Related Manuals for Moxa Technologies ToughNet
Summary of Contents for Moxa Technologies ToughNet
- Page 1 ToughNet NAT Router User’s Manual Edition 1.0, September 2015 www.moxa.com/product © 2015 Moxa Inc. All rights reserved. Reproduction without permission is prohibited.
- Page 2 ToughNet NAT Router User’s Manual The software described in this manual is furnished under a license agreement and may be used only in accordance with the terms of that agreement. Copyright Notice Copyright ©2015 Moxa Inc. All rights reserved. Reproduction without permission is prohibited.
-
Page 3: Table Of Contents
RS-232 Console Configuration (115200, None, 8, 1, VT100) ..............2-2 Using Telnet to Access the ToughNet NAT Router’s Console ..............2-3 Using a Web Browser to Configure the ToughNet NAT Router ..............2-4 TN-5916 Series Features and Functions .................... 3-1 System .............................. - Page 4 Network Address Translation ......................6-1 Network Address Translation (NAT) ....................... 6-2 NAT Concept ..........................6-2 1-to-1 NAT ..........................6-2 N-to-1 NAT ..........................6-3 Port Forward ..........................6-4 Diagnosis ............................7-1 Ping ..............................7-2 LLDP ..............................7-2 MIB Groups ............................A-1...
-
Page 5: Introduction
Introduction Welcome to the Moxa TN-5916 ToughNet NAT Router series. The ToughNet NAT Router is designed for connecting Ethernet-enabled devices with network IP security. The following topics are covered in this chapter: Overview Package Checklist Features Industrial Networking Capability ... -
Page 6: Overview
-40 to 75°C environments. Package Checklist The ToughNet NAT Routers are shipped with the following items. If any of these items are missing or damaged, please contact your customer service representative for assistance. -
Page 7: Getting Started
(1) serial console, (2) Telnet console, and (3) web browser. The serial console connection method, which requires using a short serial cable to connect the ToughNet NAT Router to a PC’s COM port, can be used if you do not know the ToughNet NAT Router’s IP address. The Telnet console and web browser connection methods can be used to access the ToughNet NAT Router over an Ethernet LAN, or over the Internet. -
Page 8: Rs-232 Console Configuration (115200, None, 8, 1, Vt100)
Before running PComm Terminal Emulator, use an RJ45 to DB9-F (or RJ45 to DB25-F) cable to connect the ToughNet NAT Router’s RS-232 console port to your PC’s COM port (generally COM1 or COM2, depending on how your system is set up). -
Page 9: Using Telnet To Access The Toughnet Nat Router's Console
(by either Telnet or a web browser) from a PC host that is connected to the same LAN as the ToughNet NAT Router, you need to make sure that the PC host and the ToughNet NAT Router are on the same logical subnet. -
Page 10: Using A Web Browser To Configure The Toughnet Nat Router
To use the ToughNet NAT Router’s management and monitoring functions from a PC host connected to the same LAN as the ToughNet NAT Router, you must make sure that the PC host and the ToughNet NAT Router are connected to the same logical subnet. - Page 11 ToughNet NAT Router User's Manual Getting Started 2. The web login page will open. Select the login account (Admin or User) and enter the Password (the same as the Console password), and then click Login to continue. Leave the Password field blank if a password has not been set.
-
Page 12: Tn-5916 Series Features And Functions
Telnet console, and (3) web browser. The web browser is the most user-friendly way to configure the ToughNet NAT Router, since you can both monitor the ToughNet NAT Router and use administration functions from the web browser. An RS-232 or Telnet console connection only provides basic functions. -
Page 13: System
ToughNet NAT Router User's Manual TN-5916 Series Features and Functions System The System section includes the most common settings required by administrators to maintain and control a Moxa switch. System Information Defining System Information items to make different switches easier to identify that are connected to your network. -
Page 14: User Account
TN-5916 Series Features and Functions User Account The Moxa ToughNet NAT Router supports the management of accounts, including establishing, activating, modifying, disabling and removing accounts. There are two levels of configuration access, admin and user. The account belongs to admin privilege has read/write access of all configuration parameters, while the account belongs to user authority has read access to view the configuration only. -
Page 15: Date And Time
NOTE The Moxa ToughNet NAT Router does not have a real time clock. The user must update the Current Time and Current Date to set the initial time for the Moxa switch after each reboot, especially when there is no NTP... - Page 16 ToughNet NAT Router User's Manual TN-5916 Series Features and Functions System Up Time Indicates how long the Moxa ToughNet NAT Router remained up since the last cold start. Current Time Setting Description Factory Default User-specified time Indicates time in yyyy-mm-dd format.
-
Page 17: Warning Notification
Since industrial Ethernet devices are often located at the endpoints of a system, these devices will not always know what is happening elsewhere on the network. This means that an ToughNet NAT Router that connects to these devices must provide system maintainers with real-time alarm messages. Even when control engineers are out of the control room for an extended period of time, they can still be informed of the status of devices almost instantaneously when exceptions occur. - Page 18 There are four response actions available on the EDS E series when events are triggered. Action Description Trap The ToughNet NAT Router will send notification to the trap server when event is triggered E-Mail The ToughNet NAT Router will send notification to the email server defined in the Email Setting...
- Page 19 ToughNet NAT Router User's Manual TN-5916 Series Features and Functions Email Settings Mail Server IP/Name Setting Description Factory Default IP address The IP Address of your email server. None Account Name Setting Description Factory Default Max. 45 of charters Your email account.
- Page 20 Enter the UDP port of Syslog server 1/2/3. (1 to 65535) NOTE The following events will be recorded into the Moxa ToughNet NAT Router’s Event Log table, and will then be sent to the specified Syslog Server: • Cold start •...
-
Page 21: System File Update-By Remote Tftp
The ToughNet NAT Router supports saving your configuration file to a remote TFTP server or local host to allow other ToughNet NAT Routers to use the same configuration at a later time, or saving the Log file for future reference. Loading pre-saved firmware or a configuration file from the TFTP server or local host is also supported to make it easier to upgrade or configure the ToughNet NAT Router. -
Page 22: Restart
Export button and then save as a file. Upgrade Firmware To import a firmware file that is exported from firmware V1.1 or previous versions into the ToughNet NAT Router, click Browse to select a firmware file already saved on your computer. The upgrade procedure will proceed automatically after clicking Import. -
Page 23: Port
ToughNet NAT Router User's Manual TN-5916 Series Features and Functions Port Port Settings Port settings are included to give the user control over port access, port transmission speed, flow control, and port type (MDI or MDIX). Enable Setting Description Factory Default Checked Allows data transmission through the port. -
Page 24: Link Aggregation
Port trunking can be used to combine up to 8 ports between two Moxa switches or ToughNet NAT Routers. If all ports on both switches are configured as 100BaseTX and they are operating in full duplex, the potential bandwidth of the connection will be 1600 Mbps. - Page 25 ToughNet NAT Router User's Manual TN-5916 Series Features and Functions Port Trunking The Port Trunking Settings page is where ports are assigned to a trunk group. Step 1: Select the desired Trunk Group Step 2: Select the desired Member Ports or Available Ports...
-
Page 26: Port Mirror
Using Virtual LAN Setting up Virtual LANs (VLANs) on your Moxa ToughNet NAT Router increases the efficiency of your network by dividing the LAN into logical segments, as opposed to physical segments. In general, VLANs are easier to manage. -
Page 27: Configuring Virtual Lan
VLAN can be set up to contain only those devices that need to communicate with each other. Managing a VLAN A new or initialized Moxa ToughNet NAT Router contains a single VLAN—the Default VLAN. This VLAN has the following definition: •... - Page 28 ToughNet NAT Router User's Manual TN-5916 Series Features and Functions 802.1Q VLAN Settings Management VLAN ID Setting Description Factory Default VLAN ID from 1-4094 Assigns the VLAN ID of this Moxa switch. Port Type Setting Description Factory Default Access Port type is used to connect single devices without tags.
-
Page 29: Multicast
TN-5916 Series Features and Functions Multicast Multicast filtering improves the performance of networks that carry multicast traffic. This section explains multicasts, multicast filtering, and how multicast filtering can be implemented on your Moxa ToughNet NAT Router. The Concept of Multicast Filtering What is an IP Multicast? A multicast is a packet sent by one host to multiple hosts. - Page 30 IGMP routers (or queriers). Query mode allows users to enable IGMP snooping by VLAN ID. Moxa ToughNet NAT Router support IGMP snooping version 1 and version 2. Version 2 is compatible with version 1.The default setting is IGMP V1/V2. "...
-
Page 31: Igmp Snooping
Querier election Static Multicast MAC Some devices may only support multicast packets, but not support either IGMP Snooping. The Moxa ToughNet NAT Router supports adding multicast groups manually to enable multicast filtering. Enabling Multicast Filtering Use the USB console or web interface to enable or disable IGMP Snooping and IGMP querying. If IGMP Snooping is not enabled, then IP multicast traffic is always forwarded, flooding the network. -
Page 32: Igmp Table
If all switches on the network are Moxa layer 2 switches, then only one layer 2 switch will act as Querier. IGMP Table The Moxa ToughNet NAT Router displays the current active IGMP groups that were detected. View IGMP group setting per VLAN ID on this page. -
Page 33: Stream Table
ToughNet NAT Router User's Manual TN-5916 Series Features and Functions Stream Table This page displays the multicast stream forwarding status. It allows you to view the status per VLAN ID. Stream Group: Multicast group IP address Stream Source: Multicast source IP address... -
Page 34: Qos
Description Factory Default Weight Fair The Moxa ToughNet NAT Router has 4 priority queues. In the Weight Fair weight fair scheme, an 8, 4, 2, 1 weighting is applied to the four priorities. This approach prevents the lower priority frames from being starved of opportunity for transmission with only a slight delay to the higher priority frames. -
Page 35: Cos Mapping
ToughNet NAT Router User's Manual TN-5916 Series Features and Functions NOTE The priority of an ingress frame is determined in the following order: 1. Inspect CoS 2. Inspect ToS 3. Port Priority NOTE The designer can enable these classifications individually or in combination. For instance, if a “hot” higher priority port is required for a network design, Inspect TOS and Inspect CoS can be disabled. -
Page 36: Mac Address Table
MAC Address Table The MAC address table shows the MAC address list pass through Moxa ToughNet NAT Router. The length of time(Ageing time: 15 to 3825 seconds) is the parameter defines the length of time that a MAC address entry can remain in the Moxa router. -
Page 37: Interface
ToughNet NAT Router User's Manual TN-5916 Series Features and Functions Interface VLAN ID Moxa ToughNet NAT Router’s WAN interface is configured by VLAN group. The ports with the same VLAN can be configured as one WAN interface. Address Information IP Address... -
Page 38: Network Service
DHCP Server The ToughNet NAT Router provides a DHCP (Dynamic Host Configuration Protocol) server function for LAN interfaces. When configured, the ToughNet NAT Router will automatically assign an IP address to a Ethernet device from a defined IP range. Dynamic IP Assignment... - Page 39 2. The Pool First/Last IP Address must be in the same Subnet on the LAN. Static DHCP Use the Static DHCP list to ensure that devices connected to the ToughNet NAT Router always use the same IP address. The static DHCP list matches IP addresses to MAC addresses.
- Page 40 ToughNet NAT Router User's Manual TN-5916 Series Features and Functions MAC Address Setting Description Factory Default MAC Address The MAC address of the selected device None Static IP Setting Description Factory Default IP Address The IP address of the selected device...
-
Page 41: Snmp Settings
Use the Client List to view the current DHCP clients. SNMP Settings The ToughNet NAT Router supports SNMP V1/V2c/V3. SNMP V1 and SNMP V2c use a community string match for authentication, which means that SNMP servers access all objects with read-only permissions using the community string public (default value). - Page 42 ToughNet NAT Router User's Manual TN-5916 Series Features and Functions Protocol UI Setting Authentication Type Data Encryption Method Version SNMP V1, V2c V1, V2c Read Community string Uses a community string Community match for authentication SNMP V3 MD5 or SHA...
-
Page 43: Security
ToughNet NAT Router User's Manual TN-5916 Series Features and Functions Data Encryption Enable/Disable Setting Description Factory Default Enable/Disable Enable of disable the data encryption Disable Data Encryption Key Setting Description Factory Default Max. 30 Characters 8-character data encryption key is the minimum requirement... -
Page 44: Trusted Access
You may add or remove IP addresses to limit access to the Moxa ToughNet NAT Router. When the accessible IP list is enabled, only addresses on the list will be allowed access to the Moxa ToughNet NAT Router. Each IP... -
Page 45: Monitor
Click one of the three options—Total Packets, TX Packets, or RX Packets—to view transmission activity of specific types of packets. Recall that TX Packets are packets sent out from the Moxa ToughNet NAT Router, and RX Packets are packets received from connected devices. The Total Packets option displays a graph that combines TX and RX Packets activity. -
Page 46: Port Statistics
Access the Monitor by selecting Monitor from the left selection bar. Monitor by System allows the user to view a graph that shows the combined data transmission activity of all of the Moxa ToughNet NAT Router’s ports. Click one of the four options—Total Packets, TX Packets, RX Packets, or Error Packets—to view transmission activity of specific types of packets. -
Page 47: Routing
Routing The following topics are covered in this chapter: Unicast Routing Static Routing RIP (Routing Information Protocol) Routing Table... -
Page 48: Unicast Routing
Static Route You can define the routes yourself by specifying what is the next hop (or router) that the ToughNet NAT Router forwards data for a specific subnet. The settings of the Static Route will be added to the routing table and stored in the ToughNet NAT Router. -
Page 49: Rip (Routing Information Protocol)
For modifying the content of a selected entry in the Static Routing Table. NOTE The entries in the Static Routing Table will not be added to the ToughNet NAT Router’s routing table until you click the Activate button. RIP (Routing Information Protocol) RIP is a distance-vector routing protocol that employs the hop count as a routing metric. -
Page 50: Routing Table
ToughNet NAT Router User's Manual Routing RIP Enable Interface Setting Description Factory Default Check the checkbox to enable RIP in the WAN interface. Unchecked Check the checkbox to enable RIP in the LAN interface. Routing Table The Routing Table page shows all routing entries. -
Page 51: Network Redundancy
Network Redundancy The following topics are covered in this chapter: Layer 2 Redundant Protocols Configuring RSTP Configuring Turbo Ring V2 Layer 3 Redundant Protocols VRRP Settings... -
Page 52: Layer 2 Redundant Protocols
ToughNet NAT Router User's Manual Network Redundancy Layer 2 Redundant Protocols Configuring RSTP The following figures indicate which Rapid Spanning Tree Protocol parameters can be configured. A more detailed explanation of each parameter follows. At the top of this page, the user can check the Current Status of this function. For RSTP, you will see: Now Active: It shows which communication protocol is being used—Turbo Ring, RSTP, or neither. - Page 53 ToughNet NAT Router User's Manual Network Redundancy Forwarding Delay (sec.) Setting Description Factory Default Numerical value input The amount of time this device waits before checking to see if it by user should change to a different state. Hello time (sec.)
-
Page 54: Configuring Turbo Ring V2
ToughNet NAT Router User's Manual Network Redundancy Configuring Turbo Ring V2 Explanation of “Current Status” Items Now Active It shows which communication protocol is in use: Turbo Ring V2, RSTP, or none. Ring 1—Status It shows Healthy if the ring is operating normally, and shows Break if the ring’s backup link is active. -
Page 55: Layer 3 Redundant Protocols
ToughNet NAT Router User's Manual Network Redundancy Set as Master Setting Description Factory Default Enabled Select this device as Master Not checked Disabled Do not select this device as Master Redundant Ports Setting Description Factory Default 1st Port Select any port of the device to be one of the redundant ports. See the following... - Page 56 ToughNet NAT Router User's Manual Network Redundancy VRRP Interface Setting Entry Setting Description Factory Default Enable Enables VRRP entry Disabled Virtual IP L3 switches / routers in the same VRRP group must be set to 0.0.0.0 the same virtual IP address as the VRRP ID. This virtual IP address must belong to the same address range as the real IP address of the interface.
-
Page 57: Network Address Translation
Network Address Translation The following topics are covered in this chapter: Network Address Translation (NAT) NAT Concept 1-to-1 NAT Bidirectional 1-to-1 NAT N-to-1 NAT Port Forward... -
Page 58: Network Address Translation (Nat)
The NAT function will check if incoming or outgoing packets match the policy. It starts by checking the packet with the first policy (Index=1); if the packet matches this policy, the ToughNet NAT Router will translate the address immediately and then start checking the next packet. If the packet does not match this policy, it will check with the next policy. -
Page 59: N-To-1 Nat
NOTE The ToughNet NAT Router can obtain an IP address via DHCP or PPPoE. However, if this dynamic IP address is the same as the WAN IP for 1-to-1 NAT, then the 1-to-1 NAT function will not work. For this reason, we recommend disabling the DHCP/PPPoE function when using the 1-to-1 NAT function. -
Page 60: Port Forward
IP address of an IP camera on the internal network is 192.168.127.10 with port 80, the user can set up a port forwarding policy to let remote users connect to the internal IP camera from external IP address 10.10.10.10 through port 8080. The ToughNet NAT Router will transfer the packet to IP address 192.168.127.10 through port 80. - Page 61 ToughNet NAT Router User's Manual Network Address Translation The Port Forwarding NAT function is one way of connecting from an external insecure area (WAN) to an internal secure area (LAN). The user can initiate the connection from the external network to the internal network, but will not able to initiate a connection from the internal network to the external network.
-
Page 62: Diagnosis
Diagnosis The ToughNet NAT Router provides Ping tools and LLDP for administrators to diagnose network systems. The following topics are covered in this chapter: Ping LLDP... -
Page 63: Ping
The function’s most unique feature is that even though the ping command is entered from the user’s PC keyboard, the actual ping command originates from the ToughNet NAT Router itself. In this way, the user can essentially control the ToughNet NAT Router and send ping commands out through its ports. Just type in the desired IP address and click Ping, the router will send out the ping command to test the integrity of the network. - Page 64 ToughNet NAT Router User's Manual Diagnosis LLDT Table Port: The port number that connects to the neighbor device. Neighbor ID: A unique entity that identifies a neighbor device; this is typically the MAC address. Neighbor Port: The port number of the neighbor device.
-
Page 65: Mib Groups
4. Authentication Failure Private Traps: 1. Configuration Changed 2. Power On 3. Power Off The ToughNet NAT Router also provides a MIB file, located in the file “Moxa-TN5916-MIB.my” on the ToughNet NAT Router Series utility CD-ROM for SNMP trap message interpretation.
Need help?
Do you have a question about the ToughNet and is the answer not in the manual?
Questions and answers