  • Page 233: Configuring Dhcp And Dns Using Uci

    2.2.2.2 dhcp.@dnsmasq[0].rebind domain=tes.domain dhcp.@dnsmasq[0].enable_tftp=0 dhcp.@dnsmasq[0].tftp_root=/tmp/tftp dhcp.@dnsmasq[0].dhcp_boot=boot.image dhcp.@dnsmasq[0].nonegcache=0 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 233 of 423...
  • Page 234 '1' option strictorder '1' list bogusnxdomain '1.1.1.1 ' list bogusnxdomain '2.2.2.2' option port '53' option dhcpleasemax '150' option ednspacket_max '1280' option dnsforwardmax '150' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 234 of 423...

  • Page 235: Configuring Dhcp Pools Using Uci

    Range Web: n/a Defines the offset from the network address for the end of the DHCP pool. UCI: dhcp.<pool_name>.limit Opt: limit Range 0 - 255 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 235 of 423...

  • Page 236: Configuring Static Leases Using Uci

    '00:11:22:33:44:55' option name 'mypc' This adds the fixed IP address 192.168.1.2 and the name "mypc" for a machine with the (Ethernet) hardware address 00:11:22:33:44:55. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 236 of 423...

  • Page 237: Configuring Dhcp Client

    DHCP Client. To create and edit interfaces via the web interface, in the top menu, click Network -> Interfaces. The Interfaces overview page appears. Figure 119: The interfaces overview page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 237 of 423...
  • Page 238 To create a new interface, in the Interface Overview section, click Add new interface. The Create Interface page appears. Figure 120: The create interface page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 238 of 423...
  • Page 239 Configure the interface settings such as protocol, IP address, gateway, netmask, custom DNS servers, MTU and firewall configuration. IP-Aliases Assign multiple IP addresses to the interface. DHCP Server Configure DHCP server settings for this interface. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 239 of 423...
  • Page 240 Only General setup and Advanced Settings have DHCP client option configuration options 24.2.3.1 Common configuration – general setup Figure 121: The interface general setup configuration page for DHCP client protocol _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 240 of 423...
  • Page 241 Opt: send_rs to 0. Do not send router solicitations Send router solicitations Table 75: Information table for general setup configuration settings for DHCP client protocol _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 241 of 423...
  • Page 242 DNS servers. When unchecked allows UCI: n/a configuration of custom DNS servers via web. There is no uci Opt: n/a option set when checking or unchecking this option. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 242 of 423...

  • Page 243: Configuring Dhcp Client Using Command Line

    Configuring DHCP client using command line The configuration files for DHCP client are stored on /etc/config/network 24.3.1 DHCP client using UCI root@VA_router:~# uci show network ….. network.DHCPCLIENTLAN=interface network.DHCPCLIENTLAN.proto=dhcp _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 243 of 423...

  • Page 244: Dhcp Client Diagnostics

    TX packets:23 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:428 (428.0 B) TX bytes:2986 (2.9 KiB) eth0 Link encap:Ethernet HWaddr 00:E0:C8:12:12:15 inet addr:192.168.100.1 Bcast:192.168.100.255 Mask:255.255.255.0 inet6 addr: fe80::2e0:c8ff:fe12:1215/64 Scope:Link _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 244 of 423...
  • Page 245 To show the current ARP table of the router, enter: root@GW7314:~# arp ? (10.67.253.141) at 30:30:41:30:43:36 [ether] on eth8 ? (10.47.48.1) at 0a:44:b2:06 [ether] on gre-gre1 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 245 of 423...
  • Page 246 Flags Metric Ref Use Iface 192.168.100.0 255.255.255.0 0 eth0 Note: a route will only be displayed in the routing table when the interface is up. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 246 of 423...

  • Page 247: Configuring Dhcp Forwarding

    The DHCP forwarder page appears. The web GUI creates a dhcpfwd section called main so this will be used in the uci examples below. Figure 123: The DHCP forwarder configuration page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 247 of 423...

  • Page 248: Configuring Dhcp Forwarding Using Command Line

    25.3.2 DHCP forwarding using package options root@VA_router:~# uci export dhcp_fwd package dhcp_fwd config dhcpfwd 'main' option enabled '1' list listen_interface 'LAN3' list listen_interface 'lan2' list server '1.1.1.1' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 248 of 423...

  • Page 249: Dhcp Forwarding Over Ipsec

    For more information on configuring a source NAT rule, read the ‘Configuring Firewall’ section of the User Manual. Figure 124: The firewall – traffic rules configuration page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 249 of 423...
  • Page 250 UCI: firewall.@redirect[X].src_dport Leave empty. Opt: src_dport Table 78: Information table for the souce NAT configuration Figure 125: The firewall – traffic rules – SNAT configuration page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 250 of 423...
  • Page 251 25.4.3 Configuring source NAT for DHCP forwarding over IPSec using command line 25.4.3.1 Source NAT for DHCP forwarding over IPSec using UCI root@VA_router:~# uci show firewall …… firewall.@redirect[0]=redirect firewall.@redirect[0].target=SNAT firewall.@redirect[0].src=lan firewall.@redirect[0].dest=wan firewall.@redirect[0].src_dip=192.168.100.1 firewall.@redirect[0].name=DHCPMessages firewall.@redirect[0].proto=udp firewall.@redirect[0].dest_port=67 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 251 of 423...

  • Page 252: Dhcp Forwarding Diagnostics

    C> to stop the trace. root@VA_router:~# fg tcpdump -i any -n -p port 67 33 packets captured 33 packets received by filter 0 packets dropped by kernel _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 252 of 423...
  • Page 253 To show the current ARP table of the router, enter arp root@VA_router:~# arp ? (10.67.253.141) at 30:30:41:30:43:36 [ether] on eth8 ? (10.47.48.1) at 0a:44:b2:06 [ether] on gre-gre1 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 253 of 423...

  • Page 254: Configuring Dynamic Dns

    26.1 Overview Dynamic DNS (DDNS) functionality on a Virtual Access router will dynamically perform DDNS updates to a server so it can associate an IP address with a correctly associated DNS name. Users can then contact a machine, router, device and so on with a DNS name rather than a dynamic IP address.
  • Page 255 UCI: ddns.<name>.ip_source network IP is a associated with a network configuration. Opt: ip_source interface IP is associated with an interface. IP is associated with a URL. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 255 of 423...

  • Page 256: Dynamic Dns Using Uci

    Dynamic DNS uses the ddns package /etc/config/ddns 26.4.1 UCI commands for DDNS root@VA_router:~# uci show ddns ddns.ddns1=service ddns.ddns1.enabled=1 ddns.ddns1.service_name=dyndns.org ddns.ddns1.domain=fqdn_of_interface ddns.ddns1.username=testusername ddns.ddns1.password=testpassword ddns.ddns1.ip_source=network ddns.ddns1.ip_network=dsl0 ddns.ddns1.check_interval=10 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 256 of 423...
  • Page 257 'test' option password 'test' option ip_source 'network' option ip_network 'dsl0' option check_interval '10' option check_unit 'minutes' option force_interval '72' option force_unit 'hours' option interface 'dsl0' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 257 of 423...

  • Page 258: Configuring Hostnames

    27.2.2 Configuring local host files entries using the web interface In the top menu, select Network -> Interfaces. The Interfaces configuration page appears. Browse to Host Records section at the bottom of the page. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 258 of 423...
  • Page 259 For example, for the first host in the package using UCI: network.@host[0]=host network.@host[0].hostname=Device1 Or using package options: config host option hostname 'Device1' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 259 of 423...

  • Page 260: Ptr Records

    Package Sections dhcp domain 27.3.2 Configuring PTR records using the web interface In the top menu, select Network -> Hostnames. The Hostnames configuration page appears. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 260 of 423...
  • Page 261 For example, for the first domain in the package using UCI: dhcp.@domain[0]=domain dhcp.@domain[0].name=Domain1 Or using package options: config domain option name 'Domain1' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 261 of 423...

  • Page 262: Static Leases

    27.4.2 Configuring static leases using the web interface In the top menu, select Network -> DHCP and DNS. The DHCP and DNS configuration page appears. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 262 of 423...
  • Page 263 By default, all dhcp host instances are named host. It is identified by @host then the host position in the package as a number. For example, for the first host in the package using UCI: dhcp.@host[0]=host dhcp.@host[0].name=Host1 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 263 of 423...
  • Page 264 27.4.3.2 Static leases using package option root@VA_router:~# uci export dhcp package dhcp …… config host option name 'Host1' option mac 'aa:bb:cc:dd:ee:ff' option ip '4.4.4.4' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 264 of 423...

  • Page 265: Configuring Firewall

    The zones section groups one or more interfaces and serves as a source or destination for forwardings, rules and redirects. Masquerading (NAT) of outgoing traffic is controlled on a per-zone basis. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 265 of 423...
  • Page 266 ICMP message is returned to the source host. Drop Dropped packets are blocked by the firewall. Table 84: Information table for general zone general settings page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 266 of 423...
  • Page 267 Reject Rejected packets are blocked by the firewall and ICMP message is returned to the source host. Drop Dropped packets are blocked by the firewall. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 267 of 423...
  • Page 268 UCI: firewall.<zone label>.network Note: use the uci list syntax to edit this setting through UCI. Opt: network Table 85: Information table for firewall zone general settings _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 268 of 423...
  • Page 269 Note: For configs with a large number of firewall rules, disabling NAT reflection will speed up load of firewall rules on interface Opt: reflection start. Disable reflection. Enable reflection. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 269 of 423...
  • Page 270 Firewall Zone settings. To edit an existing port forward select edit. To add a new port forward select add. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 270 of 423...
  • Page 271 After the redirect is created and saved, to make changes, click Edit. This will provide further options to change the source/destination zones; specify source mac addresses and enable NAT loopback (reflection). _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 271 of 423...
  • Page 272 Specifies the traffic source zone. It must refer to one of the defined zone names. When using the web interface, this is set to UCI: firewall.<redirect label>.src WAN initially. Opt: src _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 272 of 423...
  • Page 273 Table 89: Information table for port forward edits fields *Note: redirect rule options src_port and src_dport/dest_port accept space-separated lists of ports. If src_port is a list, then src_dport/dst_port cannot be, to avoid ambiguity. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 273 of 423...
  • Page 274 28.2.3 Firewall traffic rules Rules can be defined to allow or restrict access to specific ports, hosts or protocols. Figure 140: The firewall traffic rules page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 274 of 423...
  • Page 275 For DNAT, redirects matched incoming traffic to the specified internal host. UCI: firewall.<rule label>.dest_ip For SNAT, matches traffic directed at the given address. Opt: dest_ip _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 275 of 423...
  • Page 276 Table 91: Information table for match ICMP type drop-down menu _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 276 of 423...

  • Page 277: Configuring Firewall Using Uci

    _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 277 of 423...
  • Page 278 'Forward' To set port forwarding rules, enter: uci add firewall redirect uci set firewall.@redirect[1].name=Forward uci set firewall.@redirect[1].proto=tcp uci set firewall.@redirect[1].src=wan <- zone names _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 278 of 423...
  • Page 279 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 279 of 423...

  • Page 280: Ipv6 Notes

    (DoS). _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 280 of 423...

  • Page 281: Connection Tracking

    ACCEPT option proto This example enables machines on the internet to use SSH to access your router. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 281 of 423...
  • Page 282 When used alone, Source NAT is used to restrict a computer's access to the internet, but allows it to access a few services by manually forwarding what appear to be a few local _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1...
  • Page 283 The following rule blocks all connection attempts from the client to the internet. config rule option src option dest option src_mac 00:00:00:00:00:00 option target REJECT _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 283 of 423...
  • Page 284 Vlan12 interface in the network file. When reverse path filtering mechanism is enabled, the router will check whether a receiving packet source address is routable. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 284 of 423...
  • Page 285 !192.168.1.100 option src_dport option dest_ip 192.168.1.100 option dest_port 3128 option target DNAT config redirect option dest option proto _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 285 of 423...
  • Page 286 ACCEPT For some configurations you also have to open port 500/UDP. # ISAKMP protocol config rule option src option dest option proto option src_port _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 286 of 423...
  • Page 287 It is possible to observe the iptables commands generated by the firewall programme. This is useful to track down iptables errors during firewall restarts or to verify the outcome of certain UCI rules. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 287 of 423...
  • Page 288 1: root@VA_router:/# FW_TRACE=1 fw reload To direct the output to a file for later inspection, enter: root@VA_router:/# FW_TRACE=1 fw reload 2>/tmp/iptables.lo _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 288 of 423...

  • Page 289: Configuring Ipsec

    If you need to create an IPSec template for DMVPN, read the chapter ‘Dynamic Multipoint Virtual Private Network (DMVPN)’. The number of IPSec tunnels supported by Virtual Access’ routers is not limited in any way by software; the only hardware limitation is the amount of RAM installed on the device.
  • Page 290 Debug enabled. Most verbose logging also includes sensitive information such as keys. Table 92: Information table for IPSec common settings _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 290 of 423...
  • Page 291 Connection uses transport mode. pass Connection does not perform any IPSec processing. drop Connection drops all the packets. Table 93: Information table for connection settings _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 291 of 423...
  • Page 292 Defines the IP address of LAN serviced by remote peer. UCI: strongswan.@connection[X]. remotelan Opt:remotelan Web: Remote LAN IP Address Mask Defines the Subnet of remote LAN. UCI: strongswan.@connection[X]. remotelanmask Opt:remotelanmask _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 292 of 423...
  • Page 293 Using extended authentication and preshared key. never Can be used if negotiation is never to be attempted or accepted (shunt connections). Table 94: Information table for IP addressing settings _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 293 of 423...
  • Page 294 3des aes128 aes256 serpent twofish blowfish authAlgo: sha2 DHGroup: modp1024 modp1536 modp2048 modp3072 modp4096 modp6144 modp8192 For example, a valid IKE algorithm is aes128-sha-modp1536. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 294 of 423...
  • Page 295 UCI: begin. strongswan.@connection[X].rekeymargin Relevant only locally, other end need not agree on it. Opt: rekeymargin Timespec 1d, 2h, 9m, 10s. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 295 of 423...
  • Page 296 Opt: initial_contact Do not set initial contact flag Set initial contact flag on first attempt Table 95: Information table for IPSec connections settings _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 296 of 423...
  • Page 297 Ecdsasig Elliptic Curve DSA signatures Xauth Extended authentication Web: Secret Defines the secret. UCI: strongswan.@secret[X].secret Opt: secret Table 96: Information table for IPSec secrets settings _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 297 of 423...

  • Page 298: Configuring Ipsec Using Uci

    _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 298 of 423...
  • Page 299 '3G_Backup' option auto 'start' option type 'tunnel' option remoteaddress '100.100.100.100 ' option localid '192.168.209.1' option remoteid '100.100.100.100 ' option locallan '192.168.209.1' option locallanmask '255.255.255.255' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 299 of 423...
  • Page 300 'local' option enabled 'yes' option locallan '10.1.1.1' option locallanmask '255.255.255.255' option remotelan '10.1.1.0' option remotelanmask '255.255.255.0' option type 'pass' option auto 'route' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 300 of 423...
  • Page 301 # Commands to add a secret for xauth auth touch /etc/config/strongswan uci add strongswan secret uci set strongswan.@secret[1].enabled=yes uci set strongswan.@secret[1].idtype=userfqdn uci set strongswan.@secret[1].userfqdn=testxauth uci set strongswan.@secret[1].remoteaddress=100.100.100.100 uci set strongswan.@secret[1].secret=xauth _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 301 of 423...

  • Page 302: Configuring An Ipsec Template For Dmvpn Via The Web Interface

    Connection Settings Together, these sections define the required parameters for a two-way IKEv1 tunnel. Secret Settings 29.4.1 Configure common settings Figure 146: The common settings section _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 302 of 423...
  • Page 303 Remote Id • Local LAN IP Address • Local LAN IP Address Mask • Remote LAN IP Address • Remote LAN IP Address Mask • _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 303 of 423...
  • Page 304 29: Configuring IPSec _______________________________________________________________________________________________________ Figure 147: The connections settings section _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 304 of 423...
  • Page 305 UCI: strongswan.@connection[X]. Leave blank for DMVPN. remotelanmask Opt:remotelanmask Web: Local Protocol Restricts the connection to a single protocol on the local side. UCI: strongswan.@connection[X].localproto Opt: localproto _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 305 of 423...
  • Page 306 3des aes128 aes256 serpent twofish blowfish authAlgo: sha2 DHGroup: modp1024 modp1536 modp2048 modp3072 modp4096 modp6144 modp8192 For example, a valid IKE algorithm is: aes128-sha-modp1536. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 306 of 423...
  • Page 307 UCI: one, before giving up. The value %forever means 'never give strongswan.@connection[X].keyringtries up'. Relevant only locally, other end need not agree on it. Opt: keyringtries _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 307 of 423...
  • Page 308 Defines the local address this secret applies to. UCI: strongswan.@secret[X].localaddress Opt: localaddress Web: ID selector Defines the remote address this secret applies to. UCI: strongswan.@secret[X]. remoteaddress Opt: remoteaddress _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 308 of 423...

  • Page 309: Configuring An Ipsec Template To Use With Dmvpn

    _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 309 of 423...
  • Page 310 '30s' option keyingtries '%forever' option dpdaction 'hold' option dpddelay '30s' option dpdtimeout '150s' config secret option enabled 'yes' option secrettype 'psk' option secret 'secret' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 310 of 423...

  • Page 311: Ipsec Diagnostics Using The Web Interface

    10.68.234.133/32[gre] === 192.168./32[gre] dmvpn_89_101_154_151{1}: INSTALLED, TRANSPORT, ESP in UDP SPIs: cca7b970_i d874dc90_o dmvpn_89_101_154_151{1}: 10.68.234.133/32[gre] === 89.101.154.151/32[gre] To view a list of IPSec commands, enter: root@VA_router:~# ipsec –help _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 311 of 423...

  • Page 312: Dynamic Multipoint Virtual Private Network (Dmvpn)

    New hubs can be added to the network to improve the performances and reliability. Ability to carry multicast and main routing protocols traffic (RIP, OSPF, BGP). • DMVPN can be deployed using Activator, the Virtual Access automated • provisioning system. Simplifies branch communications by enabling direct branch to branch •...

  • Page 313: Dmvpn Scenarios

    Then it initiates VPN IPSec connection to spoke2. When an IPSec tunnel is established, spoke1 and spoke2 can send traffic directly • to each other. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 313 of 423...
  • Page 314 Note: if an IPSec tunnel fails to be established between the spokes then packets between the spokes are sent via the hub. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 314 of 423...

  • Page 315: Configuration Packages Used

    Selects the IPSec connection, defined in strongSwan, to be used as a template. UCI: dmvpn.common.ipsec_template_name Opt: ipsec_template_name Table 100: Information table for DMVPN general settings _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 315 of 423...
  • Page 316 Table 101: Information table for DMVPN hub settings 30.5.3 Configuring an IPSec template for DMVPN using the web interface Configuring an IPSec template is covered in the chapter ‘Configuring IPSec’. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 316 of 423...

  • Page 317: Dmvpn Diagnostics

    Type: local Protocol-Address: 11.11.11.7/32 Alias-Address: 11.11.11.3 Flags: up Interface: gre-GRE Type: local Protocol-Address: 11.11.11.3/32 Flags: up Interface: gre-GRE Type: cached Protocol-Address: 11.11.11.2/32 NBMA-Address: 178.237.115.129 NBMA-NAT-OA-Address: 172.20.38.129 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 317 of 423...
  • Page 318 10.68.234.133[10.68.234.133]...89.101.154.151[89.101.154.151] dmvpn_89_101_154_151{1}: REKEYING, TRANSPORT, expires in 55 seconds dmvpn_89_101_154_151{1}: 10.68.234.133/32[gre] === 192.168./32[gre] dmvpn_89_101_154_151{1}: INSTALLED, TRANSPORT, ESP in UDP SPIs: cca7b970_i d874dc90_o dmvpn_89_101_154_151{1}: 10.68.234.133/32[gre] === 89.101.154.151/32[gre] _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 318 of 423...
  • Page 319 Interface: gre-GRE Type: cached Protocol-Address: 11.11.11.2/32 NBMA-Address: 178.237.115.129 NBMA-NAT-OA-Address: 172.20.38.129 Flags: used up Expires-In: 0:18 Interface: gre-GRE Type: static Protocol-Address: 11.11.11.1/29 NBMA-Address: 89.101.154.151 Flags: up _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 319 of 423...

  • Page 320: Configuring Multicasting Using Pim And Igmp Interfaces

    To configure PIM through the web interface, in the top menu, select Network -> PIM. The PIM page appears. To access the Global settings, click Add. Figure 156: The global settings interface _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 320 of 423...
  • Page 321 Enable SSM on given interface. UCI: pimd.interface[x].ssm Disabled. Opt: ssm Enabled. Table 104: Information table for interface settings To save your configuration updates, click Save & Apply. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 321 of 423...

  • Page 322: Configuring Pim And Igmp Using Uci

    'yes' option igmp 'no' Alternatively, enter: uci show pimd root@VA_router:/etc/config1# uci show pimd pimd.pimd=routing pimd.pimd.enabled=yes pimd.@interface[0]=interface pimd.@interface[0].enabled=yes pimd.@interface[0].interface=lan pimd.@interface[0].ssm=yes pimd.@interface[0].igmp=yes pimd.@interface[1]=interface pimd.@interface[1].enabled=yes pimd.@interface[1].interface=wan _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 322 of 423...
  • Page 323 31: Configuring multicasting using PIM and IGMP interfaces _______________________________________________________________________________________________________ pimd.@interface[1].ssm=yes pimd.@interface[1].igmp=no To change any of the above values use uci set command. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 323 of 423...

  • Page 324: Qos: Vlan 802.1Q Pcp Tagging

    32.1 Configuring VLAN PCP tagging Virtual Access routers have the capability to respect and set PCP priority values inside 802.1Q VLAN tagged frames. The following partial export of network configuration shows how to configure VLAN priorities for specific interfaces (VLANs).
  • Page 325 Any frames received on VLAN4 destined to VLAN2 with PCP priority set to 0 will • have a priority of 5 set as they leave the router on VLAN4. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 325 of 423...
  • Page 326 ‘vlan_qos_map_egress’ and are destined to tagged interface, 802.1Q tag will be created with a default priority of 0 and then the priority will be set according to the PCP value specified as the frames leave port. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 326 of 423...

  • Page 327: Qos: Type Of Service

    33: QoS: type of service _______________________________________________________________________________________________________ 33 QoS: type of service Virtual Access routers are capable of implementing quality of service configurations on a per interface basis, which allows traffic prioritisation based on type of service criteria parameters. 33.1 QoS configuration overview...
  • Page 328 Table 105: Information table for QoS page To add classification rules, click Add. TheClassification Rules section appears. Configure each classification rule with the following parameters. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 328 of 423...

  • Page 329: Configuring Qos Using Uci

    Each interface can have its own buffer. The interface section declares global characteristics of the connection on which the specified interface is communicating. The following options are defined within this section: _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 329 of 423...
  • Page 330 UCI: qos.Default.classes=Express Normal Specifies the list of names of classes which should be part of classgroup. Opt: classes qos.Default.default=Normal Defines which class is considered default. Opt: default _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 330 of 423...
  • Page 331 Defines to how many % of the available bandwidth this class is capped to. Opt: limitrate 33.4.4 Classify Classifiers match the traffic for desired class. config classify option target 'Express' option proto 'udp' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 331 of 423...

  • Page 332: Example Qos Configurations

    'Express' option packetsize '1000' option maxsize '800' option avgrate '50' option priority '10' option limitrate '10' config classify option target 'Express' option proto 'udp' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 332 of 423...

  • Page 333: Management Configuration Settings

    34.2 Monitor Monitor is a Virtual Access proprietary tool, based on SNMP protocol, to monitor wide networks of deployed routers. The router will be configured to send information to Monitor, which is then stored and viewed centrally via the Monitor application. This includes features such as traffic light availability status, syslog and SLA monitoring.

  • Page 334: Autoload: Boot Up Activation

    In the top menu, select Services ->Autoload. The Autoload page has two sections: Basic Settings and Entries. Click Add to access configuration settings for each section. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 334 of 423...
  • Page 335 Defines how many minutes to back off for if a download and all retires fail. After the backoff period, the entire autoload sequence UCI: autoload.main.BackoffTimer will start again. Opt: Backofftimer Range _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 335 of 423...
  • Page 336 Notifies activator sequence is complete. Opt: RemoteFilename $$ ini Request configuration $$ img Request firmware Note: $$.vas should always be requested last. Table 107: Information table for autoload _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 336 of 423...

  • Page 337: Autoload Using Uci

    'core' 'main' option 'Enabled' "yes" option 'StartTimer' "10" option 'RetryTimer' "30" option 'NumberOfRetries' "5" option 'BackoffTimer' "15" option 'BootUsingConfig' "altconfig" option 'BootUsingImage' "altimage" config 'entry' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 337 of 423...

  • Page 338: Http Client: Configuring Activation Using The Web Interface

    To configure HTTP Client for Activator, in the top menu, click Services -> HTTP Client. The HTTP Client page has two sections: Basic Settings and Advanced Settings. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 338 of 423...
  • Page 339 Opt: SecureDownload Disabled. Advanced settings Web: ActivatorDownloadPath Specifies the URL on Activator to which the client should send requests. UCI: httpclient.default.ActivatorDownloadPath /Activator/Sessionle ss/Httpserver.asp Opt: ActivatorDownloadPath Range _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 339 of 423...
  • Page 340 Defines whether to skip the status check on the server certificate. UCI: httpclient.default.IgnoreServerCertificateS Enabled. tatus Disabled. Opt: IgnoreServerCertificateStatus Table 108: Information table for HTTP client _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 340 of 423...

  • Page 341: Httpclient: Activator Configuration Using Uci

    FileServer '1.1.1.2:80' listSecureFileServer '1.1.1.1:443' list SecureFileServer '1.1.1.2:443' option ActivatorDownloadPath '/Activator/Sessionless/Httpserver.asp' option SecureDownload 'no' option PresentCertificateEnabled 'no' option ValidateServerCertificateEnabled 'no' option CertificateFile '/etc/httpclient.crt' option CertificateFormat 'PEM' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 341 of 423...

  • Page 342: User Management Using Uci

    Note: chapuser will only work if linux user is set to Enabled. UCI: management_users.@user[x].chapuser Disabled. Opt: chapuser Enabled. Web: n/a Specifies PAP access permissions for the PPP connection. UCI: management_users.@user[x].papuser Disabled. Opt: papuser Enabled. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 342 of 423...

  • Page 343: Configuring The Management User Password Using Uci

    The new password will take effect after reboot and will now be displayed in encrypted format through the hashpassword option. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 343 of 423...

  • Page 344: Configuring Management User Password Using Package Options

    34.14 User management using package options root@VA_router:~# uci export management_users package management_users config user _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 344 of 423...

  • Page 345: Configuring User Access To Specific Web

    To specify monitor widgets only, enter: listallowed_pages 'monitor/<widgetname>' Example widget names are: dhcp, arp, 3gstats, interfaces, memory, multiwan, network, openvpn, routes, system, ipsec, dmvpn, tservd. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 345 of 423...

  • Page 346: Configuring Monitor

    35: Configuring Monitor _______________________________________________________________________________________________________ 35 Configuring Monitor 35.1 Introduction Virtual Access monitoring system (Monitor) is a secure portal that provides: Centralised monitoring of devices • Device status • GPS location • • Syslog reporting • Real time diagnostics Email notification •...
  • Page 347 Specifies what SNMP version is sent to remote Manager. UCI: snmp version 1 monitor.@keepalive[0].snmp_version SNMP version 2c Opt: snmp_version SNMP version 3 Table 110: Information table for Monitor & ISAD basic configuration _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 347 of 423...
  • Page 348 Web: SNMPv3 Context Specifies snmpv3 context name. UCI: monitor.@keepalive[0].snmp_context Opt: snmp_context Web: SNMPv3 Context Engine ID Specifies snmpv3 context engine ID. UCI: monitor.@keepalive[0].snmp_context_eid Opt: snmp_context_eid _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 348 of 423...
  • Page 349 To define a named keepalive instance using package options, enter: config keepalive 'keepalivev1' option enabled '1' 35.2.4 Keepalive using UCI root@VA_router:~# uci show monitor monitor.keepalivev1=keepalive monitor.keepalivev1enabled=1 monitor.keepalivev1.interval_min=1 monitor.keepalivev1.dev_reference=router1 monitor.keepalivev1.monitor_ip=10.1.83.36 monitor.keepalivev1.snmp_version=1 monitor.keepalivev2=keepalive _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 349 of 423...
  • Page 350 'yes' list monitor_ip '10.1.83.36' config keepalive 'keepalivev2' option enable '1' option interval_min '1' list monitor_ip '172.16.250.100' option dev_reference 'TEST' option snmp_version '2c' config keepalive 'keepalivev3' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 350 of 423...
  • Page 351 35.2.7 Enabling interface status using command line Interface status is configured under the network package. 35.2.7.1 Enable interface status using UCI root@VA_router:~# uci show network network.@interface[0]=interface …… _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 351 of 423...

  • Page 352: Reporting Gps Location To Monitor

    Enables GPS coordinates to be sent in the heartbeat keepalive to Monitor. UCI: monitor.core.enabled Opt: enabled Disabled. Enabled. Table 113: Information table for reporting GPS commands _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 352 of 423...

  • Page 353: Reporting Syslog To Monitor

    To view GPS coordinates via command line, enter gpspeek: root@VA_router:~# gpspeek Fix: 3D,1495467700,53.342529,- 6.241236,27.700000,202.600000,0.000000,0.000000 35.4 Reporting syslog to Monitor 35.4.1 Configuration package used Package Sections system main _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 353 of 423...
  • Page 354 35.4.3.1 Syslog events to Monitor using UCI root@VA_router:~# uci show system system.main=system …… system.main.log_ip=1.1.1.1 system.main.log_port=514 …… 35.4.3.2 Syslog events to Monitor using package options root@VA_router:~# uci export system package system _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 354 of 423...

  • Page 355: Configuring Isad

    Interface Stats section. Figure 169: The Monitor Keepalive & ISAD Interface Stats page Web Field/UCI/Package Option Description Web: Enabled Enables ISAD. UCI: monitor.stats.enabled=1 Disabled. Opt: enabled Enabled. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 355 of 423...
  • Page 356 'keepalivev1' option interval_min '1' option enabled '1' list monitor_ip '10.1.83.36 option dev_reference 'router1' config interface_stats 'stats' option enabled '1' option bin_period '1h' option bin_cache_size '24' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 356 of 423...
  • Page 357 Monitor server IP 89.101.154.154 using TFTP. package uds config script 'isb_upload_scr' option enabled '1' option exec_type 'periodic' option period '1h' list text '/usr/sbin/isb_upload.lua 89.101.154.154:69' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 357 of 423...

  • Page 358: Configuring Snmp

    Configuring SMNP using the web interface In the top menu, select Services -> SNMP. The SNMP Service page appears. Figure 170: The SNMP service page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 358 of 423...
  • Page 359 SNMP data on the device. These community strings should be chosen carefully to ensure they are not trivial. They should also be changed at regular intervals and in accordance with network security policies. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 359 of 423...
  • Page 360 Table 117: Information table for Com2Sec settings 36.2.3 Group settings Group settings assign community names and SNMP protocols to groups. Figure 172: The group settings section _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 360 of 423...
  • Page 361 OID to be included in or excluded from the view. Only numerical representation is supported. UCI: snmpd.view[x].oid Example Opt: oid Everything 1.3.6.1.2.1.2 Interfaces table Table 119: Information table for view settings _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 361 of 423...
  • Page 362 UCI: snmpd.access[x].write Opt: write Web: Notify Specifies the view to be used for notify access. UCI: snmpd.access[x].notify Opt: notify Table 120: Information table for access settings _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 362 of 423...
  • Page 363 Table 121: Information table for trap receiver settings 36.2.7 Inform receiver Inform receiver settings define a notification receiver that should be sent SNMPv2c INFORM notifications. Figure 176: The inform receiver settings page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 363 of 423...

  • Page 364: Configuring Snmp Using Command Line

    'system' option sysLocation 'Office 123' option sysContact 'Mr White' option sysName 'Backup Access 4' config 'agent' option agentaddress 'UDP:161' option authtrapenabled '1' option link_updown_notify '1' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 364 of 423...
  • Page 365 The following example specifies that a request from the security name “ro” using snmp v1, v2c or USM (User Based Security Model for SNM P v3) are all mapped to the “public” _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1...
  • Page 366 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 366 of 423...
  • Page 367 'private' option version 'v1' option secname 'rw' config 'group' 'private_v2c' option group 'private' option version 'v2c' option secname 'rw' config 'group' 'private_usm' option group 'private' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 367 of 423...
  • Page 368 36.3.6.1 Access using package options config 'access' 'public_access' option group 'public' option context 'none' option version 'any' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 368 of 423...
  • Page 369 'IPADDR[:PORT]' option version 'v1|v2c' option community 'COMMUNITY STRING' # for SNMPv2c inform request receiver config informreceiver option host 'IPADDR[:PORT]' option community 'COMMUNITY STRING' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 369 of 423...

  • Page 370: Configuring Snmp Interface Alias With Static Snmp Index

    All roaming entries will then map to the same Linux interface name and underlying device. Figure 177: The interface SNMP Alias ifindex field advanced settings page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 370 of 423...
  • Page 371 ‘MOBILE’ …… option snmp_alias_ifindex ‘11’ option snmp_alias_ifdescr ‘primary_mobile’ …… 36.4.4 SNMP interface alias MIBS OID Name interface alias table .1.3.6.1.2.1.2.2.1.1. snmp_alias_ifindex .1.3.6.1.2.1.2.2.1.1.<snmp_alias_ifindex+1000> snmp_alias_ifdescr 1.3.6.1.4.1.2078.3.2.66.1.1.<index>.{5,6} _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 371 of 423...

  • Page 372: Snmp Diagnostics

    36.5.3.1 snmpwalk To do an snmpwalk locally, use snmpwalk. An example snmpwalk is shown below: root@VA_router:~# snmpwalk -c public -v 1 localhost .1.3.6.1.2.1.1 iso.3.6.1.2.1.1.1.0 = STRING: "Virtual Access GWXXXX, SN# 00E0C812D1A0, EDG-21.00.07.008" iso.3.6.1.2.1.1.2.0 = OID: iso.3.6.1.4.1.2078 iso.3.6.1.2.1.1.3.0 = Timeticks: (71816) 0:11:58.16 iso.3.6.1.2.1.1.4.0 = STRING: "info@virtualaccess.com"...
  • Page 373 To view an overview including tx/rx packets and uptime of the SNMP process, enter snmpstatus. root@VA_router:~# snmpstatus -c public -v 2c localhost [UDP: [0.0.0.0]->[127.0.0.1]:161]=>[Virtual Access GWXXXX, SN# 00E0C812D1A0, EDG-21.00.07.008] Up: 0:17:05.87 Interfaces: 21, Recv/Trans packets: 47632/9130 | IP: 15045/8256 15 interfaces are down! _______________________________________________________________________________________________________ ©...

  • Page 374: Event System

    37: Event system _______________________________________________________________________________________________________ 37 Event system Virtual Access routers feature an event system. It allows you to forward Virtual Access specific router events to predefined targets for efficient control and management of devices. This chapter explains how the event system works and how to configure it using UCI commands.

  • Page 375: Configuring The Event System Using The Web Interface

    Events Destination Configures the event targets. Event Filters Configures the forwarding rules. 37.3.1 Basic settings Figure 178: The VA event system basic settings configuration page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 375 of 423...
  • Page 376 Defines the connection tester type. UCI: va_eventd.@conn_tester[0].type Web Value Description Opt: type Ping Verifies target by ping ping Link Verifies target by checking link routed interface is up _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 376 of 423...
  • Page 377 The available configuration options differ depending on the event destination type. 37.3.3.1 Syslog target When a syslog target receives an event, it sends it to the configured syslog server. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 377 of 423...
  • Page 378 UCI: va_eventd.@target[0].template See the section on message templates below. Opt: template Range Table 128: Information table for event system syslog event destination settings _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 378 of 423...
  • Page 379 Defines the from address for the email. UCI: va_eventd.@target[0].from Opt: from Range Web: To Defines to address for the email. UCI: va_eventd.@target[0].to Opt: to Range _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 379 of 423...
  • Page 380 Table 129: Information table for event system email event destination settings 37.3.3.3 SNMP target When a SNMP target receives an event, it sends it in a trap to the configured SNMP manager. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 380 of 423...
  • Page 381 See the section on message templates below. Range Web: Agent Address Defines the IP address to source the SNMP trap. (optional) UCI: va_eventd.@target[0]. agent_addr localhost Opt: agent_addr Range _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 381 of 423...
  • Page 382 Defines the SNMPv3 security engine ID. UCI: va_eventd.@target[0].snmp_sec_eid (Only displayed when SNMP authentication protocol is configured) Opt: snmp_sec_eid Range Table 130: Information table for event system SNMP event destination settings _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 382 of 423...
  • Page 383 Opt: cmd_template va_eventd.@target[0].cmd_template="logger -t eventer %{eventName}" See the section on message templates below. Range Table 131: Information table for event system Execute event destination settings _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 383 of 423...
  • Page 384 Table 132: Information table for event system SMS event destination settings 37.3.3.6 File target When file target receives an event, it logs to a file. There is currently no web support for a file target. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 384 of 423...
  • Page 385 Event filters are use to classify the events to be sent to the event destination. Multiple event filters can be defined. Event filters configure the uci forwarding section rules. Figure 185: The VA event system event filters configuration page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 385 of 423...

  • Page 386: Configuring The Event System Using Command Line

    The event system configuration files are stored at /etc/config/va_eventd There are four config sections main, conn_tester, target and forwarding. You can configure multiple conn_tester, target and forwarding sections. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 386 of 423...
  • Page 387 Or using package options: config forwarding option enabled '1' 37.4.1 Event system using UCI root@VA_router:~# uci show va_eventd #Sample basic settings va_eventd.main=va_eventd va_eventd.main.event_queue_file=/tmp/event_buffer va_eventd.main.event_queue_size=128K #Sample SNMP va_eventd.@conn_tester[0]=conn_tester _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 387 of 423...
  • Page 388 #Sample Syslog va_eventd.@conn_tester[1]=conn_tester va_eventd.@conn_tester[1].name=SyslogTest va_eventd.@conn_tester[1].type=ping va_eventd.@conn_tester[1].ping_dest_addr=192.168.100.2 va_eventd.@conn_tester[1].ping_source=LAN1 va_eventd.@conn_tester[1].ping_success_duration_sec=60 va_eventd.@target[1]=target va_eventd.@target[1].name=SyslogTarget _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 388 of 423...
  • Page 389 %{severityName} %{eventName }!!! va_eventd.@target[2].body_template=%{eventName} (%{class}.%{subclass}) happened! va_eventd.@target[2].smtp_addr=192.168.100.3:25 va_eventd.@target[2].smtp_user=root va_eventd.@target[2].smtp_password=admin va_eventd.@target[2].use_tls=0 va_eventd.@target[2].tls_starttls=0 va_eventd.@target[2].tls_forcessl3=0 va_eventd.@forwarding[2]=forwarding va_eventd.@forwarding[2].enabled=yes va_eventd.@forwarding[2].className=power va_eventd.@forwarding[2].eventName=IgnitionOff va_eventd.@forwarding[2].severity=notice-notice va_eventd.@forwarding[2].target=EmailTarget _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 389 of 423...
  • Page 390 #Sample Execute va_eventd.@target[4]=target va_eventd.@target[4].name=ExecTarget va_eventd.@target[4].type=exec va_eventd.@target[4].cmd_template=logger -t eventer %{eventName} va_eventd.@forwarding[4]=forwarding va_eventd.@forwarding[4].enabled=yes va_eventd.@forwarding[4].target=ExecTarget va_eventd.@forwarding[4].className=ppp va_eventd.@forwarding[4].severity=debug-error #Sample File va_eventd.@target[5]=target va_eventd.@target[5].name=FileTarget va_eventd.@target[5].type=file va_eventd.@target[5].file_name=\tmp\eventfile va_eventd.@target[5].max_size_kb=1028 va_eventd.@forwarding[5]=forwarding va_eventd.@forwarding[5].enabled=yes va_eventd.@forwarding[5].target=FileTarget va_eventd.@forwarding[5].severity=debug-error _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 390 of 423...
  • Page 391 'AES' option snmp_priv_pass 'aespassword' option snmp_context 'v3context' option snmp_context_eid 'v3contextID' option snmp_sec_eid 'v3SecurityID' config forwarding option enabled 'yes' option className 'mobile' option severity 'notice-notice' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 391 of 423...
  • Page 392 '10' option name 'EmailTarget' option type 'email' option conn_tester 'EmailTest' option from 'from@example.com' option to 'to@example.com' option subject_template '%{serial} %{severityName} %{eventName}!!!' _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 392 of 423...
  • Page 393 'LoginSSH' option severity 'notice-notice' # Sample Execute config target option name 'ExecTarget' option type 'exec' option cmd_template 'logger -t eventer %{eventName}' config forwarding _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 393 of 423...

  • Page 394: Event System Diagnostics

    6 | EventdUpAndRunning | informat | | internal 7 | EventdStopped | warning | %{p1} | mobile 1 | SIMin | notice | SIM card #%{p1}inserted _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 394 of 423...
  • Page 395 | LuCI login: user %{p1} | auth 15 | ConsoleCommand | informat | %{p1}@%{p2} %{p3} | auth 16 | LuCIAction | informat | %{p1}@%{p2} %{p3} %{p4} %{p5} _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 395 of 423...
  • Page 396 | adsl 5 | TrainingSuccess | notice | ADSL training successful: data .. | system 1 | BootSuccess | informat | Success booting into %{p1} _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 396 of 423...
  • Page 397 3 | QueryTimeout | warning | NTP query to %{p1} timed out. Ne.. | ntp 4 | QueryFailed | warning | NTP query failed: %{p1} _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 397 of 423...

  • Page 398: Configuring Data Usage Monitor

    Virtual Access cannot be held liable for any fees charged by the carrier to the customer for their data usage. We recommend that the configured data usage is lower than the allowance and that traffic percentage alerts are used.
  • Page 399 Set multiple limits via UCI using a space separator. Example: Opt: monthly_warning_levels uci set procrustes.@limit[0].monthly_warning_levels=”15 25” Zero means no limit. Range Table 135: Information table for data usage commands _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 399 of 423...
  • Page 400 The following examples show two limit groups wan and lan. 38.3.2 Procrustes using UCI root@VA_router:~# uci show Procrustes procrustes.lan=limit procrustes.lan.enabled=1 procrustes.lan.interfaces=LAN1 procrustes.lan.billing_period_start_day=1 procrustes.lan.monthly_data_limit=30 procrustes.lan.monthly_warning_levels=15 25 procrustes.wan=limit procrustes.wan.enabled=1 procrustes.wan.interfaces=MOBILE1 procrustes.wan.billing_period_start_day=1 procrustes.wan.monthly_data_limit=30 procrustes.wan.monthly_warning_levels=15 25 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 400 of 423...

  • Page 401: Data Usage Status

    <if_group_name>: using counter 1404674 saved on 2017-09-30 16:26:57 NOTICE procrustes <if_group_name>: warning level 2097152 is reached WARNING procrustes <if_group_name>: hard limit 10485760 is reached _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 401 of 423...
  • Page 402 Additional useful debug commands via the command line are described in the table below. Diagnostic Command Description logread | grep procrustes Shows logs related to “procrustes” only ls /root/procrustes/sim_blacklist/ Shows list of blacklisted SIM iccids _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 402 of 423...

  • Page 403: Configuring Terminal Server

    Terminal Server. 39.3.1 Configure main settings Figure 189: The terminal server main settings page _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 403 of 423...
  • Page 404 39.3.2.1 Port settings: general section In this section you can configure general port settings. The settings are usually the same for the central and the remote site. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 404 of 423...
  • Page 405 Web: Serial Forwarding Timeout (ms) Forwarding timeout in milliseconds (network to serial). UCI: tservd.@port[0].sfwd_timeout Set to 0 to forward to serial immediately. Opt: sfwd_timeout 20 ms Range 0-10000 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 405 of 423...
  • Page 406 Note: • The displayed settings vary depending on options selected. DTR <--> DSR signalling is not available on GW2028 router models. • _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 406 of 423...
  • Page 407 39: Configuring Terminal Server _______________________________________________________________________________________________________ Figure 191: The serial section fields (port mode RS232) _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 407 of 423...
  • Page 408 In RS232 half-duplex mode, time in milliseconds between raising RTS and enabling the transmitter. For use with an externally UCI: tservd.@port[0].rts_timeout connected V.23 modem. Opt: rts_timeout 30ms Range _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 408 of 423...
  • Page 409 Atmel USB serial card is enabled. UCI: tservd.@port[0].sync_tx_msbf Transmit least significant bit first. Opt: sync_tx_msbf Transmit most significant bit first. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 409 of 423...
  • Page 410 Receive samples divided by 1. Opt: v23_rx_loss Range Web: n/a Defines the v23 modem RTS to CTS delay in milliseconds. UCI: tservd.@port[0].v23_rts_to_cts_delay Range Opt: v23_rts_to_cts_delay _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 410 of 423...
  • Page 411 In this section you can configure the network side of the Terminal Server. Note: the displayed settings vary depending on options selected. Figure 192: The port settings network fields (TCP server mode) _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 411 of 423...
  • Page 412 ‘acked’ before closing connection in established state. UCI: Set to 0 to use kernel defaults. Only displayed if Transport Mode tservd.@port[0].tcp_user_timeout is TCP. Opt: tcp_user_timeout 20000 20 seconds. Range 0-65535 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 412 of 423...
  • Page 413 Remote UDP port used by terminal server. Only displayed if transport mode is UDP. UCI: tservd.@port[0].udpRemotePort Opt: udpRemotePort Range 0-65535 Table 139: Information table for port settings network section _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 413 of 423...

  • Page 414: Terminal Server Using Uci

    On the IP network side, the terminal server can operate in one of three modes: TCP Client • TCP Server • • Based on the choosed network configuration the DSR behaviour may vary. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 414 of 423...
  • Page 415 When in a TCP connection state, the TCP connection is cleared only by the network. Serial interface signals such as DSR do not cause TCP disconnection. _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 415 of 423...

  • Page 416: Terminal Server Diagnostics

    If Terminal Server is running it will be shown with its process ID. 39.7.2 Terminal Server statistics To see Terminal Server statistics, enter: root@VA_router:~# tserv show stats TERMINAL 1, Dev: /dev/ttySC0 State: LISTENING _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 416 of 423...
  • Page 417 To see Terminal Server advanced debug commands for the terminal server, enter: root@VA_router:~# tserv === Termserv disgnostics. Command syntax: === tserv show stats - show statistics tserv clear stats - clear statistics _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 417 of 423...
  • Page 418 - start USB serial card rx log tserv show userial rxlog <offs> <length> - show USB serial card rx log tserv quit - terminate termserv process _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 418 of 423...

  • Page 419: Configuring Terminal Package

    Opt: flowcontrol Enabled. Table 140: Information table for terminal settings 40.3 Configuring terminal package using UCI root@VA_router:~# uci show terminal terminal.ttySC0=terminal terminal.ttySC0.enabled=1 terminal.ttySC0.device=ttySC0 terminal.ttySC0.speed=115200 terminal.ttySC0.type=vt100 terminal.ttySC0.flowcontrol=1 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 419 of 423...

  • Page 420: Configuring Terminal Using Package Options

    /etc/inittab ::sysinit:/etc/init.d/rcS S boot ::shutdown:/etc/init.d/rcS K stop ttyLTQ0::askfirst:getty -L 115200 ttyLTQ0 vt100 ttyLTQ1::askfirst:getty -L 115200 ttyLTQ1 vt100 ttySC0::respawn:getty -h -L 115200 ttySC0 vt100 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 420 of 423...

  • Page 421: Serial Interface

    The information presented will also depend on the actual type of the serial interface. 41.2.1 Serial statistics Figure 193: The serial statistics page for serial-0 _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 421 of 423...

  • Page 422: Monitoring Serial Interfaces Using Command Line

    Tx Frames Tx Bytes Tx Underruns Tx Discards Rx Frames Rx Bytes 258856 Rx Overruns Rx CRC Errors Rx Too Big Rx Discards _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 422 of 423...
  • Page 423 To reset serial statistics, enter: serial_stats_reset. root@VirtualAccess:~# serial_stats_reset ttyU0 Serial interface statistics reset You can reset statistics for all or individual serial interfaces. ______________________________END OF DOCUMENT_________________________________ _______________________________________________________________________________________________________ © Virtual Access 2018 GW2020 Series User Manual Issue: 2.1 Page 423 of 423...

This manual is also suitable for:

Gw2022Gw2023Gw2024

Table of Contents