Page 1 M2M Cellular Gateway IDG500-0T012 (LTE cat. 4) User Manual...
Page 2: Table Of Contents
M2M Cellular Gateway Chapter 1 Introduction ...........................6 1.1 Introduction ............................. 6 1.2 Contents List ........................... 7 1.2.1 Package Contents ........................7 1.3 Hardware Configuration ........................8 1.4 LED Indication ..........................9 1.5 Installation & Maintenance Notice ....................10 1.5.1 SYSTEM REQUIREMENTS ....................10 1.5.2 WARNING .........................
Page 3 M2M Cellular Gateway 2.4.1 IPv6 Configuration ......................93 2.5 Port Forwarding ...........................102 2.5.1 Configuration ........................103 2.5.2 Virtual Server & Virtual Computer ..................104 2.5.3 DMZ & Pass Through ......................110 2.6 Routing ............................113 2.6.1 Static Routing ........................114 2.6.2 Dynamic Routing ....................... 117 2.6.3 Routing Information ......................122 2.7 DNS &...
Page 4 M2M Cellular Gateway 5.2.3 MAC Control ........................194 5.2.4 Content Filter (not supported) .....................197 5.2.5 Application Filter (not supported) ..................198 5.2.6 IPS.............................199 5.2.7 Options ..........................203 Chapter 6 Administration ........................... 207 6.1 Configure & Manage ........................207 6.1.1 Command Script ........................208 6.1.2 TR-069 ..........................212 6.1.3 SNMP ..........................217 6.1.4 Telnet &...
Page 5 M2M Cellular Gateway 7.2.3 Notifying Events ........................271 Chapter 8 Status............................273 8.1 Dashboard (not supported) ......................273 8.2 Basic Network ..........................274 8.2.1 WAN & Uplink Status ......................274 8.2.2 LAN & VLAN Status ......................278 8.2.3 WiFi Status ........................279 8.2.4 DDNS Status........................282 8.3 Security ............................283 8.3.1 VPN Status ........................283 8.3.2 Firewall Status ........................287 8.4 Administration ..........................291...
Page 6: Chapter 1 Introduction
1.1 Introduction Congratulations on your purchase of this outstanding product: M2M Cellular Gateway. For M2M (Machine-to- Machine) applications, AMIT M2M Cellular Gateway is absolutely the right choice. With built-in world-class 3G/4G module, you just need to insert SIM card from local mobile carrier to get to Internet. By VPN tunneling technology, remote sites easily become a part of Intranet, and all data are transmitted in a secure (256-bit AES encryption) link.
Page 7: Contents List
M2M Cellular Gateway 1.2 Contents List 1.2.1 Package Contents #Standard Package Items Description Contents Quantity IDG500-0T012 1pcs M2M Cellular Gateway Cellular Antenna 2pcs WiFi Antenna 1pcs Power Adapter (DC 5V/2A) 1pcs DIN-Rail Bracket 1 set (2pcs) RJ45 Cable 1pcs Rubber Feet 4pcs 1pcs (Manual)
Page 8: Hardware Configuration
M2M Cellular Gateway 1.3 Hardware Configuration  Left View LAN1/ LAN2 DC Power Receptacle Right View  Reset Button 3G/4G SIM-A 3G/4G SIM-B Antenna Antenna WiFi Antenna MicroSD (2.4GHz) ※Reset Button The RESET button provides user with a quick and easy way to resort the default setting. Press the RESET button continuously for 6 seconds, and then release it.
Page 9: Led Indication
M2M Cellular Gateway 1.4 LED Indication Indication Description Color When the LED color is shown in: • Blue: Cellular module is in LTE Mode. • Purple: Cellular module is in HSPA/3G Mode. Blue • Red: Cellular module is in GSM/2G Mode. Signal Purple LTE/3G...
Page 10: Installation & Maintenance Notice
M2M Cellular Gateway 1.5 Installation & Maintenance Notice 1.5.1 SYSTEM REQUIREMENTS A fast Ethernet RJ45 cable • 3G/4G cellular service subscription • Network Requirements IEEE 802.11b/g/n/ac wireless client • 10/100 Ethernet adapter on PC • Computer with the following: Windows®, Macintosh, or Linux-based operating •...
Page 11: Hot Surface Caution
M2M Cellular Gateway 1.5.3 HOT SURFACE CAUTION CAUTION: The surface temperature for the metallic enclosure can be very high! Especially after operating for a long time, installed at a closed cabinet without air conditioning support, or in a high ambient temperature space.
Page 12: Product Information For Ce Red Requirements
M2M Cellular Gateway 1.5.4 Product Information for CE RED Requirements The following product information is required to be presented in product User Manual for latest CE RED requirements. (1) Frequency Band & Maximum Power 1.a Frequency Band for Cellular Connection (for ME3630 E1C version) Band number Operating Frequency Max output power...
Page 13 (2) DoC Information You can get the DoC information of this product from the following URL: http://www.amit.com.tw/products-doc/ (3) RF Exposure Statements The antenna of the product, under normal use condition, is at least 20 cm away from the body of user.
Page 14: Hardware Installation
M2M Cellular Gateway 1.6 Hardware Installation This chapter describes how to install and configure the hardware 1.6.1 Mount the Unit The IDG500 series can be placed on a desktop, or mounted on the wall. 1.6.2 Insert the SIM Card WARNING: BEFORE INSERTING OR CHANGING THE SIM CARD, PLEASE MAKE SURE THAT POWER OF THE DEVICE IS SWITCHED OFF.
Page 15: Install The External Antenna
M2M Cellular Gateway 1.6.3 Install the External Antenna As illustrated in Section 1.3, there are several SMA antenna Jacks for you to install the required antennas for the RF signal transmission and receiving. You have to purchase required RF cables and antennas separately for a specific project or installation site to get excellent RF performance.
Page 16: Connecting Power
M2M Cellular Gateway 1.6.4 Connecting Power There is a DC5V/2A power adapter in the package for you to easily connect DC power to this gateway. If you powered the gateway with other DC Power Source, please make sure the DC Power voltage is comply to 5V ~ 18V.
Page 17: Setup By Configuring Web Ui
M2M Cellular Gateway 1.6.6 Setup by Configuring WEB UI You can browse web UI to configure the device. Type in the IP Address (http://192.168.123.254) When you see the login page, enter the user name and password and then click ‘Login’ button. The default setting for both username and password is ‘admin’...
Page 18: Chapter 2 Basic Network
M2M Cellular Gateway Chapter 2 Basic Network 2.1 WAN & Uplink The gateway provides multiple WAN interfaces to let all client hosts in Intranet of the gateway access the Internet via ISP. But ISPs in the world apply various connection protocols to let gateways or user's devices dial in ISPs and then link to the Internet via different kinds of transmit media.
Page 19: Physical Interface
M2M Cellular Gateway 2.1.1 Physical Interface M2M gateways are usually equipped with various WAN interfacess to support different WAN connection scenario for requirement. You can configure the WAN interface one by one to get proper internet connection setup. Refer to the product specification for the available WAN interfaces in the product you purchased. The first step to configure one WAN interface is to specify which kind of connection media to be used for the WAN connection, as shown in "Physical Interface"...
Page 20 M2M Cellular Gateway • WiFi Uplink WAN: For the product with WiFi Uplink function, one WiFi module can be configured to be WAN connections. For the WiFi module with Uplink function activated, you can further create some uplink profiles for ease of connecting to an uplink network. Operation Mode: There are three option items “Always on”, “Failover”, and “Disable”...
Page 21 M2M Cellular Gateway When the “Seamless” enable checkbox is activated, it can allow the Failover interface to be connected continuously from system booting up. Failover WAN interface just keeps connecting without data traffic. The purpose is to shorten the switch time during failover process. So, when primary connection is disconnected, failover interface will take over the data transfer mission instantly by only changing routing path to the failover interface.
Page 22 M2M Cellular Gateway Physical Interface Setting Go to Basic Network > WAN > Physical Interface tab. The Physical Interface allows user to setup the physical WAN interface and to adjust WAN’s behavior. Note: Numbers of available WAN Interfaces can be different for the purchased gateway. When Edit button is applied, an Interface Configuration screen will appear.
Page 23 M2M Cellular Gateway Define the operation mode of the interface. Select Always on to make this WAN always active. Select Disable to disable this WAN interface. Select Failover to make this WAN a Failover WAN when the primary or the Operation Mode A Must fill setting secondary WAN link failed.
Page 24: Internet Setup
M2M Cellular Gateway 2.1.2 Internet Setup After specifying the physical interface for each WAN connection, administrator must configure their connection profile to meet the dial in process of ISP, so that all client hosts in the Intranet of the gateway can access the Internet.
Page 25 M2M Cellular Gateway Internet Connection List - Ethernet WAN WAN Type for Ethernet Interface: Ethernet is the most common WAN and uplink interface for M2M gateways. Usually it is connected with xDSL or cable modem for you to setup the WAN connection. There are various WAN types to connect with ISP. •...
Page 26 M2M Cellular Gateway WAN Type = Dynamic IP When you select it, "Dynamic IP WAN Type Configuration" will appear. Items and setting is explained below Dynamic IP WAN Type Configuration Item Value setting Description Host Name Enter the host name provided by your Service Provider. An optional setting Enter the MAC address that you have registered with your service provider.
Page 27 M2M Cellular Gateway Static IP WAN Type Configuration Item Value setting Description WAN IP Address A Must filled setting Enter the WAN IP address given by your Service Provider WAN Subnet Mask A Must filled setting Enter the WAN subnet mask given by your Service Provider WAN Gateway A Must filled setting Enter the WAN gateway IP address given by your Service Provider...
Page 28 M2M Cellular Gateway WAN Type= PPTP When you select it, "PPTP WAN Type Configuration" will appear. Items and setting is explained below PPTP WAN Type Configuration Item Value setting Description Select either Static or Dynamic IP address for PPTP Internet connection. When Static IP Address is selected, you will need to enter the WAN IP ...
Page 29 M2M Cellular Gateway WAN Type= L2TP When you select it, "L2TP WAN Type Configuration" will appear. Items and setting is explained below L2TP WAN Type Configuration Item Value setting Description Select either Static or Dynamic IP address for L2TP Internet connection. When Static IP Address is selected, you will need to enter the WAN IP ...
Page 30 M2M Cellular Gateway Ethernet Connection Common Configuration There are some important parameters to be setup no matter which Ethernet WAN type is selected. You should follow up the rule to configure. Connection Contro Auto-reconnect: This gateway will establish Internet connection automatically once it has been booted up, and try to reconnect once the connection is down.
Page 31 M2M Cellular Gateway Manually: This gateway won’t start to establish WAN connection until you press “Connect” button on web UI. After normal data transferring between LAN and WAN sides, this gateway will disconnect WAN connection if idle time reaches value of Maximum Idle Time. Please be noted, if the WAN interface serves as the primary one for another WAN interface in Failover role, the Connection Control parameter will not be available to you to configure as the system must set it to “Auto- reconnect (Always on)”.
Page 32 M2M Cellular Gateway Set up “Ethernet Common Configuration” Ethernet WAN Common Configuration Item Value setting Description There are three connection modes. • Auto-reconnect enables the router to always keep the Internet connection on. • Connect-on-demand enables the router to automatically re- establish Internet connection as soon as user attempts to access Connection Control A Must filled setting...
Page 33 M2M Cellular Gateway disconnection times to be the threshold before disconnection is acknowledged. Target1 (DNS1 set by default) specifies the first target of sending DNS  query/ICMP request. DNS1: set the primary DNS to be the target.  DNS2: set the secondary DNS to be the target. ...
Page 34 M2M Cellular Gateway Internet Connection – 3G/4G WAN Preferred SIM Card – Dual SIM Fail Over For 3G/4G embedded device, one embedded cellular module can create only one WAN interface. This device has featured by using dual SIM cards for one module with special fail-over mechanism. It is called Dual SIM Failover.
Page 35 M2M Cellular Gateway SIM-A/SIM-B only: When “SIM-A Only” or “SIM-B Only” is used, the specified SIM slot card is the only one to be used for negotiation parameters between gateway device and cellular ISP. SIM-A / SIM-B first without enable Failback By default, “SIM-A First”...
Page 36 M2M Cellular Gateway 3G/4G Connection Configuration Item Value setting Description 1. A Must filled setting From the dropdown box, select Internet connection method for 3G/4G WAN Type 2. 3G/4G is set by WAN Connection. Only 3G/4G is available. default. Choose which SIM card you want to use for the connection. When SIM-A First or SIM-B First is selected, it means the connection is built first by using SIM A/SIM B.
Page 37 M2M Cellular Gateway Note_1: Configurations of SIM-B Card follows the same rule of Configurations of SIM-A Card, here we list SIM- A as the example. Note_2: Both Connection with SIM-A Card and Connection with SIM-B Card will pop up only when the SIM-A First or SIM-B First is selected, otherwise it only pops out one of them.
Page 38 M2M Cellular Gateway Select Auto-detection to automatically bring out all configurations needed while dialing-up, by comparing the IMSI of the SIM card to the record listed in the manufacturer’s database. Note_1: You are highly recommended to select the Manual or APN Profile List to specify the network for your subscription.
Page 39 M2M Cellular Gateway List all the APN profile you created, easily for you to check and modify. It is available only when you select Dial-Up Profile as APN Profile List. When Add button is applied, an APN Profile Configuration screen will appear. SIM-A/-B APN Profile Configuration Item Value setting...
Page 40 M2M Cellular Gateway When the Back button is clicked, the screen will return to the previous Back page. Setup 3G/4G Connection Common Configuration Here you can change common configurations for 3G/4G WAN. 3G/4G Connection Common Configuration Item Value setting Description When Auto-reconnect is selected, it means it will try to keep the Internet connection on all the time whenever the physical link is connected.
Page 41 M2M Cellular Gateway Value Range: 1200 ~ 1500. When Enable box is checked, it means the device will directly assign the 1. The box is unchecked WAN IP to the first connected local LAN client. by default However, when an optional Fixed MAC is filled-in a non-zero value, it IP Pass-through 2.
Page 42 M2M Cellular Gateway Fail Threshold specifies the detected disconnection before the router recognize the WAN link down status. Enter a number of detecting disconnection times to be the threshold before disconnection is acknowledged. Target1 specifies the first target of sending DNS query/ICMP request. 1.
Page 43 M2M Cellular Gateway Internet Connection – WFi Uplink WAN If the device connects to Internet through WiFi Uplink, this section will help you to complete WiFi Uplink connection setup. Go to Basic Network > WAN & Uplink > Internet Setup tab. WiFi Uplink interface: The Uplink network is a wireless network, and the gateway can connect to the Uplink network through WiFi connection.
Page 44 M2M Cellular Gateway WiFi Uplink WiFi Uplink WAN Type Configuration Item Value setting Description Display the information of AP for connecting. You can Click the Scan button and select a AP for the uplink network. Connect to AP Besides, you can also create uplink profile(s) for ease of connecting to an available Uplink network.
Page 45 M2M Cellular Gateway seconds is filled-in Value Range: 300 ~ 86400. Note: This field is available only when Connect-on-demand or Connect Manually is selected as the connection control scheme. Click the Enable checkbox to activate the fast roaming function. 1. An Optional setting In addition, you can also specify a threshold value for changing from one AP Fast Roaming 2.
Page 46 M2M Cellular Gateway by default. ICMP checking packets. With DNS Query, the system checks the connection by sending DNS Query packets to the destination specified in Target 1 and Target 2. Value Range: 2 ~ 14400. Specify a time interval as the ICMP Checking Interval. Query Interval defines the transmitting interval between two DNS Query or 1.
Page 47: Lan & Vlan
M2M Cellular Gateway 2.2 LAN & VLAN This section provides the configuration of LAN and VLAN. VLAN is an optional feature, and it depends on the product specification of the purchased gateway. 2.2.1 Ethernet LAN The Local Area Network (LAN) can be used to share data or files among computers attached to a network.
Page 48 M2M Cellular Gateway by default The default subnet mask is 255.255.255.0 (/24), and it means maximum 254 IP addresses are allowed in this subnet. However, one of them is occupied by LAN IP address of this gateway, so there are maximum 253 clients allowed in LAN network.
Page 49 M2M Cellular Gateway network. Value Range: 255.0.0.0 (/8) ~ 255.255.255.255 (/32). Save Click the Save button to save the configuration...
Page 50: Vlan
M2M Cellular Gateway 2.2.2 VLAN VLAN (Virtual LAN) is a logical network under a certain switch or router device to group client hosts with a specific VLAN ID. This gateway supports both Port-based VLAN and Tag-based VLAN. These functions allow you to divide local network into different “virtual LANs”.
Page 51 M2M Cellular Gateway Staff) with NAT mode and DHCP-2 server equipped. At last, administrator also configure Data Center segment with VLAN ID 1. The VLAN group includes Port-1 with NAT mode to WAN interface as shown in following diagram. Above is the general case for 3 Ethernet LAN ports in the gateway. But if the device just has one Ethernet LAN port, there will be only one VLAN group for the device.
Page 52 M2M Cellular Gateway For example, in a company, administrator schemes out 3 network segments, Lab, Meeting Rooms, and Office. In a Security VPN Gateway, administrator can configure Office segment with VLAN ID 12. The VLAN group is equipped with DHCP-3 server to construct a 192.168.12.x subnet. He also configure Meeting Rooms segment with VLAN ID 11.
Page 53 M2M Cellular Gateway  VLAN Groups Access Control Administrator can specify the Internet access permission for all VLAN groups. He can also configure which VLAN groups are allowed to communicate with each other. VLAN Group Internet Access Administrator can specify members of one VLAN group to be able to access Internet or not. Following is an example that VLAN groups of VID is 2 and 3 can access Internet but the one with VID is 1 cannot access Internet.
Page 54 M2M Cellular Gateway Inter VLAN Group Routing: In Port-based tagging, administrator can specify member hosts of one VLAN group to be able to communicate with the ones of another VLAN group or not. This is a communication pair, and one VLAN group can join many communication pairs.
Page 55 M2M Cellular Gateway VLAN Setting Go to Basic Network > LAN & VLAN > VLAN Tab. The VLAN function allows you to divide local network into different virtual LANs. There are Port-based and Tag-based VLAN types. Select one that applies. Configuration Item Value setting...
Page 56 M2M Cellular Gateway Port-based VLAN Configuration Item Value setting Description 1. A Must filled setting Define the Name of this rule. It has a default text and cannot be modified. Name 2. String format: already have default texts VLAN ID A Must filled setting Define the VLAN ID number, range is 1~4094.
Page 57 M2M Cellular Gateway WAN & WAN All WANs is selected by Select which WAN or All WANs that allow accessing Internet. VID to Join default. Note: If Bridge mode is selected, you need to select a WAN and enter a VID. LAN IP Assign an IP Address for the DHCP Server that the rule used, this IP address is a A Must filled setting...
Page 58 M2M Cellular Gateway Besides, you can add some IP rules in the IP Fixed Mapping Rule List if DHCP Server for the VLAN groups is required. When Add button is applied, Mapping Rule Configuration screen will appear. Mapping Rule Configuration Item Value setting Description...
Page 59 M2M Cellular Gateway Port-based VLAN – Inter VLAN Group Routing Click VLAN Group Routing button, the VLAN Group Internet Access Definition and Inter VLAN Group Routing screen will appear. When Edit button is applied, a screen similar to this will appear. Inter VLAN Group Routing Item Value setting...
Page 60 M2M Cellular Gateway Tag-based VLAN – Create/Edit VLAN Rules The Tag-based VLAN allows you to customize each LAN port according to VLAN ID. There is a default rule shows the configuration of all LAN ports and all VAPs. Also, if your device has a DMZ port, you will see DMZ configuration, too.
Page 61: Dhcp Server
M2M Cellular Gateway 2.2.3 DHCP Server  DHCP Server The gateway supports up to 4 DHCP servers to fulfill the DHCP requests from different VLAN groups (please refer to VLAN section for getting more usage details). And there is one default setting for whose LAN IP Address is the same one of gateway LAN interface, with its default Subnet Mask setting as “255.255.255.0”, and its default IP Pool ranges is from “.100”...
Page 62 M2M Cellular Gateway  Fixed Mapping User can assign fixed IP address to map the specific client MAC address by select them then copy, when targets were already existed in the DHCP Client List, or to add some other Mapping Rules by manually in advance, once the target's MAC address was not ready to connect.
Page 63 M2M Cellular Gateway DHCP Server Setting Go to Basic Network > LAN & VLAN > DHCP Server Tab. The DHCP Server setting allows user to create and customize DHCP Server policies to assign IP Addresses to the devices on the local area network (LAN) Create / Edit DHCP Server Policy The gateway allows you to custom your DHCP Server Policy.
Page 64 M2M Cellular Gateway DHCP Server Configuration Item Value setting Description 1. String format can be any DHCP Server text Enter a DHCP Server name. Enter a name that is easy for you to understand. Name 2. A Must filled setting LAN IP 1.
Page 65 M2M Cellular Gateway Mapping Rule Configuration Item Value setting Description 1. MAC Address string MAC Address format The MAC Address of this mapping rule. 2. A Must filled setting 1. IPv4 format. IP Address The IP Address of this mapping rule. 2.
Page 66 M2M Cellular Gateway Option Meaning TFTP server name [RFC 2132] Default World Wide Web Server [RFC 2132] [RFC 3679] Create / Edit DHCP Server Options The gateway supports up to a maximum of 99 option settings. When Add/Edit button is applied, DHCP Server Option Configuration screen will appear. DHCP Server Option Configuration Item Value setting...
Page 67 M2M Cellular Gateway Option 144 for url; Each different options has different value types. Single IP Address Single FQDN IP Addresses List, separated by “,” Dropdown list DHCP Single URL Type server option value’s type IP Addresses List, separated by “,” IP Addresses List, separated by “,”...
Page 68 M2M Cellular Gateway DHCP Relay Configuration Item Value setting Description 1. String format can be any Enter a DHCP Relay name. Enter a name that is easy for you to understand. Agent Name text Value Range: 1~64 characters. 2. A Must filled setting. 1.
Page 69: Wifi
M2M Cellular Gateway 2.3 WiFi The gateway provides WiFi interface for mobile devices or BYOD devices to connect for Internet/Intranet accessing. WiFi function is usually modulized design in a gateway, and there can be single or dual modules within a gateway. The WiFi system in the gateway complies with IEEE 802.11ac/11n/11g/11b standard in 2.4GHz or 5GHz single band or 2.4G/5GHz concurrent dual bands of operation.
Page 70: Wifi Configuration
M2M Cellular Gateway 2.3.1 WiFi Configuration Due to optional module(s) and frequency band, you need to setup module one by one. For each module, you need to specify the operation mode, and then setup the virtual APs for wireless access. Hereunder are the scenarios for each wireless operation mode, you can get how it works, and what is the difference among them.
Page 71 M2M Cellular Gateway WDS Only Mode WDS (Wireless Distributed System) Only mode drives a WiFi gateway to be a bridge for its wired Intranet and a repeater to extend distance. You can use multiple WiFi gateways as a WiFi repeater chain with all gateways setup as "WDS Only"...
Page 72 M2M Cellular Gateway...
Page 73 M2M Cellular Gateway Multiple VAPs VAP (Virtual Access Point) is function to partition wireless network into multiple broadcast domains. It can simulate multiple APs in one physical AP. This wireless gateway supports up to 2 VAPs. For each VAP, you need to setup SSID, authentication and encryption to control Wi-Fi client access.
Page 74 M2M Cellular Gateway WiFi Configuration Setting The WiFi configuration allows user to configure 2.4GHz or 5GHz WiFi settings. Go to Basic Network > WiFi > WiFi Module One Tab. If the gateway is equipped with two WiFi modules, there will be another WiFi Module Two. You can do the similar configurations on both WiFi modules. Basic Configuration Basic Configuration Item...
Page 75 M2M Cellular Gateway The channel will be selected according to AP numbers (The less, the better).  By Less Interference The channel will be selected according to interference. (The lower, the better). Specify the preferred WiFi System. The dropdown list of WiFi system is based on IEEE 802.11 standard.
Page 76 M2M Cellular Gateway differs from devices. So, you can connected to the VAP1 (SSID: Staff_2.4G) with the provided key. However, it is strongly recommanded that you have to change the security key to a easy-to-remember one by clicking the Edit button. Click Add / Edit button in the VAP List screen to create or edit the settings for a VAP.
Page 77 M2M Cellular Gateway VAP Configuration Item Value setting Description Enter the SSID for the VAP, and decide whether to broadcast the SSID or not. 1. String format : Any SS ID The SSID is used for identifying from another AP, and client stations will associate text with AP according to SSID.
Page 78 M2M Cellular Gateway Others: None is None selected be default. It means that the device is open system without encrypting. Up to 4 WEP keys can be set, and you have to select one as current key. The key type can set to HEX or ASCII. If HEX is selected, the key should consist of (0 to 9) and (A to F).
Page 79 M2M Cellular Gateway WDS Only Mode For the WDS Only mode, the device only bridges the connected wired clients to another WDS-enabled WiFi device which the device associated with. That is, it also means the no wireless clients stat can connect to this device while WDS Only Mode is selected.
Page 80 M2M Cellular Gateway Under WDS Only mode, only VAP1 is available for further specifying the required authentication and Encryption settings. Click Edit button in the VAP List screen and a VAP Configuration screen will appear for you to configure the required settings For the detail description about VAP configuration, please refer to the description stated in AP-Router section.
Page 81 M2M Cellular Gateway WDS Hybrid Mode For the WDS Hybrid mode, the device bridges all the wired LAN and WLAN clients to another WDS or WDS hybrid enabled WiFi devices which the device associated with. WDS Hybrid Mode Item Value setting Description Check the Enable box to activate this function.
Page 82 M2M Cellular Gateway security level and prevent unexpected access of un-authorized devices. The default wifi key is printed on both the device label and the Security Card. It is created randomly and differs from devices. So, you can connected to the VAP1 (SSID: Staff_2.4G) with the provided key. However, it is strongly recommanded that you have to change the security key to a easy-to-remember one by clicking the Edit button.
Page 83 M2M Cellular Gateway For others: For the detail description about VAP configuration, please refer to the description stated in AP-Router section.
Page 84: Wireless Client List
M2M Cellular Gateway 2.3.2 Wireless Client List The Wireless Client List page shows the information of wireless clients which are associated with this device. Go to Basic Network > WiFi > Wireless Client List Tab. Select Target WiFi Target Configuration Item Value setting Description...
Page 85 M2M Cellular Gateway Mode It shows what kind of Wi-Fi system the client used to associate with this device. Rate It shows the data rate between client and this device. RSSI0, RSSI1 It shows the RX sensitivity (RSSI) value for each radio path. Signal The signal strength between client and this device.
Page 86: Advanced Configuration
M2M Cellular Gateway 2.3.3 Advanced Configuration This device provides advanced wireless configuration for professional user to optimize the wireless performance under the specific installation environment. Please note that if you are not familiar with the WiFi technology, just leave the advanced configuration with its default values, or the connectivity and performance may get worse with improper settings.
Page 87 M2M Cellular Gateway Advanced Configuration Item Value setting Description The default setting is It limits the available radio channel of this device. Regulatory Domain according to where The permissible channels depend on the Regulatory Domain. the product sale to It shows the time interval between each beacon packet broadcasted. Beacon Interval The beacon packet contains SSID, Channel ID and Security setting.
Page 88: Uplink Profile
M2M Cellular Gateway 2.3.4 Uplink Profile This device provides WiFi Uplink function for connecting to a wireless access point just like connected to a wired WAN or cellular WAN connection. It can operate as a NAT gateway and link the devices wirelessly to the uplink network or hosts.
Page 89 M2M Cellular Gateway Note: to apply the defined Uplink profile(s) for the gateway to find a best fit profile for connecting to a certain uplink network, user has to Enable the Profile auto-connect function (Refer to Basic Network > WiFi > (Module 1/ Module 2) WiFi Configuration tab.
Page 90 M2M Cellular Gateway Create/Edit Uplink Profile The Profile List shows the settings for the created uplink profiles. The information includes Profile Name, SSID, Channel, Authentication, Encryption, MAC Address, Signal Strength, Priority, and Enable. When Add button is applied, Profile Configuration screen will appear. Profile Configuration Item Value setting...
Page 91 M2M Cellular Gateway 2. Open is selected by can be Open, Shared, WPA-SPK, or WPA2-PSK. default. When Open is selected, the preshared WEP key could be set for authentication; When Shared is selected, the preshared WEP key should be set for authentication;...
Page 92 M2M Cellular Gateway Once you selected an AP from the AP list, the channel, SSID, Authentication, Encryption, and MAC address will be automatically filled into the profile, you just have to enter a key for the uplink connection, if required.
Page 93: Ipv6
M2M Cellular Gateway 2.4 IPv6 The growth of the Internet has created a need for more addresses than are possible with IPv4. IPv6 (Internet Protocol version 6) is a version of the Internet Protocol (IP) intended to succeed IPv4, which is the protocol currently used to direct almost all Internet traffic.
Page 94 M2M Cellular Gateway IPv6 WAN Connection Type Static IPv6 Static IPv6 does the same function as static IPv4. The static IPv6 provides manual setting of IPv6 address, IPv6 default gateway address, and IPv6 DNS. Above diagram depicts the IPv6 IP addressing, type in the information provided by your ISP to setup the IPv6 network.
Page 95 M2M Cellular Gateway Above diagram depicts DHCP IPv6 IP addressing, the DHCPv6 server on the ISP side assigns IPv6 address, IPv6 default gateway address, and IPv6 DNS to client host’s automatically. PPPoEv6 PPPoEv6 in IPv6 does the same function as PPPoE in IPv4. The PPPoEv6 server provides configuration parameters based on PPPoEv6 client request.
Page 96 M2M Cellular Gateway IPv6 Configuration Setting Go to Basic Network > IPv6 > Configuration Tab. The IPv6 Configuration setting allows user to set the IPv6 connection type to access the IPv6 network. IPv6 Configuration Item Value setting Description The box is unchecked IPv6 Check the Enable box to activate the IPv6 function.
Page 97 M2M Cellular Gateway Item Value setting Description IPv6 Address A Must filled setting Enter the WAN IPv6 Address for the router. Subnet Prefix A Must filled setting Enter the WAN Subnet Prefix Length for the router. Length Default Gateway A Must filled setting Enter the WAN Default Gateway IPv6 address.
Page 98 M2M Cellular Gateway DHCPv6 WAN Type Configuration DHCPv6 WAN Type Configuration Item Value setting Description The option [From Select the [Specific DNS] option to active Primary DNS and Secondary DNS. Then Server] is selected by fill the DNS information. default Can not modified by Primary DNS Enter the WAN primary DNS Server.
Page 99 M2M Cellular Gateway PPPoEv6 WAN Type Configuration PPPoEv6 WAN Type Configuration Item Value setting Description Enter the Account for setting up PPPoEv6 connection. If you want more Account A Must filled setting information, please contact your ISP. Value Range: 0 ~ 45 characters. Enter the Password for setting up PPPoEv6 connection.
Page 100 M2M Cellular Gateway the router. Then go to Address Auto-configuration (summary) for setting LAN environment. If above setting is configured, click the save button to save the configuration and click reboot button to reboot the router. Address Auto-configuration Address Auto-configuration Item Value setting Description...
Page 101 M2M Cellular Gateway IPv6 Address Lifetime (A Must filled setting): Enter the DHCPv6 lifetime for your local computers. 36000 is set by default. Value Range: 0 ~ 65535.
Page 102: Port Forwarding
M2M Cellular Gateway 2.5 Port Forwarding Network address translation (NAT) is a methodology of remapping one IP address space into another by modifying network address information in Internet Protocol (IP) datagram packet headers while they are in transit across a traffic routing device. The technique was originally used for ease of rerouting traffic in IP networks without renumbering every host.
Page 103: Configuration
M2M Cellular Gateway 2.5.1 Configuration NAT Loopback This feature allows you to access the WAN global IP address from your inside NAT local network. It is useful when you run a server inside your network. For example, if you set a mail server at LAN side, your local devices can access this mail server through gateway’s global IP address when enable NAT loopback feature.
Page 104: Virtual Server & Virtual Computer
M2M Cellular Gateway 2.5.2 Virtual Server & Virtual Computer There are some important Pot Forwarding functions implemented within the gateway, including "Virtual Server", "NAT loopback" and "Virtual Computer". It is necessary for cooperate staffs who travel outside and want to access various servers behind office gateway.
Page 105 M2M Cellular Gateway Virtual Server & NAT Loopback "Virtual Server" allows you to access servers with the global IP address or FQDN of the gateway as if they are servers existed in the Internet. But in fact, these servers are located in the Intranet and are physically behind the gateway.
Page 106 M2M Cellular Gateway Virtual Server & Virtual Computer Setting Go to Basic Network > Port Forwarding > Virtual Server & Virtual Computer tab. Enable Virtual Server and Virtual Computer Configuration Item Value setting Description The box is unchecked by Virtual Server Check the Enable box to activate this port forwarding function default The box is checked by...
Page 107 M2M Cellular Gateway Virtual Server Rule Configuration Item Value setting Description Define the selected interface to be the packet-entering interface of the gateway. If the packets to be filtered are coming from WAN-x then select WAN-x for this 1. A Must filled setting field.
Page 108 M2M Cellular Gateway Port is the same with Public Port number. Public Port is selected Single Port and specify a port number, and Private Port can be set a Single Port number. Public Port is selected Port Range and specify a port range, and Private Port can be selected Single Port or Port Range.
Page 109 M2M Cellular Gateway Create / Edit Virtual Computer The gateway allows you to custom your Virtual Computer rules. It supports up to a maximum of 20 rule-based Virtual Computer sets. When Add button is applied, Virtual Computer Rule Configuration screen will appear. Virtual Computer Rule Configuration Item Value setting...
Page 110: Dmz & Pass Through
M2M Cellular Gateway 2.5.3 DMZ & Pass Through DMZ (De Militarized Zone) Host is a host that is exposed to the Internet cyberspace but still within the protection of firewall by gateway device. So, the function allows a computer to execute 2-way communication for Internet games, Video conferencing, Internet telephony and other special applications.
Page 111 M2M Cellular Gateway VPN Pass through Scenario Since VPN traffic is different from that of TCP or UDP connection, it will be blocked by NAT gateway. To support the pass through function for the VPN connections initiating from VPN clients behind NAT gateway, the gateway must implement some kind of VPN pass through function for such application.
Page 112 M2M Cellular Gateway It can be selected WAN-x box when WAN-x enabled. Note: The available check boxes (WAN-1 ~ WAN-4) depend on the number of WAN interfaces for the product. Pass Through Enable The boxes are checked by Check the box to enable the pass through function for the IPSec, PPTP, and default L2TP.
Page 113: Routing
M2M Cellular Gateway 2.6 Routing If you have more than one router and subnet, you will need to enable routing function to allow packets to find proper routing path and allow different subnets to communicate with each other. Routing is the process of selecting best paths in a network.
Page 114: Static Routing
M2M Cellular Gateway 2.6.1 Static Routing "Static Routing" function lets you define the routing paths for some dedicated hosts/servers or subnets to store in the routing table of the gateway. The gateway routes incoming packets to different peer gateways based on the routing table.
Page 115 M2M Cellular Gateway Static Routing Setting Go to Basic Network > Routing > Static Routing Tab. There are three configuration windows for static routing feature, including "Configuration", "Static Routing Rule List" and "Static Routing Rule Configuration" windows. "Configuration" window lets you activate the global static routing feature.
Page 116 M2M Cellular Gateway of each static routing rule can let you modify the rule. IPv4 Static Routing Item Value setting Description 1. IPv4 Format Destination IP Specify the Destination IP of this static routing rule. 2. A Must filled setting 255.255.255.0 (/24) is set by Subnet Mask Specify the Subnet Mask of this static routing rule.
Page 117: Dynamic Routing
M2M Cellular Gateway 2.6.2 Dynamic Routing Dynamic Routing, also called adaptive routing, describes the capability of a system, through which routes are characterized by their destination, to alter the path that the route takes through the system in response to a change in network conditions.
Page 118 M2M Cellular Gateway RIP Scenario The Routing Information Protocol (RIP) is one of the oldest distance-vector routing protocols, which employs the hop count as a routing metric. RIP prevents routing loops by implementing a limit on the number of hops allowed in a path from the source to a destination.
Page 119 M2M Cellular Gateway Dynamic Routing Setting Go to Basic Network > Routing > Dynamic Routing Tab. The dynamic routing setting allows user to customize RIP, and OSPF protocols through the router based on their office setting. In the "Dynamic Routing" page, there are several configuration windows for dynamic routing feature. They are the "RIP Configuration"...
Page 120 M2M Cellular Gateway OSPF Configuration Item Value setting Description OSPF Disable is set by default Click Enable box to activate the OSPF protocol. 1. IPv4 Format Router ID The Router ID of this router on OSPF protocol 2. A Must filled setting The Authentication method of this router on OSPF protocol.
Page 121 M2M Cellular Gateway OSPF Area Configuration Item Value setting Description 1. Classless Inter Domain Routing (CIDR) Subnet Area Subnet Mask Notation. (Ex: The Area Subnet of this router on OSPF Area List. 192.168.1.0/24) 2. A Must filled setting 1. IPv4 Format Area ID The Area ID of this router on OSPF Area List.
Page 122: Routing Information
M2M Cellular Gateway 2.6.3 Routing Information The routing information allows user to view the routing table and policy routing information. Policy Routing Information is only available when the Load Balance function is enabled and the Load Balance Strategy is By User Policy Go to Basic Network >...
Page 123: Dns & Ddns
M2M Cellular Gateway 2.7 DNS & DDNS How does user access your server if your WAN IP address changes all the time? One way is to register a new domain name, and maintain your own DNS server. Another simpler way is to apply a domain name to a third- party DDNS service provider.
Page 124 M2M Cellular Gateway DNS & DDNS Setting Go to Basic Network > DNS & DDNS > Configuration Tab. The DNS & DDNS setting allows user to setup Dynamic DNS feature and DNS redirect rules. Setup Dynamic DNS The gateway allows you to custom your Dynamic DNS settings. DDNS (Dynamic DNS) Configuration Item Value setting...
Page 125 M2M Cellular Gateway Setup DNS Redirect DNS redirect is a special function to redirect certain traffics to a specified host. Administator can manage the internet / intranet traffics that are going to access some restricted DNS and force those traffics to be redirected to a specified host.
Page 126 M2M Cellular Gateway 2. A Must filled setting Value Range: at least 1 character is required; ‘*’ for any. 1. IPv4 format Enter an IP Address as the target for the DNS redirect. 2. A Must filled setting Specify when will the DNS redirect action can be applied. It can be Always, or WAN Block.
Page 127: Chapter 3 Object Definition
M2M Cellular Gateway Chapter 3 Object Definition 3.1 Scheduling Scheduling provides ability of adding/deleting time schedule rules, which can be applied to other functionality. 3.1.1 Scheduling Configuration Go to Object Definition > Scheduling > Configuration tab. Button description Item Value setting Description Click the Add button to configure time schedule rule Delete...
Page 128 M2M Cellular Gateway Time Period Definition Item Value Setting Description Week Day Select from menu Select everyday or one of weekday Start Time Time format (hh :mm) Start time in selected weekday End Time Time format (hh :mm) End time in selected weekday Save Click Save to save the settings Undo...
Page 129: User (Not Supported)
M2M Cellular Gateway 3.2 User (not supported) Not supported feature for the purchased product, leave it as blank.
Page 130: Grouping (Not Supported)
M2M Cellular Gateway 3.3 Grouping (not supported) Not supported feature for the purchased product, leave it as blank.
Page 131: External Server
M2M Cellular Gateway 3.4 External Server Go to Object Definition > External Server > External Server tab. The External Server setting allows user to add external server. Create External Server When Add button is applied, External Server Configuration screen will appear.
Page 132 M2M Cellular Gateway External Server Configuration Item Value setting Description 1. String format can be Sever Name any text Enter a server name. Enter a name that is easy for you to understand. 2. A Must filled setting Specify the Server Type of the external server, and enter the required settings for the accessing the server.
Page 133 M2M Cellular Gateway The box is checked by Server Click Enable to activate this External Server. default Save Click Save to save the settings Undo Click Undo to cancel the settings Refresh Click the Refresh button to refresh the external server list.
Page 134: Certificate
M2M Cellular Gateway 3.5 Certificate In cryptography, a public key certificate (also known as a digital certificate or identity certificate) is an electronic document used to prove ownership of a public key. The certificate includes information about the key, information about its owner's identity, and the digital signature of an entity that has verified the certificate's contents are genuine.
Page 135: My Certificate
M2M Cellular Gateway 3.5.2 My Certificate My Certificate includes a Local Certificate List. Local Certificate List shows all generated certificates by the root CA for the gateway. And it also stores the generated Certificate Signing Requests (CSR) which will be signed by other external CAs.
Page 136 HQRootCA Key Type: RSA Key Length: 1024-bits Subject Name Country(C): TW State(ST): Taiwan Location(L): Tainan Organization(O): AMITHQ Organization Unit(OU): HQRD Common Name(CN): HQRootCA E-mail: hqrootca@amit.com.tw [My Certificate]-[Local Certificate Configuration] Configuration Path HQCRT Self-signed: ■ Name Key Type: RSA Key Length: 1024-bits...
Page 137 [My Certificate]-[Local Certificate Configuration] BranchCRT Self-signed: □ Name Key Type: RSA Key Length: 1024-bits Subject Name Country(C): TW State(ST): Taiwan Location(L): Tainan Organization(O): AMITBranch Organization Unit(OU): BranchRD Common Name(CN): BranchCRT E-mail: branchcrt@amit.com.tw Configuration Path [IPSec]-[Configuration] ■ Enable IPSec Configuration Path [IPSec]-[Tunnel Configuration] ■...
Page 138 M2M Cellular Gateway Remote Netmask 255.255.255.0 Remote Gateway 203.95.80.22 Configuration Path [IPSec]-[Authentication] Key Management IKE+X.509 Local Certificate: BranchCRT Remote Certificate: HQCRT Local ID User Name Network-B Remote ID User Name Network-A [IPSec]-[IKE Phase] Configuration Path Negotiation Mode Main Mode X-Auth None Scenario Operation Procedure In above diagram, "Gateway 1"...
Page 139 M2M Cellular Gateway My Certificate Setting Go to Object Definition > Certificate > My Certificate tab. The My Certificate setting allows user to create local certificates. In "My Certificate" page, there are two configuration windows for the "My Certificate" function. The "Local Certificate List" window shows the stored certificates or CSRs for representing the gateway.
Page 140 M2M Cellular Gateway Local Certificate Configuration Item Value setting Description Name 1. String format can be any Enter a certificate name. It will be a certificate file name text If Self-signed is checked, it will be signed by root CA. If Self-signed is not 2.
Page 141 M2M Cellular Gateway Import Item Value setting Description Import A Must filled setting Select a certificate file from user’s computer, and click the Apply button to import the specified certificate file to the gateway. PEM Encoded 1. String format can be any This is an alternative approach to import a certificate.
Page 142: Trusted Certificate
M2M Cellular Gateway 3.5.3 Trusted Certificate Trusted Certificate includes Trusted CA Certificate List, Trusted Client Certificate List, and Trusted Client Key List. The Trusted CA Certificate List places the certificates of external trusted CAs. The Trusted Client Certificate List places the others' certificates what you trust. And the Trusted Client Key List places the others’ keys what you trusted.
Page 143 M2M Cellular Gateway For Network-A at HQ Following tables list the parameter configuration as an example for the "Trusted Certificate" function used in the user authentication of IPSec VPN tunnel establishing, as shown in above diagram. The configuration example must be combined with the ones in "My Certificate" and "Issue Certificate" sections to complete the setup for the whole user scenario.
Page 144 M2M Cellular Gateway Import the obtained BranchCRT certificate (the derived BranchCSR certificate after Gateway 1’s root CA signature) into the "Trusted Client Certificate List" of the Gateway 1 and the "Local Certificate List" of the Gateway 2. For more details, refer to the Network-B operation procedure in "My Certificate" section of this manual.
Page 145 M2M Cellular Gateway Trusted Certificate Setting Go to Object Definition > Certificate > Trusted Certificate tab. The Trusted Certificate setting allows user to import trusted certificates and keys. Import Trusted CA Certificate When Import button is applied, a Trusted CA import screen will appear. You can import a Trusted CA certificate from an existed certificate file, or directly paste a PEM encoded string as the certificate.
Page 146 M2M Cellular Gateway Get CA Configuration Item Value setting Description SCEP Server A Must filled setting Select a SCEP Server to identify the SCEP server for use. The server detailed information could be specified in External Servers. Refer to Object Definition > External Server >...
Page 147 M2M Cellular Gateway Item Value setting Description Import from a A Must filled setting Select a certificate file from user’s computer, and click the Apply button to import the specified certificate file to the gateway. File Import from a 1. String format can be any This is an alternative approach to import a certificate.
Page 148: Chapter 4 Field Communication (Not Supported)
M2M Cellular Gateway Chapter 4 Field Communication (not supported) Not supported feature for the purchased product, leave it as blank.
Page 149: Chapter 5 Security
M2M Cellular Gateway Chapter 5 Security 5.1 VPN A virtual private network (VPN) extends a private network across a public network, such as the Internet. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefitting from the functionality, security and management policies of the private network.
Page 150: Ipsec
M2M Cellular Gateway 5.1.1 IPSec Internet Protocol Security (IPSec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPSec includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session.
Page 151 M2M Cellular Gateway As in the diagram, the clients behind the M2M gateway can access to the host "Host-DC" located in the control center through Site to Host VPN tunnel. Host to Site: On the contrast, for a single host (or mobile user to) to access the resources located in an intranet, the Host to Site scenario can be applied.
Page 152 M2M Cellular Gateway IPSec Setting Go to Security > VPN > IPSec tab. The IPSec Setting allows user to create and configure IPSec tunnels. Enable IPSec Configuration Window Item Value setting Description IPsec Unchecked by default Click the Enable box to enable IPSec function. NetBIOS over IPSec Unchecked by default Click the Enable box to enable NetBIOS over IPSec function.
Page 153 M2M Cellular Gateway Tunnel Configuration Window Item Value setting Description Tunnel Unchecked by default Check the Enable box to activate the IPSec tunnel 1. A Must fill setting Enter a tunnel name. Enter a name that is easy for you to identify. Tunnel Name 2.
Page 154 M2M Cellular Gateway by default tunnel from which to failover to. Note: Failover mode is not available for the gateway with single WAN. 1. A Must fill setting Encapsulation Select the Encapsulation Protocol from the dropdown box for this IPSec tunnel. 2.
Page 155 M2M Cellular Gateway Specify the Remote Subnet IP address and Subnet Mask. Remote Subnet List A Must fill setting Click the Add or Delete button to add or delete Remote Subnet setting. 1. A Must fill setting. Remote Gateway 2. Format can be a Specify the Remote Gateway.
Page 156 M2M Cellular Gateway IKE Phase Window Item Value setting Description 1. A must fill setting Specify the IKE version for this IPSec tunnel. Select v1 or v2 IKE Version 2. v1 is selected by Note: IKE versions will not be available when Dynamic VPN option in Tunnel default Scenario is selected, or AH option in Encapsulation Protocol is selected.
Page 157 M2M Cellular Gateway IKE Proposal Definition Window Item Value setting Description Specify the Phase 1 Encryption method. It can be DES / 3DES / AES-auto / AES- 128 / AES-192 / AES-256. Specify the Authentication method. It can be None / MD5 / SHA1 / SHA2-256. IKE Proposal A Must fill setting Definition...
Page 158 M2M Cellular Gateway IPSec Proposal Definition Window Item Value setting Description Specify the Encryption method. It can be None / DES / 3DES / AES-auto / AES- 128 / AES-192 / AES-256. Note: None is available only when Encapsulation Protocol is set as AH; it is not available for ESP Encapsulation.
Page 159 M2M Cellular Gateway Select Key Management from the dropdown box for this IPSec tunnel. Key Management A Must fill setting In this section Manually is the option selected. Specify the Local ID for this IPSec tunnel to authenticate. Local ID An optional setting Select the Key ID for Local ID and enter the Key ID (English alphabet or number).
Page 160 M2M Cellular Gateway Value Range: 0 ~ FFFF. Specify the Inbound SPI for this IPSec tunnel. Inbound SPI Hexadecimal format Value Range: 0 ~ FFFF. Specify the Encryption Method and Encryption key. Available encryption methods are DES/3DES/AES-128/AES-192/AES-256. 1. A Must fill setting The key length for DES is 16, 3DES is 48, AES-128 is 32, AES-192 is 48, and AES- Encryption 2.
Page 161 M2M Cellular Gateway Tunnel Configuration Window Item Value setting Description Tunnel Unchecked by default Check the Enable box to activate the Dynamic IPSec VPN tunnel. 1. A Must fill setting Enter a tunnel name. Enter a name that is easy for you to identify. Tunnel Name 2.
Page 162 M2M Cellular Gateway 2. Pre-shared Key 8 to IKE+Pre-shared Key: user needs to set a key (8 ~ 32 characters). 32 characters. Specify the Local ID for this IPSec tunnel to authenticate. Select User Name for Local ID and enter the username. The username may include but can’t be all numbers.
Page 163: Openvpn
M2M Cellular Gateway 5.1.2 OpenVPN OpenVPN is an application that implements virtual private network (VPN) techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses a custom security protocol that utilizes SSL/TLS for key exchange. It is capable of traversing network address translators (NATs) and firewalls.
Page 164 M2M Cellular Gateway assigned a virtual IP (10.8.0.2) which is belong to a virtual subnet that is different to the local subnet in Control Center. With such connection, the local networked devices will get a virtual IP 10.8.0.x if its traffic goes through the OpenVPN TUN connection when Redirect Internet Traffic settings is enabled;...
Page 165 M2M Cellular Gateway Open VPN Setting Go to Security > VPN > OpenVPN tab. The OpenVPN setting allows user to create and configure OpenVPN tunnels. Enable OpenVPN Configuration Item Value setting Description OpenVPN The box is unchecked by Check the Enable box to activate the OpenVPN function. default Client Client...
Page 166 M2M Cellular Gateway As an OpenVPN Client If Client is selected, an OpenVPN Client List screen will appear. When Add button is applied, OpenVPN Client Configuration screen will appear. OpenVPN Client Configuration window let you specify the required parameters for an OpenVPN VPN client, such as "OpenVPN Client Name", "Interface", "Protocol", "Tunnel Scenario", "Remote IP/FQDN", "Remote Subnet", "Authorization Mode", "Encryption Cipher", "Hash Algorithm"...
Page 167 M2M Cellular Gateway OpenVPN Client Configuration Item Value setting Description OpenVPN Client A Must filled setting The OpenVPN Client Name will be used to identify the client in the tunnel list. Name Value Range: 1 ~ 32 characters. Interface 1. A Must filled setting Define the physical interface to be used for this OpenVPN Client tunnel.
Page 168 M2M Cellular Gateway Remote Endpoint IP A Must filled setting Specify the virtual Remote Endpoint IP Address of the peer OpenVPN gateway. Address Value Range: The IP format is 10.8.0.x, the range of x is 1~254. Note: Remote Endpoint IP Address will be available only when Static Key is chosen in Authorization Mode.
Page 169 M2M Cellular Gateway When Advanced Configuration is selected, an OpenVPN Client Advanced Configuration screen will appear. OpenVPN Advanced Client Configuration Item Value setting Description TLS Cipher 1. A Must filled setting. Specify the TLS Cipher from the dropdown list. 2. TLS-RSA-WITH- It can be None / TLS-RSA-WITH-RC4-MD5 / TLS-RSA-WITH-AES128-SHA / TLS- AES128-SHA is selected RSA-WITH-AES256-SHA / TLS-DHE-DSS-AES128-SHA / TLS-DHE-DSS-AES256-...
Page 170 M2M Cellular Gateway User Name An Optional setting. Enter the User account for connecting to an OpenVPN server, if the server required it. Note: User Name will be available only when TLS is chosen in Authorization Mode. Password An Optional setting. Enter the Password for connecting to an OpenVPN server, if the server required it.
Page 171: L2Tp
M2M Cellular Gateway 5.1.3 L2TP Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support virtual private networks (VPNs) or as part of the delivery of services by ISPs. It does not provide any encryption or confidentiality by itself. Rather, it relies on an encryption protocol that it passes within the tunnel to provide privacy.
Page 172 M2M Cellular Gateway remote L2TP server peer controls the flow of any packets from the L2TP client peer. Certainly, those packets come through the L2TP tunnel. L2TP Setting Go to Security > VPN > L2TP tab. The L2TP setting allows user to create and configure L2TP tunnels. Enable L2TP Enable L2TP Window Item...
Page 173 M2M Cellular Gateway...
Page 174 M2M Cellular Gateway Create/Edit L2TP Client When Add/Edit button is applied, a series of configuration screen will appear. You can add up to 8 L2TP Clients. L2TP Client Configuration Item Setting Value setting Description Enter a tunnel name. Enter a name that is easy for you to identify. Tunnel Name A Must filled setting Value Range: 1 ~ 32 characters.
Page 175 M2M Cellular Gateway The same applies to other WAN interfaces (e.g. WAN-2). 1. A Must filled setting Define operation mode for the L2TP Tunnel. It can be Always On, or Failover. 2. Alwasy on is If this tunnel is set as a failover tunnel, you need to further select a primary Operation Mode selected by default tunnel from which to failover to.
Page 176 M2M Cellular Gateway Cisco), or User-defined. Auto: The system determines the service port. 1701 (for Cisco): The system use port 1701 for connecting with CISCO L2TP Server. User-defined: Enter the service port. The default value is 0. Value Range: 0 ~ 65535. Tunnel Unchecked by default Check the Enable box to enable this L2TP tunnel.
Page 177: Pptp
M2M Cellular Gateway 5.1.4 PPTP Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private networks. PPTP uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets. It is a client-server based technology. There are various levels of authentication and encryption for PPTP tunneling, usually natively as standard features of the Windows PPTP stack.
Page 178 M2M Cellular Gateway accessing of PPTP client peer, will go through the established PPTP tunnel. That means the remote PPTP server peer controls the flow of any packets from the PPTP client peer. Certainly, those packets come through the PPTP tunnel. PPTP Setting Go to Security >...
Page 179 M2M Cellular Gateway Create/Edit PPTP Client When Add/Edit button is applied, a series PPTP Client Configuration will appear. PPTP Client Configuration Window Item Value setting Description A Must fill setting Enter a tunnel name. Enter a name that is easy for you to identify. Tunnel Name Value Range: 1 ~ 32 characters.
Page 180 M2M Cellular Gateway 1. A Must fill setting. Enter the public IP address or the FQDN of the PPTP server. Remote IP/FQDN 2. Format can be a ipv4 address or FQDN A Must fill setting Enter the User Name for this PPTP tunnel to be authenticated when connect to User Name PPTP server.
Page 181: Gre
M2M Cellular Gateway 5.1.5 GRE Generic Routing Encapsulation (GRE) is a tunneling protocol developed by Cisco Systems that encapsulates a wide variety of network layer protocols inside virtual point-to-point links over an Internet Protocol internetwork. Deploy a M2M gateway for remote site and establish a virtual private network with control center by using GRE tunneling.
Page 182 M2M Cellular Gateway If the GRE server supports DMVPN Hub function, like Cisco router as the VPN concentrator, the GRE client can active the DMVPN spoke function here since it is implemented by GRE over IPSec tunneling. GRE Setting Go to Security > VPN > GRE tab. The GRE setting allows user to create and configure GRE tunnels.
Page 183 M2M Cellular Gateway GRE Rule Configuration Window Item Value setting Description Enter a tunnel name. Enter a name that is easy for you to identify. Tunnel Name A Must fill setting Value Range: 1 ~ 9 characters. 1. A Must fill setting Select the interface on which GRE tunnel is to be established.
Page 184 M2M Cellular Gateway connection performance. Value Range: 0 ~ 1500. Enter the Key for the GRE connection. An Optional setting Value Range: 0 ~ 9999999999. 1. A Must fill setting Specify TTL hop-count value for this GRE tunnel. 2. 1 to 255 range Value Range: 1 ~ 255.
Page 185: Firewall
M2M Cellular Gateway 5.2 Firewall The firewall functions include Packet Filter, URL Blocking, Content Filter, MAC Control, Application Filter, IPS and some firewall options. The supported function can be different for the purchased gateway. 5.2.1 Packet Filter...
Page 186 M2M Cellular Gateway "Packet Filter" function can let you define some filtering rules for incoming and outgoing packets. So the gateway can control what packets are allowed or blocked to pass through it. A packet filter rule should indicate from and to which interface the packet enters and leaves the gateway, the source and destination IP addresses, and destination service port type and port number.
Page 187 M2M Cellular Gateway default When Deny those match the following rules is selected, as the name suggest, Deny those match the Black List / packets specified in the rules will be blocked –black listed. In contrast, with following rules is set by White List Allow those match the following rules, you can specifically white list the default...
Page 188 M2M Cellular Gateway any text Value Range: 1 ~ 30 characters. 2. A Must filled setting Define the selected interface to be the packet-entering interface of the router. If the packets to be filtered are coming from LAN to WAN then select LAN for this field.
Page 189 M2M Cellular Gateway For Protocol, select UDP to filter UDP packets Then for Source Port, select a predefined port dropdown box when Well-known Service is selected, otherwise select User-defined Service and specify a port range. Then for Destination Port, select a predefined port dropdown box when Well- known Service is selected, otherwise select User-defined Service and specify a port range.
Page 190: Url Blocking
M2M Cellular Gateway 5.2.2 URL Blocking "URL Blocking" function can let you define blocking or allowing rules for incoming and outgoing Web request packets. With defined rules, gateway can control the Web requests containing the complete URL, partial domain name, or pre-defined keywords. For example, one can filter out or allow only the Web requests based on domain input suffixes like .com or .org or keywords like “bct”...
Page 191 M2M Cellular Gateway URL Blocking Setting Go to Security > Firewall > URL Blocking Tab. In "URL Blocking" page, there are three configuration windows. They are the "Configuration" window, "URL Blocking Rule List" window, and "URL Blocking Rule Configuration" window. The "Configuration"...
Page 192 M2M Cellular Gateway When Add button is applied, the URL Blocking Rule Configuration screen will appear. URL Blocking Rules Configuration Value setting Description Item 1. String format can be any Specify an URL Blocking rule name. Enter a name that is easy for you to Rule Name text understand.
Page 193 M2M Cellular Gateway Schedule Rule Definition > Scheduling > Configuration tab. The box is unchecked by Click the Enable box to activate this rule. Rule default. Save Click the Save button to save the settings. Undo Click the Undo button to cancel the changes. Back Click the Back button to return to the URL Blocking Configuration page.
Page 194: Mac Control
M2M Cellular Gateway 5.2.3 MAC Control "MAC Control" function allows you to assign the accessibility to the gateway for different users based on device’s MAC address. When the administrator wants to reject the traffics from some client hosts with specific MAC addresses, he can use the "MAC Control"...
Page 195 M2M Cellular Gateway MAC Control Setting Go to Security > Firewall > MAC Control Tab. The MAC control setting allows user to create and customize MAC address policies to allow or reject packets with specific source MAC address. Enable MAC Control Configuration Window Item Value setting...
Page 196 M2M Cellular Gateway Create/Edit MAC Control Rules The gateway supports up to a maximum of 20 filter rule sets. Ensure that the MAC Control is enabled before we can create control rules. When Add button is applied, Filter Rule Configuration screen will appear. MAC Control Rule Configuration Item Value setting...
Page 197: Content Filter (Not Supported)
M2M Cellular Gateway 5.2.4 Content Filter (not supported) Not supported feature for the purchased product, leave it as blank.
Page 198: Application Filter (Not Supported)
M2M Cellular Gateway 5.2.5 Application Filter (not supported) Not supported feature for the purchased product, leave it as blank.
Page 199: Ips
M2M Cellular Gateway 5.2.6 IPS To provide application servers in the Internet, administrator may need to open specific ports for the services. However, there are some risks to always open service ports in the Internet. In order to avoid such attack risks, it is important to enable IPS functions.
Page 200 M2M Cellular Gateway IPS Setting Go to Security > Firewall > IPS Tab. The Intrusion Prevention System (IPS) setting allows user to customize intrusion prevention rules to prevent malicious packets. Enable IPS Firewall Configuration Window Item Value setting Description The box is unchecked by Check the Enable box to activate IPS function default The box is unchecked by...
Page 201 M2M Cellular Gateway Setup Intrusion Prevention Rules Item Name Value setting Description SYN Flood Click Enable box to activate this intrusion prevention rule and Defense 1. A Must filled setting enter the traffic threshold in this field. UDP Flood 2. The box is unchecked by default. Click Enable box to activate this intrusion prevention rule and Defense 3.
Page 202 M2M Cellular Gateway Block Traceroute Block Fraggle Attack 1. A Must filled setting 2. The box is unchecked by default. Click Enable box to activate this intrusion prevention rule and ARP Spoofing 3. Traffic threshold is set to 300 by default enter the traffic threshold in this field.
Page 203: Options
M2M Cellular Gateway 5.2.7 Options There are some additional useful firewall options in this page. “Stealth Mode” lets gateway not to respond to port scans from the WAN so that makes it less susceptible to discovery and attacks on the Internet. ”SPI” enables gateway to record the packet information like IP address, port address, ACK, SEQ number and so on while they pass through the gateway, and the gateway checks every incoming packet to detect if this packet is valid.
Page 204 M2M Cellular Gateway Enable SPI Scenario As shown in the diagram, Gateway has the IP address of 118.18.81.200 for WAN interface and 192.168.1.253 for LAN interface. It serves as a NAT gateway. Users in Network-A initiate to access cloud server through the gateway. Sometimes, unknown users will simulate the packets but use different source IP to masquerade.
Page 205 M2M Cellular Gateway Firewall Options Item Value setting Description The box is unchecked by Stealth Mode Check the Enable box to activate the Stealth Mode function default The box is checked by Check the Enable box to activate the SPI function default Discard Ping The box is unchecked by...
Page 206 M2M Cellular Gateway 1. 80 for HTTP by default This field is to specify a Service Port to HTTP or HTTPS connection. Service Port 2. 443 for HTTPS by Value Range: 1 ~ 65535. default Enabling the The box is unchecked by Click Enable box to activate this rule.
Page 207: Chapter 6 Administration
M2M Cellular Gateway Chapter 6 Administration 6.1 Configure & Manage Configure & Manage refers to enterprise-wide administration of distributed systems including (and commonly in practice) computer systems. Centralized management has a time and effort trade-off that is related to the size of the company, the expertise of the IT staff, and the amount of technology being used.
Page 208: Command Script
M2M Cellular Gateway 6.1.1 Command Script Command script configuration is the application that allows administrator to setup the pre-defined configuration in plain text style and apply configuration on startup. Go to Administration > Command Script > Configuration Tab. Enable Command Script Configuration Configuration Item Value setting...
Page 209 M2M Cellular Gateway Edit/Backup Plain Text Command Script You can edit the plain text configuration settings in the configuration screen as above. Plain Text Configuration Item Value setting Description Clean Clean text area. (You should click Save button to further clean the configuration already saved in the system.) Backup Backup and download configuration.
Page 210 M2M Cellular Gateway • TLS ->The OpenVPN will use TLS authorization mode, and the following items CA Cert., Client Cert. and Client Key need to specify as well. OPENVPN_CA_CERT A Must filled Specify the Trusted CA certificate for the OpenVPN client. It will go Setting through Base64 Conversion.
Page 211 M2M Cellular Gateway (ex: txtConfig enable) disable Disable plain text system config. (ex: txtConfig disable) run_immediately Apply the configuration content that has been committed in database. (ex: txtConfig run_immediately) run_immediately a existing file Assign a configuration file to apply. (ex: txtConfig run_immediately /tmp/config)
Page 212: 212
M2M Cellular Gateway 6.1.2 TR-069 TR-069 (Technical Report 069) is a Broadband Forum technical specification entitled CPE WAN Management Protocol (CWMP). It defines an application layer protocol for remote management of end-user devices, like this gateway device. As a bidirectional SOAP/HTTP-based protocol, it provides the communication between customer-premises equipment (CPE) and Auto Configuration Servers (ACS).
Page 213 M2M Cellular Gateway Following tables list the parameter configuration as an example for the Gateway 1 in above diagram with "TR-069" enabling. Use default value for those parameters that are not mentioned in the tables. [TR-069]-[Configuration] Configuration Path ■ Enable TR-069 ACS URL http://qa.acslite.com/cpe.php...
Page 214 M2M Cellular Gateway TR-069 Setting Go to Administration > Configure & Manage > TR-069 tab. In "TR-069" page, there is only one configuration window for TR-069 function. In the window, you must specify the related information for your security gateway to connect to the ACS. Drive the function to work by specifying the URL of the ACS server, the account information to login the ACS server, the service port and the account information for connection requesting from the ACS server, and the time interval for job inquiry.
Page 215 M2M Cellular Gateway The box is unchecked by TR-069 Check the Enable box to activate TR-069 function. default When you finish set basic network WAN-1 ~ WAN-n, you can choose WAN-1 ~ WAN-n WAN-1 is selected by Interface When you finish set Security > VPN > IPSec/OpenVPN/PPTP/L2TP/GRE, you default.
Page 216 M2M Cellular Gateway STUN Settings Configuration Item Value setting Description The box is checked by STUN Check the Enable box to activate STUN function. default 1. String format: any Specify the IP address for the expected STUN Server. Server Address IPv4 address 2.
Page 217: Snmp
M2M Cellular Gateway 6.1.3 SNMP In brief, SNMP, the Simple Network Management Protocol, is a protocol designed to give a user the capability to remotely manage a computer network by polling and setting terminal values and monitoring network events. In typical SNMP uses, one or more administrative computers, called managers, have the task of monitoring or managing a group of hosts or devices on a computer network.
Page 218 M2M Cellular Gateway the Intranet and manage all devices that support SNMP protocol in the Intranet. Another one is the Remote NMS to manage some devices whose WAN interfaces are connected together by using a switch or a router with UDP forwarding. If you want to manage some devices and they all have supported SNMP protocol, use either one application scenario, especially the management of devices in the Intranet.
Page 219 M2M Cellular Gateway At first stage, the NMS manager prepares related information for all managed devices and records them in the NMS system. Then NMS system gets the status of all managed devices by using SNMP get commands. When the manager wants to configure the managed devices, the NMS system allows him to do that by using SNMP set commands.
Page 220 M2M Cellular Gateway SNMP Setting Go to Administration > Configure & Manage > SNMP tab. The SNMP allows user to configure SNMP relevant setting which includes interface, version, access control and trap receiver. Enable SNMP SNMP Item Value setting Description Select the interface for the SNMP and enable SNMP functions.
Page 221 M2M Cellular Gateway 1. String format: any Specify the SNMP Port. port number You can fill in any port number. But you must ensure the port number is not to SNMP Port 2. The default SNMP be used. port is 161. Value Range: 1 ~ 65535.
Page 222 M2M Cellular Gateway Create/Edit User Privacy The SNMP allows you to custom your access control for version 3 user. The router supports up to a maximum of 128 User Privacy sets. When Add button is applied, User Privacy Rule Configuration screen will appear. User Privacy Rule Configuration Item Value setting...
Page 223 M2M Cellular Gateway Privacy Mode 1. noAuthNoPriv is Specify the Privacy Mode for this version 3 user. selected by default Selected the noAuthNoPriv. You do not use any authentication types and encryption protocols. Selected the authNoPriv. You must specify the Authentication and Password. Selected the authPriv.
Page 224 M2M Cellular Gateway When you selected v2c, the configuration screen is exactly the same as that of v1, except the version. When you selected v3, the configuration screen will provide more setting items for the version 3 Trap. Trap Event Receiver Rule Configuration Item Value setting Description...
Page 225 M2M Cellular Gateway Select the version for the trap Selected the v1. The configuration screen will provide the version 1 must filled items. 1. v1 is selected by SNMP Version Selected the v2c. default The configuration screen will provide the version 2c must filled items. Selected the v3.
Page 226 M2M Cellular Gateway Specify SNMP MIB-2 System If required, you can also specify the required onformation the the MIB-2 System. SNMP MIB-2 System Configuration Item Value setting Description sysContact 1. An Optional filled Specify the contact information forMIB-2 system. setting Value Range: 0 ~ 64 characters.
Page 227 M2M Cellular Gateway Item Value setting Description 1. The default value is Default Specify the Enterprise Name for the particular private MIB. Enterprise Name 2. A Must filled setting Value Range: 1 ~ 10 characters, and only string with A~Z, a~z, 0~9, ’–‘, ‘_’. 3.
Page 228: Telnet & Ssh
M2M Cellular Gateway 6.1.4 Telnet & SSH A command-line interface (CLI), also known as command-line user interface, and console user interface are means of interacting with a computer program where the user (or client) issues commands to the program in the form of successive lines of text (command lines).
Page 229 M2M Cellular Gateway Parameter Setup Example Following table lists the parameter configuration as an example for the Gateway in above diagram with "Telnet with CLI" enabling at LAN and WAN interfaces. Use default value for those parameters that are not mentioned in the table. Configuration Path [Telnet &...
Page 230 M2M Cellular Gateway Telnet & SSH Setting Go to Administration > Configure & Manage > Telnet & SSH tab. The Telnet & SSH setting allows administrator to access this device through the traditional Telnet or SSH Telnet program. Before you can telnet (login) to the device, please configure the related settings and password with care.
Page 231 M2M Cellular Gateway Configuration Item Value setting Description root 1. String: any text but no Type old password and specify new password to change root password. Note_1: You are highly recommended to change the default telnet password with blank character yours before the device is deployed.
Page 232: System Operation
M2M Cellular Gateway 6.2 System Operation System Operation allows the network administrator to manage system, settings such as web-based utility access password change, system information, system time, system log, firmware/configuration backup & restore, and reset & reboot. 6.2.1 Password & MMI Go to Administration >...
Page 233 M2M Cellular Gateway Password Configuration Item Value setting Description 1. String: any text 2. The default password Old Password Enter the current password to enable you unlock to change password. for web-based MMI is ‘admin’. New Password String: any text Enter new password New Password String: any text...
Page 234 M2M Cellular Gateway MMI Configuration Item Value setting Description Enter the login trial counting value. Value Range: 3 ~ 10. If someone tried to login the web GUI with incorrect password for more Login 3 times is set by default than the counting value, an warning message “Already reaching maximum Password-Guessing times, please wait a few seconds!”...
Page 235: System Information
M2M Cellular Gateway 6.2.2 System Information System Information screen gives network administrator a quick look up on the device information for the purchades gateway. Go to Administration > System Operation > System Information tab. System Information Item Value Setting Description Model Name It displays the model name of this product.
Page 236: System Time
M2M Cellular Gateway 6.2.3 System Time The gateway provides manually setup and auto-synchronized approaches for the administrator to setup the system time for the gateway. Go to Administration > System Operation > System Time tab. System Time Information Item Value Setting Description 1.
Page 237 M2M Cellular Gateway The first one is “Sync with Timer Server”. Based on your selection of time zone and time server in above time information configuration window, system will communicate with time server by NTP Protocol to get system date and time after you click on the Sync with Timer Server button. Note: Remember to select a correct time zone for the device, otherwise, you will just get the UTC (Coordinated Universal Time) time, not the local time for the device.
Page 238: System Log
M2M Cellular Gateway 6.2.4 System Log System Log screen contains various event log tools facilitating network administrator to perform local event logging and remote reporting. Go to Administration > System Operation > System Log tab. View & Email Log History View button is provided for network administrator to view log history on the gateway.
Page 239 M2M Cellular Gateway Web Log List Window Item Value Setting Description Time column It displays event time stamps Log column It displays Log messages Web Log List Button Description Item Value setting Description Previous Click the Previous button to move to the previous page. Next Click the Next button to move to the next page.
Page 240 M2M Cellular Gateway Web Log Type Category Setting Window Item Value Setting Description System Checked by default Check to log system events and to display in the Web Log List window. Attacks Checked by default Check to log attack events and to display in the Web Log List window. Drop Checked by default Check to log packet drop events and to display in the Web Log List window.
Page 241 M2M Cellular Gateway Syslogd Syslogd screen allows network administrator to select the type of event to log and be sent to the designated Syslog server. Syslogd Setting Window Item Value Setting Description Enable Un-checked by default Check Enable box to activate the Syslogd function, and send event logs to a syslog server Select one syslog server from the Server dropdown box to sent event log to.
Page 242: Backup & Restore
M2M Cellular Gateway 6.2.5 Backup & Restore In the Backup & Restore window, you can upgrade the device firmware when new firmware is available and also backup / restore the device configuration. In addition to the factory default settings, you can also customize a special configuration setting as a customized default value.
Page 243: Reboot & Reset
M2M Cellular Gateway 6.2.6 Reboot & Reset For some special reason or situation, you may need to reboot the gateway or reset the device configuration to its default value. In addition to perform these operations through the Power ON/OFF, or pressing the reset button on the device panel, you can do it through the web GUI too.
Page 244: Ftp (Not Supported)
M2M Cellular Gateway 6.3 FTP (not supported) Not supported feature for the purchased product, leave it as blank.
Page 245: Diagnostic
M2M Cellular Gateway 6.4 Diagnostic This gateway supports simple network diagnosis tools for the administrator to troubleshoot and find the root cause of the abnormal behavior or traffics passing through the gateway. There can be a Packet Analyzer to help record the packets for a designated interface or specific source/destination host, and another Ping and Tracert tools for testing the network connectivity issues.
Page 246: Packet Analyzer
M2M Cellular Gateway 6.4.2 Packet Analyzer The Packet Analyzer can capture packets depend on user settings. User can specify interfaces to capture packets and filter by setting rule. Ensure the log storage is available (either embedded SD-Card or external USB Storage), otherwise Packet Analyzer cannot be enabled.
Page 247 M2M Cellular Gateway Select Binary mode or String mode for the serial interface. VAP: This means the virtual AP. When WiFi and VAP are enabled,  it can be selected here. Save Click the Save button to save the configuration. Click the Undo button to restore what you just configured back to the Undo previous setting.
Page 248 M2M Cellular Gateway Source IPs Optional setting Define the filter rule with Source IPs, which means the source IP address of packets. Packets which match the rule will be captured. Up to 10 IPs are supported, but they must be separated with “;”, e.g.
Page 249: Chapter 7 Service
M2M Cellular Gateway Chapter 7 Service 7.1 Cellular Toolkit Besides cellular data connection, you may also like to monitor data usage of cellular WAN, sending text message through SMS, changing code card, communicating with carrier/ISP by USSD command, or doing a cellular network scan for diagnostic purpose.
Page 250: Data Usage
M2M Cellular Gateway 7.1.1 Data Usage Most of data plan for cellular connection is with a limited amount of data usage. If data usage has been over limited quota, either you will get much lower data throughput that may affect your daily operation, or you will get a ‘bill shock’...
Page 251 M2M Cellular Gateway Data Usage Setting Go to Service > Cellular Toolkit > Data Usage tab. Before finished settings for Data Usage, you need to know bill start date, bill period, and quota limit of data usage according to your data plan. You can ask this information from your carrier or ISP. Create / Edit 3G/4G Data Usage Profile When Add button is applied, 3G/4G Data Usage Profile Configuration screen will appear.
Page 252 M2M Cellular Gateway Data Limitation Specify the allowable data limitation for the defined cycle period. Connection Un-Checked by default. Check the Enable box to activate the connection restriction function. Restrict During the specified cycle period, if the actual data usage exceeds the allowable data limitation, the cellular connection will be forced to disconnect.
Page 253: Sms
M2M Cellular Gateway 7.1.2 SMS Short Message Service (SMS) is a text messaging service, which is used to be widely-used on mobile phones. It uses standardized communications protocols to allow mobile phones or cellular devices to exchange short text messages in an instant and convenient way. SMS Setting Go to Service >...
Page 254 M2M Cellular Gateway SMS Summary Show Unread SMS, Received SMS, Remaining SMS, and edit SMS context to send, read SMS from SIM card. SMS Summary Item Value setting Description If SIM card insert to router first time, unread SMS value is zero. When received the Unread SMS new SMS but didn’t read, this value plus one.
Page 255 M2M Cellular Gateway New SMS Item Value setting Description Write the receivers to send SMS. User need to add the semicolon and compose Receivers multiple receivers that can group send SMS. Write the SMS context to send SMS. The router supports up to a maximum of Text Message 1023 character for SMS context length.
Page 256: Sim Pin
M2M Cellular Gateway 7.1.3 SIM PIN With most cases in the world, users need to insert a SIM card (a.k.a. UICC) into end devices to get on cellular network for voice service or data surfing. The SIM card is usually released by mobile operators or service providers.
Page 257 M2M Cellular Gateway SIM PIN Setting Go to Service > Cellular Toolkit > SIM PIN Tab With the SIM PIN Function window, it allows you to enable or disable SIM lock (which means protected by PIN code), or change PIN code. You can also see the information of remaining times of failure trials as we mentioned earlier.
Page 258 M2M Cellular Gateway Enable / Change PIN Code Enable or Disable PIN code (password) function, and even change PIN code function. SIM function Window Item Setting Value setting Description SIM lock Depend on SIM card Click the Enable button to activate the SIM lock function. For the first time you want to enable the SIM lock function, you have to fill in the PIN code as well, and then click Save button to apply the setting.
Page 259 M2M Cellular Gateway specified in the Basic Network > WAN & Uplink > Internet Setup > Connection with SIM Card page. Otherwise, it may result in wrong SIM PIN trials with invalid (old) PIN code. Unlock with a PUK Code The PUK Function window is only available for configuration if that SIM card is locked by PUK code.
Page 260: Ussd
M2M Cellular Gateway 7.1.4 USSD Unstructured Supplementary Service Data (USSD) is a protocol used by GSM cellular telephones to communicate with the service provider's computers. USSD can be used for WAP browsing, prepaid callback service, mobile-money services, location-based content services, menu-based information services, and as part of configuring the phone on the network.
Page 261 M2M Cellular Gateway USSD Setting Go to Service > Cellular Toolkit > USSD tab. In "USSD" page, there are four windows for the USSD function. The "Configuration" window can let you specify which 3G/4G module (physical interface) is used for the USSD function, and system will show which SIM card in the module is the current used one.
Page 262 M2M Cellular Gateway USSD Profile Configuration Item Value setting Description Profile Name Enter a name for the USSD profile. Enter the USSD command defined for the profile. Normally, it is a command string composed with numeric keypad “0~9”, “*”, USSD Command and “#”.
Page 263: Network Scan
M2M Cellular Gateway 7.1.5 Network Scan "Network Scan" function can let administrator specify the device how to connect to the mobile system for data communication in each 3G/4G interface. For example, administrator can specify which generation of mobile system is used for connection, 2G, 3G or LTE. Moreover, he can define their connection sequence for the gateway device to connect to the mobile system automatically.
Page 264 M2M Cellular Gateway Save Click Save to save the settings The second window is the "Network Provider List" window and it appears when the Manually Scan Approach is selected in the Configuration window. By clicking on the "Scan" button and wait for 1 to 3 minutes, the found mobile operator system will be displayed for you to choose.
Page 265: Event Handling
M2M Cellular Gateway 7.2 Event Handling Event handling is the application that allows administrator to setup the pre-defined events, handlers, or response behavior with individual profiles. With properly configuring the event handling function, administrator can easily and remotely obtain the status and information via the purchased gateway. The supported events are categorized into two groups: the managing events and notifying events.
Page 266: Configuration
M2M Cellular Gateway 7.2.1 Configuration Go to Service > Event Handling > Configuration Tab. Event handling is the service that allows administrator to setup the pre-defined events, handlers, or response behavior with individual profiles. Enable Event Management Configuration Item Value setting Description Event The box is unchecked by...
Page 267 M2M Cellular Gateway Physical Interface Choose a cellular interface (3G/4G-1 or 3G/4G-2) to configure the SMS The box is 3G/4G-1 by management setting. default. Note: 3G/4G-2 is only available for for the product with dual cellular module. SIM Status Show the connected cellular service (identified with SIM_A or SIM_B). Delete Managed The box is unchecked Check the Enable box to delete the received managing event SMS after it has...
Page 268 M2M Cellular Gateway default. received a SMS managing event. The confirmed message is similar to following format: “Device received a SMS with command xxxxx.” Enable The box is unchecked by Click Enable box to activate this account. default. Save Click the Save button to save the configuration. Create / Edit Email Service Account Setup the Email Service Account for event notification.
Page 269: Managing Events
M2M Cellular Gateway 7.2.2 Managing Events Managing Events allow administrator to define the relationship (rule) among event trigger, handlers and response. Go to Service > Event Handling > Managing Events Tab. Enable Managing Events Configuration Item Value setting Description Managing The box is unchecked by Check the Enable box to activate the Managing Events function.
Page 270 M2M Cellular Gateway Managing Event Configuration Item Value setting Description Event SMS (or SNMP Trap) by Specify the Event type (SMS, SNMP Trap) and an event identifier / profile. default SMS: Select SMS and fill the message in the textbox to as the trigger condition for the event;...
Page 271: Notifying Events
M2M Cellular Gateway 7.2.3 Notifying Events Go to Service > Event Handling > Notifying Events Tab. Notifying Events Setting allows administrator to define the relationship (rule) between event trigger and handlers. Enable Notifying Events Configuration Item Value setting Description Notifying Events The box is unchecked by Check the Enable box to activate the Notifying Events function.
Page 272 M2M Cellular Gateway Notifying Event Configuration Item Value setting Description Event WAN is selected by default Specify the Event type and corresponding event configuration. The supported Event Type could be: WAN: Select WAN and a trigger condition to specify a certain WAN Event; LAN&VLAN: Select LAN&VLAN and a trigger condition to specify a certain LAN&VLAN Event;...
Page 273: Chapter 8 Status
M2M Cellular Gateway Chapter 8 Status 8.1 Dashboard (not supported) Not supported feature for the purchased product, leave it as blank.
Page 274: Basic Network
M2M Cellular Gateway 8.2 Basic Network 8.2.1 WAN & Uplink Status Go to Status > Basic Network > WAN & Uplink tab. The WAN & Uplink Status window shows the current status for different network type, including network configuration, connecting information, modem status and traffic statistics. The display will be refreshed on every five seconds.
Page 275 M2M Cellular Gateway Status are Connected or disconnected. This area provides functional buttons. Renew button allows user to force the device to request an IP address from the DHCP server. Note: Renew button is available when DHCP WAN Type is used and WAN connection is disconnected.
Page 276 M2M Cellular Gateway Edit Button when pressed, web-based utility will take you to the IPv6 configuration page. (Basic Network > IPv6 > Configuration.) LAN Interface Network Status LAN Interface Network Status screen shows IPv4 and IPv6 information of LAN network. LAN Interface Network Status Item Value setting...
Page 277 M2M Cellular Gateway name will be 3G/4G-1 and 3G/4G-2. Card It displays the vendor’s 3G/4G modem model name. Information It displays the 3G/4G connection status. The status can be Connecting, Connected, Link Status Disconnecting, and Disconnected. Signal It displays the 3G/4G wireless signal level. Strength Network It displays the name of the service network carrier.
Page 278: Lan & Vlan Status
M2M Cellular Gateway 8.2.2 LAN & VLAN Status Go to Status > Basic Network > LAN & VLAN tab. Client List The Client List shows you the LAN Interface, IP address, Host Name, MAC Address, and Remaining Lease Time of each device that is connected to this gateway. LAN Client List Item Value setting...
Page 279: Wifi Status
M2M Cellular Gateway 8.2.3 WiFi Status Go to Status > Basic Network > WiFi tab. The WiFi Status window shows the overall statistics of WiFi VAP entries. WiFi Virtual AP List The WiFi Virtual AP List shows all of the virtual AP information. The Edit button allows for quick configuration changes.
Page 280 M2M Cellular Gateway WiFi Uplink Status The WiFi Uplink Status shows all information of connected WiFi uplink network. WiFi IDS Status Item Value setting Description SSID It displays the network ID of VAP. BSSID It displays the theBSSID for the connected wireless network. Channel It displays the wireless channel used.
Page 281 M2M Cellular Gateway Ensure WIDS function is enabled Go to Basic Network > WiFi > Advanced Configuration tab Note that the WIDS of 2.4G or 5G should be configured separately. WiFi Traffic Statistic The WiFi Traffic Statistic shows all the received and transmitted packets on WiFi network. WiFi Traffic Statistic Item Value setting...
Page 282: Ddns Status
M2M Cellular Gateway 8.2.4 DDNS Status Go to Status > Basic Network > DDNS tab. The DDNS Status window shows the current DDNS service in use, the last update status, and the last update time to the DDNS service server. DDNS Status DDNS Status Item...
Page 283: Security
M2M Cellular Gateway 8.3 Security 8.3.1 VPN Status Go to Status > Security > VPN tab. The VPN Status widow shows the overall VPN tunnel status. The display will be refreshed on every five seconds. IPSec Tunnel Status IPSec Tunnel Status windows show the configuration for establishing IPSec VPN connection and current connection status.
Page 284 M2M Cellular Gateway Connected, Disconnected, Wait for traffic, and Connecting. Click on Edit Button to change IPSec setting, web-based utility will take you Edit Button to the IPSec configuration page. (Security > VPN > IPSec tab) OpenVPN Client Status OpenVPN Client Status Item Value setting Description...
Page 285 M2M Cellular Gateway L2TP Client Status LT2TP Client Status shows the configuration for establishing LT2TP tunnel and current connection status. L2TP Client Status Item Value setting Description Client Name It displays Name for the L2TP Client specified. It displays the WAN interface with which the gateway will use to request Interface PPTP tunneling connection to the PPTP server.
Page 286 M2M Cellular Gateway PPTP Client Status PPTP Client Status shows the configuration for establishing PPTP tunnel and current connection status. PPTP Client Status Item Value setting Description Client Name It displays Name for the PPTP Client specified. It displays the WAN interface with which the gateway will use to request Interface PPTP tunneling connection to the PPTP server.
Page 287: Firewall Status
M2M Cellular Gateway 8.3.2 Firewall Status Go to Status > Security > Firewall Status Tab. The Firewall Status provides user a quick view of the firewall status and current firewall settings. It also keeps the log history of the dropped packets by the firewall rule policies, and includes the administrator remote login settings specified in the Firewall Options.
Page 288 M2M Cellular Gateway The Source IP (IPv4) of the logged packet. The Date and Time stamp of the logged packet. Date & time format. ("Month" Time "Day" "Hours":"Minutes":"Seconds") Note: Ensure URL Blocking Log Alert is enabled. Refer to Security > Firewall > URL Blocking tab. Check Log Alert and save the setting. Web Content Filter Status Web Content Filter Status Item...
Page 289 M2M Cellular Gateway MAC Control Status MAC Control Status Item Value setting Description Activated This is the MAC Control Rule name. Control Rule Blocked MAC This is the MAC address of the logged packet. Addresses The Source IP (IPv4) of the logged packet. The Date and Time stamp of the logged packet.
Page 290 M2M Cellular Gateway IPS Status IPS Firewall Status Item Value setting Description Detected This is the intrusion type of the packets being blocked. Intrusion The Source IP (IPv4) of the logged packet. The Date and Time stamp of the logged packet. Date & time format. ("Month" "Day" Time "Hours":"Minutes":"Seconds") Note: Ensure IPS Log Alert is enabled.
Page 291: Administration
M2M Cellular Gateway 8.4 Administration 8.4.1 Configure & Manage Status Go to Status > Administration > Configure & Manage tab. The Configure & Manage Status window shows the status for managing remote network devices. The type of management available in your device is depended on the device model purchased. The commonly used ones are the SNMP, TR-069, and UPnP.
Page 292 M2M Cellular Gateway TR-069 Status TR-069 Status screen shows the current connection status with the TR-068 server. TR-069 Status Item Value setting Description It displays the current connection status with the TR-068 server. The connection Link Status status is either On when the device is connected with the TR-068 server or Off when disconnected.
Page 293: Statistics & Report
M2M Cellular Gateway 8.5 Statistics & Report 8.5.1 Connection Session Go to Status > Statistics & Reports > Connection Session tab. Internet Surfing Statistic shows the connection tracks on this router. Internet Surfing Statistic Item Value setting Description Previous Click the Previous button; you will see the previous page of track list. Next Click the Next button;...
Page 294: Network Traffic (Not Supported)
M2M Cellular Gateway 8.5.2 Network Traffic (not supported) Not supported feature for the purchased product, leave it as blank.
Page 295: Device Administration
M2M Cellular Gateway 8.5.3 Device Administration Go to Status > Statistics & Reports > Device Administration tab. Device Administration shows the login information. Device Manager Login Statistic Item Value setting Description Previous Click the Previous button; you will see the previous page of login statistics. Next Click the Next button;...
Page 296: Cellular Usage
M2M Cellular Gateway 8.5.4 Cellular Usage Go to Status > Statistics & Reports > Cellular Usage tab. Cellular Usage screen shows data usage statistics for the selected cellular interface. The cellular data usage can be accumulated per hour or per day.
Page 297: Appendix A Gpl Written Offer
M2M Cellular Gateway Appendix A GPL WRITTEN OFFER This product incorporates open source software components covered by the terms of third party copyright notices and license agreements contained below. GPSBabel Version 1.4.4 Copyright (C) 2002-2005 Robert Lipe<robertlipe@usa.net> GPL License: https://www.gpsbabel.org/ Curl Version 7.19.6 Copyright (c) 1996-2009, Daniel Stenberg, <daniel@haxx.se>.
Page 298 M2M Cellular Gateway socat - Multipurpose relay Version: 2.0.0-b8 GPLv2 http://www.dest-unreach.org/socat/ LibModbus Version: 3.0.3 LGPL v2 http://libmodbus.org/news/ LibIEC60870 GPLv2 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111- 1307 USA https://sourceforge.net/projects/mrts/ Openswan Version: v2.6.38 GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc.
Page 299 M2M Cellular Gateway Copyright (C) 1989, 1991 Free Software Foundation, Inc. 675 Mass Ave, Cambridge, MA 02139, USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. http://pptpclient.sourceforge.net/ PPTPServ Version: 1.3.4 GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc.
Page 300 M2M Cellular Gateway CoovaChilli is an open-source software access controller for captive portal (UAM) and 802.1X access provisioning. Version: 1.3.0 Copyright: (C) 2007-2012 David Bird (Coova Technologies) <support@coova.com> Krb5: Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography.
Page 301 M2M Cellular Gateway Version: 20080615 Copyright (C) 1998-2004 WIDE Project. BSD License: https://sourceforge.net/projects/wide-dhcpv6/...

Amit M2M IDG500-0T012 User Manual

Chapter 1 Introduction

Chapter 2 Basic Network

Chapter 3 Object Definition

Chapter 4 Field Communication (Not Supported)

Chapter 5 Security

Chapter 6 Administration

Chapter 7 Service

Chapter 8 Status

Appendix A GPL WRITTEN OFFER

Quick Links

Need help?

Questions and answers

Related Manuals for Amit M2M IDG500-0T012

Summary of Contents for Amit M2M IDG500-0T012

Table of Contents