Teltonika RUT240 User Manual
  1. Manuals
  2. Brands
  3. Teltonika Manuals
  4. Wireless Router
  5. RUT240
  6. User manual
Teltonika RUT240 User Manual

Teltonika RUT240 User Manual

4g router
Hide thumbs Also See for RUT240:
Table of Contents

Advertisement

Quick Links

Download this manual
USER MANUAL
RUT240 4G Router

Advertisement

Table of Contents
loading

Related Manuals for Teltonika RUT240

Summary of Contents for Teltonika RUT240

  • Page 1 USER MANUAL RUT240 4G Router...

  • Page 2: Attention

    Copyright © 2017 TELTONIKA Ltd. All rights reserved. Reproduction, transfer, distribution or storage of part or all of the contents in this document in any form without the prior written permission of TELTONIKA Ltd is prohibited. The manufacturer reserves the right to modify the product and manual for the purpose of technical improvement without prior notice.

  • Page 3: Table Of Contents

    Table of Contents Legal notice ................................3 Attention.................................. 3 SAFETY INFORMATION ............................8 Device connection ............................... 9 1 Introduction ................................ 10 2 Specifications ..............................10 2.1 Ethernet ............................... 10 2.2 Wi-Fi ................................10 2.3 Hardware ..............................10 2.4 Electrical, Mechanical & Environmental ...................... 10 2.5 Applications ..............................
  • Page 4 6.7.4 Realtime Wireless ..........................37 6.7.5 Realtime Connections ........................... 38 6.8 Mobile Traffic .............................. 39 6.9 Speed Test ..............................40 6.10 Events Log ..............................40 6.10.1 All Events ............................40 6.10.2 System Events ............................. 41 6.10.3 Network Events ..........................42 6.10.4 Events Reporting ..........................
  • Page 5 8 Services ................................82 8.1 VRRP ................................82 8.1.1 VRRP LAN Configuration Settings ......................82 8.1.2 Check Internet connection ........................82 8.2 Web Filter ..............................83 8.2.1 Site blocking ............................83 8.2.2 Proxy Based Content Blocker ....................... 83 8.3 NTP ................................84 8.4 VPN ................................
  • Page 6 8.9.5 Radius server configuration ........................ 126 8.9.6 Statistics .............................. 127 8.10 CLI ................................128 8.11 Auto Reboot............................. 129 8.11.1 Ping Reboot ............................129 8.11.2 Periodic Reboot ..........................130 8.12 Input/Output ............................131 8.12.1 Main information..........................131 8.12.2 Status ..............................131 8.12.3 Input ..............................

  • Page 7: Safety Information

    SAFETY INFORMATION In this document you will be introduced on how to use a RUT240 router safely. We suggest you to adhere to the following recommendations in order to avoid personal injuries and or property damage. You have to be familiar with the safety requirements before using the device! To avoid burning and voltage caused traumas, of the personnel working with the device, please follow these safety requirements.

  • Page 8: Device Connection

    Device connection...

  • Page 9: Introduction

    1 Introduction Thank you for purchasing a RUT240 4G router! RUT240 is part of the RUT2xx series of compact mobile routers with high speed wireless and Ethernet connections. This router is ideal for people who would like to share their internet on the go, as it is not restricted by a cumbersome cable connection.

  • Page 10: Applications

    2.5 Applications...

  • Page 11: Setting Up Your Router

    3 Setting up your router 3.1 Installation After you unpack the box, follow the steps, documented below, in order to properly connect the device. For better Wi-Fi performance, put the device in clearly visible spot, as obstacles such as walls and door hinder the signal. 1.

  • Page 12: Connection Status Led

    3.1.3 Connection status LED Explanation of connection status LED indication: 1. Signal strength status LED’s turned on: router is turning on; 2. 2G and 3G LED’s constant blinking every 1 sec: no SIM or bad PIN; 3. 2G/3G LED’s blinking every 1 sec: connected 2G/3G, but no data session established; 4.
  • Page 13 We first must set up our network card so that it could properly communicate with the router. 1. Press the start button network connections”, wait for the results to 2. Type in “ pop up. 3. Click “View network connections” 4.
  • Page 14 5. Select Internet Protocol Version 4 (TCP/IPv4) and then click 6. By default the router is going to have DHCP enabled, which means that if you select “Obtain an IP address Properties automatically” “Obtain server address automatically”, the router should lease you an IP and you should be ready to login.
  • Page 15 Right click on the Wireless network icon and select Connect / Disconnect. A list should pop up with all available wireless networks. Select “Teltonika” and click connect. Then we launch our favorite browser and enter the router’s IP into the address field: Press enter.

  • Page 16: Operation Modes

    4 Operation Modes The RUT2xx series router supports various operation modes. It can be connected to the internet (WAN) via mobile, standard Ethernet cable or via a wireless network. When connecting to the internet, you may also backup your main WAN connection with one or two backup connections. Any interface can act like backup if configured so. At first router uses its main WAN connection, if it is lost then router tries to connect via backup with higher priority and if that fails too, router tries the second backup option.

  • Page 17: Status

    6 Status The status section contains various pieces of information, like current IP addresses of various network interfaces; the state of the routers memory; firmware version; DHCP leases; associated wireless stations; graphs indicating load, traffic and much more. 6.1 Overview Overview section contains various information summaries.

  • Page 19: Network Information

    Name of the router (hostname of the router’s system). Can be changed in System -> Administration. 2. Host name Teltonika-RUT240.com Indicates how the router will be seen by other devices on the network. Can be changed in System -> Administration. 3. Router Model Teltonika RUT240 3G Router’s model.
  • Page 21 Mobile information: Field Name Sample Value Explanation Data connection Connected Mobile data connection status state IMEI 861075024498503 Modem's IMEI (International Mobile Equipment Identity) number IMSI 246020100944448 IMSI (International Mobile Subscriber Identity) is used to identify the user in a cellular network ICCID 8937002160600414481F Your SIM card’s Integrated circuit card identifier number SIM card state...
  • Page 22 WAN information: Field Name Sample Value Explanation Interface Wired Specifies through what medium the router is connecting to the internet. This can either be Wired, Mobile or Wi-Fi. Type DHCP Specifies the type of connection. This can either be static or DHCP. IP address 192.168.1.202 The IP address that the router uses to connect to the internet.
  • Page 23 LAN information: Field Name Sample Value Explanation Name LAN instance name IP address 192.168.200.1 Address that the router uses on the LAN network. Netmask 255.255.255.0 A mask used to define how large the LAN network is Ethernet 00:1E:42:00:02:1D MAC (Media Access Control) address used for communication in an Ethernet MAC address LAN (Local Area Network) Connected...
  • Page 24 6.3.1.4.1 Station Display information about wireless connection (Station mode). Client mode information Field Name Sample Value Explanation 1. Channel 1 (2.41 GHz) The channel that the AP, to which the router is connected to, uses. Your wireless radio is forced to work in this channel in order to maintain the connection.
  • Page 25 6.3.1.4.2 Access Point Display information about wireless connection (Access Point mode). Wireless AP information Field Name Sample Value Explanation 1. Channel 1 (2.41 GHz) The channel which is used to broadcast the SSID and to establish new connections to devices. 2.
  • Page 26 6.3.1.5 Associated Stations Outputs a list of all devices and their MAC addresses that are maintain a connection with your router right now. This can either be the information of the Access Point that the router is connecting to in STA mode or a list of all devices that are connecting to the router in AP mode: Field Name Sample Value...
  • Page 27 6.3.1.7 OpenVPN Server Display OpenVPN connection information on server side. Field Name Sample Value Explanation 1. Enabled Yes/No OpenVPN status 2. Status Connected Connection status 2. Type Server A type of OpenVPN instance that has been created 3. IP 10.0.0.1 Remote virtual network's IP address 4.
  • Page 28 6.3.1.9 VRRP VRRP (Virtual Router Redundancy Protocol) for LAN Field Name Sample Value Explanation 1. Status Enabled VRRP status 2. Virtual IP 192.168.1.253 Virtual IP address(-es) for LAN’s VRRP (Virtual Router Redundancy Protocol) cluster 3. Priority Router with the highest priority value on the same VRRP cluster will act as a master, range [1 - 255] 4.
  • Page 29 Field Name Sample Value Explanation 1. Type SSH; HTTP; HTTPS Type of connection protocol 2. Status Disabled/Enabled Connection status 3. Port 22; 80; 443 Connection port used 4. Active 0(0.00B);0(0.00B); Count of active connections and the amount of data transmitted in KB Connections 6(558.12 KB) 6.3.1.10.1 Last Connections...

  • Page 30: Device Information

    6.4 Device information The page displays factory information that was written into the device during manufacturing process. Field Name Sample Value Explanation Serial number 77885555 Serial number of the device Product code RUT900001000 Product code of the device Batch number 1000 Batch number used during the device’s manufacturing process Hardware revision...

  • Page 31: Services

    6.5 Services The page displays the usage of the available services.

  • Page 32: Routes

    6.6 Routes The page displays ARP table and active IP routes of the device. 6.6.1 ARP Show the router’s active ARP table. An ARP table contains recently cached MAC addresses of every immediate device that was communicating with the router. Field Name Sample Value Explanation...
  • Page 33 Field Name Sample Value Explanation 1. Network loopback Network interface used 2. Target 0:0:0:0:0:0:0:0/0 Indicates where a TCP/IP packet, with a specific IP address, should be directed 3. IPv6-Gateway 0:0:0:0:0:0:0:0/0 Indicates through which gateway a TCP/IP packet should be directed 4.

  • Page 34: Graphs

    6.7 Graphs Real-time graphs show how various statistical data changes over time. 6.7.1 Mobile Signal Strength Displays mobile signal strength variation in time (measured in dBm) Field Name Sample Value Explanation 1. Connection type 3G (WCDMA) Type of mobile connection used 2.

  • Page 35: Realtime Load

    6.7.2 Realtime Load This tri-graph illustrates average CPU load values in real time. The graph consists out of three color coded graphs, each one corresponding to the average CPU load over 1 (red), 5 (orange) and 15 (yellow) most recent minutes. Field Name Sample Value Explanation...

  • Page 36: Realtime Traffic

    6.7.3 Realtime Traffic These graphs illustrate the average system inbound and outbound traffic over the course of 3 minutes; each new measurement is taken every 3 seconds. Each graph consists out of two color coded graphs (green graph shows the outbound traffic, blue graph shows the inbound traffic).

  • Page 37: Realtime Wireless

    6.7.4 Realtime Wireless Displays the wireless radio signal, signal noise and the theoretical maximum channel permeability. Average and peak signal levels are displayed.

  • Page 38: Realtime Connections

    6.7.5 Realtime Connections Displays currently active network connections with the information about network, protocol, source and destination addresses, transfer speed.

  • Page 39: Mobile Traffic

    6.8 Mobile Traffic Displays mobile connection data sent and received in KB of this day, week and month. By default mobile traffic usage logging is disabled. To use this functionality is needed to enable it. Field Name Sample Value Explanation 1.

  • Page 40: Events Log

    6.9 Events Log Event log displays such actions as: login, reboot, firmware flashing and reset. 6.9.1 All Events Displays all router events, their types and time of occurrence. 6.9.2 System Events Displays all system events, their type and time of occurrence. Events include authentication or reboot requests, incoming and outgoing SMS and Calls, Mails, Configuration changes and DHCP events.

  • Page 41: Network

    7 Network 7.1 Mobile 7.1.1 General 7.1.1.1 Mobile configuration Here you can configure mobile settings which are used when connecting to your local 3G network. Field Name Sample value Explanation...
  • Page 42 Connection The connection type used when connecting to a network. It can type either be PPP or QMI. PPP is considerably slower than QMI. Mode NAT / Passthrough NAT mode enables network address translation on router. Passthrough mode is similar with bridge mode except that in passthrough mode router do have internet connection.
  • Page 43 1.1.1.1.1 Passthrough mode Using Passthrough Mode will disable most of the router capabilities! DHCP mode: Static Enter your computer’s MAC address (xx:xx:xx:xx:xx:xx) to MAC Address field and select Lease time (expiration time for leased addresses). Device, whose MAC address will be entered, will get IP from the GSM operator. Other connected devices will get IP from the router’s DHCP server, but these devices will not have internet access.

  • Page 44: Mobile Data Limit

    3. Period Month/Week/Day Period for which mobile data limiting should apply 4. Start day/ Start hour A starting time for mobile data limiting period * Your carrier's data usage accounting may differ. Teltonika is not liable should any accounting discrepancies occur.
  • Page 45 A starting time for the mobile data limiting period 5. Phone number +37012345678 A phone number to send the warning SMS message to, e.g. +37012345678 * Your carrier's data usage accounting may differ. Teltonika is not liable should any accounting discrepancies occur.

  • Page 46: Wan

    7.2 WAN 7.2.1 Operation Mode Your WAN configuration determines how the router will be connecting to the internet. Type Explanation 1. Main WAN Switches between Mobile, Wired and Wi-Fi interfaces for main WAN 2. Backup Let’s user select one or two interfaces for WAN backup WAN/Load balancing 3.
  • Page 47 7.2.2.1 General Setup 7.2.2.1.1 Static: This is the configuration setup for when you select the static protocol. Filed name Sample Explanation 1. IPv4 address 192.168.99.162 Your router’s address on the WAN network 2. IPv4 netmask 255.255.255.0 A mask used to define how “large” the WAN network is 3.
  • Page 48 7.2.2.1.3 PPPoE This protocol is mainly used by DSL providers: This is the configuration setup for when you select PPPoE protocol. Filed name Sample Explanation 1. PAP/CHAP username test Your username and password that you would use to connect to your carrier’s network.
  • Page 49 Field name Sample value Explanation 1. Disable NAT On/Off Toggle NAT on and off. Override MAC address 86:48:71:B7:E9:E4 Override MAC address of the WAN interface. If your ISP gives you a static IP address it might also bind it to your computer’s MAC address (i.e.
  • Page 50 7.2.2.2.3 PPPoE Field name Sample value Explanation 1. Disable NAT Enable/Disable If checked, the router will not perform NAT (masquerade) on this interface Use default gateway Enable/Disable If unchecked, no default route is configured 3. Use gateway metric The WAN configuration by default generates a routing table entry.
  • Page 51 7.2.2.2.4 IP Aliases IP aliases are a way of defining or reaching a subnet that works in the same space as the regular network. As you can see, the configuration is very similar to the static protocol; only in the example a 99th subnet is defined.
  • Page 52 The majority of the options consist of timing and other important parameters that help determine the health of your primary connection. Regular health checks are constantly performed in the form of ICMP packets (Pings) on your primary connection. When the connection’s state starts to change (READY->NOT READY and vice versa) a necessary amount of failed or passed health checks has to be reached before the state changes completely.

  • Page 53: Lan

    7.3 LAN This page is used to configure the LAN network, where all your devices and computers that you connect to the router will reside. 7.3.1 Configuration 7.3.1.1 General Setup Field name Sample value Explanation 1. IP address 192.168.1.1 Address that the router uses on the LAN network IP netmask 255.255.255.0 A mask used to define how “large”...

  • Page 54: Dhcp Server

    7.3.2 DHCP Server The DHCP server is the router’s side service that can automatically configure the TCP/IP settings of any device that requests such a service. If you connect a device that has been configured to obtain IP address automatically the DHCP server will lease an IP address and the device will be able to fully communicate with the router.
  • Page 55 Field Name Sample Value Explanation 1. Dynamic DHCP Checked/Unchecked Dynamically allocate client addresses, if set to only clients present in the ethers files are served 2. Force Checked/Unchecked Forces DHCP serving even if another DHCP server is detected on the same network segment.
  • Page 57 7.3.2.4.2 Advanced Settings You may also optionally define a broadcast address and a custom DNS server.

  • Page 58: Wireless

    Wi-Fi networks they will see your network with this name. Hide SSID – Will render your SSID hidden from other devices that try to scan the area. Connect to WRP100 automatically – let Teltonika WRP100 wireless repeater connect to this router automatically.
  • Page 59 7.4.1.1 Device 7.4.1.1.1 Advanced Settings Here you can configure more advanced parameters: Field name Sample value Explanation 1. Mode Auto, b, g, g+n Different modes provide different throughput and security options. 2. Country Code Any ISO/IEC 3166 alpha2 Selecting this will help the wireless radio configure it’s country code internal parameters to meet your country’s wireless regulations.
  • Page 60 First select an encryption method: TKIP, CCMP, TKIP&CCMP and auto. Note: Some authentication methods won’t support TKIP (and TKIP&CCMP) encryption. After you’ve selected your encryption method, you should enter your pass phrase, which must be at least 8 characters long. 7.4.1.2.2 MAC-Filter Filter –...

  • Page 61: Vlan

    7.5 VLAN On this page you can configure your Virtual LAN settings. 7.5.1 VLAN Networks 7.5.1.1 VLAN Functionality Field Name Sample Value Explanation 1. VLAN mode Disabled / Tag based Lets the user choose the VLAN mode or disable VLAN functionality. 7.5.1.2 VLAN mode –...

  • Page 62: Firewall

    7.6 Firewall In this section we will look over the various firewall features that come with RUT230. 7.6.1 General Settings The router’s firewall is a standard Linux iptables package, which uses routing chains and policies to facilitate control over inbound and outbound traffic. Field Name Sample value Explanation...

  • Page 63: Dmz

    7.6.2 DMZ By enabling DMZ for a specific internal host (e.g.: your computer), you will expose that host and it’s services to the router’s WAN network (i.e. - internet). 7.6.3 Port Forwarding Here you can define your own port forwarding rules. You can use port forwarding to set up servers and services on local LAN machines.
  • Page 64 Field Name Sample value Explanation 1. Name Enable_SSH_WAN_PASSTHROUGH Name of the rule. Used purely to make it easier to manage rules. 2. Protocol TCP/UDP/TCP+UDP/Other The type of protocol of the incoming packet. 3. External Port 1-65535 The traffic will be forwarded from this port of the WAN network.

  • Page 65: Traffic Rules

    address only External port Match incoming traffic directed at the given destination port or port range on this host only Internal zone LAN/VPN/WAN Redirect matched incoming traffic to the specified internal zone Internal IP address 127.0.0.1 Redirect matched incoming traffic to the specified internal host Internal port Redirect matched incoming traffic to the given port...
  • Page 66 Field Name Explanation Name Name of the rule. Used for easier rules management purpose only Protocol Protocol type of incoming or outgoing packet Source Match incoming traffic from this IP or range only Destination Redirect matched traffic to the given IP address and destination port Action Action to be taken for the packet if it matches the rule Enable...
  • Page 67 Source MAC Match incoming traffic from these MACs only address Source address Match incoming traffic from this IP or range only Source port Match incoming traffic originating from the given source port or port range on the client host only Destination zone Device/Any Match forwarded traffic to the given destination zone only...
  • Page 68 7.6.4.3 Source NAT Source NAT is a specific form of masquerading which allows fine grained control over the source IP used for outgoing traffic, for example to map multiple WAN addresses to internal subnets. Field Name Sample value Explanation 1. Name SNAT Used to make rule management easier 2.
  • Page 69 Field Name Sample value Explanation Name SNAT Used to make rule management easier Protocol TCP/UDP/Any/ICMP/Custom Protocol of the packet that is being matched against traffic rules. Source zone LAN/VPN/WAN Match incoming traffic from this zone only Source MAC address Match incoming traffic from these MACs only Source address Match incoming traffic from this IP or range only Source port...

  • Page 70: Custom Rules

    7.6.5 Custom Rules Here you have the ultimate freedom in defining your rules – you can enter them straight into the iptables program. Just type them out into the text field ant it will get executed as a Linux shell script. If you are unsure of how to use iptables, check out the internet for manuals, examples and explanations.
  • Page 71 Field Name Sample value Explanation Enable SYN flood protection Enable/Disable Makes router more resistant to SYN flood attacks. SYN flood rate “25” Set rate limit (packets/second) for SYN packets above which the traffic is considered flooded. SYN flood burst “50” Set burst limit for SYN packets above which the traffic is considered flooded if it exceeds the allowed rate.
  • Page 72 Field Name Sample value Explanation Enable SSH limit Enable/Disable Enable SSH connections limit in selected period Limit period Second/Minute/Hour/Day Select in what period limit SSH connections Limit “10” Maximum SSH connections during the period Limit burst “5” Indicating the maximum burst before the above limit kicks in.

  • Page 73: Port Scan Prevention

    Field Name Sample value Explanation Enable HTTPS limit Enable/Disable Limits HTTPS connections per period Limit period Second/Minute/Hour/Day Select in what period to limit HTTPS connections Limit “10” Maximum HTTPS connections during the period Limit burst “10” Indicating the maximum burst 7.6.7 Port Scan Prevention 7.6.7.1 Port Scan Field Name...

  • Page 74: Routing

    7.7 Routing 7.7.1 Static Routes Static routes specify over which interface and gateway a certain host or network can be reached. Field name Value Explanation 1. Routing table MAIN/WAN/WAN2/WAN3 Defines the table to use for the route 2. Interface MAIN/WAN/WAN2/WAN3 The zone where the target network resides 3.
  • Page 75 7.7.2 Dynamic Routes 7.7.2.1 General Dynamic routes provide dynamic routing which enables the router to select paths according to real-time logical network layout changes. Field name Value Explanation 1. Enable Enable/Disable Enable dynamic routes 2. Router ID 192.168.1.1 Router’s ID 7.7.2.2 OSPF Protocol 7.7.2.2.1 OSPF General Instance Field name...
  • Page 76 7.7.2.2.2 OSPF Area The OSPF network can be divided into sub-domains called areas. Field name Value Explanation 1. Area name OSPF_area OSPF area’s name 2. Enable Yes/No Enable/disable OSPF area To see at specific configuration settings press “edit” button located in newly created OSPF area. A new page with detailed configuration appears, as shown in the picture below.

  • Page 77: Static Routes

    7.7.2.3 General Protocol Field name Value Explanation 1. Enable Enable/Disable Enable/Disable settings 2. Learn Enable/Disable Enables route learning 3. Persist Enable/Disable If checked it allows route storing. After a restart, routes will still be configured 4. Scan time Time between scans 5.

  • Page 78: Services

    8 Services 8.1 VRRP 8.1.1 VRRP LAN Configuration Settings Field name Sample Explanation 1. Enable Enable/Disable Enable VRRP (Virtual Router Redundancy Protocol) for LAN 2. IP address 192.168.1.253 Virtual IP address for LAN's VRRP (Virtual Router Redundancy Protocol) cluster 3. Virtual ID Routers with same IDs will be grouped in the same VRRP (Virtual Router Redundancy Protocol) cluster, range [1-255] 4.

  • Page 79: Web Filter

    8.2 Web Filter 8.2.1 Site blocking Field name Sample Explanation 1. Enable Enable/Disable Enable host name based websites blocking 2. Mode Whitelist/Blacklist Whitelist - allow every site on the list and block everything else. Blacklist - block every site on the list and allow everything else. 3.

  • Page 80: Ntp

    8.3 NTP NTP configuration lets you setup and synchronize routers time. Field name Description 1. Current System time Local time of router. 2. Time zone Time zone of your country. 3. Enable NTP Enable system’s time synchronization with time server using NTP (Network Time Protocol) 4.

  • Page 81: Vpn

    8.4 VPN 8.4.1 OpenVPN VPN (Virtual Private Network) is a method for secure data transfer through unsafe public network. This section explains how to configure OpenVPN, which is implementation of VPN supported by the RUT900 router. A picture below demonstrates default OpenVPN configurations list, which is empty, so you have to define a new configuration to establish any sort of OpenVPN connection.
  • Page 82 To see at specific configuration settings press “edit” button located in newly created configuration entry. A new page with detailed configuration appears, as shown in the picture below (TLS client example).
  • Page 83 You can set custom settings here according to your VPN needs. Below is summary of parameters available to set: Field name Explanation Enabled Switches configuration on and off. This must be selected to make configuration active. TUN/TAP Selects virtual VPN interface type. TUN is most often used in typical IP-level VPN connections, however, TAP is required to some Ethernet bridging configurations.
  • Page 84 authentication designs, providing strong assurances of a requester's identity. Client key Authenticating the client to the server and establishing precisely who they are After setting any of these parameters press “Save” button. Some of selected parameters will be shown in the configuration list table.

  • Page 85: Ipsec

    8.4.2 IPSec The IPsec protocol client enables the router to establish a secure connection to an IPsec peer via the Internet. IPsec is supported in two modes - transport and tunnel. Transport mode creates secure point to point channel between two hosts.
  • Page 86 Field name Value Explanation Enable Enabled/Disabled Check box to enable IPSec. IKE version IKEv1 or IKEv2 Method of key exchange Mode “Main” or ISAKMP (Internet Security Association and Key Management Protocol) “Aggressive” phase 1 exchange mode My identifier type Address, FQDN, Choose one accordingly to your IPSec configuration User FQDN My identifier...
  • Page 87 Field name Value Explanation Encryption DES, 3DES, AES 128, AES 192, AES256 The encryption algorithm must match with another algorithm incoming connection to establish IPSec Authentication MD5, SHA1, SHA256, SHA384, SHA512 The authentication algorithm must match with another incoming connection to establish IPSec Hash algorthm MD5, SHA1, SHA256, SHA384, SHA512 The hash algorithm must match with another incoming...

  • Page 88: Gre Tunnel

    8.4.3 GRE Tunnel GRE (Generic Routing Encapsulation RFC2784) is a solution for tunneling RFC1812 private address-space traffic over an intermediate TCP/IP network such as the Internet. GRE tunneling does not use encryption it simply encapsulates data and sends it over the WAN. In the example network diagram two distant networks LAN1 and LAN2 are connected.
  • Page 89 Field name Explanation Enabled Check the box to enable the GRE Tunnel function. Remote endpoint IP address Specify remote WAN IP address. Remote network IP address of LAN network on the remote device. Remote network netmask Network of LAN network on the remote device. Range [0-32]. Local tunnel IP Local virtual IP address.

  • Page 90: Pptp

    8.4.4 PPTP Point-to-Point Tunneling Protocol (PPTP) is a protocol (set of communication rules) that allows corporations to extend their own corporate network through private "tunnels" over the public Internet. Effectively, a corporation uses a wide-area network as a single large local area network. A company no longer needs to lease its own lines for wide-area communication but can securely use the public networks.
  • Page 91 name Explanation 1. Enable Enable current configuration 2. Use as default gateway Use this PPTP instance as default gateway 3. Server The server IP address or hostname 4. Username The user name for authorization with the server 5. Password The password for authorization with the server...

  • Page 92: L2Tp

    8.4.5 L2TP Allows setting up a L2TP server or client. Below is L2TP server configuration example. Field name Explanation 1. Enable Check the box to enable the L2TP Tunnel function. 2. Local IP IP Address of this device (RUT) 3. Remote IP range begin IP address leases beginning 4.

  • Page 93: Dynamic Dns

    8.5 Dynamic DNS Dynamic DNS (DDNS) is a domain name service allowing to link dynamic IP addresses to static hostname. To start using this feature firstly you should register to DDNS service provider (example list is given in description). You are provided with add/delete buttons to manage and use different DDNS configurations at the same time! You can configure many different DDNS Hostnames in the main DDNS Configuration section.
  • Page 94 Enable Enable/Disable Enables current DDNS configuration. Status Timestamp of the last IP check or update. Service 1. dydns.org Your dynamic DNS service provider selected from the list. 2. 3322.org In case your DDNS provider is not present from the ones provided, 3.

  • Page 95: Sms Utilities

    8.6 SMS Utilities RUT240 has extensive amount of various SMS Utilities. These are subdivided into 6 sections: SMS Utilities, Call Utilities, User Groups, SMS Management, Remote Configuration and Statistics. 8.6.1 SMS Utilities All configuration options are listed below: Reboot Get status...
  • Page 96 Field name Explanation Notes Reboot Enable This check box will enable and Allows router restart via SMS. disable SMS reboot function. Action The action to be performed when this rule is met. SMS text SMS text which will reboot SMS text can contain letters, numbers, spaces and router.
  • Page 97 when this rule is met. Enable SMS Status This check box will enable and SMS status is disabled by default. disable SMS status function. SMS text SMS text which will send SMS text can contain letters, numbers, spaces and routers status. special symbols.
  • Page 98 If it is not selected, router will revert mobile state after reboot. Manage OpenVPN Enable This check box will enable and Allows OpenVPN control via SMS. disable this function. Action The action to be performed Turn OpenVPN ON or OFF. when this rule is met.
  • Page 99 Important Notes:  3G settings must be configured correctly. If SIM card has PIN number you must enter it at “Network” > “3G” settings. Otherwise SMS reboot function will not work.  Sender phone number must contain country code. You can check sender phone number format by reading the details of old SMS text massages you receiving usually.
  • Page 100 SMS text SMS text which will turn Web SMS text can contain letters, numbers, spaces and access ON/OFF. special symbols. Capital letters also matters. Authorization method What kind of authorization to No authorization, by serial or by router admin use for SIM management. password.
  • Page 101 Force Config update from server Enable This check box will enable and Allows to upgrade router‘s Config via SMS. disable this function. Action The action to be performed Router will reboot after this rule is executed. when this rule is met. SMS text SMS text which will force router SMS text can contain letters, numbers, spaces and...
  • Page 102 UCI lets you set or get any parameter from router's configuration files. Following are syntax examples: Parameter Explanation 1. uci get config.section.option" Get config option value. 2. uci set config.section.option=value" Set config option 3. uci show config Shows the config file. 4.

  • Page 103: Call Utilities

    8.6.2 Call Utilities Allow users to call to the router in order to perform one of the actions: Reboot, Get Status, turn Wi-Fi ON/OFF, turn Mobile data ON/OFF. Only thing that is needed is to call routers SIM card number from allowed phone (user) and RUT900 will perform all actions that are assigned for this particular number.

  • Page 104: User Groups

    8.6.3 User Groups Give possibility to group phone numbers for SMS management purposes. You can then later use these groups in all related SMS functionalities. This option helps if there are several Users who should have same roles when managing router via SMS.

  • Page 105: Sms Management

    8.6.4 SMS Management 8.6.4.1 Read SMS In SMS Management page Read SMS you can read and delete received/stored SMS. 8.6.4.2 Send SMS Field name Sample Explanation 1. Phone number +3701111111 Recipients phone number. Should be preceded with country code, i.e. “+370” 2.
  • Page 106 8.6.4.3 Storage With storage option you can choose for router NOT to delete SMS from SIM card. If this option is not used, router will automatically delete all incoming messages after they have been read. Message status “read/unread” is examined every 60 seconds.

  • Page 107: Remote Configuration

    8.6.5 Remote Configuration RUT240 can be configured via SMS from another RUT240. You only have to select which configuration details to send, generate the SMS Text, type in the phone number and Serial number of the router that you wish to configure and Send the SMS.
  • Page 108 Field name Values Notes New/From current Generate new SMS settings or use current device Generate SMS configuration configuration Interface Mobile/Wired Interface type used for WAN (Wide Area Network) connection Enable/Disable Include configuration for WAN (Wide Area Network) Enable/Disable Include configuration for LAN (Local Area Network) Protocol Static/DHCP Network protocol used for network configuration...
  • Page 109 13. Primary SIM card SIM1/SIM2 A SIM card that will be used as primary 14. Mobile connection Use pppd mode An underlying agent that will be used for mobile data Use ndis mode connection creation and management 15. APN “internet.mnc012.mcc345.gprs” (APN) is the name of a gateway between a GPRS or 3G mobile networks and another computer network, frequently the public Internet.

  • Page 110: Statistics

    8.6.6 Statistics In statistics page you can review how much SMS was sent and received on both SIM card slots. You can also reset the counters.

  • Page 111: Snmp

    8.7 SNMP SNMP settings window allows you to remotely monitor and send GSM event information to the server. 8.7.1 SNMP Settings Field name Sample Explanation 1. Enable SNMP service Enable/Disable Run SNMP (Simple Network Management Protocol) service on system's start up 2.

  • Page 112: Trap Settings

    8.7.2 TRAP Settings Field name Sample Explanation 1. SNMP Trap Enable/Disable Enable SNMP (Simple Network Management Protocol) trap functionality 2. Host/IP 192.168.99.155 Host to transfer SNMP (Simple Network Management Protocol) traffic to 3. Port Port for trap's host 4. Community Public/Private The SNMP (Simple Network Management Protocol) Community is an ID that allows access to a router's SNMP data...

  • Page 113: Sms Gateway

    8.8 SMS Gateway 8.8.1 Post/Get Configuration Post/Get Configuration allows you to perform actions by writing these requests URL after your device IP address. Field name Values Notes Enabled / Disabled Enable SMS management functionality through Enable POST/GET admin User name used for authorization User name 3.
  • Page 114 8.8.1.2 Syntax of HTTP POST/GET string HTTP POST/GET string Explanati http://{IP_ADD /cgi-bin/sms_read? Read RESS} username={your_user_name}&password={your_password}&number={MESSAGE_INDEX} message /cgi-bin/sms_send? Send username={your_user_name}&password={your_password}&number={PHONE_NUMBER} message &text={MESSAGE_TEXT} /cgi-bin/sms_delete? Delete username={your_user_name}&password={your_password}&number={MESSAGE_INDEX} message /cgi-bin/ sms_list? username={your_user_name}&password={your_password} List message /cgi-bin/sms_ total? username={your_user_name}&password={your_password} Number message s in memory Note: parameters of HTTP POST/GET string are in capital letters inside curly brackets. Curly brackets (“{ }”) are not needed when submitting HTTP POST/GET string.

  • Page 115: Scheduled Messages

    http://192.168.1.1/cgi-bin/sms_total?username=admin&password=admin01 8.8.2 Scheduled Messages Scheduled messages allow to periodically sending mobile messages to specified number. 8.8.2.1 Scheduled Messages Configuration Field name Values Notes Enable/Disable Activates periodical messages sending. Enable 2. Recipient’s phone “+37060000001” Phone number that will receive messages. number 3.

  • Page 116: Smpp

    Listed numbers going to be replied. 4. Message “Text” Message text that will be sent in reply. 8.8.4 SMPP Field name Values Explanation Enable/Disable Enables SMPP server Enable 2. User name admin User name for authentication on SMPP server 3. Password ●●●●●●●...

  • Page 117: Hotspot

    8.9 Hotspot Wireless hotspot provides essential functionality for managing an open access wireless network. In addition to standard RADIUS server authentication there is also the ability to gather and upload detailed logs on what each device (denoted as a MAC address) was doing on the network (what sites were traversed, etc.). 8.9.1 General settings 8.9.1.1 Main settings Field name...
  • Page 118 Radius server #1 The IP address of the RADIUS server that is to be used for Authenticating your wireless clients. Radius server #2 The IP address of the second RADIUS server. Authentication port RADIUS server authentication port. Accounting port RADIUS server accounting port. Radius secret key The secret key is used for authentication with the RADIUS server UAM port...

  • Page 119: Internet Access Restriction Settings

    8.9.2 Internet Access Restriction Settings Allows disable internet access on specified day and hour of every week. 8.9.3 Logging 8.9.3.1 Configuration Field name Explanation 1. Enable Check this box if you want to enable wireless traffic logging. This feature will produce logs which contain data on what websites each client was visiting during the time he was connected to your hotspot.
  • Page 120 Field name Explanation 1. Mode The mode of the schedule. Use “Fixed” if you want the uploading to be done on a specific time of the day. Use “Interval” if you want the uploading to be done at fixed interval. 2.
  • Page 121 8.9.4 Landing Page 8.9.4.1 General Landing Page Settings With this functionality you can customize your Hotspot Landing page. Field name Explanation 1. Page title Will be seen as landing page title 2. Theme Landing page theme selection 3. Upload login page Allows to upload custom landing page theme 4.

  • Page 122: Radius Server Configuration

    8.9.4.2 Template In this page you can review landing page template HTML code and modify it. 8.9.5 Radius server configuration An authentication and accounting system used by many Internet Service Providers (ISPs). When you dial in to the ISP you must enter your username and password. This information is passed to a RADIUS server, which checks that the information is correct, and then authorizes access to the ISP system.

  • Page 123: Statistics

    Field name Explanation 1. Enable Activates an authentication and accounting system 2. Remote access Activates remote access to radius server 3. Accounting port Port on which to listen for accounting 4. Authentication port Port on which to listen for authentication 8.9.6 Statistics On hotspot statistics page you can review statistical information about hotspot instances.

  • Page 124: Cli

    8.10 CLI CLI or Comand Line Interface functionality allows you to enter and execute comands into routers terminal.

  • Page 125: Auto Reboot

    8.11 Auto Reboot 8.11.1 Ping Reboot Ping Reboot function will periodically send Ping command to server and waits for echo receive. If no echo is received router will try again sending Ping command defined number times, after defined time interval. If no echo is received after the defined number of unsuccessful retries, router will reboot.

  • Page 126: Periodic Reboot

    8.11.2 Periodic Reboot Field name Explanation 1. Enable This check box will enable or disable Periodic reboot feature. 2. Days This check box will enable router rebooting at the defined days. 3. Hours, Minutes Uploading will be done on that specific time of the day...

  • Page 127: Input/Output

    8.12 Input/Output 8.12.1 Main information Digital OUT: open collector type values, 30V@0.3A. Digital IN: non-isolated, Logic low 0...+5V, Logic high +8...+40V 8.12.2 Status In this page you can review the current state of router’s input and output. Field name Explanation 1.
  • Page 128 Field name Explanation 1. Digital Isolated Input name Digital Isolated Input name label 2. High logic level state High logic level state label 3. Low logic level state Low logic level state label...

  • Page 129: Input

    8.12.3 Input Allows you to set up input parameters and specify what actions should be taken after triggering event of input. In check analog section you can change the analog input checking interval. Field name Sample Explanation Type Digital Specifies input type Trigger Input open/input shorted/both Specifies for which trigger rule is applied...

  • Page 130: Output

    8.12.4 Output 8.12.4.1 Output configuration Field name Sample Explanation Open collector Low level / High level Choose what open collector output will be in active output state 8.12.4.2 ON/OFF Field name Sample Explanation Digital OC output Turn on / Turn Off Manually toggle Digital OC output 8.12.4.3 Post/Get Configuration...
  • Page 131 Field name Sample Explanation Enable Enable /Disable Enable POST/GET output functionality Username User1 Service user name Password Pass1 User password for authentication Syntax of Output HTTP POST/GET string With Output post/get you can manage only Output Field name Sample Explanation IP_ADDRESS 192.168.1.1 IP address of your router...
  • Page 132 8.12.4.4 Periodic Control Periodic control function allows user to set up schedule by which the outputs are either turned ON or OFF at specific time. After clicking on ADD button (Or Edit, rule already created) you get second periodic output configuration page with extra parameters to set.
  • Page 133 Field name Sample Explanation Enable Enable/Disable Enable this output rule Output Digital OC output Specify the output type Action On / Off Specify the action to be taken Action timeout Enabled / Disabled Enable timeout for this rule Timeout (sec) Specifies after how much time this action should end.

  • Page 134: Qos

    8.13 QoS QoS (Quality of Service) is the idea that transmission rates, error rates, and other characteristics can be measured, improved, and, to some extent, guaranteed in advance. QoS is of particular concern for the continuous transmission of high-bandwidth video and multimedia information. QoS can be improved with traffic shaping techniques such as packet, network traffic, and port prioritization.

  • Page 135: System

    9 System 9.1 Setup Wizard The configuration wizard provides a simple way of quickly configuring the device in order to bring it up to basic functionality. The wizard is comprised out of 4 steps and they are as follows: Step 1 (General change) First, the wizard prompts you to change the default password.

  • Page 136: Profiles

    Step 3 (LAN) Next, you are given the chance to configure your LAN and DHCP server options. For a detailed explanation see LAN under Network. Step 4 (Wi-Fi) The final step allows you to configure your wireless settings in order to set up a rudimentary Access Point. When you’re done with the configuration wizard, press Save.

  • Page 137: Administration

    9.3 Administration 9.3.1 General Field name Explanation Router name Enter your new router name. Host name Enter your new host name New Password Enter your new administration password.

  • Page 138: Troubleshoot

    Changing this password will change SSH password as well. Confirm new password Re-enter your new administration password. Language Website will be translated into selected language. IPv6 support Enable IPv6 support on router Show mobile info at login page Show operator and signal strength at login page. Show WAN IP at login page Show WAN IP at login page.

  • Page 139: Backup

    Field name Explanation System log level Debug level should always be used, unless instructed otherwise. Save log in Default RAM memory should always be used unless instructed otherwise. Include GSMD information Default setting – enabled should be used, unless instructed otherwise. Include PPPD information Default setting –...
  • Page 140 computer. This file loaded to other RUT230 with same Firmware version in order quickly configure Restor Select, e from upload backu restore router settings file from personal computer. 9.3.3.1 Access control 9.3.3.1.1 General...
  • Page 141 Field name Explanation Enable SSH access Check box to enable SSH access. Remote SSH access Check box to enable remote SSH access. Port Port to be used for SSH connection Enable HTTP access Enables HTTP access to router Enable remote HTTP Enables remote HTTP access to router access Port...

  • Page 142: Diagnostics

    9.3.3.1.2 Safety Field name Explanation 1. SSH access secure Check box to enable SSH access secure functionality. enable 2. Clean after reboot If check box is selected – blocked addresses are removed after every reboot. 3. Fail count Specifies maximum connection attempts count before access blocking. 4.

  • Page 143: Mac Clone

    Field name Explanation 1. Host Enter server IP address or hostname. 2. Ping Utility used to test the reach ability of a host on an Internet IP network and to measure the round-trip time for messages sent from the originating host to a destination server. Server echo response will be shown after few seconds if server is accessible.

  • Page 144: Monitoring

    Field name Explanation Mobile Check box to show Mobile table in Overview page SMS counter Check box to show SMS counter table in Overview page System Check box to show System table in Overview page Wireless Check box to show Wireless table in Overview page Check box to show WAN table in Overview page Local network Check box to show Local network table in Overview page...

  • Page 145: User Scripts

    9.4 User scripts Advanced users can insert their commands that will be executed at the end of booting process. In Script Management window is shown content of a file /etc/rc.local. This file is executed at the end of startup, executing the line: sh /etc/rc.local In this script is needed to use sh (ash) commands. It should be noted, that this is embedded device and sh functionality is not full.

  • Page 146: Fota

    Keep mobile settings – if the check box is selected router will keep saved user mobile configuration settings after firmware upgrade. FW image – router firmware upgrade file. Warning: Never remove router power supply and do not press reset button during upgrade process! This would seriously damage your router and make it inaccessible.

  • Page 147: Reboot

    Field name Explanation 1. Server address Specify server address to check for firmware updates. E.g. “http://teltonika.sritis.lt/rut9xx_auto_update/clients/” 2. User name User name for server authorization. 3. Password Password name for server authorization. 4. Enable auto check Check box to enable automatic checking for new firmware updates.

  • Page 148: Device Recovery

    The following section describes available options for recovery of malfunctioning device. Usually device can become unreachable due to power failure during firmware upgrade or if its core files were wrongly modified in the file system. Teltonika’s routers offer several options for recovering from these situations. 10.1 Reset button Reset button is located on the back panel of the device.

  • Page 149: Glossary

    11 Glossary WAN – Wide Area Network is a telecommunication network that covers a broad area (i.e., any network that links across metropolitan, regional, or national boundaries). Here we use the term WAN to mean the external network that the router uses to reach the internet. LAN –...
  • Page 150 TKIP – Temporal Key Integrity Protocol – scrambles the keys using hashing algorithm and, by adding an integrity- checking feature, ensure that the keys haven’t been tampered with. CCMP – Counter Mode Cipher Block Chaining Message Authentication Code Protocol – encryption protocol designed for Wireless LAN products that implement the standards of the IEEE 802.11i amendment to the original IEEE802.11 standard.

Table of Contents