Teltonika RUT360 Manual
  1. Manuals
  2. Brands
  3. Teltonika Manuals
  4. Network Router
  5. RUT360
  6. Manual

Teltonika RUT360 Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
USER MANUAL
RUT900 3G Router
1

Advertisement

Table of Contents
loading

Related Manuals for Teltonika RUT360

Summary of Contents for Teltonika RUT360

  • Page 1 USER MANUAL RUT900 3G Router...

  • Page 2: Legal Notice

    Copyright © 2015 TELTONIKA Ltd. All rights reserved. Reproduction, transfer, distribution or storage of part or all of the contents in this document in any form without the prior written permission of TELTONIKA Ltd is prohibited. The manufacturer reserves the right to modify the product and manual for the purpose of technical improvement without prior notice.

  • Page 3: Table Of Contents

    Table of Contents Legal notice ................................2 Attention.................................. 2 SAFETY INFORMATION ............................8 Device connection ............................... 9 Introduction ..............................10 Specifications ............................... 10 Ethernet ..............................10 WiFi ................................10 Hardware ..............................10 Electrical, Mechanical & Environmental ....................10 Applications ............................. 11 Setting up your router ..........................
  • Page 4 6.7.3 Realtime Traffic ..........................35 6.7.4 Realtime Wireless ..........................36 6.7.5 Realtime Connections ........................37 Mobile Traffic ............................38 Speed Test ..............................38 6.10 Events Log ............................39 6.10.1 All Events ............................39 6.10.2 System Events ..........................41 6.10.3 Network Events ..........................42 6.10.4 Events Reporting ..........................
  • Page 5 7.6.7 Port Scan Prevention ........................80 Routing ..............................80 7.7.1 Static Routes ............................ 80 7.7.2 Dynamic Routes ..........................81 Load Balancing ............................85 Remote monitoring and administration ...................... 85 Services ................................ 87 VRRP ................................. 87 8.1.1 VRRP LAN Configuration Settings ....................87 8.1.2 Check Internet connection .......................
  • Page 6 8.9.2 Email to SMS ..........................119 8.9.3 Scheduled Messages ........................119 8.9.4 Auto Reply Configuration ....................... 120 8.9.5 SMS Forwarding ..........................121 8.9.6 SMPP .............................. 123 8.10 Hotspot .............................. 124 8.10.1 General settings ..........................124 8.10.2 Internet Access Restriction Settings ....................126 8.10.3 Logging............................
  • Page 7 User scripts ............................149 Restore point ............................150 9.5.1 Restore point create ........................150 9.5.2 Restore point load.......................... 150 Firmware ..............................151 9.6.1 Firmware ............................151 9.6.2 FOTA ............................... 152 Reboot ..............................152 Device Recovery ............................152 10.1 Reset button ............................153 10.2 Bootloader’s WebUI ...........................

  • Page 8: Safety Information

    SAFETY INFORMATION In this document you will be introduced on how to use a RUT900 router safely. We suggest you to adhere to the following recommendations in order to avoid personal injuries and or property damage. You have to be familiar with the safety requirements before using the device! To avoid burning and voltage caused traumas, of the personnel working with the device, please follow these safety requirements.

  • Page 9: Device Connection

    Device connection...

  • Page 10: Introduction

    1 Introduction Thank you for purchasing a RUT900 3G router! RUT900 is part of the RUT9xx series of compact mobile routers with high speed wireless and Ethernet connections. This router is ideal for people who‘d like to share their internet on the go, as it is not restricted by a cumbersome cable connection.

  • Page 11: Applications

    2.5 Applications...

  • Page 12: Setting Up Your Router

    3 Setting up your router 3.1 Installation After you unpack the box, follow the steps, documented below, in order to properly connect the device. For better WiFi performance, put the device in clearly visible spot, as obstacles such as walls and door hinder the signal. 1.

  • Page 13: Hardware Installation

    3.1.3 Hardware installation 1. Remove back panel and insert SIM card which was given by your ISP (Internet Service Provider). Correct SIM card orientation is shown in the picture. SIM 1 (primary) SIM 2 (secondary) 2. Attach 3G main and WiFi antennas. 3.
  • Page 14 4. Then right click on your wireless device that you use to Click “View network connections” connect to other access points (It is the one with the name “Wireless Network Connection” and has signal bars on its icon). 5. Select Internet Protocol Version 4 (TCP/IPv4) and then click 6.
  • Page 15 Right click on the Wireless network icon and select Connect / Disconnect. A list should pop up with all available wireless networks. Select “Teltonika” and click connect. Then we launch our favorite browser and enter the routers IP into the address field: Press enter.

  • Page 16: Operation Modes

    4 Operation Modes The RUT9xx series router supports various operation modes. It can be connected to the internet (WAN) via mobile, standard Ethernet cable or via a wireless network. When connecting to the internet, you may also backup your main WAN connection with one or two backup connections. Any interface can act like backup if configured so. At first router uses its main WAN connection, if it is lost then router tries to connect via backup with higher priority and if that fails too, router tries the second backup option.

  • Page 17: Powering The Device From Higher Voltage

    Though the device can be powered over Ethernet port it is not compliant with IEEE 802.3af-2003 standard. Powering RUT9xx from IEEE 802.3af-2003 power supply will damage the device as it is not rated for input voltages of PoE standard. 5.1 Powering the device from higher voltage If you decide not to use our standard 9 VDC wall adapters and want to power the device from higher voltage (15 –...

  • Page 18: Status

    6 Status The status section contains various information, like current IP addresses of various network interfaces; the state of the routers memory; firmware version; DHCP leases; associated wireless stations; graphs indicating load, traffic, etc.; and much more. 6.1 Overview Overview section contains various information summaries.

  • Page 19: System Information

    Name of the router (hostname of the routers system). Can be changed in System -> Administration. 2. Host name Teltonika-RUT900.com Indicates how router will be seen by other devices on the network. Can be changed in System -> Administration. 3. Router Model Teltonika RUT900 3G Routers model.

  • Page 20: Network Information

    1. Free 88280 kB / 126556 kB The amount of memory that is completely free. Should this rapidly (69%) decrease or get close to 0, it would indicate that the router is running out of memory, which could cause crashes and unexpected reboots. 2.
  • Page 21 Connection type 3G (HSDPA) Indicates the GSM network's access technology Bytes received 5.2 MB (5500683 How many bytes were received via mobile data connection bytes) Bytes sent 876.9 KB (897895 How many bytes were sent via mobile data connection bytes) 6.3.1.2 WAN Display information about WAN connection.
  • Page 22 LAN information: Field Name Sample Value Explanation 1. Name LAN instance name 2. IP address 192.168.99.218 Address that the router uses on the LAN network. 3. Netmask 255.255.255.0 A mask used to define how large the LAN network is 4. Ethernet MAC 00:1E:42:00:00:00 MAC (Media Access Control) address used for communication in a Ethernet address LAN (Local Area Network)
  • Page 23 6.3.1.4 Wireless Wireless can work in two modes, Access Point (AP) or Station (STA). AP is when the wireless radio is used to create an Access Point that other devices can connect to. STA is when the radio is used to connect to an Access Point via WAN.
  • Page 24 6.3.1.4.2 Access Point Display information about wireless connection (Access Point mode). Wireless AP information Field Name Sample Value Explanation 1. Channel 11 (2.46 GHz) The channel which is used to broadcast the SSID and to establish new connections to devices. 2.
  • Page 25 This can either be the information of the Access Point that the router is connecting to in STA mode or a list of all devices that are connecting to the router in AP mode: Field Name Sample Value Explanation 1. MAC Address FC:C2:DE:91:36:A6 Associated station's MAC (Media Access Control) address 2.
  • Page 26 6.3.1.7 OpenVPN Server Display OpenVPN connection information on server side. Field Name Sample Value Explanation 1. Enabled Yes/No OpenVPN status 2. Status Connected Connection status 2. Type Server A type of OpenVPN instance that has been created 3. IP 10.0.0.1 Remote virtual network's IP address 4.
  • Page 27 6.3.1.9 VRRP VRRP (Virtual Router Redundancy Protocol) for LAN Field Name Sample Value Explanation 1. Status Enabled VRRP status 2. Virtual IP 192.168.1.253 Virtual IP address(- es) for LAN’s VRRP (Virtual Router Redundancy Protocol ) cluster 3. Priority Router with highest priority value on the same VRRP (Virtual Router Redundancy Protocol) cluster will act as a master, range [1 - 255] 4.
  • Page 28 6.3.1.11 Access Display information about local and remote active connections status. Field Name Sample Value Explanation 1. Type SSH; HTTP; HTTPS Type of connection protocol 2. Status Disabled/Enabled Connection status 3. Port 22; 80; 443 Connection port used 4. Active 0(0.00B);0(0.00B);...

  • Page 29: Device Information

    Field Name Sample Value Explanation 1. Type SSH; HTTP; HTTPS Type of connection protocol 2. Date 2016-03-03, 13:40:59 Date and time of connection 3. IP 192.168.2.10 IP address from which the connection was made 4. Authentications Failed/Succeed Status of authentication attempt Status 6.4 Device information The page displays factory information that was written into the device during manufacturing process.

  • Page 30: Services

    Field Name Sample Value Explanation Serial number 77885555 Serial number of the device Product code RUT900001000 Product code of the device Batch number 1000 Batch number used during device’s manufacturing process Hardware revision 0001 Hardware revision of the device IMEI 351579053257484 Identification number of the internal modem IMSI...

  • Page 31: Routes

    6.6 Routes The page displays ARP table and active IP routes of the device. 6.6.1 ARP Show the routers active ARP table. An ARP table contains recently cached MAC addresses of every immediate device that was communicating with the router. Field Name Sample Value Explanation...

  • Page 32: Active Ipv6-Routes

    Field Name Sample Value Explanation 1. Network Interface to be used to transmit TCP/IP packets through 2. Target 192.168.99.0/24 Indicates where a TCP/IP packet, with a specific IP address, should be directed 3. IP Gateway 0.0.0.0 Indicates through which gateway a TCP/IP packet should be directed 4.

  • Page 33: Realtime Load

    Field Name Sample Value Explanation 1. Connection type 3G (WCDMA) Type of mobile connection used 2. Signal -72 dBm Current signal strength value 3. Average -72.0 dBm Average signal strength value 4. Peak -72 dBm Peak signal strength value 6.7.2 Realtime Load This tri-graph illustrates average CPU load values in real time.
  • Page 34 Field Name Sample Value Explanation 1. 1/5/15 Minutes 0.83 Time interval for load averaging, colour of the diagram Load 2. Average 0.86 Average CPU load value over time interval (1/5/15 Minute) 3. Peak 1.50 Peak CPU load value of the time interval...

  • Page 35: Realtime Traffic

    6.7.3 Realtime Traffic This graph illustrates average system inbound and outbound traffic over the course of ~3 minutes; each new measurement is taken every 3 seconds. The graph consists out of two colors coded graphs (green graph shows the outbound traffic, blue graph shows inbound traffic). Although not graphed, the page also displays peak loads and average of inbound and outbound traffic.

  • Page 36: Realtime Wireless

    6.7.4 Realtime Wireless Display the wireless radio signal, signal noise and theoretical maximum channel permeability. Average and peak signal levels are displayed.

  • Page 37: Realtime Connections

    6.7.5 Realtime Connections Displays currently active network connections with the information about network, protocol, source and destination addresses, transfer speed.

  • Page 38: Mobile Traffic

    6.8 Mobile Traffic Displays mobile connection data sent and received in KB of this day, week, Month. By default mobile traffic usage logging is disabled. To use this functionality is needed to enable it. Field Name Sample Value Explanation 1. Enable Enable/Disable Make a functionality active/inactive 2.

  • Page 39: Events Log

    6.10 Events Log Event log displays such actions as: login, reboot, firmware flashing and reset. 6.10.1 All Events Display all router events, their types and time of occurrence.

  • Page 41: System Events

    6.10.2 System Events Display all system events, their type and time of occurrence. Events include authentication or reboot requests, incoming and outgoing SMS and calls, Mails, Configuration changes, DHCP events.

  • Page 42: Network Events

    6.10.3 Network Events Display information about recent network events like connection status change, lease status change, network type or operator change.

  • Page 43: Events Reporting

    6.10.4 Events Reporting Allow to view, enable/disable or modify created rules for events reporting. 6.10.4.1 Events Reporting Configuration Allow to review created rules details and modify them, so after event occurrence, messages or emails are sent to specified address or phone numbers with information about the event. Field Name Sample Value Explanation...

  • Page 44: Reporting Configuration

    1. Enable Enable/Disable Make a rule active/inactive 2. Event type Reboot Select event type about which occurrence information will be sent 3. Event subtype After unexpected shut Specify event subtype to activate the rule down 4. Event subtype All/Loaded Event subtype for which the rule is applied 5.
  • Page 45 FTP: Field Name Sample Value Explanation Enable Enable/Disable Make a rule active/inactive Events log System Events log for which the rule is applied Transfer type Events log file transfer type: Email/FTP Compress file Enable Enable/disable compress events log file using gzip Host 192.168.123.123 FTP (File...
  • Page 46 Field Name Sample Value Explanation Enable Enable/Disable Make a rule active/inactive Events log System Event log for which the rule is applied Transfer type Email Events log file transfer type: Email/FTP Compress file Enable Enable/disable compress events log file using gzip Subject Subject Subject of an email...

  • Page 47: Network

    7 Network 7.1 Mobile 7.1.1 General 7.1.1.1 Mobile configuration Here you can configure mobile settings which are used when connecting to your local 3G network. Field Name Sample value Explanation Mode NAT / Passthrough NAT mode enables network address translation on router. Passthrough mode is similar with bridge mode except that in passthrough mode router do have internet connection.
  • Page 48 Service mode 2G only, 3G only, or Your network preference. If your local mobile network supports 2G automatic. and 3G you can specify to which network you wish to connect. E.g.: if you choose 2G only, the router will connect only to a 2G network. If you select auto, then the router will connect to the network that provides better connectivity.

  • Page 49: Sim Management

    7.1.1.2 Mobile Data On Demand Field name Possible values Explanation 1. Enable Enable/Disable Mobile Data On Demand function enables you to keep mobile data connection on only when it's in use 2. No data 1-99999999 A mobile data connection will be terminated if no data is transferred timeout(sec) during the timeout period 7.1.2 SIM Management...

  • Page 50: Network Operators

    Enable/Disable Perform a SIM card switch when data connection fails fail * Your carrier's data usage accounting may differ. Teltonika is not liable should any accounting discrepancies occur. 7.1.3 Network Operators 7.1.3.1 Network Operators This function lets you Scan, Select and enter manual Network Operator to which router should connect. Function will provide great utility when router is in Roaming conditions.

  • Page 51: Mobile Data Limit

    7.1.3.2 Operator List This function lets to create white list/black list based on operator’s code. Field name Possible values Explanation 1. Enable Enable/Disable Enable/disable operators blocking 2. Mode White list/Black list White list - allows every operator on the list and blocks everything else. Black list –...

  • Page 52: Sim Idle Protection

    Period for which mobile data limiting should apply 4. Start day/ Start hour A starting time for mobile data limiting period * Your carrier's data usage accounting may differ. Teltonika is not liable should any accounting discrepancies occur. 7.1.4.2 SMS Warning Configuration Field Name...

  • Page 53: Wan

    7.1.5.1 Settings Field Name Sample value Explanation 1. Enable Enable/Disable Enables SIM idle protection 2. Period Month / Week Switches between monthly and weekly SIM activation periods 3. Day 1-31 / Monday - Specifies the day for SIM idle protection activation, 1-31 if Period is Sunday Month, and Monday –...

  • Page 54: Common Configuration

    Type Explanation 1. Main WAN Switches between Mobile, Wired and WiFi interface for main WAN 2. Backup Let’s user to select one or two interfaces for WAN backup WAN/Load balancing 3. Interface Name Displays WAN interface name, and changes interface priority, the interface at the table top has the highest priority 4.
  • Page 55 7.2.2.1 General Setup 7.2.2.1.1 Static: This is the configuration setup for when you select the static protocol. Filed name Sample Explanation 1. IPv4 address 192.168.99.162 Your routers address on the WAN network 2. IPv4 netmask 255.255.255.0 A mask used to define how “large” the WAN network is 3.
  • Page 56 7.2.2.1.3 PPPoE This protocol is mainly used by DSL providers: This is the configuration setup for when you select PPPoE protocol. Filed name Sample Explanation 1. PAP/CHAP username test Your username and password that you would use to connect to your carriers network.
  • Page 57 gateway in thinking that it is communicating with your computer. 3. Override MTU 1500 Maximum Transmission Unit – specifies the largest possible size of a data packet. 4. Use gateway metric The WAN configuration by default generates a routing table entry.
  • Page 58 7.2.2.2.3 PPPoE Field name Sample value Explanation 1. Disable NAT Enable/Disable If checked, router will not perform NAT (masquerade) on this interface Use default gateway Enable/Disable If unchecked, no default route is configured 3. Use gateway metric 4. Use DNS servers Enable/Disable If unchecked, the advertised DNS server addresses are ignored advertised by peer...
  • Page 59 You may also optionally define a broadcast address and a custom DNS server. 7.2.2.2.5 Backup WAN configuration Backup WAN is function that allows you to back up your primary connection in case it goes down. There can be two backup connections selected at the same time, in that case, when primary connection fails, router tries to use backup with higher priority and if that is unavailable or fails too, then router tries the backup with lower priority.
  • Page 60 7.2.2.3 How do I set up a backup link? First we must select a main link and choose one or two backup links in WAN section. Then push the “Edit” button and configure your WAN and Backup Wan settings to your liking. Click Save and wait until the settings are applied. Now in the Status ->...

  • Page 61: Lan

    7.3 LAN This page is used to configure the LAN network, where all your devices and computers that you connect to the router will reside. 7.3.1 Configuration 7.3.1.1 General Setup Field name Sample value Explanation 1. IP address 192.168.1.1 Address that the router uses on the LAN network IP netmask 255.255.255.0 A mask used to define how large the LAN network is...

  • Page 62: Dhcp Server

    7.3.2 DHCP Server The DHCP server is the router side service that can automatically configure the TCP/IP settings of any device that requests such a service. If you connect a device that has been configured to obtain IP address automatically the DHCP server will lease an IP address and the device will be able to fully communicate with the router.
  • Page 63 7.3.2.2 Advanced settings You can also define some advanced options that specify how the DHCP server will operate on your LAN network. Field Name Sample Value Explanation 1. Dynamic DHCP Checked/Unchecked Dynamically allocate client addresses, if set to only clients present in the ethers files are served...

  • Page 64: Wireless

    7.3.2.4.2 Advanced Settings You may also optionally define a broadcast address and a custom DNS server. 7.4 Wireless On this page you can configure your wireless settings. Depending on whether your WAN mode is set to WiFi or not, the page will display either the options for configuring an Access Point or options for configuring a connection to some local access point.
  • Page 65 WiFi networks they will see your network with this name. Hide SSID – Will render your SSID hidden from other devices that try to scan the area. Connect to WRP100 automatically – let Teltonika WRP100 wireless repeater connect to this router automatically. 7.4.1.1 Device 7.4.1.1.1 Advanced Settings...
  • Page 66 Field name Sample value Explanation 1. Mode Auto, b, g, g+n Different modes provide different throughput and security options. 2. Country Code Any ISO/IEC 3166 alpha2 Selecting this will help the wireless radio configure its country code internal parameters to meet your countries wireless regulations.

  • Page 67: Vlan

    7.4.1.2.3 Advanced settings Separate clients – prevents WiFi clients from communicating with each other on the same subnet. Increase TTL packet size – increase TTL packet size for incoming packets. 7.4.1.3 Client RUT9xx can work as a WiFi client. Client mode is nearly identical to AP, except for the fact that most for the options are dictated by the wireless access point that the router is connecting to.
  • Page 68 7.5.1.2 VLAN Network List If VLAN mode – Port based: Field Name Sample Value Explanation 1. VLAN ID VLAN Identification number, allowed in range (1-4094) 2. LAN ports Switches each LAN port between ON, OFF or tagged state. 1 / 2 / 3 3.

  • Page 69: Lan Networks

    7.5.2 LAN Networks In this page you can create extra LAN networks, and assign them with LAN Ports and wireless access points. You can get extra information on how to configure any of your LAN’s settings in section – 7.3 LAN Field Name Sample Value Explanation...

  • Page 70: Dmz

    2. Input Reject/Drop/Accept DEFAULT* action that is to be performed for packets that pass through the Input chain. 3. Output Reject/Drop/Accept DEFAULT* action that is to be performed for packets that pass through the Output chain. 4. Forward Reject/Drop/Accept DEFAULT* action that is to be performed for packets that pass through the Forward chain.
  • Page 71 You can use port forwarding to set up servers and services on local LAN machines. The above picture shows how you can set up a rule that would allow a website that is being hosted on 192.168.1.109, to be reached from the outside by entering http://routersExternalIp:12345/.
  • Page 72 Field Name Sample value Explanation Name ENABLE_SSH_WAN_PASSTHROUGH Name of the rule. Used purely to make it easier to manage rules. Protocol TCP/UDP/TCP+ You may specify multiple by selecting (custom) and UDP/ICMP/Custom then entering protocols separated by space Source zone LAN/VPN/WAN Match incoming traffic from this zone only Source MAC address Match incoming traffic from these MACs only...

  • Page 73: Traffic Rules

    7.6.4 Traffic Rules The traffic rule page contains a more generalized rule definition. With it you can block or open ports, alter how traffic is forwarded between LAN and WAN and many more things. Field Name Explanation Name Name of the rule. Used for easier rules management purpose only Protocol Protocol type of incoming or outgoing packet Source...
  • Page 74 Field Name Sample value Explanation Name “Allow-DHCP-Relay” Used to make rule management easier Restrict to address IPv4 and IPV6 Match traffic from selected address family only family Protocol TCP/UDP/Any/ICMP/Custom Protocol of the packet that is being matched against traffic rules. Match ICMP type Match traffic with selected ICMP type only Source zone...
  • Page 75 7.6.4.1 Open Ports On the Router Field Name Sample value Explanation 1. Name Open_Port_rule Used to make rule management easier 2. Protocol TCP/UDP/Any/ICMP/Custom Protocol of the packet that is being matched against traffic rules. 3. External port 1-65535 Match incoming traffic directed at the given destination port or port range on this host.
  • Page 76 2. Protocol TCP/UDP/Any/ICMP/Custom Protocol of the packet that is being matched against traffic rules. 3. Source LAN/VPN/WAN Match incoming traffic from selected address family only 4. Destination LAN/VPN/WAN Forward incoming traffic to selected address family only 5. SNAT Rewrite to source IP 10.101.1.10 SNAT (Source Network Address Translation) rewrite packet\'s source IP address and port 6.

  • Page 77: Custom Rules

    10. SNAT IP address “10.101.1.10” Rewrite matched traffic to the given IP address 11. SNAT port “22” Rewrite matched traffic to the given source port. May be left empty to only rewrite the IP address' 12. Extra arguments Passes additional arguments to iptables. Use with care! 7.6.5 Custom Rules Here you have the ultimate freedom in defining your rules –...
  • Page 78 Field Name Sample value Explanation Enable SYN flood protection Enable/Disable Makes router more resistant to SYN flood attacks. SYN flood rate “25” Set rate limit (packets/second) for SYN packets above which the traffic is considered a flood. SYN flood burst “50”...
  • Page 79 Enable SSH limit Enable/Disable Enable SSH connections limit in selected period Limit period Second/Minute/Hour/Day Select in what period limit SSH connections Limit “10” Maximum SSH connections during the period Limit burst “5” Indicating the maximum burst before the above limit kicks in.

  • Page 80: Port Scan Prevention

    7.6.7 Port Scan Prevention 7.6.7.1 Port Scan Field Name Sample value Explanation Enable Enable/Disable Enable port scan prevention Interval Time interval in seconds counting how much port scan (10 – 60 sec.) Scan count How much port scan before blocked 7.6.7.2 Defending type Field Name Explanation...

  • Page 81: Dynamic Routes

    Field name Value Explanation 1. Routing table MAIN/WAN/WAN2/WAN3 Defines the table to use for the route 2. Interface MAIN/WAN/WAN2/WAN3 The zone where the target network resides 3. Destination address IP address The address of the destination network 4. Netmask IP mask Mask that is applied to the Target to determine to what actual IP addresses the routing rule applies 5.
  • Page 82 Field name Value Explanation 1. Enable Enable/Disable Enable dynamic routes 2. Router ID 192.168.1.1 Router’s ID 7.7.2.2 OSPF Protocol 7.7.2.2.1 OSPF General Instance Field name Value Explanation 1. Enable Enable/Disable Enables OSPF protocol 2. Stub Enable/Disable Enable/Disable stub 3. RFC1583 Enable/Disable Enables OSPF compatibility with RFC1583 specification compatibility...
  • Page 83 Field name Value Explanation 1. Area name OSPF_area OSPF area’s name 2. Enable Yes/No Enable/disable OSPF area To see at specific configuration settings press “edit” button located in newly created OSPF area. A new page with detailed configuration appears, as shown in the picture below. Field name Value Explanation...
  • Page 84 7.7.2.3 General Protocol Field name Value Explanation 1. Enable Enable/Disable Enable/Disable settings 2. Learn Enable/Disable Enables routes learning 3. Persist Enable/Disable If checked it allows to store routes. After a restart, routes will be still configured 4. Scan time Time between scans 5.

  • Page 85: Load Balancing

    You can access RMS by using your browser with supplied username and a password at http://rms.teltonika.lt By sending SMS to the router the user can execute some command, like reboot, switch wifi on or off and many others.
  • Page 86 Apart from services mentioned earlier, there is one service, which is used only for communication between router and Android type device (phones, etc’). It is called json-rpc and allows to set or get various parameters of the system. JSON-RPC can execute the same commands, like user through SSH. To sum up, this approach opens wide possibilities in communication between router and Android.

  • Page 87: Services

    Application Can obtain parameters Can set parameters  MQTT publisher   MODBUS daemon        SNMP   JSON-RPC By summarizing, RUT9XX provides several solutions for router management. Each user can choose what solution to use.

  • Page 88: Check Internet Connection

    8.1.2 Check Internet connection Field name Sample Explanation 1. Enable Enable/Disable Enable WAN's connection monitoring 2. Ping IP address 8.8.4.4 A host to send ICMP (Internet Control Message Protocol) packets to 3. Ping interval Time interval in seconds between two Pings 4.

  • Page 89: Web Filter

    8.3 Web filter 8.3.1 Site blocking Field name Sample Explanation 1. Enable Enable/Disable Enable host name based websites blocking 2. Mode Whitelist/Blacklist Whitelist - allow every site on the list and block everything else. Blacklist - block every site on the list and allow everything else. 3.

  • Page 90: Ntp

    Field name Sample Explanation 1. Enable Enable/Disable Enable proxy server based URL content blocking. Works with HTTP protocol only 2. Mode Whitelist/Blacklist Whitelist - allow every part of URL on the list and block everything else. Blacklist - block every part of URL on the list and allow everything else 3.

  • Page 91: Vpn

    Protocol) 4. Update interval How often router updates systems time 5. Save time to flash Save last synchronized time to flash memory 6. Count of time Total amount of times that router will do the synchronization. Note: If left blank - the synchronizations count will be infinite 7.
  • Page 92 To see at specific configuration settings press “edit” button located in newly created configuration entry. A new page with detailed configuration appears, as shown in the picture below (TLS client example).
  • Page 93 There can be multiple server/client instances. You can set custom settings here according to your VPN needs. Below is summary of parameters available to set: Field name Explanation Enabled Switches configuration on and off. This must be selected to make configuration active. TUN/TAP Selects virtual VPN interface type.

  • Page 94: Ipsec

    Encryption Selects Packet encryption algorithm. Authentication Sets authentication mode, used to secure data sessions. Two possibilities you have here: “Static key” means, that OpenVPN client and server will use the same secret key, which must be uploaded to the router using “Static pre-shared key” option. “TLS” authentication mode uses X.509 type certificates.
  • Page 95 IPsec system maintains two databases: Security Policy Database (SPD) which defines whether to apply IPsec to a packet or not and specify which/how IPsec-SA is applied and Security Association Database (SAD), which contain Key of each IPsec-SA. The establishment of the Security Association (IPsec-SA) between two peers is needed for IPsec communication. It can be done by using manual or automated configuration.
  • Page 96 Remote VPN Domain name or IP address. Leave empty or any endpoint Remote network secure group IP address and mask used to determine to address/Subnet what subnet an IP address belongs to. Range [0-32]. IP should differ from mask device LAN IP 10.

  • Page 97: Gre Tunnel

    8.5.3 GRE Tunnel GRE (Generic Routing Encapsulation RFC2784) is a solution for tunneling RFC1812 private address-space traffic over an intermediate TCP/IP network such as the Internet. GRE tunneling does not use encryption it simply encapsulates data and sends it over the WAN. In the example network diagram two distant networks LAN1 and LAN2 are connected.
  • Page 98 Field name Explanation Enabled Check the box to enable the GRE Tunnel function. Remote endpoint IP address Specify remote WAN IP address. Remote network IP address of LAN network on the remote device. Remote network netmask Network of LAN network on the remote device. Range [0-32]. Local tunnel IP Local virtual IP address.

  • Page 99: Pptp

    8.5.4 PPTP Point-to-Point Tunneling Protocol (PPTP) is a protocol (set of communication rules) that allows corporations to extend their own corporate network through private "tunnels" over the public Internet. Effectively, a corporation uses a wide-area network as a single large local area network. A company no longer needs to lease its own lines for wide-area communication but can securely use the public networks.

  • Page 100: L2Tp

    2. Use as default gateway Use this PPTP instance as default gateway 3. Server The server IP address or hostname 4. Username The user name for authorization with the server 5. Password The password for authorization with the server 8.5.5 L2TP Allows setting up a L2TP server or client.
  • Page 101 You are provided with add/delete buttons to manage and use different DDNS configurations at the same time! You can configure many different DDNS Hostnames in the main DDNS Configuration section. To edit your selected configuration, hit Edit. Field name Value Explanation Enable Enable/Disable...

  • Page 102: Sms Utilities

    Network Source network IP renew interval 10 (minutes) Time interval (in minutes) to check if the IP address of the device (min) have changed. 10. Force IP renew 472 (minutes) Time interval (in minutes) to force IP address renew. 8.7 SMS Utilities RUT900 has extensive amount of various SMS Utilities.
  • Page 103 Field name Explanation Notes Reboot Enable This check box will enable and Allows router restart via SMS. disable SMS reboot function. Action The action to be performed when this rule is met. SMS text SMS text which will reboot SMS text can contain letters, numbers, spaces and router.
  • Page 104 when this rule is met. Enable SMS Status This check box will enable and SMS status is disabled by default. disable SMS status function. SMS text SMS text which will send SMS text can contain letters, numbers, spaces and routers status. special symbols.
  • Page 105 If it is not selected, router will revert mobile state after reboot. Manage OpenVPN Enable This check box will enable and Allows OpenVPN control via SMS. disable this function. Action The action to be performed Turn OpenVPN ON or OFF. when this rule is met.
  • Page 106  3G settings must be configured correctly. If SIM card has PIN number you must enter it at “Network” > “3G” settings. Otherwise SMS reboot function will not work.  Sender phone number must contain country code. You can check sender phone number format by reading the details of old SMS text massages you receiving usually.
  • Page 107 access ON/OFF. special symbols. Capital letters also matters. Authorization method What kind of authorization to No authorization, by serial or by router admin use for SIM management. password. Allowed users Whitelist of allow users From all numbers, from group or from single number. Enable HTTP access Enable this to reach router via If this box is selected, SMS will enable HTTP access...

  • Page 108: Call Utilities

    Force Config update from server Enable This check box will enable and Allows to upgrade router‘s Config via SMS. disable this function. Action The action to be performed Router will reboot after this rule is executed. when this rule is met. SMS text SMS text which will force router SMS text can contain letters, numbers, spaces and...

  • Page 109: User Groups

    Field name Sample Explanation 1. Enable Enable/Disable Enables the rule 2. Action Reboot Action to be taken after receiving a call, you can choose from following actions: Reboot, Send status, Switch WiFi, Switch mobile data. 3. Allowed users From all numbers Allows to limit action triggering from all users, to user groups or single user numbers 4.

  • Page 110: Sms Management

    8.7.4 SMS Management 8.7.4.1 Read SMS In SMS Management page Read SMS you can read and delete received/stored SMS. 8.7.4.2 Send SMS Field name Sample Explanation 1. Phone number +3701111111 Recipients phone number. Should be preceded with country code, i.e. “+370” 2.

  • Page 111: Remote Configuration

    Field name Sample Explanation 1. Save messages on SIM Enabled / Disabled Enables received message storing on SIM card 2. SIM card memory Used: 0 Information about used/available SIM card memory Available: 50 3. Leave free space How much memory (number of message should be left free 8.7.5 Remote Configuration RUT9xx can be configured via SMS from another RUT9xx.
  • Page 112 Enabled / Disabled Enables router to receive configuration Enable No authorization / Describes what kind of authorization to use for SMS Authorization method By serial management. Method at Receiving and Sending ends By administration password must match 2. Allowed users From all numbers Gives greater control and security measures From group...
  • Page 113 New/From current Generate new SMS settings or use current device Generate SMS configuration configuration Interface Mobile/Wired Interface type used for WAN (Wide Area Network) connection Enable/Disable Include configuration for WAN (Wide Area Network) Enable/Disable Include configuration for LAN (Local Area Network) Protocol Static/DHCP Network protocol used for network configuration...

  • Page 114: Statistics

    Field name Values Notes Generated configuration Here you can review and modify configuration Message text field message message text to be sent “+37060000001” A phone number of router which will receive the Phone number configuration 3. Authorization method No authorization What kind of authorization to use for remote By serial configuration...

  • Page 115: Snmp Settings

    8.8.1 SNMP Settings Field name Sample Explanation 1. Enable SNMP service Enable/Disable Run SNMP (Simple Network Management Protocol) service on system's start up 2. Enable remote access Enable/Disable Open port in firewall so that SNMP (Simple Network Management Protocol) service may be reached from WAN 3.

  • Page 116: Trap Settings

    8.8.2 TRAP Settings Field name Sample Explanation 1. SNMP Trap Enable/Disable Enable SNMP (Simple Network Management Protocol) trap functionality 2. Host/IP 192.168.99.155 Host to transfer SNMP (Simple Network Management Protocol) traffic to 3. Port Port for trap's host 4. Community Public/Private The SNMP (Simple Network Management Protocol) Community is an ID that allows access to a router's SNMP data...
  • Page 117 Field name Values Notes Enabled / Disabled Enable SMS management functionality through Enable POST/GET admin User name used for authorization User name 3. Password ******* Password used for authorization (default- admin01) Do not forget to change parameters in the url according to your POST/GET Configuration! 8.9.1.1 SMS by HTTP POST/GET It is possible to read and send SMS by using valid HTTP POST/GET syntax.
  • Page 118 /cgi-bin/sms_delete? Delete username={your_user_name}&password={your_password}&number={MESSAGE_INDEX} message /cgi-bin/ sms_list? username={your_user_name}&password={your_password} List message /cgi-bin/sms_ total? username={your_user_name}&password={your_password} Number message s in memory Note: parameters of HTTP POST/GET string are in capital letters inside curly brackets. Curly brackets (“{ }”) are not needed when submitting HTTP POST/GET string. 8.9.1.3 Parameters of HTTP POST/GET string Parameter Explanation...

  • Page 119: Email To Sms

    8.9.2 Email to SMS Field name Values Notes Enable/Disable Allows to convert received Email to SMS Enable 2. POP3 server “pop.gmail.com” POP3 server address 3. Server port “995” Server authentication port 4. User name “admin” User name using for server authentication 5.

  • Page 120: Auto Reply Configuration

    8.9.3.1 Scheduled Messages Configuration Field name Values Notes Enable/Disable Activates periodical messages sending. Enable 2. Recipient’s phone “+37060000001” Phone number that will receive messages. number 3. Message text “Test” Message that will be send. 4. Message sending Day/Week/Month/Year Message sending period. interval 8.9.4 Auto Reply Configuration Auto reply allows replying to every message that router receives to everyone or to listed numbers only.

  • Page 121: Sms Forwarding

    8.9.5 SMS Forwarding 8.9.5.1 SMS Forwarding To HTTP This functionality forwards mobile messages from all or only specified senders to HTTP, using either POST or GET methods. Field name Values Notes Enable / Disable Enable mobile message forwarding to HTTP Enable 2.
  • Page 122 8.9.5.2 SMS Forwarding to SMS This functionality allows forwarding mobile messages from specified senders to one or several recipients. Field name Values Notes Enable / Disable Enable mobile message forwarding Enable 2. Add sender number Enable / Disable If enabled, original senders number will be added at the end of the forwarded message 3.

  • Page 123: Smpp

    If enabled, original senders number will be added at the end of the forwarded message Subject “forwarded message” Text that will be inserted in email Subject field SMTP server mail.teltonika.lt Your SMTP server’s address SMTP server port Your SMTP server’s port number Secure connection Enable / Disable...

  • Page 124: Hotspot

    8.10 Hotspot Wireless hotspot provides essential functionality for managing an open access wireless network. In addition to standard RADIUS server authentication there is also the ability to gather and upload detailed logs on what each device (denoted as a MAC address) was doing on the network (what sites were traversed, etc.). 8.10.1 General settings 8.10.1.1 Main settings Field name...
  • Page 125 Authentication port RADIUS server authentication port. Accounting port RADIUS server accounting port. Radius secret key The secret key is used for authentication with the RADIUS server UAM port Port to bind for authenticating clients UAM UI port UAM UI port UAM secret Shared secret between UAM server an hotspot NAS Identifier...

  • Page 126: Internet Access Restriction Settings

    8.10.2 Internet Access Restriction Settings Allows disable internet access on specified day and hour of every week. 8.10.3 Logging 8.10.3.1 Configuration Field name Explanation 1. Enable Check this box if you want to enable wireless traffic logging. This feature will produce logs which contain data on what websites each client was visiting during the time he was connected to your hotspot.
  • Page 127 5. Port The TCP/IP Port of the FTP server. Field name Explanation 1. Mode The mode of the schedule. Use “Fixed” if you want the uploading to be done on a specific time of the day. Use “Interval” if you want the uploading to be done at fixed interval. 2.

  • Page 128: Landing Page

    8.10.4 Landing Page 8.10.4.1 General Landing Page Settings With this functionality you can customize your Hotspot Landing page. Field name Explanation 1. Page title Will be seen as landing page title 2. Theme Landing page theme selection 3. Upload login page Allows to upload custom landing page theme 4.

  • Page 129: Radius Server Configuration

    8.10.4.2 Template In this page you can review landing page template HTML code and modify it. 8.10.5 Radius server configuration An authentication and accounting system used by many Internet Service Providers (ISPs). When you dial in to the ISP you must enter your username and password. This information is passed to a RADIUS server, which checks that the information is correct, and then authorizes access to the ISP system.

  • Page 130: Statistics

    Field name Explanation 1. Enable Activates an authentication and accounting system 2. Remote access Activates remote access to radius server 3. Accounting port Port on which to listen for accounting 4. Authentication port Port on which to listen for authentication 8.10.6 Statistics On hotspot statistics page you can review statistical information about hotspot instances.

  • Page 131: Auto Reboot

    8.12 Auto Reboot 8.12.1 Ping Reboot Ping Reboot function will periodically send Ping command to server and waits for echo receive. If no echo is received router will try again sending Ping command defined number times, after defined time interval. If no echo is received after the defined number of unsuccessful retries, router will reboot.

  • Page 132: Periodic Reboot

    8.12.2 Periodic Reboot Field name Explanation 1. Enable This check box will enable or disable Periodic reboot feature. 2. Days This check box will enable router rebooting at the defined days. 3. Hours, Minutes Uploading will be done on that specific time of the day 8.13 UPNP 8.13.1 General Settings UPnP allows clients in the local network to automatically configure the router.

  • Page 133: Upnp Acls

    Field name Explanation 1. Use UPnP port mapping Enable UPnP port mapping functionality 2. Use NAT-PMP port Enable NAT-PMP mapping functionality mapping 3. Device UUID Specify Universal unique ID of the device 8.13.3 UPnP ACLs ACLs specify which external ports may be redirected to which internal addresses and ports. Field name Explanation 1.

  • Page 134: Mqtt

    Field name Value Explanation 1. Interface WAN/LAN/PPP 2. Enable Enable/Disable Enable/disable settings 3. Calculate overhead Enable/Disable Check to decrease upload and download ratio to prevent link saturation 4. Half-duplex Enable/Disable Check to enable data transmission in both direction on a single carrier 5.
  • Page 135 In order to use TLS/SSL for connecting clients (subscribers and publishers) to the broker, the one should check Use TLS/SSL. After that, additional settings will be displayed to the user as shown below. Here the user can upload certificates, key files and choose TLS version, which will be used for data encryption between broker and clients (subscribers and publishers) The MQTT broker also supports option called Bridge.
  • Page 136 The last section of parameters is called Miscellaneous. It contains parameters, which does not depend on neither Security, nor Bridge categories. ACL File denotes access control list file name. The contents of this file are used to control client access to topics of the broker. The Password File denotes the file, there users and corresponding passwords are stored.
  • Page 137 It is possible to configure some sort of MQTT publisher. It is not simple publisher, but publisher, which publishes some system parameters to the broker. The publisher configuration window has few fields, like hostname and port of the broker to connect. Username and password fields are used for authentication. If these fields are left empty, no authentication is performed.
  • Page 138 connection Check if data connection is available Get WAN’s IP address uptime Get system uptime in seconds name Get router’s name digital1 Get value of digital input no. 1 digital2 Get value of digital input no. 2 analog Get value of analog input In order system to work, MQTT broker should be configured in advance.

  • Page 139: Modbus Tcp Interface

    8.16 Modbus TCP interface Modbus TCP interface allows the user to set or get some parameters from the router (the parameters, which can be set or get will be described later), like module temperature or signal strength. In other words, Modbus TCP is another manner to control router behavior.

  • Page 140: System

    of SIM card for which set the APN. This byte should be set to 1 (in order to change APN for SIM card number 1) or to 2 (in order to change APN for SIM card number 2). Value to set Description Register number Register value...
  • Page 141 Step 3 (LAN) Next, you are given the chance to configure your LAN and DHCP server options. For a detailed explanation see LAN under Network. Step 4 (WiFi) The final step allows you to configure your wireless settings in order to set up a rudimentary Access Point.

  • Page 142: Profiles

    When you’re done with the configuration wizard, press Save. 9.2 Profiles Router can have 5 configuration profiles, which you can later apply either via WebUI or via SMS. When you add New Profile, you save current full configuration of the router. Note: profile names cannot exceed 10 symbols.

  • Page 143: Administration

    9.3 Administration 9.3.1 General Field name Explanation Router name Enter your new router name. Host name Enter your new host name New Password Enter your new administration password. Changing this password will change SSH password as well. Confirm new password Re-enter your new administration password.

  • Page 144: Troubleshoot

    The only way to gain access to the web management if you forget the administrator password is to reset the device factory default settings. Default administrator login settings are: User Name: admin Password: admin01 9.3.2 Troubleshoot Field name Explanation 1. System log level Debug level should always be used, unless instructed otherwise.

  • Page 145: Backup

    9.3.3 Backup Field name Explanation 1. Backup archive Download current router settings file to personal computer. This file can be loaded to other RUT900 with same Firmware version in order to quickly configure it. 2. Restore from backup Select, upload and restore router settings file from personal computer.
  • Page 146 9.3.3.1 Access control 9.3.3.1.1 General Field name Explanation Enable SSH access Check box to enable SSH access. Remote SSH access Check box to enable remote SSH access. Port Port to be used for SSH connection Enable HTTP access Enables HTTP access to router Enable remote HTTP Enables remote HTTP access to router access...

  • Page 147: Diagnostics

    9.3.3.1.2 Safety Field name Explanation 1. SSH access secure Check box to enable SSH access secure functionality. enable 2. Clean after reboot If check box is selected – blocked addresses are removed after every reboot. 3. Fail count Specifies maximum connection attempts count before access blocking. 4.

  • Page 148: Mac Clone

    2. Ping Utility used to test the reach ability of a host on an Internet IP network and to measure the round-trip time for messages sent from the originating host to a destination server. Server echo response will be shown after few seconds if server is accessible. 3.

  • Page 149: Monitoring

    Mobile Check box to show Mobile table in Overview page SMS counter Check box to show SMS counter table in Overview page System Check box to show System table in Overview page Wireless Check box to show Wireless table in Overview page Check box to show WAN table in Overview page Local network Check box to show Local network table in Overview page...

  • Page 150: Restore Point

    In Script Management window is shown content of a file /etc/rc.local. This file is executed at the end of startup, executing the line: sh /etc/rc.local In this script is needed to use sh (ash) commands. It should be noted, that this is embedded device and sh functionality is not full.

  • Page 151: Firmware

    9.6 Firmware 9.6.1 Firmware Keep all settings – if the check box is selected router will keep saved user configuration settings after firmware upgrade. When check box is not selected all router settings will be restored to factory defaults after firmware upgrade. When upgrading firmware, you can choose settings that you wish to keep after the upgrade.

  • Page 152: Fota

    The following section describes available options for recovery of malfunctioning device. Usually device can become unreachable due to power failure during firmware upgrade or if its core files were wrongly modified in the file system. Teltonika’s routers offer several options for recovering from these situations.

  • Page 153: Reset Button

    10.1 Reset button Reset button is located on the back panel of the device. Reset button has several functions: Reboot the device. After the device has started and if the reset button is pressed for up to 4 seconds the device will reboot.

  • Page 154: Glossary

    11 Glossary WAN – Wide Area Network is a telecommunication network that covers a broad area (i.e., any network that links across metropolitan, regional, or national boundaries). Here we use the term WAN to mean the external network that the router uses to reach the internet. LAN –...
  • Page 155 TKIP – Temporal Key Integrity Protocol – scrambles the keys using hashing algorithm and, by adding an integrity- checking feature, ensure that the keys haven’t been tampered with. CCMP – Counter Mode Cipher Block Chaining Message Authentication Code Protocol – encryption protocol designed for Wireless LAN products that implement the standards of the IEEE 802.11i amendment to the original IEEE802.11 standard.

  • Page 156: Changelog

    12 Changelog Date Version Comments 2017-02-01 1.19...

This manual is also suitable for:

Rut900

Table of Contents