1. Manuals
  2. Brands
  3. Waveshare Manuals
  4. Network Router
  5. WS-431E
  6. User manual

Waveshare WS-431E User Manual

4g router
Hide thumbs Also See for WS-431E:
Table of Contents

Advertisement

Quick Links

Download this manual
WS-431E
4G Router
WS-431E 4G Router
User Manual
Figure 1 WS-431E 4G Router
www.waveshare.com
1 / 68
www.waveshare.com/wiki

Advertisement

Table of Contents
loading

Related Manuals for Waveshare WS-431E

Summary of Contents for Waveshare WS-431E

  • Page 1 WS-431E 4G Router WS-431E 4G Router User Manual Figure 1 WS-431E 4G Router www.waveshare.com 1 / 68 www.waveshare.com/wiki...

  • Page 2: Overview

    WS-431E 4G Router 1. OVERVIEW Support 4G/3G/2G Internet access in various modes, which can be used in the fields of  Internet of Networked Medical Treatment, Intelligent Agriculture, Smart City, Smart Robots, Security Monitoring Networking, Intelligent Bus Wifi etc. 1x WAN RJ45 port (configurable for LAN), 10/100 Mbps, supports automatic MDI/MDIX, ...

  • Page 3: Table Of Contents

    WS-431E 4G Router CONTENTS 1. OVERVIEW ............................2 CONTENTS ............................3 2. PRODUCT OVERVIEW ........................5 2.1. INTRODUCTION ........................5 2.2. SPECIFICATIONS ........................5 2.3. INTERFACE DESCRIPTION .......................6 2.4. HARDWARE SIZE ........................7 3. QUICK START ........................... 7 3.1.1. HARDWARE ENVIRONMENT ..................8 3.1.2.
  • Page 4 WS-431E 4G Router 4.6.3. COMMUNICATION RULES ..................38 4.6.4. ACCESS RESTRICTION ....................56 4.7. VPN FUNCTION ........................58 4.7.1. PPTP CLIENT ......................59 4.7.2. L2TP CLIENT ......................61 4.7.3. IPSEC .......................... 63 4.7.4. OPENVPN ........................65 4.7.5. GRE ..........................67 www.waveshare.com 4 / 68 www.waveshare.com/wiki...

  • Page 5: Product Overview

    2. PRODUCT OVERVIEW 2.1. INTRODUCTION The WS-431E 4G Router is a new Qualcomm solution Wi-Fi enhanced industrial router with excellent anti-interference capability and stable connection performance, supports WIFI hotspot, WIFI client, and WIFI relay modes, and is integrated with 4G LTE, Wi-Fi, Ethernet ports (2LAN and 1WAN/LAN) and VPN technologies.

  • Page 6: Interface Description

    WS-431E 4G Router INDICATORS Power indicator, lights up after powered on WIFI Lights up when WiFi is enabled 2/3/4G network 2G led lights up after being connected to 2G network indicator 3G led lights up after being connected to 3G network Both leds light up after being connected to 4G network 2×...

  • Page 7: Hardware Size

    WS-431E router products. It is recommended that users read this chapter and follow the instructions to have a basic understanding of 4G router products. Refer to subsequent sections for specific functional details and descriptions.

  • Page 8: Hardware Environment

    Networking: Insert the SIM card in the power off state (the front of the card slot  corresponds to the positive direction of the "sim "screen printing) Power supply: The working voltage of the WS-431E is DC5-36V. You are advised to use the  DC 12V/1A power adapter provided by the factory After power-on, observe the indicators: the PWR is on, the LAN is blinking, the 4G indicator ...

  • Page 9: Network Connection

    Figure 5 4G indicator (3G+2G) 3.1.2. NETWORK CONNECTION Internet test: Power on the WS-431E, wait for about 2 minutes, the 2/3G indicator starts to light, indicating that the 4G network of the router is successful, then you can directly surf the Internet.

  • Page 10: Product Functions

    WS-431E 4G Router Figure 6 Web Server login web Enter admin for the user name and password. On the left menu bar, select Network => Network Diagnosis => ping. If the domain name can be pinged, the network connection is normal. You can also directly open the browser and enter the URL of the website you want to land.

  • Page 11: Install Procedure

    (2) Plug the SIM card in socket. (3) Power on the module by power adaptor and check the LED status. (4) Connect PC or mobile to the WS-431E router via LAN interface or Wi-Fi interface. Wi-Fi password is “www.waveshare.com”. (5) Log in Web Server of router. (Default IP address of router is 192.168.1.1, either the username and password is “admin”...

  • Page 12: Create A Vpn Client

    WS-431E 4G Router Figure 9 APN configuration 4.2.2. CREATE A VPN CLIENT User can set VPN client configuration by Web Server as follow: Figure 10 VPN Client 4.3. NETWORKING MODE 4.3.1. WAN+LAN+4G www.waveshare.com 12 / 68 www.waveshare.com/wiki...

  • Page 13: Lan+Lan+4G

    WS-431E 4G Router In this networking mode, user can access internet through WAN interface and 4G interface. WAN interface has higher priority than 4G interface to ensure communication and save 4G flows. When WAN interface occurs problems, router can change to 4G interface to connect internet. In this mode, user can also connect to router through WIFI.
  • Page 14 WS-431E 4G Router Figure 12 Switch WAN/LAN interface Application diagram as follow: www.waveshare.com 14 / 68 www.waveshare.com/wiki...

  • Page 15: Common Functions

    4G Router Figure 13 LAN+LAN+4G networking 4.4. COMMON FUNCTIONS 4.4.1. 4G INTERFACE WS-431E 4G Router supports one 4G interface to access internet. Functional diagram as follow: Figure 14 4G interface User can configure 4G interface by Web Server as follow: www.waveshare.com 15 / 68 www.waveshare.com/wiki...

  • Page 16: Lan Interface

    4G Router Figure 15 4G interface 4.4.2. LAN INTERFACE WS-431E supports two LAN interface (one is WAN/LAN interface). Default settings: One LAN interface (WAN/LAN used as WAN interface; IP address: 192.168.1.1; Subnet mask: 255.255.255.0; Open DHCP function). User can configure LAN interface by Web Server as follow: Figure 16 LAN interface DHCP default range of distribution is from 192.168.1.100 to 192.168.1.250 and default address...

  • Page 17: Wan Interface

    Figure 17 DHCP function 4.4.3. WAN INTERFACE WS-431E supports one WAN interface and WAN interface can switch between WAN/LAN interface. WAN interface supports DHCP and Static IP, and default setting is DHCP. User can configure WAN interface by Web Server as follow: www.waveshare.com...

  • Page 18: Wlan Interface

    WS-431E 4G Router Figure 18 WAN interface 4.4.4. WLAN INTERFACE Default parameters as follows: SSID WS-431E-XXXX(XXXX 是 MAC) Password www.waveshare.com Channel auto HT Mode auto Encryption mixed-psd Figure 19 WLAN default parameters Figure 20 WLAN interface www.waveshare.com 18 / 68...
  • Page 19 WS-431E 4G Router Entering WLAN interface configuration web, user can change follow parameters. User can configure SSID on Web Server as follow: Figure 21 WLAN interfaceConfigure SSID User can configure password on Web Server as follow: www.waveshare.com 19 / 68...
  • Page 20 WS-431E 4G Router Figure 22 Configure password Other settings on Web Server as follow: www.waveshare.com 20 / 68 www.waveshare.com/wiki...
  • Page 21 WS-431E 4G Router Figure 23 Other settings You can view the list of wifi clients on the wireless screen: www.waveshare.com 21 / 68 www.waveshare.com/wiki...

  • Page 22: Network Diagnosis

    4.4.5. NETWORK DIAGNOSIS User can use network diagnosis function by Web Server as follow: Figure 25 Network diagnosis Ping: User can do PING test to a specific address in WS-431E.  Traceroute: Can acquire routing path to visit a specific address.

  • Page 23: Module Name And Time Zone

     4.4.6. MODULE NAME AND TIME ZONE WS-431E default module name is WS-431E and default Time Zone is New York time zone. User can configure module name and Time Zone by Web Server as follow: Figure 26 Module name and Time Zone 4.4.7.
  • Page 24 WS-431E 4G Router The static route has the following parameters. By default, a maximum of 20 static routes can be added. Name Description Default parameter Lan, wan_4G, wan_wired, port interfaces Object (destination The address or address range of the empty...

  • Page 25: Basic Functions

    WS-431E 4G Router Figure 29 Add routing table page 4.5. BASIC FUNCTIONS 4.5.1. WEB SERVER PASSWORD Default password is root, this password is used to enter Web Server. User can change password by Web Server as follow: www.waveshare.com 25 / 68...

  • Page 26: Restore

    WS-431E 4G Router Figure 30 Web Server password 4.5.2. RESTORE Hardware restore: Press Reload button over 5 seconds and release, WS-431E will restore default settings and reset. User can restore default settings by Web Server as follow: www.waveshare.com 26 / 68...

  • Page 27: Upgrade Firmware Version

    WS-431E 4G Router Figure 31 Restore default settings 4.5.3. UPGRADE FIRMWARE VERSION Upgrade by Web Server as follow: Figure 32 Upgrade firmware version www.waveshare.com 27 / 68 www.waveshare.com/wiki...

  • Page 28: Reset

    WS-431E 4G Router The whole upgrade process will last about 1 minute, user can enter Web Server after about 1 minute. User can choose saving settings.User should keep powering up and LAN/WIFI connection during the whole upgrade process. 4.5.4. RESET Reset time is about 40~60 seconds.Reset by Web Server as follow:...
  • Page 29 WS-431E 4G Router Figure 34 Firewall setting interface <Introduction> Input: a packet accessing the router IP.  Output: the packet to be sent by the router IP;  Forwarding: data forwarding between interfaces, without going through the route itself; ...
  • Page 30 WS-431E 4G Router Wired WAN port and 4G port accept "inbound", "outbound" and "forwarding";  If there is an "input" packet, logging in to the router's webpage from the WAN port is  allowed; If there is an "output" packet, the router accessing the external network through WAN port ...

  • Page 31: Nat Function

    WS-431E 4G Router 4.6.2. NAT FUNCTION 1. IP address masquerading IP address masquerading refers to the practice of modifying the source IP address of outgoing data packets to a specific interface's IP address on the router. When the "Masquerading" option is selected, the system will change the source IP address of outgoing data packets to the IP address of the WAN port on the router.
  • Page 32 WS-431E 4G Router Figure 37 SNAT setting 1 Then set the Source NAT, and change the source IP address of the packet leaving the router to a fixed IP, which is located under "firewall-Traffic rules". Fix the source IP address to 192.168.9.1, and its setting interface is as follows.
  • Page 33 WS-431E 4G Router Figure 38 SNAT setting 2 Click “Add” and “Edit”. www.waveshare.com 33 / 68 www.waveshare.com/wiki...
  • Page 34 WS-431E 4G Router Figure 39 SNAT setting 3 If the source IP, source port and destination IP and destination port are not filled in, all IP and ports will be defaulted. Save after setting. Name Description Default parameter Name The name of this firewall rule...
  • Page 35 WS-431E 4G Router input traffic, empty means matching the destination port. Modify the source address of matching Customized IP when SNAT IP address traffic to this address. adding Modify the source port of matching SNAT port traffic to this port,...
  • Page 36 WS-431E 4G Router Figure 41 Port setting interface 1 After setting the forwarding rule, you need to click the "Add" button on the right, and then this rule will be displayed in the rule column. Figure 42 Port setting interface II Then click the "Save &...
  • Page 37 WS-431E 4G Router When we access port 81 from WAN, the access request will be transferred to 192.168.1.1:80. < description > You can add 20 rules to the upper limit of port forwarding rules. Name Description Default parameter Name and character type of this port...

  • Page 38: Communication Rules

    WS-431E 4G Router Figure 43 DMZ setting one Click Add and save. Figure 44 DMZ setting two < Note > Port mapping and DMZ functions cannot be used at the same time. 4.6.3. COMMUNICATION RULES www.waveshare.com 38 / 68 www.waveshare.com/wiki...
  • Page 39 WS-431E 4G Router Communication rules can selectively filter specific Internet data types and prevent Internet access requests, and enhance network security through these communication rules. Firewall has a wide range of applications. Here are some common applications. Name Description Default parameter...
  • Page 40 WS-431E 4G Router WAN: indicates the rules for external network to access internal network. The destination IP address of the Destination address access. empty Empty: Represents all addresses. The destination port number of the Destination port access. empty Empty: stands for all.
  • Page 41 WS-431E 4G Router Figure 45 Firewall IP blacklist 1 In the jumped page, select “lan” as the source zone, and select “any” as the source MAC addresses and source IP address options (if only the specific IP in the local area network is restricted from accessing the specific IP of the external network, you need to fill in the IP address or MAC address here, one of which is "any"...
  • Page 42 WS-431E 4G Router Figure 46 Firewall IP blacklist 2 Select WAN in the destination zone, fill in the destination address that is forbidden to access, and click "Save” and “Apply" after the setting of "Reject" is selected. As shown below.
  • Page 43 WS-431E 4G Router Figure 47 Firewall IP blacklist 3 www.waveshare.com 43 / 68 www.waveshare.com/wiki...
  • Page 44 WS-431E 4G Router Figure 48 Firewall IP blacklist 4 Once this configuration is set up, the blacklist function will be implemented. 2. IP address Whitelist First, add the communication rule of IP or MAC address to be whitelisted, enter the name of the rule in the new forwarding rule, and then click Add and Edit.
  • Page 45 WS-431E 4G Router Figure 49 Firewall IP white list 1 In the jumped page, select “lan” as the source zone, and select “any” as the source MAC address and source address (if it is a specific IP that allows a specific IP in the LAN to access the external network, you need to fill in the IP address or MAC address here, one of which is "any"...
  • Page 46 WS-431E 4G Router Figure 49 Firewall IP white list 2 Select WAN in the target zone, fill in the IP allowed to access in the target address, and click "Save” and “Apply" after the setting "Accept" is selected. As shown below.
  • Page 47 WS-431E 4G Router Figure 50 Firewall IP white list 3 Next, set a rule that all communications are rejected. The source address is set to “any”, the destination address is set to “any”, and the action is selected to Reject. Pay attention to the order of the two rules.
  • Page 48 WS-431E 4G Router Figure 51 Firewall IP white list 4 3. Denies a subnet device access to a specified IP. First add a forwarding rule. www.waveshare.com 48 / 68 www.waveshare.com/wiki...
  • Page 49 WS-431E 4G Router Figure 52 Firewall setting 1 If TCP+UDP is selected as the protocol, the specified destination IP can be ping for the  specified source IP, and the TCP/UDP connection cannot be established; If ICMP is selected as the protocol, the specified source IP cannot ping the specified target IP, ...
  • Page 50 WS-431E 4G Router Figure 53 Firewall setting 2 Please keep the source area and destination area as the default, and select one of the source MAC and source IP. If both are filled in, please keep the MAC and IP corresponding, otherwise it will not take effect.
  • Page 51 WS-431E 4G Router Figure 54 Firewall setting 3 4. Disable Ping function First, add a forwarding rule. www.waveshare.com 51 / 68 www.waveshare.com/wiki...
  • Page 52 WS-431E 4G Router Figure 55 Firewall setting 1 Protocol selects ICMP www.waveshare.com 52 / 68 www.waveshare.com/wiki...
  • Page 53 WS-431E 4G Router Figure 56 Firewall setting 2 The source zone and target zone can be defaulted. Select all the source MAC and IP (according to whether all subnet devices are forbidden to ping according to the demand), and the source port number is not required to be filled in.
  • Page 54 WS-431E 4G Router Figure 57 Firewall setting 3 Click Apply to take effect immediately after the setting is completed. To temporarily disable the "Ping" function or other firewall policy settings, uncheck the box on the right and click Apply. To enable it again, check the box and click Apply.
  • Page 55 WS-431E 4G Router Figure 58 Firewall setting 4 No ping function takes effect. www.waveshare.com 55 / 68 www.waveshare.com/wiki...

  • Page 56: Access Restriction

    WS-431E 4G Router Figure 59 Firewall setting 5 4.6.4. ACCESS RESTRICTION Access restriction implements access restriction on specified domain names, and supports setting of blacklist and whitelist of domain names. When the blacklist is selected, devices connected to routers cannot access blacklisted domain names, but other domain names can be accessed normally.
  • Page 57 WS-431E 4G Router Figure 60 Domain name blacklist 2. Domain name whitelist First, select the white list in the mode option, click Add to enter the name and correct domain name of the rule, and then click Save. The rule will take effect immediately, and the devices connected to the router will not be able to access other domain names except the domain name in the rule.

  • Page 58: Vpn Function

    WS-431E 4G Router Figure 61 Domain name whitelist 4.7. VPN FUNCTION VPN (Virtual Private Network) is divided into PPTP, L2TP, IPSec, OpenVPN, GRE, etc. Next, the principles of creating VPN by these protocols are introduced respectively. PPTP: a point-to-point tunneling protocol, which uses a TCP (port 1723) connection to...

  • Page 59: Pptp Client

    WS-431E 4G Router transmitted in another network layer protocol (such as IP). GRE adopts the technology of Tunnel, which is the third layer tunnel protocol of VPN. Note: These protocols can build VPN, and you can choose a more suitable protocol according to your own needs.
  • Page 60 WS-431E 4G Router Interface: wan_4G, wan_wired and automatic can be selected according to different  networking modes; User name/password: obtained from VPN server;  Encryption method: MPPE encryption, no encryption, obtained from VPN server, and  checked or unchecked according to the actual situation;...

  • Page 61: L2Tp Client

    Figure 63 Router enables VPN state detection 4.7.2. L2TP CLIENT L2TP is a Layer 2 tunneling protocol, similar to PPTP. At present, WS-431E supports tunnel password authentication, MPPE encryption and L2TP OVER IPSec pre-shared key encryption. Enter the VPN--L2TP interface, select Enable L2TP client, and fill in the parameters in turn.
  • Page 62 WS-431E 4G Router Figure 64 L2TP Client Enable Settings Interface < Description > L2TP supports tunnel password authentication, MPPE encryption and L2TP OVER IPSec  encryption; Server address: fill in the IP or domain name of the VPN server to be connected;...

  • Page 63: Ipsec

    WS-431E 4G Router Enable static tunnel IP Address: it is not enabled by default, and the server automatically  allocates IP. You can fill in the static tunnel IP here; Extra option: append the PPPD option, magic words, etc. No operation is required by ...
  • Page 64 WS-431E 4G Router Figure 65 Basic settings after enabling IPSec < Description > Interface: wan_4G, wan_wired and automatic can be selected according to different  networking modes; Peer address: it can be divided into VPN client and VPN server. Please fill in the IP/ domain ...

  • Page 65: Openvpn

    WS-431E 4G Router includes encryption mode, integrity scheme and DH exchange algorithm in IKE stage; IKE life time: set the life cycle of IKE, in seconds, the default is 28800; Authentication type: currently, the authentication mode of pre-shared key is supported;...
  • Page 66 WS-431E 4G Router Figure 66 OpenVPN Enable Settings Interface < Description > Device: TUN (routing mode) or TAP (bridge mode) can be selected;  Channel protocol: UDP or TCP;  Port: the listening port of OpenVPN client;  VPN server address: IP/ domain name of OpenVPN server;...

  • Page 67: Gre

    WS-431E 4G Router After obtaining the certificate file, add different certificate contents to the configuration  interface respectively. 4.7.5. GRE Figure 67 GRE basic configuration < Description > Peer WAN IP: The WAN IP address of the remote GRE peer.
  • Page 68 WS-431E 4G Router For example: 172.16.10.1/24, corresponding to IP of 172.16.10.1 and subnet mask of 255.255.255.0; Local tunnel IP: IP address of local GRE tunnel;  TTL: set the TTL of GRE channel, which is 255 by default;  Set MTU: set the MTU of GRE channel, and the default is 1450.

This manual is also suitable for:

12183

Table of Contents