Digi TX54 User Manual
  1. Manuals
  2. Brands
  3. Digi Manuals
  4. Network Router
  5. TX54
  6. User manual

Digi TX54 User Manual

Hide thumbs Also See for TX54:
1
2
3
Table Of Contents
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
Table of Contents

Advertisement

Quick Links

Download this manual
TX54
User Guide

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the TX54 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Digi TX54

Summary of Contents for Digi TX54

  • Page 1 TX54 User Guide...

  • Page 2: Revision History-90002357

    Information in this document is subject to change without notice and does not represent a commitment on the part of Digi International. Digi provides this document “as is,” without warranty of any kind, expressed or implied, including, but not limited to, the implied warranties of fitness or merchantability for a particular purpose.
  • Page 3 Contact us at +1 952.912.3444 or visit us at www.digi.com/support. Feedback To provide feedback on this document, email your comments to techcomm@digi.com Include the document title and part number (TX54 User Guide, 90002357 B) in the subject line of your email. TX54 User Guide...

  • Page 4: Table Of Contents

    Contents Revision history—90002357 What's new in Digi TX54 version 20.2 Digi TX54 Quick start Quick start using the Digi Remote Manager mobile app Step 1: What's in the box Step 2: Gather accessories Step 3: Connect Step 4: Power up...
  • Page 5 Mount the TX54 to a mounting surface Connect power Mount and ground chassis TX54 electrical rating TX54 power connector Battery power management Configuration and management Review TX54 default settings Local WebUI Digi Remote Manager Default interface configuration Other default configuration settings...
  • Page 6 Delete a static route Policy-based routing Configure a routing policy Example: Dual WAN policy-based routing Example: Route traffic to a specific WAN interface based on the client MAC address Routing services Configure routing services Show the routing table TX54 User Guide...
  • Page 7 Enable or disable the internal GNSS module Use a dead reckoning external USB GNSS receiver Configure the device to accept location messages from external sources Forward location information to a remote host Show location information System time Configure the system time TX54 User Guide...
  • Page 8 Use digidevice.config for device configuration Use Python to respond to Digi Remote Manager SCI requests Use digidevice runtime to access the runtime database Using Python to upload the device name to Digi Remote Manager The digidevice led submodule User authentication...
  • Page 9 Show web filter service information System administration Review device status Configure system information Update system firmware Manage firmware updates using Digi Remote Manager Certificate management for firmware images Update cellular module firmware Reboot your TX54 device Reboot your device immediately...
  • Page 10 Configure Digi Remote Manager Collect device health data and set the sample interval Log into Digi Remote Manager Use Digi Remote Manager to view and manage your device Add a device to Digi Remote Manager View Digi Remote Manager connection status...
  • Page 11 Digi TX54 regulatory and safety statements RF exposure statement Federal Communication (FCC) Part 15 Class B Radio Frequency Interference (RFI) (FCC 15.105) European Community - CE Mark Declaration of Conformity (DoC) CE mark (Europe) ANATEL (Brazil) Maximum transmit power for radio frequencies...
  • Page 12 TX54 User Guide...

  • Page 13: What's New In Digi Tx54 Version 20.2

    What's new in Digi TX54 version 20.2 Release of DigiTX54 firmware version 20.2: Digi SureLink support (formerly known as active recovery). Enabled by default on preconfigured WANs and WWANs. Role-based user access. Allow shell option added to authentication. Read-only access option added to user configuration.

  • Page 14: Digi Tx54 Quick Start

    When you open the TX54 package, look for the following: Digi TX54 device The Digi TX54 has a product label on the bottom of the device. The label includes product identification information and the default password assigned to the device.

  • Page 15: Step 2: Gather Accessories

    Step 2: Gather accessories Digi offers several TX54 accessory kits so you can purchase exactly what you need to support your TX54. See TX54 support for a list of accessory kits.

  • Page 16: Step 3: Connect

    Wait for the power LED to stop blinking. The device is ready. Step 5: Configure a. On the PC connected to the TX54, open a browser and go to 192.168.2.1. b. Log into the TX54: User name: Use the default user name: admin.

  • Page 17: Digi Tx54 Hardware Reference

    Note For installations up to +74° C, use TRACO Power TPP-30-112J, TPP-30-115J, TPP-30-124J, and TEX120-112. TX54 front view The following figure shows the front view of the TX54 dual cellular model. Other models will look slightly different. TX54 User Guide...

  • Page 18: Tx54 Leds

    Power sensor and button behavior TX54 LEDs The TX54 LEDs are located on the top front panel. The number of LEDs varies by model. During bootup, the front-panel LEDs light up in sequence to indicate boot progress. Single cellular models...

  • Page 19: Gnss Service

    Digi TX54 hardware reference TX54 LEDs GNSS Service Solid Green: GNSS is enabled and has a valid fix. Blinking Green: GNSS is enabled but does not have a valid fix. Off: GNSS is not enabled. Wi-Fi Service (single Wi-Fi models) Solid Green: Wi-Fi access points or Wi-Fi clients are enabled.

  • Page 20: Power Sensor And Button Behavior

    Power sensor and button behavior The TX54 has an ignition sensor that can automatically power on the device when the ignition line is You can also power on the TX54 using the Power button. If the TX54 does not automatically restart when the power ignition sense is on, press the Power button to restore power.
  • Page 21 Digi TX54 hardware reference Digi TX54 serial connector pinout DTE signal Signal name RS232 signal direction DB9 pin number Clear to Send Data Set Ready Ground Data Carrier Detect Data Terminal Ready Ring Indicate TX54 User Guide...
  • Page 22 Hardware setup This chapter contains the following topics: Install SIM cards Connect data cables Connect antennas Mount the TX54 to a mounting surface Connect power TX54 User Guide...

  • Page 23: Hardware Setup

    Install SIM cards Install SIM cards To install SIM cards: 1. On the TX54 front panel, use a Philips screwdriver to remove the SIM slot cover. 2. For high-vibration environments, apply a thin layer of dielectric grease to the SIM contacts. Note If the TX54 device is used in an environment with high vibration levels, SIM card contact fretting may cause unexpected SIM card failures.

  • Page 24: Mount The Tx54 To A Mounting Surface

    Connect the TX54 power cable to a power source. Vehicle installation The TX54 shall be powered from a 5 A fused circuit or shall be installed with an in-line Slow Blow fuse rated at 5 A. Maximum ambient operating temperature is limited to 74°C.

  • Page 25: Mount And Ground Chassis

    Alternate installations The TX54 shall be powered by a Certified ITE LPS power supply or a Direct Plugin Class 2 output transformer rated at either 12 VDC/2.5 A or 24 VDC/1.25 A minimum. Supplies shall be suitable for the ambient for which they are installed.

  • Page 26: Tx54 Electrical Rating

    If 6 V < Vin < 9 V, the unit powers off after 30 seconds. If Vin < 6 V, the unit powers off after 3 seconds. Once the TX54 is powered off, it will power on again only if Vin > 11.5 V "turn-on” voltage. TX54 User Guide...
  • Page 27 Configuration and management This chapter contains the following topics: Review TX54 default settings Reset default password for the default admin user Configuration methods Using Digi Remote Manager Access Digi Remote Manager Using the web interface Using the command line Access the command line interface...

  • Page 28: Review Tx54 Default Settings

    Configuration and management Review TX54 default settings Review TX54 default settings You can review the default settings for your TX54 device by using the local WebUI or Digi Remote Manager: Local WebUI 1. Log into the TX54 WebUI as a user with Admin access. See Using the web interface for details.
  • Page 29 Configuration and management Review TX54 default settings Preconfigured Interface type interfaces Devices Default configuration Dual cellular Dual cellular Firewall zone: External WAN priority: Metric=3 models only: models only: SIM failover after 5 WWAN2 WWAN2 attempts cellular SureLink enabled for modem...
  • Page 30 Configuration and management Review TX54 default settings Preconfigured Interface type interfaces Devices Default configuration Single-Wi-Fi Single-Wi-Fi Disabled SSID: Digi Hotspot models: Digi models: Wi-Fi Encryption: Open Hotspot AP radio (Unencrypted) Dual-Wi-Fi (Wi-Fi1) Dual-Wi-Fi models: Wi- models: Digi Fi1 radio Hotspot AP...

  • Page 31: Other Default Configuration Settings

    Packet filtering allows all outbound traffic. Security policies SSH and web administration: Enabled for local administration Firewall zone: Internal Device heath metrics uploaded to Digi Remote Manager at 60 minute Monitoring interval. SNMP: Disabled Reset default password for the default admin user...
  • Page 32 (or the printed label included in the package).    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.

  • Page 33: Configuration Methods

    Configuration and management Configuration methods 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 34 Configuration and management Configuration methods Shows how to perform a task by using the command line interface. TX54 User Guide...

  • Page 35: Using Digi Remote Manager

    Using Digi Remote Manager Using Digi Remote Manager By default, your TX54 device is configured to use Digi Remote Manager as its central management server. No configuration changes are required to begin using the Remote Manager. For information about configuring central management for your TX54 device, see...

  • Page 36: Log Out Of The Web Interface

    Summarizes network statistics: the total number of bytes sent and received over all Network configured bridges and Ethernet devices. activity Digi Displays the device connection status for Digi Remote Manager, the amount of time Remote the connection has been up, and the Digi Remote Manager device ID. Using Digi Remote Manager.

  • Page 37: Using The Command Line

    Log in to the command line interface    Command line 1. Connect to the TX54 device by using a serial connection, SSH or telnet, or the Terminal in the WebUI or the Console in the Digi Remote Manager. See Access the command line interface more information.

  • Page 38: Exit The Command Line Interface

    Admin CLI s: Shell q: Quit Select access or quit [admin] : Type a or admin to access the TX54 command line. You will now be connected to the Admin CLI: Connecting now, 'exit' to disconnect from Admin CLI ... >...

  • Page 39: Interfaces

    Interfaces TX54 devices have several physical communications interfaces. The available interfaces vary by device model. These interfaces can be bridged in a Local Area Network (LAN) or assigned to a Wide Area Network (WAN). This chapter contains the following topics:...

  • Page 40: Wide Area Networks (Wans)

    Interfaces Wide Area Networks (WANs) Wide Area Networks (WANs) The TX54 device is preconfigured with one Wide Area Network (WAN), named WAN1, and one or two Wireless Wide Area Network (WWAN)s, named WWAN or WWAN1 and WWAN2. Preconfigured Default Interface type...

  • Page 41: Wide Area Networks (Wans) And Wireless Wide Area Networks (Wwans)

    WANs and WWANs. When a WAN is initialized, the TX54 device automatically adds a default IP route for the WAN. The priority of the WAN is based on the metric of the default route, as configured in the WAN's IPv4 and IPv6 metric settings.
  • Page 42 Wide Area Networks (WANs)    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Set the metrics for WWAN or WWAN1: a.
  • Page 43 The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it. The TX54 device is now configured to use the cellular modem WWAN, WWAN1 or WWAN, as its highest priority WAN, and its Ethernet WAN, WAN1, as its secondary WAN.

  • Page 44: Wan/Wwan Failover

    WAN, and its Ethernet WAN, WAN1, as its secondary WAN. WAN/WWAN failover If a connection to a WAN interface is lost for any reason, the TX54 device will immediately fail over to the next WAN or WWAN interface, based on WAN priority. See...

  • Page 45: Configure Surelink Active Recovery To Detect Wan/Wwan Failures

    Problems can occur beyond the immediate WAN/WWAN connection that prevent some IP traffic from reaching its destination. Normally this kind of problem does not cause the TX54 device to detect that the WAN has failed, because the connection continues to work while the core problem exists somewhere else in the network.
  • Page 46   WebUI SureLink can be configured for both IPv4 and IPv6. 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 47 The default is 60 seconds. 10. Optional active recovery configuration parameters: a. For Restart interface, enable to configure the device to restart the interface when its connection is considered to have failed. This is useful for interfaces that may regain TX54 User Guide...
  • Page 48 Active recovery can be configured for both IPv4 and IPv6. These instructions are for IPv4; to configure IPv6 active recovery, replace ipv4 in the command line with ipv6. 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu.
  • Page 49 Specify the DNS server. Allowed value is the IP address of the DNS server. (config network interface my_wan ipv4 surelinktarget 0)> dns_ server ip_address (config network interface my_wan ipv4 surelinktarget 0)> dns_configured: Tests connectivity by sending a DNS query to the DNS servers configured for this interface. TX54 User Guide...
  • Page 50 (config network interface my_wan ipv4 surelink target 0)> The default is 60 seconds. (Optional) Repeat to add additional test targets. 7. Optional active recovery configuration parameters: a. Move back two levels in the configuration by typing ..: TX54 User Guide...
  • Page 51 (config network interface my_wan ipv4 surelink)> timeout value (config network interface my_wan ipv4 surelink> where value is any number of weeks, days, hours, minutes, or seconds, and takes the format number{w|d|h|m|s}. For example, to set timeout to ten minutes, enter either 10m or 600s: TX54 User Guide...

  • Page 52: Configure The Device To Reboot When A Failure Is Detected

    Type quit to disconnect from the device. Configure the device to reboot when a failure is detected Using SureLink, you can configure the TX54 device to reboot when it has determined that an interface has failed. Required configuration items Enable SureLink.
  • Page 53   WebUI SureLink can be configured for both IPv4 and IPv6. 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 54 Allowed values are any number of weeks, days, hours, minutes, or seconds, and take the format number{w|d|h|m|s}. For example, to set Response timeout to ten minutes, enter 10m or 600s. TX54 User Guide...
  • Page 55 Active recovery can be configured for both IPv4 and IPv6. These instructions are for IPv4; to configure IPv6 active recovery, replace ipv4 in the command line with ipv6. 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu.
  • Page 56 (Optional) Set the amount of time that the interface can be down before this test is considered to have failed: TX54 User Guide...
  • Page 57 For example, to set interval to ten minutes, enter either 10m or 600s: (config network interface my_wan ipv4 surelink)> interval 600s (config network interface my_wan ipv4 surelink)> The default is 15 minutes. TX54 User Guide...

  • Page 58: Disable Surelink

    DNS resolution, follow this procedure to disable the default SureLink connectivity tests. You can also disable DNS lookup or other internet activity, while retaining the SureLink interface test.    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. TX54 User Guide...
  • Page 59    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 60    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. TX54 User Guide...
  • Page 61 9. Click Apply to save the configuration and apply the change. The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it. TX54 User Guide...

  • Page 62: Example: Use A Ping Test For Wan Failover From Ethernet To Cellular

    Wide Area Networks (WANs)    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 63 TX54 device brings the WAN1 interface down and starts using the WWAN1 interface. If the TX54 device cannot get a connection on the WWAN1 interface, it attempts to use the WWAN2 interface. It continues to regularly test the connection to WAN1 and WWAN1, and when tests on one of those WANs succeeds, the device falls back to the successful highest priority WAN.
  • Page 64 WWAN2 and continue to be serve as a backup to WAN1, WWAN1's metric should be set to 2. a. Click Network > Interface > WWAN1 > IPv4. b. For Metric, type 2. 6. Click Apply to save the configuration and apply the change. TX54 User Guide...
  • Page 65    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 66: Using Ethernet Devices In A Wan

    Using Ethernet devices in a WAN The TX54 device has four Ethernet devices, named ETH1 , ETH2, ETH3, and ETH4. You can use these Ethernet interfaces as a WAN when connecting to the Internet, through a device such as a cable...
  • Page 67 Typically, you configure SIM1 of the cellular modem as the primary cellular interface, and SIM2 as the backup cellular interface. In this way, if the TX54 device cannot connect to the network using SIM1, it automatically fails over to SIM2. TX54 devices automatically use the correct cellular module firmware for each carrier when switching SIMs.
  • Page 68 9. Click Apply to save the configuration and apply the change. The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it. TX54 User Guide...
  • Page 69 > config (config)> 3. Depending on the model of the TX54 device, there may be one WWAN, named either wwan or wwan1, or there may be two WWANs, wwan1 and wwan2, which correspond to each cellular modem. Use the appropriate WWAN name to set the APN for the modem used by that WWAN.
  • Page 70 The modem status window is displayed    Command line 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 71   Command line To unlock a SIM card: 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 72 If the signal strength LEDs or the signal quality for your device indicate Poor or No service, try the following things to improve signal strength: Move the TX54 device to another location. Try connecting a different set of antennas, if available.
  • Page 73 To run AT commands from the TX54 command line:    Command line 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 74 APNs, and then use routing roles to forward traffic to the appropriate WWAN interface.    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 75 For Device, select WWAN1 cellular modem (for certain models, this will be WWAN cellular modem). f. (Optional): Configure the public APN. If the public APN is not configured, the TX54 will attempt to determine the APN. i. Click to expand APN list > APN.
  • Page 76 For APN, type the private APN provided to you by your cellular carrier. 5. Create the routing policies. For example, to route all traffic from LAN1 through the public APN, and LAN2 through the private APN: TX54 User Guide...
  • Page 77 Configure the source address: i. Click to expand Source address. ii. For Type, select Interface. iii. For Interface, select LAN2. k. Configure the destination address: i. Click to expand Destination address. ii. For Type, select Interface. TX54 User Guide...
  • Page 78    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 79 Wide Area Networks (WANs) (config network interface WWANPublic)> modem device wwan1 (config network interface WWANPublic)> d. (Optional): Set the public APN. If the public APN is not configured, the TX54 will attempt to determine the APN. (config network interface WWANPublic)> modem apn public_apn (config network interface WWANPublic)>...
  • Page 80 Set the label that will be used to identify this route policy: (config network route policy 1)> label "Route through private apn" (config network route policy 1)> i. Set the interface: (config network route policy 1)> interface /network/interface/WWANPrivate (config network route policy 1)> TX54 User Guide...
  • Page 81 (config network route policy 1)> save Configuration saved. > 7. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 82: Configure A Wide Area Network (Wan)

    Configure SureLink active recovery to detect WAN/WWAN failures for further information. MAC address blacklist and whitelist. To create a new WAN or edit an existing WAN:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. TX54 User Guide...
  • Page 83 6. For Zone, select External. 7. For Device, select an Ethernet device, a Wi-Fi client, or a bridge. See Bridging for more information about bridging. 8. Configure IPv4 settings: a. Click to expand IPv4. IPv4 support is enabled by default. TX54 User Guide...
  • Page 84 Never: Never use DNS servers for this interface. vi. Enable DHCP Hostname to instruct the TX54 device to include the device's system name with DHCP requests as the Client FQDN option. The DHCP server can then be configured to register the device's hostname and IP address with an associated DNS server.
  • Page 85 Never: Never use DNS servers for this interface. k. Enable DHCP Hostname to instruct the TX54 device to include the device's system name with DHCP requests as the Client FQDN option. The DHCP server can then be configured to register the device's hostname and IP address with an associated DNS server.
  • Page 86 Wide Area Networks (WANs)    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 87 (config network interface my_wan)> where value is one of: always: DNS will always be used for this WAN; when multiple interfaces have the same DNS server, the interface with the lowest metric will be used for DNS requests. TX54 User Guide...
  • Page 88 Never use DNS servers for this interface. vi. Enable DHCP Hostname to instruct the TX54 device to include the device's system name with DHCP requests as the Client FQDN option. The DHCP server can then be configured to register the device's hostname and IP address with an associated DNS server.

  • Page 89: Configure A Wireless Wide Area Network (Wwan)

    The SIM phone number for SMS connections. Enable or disable roaming. DNS options. SIM failover configuration. APN configuration. The custom gateway/netmask. IPv4 configuration: The metric for IPv4 routes associated with the WAN. The relative weight for IPv4 routes associated with the WAN. TX54 User Guide...
  • Page 90    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Network > Interfaces.
  • Page 91 Normally, this should be left blank. It is only necessary to complete this field if the SIM does not have a phone number or if the phone number is incorrect. d. Roaming is enabled by default. Click to disable. TX54 User Guide...
  • Page 92 Reboot device: The device will reboot if automatic SIM switching is unavailable. 9. For APN list and APN list only, the TX54 device uses a preconfigured list of Access Point Names (APNs) when attempting to connect to a cellular carrier for the first time. After the device has successfully connected, it will remember the correct APN.
  • Page 93 Active recovery.    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 94 Match SIM carrier: The SIM carrier match criteria. This interface is applied when the SIM card is provisioned from the carrier. Format: AT&T Rogers Sprint T-Mobile Telstra Verizon Vodafone other Default value: AT&T Current value: AT&T (config network interface my_wwan)> TX54 User Guide...
  • Page 95 Normally, this should be left blank. It is only necessary to complete this field if the SIM does not have a phone number or if the phone number is incorrect. d. Roaming is enabled by default. To disable: (config network interface my_wwan)> modem roaming false (config network interface my_wwan)> TX54 User Guide...
  • Page 96 The device will reboot if automatic SIM switching is unavailable. 7. The TX54 device uses a preconfigured list of Access Point Names (APNs) when attempting to connect to a cellular carrier for the first time. After the device has successfully connected, it will remember the correct APN.
  • Page 97 (config network interface my_wwan)> ipv4 mtu num (config network interface my_wwan)> f. See Configure SureLink active recovery to detect WAN/WWAN failures for information about configuring active recovery. 10. Optional IPv6 configuration items: a. Click IPv6 to expand. TX54 User Guide...

  • Page 98: Show Wan And Wwan Status And Statistics

    3. Under Networking, click Interfaces.    Command line 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 99 IPv4 DNS Server(s) : 10.10.10.2, 10.10.10.3 IPv6 Status : up IPv6 Type : dhcpv6 IPv6 Address(es) : fe00:2404::240:f4ff:fe80:120/64 IPv6 Gateway : ff80::234:f3ff:ff0e:4320 IPv6 MTU : 1500 IPv6 Metric IPv6 Weight : 10 IPv6 DNS Server(s) : fd00:244::1, fe80::234:f3f4:fe0e:4320 > TX54 User Guide...
  • Page 100 Interfaces Wide Area Networks (WANs) 4. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 101: Delete A Wan Or Wwan

    The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it.    Command line 1. Log into the TX54 command line as a user with full Admin access rights. TX54 User Guide...
  • Page 102 4. Save the configuration and apply the change: (config)> save Configuration saved. > 5. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 103: Local Area Networks (Lans)

    Interfaces Local Area Networks (LANs) Local Area Networks (LANs) The TX54 device is preconfigured with the following Local Area Networks (LANs): Preconfigured Interface type interfaces Devices Default configuration Local Area Networks (LANs) LAN1 Bridge: LAN1 Firewall zone: Internal IP address: 192.168.2.1/24...

  • Page 104: About Local Area Networks (Lans)

    The following diagram shows a LAN connected to the ETH2, ETH3, and ETH4 Ethernet devices and the Digi AP (Wi-Fi) access point. Once the LAN is configured and enabled, the devices connected to the network interfaces can communicate with each other, as demonstrated by the ping commands.
  • Page 105 To create a new LAN or edit an existing LAN:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 106 For Prefix ID, type the identifier used to extend the prefix to the assigned length. Leave blank to use a random identifier. f. Set the Metric. TX54 User Guide...
  • Page 107    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 108 LAN to be a DHCP client, rather than using a static IP addres: (config network interface my_lan)> ipv4 type dhcp (config network interface my_lan)> These instructions assume that the LAN will use a static IP address for its IPv4 configuration. TX54 User Guide...
  • Page 109 (config network interface my_lan)> ipv6 type dhcpv6 (config network interface my_lan)> c. Generally, the default settings for IPv6 support are sufficient. You can view the default IPv6 settings by using the question mark (?): (config network interface my_lan)> ipv6 ? IPv6 TX54 User Guide...
  • Page 110 If the minimum length is not available, then a longer prefix will be used. Configure WAN/WWAN priority and default route metrics for further information about metrics. 8. Save the configuration and apply the change: (config network interface my_lan)> save Configuration saved. > TX54 User Guide...

  • Page 111: Example: Configure Two Lans

    Type quit to disconnect from the device. Example: Configure two LANs The default configuration of the TX54 consists of one LAN (LAN1), which is configured to use the LAN1 bridge. Its default IP address is 192.168.2.1, and it has its DHCP server enabled. The default...
  • Page 112 3. Click Configuration > Network > Bridges > LAN1 > Devices. 4. Delete the ETH3, ETH4, and Digi AP (Wi-Fi2) (dual-Wi-Fi models only) devices from the bridge: a. Click the menu icon (...) next to the ETH3 device and select Delete.
  • Page 113 Commands and output will vary slightly if your TX54 device is a single-WiFi model. 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu.
  • Page 114 (config network bridge LAN2)> add device end /network/device/eth3 (config network bridge LAN2)> c. If your device is a dual-WiFi model, add the Digi AP (Wi-Fi2) access point to the bridge: (config network bridge LAN2)> add device end /network/wireless/ap/digi_ (config network bridge LAN2)>...
  • Page 115 Interfaces Local Area Networks (LANs) d. Use the show command again to verify that the LAN2 bridge now has two devices, ETH3 and Digi AP (Wi-Fi2): (config network bridge LAN2)> show network bridge lan2 device 0 /network/device/eth3 1 /network/wireless/ap/digi_ap2 (config network bridge LAN2)>...
  • Page 116 In this task, we will create a new LAN, named LAN2, to use the LAN2 bridge created in task one.    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 117 6. Enable the access points and set the SSIDs: a. Configure Digi AP (Wi-Fi) (single-Wi-Fi models) or Digi AP (Wi-Fi1) (dual-Wi-Fi models): i. Click Network > Wi-Fi > Access points > Digi AP (Wi-Fi) (single-Wi-Fi models) or Digi AP (Wi-Fi1) (dual-Wi-Fi models).
  • Page 118 Commands and output will vary slightly if your TX54 device is a single-WiFi model. 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu.
  • Page 119 Set the SSID for the Digi AP (Wi-Fi1) access point: (config)> network wifi ap digi_ap1 ssid Example1 (config)> d. Set the password for the Digi AP (Wi-Fi1) access point: (config)> network wifi ap digi_ap1 encryption key_psk2 password1 (config)> e. Enable the Digi AP (Wi-Fi2) access point: (config)>...

  • Page 120: Show Lan Status And Statistics

    WAN/ETH1 Ethernet port. 2. Verify that LAN1 is operating correctly: a. Connect a device to LAN1 through the ETH2 Ethernet port, or by connecting to the Digi AP (Wi-Fi) (single-WiFi models) or Digi AP (Wi-Fi1) (dual-WiFi models) access point. b. Verify that the device has been provided an IP address from the LAN1 DHCP server in the 192.168.2.* subnet.
  • Page 121 : 1500 IPv4 Metric IPv4 Weight : 10 IPv4 DNS Server(s) IPv6 Status : up IPv6 Type : prefix IPv6 Address(es) : fd00:2704::1/48 IPv6 Gateway IPv6 MTU : 1500 IPv6 Metric IPv6 Weight : 10 IPv6 DNS Server(s) TX54 User Guide...

  • Page 122: Delete A Lan

    LAN, LAN1.    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Network > Interfaces.

  • Page 123: Dhcp Servers

    Type quit to disconnect from the device. DHCP servers You can enable DHCP on your TX54 device to assign IP addresses to clients, using either: The DHCP server for the device's local network, which assigns IP addresses to clients on the device's local network.
  • Page 124    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Network > Interfaces.
  • Page 125    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 126 Determine how the DHCP server should broadcast the gateway server: (config)> network interface my_lan ipv4 dhcp_server advanced gateway value (config)> where value is one of: none: No gateway is broadcast by the DHCP server. Client destinations must be resolvable without a gateway. TX54 User Guide...
  • Page 127 Interfaces Local Area Networks (LANs) auto: Broadcasts the TX54 device's gateway. custom: Allows you to identify the IP address of a custom gateway to be broadcast: (config)> network interface my_lan ipv4 dhcp_server advanced gateway_custom ip_address (config)> The default is auto.
  • Page 128 MAC address of the device. Additional configuration items A label for this instance of the static lease. To map static IP addresses:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. TX54 User Guide...
  • Page 129    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 130 8. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. Show current static IP mapping To view your current static IP mapping:    WebUI TX54 User Guide...
  • Page 131 3. Under Networking, click DHCP Leases.    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 132    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 133 Type quit to disconnect from the device. Configure DHCP options You can configure DHCP servers running on your TX54 device to send certain specified DHCP options to DHCP clients. You can also set the user class, which enables you to specify which specific DHCP clients will receive the option.
  • Page 134 The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it.    Command line 1. Log into the TX54 command line as a user with full Admin access rights. TX54 User Guide...
  • Page 135 0)> force true (config network interface my_lan ipv4 dhcp_server advanced custom_option 0)> 9. (Optional) Set the data type that the option uses. If the incorrect data type is selected, the device will send the value as a string. TX54 User Guide...
  • Page 136 LAN. For the TX54 device, DHCP relay is configured by providing the IP address of a DHCP relay server, rather than an IP address range. If both the DHCP relay server and an IP address range are specified, DHCP relay is used, and the specified IP address range is ignored.
  • Page 137    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 138 Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. Show DHCP server status and settings View DHCP status to monitor which devices have been given IP configuration by the TX54 device and to diagnose DHCP issues. TX54 User Guide...

  • Page 139: Create A Virtual Lan (Vlan) Route

    3. Under Networking, click DHCP Leases.    Command line 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 140 To create a VLAN:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Network > Virtual LAN.
  • Page 141 Local Area Networks (LANs)    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 142 Interfaces Local Area Networks (LANs) 7. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 143: Bridging

    Interfaces Bridging Bridging Bridging is a mechanism to create a single network consisting of multiple devices, such as Ethernet devices and wireless access points. By default, the TX54 has the following preconfigured bridges: Preconfigured Default Interface type interfaces Devices configuration...

  • Page 144: Edit The Preconfigured Lan1 Bridge

    To edit the preconfigured LAN1 bridge:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Network > Bridges > LAN1.
  • Page 145    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 146 Ethernet: ETH2 Ethernet: ETH3 Ethernet: ETH4 Wi-Fi access point: Digi AP (Wi-Fi) or Digi AP (Wi-Fi) Wi-Fi access point: Digi AP (Wi-Fi2) (Dual-Wi-Fi variants only) a. To delete a device from the bridge: i. Determine the index numbers of the devices included with the bridge: (config)>...

  • Page 147: Configure A Bridge

    /network/wireless/ap/digi_hotspot_ap1 /network/wireless/ap/digi_hotspot_ap2 Default value: /network/bridge/lan1 Current value: /network/bridge/lan1 (config network bridge my_bridge)> ii. Add the appropriate device. For example, to add the Digi AP (Wi-Fi) Wi-Fi access point: (config network bridge my_bridge)> add device end /network/wireless/ap/digi_ap1 (config)> 5. (Optional) Enable Spanning Tree Protocol (STP).
  • Page 148 To create a bridge:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Network > Bridges.
  • Page 149 Interfaces Bridging TX54 User Guide...
  • Page 150 Bridging    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 151 Interfaces Bridging b. Add the appropriate device. For example, to add the Digi AP (Wi-Fi) Wi-Fi access point: (config network bridge my_bridge)> add device end /network/wireless/ap/digi_ap1 (config)> 6. (Optional) Enable Spanning Tree Protocol (STP). STP is used when using multiple LANs on the same device, to prevent bridge loops and other routing conflicts.

  • Page 152: Serial Port

    TX54 devices have a single serial port that provides access to the command-line interface. Use an RS-232 serial cable to establish a serial connection from your TX54 to your local laptop or PC. Use a terminal emulator program to establish the serial connection. The terminal emulator's serial connection must be configured to match the configuration of the TX54 device's serial port.
  • Page 153 9. For Parity, select the type of parity used by the device to which you want to connect. 10. For Stop bits, select the number of stop bits used by the device to which you want to connect. TX54 User Guide...
  • Page 154 12. Click Apply to save the configuration and apply the change. The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it. TX54 User Guide...
  • Page 155 Configure the serial port    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 156: Show Serial Status And Statistics

    3. Under Connections, click Serial.    Command line 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 157: Wi-Fi

    Wi-Fi This chapter applies to the TX54W Wi-Fi enabled model only. The TX54W device is preconfigured with the following access point: The TX54 device is preconfigured with the following Wi-Fi access points: Preconfigured Default Interface type interfaces Devices configuration Wi-Fi...

  • Page 158: Wi-Fi Configuration

    Show Wi-Fi client status and statistics Wi-Fi configuration The TX54 device has one or two Wi-Fi radios, depending on the model type. You can configure the Wi-Fi radios for either Wi-Fi access point mode or Wi-Fi client mode. By default, the TX54 radios are configured to use access point mode.

  • Page 159: Default Wi-Fi Configuration

    Wi-Fi Wi-Fi configuration Default Wi-Fi configuration The default Wi-Fi configuration of the TX54 device is: Radios: Wi-Fi radio (single-Wi-Fi models) Wi-Fi1 radio (dual-Wi-Fi Wi-Fi2 radio (dual-Wi-Fi models) models only) : Enabled or disabled Enabled Enabled Frequency band 2.4 GHz 5 GHz Access point mode 802.11b/g/n...

  • Page 160: Configure The Wi-Fi Module Channel

    For the 5.0 GHz band, only non-Dynamic Frequency Selection (DFS) channels are supported.    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 161    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 162: Configure The Wi-Fi Module Band And Protocol

    For Wi-Fi radios that support both 2.4 GHz and 5 GHz modes, you can configure the band. . On TX54 models with only one Wi-Fi radio, the default protocol and band for the one radio is the 5 GHz ac.
  • Page 163    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 164: Configure A Wi-Fi Access Point With No Security

    This procedure configures a Wi-Fi access point that does not require a password for client connections, and uses no security or encryption. By default, the TX54 device comes with either one or two preconfigured access points: Single-Wi-Fi models: Digi AP (Wi-Fi).
  • Page 165 Wi-Fi Configure a Wi-Fi access point with no security Additional configuration items Determine whether to broadcast the access point's SSID. The amount of time to wait before changing the group key. TX54 User Guide...
  • Page 166 To configure a Wi-Fi access point with no security:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 167   Command line Configure a new Access point 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 168 (config network wireless ap new_AP)> encryption group_rekey 600s (config network wireless ap new_AP)> Increasing the time between rekeys can improve connectivity issues in noisy environments. To disable group rekeys, set to 0. This will allow any client that has previously connected see all TX54 User Guide...
  • Page 169 Type quit to disconnect from the device. Edit an existing Access point 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu.
  • Page 170 Configure a bridge for more information. The access point must be assigned to an active LAN, or a bridge that is assigned to an active LAN. 6. Save the configuration and apply the change: (config)> save Configuration saved. > TX54 User Guide...

  • Page 171: Configure A Wi-Fi Access Point With Personal Security

    The WPA and WPA2 personal security modes allow a Wi-Fi access point to authenticate clients by using a preshared key that the client enters when connecting to the access point. By default, the TX54 device comes with either one or two preconfigured access points: Single-Wi-Fi models: Digi AP (Wi-Fi).
  • Page 172 9. For Encryption, select WPA Personal (PSK) or WPA2 Personal (PSK). 10. For Pre-shared key, enter the password that clients will use when connecting to the access point. 11. (Optional) For Group rekey interval, type the amount of time to wait before changing the group key. TX54 User Guide...
  • Page 173   Command line Configure a new Access point 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 174 5. Assign the Wi-Fi access point to a LAN interface or to a bridge. See Configure a LAN Configure a bridge for more information. The access point must be assigned to an active LAN, or a bridge that is assigned to an active LAN. TX54 User Guide...
  • Page 175 Type quit to disconnect from the device. Edit an existing Access point 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu.
  • Page 176 6. Save the configuration and apply the change: (config)> save Configuration saved. > 7. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 177: Configure A Wi-Fi Access Point With Enterprise Security

    Using enterprise security modes allows each client to have different usernames and passwords configured in the RADIUS server, rather than using preshared key on the TX54 device. By default, the TX54 device comes with either one or two preconfigured access points: Single-Wi-Fi models: Digi AP (Wi-Fi).
  • Page 178 10. For RADIUS IP/hostname, type the IP address or hostname of the RADIUS server. 11. (Optional) Change the RADIUS port. The default port is 1812. 12. For RADIUS secret key, type the secret key as configured on the RADIUS server. TX54 User Guide...
  • Page 179 15. Click Apply to save the configuration and apply the change. The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it. TX54 User Guide...
  • Page 180   Command line Configure a new Access point 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 181 Type quit to disconnect from the device. Edit an existing Access point 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu.
  • Page 182 (config)> network wifi ap digi_ap1 encryption port_wpa2 port (config)> 10. (Optional) Change the Wi-Fi radio for the access point (dual-Wi-Fi models only): a. Show available radios: (config)> network wifi radio ? Additional Configuration ----------------------------------------------------------------------- -------- wifi1 Wi-Fi1 radio wifi2 Wi-Fi2 radio TX54 User Guide...
  • Page 183 6. Save the configuration and apply the change: (config)> save Configuration saved. > 7. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 184: Show Wi-Fi Access Point Status And Statistics

    To show the status and statistics for Wi-Fi access points, use the show wifi command. 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 185: Configure A Wi-Fi Client And Add Client Networks

    Additional access points that client will attempt to use. If connection to one access point fails, the device will attempt to connect to the next access point in the list. To configure a Wi-Fi client:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. TX54 User Guide...
  • Page 186 Encryption, for Pre-shared key, enter the password that the client will use to connect to the access point. If WPA2 Enterprise is selected as the type of Encryption, enter the Username and Password that the client will use to connect to the access point. TX54 User Guide...
  • Page 187 Scan threshold. f. Click to expand Scan frequencies list. The TX54 device has three preconfigured channels that will be scanned for available access points: Channel 1 (2412 MHz)
  • Page 188    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 189 Background scanning allows the device to scan for nearby access points and to move between access points that have the same SSID that is configured for the client connection, based on the signal strength of the access points. TX54 User Guide...
  • Page 190 (config network wifi client new_client)> where value is any integer greater than 0. The default is 1. e. Configure the frequencies that will be scanned for available access points. The TX54 device has three preconfigured frequencies: 2412 MHz 2437 MHz...
  • Page 191 2462 Current value: 2437 ii. Add the appropriate frequency. For example, to add the 2457 frequency to the end of the list: (config network wifi client new_client)> add background_scanning scan_freq end 2457 (config network wifi client new_client)> TX54 User Guide...

  • Page 192: Show Wi-Fi Client Status And Statistics

    To show the status and statistics for Wi-Fi client, use the show wifi command. 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 193 Show Wi-Fi client status and statistics command. 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 194: Hotspot

    Hotspot Your TX54 device offers the ability to create a publicly available hotspot, which allows you to provide internet access to users while restricting their ability to access other functionality on the TX54 device, as well as applying bandwidth limits, authenticating users, and other features. The TX54 device's implementation of hotspot uses a "captive portal"...

  • Page 195: Hotspot Authentication Modes

    Local shared password: Requires each user to enter a password. This password is validated locally on the TX54 device, and the password is the same for all users. The sample HTML page included with your TX54 device for local shared password authentication is password.html.

  • Page 196: Hotspot Dhcp Server

    Hotspot DHCP server Hotspot DHCP server When the hotspot is enabled on the TX54 device, it automatically enables a DHCP server. During hotspot configuration, you assign an IPv4 address to the hotspot, and the DHCP server then uses the subnet of the hotspot's IP address, along with the hotspot's subnet mask, to assign IPv4 addresses to clients that connect to the hotspot.

  • Page 197: Hotspot Configuration

    Hotspot configuration This section provides information about enabling and configuring the default hotspot that is provided with your TX54 installation, as well as creating a new hotspot and configuring the type of authentication mode you select for your hotspot. This section contains the following topics:...

  • Page 198: Enable Hotspot Using The Default Configuration

    Hotspot Hotspot configuration Enable hotspot using the default configuration The default configuration of the TX54 device's hotspot is: Default configuration Hotspot Name: hotspot Disabled Authentication mode: Click-through IP address: 10.1.0.1/24 DHCP server: Automatically enabled DHCP server lease range: 100-250 Bandwidth limits:...
  • Page 199 Configure the hotspot to use HotspotSystem authentication. Change the default hotspot IP address and subnet. Modify the sample local HTML page that the TX54 device uses by default for click-through authentication. See Edit sample hotspot HTML pages for information. ...
  • Page 200 Hotspot Hotspot configuration 4. Enable the hotspot access points: a. Click Network > Wi-Fi > Access points > Digi Hotspot AP (Wi-Fi) (single-Wi-Fi models) or Digi Hotspot AP (Wi-Fi1) (dual-Wi-Fi models). b. Click Enable. c. (Dual Wi-Fi models only) Click Digi Hotspot AP (Wi-Fi2).
  • Page 201 Hotspot Hotspot configuration TX54 User Guide...
  • Page 202 Hotspot configuration    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 203: Change The Default Hotspot Ssid

    2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Network > Wi-Fi > Access points > Digi Hotspot AP (Wi-Fi) (single-Wi-Fi models) or Digi Hotspot AP (Wi-Fi1) (dual-Wi-Fi models). 4. Change the default SSID, Digi Hotspot, to your preferred value.
  • Page 204    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 205: Change The Default Hotspot Ip Address And Subnet

    To change the default hotspot IP address and subnet:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 206 7. Click Apply to save the configuration and apply the change. The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it. TX54 User Guide...
  • Page 207 Hotspot configuration    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 208: Change The Default Hotspot Bandwidth Limits

    To change the default hotspot IP address and subnet:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 209    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 210: Add An Ethernet Port To The Default Hotspot

    To add an Ethernet port to the default hotspot:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 211 6. Click Apply to save the configuration and apply the change. The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it.    Command line TX54 User Guide...
  • Page 212 Hotspot Hotspot configuration 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI. 2. At the command line, type config to enter configuration mode: >...

  • Page 213: Create A New Hotspot

    Domains that clients connected to the hotspot can access prior to the client being authenticated. Subnets that clients connected to the hotspot can access prior to the client being authenticated. Maximum download speed, in Kbps. Maximum upload speed, in Kbps. Enable verbose logging. To create a new hotspot:    WebUI TX54 User Guide...
  • Page 214 Hotspot Hotspot configuration 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. (Optional) Create new access points for the hotspot.
  • Page 215 Click-through: Requires each user to accept the terms and conditions. Local shared password: Requires each user to enter a password. This password is validated locally on the TX54 device, and the password is the same for all users. TX54 User Guide...
  • Page 216 HotspotSystem authentication. 11. For Login page source, select either: Local: Uses an HTML page for authentication that is stored locally on the TX54 device's filesystem, in the /etc/config/hotspot directory. Note that the hotspot directory is not visible until hotspot has been enabled for the first time.
  • Page 217 Repeat to add additional subnets. 17. (Optional) For Maximum download speed, type the maximum download speed in kilobytes per second (Kbps). 18. (Optional) For Maximum upload speed, type the maximum upload speed in kilobytes per second (Kbps). TX54 User Guide...
  • Page 218    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 219 Hotspot bridges must also be part of an interface with a configured IP address. a. Create a bridge: (config)> add network bridge new_hotspot_bridge (config network bridge new_hotspot_bridge)> b. Add devices to the bridge: i. Determine available devices: TX54 User Guide...
  • Page 220 /network/wireless/ap/digi_hotspot_ap1 /network/wireless/ap/digi_hotspot_ap2 Default value: /network/bridge/lan1 Current value: /network/bridge/lan1 (config network bridge new_hotspot_bridge)> ii. Add the appropriate device. For example, to add the Digi AP (Wi-Fi) Wi-Fi access point: (config network bridge new_hotspot_bridge)> add device end /network/wireless/ap/digi_ap1 (config)> c. Type ... to return to the config prompt: (config network bridge new_hotspot_bridge)>...
  • Page 221 (config network bridge new_hotspot_bridge)> ..interface lan1 device Device: The network device used by this network interface. Format: /network/device/eth1 /network/device/eth2 /network/device/eth3 /network/device/eth4 /network/device/loopback /network/bridge/hotspot_bridge /network/bridge/lan1 /network/wireless/ap/digi_ap1 /network/wireless/ap/digi_ap2 /network/wireless/ap/digi_hotspot_ap1 /network/wireless/ap/digi_hotspot_ap2 Default value: /network/bridge/lan1 Current value: /network/bridge/lan1 (config network bridge new_hotspot_bridge)> TX54 User Guide...
  • Page 222 Hotspot Hotspot configuration b. Add the appropriate device. For example, to add the Digi AP (Wi-Fi) Wi-Fi access point: (config network bridge new_hotspot_bridge)> add device end /network/wireless/ap/digi_ap1 (config)> 7. Set an access point, and Ethernet port, or a bridge for the hotspot's device: a.
  • Page 223 (config network hotspot new_hotspot)> where value is either: local: Uses an HTML page for authentication that is stored locally on the TX54 device's filesystem, in the /etc/config/hotspot directory. Note that the hotspot directory is not visible until hotspot has been enabled for the first time.
  • Page 224 IP address, and is combined with the subnet of the hotspot's static IP address. (config network hotspot new_hotspot)> ipv4 address dhcp_server lease_end value (config network hotspot new_hotspot)> where value is any integer between 1 and 254. The default is 250. TX54 User Guide...
  • Page 225 19. Save the configuration and apply the change: (config)> save Configuration saved. > 20. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 226: Configure The Hotspot To Use Local Shared Password Authentication

    Local shared password authentication requires each user to enter a password. This password is validated locally on the TX54 device, and the password is the same for all users. By default, the router redirects unauthenticated users to the HTML authentication page located on the router at etc/config/hotspot/password.html.

  • Page 227: Configure The Hotspot To Use Radius Shared Password Authentication

       Configure hotspot for local shared password authentication from the Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu.
  • Page 228    Configure hotspot for RADIUS shared password authentication from the WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 229 For Domain, type the hostname of the allowed domain. d. Repeat to add additional domains. To add subnets that can be accessed by the client prior to authentication: a. Click to expand Allowed subnets. b. Click  to add a subnet. TX54 User Guide...
  • Page 230    Configure hotspot for RADIUS shared password authentication from the Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu.
  • Page 231 (config network hotspot new_hotspot)> where value is an IPv4 address and optional subnet mask, using the format IPv4_address [/netmask], or the keyword any. Repeat to add additional IP addresses or subnets. 7. Save the configuration and apply the change: TX54 User Guide...

  • Page 232: Configure The Hotspot To Use Radius Users Authentication

    See Customize the hotspot login page for further information. Hotspot LAN configuration:    Configure hotspot for RADIUS users authentication from the WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. TX54 User Guide...
  • Page 233 Include the domain or subnet of the RADIUS server(s) that are being used for authentication. To add domains that can be accessed by the client prior to authentication: a. Click to expand Allowed domains. b. Click  to add a domain. TX54 User Guide...
  • Page 234    Configure hotspot for RADIUS users authentication from the Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 235 Add IP addresses and subnets that can be accessed by the client prior to authentication: (config network hotspot new_hotspot)> add walled_garden subnets end value (config network hotspot new_hotspot)> where value is an IPv4 address and optional subnet mask, using the format IPv4_address [/netmask], or the keyword any. TX54 User Guide...

  • Page 236: Configure The Hotspot To Use Hotspotsystem Authentication

    Type quit to disconnect from the device. Configure the hotspot to use HotspotSystem authentication You can configure TX54 hotspot to use HotspotSystem, a cloud hotspot service that supports various free and paid authentication methods, including social media account, SMS, voucher, and PayPal.
  • Page 237    Configure hotspot for HotspotSystem authentication from the WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 238    Configure hotspot for HotspotSystem authentication from the Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 239: Show Hotspot Status And Statistics

    Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. Show hotspot status and statistics    WebUI 1. Log into the TX54 WebUI as a user with Admin access. 2. On the main menu, click Status TX54 User Guide...
  • Page 240 Hotspot Show hotspot status and statistics 3. Under Networking, click Hotspot. The Hotspot status page is displayed. TX54 User Guide...
  • Page 241 Show hotspot status and statistics    Command line 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 242: Customize The Hotspot Login Page

    Customize the hotspot login page Customize the hotspot login page The TX54 device provides three sample HTML webpages for use with the hotspot feature. When hotspot is enabled for the first time, the sample webpages are installed to the /etc/config/hotspot folder on the device's filesystem.

  • Page 243: Edit Sample Hotspot Html Pages

       WebUI 1. Download the sample HTML file: a. Log into the TX54 WebUI as a user with Admin access. b. On the menu, click System. Under Administration, click File System. The File System page appears. c. Highlight the hotspot directory and click  to open the directory.

  • Page 244: Upload Custom Hotspot Html Pages

    Supported file extensions include: .html, .gif, .js, .jpg, .mp4, .ogv, .png, .swf, .json, and .dat. You can configure the TX54 device to use your custom HTML page using either the WebUI or the command line: ...
  • Page 245 Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI. 2. Use the command to upload the edited file from your local machine the the TX54 device. For example: > scp host 192.168.4.1 user admin remote /home/admin/temp/ local /etc/config/hotspot/custom.html to local...

  • Page 246: Restore Hotspot Default Sample Pages

    The hotspot directory and files are loaded when the hotspot is enabled, and you can restore the default pages by doing the following: 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu.

  • Page 247: Hotspot Radius Attributes

    Also, if the RADIUS server requests it, the hotspot will send accounting information back to the RADIUS server. For example, here are some of the RADIUS attributes that the hotspot sends: Acct-Input-Octets Acct-Output-Octets Acct-Session-Time Acct-Input-Packets Acct-Output-Packets Acct-Input-Gigawords Acct-Output-Gigawords TX54 User Guide...

  • Page 248: Routing

    Routing This chapter contains the following topics: IP routing Show the routing table Dynamic DNS Virtual Router Redundancy Protocol (VRRP) TX54 User Guide...

  • Page 249: Ip Routing

    IP routing IP routing The TX54 device uses IP routes to decide where to send a packet it receives for a remote network. The process for deciding on a route to send the packet is as follows: 1. The device examines the destination IP address in the IP packet, and looks through the IP routing table to find a match for it.

  • Page 250: Configure A Static Route

    To configure a static route:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Network > Routes > Static routes.
  • Page 251 7. For Interface, select the interface on the TX54 device that will be used with this static route. 8. (Optional) For Gateway, type the IPv4 address of the gateway used to reach the destination.
  • Page 252 The any keyword can also be used to route packets to any destination with this static route. 6. Set the interface on the TX54 device that will be used with this static route: a. Use the ? to determine available interfaces: (config network route static 0)>...

  • Page 253: Delete A Static Route

    Type quit to disconnect from the device. Delete a static route    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. TX54 User Guide...
  • Page 254    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 255: Policy-Based Routing

    However, you can use policy-based routing to forward the packet based on other criteria, such as the source of the packet. For example, you can configure the TX54 device so that high-priority traffic is routed through the cellular connection, while all other traffic is routed through an Ethernet (WAN) connection.

  • Page 256: Configure A Routing Policy

    To configure a routing policy:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Network > Routes > Policy-based routing.
  • Page 257 5. (Optional) For Label, type a label that will be used to identify this route policy. 6. For Interface, select the interface on the TX54 device that will be used with this route policy. 7. (Optional) Enable Exclusive to configure the policy to drop packets that match the policy when the gateway interface is disconnected, rather than forwarded through other interfaces.
  • Page 258    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 259 Routing IP routing 5. Set the interface on the TX54 device that will be used with this route policy: a. Use the ? to determine available interfaces: (config network route policy 0)> interface ? Interface: The network interface used to reach the destination. Packets that satisfy the matching criteria will be routed through this interface.
  • Page 260 Matches the source IP address to the selected firewall zone. Set the zone: a. Use the ? to determine available zones: (config network route policy 0)> src zone ? Zone: Match the IP address to the specified firewall zone. Format: dynamic_routes edge external hotspot internal TX54 User Guide...
  • Page 261 (config network route policy 0)> where value uses the format IPv4_address[/netmask], or any to match any IPv4 address. address6: Matches the source IPv6 address to the specified IP address or network. Set the address that will be matched: TX54 User Guide...
  • Page 262 Matches the destination IP address to the selected interface's network address. Set the interface: a. Use the ? to determine available interfaces: (config network route policy 0)> dst interface ? TX54 User Guide...
  • Page 263 11. Save the configuration and apply the change: (config)> save Configuration saved. > 12. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 264: Example: Dual Wan Policy-Based Routing

    Ethernet WAN interface.    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Network > Routes > Policy-based routing.
  • Page 265    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 266 Set the interface: (config network route policy 0)> interface /network/interface/wwan1 (config network route policy 0)> Note On certain single-cellular TX54 devices, the cellular WAN interface may be named /network/interface/wwan. d. Configure the source address: i. Set the source type to zone: (config network route policy 0)>...

  • Page 267: Example: Route Traffic To A Specific Wan Interface Based On The Client Mac Address

    MAC address, while all other client devices are routed through the Ethernet WAN.    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 268 4. Configure the WAN interfaces to use the new zones: a. Configure the cellular WAN interface: i. Click Network > Interfaces > WWAN1. Note On certain single-cellular TX54 devices, the cellular WAN interface may be named WWAN. ii. For Zone, select CellularWAN. b. Configure the Ethernet WAN interface: i.
  • Page 269 7. Click Apply to save the configuration and apply the change. The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it. TX54 User Guide...
  • Page 270 IP routing    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 271 Set the zone: (config)> network interface wwan1 zone CellularWAN (config)> Note On certain single-cellular TX54 devices, the cellular WAN interface may be named wwan. b. Set the zone for the Ethernet WAN interface: (config)> network interface wan1 zone EthernetWAN (config)>...

  • Page 272: Routing Services

    Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. Routing services Your TX54 includes support for dynamic routing services and protocols. The following routing services are supported: TX54 User Guide...

  • Page 273: Configure Routing Services

    Enable and configure the types of routing services that will be used.    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 274    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 275 Current Value ----------------------------------------------------------------------- -------- ecmp false Allow ECMP enable true Enable Additional Configuration ----------------------------------------------------------------------- -------- interface Interfaces neighbour Neighbours redis Route redistribution timer Timers (config)> 5. Save the configuration and apply the change: (config)> save Configuration saved. > TX54 User Guide...

  • Page 276: Show The Routing Table

    To display the routing table:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Status > Routes.
  • Page 277 3. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 278: Dynamic Dns

    WAN or public IP address changes. Your TX54 device supports a number of Dynamic DNS providers as well as the ability to provide a custom provider that is not included on the list of providers.
  • Page 279 8. Type the Domain name that is linked to the interface's IP address. 9. Type the Username and Password used to authenticate with the Dynamic DNS provider. 10. (Optional) For Check Interval, type the amount of time to wait to check if the interface's IP address needs to be updated. TX54 User Guide...
  • Page 280    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 281 Set the service: (config network ddns new_ddns_instance)> service service_name (config network ddns new_ddns_instance)> 6. If custom is configured for service, set the custom URL that should be used to update the IP address with the Dynamic DNS provider: TX54 User Guide...
  • Page 282 (config network ddns new_ddns_instance)> The default is 3d. 12. (Optional) Set the amount of time to wait for an IP address update to succeed before retrying the update: (config network ddns new_ddns_instance)> retry_interval value (config network ddns new_ddns_instance)> TX54 User Guide...

  • Page 283: Virtual Router Redundancy Protocol (Vrrp)

    Multiple TX54 devices can be configured as VRRP devices and assigned a priority. The router with the highest priority will be used as the master router. If the master router fails, then the IP address of the virtual router is mapped to the backup device with the next highest priority.
  • Page 284    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Network > VRRP.
  • Page 285    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 286 IP address of the VRRP pool, then the priority of this device should be set to 255 . Allowed values are from 1 and 255, and it is configured to 100 by default. TX54 User Guide...

  • Page 287: Show Vrrp Status And Statistics

    Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. Show VRRP status and statistics This section describes how to display VRRP status and statistics for a TX54 device. VRRP status is available from the Web UI only. ...
  • Page 288 Routing Virtual Router Redundancy Protocol (VRRP) 3. Click Status > VRRP. The Virtual Router Redundancy Protocol window is displayed. TX54 User Guide...
  • Page 289 Virtual Private Networks (VPNs) are used to securely connect two private networks together so that devices can connect from one network to the other using secure channels. This chapter contains the following topics: IPsec OpenVPN Generic Routing Encapsulation (GRE) TX54 User Guide...

  • Page 290: Ipsec

    Aggressive mode Aggressive mode is faster than main mode, but is not as secure as main mode, because the device and its peer exchange their IDs and hash information in clear text instead of being encrypted. TX54 User Guide...

  • Page 291: Authentication

    XAUTH client. RSA Signatures With RSA signatures authentication, the TX54 device uses a private RSA key to authenticate with a remote peer that is using a corresponding public key. Certificate-based Authentication X.509 certificate-based authentication makes use of private keys on both the server and client which...
  • Page 292 The lifetime of the IPsec tunnel before it is renegotiated. The amount of time before the IKE phase 1 lifetime expires. The amount of time before the IKE phase 2 lifetime expires The lifetime margin, a randomizing amount of time before the IPsec tunnel is renegotiated. TX54 User Guide...
  • Page 293 Virtual Private Networks (VPN) IPsec    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click VPN > IPsec.
  • Page 294 Transport: Only the payload of the IP packet is encrypted and/or authenticated. The IP header is unencrypted. 12. Select the Protocol, either: ESP (Encapsulating Security Payload): Provides encryption as well as authentication and integrity. AH (Authentication Header): Provides authentication and integrity only. TX54 User Guide...
  • Page 295 SCEP certificates: Uses Simple Certificate Enrollment Protocol (SCEP) to download a private key, certificates, and an optional Certificate Revocation List (CRL) to the TX54 device from a SCEP server. You must create the SCEP client prior to configuring the IPsec tunnel. See...
  • Page 296 Auto: The ID will be automatically determined from the value of the tunnels endpoints. Raw: Enter an ID and have it passed unmodified to the underlying IPsec stack. For Raw ID value, type the ID that will be passed. Any: Any ID will be accepted. TX54 User Guide...
  • Page 297 For Address, select the appropriate interface. Custom network: A user-defined network. For Custom network, enter the IPv4 address and optional netmask. The keyword any can also be used. Request a network: Requests a network from the remote peer. TX54 User Guide...
  • Page 298 Click to expand Phase 1 Proposals. i. Click  to create a new phase 1 proposal. ii. For Cipher, select the type of encryption. iii. For Hash, select the type of hash to use to verify communication integrity. TX54 User Guide...
  • Page 299 24. Click Apply to save the configuration and apply the change. The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it. TX54 User Guide...
  • Page 300 IPsec    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 301 (config vpn ipsec tunnel ipsec_example)> type protocol (config vpn ipsec tunnel ipsec_example)> where protocol is either: esp (Encapsulating Security Payload): Provides encryption as well as authentication and integrity. ah (Authentication Header): Provides authentication and integrity only. The default is esp. TX54 User Guide...
  • Page 302 Set the private key passphrase that is used to decrypt the private key. Leave blank if the private key is not encrypted. (config vpn ipsec tunnel ipsec_example)> auth private_key_ passphrase passphrase (config vpn ipsec tunnel ipsec_example)> TX54 User Guide...
  • Page 303 MODECFG client functionality configures the device to receive configuration information, such as the private IP address, from the remote peer. a. Enable MODECFG client functionality: (config vpn ipsec tunnel ipsec_example)> modecfg_client enable true (config vpn ipsec tunnel ipsec_example)> TX54 User Guide...
  • Page 304 Set the ID in internet email address format: (config vpn ipsec tunnel ipsec_example)> local id rfc822_id id (config vpn ipsec tunnel ipsec_example)> fqdn: The ID will be interpreted as FQDN (Fully Qualified Domain Name) and sent as an ID_FQDN IKE identity. TX54 User Guide...
  • Page 305 The ID will be interpreted as an IPv6 address and sent as an ID_IPV6_ADDR IKE identity. Set an IPv6 formatted ID. This can be a fully-qualified domain name or an IPv6 address. (config vpn ipsec tunnel ipsec_example)> remote id ipv6_id id (config vpn ipsec tunnel ipsec_example)> TX54 User Guide...
  • Page 306 (config vpn ipsec tunnel ipsec_example)> e. Set the amount of time that the IKE security association expires after a successful negotiation and must be re-authenticated: (config vpn ipsec tunnel ipsec_example)> ike phase1_lifetime value (config vpn ipsec tunnel ipsec_example)> TX54 User Guide...
  • Page 307 Set the type of encryption to use during phase 1: (config vpn ipsec tunnel ipsec_example ike phase1_proposal 0)> cipher value (config vpn ipsec tunnel ipsec_example ike phase1_proposal 0)> where value is one of 3des, aes128, aes192, aes256, or null. The default is 3des. TX54 User Guide...
  • Page 308 Set the type of encryption to use during phase 2: (config vpn ipsec tunnel ipsec_example ike phase2_proposal 0)> cipher value (config vpn ipsec tunnel ipsec_example ike phase2_proposal 0)> where value is one of 3des, aes128, aes192, aes256, or null. The default is 3des. TX54 User Guide...
  • Page 309 (config)> c. Set the number of seconds between transmissions of dead peer packets. Dead peer packets are only sent when the tunnel is idle. The default is 60. (config)> vpn ipsec tunnel ipsec_example dpd delay value (config)> TX54 User Guide...
  • Page 310 (config vpn ipsec tunnel ipsec_example policy 0)> local address ? Address: The local network interface to use the address of. This field must be set when 'Type' is set to 'Address'. Format: defaultip defaultlinklocal lan1 lan_hotspot loopback TX54 User Guide...
  • Page 311 Set the custom network: (config vpn ipsec tunnel ipsec_example policy 0)> local custom value (config vpn ipsec tunnel ipsec_example policy 0)> where value is the IPv4 address and optional netmask. The keyword any can also be used. TX54 User Guide...
  • Page 312 20. Save the configuration and apply the change: (config)> save Configuration saved. > 21. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 313: Configure Ipsec Failover

    IPsec Configure IPsec failover You can configure the TX54 device to fail over from a primary IPsec tunnel to a backup tunnel. During configuration of the backup IPsec tunnel, identify the primary IPsec tunnel in the Preferred tunnel parameter. The Preferred tunnel parameter instructs the backup IPsec tunnel to start only when the preferred tunnel has been determined to have failed.

  • Page 314: Configure Surelink Active Recovery For Ipsec

    Type quit to disconnect from the device. Configure SureLink active recovery for IPsec You can configure the TX54 device to regularly probe IPsec client connections to determine if the connection has failed and take remedial action. You can also configure the IPsec tunnel to fail over to a backup tunnel. See Configure IPsec failover further information.
  • Page 315 To configure the TX54 device to regularly probe the IPsec connection:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 316 IP address specified in Ping host. You can also optionally change the number of bytes in the Ping payload size. DNS test or DNS test (IPv6): Tests connectivity by sending a DNS query to the specified DNS server. TX54 User Guide...
  • Page 317    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 318 (config vpn ipsec tunnel ipsec_example)> connection_monitor attempts num (config vpn ipsec tunnel ipsec_example)> The default is 3. 10. Set the amount of time that the device should wait for a response to a probe attempt before considering it to have failed: TX54 User Guide...
  • Page 319 (IPv4) or dns6 (IPv6): Tests connectivity by sending a DNS query to the specified DNS server. Specify the DNS server. Allowed value is the IP address of the DNS server. (config vpn ipsec tunnel ipsec_example connection_monitor target 0)> dns_server ip_address (config vpn ipsec tunnel ipsec_example connection_monitor target 0)> TX54 User Guide...
  • Page 320 For example, to set interface_timeout to ten minutes, enter either 10m or 600s: (config network interface my_wan ipv4 connection_monitor target 0)> interface_timeout 600s TX54 User Guide...

  • Page 321: Show Ipsec Status And Statistics

       Command line 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 322: Configure A Simple Certificate Enrollment Protocol Client

    Simple Certificate Enrollment Protocol (SCEP) is a mechanism that allows for large-scale X.509 certificate deployment. You can configure TX54 device to function as a SCEP client that will connect to a SCEP server that is used to sign Certificate Signing Requests (CSRs), provide Certificate Revocation Lists (CRLs), and distribute valid certificates from a Certificate Authority (CA).
  • Page 323 6. For Renewable Time, type the number of days that the certificate enrollment can be renewed, prior to the request expiring. This value is configured on the SCEP server, and is used by the TX54 device to determine when to start attempting to auto-renew an existing certificate. The default is 7.
  • Page 324    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 325 (config network scep_client scep_client_name)> e. Set the Organization: (config network scep_client scep_client_name)> distinguished_name o value (config network scep_client scep_client_name)> f. Set the Organizational Unit: (config network scep_client scep_client_name)> distinguished_name ou value (config network scep_client scep_client_name)> g. Set the Common Name: TX54 User Guide...

  • Page 326: Example: Scep Client Configuration With Fortinet Scep Server

    Type quit to disconnect from the device. Example: SCEP client configuration with Fortinet SCEP server In this example configuration, we will configure the TX54 device as a SCEP client that will connect to a Fortinet SCEP server. Fortinet configuration On the Fortinet server: 1.
  • Page 327 For Default enrollment password, enter a password. The password entered here must correspond to the challenge password configured for the SCEP client on the TX54 device. d. The remaining fields can be left at their defaults or changed as appropriate.
  • Page 328 8. Click to expand SCEP server. 9. For FQDN, type the fully qualified domain name or IP address of the Fortinet server. 10. For Password, type the challenge password. This corresponds to the Default enrollment password on the Fortinet server. TX54 User Guide...
  • Page 329 13. Click Apply to save the configuration and apply the change. The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it. TX54 User Guide...
  • Page 330 IPsec    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 331 (config network scep_client Fortinet_SCEP_client)> 9. (Optional) Set the filename of the Certificate Revocation List (CRL) from the CA. The CRL is stored on the TX54 device in the /etc/config/scep_client/client_name directory. (config network scep_client Fortinet_SCEP_client)> crl_name name (config network scep_client Fortinet_SCEP_client)>...

  • Page 332: Openvpn

    OpenVPN clients. OpenVPN clients use Network Address Translation (NAT) to route traffic from devices connected on its LAN interfaces to the OpenVPN server. The manner in which the IP subnets are defined depends on the OpenVPN topology in use. The TX54 device supports two types of OpenVPN topology:...

  • Page 333: Configure An Openvpn Server

    The range of IP addresses that the OpenVPN server will provide to clients. The TCP/UDP port to use. By default, the TX54 device uses port 1194. Access control list configuration to restrict access to the OpenVPN server through the firewall.
  • Page 334 OpenVPN    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click VPN > OpenVPN > Servers.
  • Page 335 If not enabled, certificates must be created externally and added to the server. 12. If Server managed certificates is not enabled: a. Select the Authentication type: Certificate only: Uses only certificates for client authentication. Each client requires a public and private key. TX54 User Guide...
  • Page 336 No limit to IPv6 addresses that can access the service-type. d. Click  again to list additional IP addresses or networks. To limit access to hosts connected through a specified interface on the TX54 device: a. Click Interfaces. b. For Add Interface, click .
  • Page 337    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 338 1 and 255. The number entered here will represent the first client IP address. For example, if address is set to 192.168.1.1/24 and server_first_ip is set to 80, the first client IP address will be 192.168.1.80. The default is from 80. TX54 User Guide...
  • Page 339 Authentication Group and User for instructions. ii. Paste the contents of the CA certificate (usually in a ca.crt file) into the value of the cacert parameter: (config vpn openvpn server name)> cacert value (config vpn openvpn server name)> TX54 User Guide...
  • Page 340 No limit to IPv6 addresses that can access the service-type. Repeat this step to list additional IP addresses or networks. To limit access to hosts connected through a specified interface on the TX54 device: (config vpn openvpn server name)> add acl interface end value (config vpn openvpn server name)>...
  • Page 341 --------------------------------------------------------- ---------------------- dynamic_routes edge external hotspot internal ipsec loopback setup (config vpn openvpn server name)> Repeat this step to list additional firewall zones. 12. (Optional) Set additional OpenVPN parameters. a. Enable the use of additional OpenVPN parameters: TX54 User Guide...
  • Page 342 13. Save the configuration and apply the change: (config)> save Configuration saved. > 14. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 343: Configure An Openvpn Authentication Group And User

       WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Add an OpenVPN authentication group: a.
  • Page 344 Type a password for the user. This password is used for local authentication of the user. You can also configure the user to use RADIUS or TACACS+ authentication by configuring authentication methods. See User authentication methods for information. TX54 User Guide...
  • Page 345 5. Click Apply to save the configuration and apply the change. The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it. TX54 User Guide...
  • Page 346 OpenVPN    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 347: Configure An Openvpn Client By Using An .Ovpn File

    OpenVPN active recovery.    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click VPN > OpenVPN > Clients.
  • Page 348    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 349 7. Paste the content of the client.ovpn file into the value of the config_file parameter: (config vpn openvpn client name)> config_file value (config vpn openvpn client name)> 8. Save the configuration and apply the change: (config)> save Configuration saved. > TX54 User Guide...

  • Page 350: Configure An Openvpn Client Without Using An .Ovpn File

    OpenVPN active recovery.    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. TX54 User Guide...
  • Page 351 6. The default behavior is to use an OVPN file for client configuration. To disable this behavior and configure the client manually, click Use .ovpn file to disable. 7. For Device type, select the mode used by the OpenVPN server, either TUN or TAP. 8. For Zone, select the firewall zone for the OpenVPN client. TX54 User Guide...
  • Page 352    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 353 0 and 65535. The default is 0. 8. (Optional) Set the login credentials as configured on the OpenVPN server: (config vpn openvpn client name)> username value (config vpn openvpn client name)> password value (config vpn openvpn client name)> TX54 User Guide...
  • Page 354 (config vpn openvpn client name)> c. Set the additional OpenVPN parameters: (config vpn openvpn client name)> advanced_options extra parameters (config vpn openvpn client name)> 15. Save the configuration and apply the change: (config)> save Configuration saved. > TX54 User Guide...

  • Page 355: Configure Active Recovery For Openvpn

    Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. Configure active recovery for OpenVPN You can configure the TX54 device to regularly probe OpenVPN client connections to determine if the connection has failed and take remedial action. Required configuration items A valid OpenVPN client configuration.
  • Page 356 9. Change the Interval between connectivity tests. Allowed values are any number of weeks, days, hours, minutes, or seconds, and take the format number{w|d|h|m|s}. For example, to set Interval to ten minutes, enter 10m or 600s. TX54 User Guide...
  • Page 357 Test the interface status or Test the interface status IPv6: The interface is considered to be down based on: Down time: The amount of time that the interface can be down before this test is considered to have failed. TX54 User Guide...
  • Page 358    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 359 10. Set the amount of time that the device should wait for a response to a probe attempt before considering it to have failed: (config vpn openvpn client openvpn_client1)> connection_monitor timeout value (config vpn openvpn client openvpn_client1)> where value is any number of weeks, days, hours, minutes, or seconds, and takes the format number{w|d|h|m|s}. TX54 User Guide...
  • Page 360 (IPv4) or dns_configured6 (IPv6): Tests connectivity by sending a DNS query to the DNS servers configured for this interface. http (IPv4) or http6 (IPv6): Tests connectivity by sending an HTTP or HTTPS GET request to the specified URL. TX54 User Guide...
  • Page 361 For example, to set interface_timeout to ten minutes, enter either 10m or 600s: (config network interface my_wwan ipv4 connection_monitor target 0)> interface_timeout 600s (config network interface my_wwan ipv4 connection_monitor target 0)> The default is 60 seconds. TX54 User Guide...

  • Page 362: Show Openvpn Server Status And Statistics

    OpenVPN server's status pane.    Command line 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 363: Show Openvpn Client Status And Statistics

    OpenVPN client's status pane.    Command line 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 364: Generic Routing Encapsulation (Gre)

    Task One: Create a GRE loopback endpoint interface    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 365    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 366 Task Two: Configure the GRE tunnel    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. TX54 User Guide...
  • Page 367    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 368 (config vpn iptunnel gre_example)> where value is an interger between 0 and 4294967295, or an IP address. 7. (Optional) Enable the device to reply to Cisco GRE keepalive packets: (config vpn iptunnel gre_example)> keepalive true (config vpn iptunnel gre_example)> TX54 User Guide...
  • Page 369 (config vpn iptunnel gre_example)> save Configuration saved. > 9. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 370: Show Gre Tunnels

       Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 371: Example: Gre Tunnel Over An Ipsec Tunnel

    Example: GRE tunnel over an IPSec tunnel The TX54 device can be configured as an advertised set of routes through an IPSec tunnel. This allows you to leverage the dynamic route advertisement of GRE tunnels through a secured IPSec tunnel.
  • Page 372 3. Create a GRE tunnel named gre_tunnel2: a. Local endpoint set to the IPsec endpoint interface, Interface: ipsec_endpoint2. b. Remote endpoint set to the IP address of the GRE tunnel on TX54-1, 172.30.0.1. 4. Create an interface named gre_interface2 and add it to the GRE tunnel: a.
  • Page 373    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 374 4. Set the pre-shared key to testkey: (config vpn ipsec tunnel ipsec_gre1)> auth secret testkey (config vpn ipsec tunnel ipsec_gre1)> 5. Set the remote endpoint to public IP address of the TX54-2 device: (config vpn ipsec tunnel ipsec_gre1)> remote hostname 192.168.101.1 (config vpn ipsec tunnel ipsec_gre1)>...
  • Page 375 7. Click Apply to save the configuration and apply the change. The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it. TX54 User Guide...
  • Page 376 Task three: Create a GRE tunnel    WebUI 1. Click VPN > IP Tunnels. 2. For Add IP Tunnel, type gre_tunnel1 and click . 3. For Local endpoint, select the IPsec endpoint interface created in Task two (Interface: ipsec_endpoint1). TX54 User Guide...
  • Page 377 (/network/interface/ipsec_endpoint1): (config vpn iptunnel gre_tunnel1)> local /network/interface/ipsec_endpoint1 (config vpn iptunnel gre_tunnel1)> 4. Set the remote endpoint to the IP address of the GRE tunnel on TX54-2, 172.30.0.2: (config vpn iptunnel gre_tunnel1)> remote 172.30.0.2 (config vpn iptunnel gre_tunnel1)> 5. Save the configuration and apply the change: (config vpn iptunnel gre_tunnel1)>...
  • Page 378 The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it.    Command line 1. At the command line, type config to enter configuration mode: > config (config)> TX54 User Guide...
  • Page 379 Task one: Create an IPsec tunnel    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. TX54 User Guide...
  • Page 380 3. Click VPN > IPsec > Tunnels. 4. For Add IPsec Tunnel, type ipsec_gre2 and click . 5. Click to expand Authentication. 6. For Pre-shared key, type the same pre-shared key that was configured for the TX54-1 (testkey). 7. Click to expand Remote endpoint.
  • Page 381 3. Add an IPsec tunnel named ipsec_gre2: (config)> add vpn ipsec tunnel ipsec_gre2 (config vpn ipsec tunnel ipsec_gre2)> 4. Set the pre-shared key to the same pre-shared key that was configured for the TX54-1 (testkey): (config vpn ipsec tunnel ipsec_gre2)> auth secret testkey (config vpn ipsec tunnel ipsec_gre2)>...
  • Page 382 Task two: Create an IPsec endpoint interface    WebUI 1. Click Network > Interfaces. 2. For Add Interface, type ipsec_endpoint2 and click . 3. For Zone, select Internal. 4. For Device, select Ethernet: loopback. 5. Click to expand IPv4. TX54 User Guide...
  • Page 383 4. Set the device to /network/device/loopback: (config network interface ipsec_endpoint2)> device /network/device/loopback (config network interface ipsec_endpoint2)> 5. Set the IPv4 address to the IP address of the local GRE tunnel, 172.30.0.2/32: (config network interface ipsec_endpoint2)> ipv4 address 172.30.0.2/32 (config network interface ipsec_endpoint2)> TX54 User Guide...
  • Page 384 (Interface: ipsec_endpoint2). 4. For Remote endpoint, type the IP address of the GRE tunnel on TX54-1, 172.30.0.1. 5. Click Apply to save the configuration and apply the change. The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it.
  • Page 385 (/network/interface/ipsec_endpoint2): (config vpn iptunnel gre_tunnel2)> local /network/interface/ipsec_endpoint2 (config vpn iptunnel gre_tunnel2)> 4. Set the remote endpoint to the IP address of the GRE tunnel on TX54-1, 172.30.0.1: (config vpn iptunnel gre_tunnel2)> remote 172.30.0.1 (config vpn iptunnel gre_tunnel2)> 5. Save the configuration and apply the change: (config vpn iptunnel gre_tunnel2)>...
  • Page 386 4. Set the device to the GRE tunnel created in Task three (/vpn/iptunnel/gre_tunnel2): (config network interface gre_interface2)> device /vpn/iptunnel/gre_tunnel2 (config network interface gre_interface2)> 5. Set 172.31.0.1/30 as the virtual IP address on the GRE tunnel: (config network interface gre_interface2)> ipv4 address 172.31.1.1/30 (config network interface gre_interface2)> TX54 User Guide...
  • Page 387 (config network interface gre_interface2)> save Configuration saved. > 7. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...
  • Page 388 Configure DNS Simple Network Management Protocol (SNMP) Location information System time Configure the system time Network Time Protocol Configure the device as an NTP server Configure a multicast route Enable service discovery (mDNS) Use the iPerf service TX54 User Guide...

  • Page 389: Allow Remote Access For Web Administration And Ssh

    Allow remote access for web administration and SSH Allow remote access for web administration and SSH By default, only devices connected to the TX54's LAN have access to the device via web administration and SSH. To enable these services for access from remote devices: The TX54 device must have a publicly reachable IP address.
  • Page 390    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 391 Allow remote access for web administration and SSH    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 392 Services Allow remote access for web administration and SSH the page to locate it. TX54 User Guide...

  • Page 393: Configure The Web Administration Service

    By default, the web administration service is enabled and uses the standard HTTPS port, 443. The default access control for the service uses the Internal firewall zone, which means that only devices connected to the TX54's LAN can access the WebUI. If this configuration is sufficient for your needs, no further configuration is required. See Allow remote access for web administration and SSH information about configuring the web administration service to allow access from remote devices.
  • Page 394    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 395 Configure the service    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Services > Web administration.
  • Page 396 No limit to IPv6 addresses that can access the web administration service. d. Click  again to list additional IP addresses or networks. To limit access to hosts connected through a specified interface on the TX54 device: a. Click Interfaces.
  • Page 397    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 398 Services Configure the web administration service To limit access to hosts connected through a specified interface on the TX54 device: (config)> add service web_admin acl interface end value (config)> Where value is an interface defined on your device. Display a list of available interfaces: Use ...
  • Page 399 Legacy port redirection is used to redirect client HTTP requests to the HTTPS service. Legacy port redirection is enabled by default, and normally these settings should not be changed. To disable legacy port redirection: (config)> service web_admin legacy enable false (config)> TX54 User Guide...
  • Page 400 9. Save the configuration and apply the change: (config)> save Configuration saved. > 10. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 401: Configure Ssh Access

    Services Configure SSH access Configure SSH access The TX54's default configuration has SSH access enabled, and allows SSH access to the device from authorized users within the Internal firewall zone. If this configuration is sufficient for your needs, no further configuration is required. See Allow remote access for web administration and SSH information about configuring the SSH service to allow access from remote devices.
  • Page 402    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 403 No limit to IPv6 addresses that can access the SSH service. d. Click  again to list additional IP addresses or networks. To limit access to hosts connected through a specified interface on the TX54 device: a. Click Interfaces.
  • Page 404    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 405 No limit to IPv6 addresses that can access the SSH service. Repeat this step to list additional IP addresses or networks. To limit access to hosts connected through a specified interface on the TX54 device: (config)> add service ssh acl interface end value (config)>...
  • Page 406 6. (Optional) Set the port number for this service. The default setting of 22 normally should not be changed. (config)> service ssh port 24 (config)> 7. Save the configuration and apply the change: (config)> save Configuration saved. > TX54 User Guide...
  • Page 407 Services Configure SSH access 8. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 408: Use Ssh With Key Authentication

    SSH public key for the user Additional configuration items If you want to access the TX54 device using SSH over a WAN interface, configure the access control list for the SSH service to allow SSH access for the External firewall zone.
  • Page 409 These instructions assume an existing user named temp_user. 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu.
  • Page 410 4. Save the configuration and apply the change: (config)> save Configuration saved. > 5. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 411: Configure Telnet Access

    The telnet service is disabled by default. To enable the service:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 412    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 413 No limit to IPv6 addresses that can access the telnet service. d. Click  again to list additional IP addresses or networks. To limit access to hosts connected through a specified interface on the TX54 device: a. Click Interfaces.
  • Page 414    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 415 Services Configure telnet access To limit access to hosts connected through a specified interface on the TX54 device: (config)> add service telnet acl interface end value (config)> Where value is an interface defined on your device. Display a list of available interfaces: Use ...

  • Page 416: Configure Dns

    Type quit to disconnect from the device. Configure DNS The TX54 device includes a caching DNS server which forwards queries to the DNS servers that are associated with the network interfaces, and caches the results. This server is used within the device, and cannot be disabled.
  • Page 417 To configure the DNS server:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Services > DNS.
  • Page 418 Services Configure DNS To limit access to hosts connected through a specified interface on the TX54 device: a. Click Interfaces. b. For Add Interface, click . c. For Interface, select the appropriate interface from the dropdown. d. Click  again to allow access through additional interfaces.
  • Page 419 Services Configure DNS 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI. 2. At the command line, type config to enter configuration mode: >...
  • Page 420 5. (Optional) Query all servers By default, the device's DNS server queries all available DNS servers. Disabling this option may improve performance on networks with transient DNS results, when one or more DNS servers may have positive results. To disable: TX54 User Guide...
  • Page 421 9. (Optional) Add host names and their IP addresses that the device's DNS server will resolve a. Add a host: (config)> add service dns host end (config service dns host 0)> b. Set the IP address of the host: (config service dns host 0)> address ip-addr (config service dns host 0)> TX54 User Guide...
  • Page 422 10. Save the configuration and apply the change: (config)> save Configuration saved. > 11. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 423: Simple Network Management Protocol (Snmp)

    By default, the TX54 device automatically blocks SNMP packets from being received over WAN and LAN interfaces. As a result, if you want a TX54 device to receive SNMP packets, you must configure the SNMP access control list to allow the device to receive the packets. See...
  • Page 424 No limit to IPv6 addresses that can access the SNMP agent. d. Click  again to list additional IP addresses or networks. To limit access to hosts connected through a specified interface on the TX54 device: a. Click Interfaces.
  • Page 425    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 426 No limit to IPv6 addresses that can access the SNMP service. Repeat this step to list additional IP addresses or networks. To limit access to hosts connected through a specified interface on the TX54 device: (config)> add service snmp acl interface end value (config)>...
  • Page 427 9. (Optional) Set the authentication type. Allowed values are MD5 or SHA. The default is MD5. (config)> service snmp auth_type SHA (config)> 10. (Optional) Set the privacy passphrase. If not set, the password, entered above, is used. (config)> service snmp privacy pwd (config)> TX54 User Guide...

  • Page 428: Download Mibs

    To download a .zip archive of the SNMP MIBs supported by this device:    WebUI 1. Log into the TX54 WebUI as a user with Admin access. 2. Enable SNMP. Configure Simple Network Management Protocol (SNMP) for information about enabling and configuring SNMP support on the TX54 device.

  • Page 429: Location Information

    GNSS receivers are available to be purchased separately from Digi International Inc.. Accept location messages from other location-enabled devices. Forward location messages, either from the TX54 device or from external sources, to a remote host. This section contains the following topics:...

  • Page 430: Configure The Location Server

    You can also optionally configure the UDP listening port for location information.    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 431 Use a dead reckoning external USB GNSS receiver for more information about Enable USB GNSS module. 9. (Optional) For Location update interval, set the amount of time that the TX54 device will wait between updating location information, and sending location information to a destination server.
  • Page 432 No limit to IPv6 addresses that can access the service-type. Repeat this step to list additional IP addresses or networks. To limit access to hosts connected through a specified interface on the TX54 device: (config)> add service location acl interface end value (config)>...
  • Page 433 (config)> ... firewall zone ? Zones: A list of groups of network interfaces that can be referred to by packet filtering rules and access control lists. Additional Configuration --------------------------------------------------------- ---------------------- dynamic_routes edge external hotspot internal ipsec loopback setup (config)> TX54 User Guide...

  • Page 434: Enable Or Disable The Internal Gnss Module

    Location information Repeat this step to list additional firewall zones. 6. (Optional) Set the amount of time that the TX54 device will wait between updating location information, and sending location information to a destination server: (config)> service location interval value (config)>...
  • Page 435    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 436: Use A Dead Reckoning External Usb Gnss Receiver

    The USB GNSS receiver is available for purchase from Digi International Inc.. The ability to use an external USB GNSS receiver is enabled by default. After purchasing the USB GNSS receiver, plug it into a USB port on the TX54, and it will begin providing location information. Note If both the internal GNSS module and the external dead reckoning USB receiver are used...

  • Page 437: Configure The Device To Accept Location Messages From External Sources

    You can configure the TX54 device to accept NMEA or TAIP messages from external sources. For example, location-enabled devices connected to the TX54 device can forward their location information to the device, and then the TX54 device can serve as a central repository for this location information and forward it to a remote host. See Forward location information to a remote host information about configuring the TX54 device to forward location messages.
  • Page 438 Location information Note The location server functionality is enabled by default on the TX54 device. However, because the default configuration of the access control list for the location server only allows connections for the loopback firewall zone, the location server by default can only collect information from the device's local GNSS module.
  • Page 439 To configure the device to accept location messages from external sources:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 440    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 441 No limit to IPv6 addresses that can access the location server UDP port. Repeat this step to list additional IP addresses or networks. To limit access to hosts connected through a specified interface on the TX54 device: (config)> add service location acl interface end value (config)>...
  • Page 442 For example, to set the location update interval to ten minutes, enter either 10m or 600s: (config)> service location interval 600s (config)> 3. Save the configuration and apply the change: (config)> save Configuration saved. > TX54 User Guide...

  • Page 443: Forward Location Information To A Remote Host

    You can configure location clients on the TX54 device that forward location messages in either NMEA or TAIP format to a remote host. Depending on how the TX54 device's location feature is enabled, you can forward the device's location information based on its GNSS module, or location information from an external source, or both: If the location server is enabled, location information from external sources is forwarded.
  • Page 444 4. Location features are enabled by default. If they have been disabled, enable the appropriate features: Click Enable the location server to forward information that the TX54 device receives from external location sources. See Configure the device to accept location messages from external sources for more information.
  • Page 445    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 446 > config (config)> 3. Location features are enabled by default. If they have been disabled, enable the appropriate features: Enable the TX54 device to forward information that it receives from external location sources: (config)> service location enable true (config)> Configure the device to accept location messages from external sources for more information.
  • Page 447 9. (Optional) Set the text to prepend to the forwarded message. Two variables can be included in the prepended text: %s: Includes the TX54 device's serial number in the prepended text. %v: Includes the vehicle ID in the prepended text.
  • Page 448 To add a message type: a. Change to the filter_taip node: (config service location forward 0)> filter_taip (config service location forward 0 filter_taip)> b. Use the add command to add the message type. For example, to add the id message type: TX54 User Guide...
  • Page 449 13. Save the configuration and apply the change: (config)> save Configuration saved. > 14. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 450: Show Location Information

    2. At the Status page, click Location.    Command line 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 451: System Time

    The TX54 device can also be configured to use Network Time Protocol (NTP). In this configuration, the device serves as an NTP server, providing NTP services to downstream devices. See Network Time Protocol for more information about NTP server support.
  • Page 452    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 453 2. At the command line, type config to enter configuration mode: > config (config)> 3. (Optional) Set the timezone for the location of your TX54 device. The default is UTC. (config)> system time timezone value (config)> Where value is the timezone using the format specified with the following command: (config)>...

  • Page 454: Network Time Protocol

    Network Time Protocol (NTP) enables devices connected on local and worldwide networks to synchronize their internal software and hardware clocks to the same time source. The TX54 device can be configured as an NTP server, allowing downstream hosts that are attached to the device's Local Area Networks to synchronize with the device.
  • Page 455 3. Click Services > NTP. 4. Enable the TX54 device's NTP service by clicking Enable. 5. (Optional) Configure the access control list to limit downstream access to the TX54 device's NTP service. To limit access to specified IPv4 addresses and networks: a.
  • Page 456 The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it.    Command line 1. Log into the TX54 command line as a user with full Admin access rights. TX54 User Guide...
  • Page 457 See Configure the system time more information about NTP client configuration. 5. (Optional) Configure the access control list to limit downstream access to the TX54 device's NTP service. To limit access to specified IPv4 addresses and networks: (config)>...
  • Page 458 No limit to IPv6 addresses that can access the NTP server agent. Repeat this step to list additional IP addresses or networks. To limit access to hosts connected through a specified interface on the TX54 device: (config)> add service ntp acl interface end value (config)>...
  • Page 459 By default, the access control list for the NTP service is empty, which means that all downstream hosts connected to the TX54 device can use the NTP service. 6. (Optional) Set the timezone for the location of your TX54 device. The default is UTC. (config)> system time timezone value (config)>...

  • Page 460: Configure A Multicast Route

    7. Type the Source port. Ensure the port is not used by another protocol. 8. Select a Source interface where multicast packets will arrive. 9. Select a Destination interface that the TX54 device will use to send mutlicast packets. 10. Click Apply to save the configuration and apply the change.
  • Page 461 Services Configure a multicast route 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 462 Set the interface. For example: (config service multicast test)> src_interface /network/interface/wan1 (config service multicast test)> 8. Set the destination interface that the TX54 device will use to send mutlicast packets. (config service multicast test)> interface interface (config service multicast test)>...

  • Page 463: Enable Service Discovery (Mdns)

    You can enable the TX54 device to use mDNS.    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 464    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 465 No limit to IPv6 addresses that can access the mDNS service. Repeat this step to list additional IP addresses or networks. To limit access to hosts connected through a specified interface on the TX54 device: (config)> add service mdns acl interface end value (config)>...

  • Page 466: Use The Iperf Service

    Type quit to disconnect from the device. Use the iPerf service Your TX54 device includes an iPerf3 server that you can use to test the performance of your network. IPerf3 is a command-line tool that measures the maximum network throughput an interface can handle.
  • Page 467 Use the iPerf service Additional configuration Items The port that the TX54 device's iPerf server will use to listen for incoming connections. The access control list for the iPerf server. When the iPerf server is enabled, the TX54 device will automatically configure its firewall rules to allow incoming connections on the configured listening port.
  • Page 468 To enable the Iperf3 server:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Services > IPerf.
  • Page 469    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 470 No limit to IPv6 addresses that can access the service-type. Repeat this step to list additional IP addresses or networks. To limit access to hosts connected through a specified interface on the TX54 device: (config)> add service iperf acl interface end value (config)>...

  • Page 471: Example Performance Test Using Iperf3

    Example performance test using Iperf3 On a remote host with Iperf3 installed, enter the following command: $ iperf3 -c device_ip where device_ip is the IP address of the TX54 device. For example: $ iperf3 -c 192.168.2.1 Connecting to host 192.168.2.1, port 5201 4] local 192.168.3.100 port 54934 connected to 192.168.1.1 port 5201...
  • Page 472 - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bandwidth Retr 0.00-10.00 315 MBytes 264 Mbits/sec sender 0.00-10.00 313 MBytes 262 Mbits/sec receiver iperf Done. TX54 User Guide...
  • Page 473 Applications The TX54 supports Python 3.6 and provides you with the ability to run Python applications on the device interactively or from a file. You can also specify Python applications and other scripts to be run each time the device system restarts, at specific intervals, or at a specified time.

  • Page 474: Configure Applications To Run Automatically

    Whether the script should run one time only. Task one: Upload the application    WebUI 1. Log into the TX54 WebUI as a user with Admin access. 2. On the menu, click System. Under Administration, click File System. The File System page appears. TX54 User Guide...
  • Page 475 TX54 device. local-path is the location on the TX54 device where the copied file will be placed. For example: To upload a Python application from a remote host with an IP address of 192.168.4.1 to the /etc/config/scripts directory on the TX54 device, issue the following command: >...

  • Page 476: Task Two: Configure The Application To Run Automatically

    This feature does not provide syntax or error checking. Certain commands can render the device inoperable. Use with care.    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Applications.
  • Page 477 If neither option is selected, only the script's exit code is written to the system log. 9. For Maximum memory, enter the maximum amount of memory available to be used by the script and its subprocesses, using the format number{b|bytes|KB|k|MB|MB|M|GB|G|TB|T}. TX54 User Guide...
  • Page 478    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 479 If the script begins with #!, then the script will be invoked in the location specified by the path for the script command. Otherwise, the default shell will be used (equivalent to #!/bin/sh). TX54 User Guide...

  • Page 480: Run A Python Application At The Shell Prompt

    Python applications cannot be run from the Admin CLI. You must access the device shell in order to run Python applications from the command line. See Authentication groups for information about configuring authentication groups that include shell access. TX54 User Guide...
  • Page 481 TX54 device. local-path is the location on the TX54 device where the copied file will be placed. For example: TX54 User Guide...

  • Page 482: Start An Interactive Python Session

    You can also create Python applications by using the vi command when logged in with shell access. 2. Log into the TX54 command line as a user with shell access. Depending on your device configuration, you may be presented with an Access selection menu.
  • Page 483 Start an interactive Python session >>> help("digidevice") Help on package digidevice: NAME digidevice - Digi device python extensions DESCRIPTION This module includes various extensions that allow Python to interact with additional features offered by the device. 4. Use Ctrl-D to exit the Python session. You can also exit the session using exit() or quit().

  • Page 484: Digidevice Module

    Use digidevice.config for device configuration Use Python to respond to Digi Remote Manager SCI requests Use digidevice runtime to access the runtime database Using Python to upload the device name to Digi Remote Manager The digidevice led submodule TX54 User Guide...

  • Page 485: Use Digidevice.cli To Execute Cli Commands

    1. Log into the TX54 command line as a user with shell access. Depending on your device configuration, you may be presented with an Access selection menu. Type shell to access the device shell.

  • Page 486: Use Digidevice.datapoint To Upload Custom Datapoints To Digi Remote Manager

    Help for using Python to execute TX54 CLI commands Get help executing a CLI command from Python by accessing help for cli.execute: 1. Log into the TX54 command line as a user with shell access. Depending on your device configuration, you may be presented with an Access selection menu.
  • Page 487 Help for using Python to upload custom datapoints to Remote Manager Get help for uploading datapoints to your Digi Remote Manager account by accessing help for datapoint.upload: 1. Log into the TX54 command line as a user with shell access.

  • Page 488: Use Digidevice.config For Device Configuration

    Read the device configuration Use the get() method to read the device configuration: 1. Log into the TX54 command line as a user with shell access. Depending on your device configuration, you may be presented with an Access selection menu. Type shell to access the device shell.
  • Page 489 Modify the device configuration Use the set() and commit() methods to modify the device configuration: 1. Log into the TX54 command line as a user with shell access. Depending on your device configuration, you may be presented with an Access selection menu.

  • Page 490: Use Python To Respond To Digi Remote Manager Sci Requests

    Remote Manager's Server Command Interface (SCI), a web service that allows users to access information and perform commands that relate to their devices. Use Remote Manager's SCI interface to create SCI requests that are sent to your TX54 device, and use the device_request module to send responses to those requests to Remote Manager.
  • Page 491 Applications Digidevice module Task one: Use the device_request module on your TX54 device to create a response 1. Log into the TX54 command line as a user with shell access. Depending on your device configuration, you may be presented with an Access selection menu.
  • Page 492 Remote Manager. 1. Create a Python application, called showsystem.py, that uses the digidevice.cli module to create a response containing information about device and the device_request module to respond with this information to a request from Remote Manager: TX54 User Guide...
  • Page 493    WebUI i. Log into the TX54 WebUI as a user with full Admin access rights. ii. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. iii. Click System > Scheduled tasks > Custom scripts.
  • Page 494    Command line i. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 495 > reboot To run the application from the shell prompt: i. Log into the TX54 command line as a user with shell access. Depending on your device configuration, you may be presented with an Access selection menu. Type shell to access the device shell.
  • Page 496 <device_request target_name="showSystem"> 8. Click Send. You should receive a response similar to the following: <sci_reply version="1.0"> <data_service> <device id="00000000-00000000-0000FFFF-A83CF6A3"/> <requests> <device_request target_name="showSystem" status="0">Model : Digi TX54 Serial Number : TX54-000068 Hostname : TX54 : 00:40:D0:13:35:36 Hardware Version : 50001959-01 A Firmware Version : 19.11.72.58...
  • Page 497 : MB/MB(%) Disk /tmp Usage : 0.004MB/40.96MB(0%) Disk /var Usage : 0.820MB/32.768MB(3%)</device_request> </requests> </device> <device id="00000000-00000000-0000FFFF-485740BC"/> <requests> <device_request target_name="showSystem" status="0">Model : Digi TX54 Serial Number : TX54-000023 Hostname : TX54 : 0040D026791C Hardware Version : 50001959-01 A Firmware Version : 19.11.72.58...
  • Page 498 </sci_request> Help for using Python to respond to Digi Remote Manager SCI requests Get help for respond to Digi Remote Manager Server Command Interface (SCI) requests by accessing help for digidevice.device_request: 1. Log into the TX54 command line as a user with shell access.

  • Page 499: Use Digidevice Runtime To Access The Runtime Database

    Read from the runtime database Use the keys() and get() methods to read the device configuration: 1. Log into the TX54 command line as a user with shell access. Depending on your device configuration, you may be presented with an Access selection menu.
  • Page 500 Get help for reading and modifying the device runtime database by accessing help for digidevice.runt: 1. Log into the TX54 command line as a user with shell access. Depending on your device configuration, you may be presented with an Access selection menu.

  • Page 501: Using Python To Upload The Device Name To Digi Remote Manager

    Using Python to upload the device name to Digi Remote Manager The name submodule can be used to upload a custom name for your device to Digi Remote Manager. When you use the name submodule to upload a custom device name to Remote Manager, the...
  • Page 502 Digidevice module Upload a custom name 1. Log into the TX54 command line as a user with shell access. Depending on your device configuration, you may be presented with an Access selection menu. Type shell to access the device shell.

  • Page 503: The Digidevice Led Submodule

    5. Use Ctrl-D to exit the Python session. You can also exit the session using exit() or quit(). The digidevice led submodule Use the led submodule to redefine the purpose of any front-panel LED on the TX54 device. With this submodule, you can: Gain control of the LED with the led.acquire() function.
  • Page 504 Releasing the LEDs to system control During a Python interactive session, or from within a Python script, you can release control of the LED from Python to system control using the led.release() method. TX54 User Guide...
  • Page 505 LED state is not updated until Python releases control of the LED. When the LED is returned to system control, the state of the LED will reflect the correct, recorded state information. TX54 User Guide...

  • Page 506: User Authentication

    This chapter contains the following topics: TX54 user authentication User authentication methods Authentication groups Local users Terminal Access Controller Access-Control System Plus (TACACS+) Remote Authentication Dial-In User Service (RADIUS) Disable shell access Set the idle timeout for TX54 users Example user configuration TX54 User Guide...

  • Page 507: Tx54 User Authentication

    User authentication TX54 user authentication TX54 user authentication User authentication on the TX54 has the following features and default configuration: Default Feature Description configuration Idle timeout 10 minutes. Determines how long a user session can be idle before the system automatically disconnects.
  • Page 508 RADIUS: Users authenticated by using a remote RADIUS server for authentication. Remote Authentication Dial-In User Service (RADIUS) for information about configuring RADIUS authentication. TACACS+: Users authenticated by using a remote TACACS+ server for authentication. Terminal Access Controller Access-Control System Plus (TACACS+) for information about configuring TACACS+ authentication. TX54 User Guide...

  • Page 509: Add A New Authentication Method

    To add an authentication method:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Authentication > Methods.
  • Page 510 This procedure describes how to add methods to various places in the list. 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu.

  • Page 511: Delete An Authentication Method

    Type quit to disconnect from the device. Delete an authentication method    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. TX54 User Guide...
  • Page 512    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 513: Rearrange The Position Of Authentication Methods

    To reorder these so that RADIUS is first and Local users is second: 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 514    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 515: Authentication Groups

    Disable shell access for more information about the Allow shell parameter. Serial access: Users with Serial access have the ability to log into the TX54 device by using the serial console. Preconfigured authentication groups The TX54 device has two preconfigured authentication groups: The admin group is configured by default to have full Admin access and Shell access.
  • Page 516 User authentication Authentication groups Change the access rights for a predefined group Add an authentication group Delete an authentication group TX54 User Guide...

  • Page 517: Change The Access Rights For A Predefined Group

    For groups assigned Admin access, you can also determine whether the Access level should be Full access or Read-only access. Full access provides users of this group with the ability to manage the TX54 device by using the WebUI or the Admin CLI.
  • Page 518    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 519: Add An Authentication Group

    Access rights to captive portals, and the portals to which they have access. Access rights to query the device for Nagios monitoring. To add an authentication group:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. TX54 User Guide...
  • Page 520 For groups assigned Admin access, you can also determine whether the Access level should be Full access or Read-only access. where value is either: Full access full: provides users of this group with the ability to manage the TX54 device by using the WebUI or the Admin CLI. TX54 User Guide...
  • Page 521    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 522 (config)> where value is either: full: provides users of this group with the ability to manage the TX54 device by using the WebUI or the Admin CLI. read-only: provides users of this group with read-only access to the WebUI and Admin CLI.

  • Page 523: Delete An Authentication Group

    Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. Delete an authentication group By default, the TX54 device has two preconfigured authentication groups: admin and serial. These groups cannot be deleted. To delete an authentication group that you have created: ...
  • Page 524    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 525 4. Save the configuration and apply the change: (config)> save Configuration saved. > 5. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 526: Local Users

    TACACS+ or RADIUS. Local user authentication is enabled by default, with one preconfiged default user. Default user At manufacturing time, each TX54 device comes with a default user configured as follows: Username: admin. Password: The default password is displayed on the label on the bottom of the device.

  • Page 527: Change A Local User's Password

    To change a user's password:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Authentication > Users.
  • Page 528 6. Click Apply to save the configuration and apply the change. The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it. TX54 User Guide...

  • Page 529: Configure A Local User

    Local users    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 530 To configure a local user:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Authentication > Users.
  • Page 531 To display the QR code for the secret key, click ... next to the field label and select Show secret key QR code. iii. Copy the secret key, or scan or copy the QR code, for use with an application or mobile device to generate passcodes. TX54 User Guide...
  • Page 532    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 533 (config auth user new_user)> del group n (config auth user new_user)> Where n is index number of the authentication method to be deleted. For example, to delete the serial group as displayed by the example show command, above: TX54 User Guide...
  • Page 534 (config auth user new_user 2fa)> disallow_reuse true (config auth user new_user 2fa)> f. For time-based verification only, configure the code refresh interval. This is the amount of time that a code will remain valid. TX54 User Guide...
  • Page 535 Change to the user's scratch code node: (config auth user new_user 2fa)> scratch_code (config auth user new_user 2fa scratch_code)> ii. Add a scratch code: (config auth user new_user 2fa scratch_code)> add end code (config auth user new_user 2fa scratch_code)> TX54 User Guide...

  • Page 536: Delete A Local User

    To delete a user from your TX54:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Authentication > Users.
  • Page 537    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 538: Terminal Access Controller Access-Control System Plus (Tacacs+)

    With TACACS+ support, the TX54 device acts as a TACACS+ client, which sends user credentials and connection parameters to a TACACS+ server over TCP. The TACACS+ server then authenticates the TACACS+ client requests and sends back a response message to the device.

  • Page 539: Tacacs+ User Configuration

    After setting up the TACACS+ server, you will need to configure one or more users on the server. When configured with TACACS+ support, the TX54 device uses the TACACS+ server for authentication (password verification) and authorization (assigning the access level of the user).

  • Page 540: Tacacs+ Server Failover And Fallback To Local Authentication

    Terminal Access Controller Access-Control System Plus (TACACS+) TACACS+ server failover and fallback to local authentication In addition to the primary TACACS+ server, you can also configure your TX54 device to use backup TACACS+ servers. Backup TACACS+ servers are used for authentication requests when the primary TACACS+ server is unavailable.
  • Page 541 = testing123 8. (Optional) For Group attribute, type the name of the attribute used in the TACACS+ server's configuration to identify the TX54 authentication group or groups that the user is a member of. For example, in TACACS+ user configuration, the group attribute in the sample tac_plus.conf...
  • Page 542 User authentication Terminal Access Controller Access-Control System Plus (TACACS+) the sample tac_plus.conf file is system, which is also the default setting in the TX54 configuration. 10. (Optional) Click  again to add additional TACACS+ servers. 11. Add TACACS+ to the authentication methods: a.
  • Page 543 (config auth tacacs+ server 0)> ... (config)> 8. (Optional) Configure the group_attribute. This is the name of the attribute used in the TACACS+ server's configuration to identify the TX54 authentication group or groups that the user is a member of. For example, in TACACS+ user configuration, the group attribute in the sample tac_plus.conf file is groupname, which is also the default setting for the group_...
  • Page 544 User authentication Terminal Access Controller Access-Control System Plus (TACACS+) 13. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 545: Remote Authentication Dial-In User Service (Radius)

    With RADIUS support, the TX54 device acts as a RADIUS client, which sends user credentials and connection parameters to a RADIUS server over UDP. The RADIUS server then authenticates the RADIUS client requests and sends back a response message to the device.

  • Page 546: Radius User Configuration

    /etc/init.d/freeradius restart RADIUS server failover and fallback to local configuration In addition to the primary RADIUS server, you can also configure your TX54 device to use backup RADIUS servers. Backup RADIUS servers are used for authentication requests when the primary RADIUS server is unavailable.

  • Page 547: Configure Your Tx54 Device To Use A Radius Server

    If the RADIUS servers are unavailable and the TX54 device falls back to local authentication, only users defined locally on the device are able to log in. RADIUS users cannot log in until the RADIUS servers are brought back online.
  • Page 548 Remote Authentication Dial-In User Service (RADIUS)    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Authentication > RADIUS > Servers.
  • Page 549 NAS or any arbitrary string. If not set, the default value is used: If you are accessing the TX54 device by using the WebUI, the default value is for NAS ID is httpd. If you are accessing the TX54 device by using ssh, the default value is sshd.
  • Page 550 You can use the fully-qualified domain name of the NAS or any arbitrary string. If not set, the default value is used: If you are accessing the TX54 device by using the WebUI, the default value is for NAS ID is httpd.

  • Page 551: Disable Shell Access

    If shell access is disabled, re-enabling it will erase the device's configuration and perform a factory reset.    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. TX54 User Guide...
  • Page 552    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 553: Set The Idle Timeout For Tx54 Users

    By default, the Idle timeout is set to 10 minutes.    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 554    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 555: Example User Configuration

    Goal: To create a user with administrator rights who is authenticated locally on the device.    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 556    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 557: Example 2: Radius, Tacacs+, And Local Authentication For One User

    Goal: To create a user with administrator rights who is authenticated by using all three authentication methods. In this example, when the user attempts to log in to the TX54 device, user authentication will occur in the following order: TX54 User Guide...
  • Page 558 2. The user is authenticated by the TACACS+ server. If both the RADIUS and TACACS+ servers are unavailable, 3. The user is authenticated by the TX54 device using local authentication. This example uses a FreeRadius 3.0 server running on ubuntu, and a TACACS+ server running on ubuntu.
  • Page 559 The authentication group on the TX54 device, admin, is identified in the groupname parameter. c. Save and close the tac_plus.conf file. 3. Log into the TX54 WebUI as a user with full Admin access rights. 4. On the menu, click System. Under Configuration, click Device Configuration. TX54 User Guide...
  • Page 560 Click  to add another new method. f. For the new method, select Local users. 6. Create the local user: a. Click Authentication > Users. b. In Add User:, type admin1 and click . c. For password, type password1. TX54 User Guide...
  • Page 561 Add a RADIUS user to the users file: admin1 Cleartext-Password := "password1" Unix-FTP-Group-Names := "admin" In this example: The user's username is admin1. The user's password is password1. The authentication group on the TX54 device, admin, is identified in the Unix-FTP- Group-Names parameter. TX54 User Guide...
  • Page 562 Save and close the tac_plus.conf file. 3. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 563 (config auth user adminuser)> save Configuration saved. > 9. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...
  • Page 564 Firewall This chapter contains the following topics: Firewall configuration Port forwarding rules Packet filtering Configure custom firewall rules Configure captive portals Configure Quality of Service options Web filtering TX54 User Guide...

  • Page 565: Firewall Configuration

    The default zone for hotspots. Dynamic routes: Used for routes learned using routing services. Port forwarding: A list of rules that allow network connections to the TX54 to be forwarded to other servers by translating the destination address. Packet filtering: A list of packet filtering rules that determine whether to accept or reject network connections that are forwarded through the TX54.
  • Page 566 Firewall Firewall configuration 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Firewall > Zones. 4. In Add Zone, enter a name for the zone and click .

  • Page 567: Configure The Firewall Zone For A Network Interface

    Firewall Firewall configuration 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI. 2. At the command line, type config to enter configuration mode: >...
  • Page 568    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 569: Delete A Custom Firewall Zone

    You cannot delete preconfigured firewall zones. To delete a custom firewall zone:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.

  • Page 570: Port Forwarding Rules

       Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 571 To configure a port forwarding rule:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Firewall > Port forwarding.
  • Page 572 13. Click Apply to save the configuration and apply the change. The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it.    Command line TX54 User Guide...
  • Page 573 Firewall Port forwarding rules 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 574 (config firewall dnat 0 acl> add address end ip-address (config firewall dnat 0 acl)> For IPv6 addresses: (config firewall dnat 0 acl> add address6 end ip-address (config firewall dnat 0 acl)> Repeat for each appropriate IP address. TX54 User Guide...

  • Page 575: Delete A Port Forwarding Rule

    Delete a port forwarding rule To delete a port forwarding rule:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. TX54 User Guide...
  • Page 576    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 577 5. Save the configuration and apply the change: (config)> save Configuration saved. > 6. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 578: Packet Filtering

    Packet filtering By default, there are two preconfigured packet filtering rules: Allow all outgoing traffic: Monitors traffic going to and from the TX54 device. The predefined settings are intended to block unauthorized inbound traffic while providing an unrestricted flow of outgoing data.
  • Page 579 9. For Destination zone, select the firewall zone. Packets destined for network interfaces that are members of this zone will either be accepted, rejected or dropped by this rule. Firewall configuration for more information about firewall zones. 10. Click Apply to save the configuration and apply the change. TX54 User Guide...
  • Page 580    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 581 7. Set the IP version. (config firewall filter 1)> ip_version value (config firewall filter 1)> where value is one of: ipv4 ipv6 The default is any. 8. Set the protocol. (config firewall filter 1)> protocol value (config firewall filter 1)> TX54 User Guide...

  • Page 582: Enable Or Disable A Packet Filtering Rule

    To enable or disable a packet filtering rule:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 583    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 584: Delete A Packet Filtering Rule

    To delete a packet filtering rule:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Firewall > Packet filtering.
  • Page 585    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 586: Configure Custom Firewall Rules

    To configure custom firewall rules:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Firewall > Custom rules.
  • Page 587 7. Click Apply to save the configuration and apply the change. The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it. TX54 User Guide...
  • Page 588 Configure custom firewall rules    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 589: Configure Captive Portals

    To configure captive portals:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Firewall > Captive portals.
  • Page 590    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 591 (config firewall portal portal1)> timeout value (config firewall portal portal1)> where value is any number of weeks, days, hours, minutes, or seconds, and takes the format number{w|d|h|m|s}. For example, to set Session timeout to ten minutes, enter either 10m or 600s: TX54 User Guide...
  • Page 592 11. (Optional) Set the URL to which the user will be directed when granted access to the portal. If left blank, the user will be directed to the domain of the URL in the original access request. (config firewall portal portal1)> url https://myportal.com (config firewall portal portal1)> TX54 User Guide...

  • Page 593: Delete Captive Portals

    To delete captive portals:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Firewall > Captive portals.

  • Page 594: Configure Quality Of Service Options

    (packet ingress). A QoS binding contains the policies and rules that apply to packets exiting the TX54 device on the binding's interface. By default, the TX54 device has two preconfigured QoS bindings, Outbound and Inbound.
  • Page 595    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 596 Type quit to disconnect from the device. Create a new binding    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. TX54 User Guide...
  • Page 597 Allowed value is any integer between 1 and 1000. 9. Create a policy for the binding: At least one policy is required for each binding. Each policy can contain up to 30 rules. a. Click to expand Policy. b. For Add Policy, click . TX54 User Guide...
  • Page 598 New QoS binding policy rules are enabled by default. To disable, click Enable. iii. (Optional) Type a Label for the binding policy rule. iv. For Type Of Service, type the value of the Type of Service (ToS) packet header that defines packet priority. If unspecified, this field is ignored. TX54 User Guide...
  • Page 599 10. Click Apply to save the configuration and apply the change. The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it. TX54 User Guide...
  • Page 600 Configure Quality of Service options    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 601 (config firewall qos 2 policy 0)> where int is any integer, 1 or greater. The default is 100. f. To identify this policy as a fall-back policy: (config firewall qos 2 policy 0)> default true (config firewall qos 2 policy 0)> TX54 User Guide...
  • Page 602 (config firewall qos 2 policy 0 rule 0)> dstport value (config firewall qos 2 policy 0 rule 0)> where value is the IP port number, a range of port numbers using the format IP_port- IP_port, or any. TX54 User Guide...
  • Page 603 Only traffic from the IP address typed in IPv6 address will be matched. Set the address that will be matched: (config network qos 2 policy 0 rule 0)> src address6 value (config network qos 2 policy 0 rule 0)> TX54 User Guide...
  • Page 604 Set the address that will be matched: (config network qos 2 policy 0 rule 0)> src address value (config network qos 2 policy 0 rule 0)> where value uses the format IPv4_address[/netmask], or any to match any IPv4 address. TX54 User Guide...

  • Page 605: Web Filtering

    Type quit to disconnect from the device. Web filtering Web filtering allows you to control access to services that can be accessed through the TX54 device by forwarding all Domain Name System (DNS) traffic to a web filtering service. This allows the network security administrator to configure a set of policies with the web filtering service that are applied to all routing devices with web filtering enabled.
  • Page 606 Task two: Configure web filtering    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Firewall > Web filtering service.
  • Page 607 Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. Clear the Cisco Umbrella device ID If the Cisco Umbrella device ID being used by your TX54 is invalid, you can clear the device ID.    Command line 1.

  • Page 608: Configure Web Filtering With Manual Dns Servers

    To configure web filtering with manual DNS servers:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 609    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 610 (config firewall web-filter server 0)> ip 208.67.222.220 (config firewall web-filter server 0)> d. Add the second DNS server: i. Move back one node in the configuration tree: (config firewall web-filter server 0)> .. (config firewall web-filter server)> TX54 User Guide...

  • Page 611: Verify Your Web Filtering Configuration

    Cisco open DNS servers. 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 612 4. From a new tab in your browser, attempt to connect to the Cisco test URL http://www.internetbadguys.com. The connection should be successful. 5. Return to the TX54 WebUI and enable web filtering: a. Click Firewall > Web filtering service. b. Click Enable web filtering to enable.
  • Page 613 Cisco open DNS servers. 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 614: Show Web Filter Service Information

    To view information about the web filter service:    Command line 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 615: System Administration

    This chapter contains the following topics: Review device status Configure system information Update system firmware Update cellular module firmware Reboot your TX54 device Reset the device to factory defaults Configure power delays for power ignition sensor Configure power button behavior Configure power input voltage...

  • Page 616: Review Device Status

    Show basic system information: 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 617: Configure System Information

    Disk /var Usage : 1.132MB/262.144MB(0%) > Configure system information You can configure information related to your TX54 device, such as providing a name and location for the device. Configuration items A name for the device. The name of a contact for the device.
  • Page 618    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 619: Update System Firmware

    For example, TX54-Dual-Cellular-19.11.72.58.bin. Manage firmware updates using Digi Remote Manager If you have a network of many devices, you can use Digi Remote Manager Profiles to manage firmware updates. Profiles ensure all your devices are running the correct firmware version and that all newly installed devices are updated to that same version.
  • Page 620 TX54-Single-Cellular Download the correct firmware for your variant of the TX54 device. 2. Log into the TX54 WebUI as a user with Admin access. 3. On the main menu, click System. 4. In the Device Firmware section, for Firmware Image, click Choose File.
  • Page 621 System administration Update system firmware    Command line 1. Download the TX54 operating system firmware from the Digi Support FTP site to your local machine. Note For TX54 devices, there are three platform variants: TX54-Dual-Cellular TX54-Dual-Wi-Fi TX54-Single-Cellular Download the correct firmware for your variant of the TX54 device.

  • Page 622: Update Cellular Module Firmware

    > reboot Rebooting system > 7. Once the device has rebooted, log into the TX54's command line as a user with Admin access and verify the running firmware version by entering the show system command. > show system...

  • Page 623: Reboot Your Tx54 Device

    Select the firmware. 7. Click Update. Reboot your TX54 device You can reboot the TX54 device immediately or schedule a reboot for a specific time every day. Note You may want to save your configuration settings to a file before rebooting. See...

  • Page 624: Schedule Reboots Of Your Device

    Schedule reboots of your device    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Select System > Scheduled tasks.
  • Page 625    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 626: Reset The Device To Factory Defaults

    3. In the Erase configuration section, click ERASE. 4. Click CONFIRM. 5. After resetting the device: a. Connect to the TX54 by using the serial port or by using an Ethernet cable to connect the TX54 LAN1 port to your PC. b. Log into the TX54: User name: Use the default user name: admin.
  • Page 627 2. Enter the following: > system factory-erase 3. After resetting the device: a. Connect to the TX54 by using the serial port or by using an Ethernet cable to connect the TX54 LAN1 port to your PC. b. Log into the TX54: User name: Use the default user name: admin.

  • Page 628: Configure Power Delays For Power Ignition Sensor

    Configure power delays for power ignition sensor By default, the TX54 device automatically powers on when it detects power on the ignition sensor, and powers off when it detects that there is no power on the ignition sensor, and there is no delay for either power on or power off based on the power ignition sensor.
  • Page 629 The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it.    Command line 1. Log into the TX54 command line as a user with full Admin access rights. TX54 User Guide...

  • Page 630: Configure Power Button Behavior

    Type quit to disconnect from the device. Configure power button behavior The TX54 device's front panel includes a Power button. If the device is off, pressing the Power button will turn on the device. If the device is on, the Power button includes two options to power down the device: short- press and long-press options.
  • Page 631    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 632: Configure Power Input Voltage

    Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. Configure power input voltage The TX54 device supports multiple power voltage levels, and can be configured to respond to various ranges of power input. Required configuration items The required input voltage.
  • Page 633 The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it.    Command line 1. Log into the TX54 command line as a user with full Admin access rights. TX54 User Guide...
  • Page 634 4. Save the configuration and apply the change: (config)> save Configuration saved. > 5. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 635: Configuration Files

    Save configuration changes When you make changes to the TX54 configuration, the changes are not automatically saved. You must explicitly save configuration changes, which also applies the changes. If you do not save configuration changes, the system discards the changes.

  • Page 636: Save Configuration To A File

    Type quit to disconnect from the device. Save configuration to a file You can save your TX54 device's configuration to a file and use this file to restore the configuration, either to the same device or to similar devices.

  • Page 637: Restore The Device Configuration

    > scp host 192.168.4.1 user admin remote /home/admin/bin/ local /etc/config/backup-archive-0040FF800120-19.05.17-19.01.17.bin to remote Restore the device configuration You can restore a configuration file to your TX54 device by using a backup from the device, or a backup from a similar device. ...
  • Page 638 TX54 device. local-path is the location on the TX54 device where the copied file will be placed. TX54 User Guide...
  • Page 639 3. Enter the following: > system restore path [passphrase passphrase] where path is the location of configuration backup file on the TX54's filesystem (local-path in the previous step). passphrase (optional) is the passphrase to restore the configuration backup, if a passphrase was used when the backup was created.

  • Page 640: Schedule System Maintenance Tasks

    Custom scripts that should be run as part of the configuration check.    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 641 Use with care. Scripts created here are also automatically entered in Configuration > Applications. b. For Add Script, click . The schedule script configuration window is displayed. Scheduled scripts are enabled by default. To disable, click Enable to toggle off. TX54 User Guide...
  • Page 642 If Once is enabled, rebooting the device will cause the script to not run again. The only way to re-run the script is to: Remove the script from the device and add it again. Make a change to the script. Uncheck Once. 10. Click Apply to save the configuration and apply the change. TX54 User Guide...
  • Page 643    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 644 The script will run once each time the device boots. If boot is selected, set the action that will be taken when the script completes: (config system schedule script 0)> exit_action action (config system schedule script 0)> where action is one of the following: TX54 User Guide...
  • Page 645 If the script begins with #!, then the script will be invoked in the location specified by the path for the script command. Otherwise, the default shell will be used (equivalent to #!/bin/sh). TX54 User Guide...
  • Page 646 5. Save the configuration and apply the change: (config)> save Configuration saved. > 6. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...
  • Page 647 Monitoring This chapter contains the following topics: intelliFlow Configure NetFlow Probe Enable the Bluetooth scanner Enable the Wi-Fi scanner TX54 User Guide...

  • Page 648: Intelliflow

    WebUI. To use intelliFlow, the TX54 must be powered on and you must have access to the local WebUI. Once you enable intelliFlow, the Status >...
  • Page 649    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 650 5. Save the configuration and apply the change: (config)> save Configuration saved. > 6. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 651: Use Intelliflow To Display Average Cpu And Ram Usage

    This procedure is only available from the WebUI. To display display average CPU and RAM usage:    WebUI 1. Log into the TX54 WebUI as a user with Admin access. 2. If you have not already done so, enable intelliFlow. See Enable intelliFlow.

  • Page 652: Use Intelliflow To Display Top Data Usage Information

    Top data usage by service To generate a top data usage chart:    WebUI 1. Log into the TX54 WebUI as a user with Admin access. 2. If you have not already done so, enable intelliFlow. See Enable intelliFlow. 3. From the menu, click Status > intelliFlow.
  • Page 653 5. Change the type of chart that is used to display the data: a. Click the menu icon (). b. Select the type of chart. 6. Change the number of top users displayed. You can display the top five, top ten, or top twenty data users. TX54 User Guide...

  • Page 654: Use Intelliflow To Display Data Usage By Host Over Time

    Use intelliFlow to display data usage by host over time To generate a chart displaying a host's data usage over time:    WebUI 1. Log into the TX54 WebUI as a user with Admin access. 2. If you have not already done so, enable intelliFlow. See Enable intelliFlow.

  • Page 655: Configure Netflow Probe

    To save the chart to your local filesystem, select Export to PNG. c. To print the chart, select Print chart. Configure NetFlow Probe NetFlow probe is used to probe network traffic on the TX54 device and export statistics to NetFlow collectors. Required configuration items Enable NetFlow.
  • Page 656 Configure NetFlow Probe    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Monitoring > NetFlow probe.
  • Page 657    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 658 1 and 1800. The default is 1800. 8. Set the maximum number of flows to probe simultaneously: (config)> monitoring netflow max_flows value (config)> where value is any is any number between 0 and 2000000. The default is 2000000. TX54 User Guide...
  • Page 659 (config monitoring netflow collector 0)> save Configuration saved. > 11. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 660: Enable The Bluetooth Scanner

    Enable the Bluetooth scanner Enable the Bluetooth scanner The Bluetooth scanner allows you to configure your TX54 device to detect BLE-enabled devices that are nearby, and can be configured to open an SSH port that remote hosts can access to read basic information about those devices.
  • Page 661 To limit access to specified IPv4 addresses and networks: i. Click IPv4 Addresses. ii. For Add Address, click . iii. For Address, enter the IPv4 address or network that can access the device's SSH service. Allowed values are: TX54 User Guide...
  • Page 662 The Apply button is located at the top of the WebUI page. You may need to scroll to the top of the page to locate it.    Command line 1. Log into the TX54 command line as a user with full Admin access rights. TX54 User Guide...
  • Page 663 No limit to IPv4 addresses that can access the SSH service. Repeat this step to list additional IP addresses or networks. To limit access to specified IPv6 addresses and networks: (config)> add monitoring bluetooth_scanner ssh acl address6 end value (config)> TX54 User Guide...
  • Page 664 No limit to IPv6 addresses that can access the SSH service. Repeat this step to list additional IP addresses or networks. To limit access to hosts connected through a specified interface on the TX54 device: (config)> add monitoring bluetooth_scanner ssh acl interface end value (config)>...

  • Page 665: Display The Output Of The Bluetooth Scanner

    From the command line when logged into the TX54 device. From a remote host, by connecting to the TX54 device by using the scanner's SSH port. To view the output of the Bluetooth scanner, you must first enable the service. See...
  • Page 666 Enable the Bluetooth scanner To view the output of the Bluetooth scanner from the Status page: 1. Log into the TX54 WebUI as a user with Admin access. 2. On the menu, select Status > Bluetooth. The Bluetooth scanner page displays.

  • Page 667: Enable The Wi-Fi Scanner

    Monitoring Enable the Wi-Fi scanner TX54|Hopkins, MN|2019-06-28 17:08:59|EF-C8-3E-D3-65-04|Digi International Inc (R)|VOID|VOID|-55 TX54|Hopkins, MN|2019-06-28 17:08:59|B6-21-0B-23-AE-FC|Apple, Inc.|VOID|VOID|-75 Bluetooth scanner output The output from the Bluetooth scanner includes the following information: Field Description Field 1 The name of the device, as configured for the system.
  • Page 668 The access control list for the SSH port used by the Wi-Fi scanner to stream output to a remote host. When the Wi-Fi scanner is enabled, the TX54 device will automatically configure its firewall rules to allow incoming connections on the configured listening port. You can restrict access by configuring the access control list for the Wi-Fi scanner's listening port.
  • Page 669 A single IP address or host name. A network designation in CIDR notation, for example, 2001:db8::/48. any: No limit to IPv6 addresses that can access the SSH service. iv. Click  again to list additional IP addresses or networks. TX54 User Guide...
  • Page 670    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 671 A single IP address or host name. A network designation in CIDR notation, for example, 192.168.1.0/24. any: No limit to IPv4 addresses that can access the SSH service. Repeat this step to list additional IP addresses or networks. TX54 User Guide...
  • Page 672 No limit to IPv6 addresses that can access the SSH service. Repeat this step to list additional IP addresses or networks. To limit access to hosts connected through a specified interface on the TX54 device: (config)> add wifi scanner ssh acl interface end value (config)>...

  • Page 673: Display The Output Of The Wi-Fi Scanner

    From the command line when logged into the TX54 device. From a remote host, by connecting to the TX54 device by using the scanning service's SSH port. To view the output of the Wi-Fi scanning service, you must first enable the service. See...
  • Page 674 Monitoring Enable the Wi-Fi scanner 1. Log into the TX54 WebUI as a user with Admin access. 2. On the menu, select Status > Wi-Fi. The Wi-Fi scanner page displays. To view the output of the Wi-Fi scanning service from the System Logs page: 1.
  • Page 675 The channel being used by the access point or the client. If the device is a Wi-Fi access point that uses a hidden SSID, the channel will be listed as -1 . Field If the device is a Wi-Fi access point, the SSID of the access point. Field The Received Signal Strength Indicator (RSSI). TX54 User Guide...
  • Page 676 Configure Digi Remote Manager Collect device health data and set the sample interval Log into Digi Remote Manager Use Digi Remote Manager to view and manage your device Add a device to Digi Remote Manager View Digi Remote Manager connection status...

  • Page 677: Central Management With Digi Remote Manager

    Digi Remote Manager User Guide. Configure Digi Remote Manager By default, your TX54 device is configured to use central management using Digi Remote Manager. Additional configuration options These additional configuration settings are not typically configured, but you can set them as needed: Disable the Digi Remote Manager connection if it is not required.
  • Page 678 Central management with Digi Remote Manager Configure Digi Remote Manager TX54 User Guide...
  • Page 679 4. (Optional) For Management server, type the URL for the central management server. The default is the Digi Remote Manager server, my.devicecloud.com. 5. (Optional) For Retry interval, type the amount of time that the TX54 device should wait before reattempting to connect to the Digi Remote Manager server after being disconnected. The default is 30 seconds.
  • Page 680 (config)> cloud drm drm_url url (config)> 5. (Optional) Set the amount of time that the TX54 device should wait before reattempting to connect to the Digi Remote Manager server after being disconnected. The minimum value is ten seconds. The default is 30 seconds.

  • Page 681: Collect Device Health Data And Set The Sample Interval

    Collect device health data and set the sample interval You can enable or disable the collection of device health data to upload to Digi Remote Manager, and configure the interval between health sample uploads. By default, device health data upload is enabled, and the health sample interval is set to 60 minutes.
  • Page 682 Central management with Digi Remote Manager Collect device health data and set the sample interval 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration.

  • Page 683: Log Into Digi Remote Manager

    Log into Digi Remote Manager    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 684: Use Digi Remote Manager To View And Manage Your Device

    Use Digi Remote Manager to view and manage your device To view and manage your device: 1. If you have not already done so, connect to your Digi Remote Manager account. 2. Click Device Management to display a list of your devices.

  • Page 685: Add A Device To Digi Remote Manager

    The same default password is also shown on the label affixed to the bottom of the device. 6. Click Add. 7. Click OK. Digi Remote Manager adds your TX54 device to your account and it appears in the Device Management view. View Digi Remote Manager connection status To view the current Digi Remote Manager configuration: ...

  • Page 686: Use The Digi Remote Manager Mobile App

    The Device ID is the unique identifier for the device, as used by the Remote Manager. Use the Digi Remote Manager mobile app If you have a smart phone or tablet, you can use the Digi Remote Manager mobile app to automatically provision a new devices and monitor devices in your account.

  • Page 687: Configure Multiple Devices Using Profiles

    2. Follow the prompts to complete your TX54 registration. Digi Remote Manager registers your TX54 and adds it to your Digi Remote Manager device list. You can now manage the device remotely using Digi Remote Manager.
  • Page 688 File system This chapter contains the following topics: The TX54 local file system Display directory contents Create a directory Display file contents Copy a file or directory Move or rename a file or directory Delete a file or directory Upload and download files...

  • Page 689: File System

    The TX54 local file system The TX54 local file system The TX54 local file system has approximately 500 MB of space available for storing files, such as Python programs, alternative configuration files and firmware versions, and release files, such as cellular module images.

  • Page 690: Create A Directory

    For example: 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 691: Display File Contents

    For example:    Command line 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI. 2. At the Admin CLI prompt, type more /path/filename. For example, to view the contenct of the file accns.json in /etc/config:...

  • Page 692: Move Or Rename A File Or Directory

      Command line To rename a file named test.py in /etc/config/scripts to final.py: 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 693: Delete A File Or Directory

      Command line To delete a file named test.py in /etc/config/scripts: 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 694: Upload And Download Files

    FileZilla. Upload and download files by using the WebUI Upload files 1. Log into the TX54 WebUI as a user with Admin access. 2. On the menu, click System. Under Administration, click File System. The File System page appears.

  • Page 695: Upload And Download Files By Using The Secure Copy Command

    TX54 device. local-path is the location on the TX54 device where the copied file will be placed. For example: To copy firmware from a remote host with an IP address of 192.168.4.1 to the /etc/config directory on the TX54 device, issue the following command: >...

  • Page 696: Upload And Download Files Using Sftp

    TX54 device. For example: To copy a support report from the TX54 device to a remote host at the IP address of 192.168.4.1: 1. Use the system support-report command to generate the report: >...
  • Page 697 File system Upload and download files $ sftp ahmed@192.168.2.1 Password: Connected to 192.168.2.1 sftp> get test.py Fetching test.py to test.py test.py 100% 0.3KB/s 00:00 sftp> exit TX54 User Guide...
  • Page 698 Generate a support report View system event logs Configure syslog servers Configure options for the event and system logs Analyze network traffic Use the ping command to troubleshoot network connections Use the traceroute command to diagnose IP routing problems TX54 User Guide...

  • Page 699: Generate A Support Report

    Attach the support report to any support requests.    Command line 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 700: View System Event Logs

    View System Logs    WebUI 1. Log into the TX54 WebUI as a user with Admin access. 2. On the main menu, click System > Logs. The system log displays: 3. Limit the display in the system log by using the Find search tool.
  • Page 701 Diagnostics View system event logs 5. Click  to download the system log. TX54 User Guide...
  • Page 702 View system event logs    Command line 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 703: View Event Logs

    6. Click  to download the event log.    Command line 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 704 Nov 26 22:01:25 info user name=admin~service=cli~state=closed~remote=192.168.1.2 > 5. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 705: Configure Syslog Servers

    You can configure remote syslog servers for storing event and system logs.    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed.
  • Page 706    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 707: Configure Options For The Event And System Logs

    To change or disable the heartbeat interval, or to disable event categories, and to perform other log configuration:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. TX54 User Guide...
  • Page 708 7. Enable Preserve system logs to save the current session's system log after a reboot. By default, the TX54 device erases system logs each time the device is powered off or rebooted.
  • Page 709 To disable the heartbeat interval, set the value to 0s 4. Enable preserve system logs functionality to save the current session's system log after a reboot. By default, the TX54 device erases system logs each time the device is powered off or rebooted.
  • Page 710 (config)> system log event dhcpserver ? DHCP server: Settings for DHCP server events. Informational events are generated when a lease is obtained or released. Status events report the current list of leases. Parameters Current Value ------------------------------------------------------------------- ------------ TX54 User Guide...
  • Page 711 7. Save the configuration and apply the change: (config)> save Configuration saved. > 8. Type exit to exit the Admin CLI. Depending on your device configuration, you may be presented with an Access selection menu. Type quit to disconnect from the device. TX54 User Guide...

  • Page 712: Analyze Network Traffic

    Analyze network traffic Analyze network traffic The TX54 device includes a network analyzer tool that captures data traffic on any interface and decodes the captured data traffic for diagnostics. You can capture data traffic on multiple interfaces at the same time and define capture filters to reduce the captured data. You can capture up to 10 MB of data traffic in two 5 MB files per interface.

  • Page 713: Configure Packet Capture For The Network Analyzer

    To configure a packet capture configuration:    WebUI 1. Log into the TX54 WebUI as a user with full Admin access rights. 2. On the menu, click System. Under Configuration, click Device Configuration. The Configuration window is displayed. 3. Click Network > Analyzer.
  • Page 714 For example, to set Duration to ten minutes, enter 10m or 600s. d. For Save interval, type the frequency with which captured events will be saved. Allowed values are any number of weeks, days, hours, minutes, or seconds, and take the format number{w|d|h|m|s}. TX54 User Guide...
  • Page 715    Command line 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 716 Set the frequency with which captured events will be saved: (config network analyzer name)> save_interval value (config network analyzer name)> where value is any number of weeks, days, hours, minutes, or seconds, and takes the format number{w|d|h|m|s}. TX54 User Guide...

  • Page 717: Example Filters For Capturing Data Traffic

    Capture traffic to and from a TCP port 80: ip proto tcp and port 80 Capture traffic to UDP port 53: ip proto udp and dst port 53 Capture traffic from UDP port 53: ip proto udp and src port 53 TX54 User Guide...

  • Page 718: Capture Packets From The Command Line

    To start packet capture from the command line:    Command line 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 719: Stop Capturing Packets

    To stop packet capture from the command line:    Command line 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 720 To show captured data traffic:    Command line 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 721: Save Captured Data Traffic To A File

       Command line 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI. 2. Type the following at the Admin CLI prompt: >...

  • Page 722: Download Captured Data To Your Pc

    4. Select the saved analyzer report you want to download and click  (download).    Command line 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 723: Clear Captured Data

       Command line 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI. 2. Type the following at the Admin CLI prompt: >...

  • Page 724: Use The Ping Command To Troubleshoot Network Connections

    Ping to check internet connection To check your internet connection: 1. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 725 Max wait for a response to a probe. (Default: 5) Example This example shows using traceroute to verify that the TX54 device can route to host 8.8.8.8 (www.google.com) through the default gateway. The command output shows that 15 routing hops were required to reach the host: 1.

  • Page 726: Digi Tx54 Regulatory And Safety Statements

    Radio Frequency Interference (RFI) (FCC 15.105) The Digi TX54 has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation.

  • Page 727: Ce Mark (Europe)

    The TX54 is certified for use in several European countries. For information, visit www.digi.com/resources/certifications. If the TX54 is incorporated into a product, the manufacturer must ensure compliance of the final product with articles 3.1a and 3.1b of the RE Directive (Radio Equipment Directive). A Declaration of Conformity must be issued for each of these standards and kept on file as described in the RE Directive (Radio Equipment Directive).

  • Page 728: Anatel (Brazil)

    Digi TX54 regulatory and safety statements ANATEL (Brazil) ANATEL (Brazil) Modelo: TX54-A106/TX54-A206 04208-19-01209 Para maiores informações, consulte o site da ANATEL www.anatel.gov.br Este equipamento não tem direito à proteção contra interferência prejudicial e não pode causar interferência em sistemas devidamente autorizados.

  • Page 729: Maximum Transmit Power For Radio Frequencies

    Digi TX54 regulatory and safety statements Maximum transmit power for radio frequencies Maximum transmit power for radio frequencies The following tables show the maximum transmit power for frequency bands. Cellular frequency bands Frequency bands Maximum transmit power Cellular LTE 700 MHz...

  • Page 730: Rohs Compliance Statement

    RoHS compliance statement RoHS compliance statement All Digi International Inc. products that are compliant with the RoHS Directive (EU Directive 2002/95/EC and subsequent amendments) are marked as RoHS COMPLIANT. RoHS COMPLIANT means that the substances restricted by the EU Directive 2002/95/EC and subsequent amendments...

  • Page 731: Special Safety Notes For Wireless Routers

    Special safety notes for wireless routers Digi International products are designed to the highest standards of safety and international standards compliance for the markets in which they are sold. However, cellular-based products contain radio devices which require specific consideration. Take the time to read and understand the following guidance.

  • Page 732: Product Disposal Instructions

    At the end of its life this product MUST NOT be mixed with other commercial waste for disposal. Check with the terms and conditions of your supplier for disposal information. Digi International Ltd WEEE Registration number: WEE/HF1515VU TX54 User Guide...

  • Page 733: Digitx54 Certifications

    International EMC (Electromagnetic Compatibility) and safety standards This product complies with the requirements of the following Electromagnetic Compatibility standards. There are no user-serviceable parts inside the product. Contact your Digi representative for repair information. Certification category Standards EN 300 328 v1.8.1...
  • Page 734 Auto-complete commands and parameters Available commands Use the scp command Display status and statistics using the show command Device configuration using the command line interface Execute configuration commands at the root Admin CLI prompt Configuration mode Command line reference TX54 User Guide...

  • Page 735: Command Line Interface

    Log in to the command line interface    Command line 1. Connect to the TX54 device by using a serial connection, SSH or telnet, or the Terminal in the WebUI or the Console in the Digi Remote Manager. See Access the command line interface more information.

  • Page 736: Exit The Command Line Interface

    2. At the main menu, click Terminal. The device console appears. TX54 login: 3. Log into the TX54 command line as a user with Admin access. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.

  • Page 737: Display Help For Commands And Parameters

    Display help for commands and parameters The help command When executed from the root command prompt, help displays information about autocomplete operations, how to move the cursor on the TX54 command line, and other keyboard shortcuts: > help Commands ------------------------------------------------------------------------------- Show commands help <Tab>...

  • Page 738: Display Help For Individual Commands

    Show Wi-Fi access points. client Show Wi-Fi client mode connections. > show wifi 3. To display a syntax diagram and parameter information: > show wifi ap ? Display details for Wi-Fi access points. Syntax: ap [all] [name {digi_ap1|digi_ap2}] TX54 User Guide...

  • Page 739: Use The Tab Key Or The Space Bar To Display Abbreviated Help

    Parameter values, where the value is one of an enumeration or an on|off type; for example: (config)> serial port1 enable t<Tab> auto-completes to (config)> serial port1 enable true Auto-complete does not function for: Parameter values that are string types. Integer values. TX54 User Guide...
  • Page 740 Command line interface Auto-complete commands and parameters File names. Select parameters passed to commands that perform an action. TX54 User Guide...

  • Page 741: Available Commands

    Pings a remote host using Internet Control Message Protocol (ICMP) Echo Request messages. reboot Reboots the TX54 device. Removes a file. Uses the secure copy protocol (SCP) to transfer files between the TX54 device and a remote host. Use the scp command for information about using the scp command. show Displays information about the device and the device's configuration.

  • Page 742: Use The Scp Command

    The hostname or IP address of the remote host. The username and password of the user on the remote host. Whether the file is being copied to the TX54 device from a remote host, or to the remote host from the TX54 device.

  • Page 743: Display Status And Statistics Using The Show Command

    TX54 device. For example: To copy a support report from the TX54 device to a remote host at the IP address of 192.168.4.1: 1. Use the system support-report command to generate the report: >...

  • Page 744: Show System

    "445" > show system show system command displays system information and statistics for the device, including CPU usage. > show system Model : Digi TX54 Serial Number : TX54-000068 Hostname : TTX54 : 00:40:D0:13:35:36 Hardware Version : 50001947-01 1P Firmware Version : 19.11.72.58...

  • Page 745: Device Configuration Using The Command Line Interface

    For example, to disable the SSH service from the root prompt, enter the following command: > config service ssh enable false > The TX54 device's ssh service is now disabled. Note When the config command is executed at the root prompt, certain configuration actions that are available in configuration mode cannot be performed.
  • Page 746 Private key port Port Additional Configuration -------------------------------------------------------------------------- Access control list mdns > config service ssh 4. Lastly, display the allowed values and other information for the enable parameter: > config service ssh enable ? Enable: Enable the service. TX54 User Guide...

  • Page 747: Configuration Mode

    1. At the config prompt, enter service to move to the service node: (config)> service (config service)> 2. Enter ssh to move to the ssh node: (config service)> ssh (config service ssh)> 3. Enter enable false to disable the ssh service: (config service ssh)> enable false (config service ssh)> TX54 User Guide...

  • Page 748: Save Changes And Exit Configuration Mode

    Discards unsaved configuration changes and exits configuration mode. save Saves configuration changes and exits configuration mode. validate Validates configuration changes. Reverts the configuration to default revert settings. See The revert command more information. show Displays configuration settings. TX54 User Guide...

  • Page 749: Display Command Line Help In Configuration Mode

    2. You can then display help for the additional configuration commands. For example, to display help for the config service command, use one of the following methods: At the config prompt, enter service ?: (config)> service ? TX54 User Guide...
  • Page 750 Enter service to move to the service node: (config)> service (config service)> b. Enter ssh to move to the ssh node: (config service)> ssh (config service ssh)> c. Enter ? to display help for the ssh node: (config service ssh)> ? TX54 User Guide...
  • Page 751 (config service ssh)> Either of these methods will display the following information: (config)> service ssh enable ? Enable: Enable the service. Format: true, false, yes, no, 1, 0 Default value: true Current value: true (config)> service ssh enable TX54 User Guide...

  • Page 752: Move Within The Configuration Schema

    While in configuration mode, you can use the add, del, and move action commands to manage elements in a list. When working with lists, these actions require an index number to identify the list item that will be acted on. TX54 User Guide...
  • Page 753 (config)> add auth user new-user group end admin (config)> 3. Use the show command again to verify that the admin group has been added to the user's configuration: (config)> show auth user new-user group 0 admin (config)> TX54 User Guide...
  • Page 754 2. To configure the device to use TACACS+ authentication first to authenticate a user, use the move index_number_1 index_number_2 command: (config)> move auth method 1 0 (config)> 3. Use the show command again to verify the change: (config)> show auth method 0 tacacs+ 1 local 2 radius (config)> TX54 User Guide...

  • Page 755: The Revert Command

    Configuration mode The revert command The revert command is used to revert changes to the TX54 device's configuration and restore default configuration settings. The behavior of the revert command varies depending on where in the configuration hierarchy the command is executed, and whether the optional path parameter is used.

  • Page 756: Enter Strings In Configuration Commands

    For string parameters, if the string value contains a space, the value must be enclosed in quotation marks. For example, to assign a descriptive name for the device using the system command, enter: (config)> system description "Digi TX54" TX54 User Guide...

  • Page 757: Example: Create A New User By Using The Command Line

    Configuration mode Example: Create a new user by using the command line In this example, you will use the TX54 command line to create a new user, provide a password for the user, and assign the user to authentication groups.

  • Page 758: Example: Configure Multiple Wans And Lans By Using The Command Line

    Example: Configure multiple WANs and LANs by using the command line The default configuration of the TX54 consists of one WAN (WAN1), one or two Wireless WANs (WWAN for single-cellular models, WWAN1 and WWAN2 for dual-cellular models), and one LAN (LAN1). The...
  • Page 759 In this task, we will create a new bridge and configure the LAN1 and LAN2 bridges to use the following devices: LAN1 bridge: ETH2 WWAN cellular modem for single-Wi-Fi models, or WWAN2 cellular modem for dual-Wi-Fi models. LAN2 bridge: ETH3 Digi AP (Wi-Fi2) (applicable to dual-WiFi models only ) TX54 User Guide...
  • Page 760 Commands and output will vary slightly if your TX54 device is a single-WiFi model. 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu.
  • Page 761 4. Remove devices from the LAN1 bridge that will be used by other interfaces in this configuration. a. If your device is a dual-WiFi model, remove the Digi AP (Wi-Fi2) access point (/network/wireless/ap/digi_ap2) from the bridge, using its index number, 4, as determined above with the show command: (config)>...
  • Page 762 (config network bridge LAN2)> add device end /network/device/eth3 (config network bridge LAN2)> c. If your device is a dual-WiFi model, add the Digi AP (Wi-Fi2) access point to the bridge: (config network bridge LAN2)> add device end /network/wireless/ap/digi_ (config network bridge LAN2)>...
  • Page 763 Commands and output will vary slightly if your TX54 device is a single-WiFi model. 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu.
  • Page 764 Set the SSID for the Digi AP (Wi-Fi1) access point: (config)> network wifi ap digi_ap1 ssid Example1 (config)> d. Set the password for the Digi AP (Wi-Fi1) access point: (config)> network wifi ap digi_ap1 encryption key_psk2 password1 (config)> e. Enable the Digi AP (Wi-Fi2) access point: (config)>...
  • Page 765 Command line interface Configuration mode 1. Log into the TX54 command line as a user with full Admin access rights. Depending on your device configuration, you may be presented with an Access selection menu. Type admin to access the Admin CLI.
  • Page 766 (config network interface WAN2)> 8. Configure the IPv4 WAN priority. Because the TX54 device now has two WANs, we need to determine which WAN will be the default route when both WANs are active. In this example configuration, WAN1 should be the primary WAN, and WAN2 only used when WAN1 is down.
  • Page 767 WAN/ETH1 Ethernet port. 2. Verify that WAN1 and LAN1 are operating correctly: a. Connect a device to LAN1 through the ETH2 Ethernet port, or by connecting to the Digi AP (Wi-Fi) (single-WiFi models) or Digi AP (Wi-Fi1) (dual-WiFi models) access point.
  • Page 768 Connect an Ethernet cable from an alternate internet-connected modem to WAN2 through the ETH4 Ethernet port. b. Verify that when both WANs are connected to the internet, devices connected to the TX54 have internet access through WAN1. c. Verify that failover functions correctly between WAN1 and WAN2: i.

  • Page 769: Command Line Reference

    Command line interface Command line reference Command line reference analyzer help mkdir modem more ping reboot show system traceroute update TX54 User Guide...

  • Page 770: Analyzer

    Start a capture session of packets on this devices interfaces. Parameters name Name of the capture filter to use. Ref: /network/analyzer Type: string analyzer stop name STRING Stops the traffic capture session. Parameters name Name of the capture filter to use. Ref: /network/analyzer TX54 User Guide...
  • Page 771 Command line interface Command line reference Type: string TX54 User Guide...
  • Page 772 Do not ask to overwrite the destination file if it exists. Syntax: {True|False} Type: boolean source The source file or directory to copy. Type: string destination The destination path to copy the source file or directory to. Type: string TX54 User Guide...

  • Page 773: Help

    Command line interface Command line reference help Show CLI editing and navigation commands. Parameters None TX54 User Guide...
  • Page 774 Command line interface Command line reference ls [show-hidden] PATH List a directory. Parameters show-hidden Show hidden files and directories. Hidden filenames begin with '.'. Syntax: {True|False} Type: boolean References List files and directories under this path. Type: string TX54 User Guide...

  • Page 775: Mkdir

    Command line interface Command line reference mkdir mkdir PATH Create a directory. Parent directories are created as needed. Parameters References The directory path to create. Type: string TX54 User Guide...

  • Page 776: Modem

    The configured name of the modem to execute this CLI command on. Optional: True Ref: /network/modem Type: string modem pin PIN commands. pin change [imei STRING] [name STRING] OLD-PIN NEW-PIN Change the SIM's PIN code. Warning: Attempting to use an incorrect PIN code may PUK lock the SIM. TX54 User Guide...
  • Page 777 Enable the PIN lock on the SIM card that is active in the modem. The SIM card will need to be unlocked before each use. Warning: Attempting to use an incorrect PIN code may PUK lock the SIM. TX54 User Guide...
  • Page 778 SIM card automatically before use. Warning: Attempting to use an incorrect PIN code may PUK lock the SIM. Parameters imei The IMEI of the modem to execute this CLI command on. Optional: True Type: string TX54 User Guide...
  • Page 779 Unlock the SIM with a PUK code from the SIM provider. Parameters imei The IMEI of the modem to execute this CLI command on. Optional: True Type: string name The configured name of the modem to execute this CLI command on. Optional: True Ref: /network/modem Type: string TX54 User Guide...
  • Page 780 The IMEI of the modem to execute this CLI command on. Optional: True Type: string name The configured name of the modem to execute this CLI command on. Optional: True Ref: /network/modem Type: string slot The SIM slot to change to. Syntax: (1|2|show) Type: string TX54 User Guide...

  • Page 781: More

    Command line interface Command line reference more more PATH View a file. Parameters References The file to view. Type: string TX54 User Guide...
  • Page 782 Do not ask to overwrite the destination file if it exists. Syntax: {True|False} Type: boolean source The source file or directory to move. Type: string destination The destination path to move the source file or directory to. Type: string TX54 User Guide...

  • Page 783: Ping

    The number of bytes sent in the ICMP ping request. Default: 56 Minimum: 0 Syntax: {Integer} Type: integer host The name or address of the remote host to send ICMP ping requests to. Syntax: {hostname|IPv4_address|IPv6_address} Type: string TX54 User Guide...

  • Page 784: Reboot

    Command line interface Command line reference reboot Reboot the system. Parameters None TX54 User Guide...
  • Page 785 Command line interface Command line reference Remove a file or directory. rm [force] PATH Parameters force Force the file to be removed without asking. Syntax: {True|False} Type: boolean References The path to remove. Type: string TX54 User Guide...

  • Page 786: Scp

    Copy the file from the local device to the remote host, or from the remote host to the local device. Syntax: (remote|local) Type: string user The username to use when connecting to the remote host. Type: string TX54 User Guide...

  • Page 787: Show

    Display IPv6 routes. If no IP version is specififed IPv4 IPV6 will be displayed Syntax: {True|False} Type: boolean verbose Display more information (less concise, more detail). Syntax: {True|False} Type: boolean show cloud Show drm status statistics. Parameters None show config Show changes made to default configuration. Parameters None TX54 User Guide...
  • Page 788 [ip STRING] [name STRING] Show hotspot statistics. Parameters IP address of a specific client, to limit the status display to only this client. Optional: True Syntax: IPv4_address Type: string name The configured instance name of the hotspot. TX54 User Guide...
  • Page 789 (this can be very time consuming). If you require more messages of the filtered type, increase the number of messages retrieved using 'number'. Optional: True Syntax: (critical|warning|debug|info) Type: string number Number of lines to retrieve from log. Default: 20 Minimum: 1 Syntax: {Integer} Type: integer TX54 User Guide...
  • Page 790 [all|verbose] [interface STRING] Show network interface status and statistics. Parameters Display all interfaces including disabled interfaces. Syntax: {True|False} Type: boolean interface Display more details and config data for a specific network interface. Optional: True Ref: /network/interface Type: string TX54 User Guide...
  • Page 791 Show OpenVPN server status and statistics. Parameters Display all servers including disabled servers. Syntax: {True|False} Type: boolean name Display more details and config data for a specific OpenVPN server. Optional: True Ref: /vpn/openvpn/server Type: string show route [ipv4|ipv6|verbose] Show IP routing information. TX54 User Guide...
  • Page 792 Ref: /serial Type: string show system [verbose] Show system status and statistics. Parameters verbose Display more information (disk usage, etc) Syntax: {True|False} Type: boolean show usb Show USB information. Parameters None show version [verbose] Show firmware version. TX54 User Guide...
  • Page 793 Display details for Wi-Fi client mode connections. Parameters Display all Wi-Fi clients including disabled Wi-Fi client mode connections. Syntax: {True|False} Type: boolean name Display more details for a specific Wi-Fi client mode connection. Optional: True Ref: /network/wifi/client TX54 User Guide...
  • Page 794 Command line interface Command line reference Type: string TX54 User Guide...

  • Page 795: System

    Erase the device to restore to factory defaults. All configuration and automatically generated keys will be erased. Parameters system restore [passphrase STRING] PATH Restore the device's configuration from a backup archive or CLI commands file. TX54 User Guide...
  • Page 796 References The path to the backup file. Type: string system support-report PATH Save a support report to a file and include with support requests. Parameters References The file path to save the support report to. Type: string TX54 User Guide...

  • Page 797: Traceroute

    Tells traceroute to add an IP source routing option to the outgoing packet that tells the network to route the packet through the specified gateway Optional: True Syntax: {IPv4_address|IPv6_address} Type: string icmp Use ICMP ECHO for probes. Syntax: {True|False} Type: boolean TX54 User Guide...
  • Page 798 Total size of the probing packet. Default 60 bytes for IPv4 and 80 for Ipv6. A value of -1 specifies that the default value will be used. Default: -1 Minimum: -1 Syntax: {Integer} Type: integer pausemsecs Minimal time interval between probes Default: 0 Minimum: 0 Syntax: {Integer} Type: integer TX54 User Guide...
  • Page 799 Type: boolean waittime Determines how long to wait for a response to a probe. Default: 5 Minimum: 1 Syntax: {Integer} Type: integer host The host that we wish to trace the route packets for. Syntax: {hostname|IPv4_address|IPv6_address} Type: string TX54 User Guide...

  • Page 800: Update

    Command line interface Command line reference update Update firmware. update firmware file STRING Update device firmware Parameters file Firmware filename and path. Type: string TX54 User Guide...

Table of Contents