Page 1 User manual RipEX2 Radio modem & Router fw 2.2.0.0 2024-08-29 version 1.31 RACOM s.r.o. | Mirova 1283 | 592 31 Nove Mesto na Morave | Czech Republic www.racom.eu Tel.: +420 722 937 522 | E -mail: racom@racom.eu...
Page 3 7.1.2. Radio ........................70 7.1.2.1. Radio interface ....................71 7.1.2.2. Radio channel parameters ................72 7.1.2.3. Encryption ..................... 74 7.1.2.4. Transparent protocol (Bridge mode) ............. 75 7.1.2.5. Base driven protocol (Router mode) ............. 76 © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 4 7.2.2.1. Parameters ....................121 7.2.2.2. Links ......................122 7.2.2.3. Status ......................124 7.2.3. Babel ........................124 7.2.3.1. Description ....................125 7.2.3.2. Common - Common settings ..............126 7.2.3.3. Network - Interfaces ................... 127 RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 5 7.5.2. Local authentication ....................180 7.5.2.1. User Accounts .................... 180 7.5.2.2. Settings ....................... 182 7.5.3. Credentials ......................183 7.5.3.1. General ....................... 183 7.5.3.2. Credentials ....................184 7.5.3.3. Read-only keys ................... 184 © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 6 7.7.5.2. Hot standby LAN interface settings ............227 7.7.5.2.1. Hot standby switching settings ............227 7.7.6. GNSS server ......................229 7.8. Advanced ......................... 229 8. Diagnostics ..........................232 8.1. STATUS overview ......................232 RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 7 8.8. Syslog ..........................267 9. Technical parameters ........................268 9.1. Detailed radio channel parameters .................. 280 9.2. Recommended MSE thresholds ..................296 10. Safety, regulations, warranty ..................... 297 10.1. Frequency ........................297 © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 8 Development Canada ....................308 10.10. Compliance ANATEL Brasil ..................315 10.11. Warranty ........................315 10.12. RipEX2 Availability and service life time ..............316 10.13. RipEX2 maintenance ....................316 A. Security Hardening Procedure ....................318 A.1. Password and accounting .................... 318 A.2.
Page 9 © 2024 RACOM. All rights reserved. Sole owner of all rights to this User manual is the company RACOM s. r. o. (in this manual referred to under the abbreviated name RACOM). Drawing written, printed or reproduced copies of this manual or records on various media or translation of any part of this manual to foreign languages (without written consent of the rights owner) is prohibited.
Page 10 ). The ETH/USB contains a built-in DHCP server, so if you have a DHCP client in your PC as most users, you do not need to set anything up. The default IP address of RipEX2 unit, for access over the ETH/USB adapter, is 10.9.8.7.
Page 11 Section 2.2.9, “HW button”. 1.1. Bench testing Before installing a RipEX2 network in the field, a bench-test should be performed in the lab. The RipEX2 Demo case is great for this as it contains everything necessary: 3× RipEX2 unit, Power supply, dummy load antennas, etc.
Page 13 2. Product RipEX2 is a radio modem platform renowned for overall data throughput in any real-time environment. RipEX2 radio modems are native IP devices, Software Defined with Linux OS that have been designed with attention to detail, performance and quality.
Page 15 Fig. 2.2: RipEX2 dimensions – bottom 134,7 125,5 DIN Rail Clip DIN 35 Rail Fig. 2.3: RipEX2 with DIN rail For more information see Section 4.3.1, “DIN rail mounting” and Section 4.3.2, “Flat mounting”. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 16 Product 10,2 22,1 17,8 31,6 42,7 32,8 47,3 Fig. 2.4: RipEX2 dimensions with connectors Fig. 2.5: RipEX2- with optional cellular interface dimensions RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 17 - Rx for receiving and Tx/Rx for transmitting. Note HW option RipEX2e (product variant ‘C' and 'D’) provides only Tx/Rx connector. Warning RipEX2 radio modem may be damaged when operated without an antenna or a dummy load. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 18 Product Explosive atmospheres Antenna has to be installed outside of the hazardous zone. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 19 This rugged connector connects to a power supply and it contains control signals. A Plug with screw- terminals and retaining screws for power and control connector is supplied with each RipEX2. It is Tyco 7 pin terminal block plug, part No. 1776192-7, contact pitch 3.81 mm. The connector is designed for electric wires with a cross section of 0.5 to 1.5 mm...
Page 20 The POWER pins labelled + and - serve to connect a power supply 10–30 VDC. The requirements for a power supply are defined in Section 4.9, “Power supply” and Chapter 9, Technical parameters. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 21 The SFP modules listed in Accessories are thoroughly tested by RACOM and are guaranteed to function with RipEX2 units. It is possible to use any other SFP module, but RACOM cannot guarantee they will be completely compatible with RipEX2 units.
Page 22 Product Note HW option RipEX2e (product variant ‘C' and 'D’) does not provide ETH5 interface. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 23 RipEX2 unit should be DTE (Data Terminal Equipment) and a straight-through cable should be used. If a DCE device is connected to the serial port of RipEX2, a null modem adapter or cross cable has to be used.
Page 24 If the RipEX2 unit is installed in the RipEX2-HS (Hot Standby chassis), the DI/DO interface is dedicated for the Hot Standby operation. Note “Extension module ‘C’ (as 3rd and 4th COM port) is not supported with RipEX2 var. F and O.“ 2.2.6. USB RipEX2 uses USB 3.0, Host A interface. USB interface is wired as standard: Tab.
Page 25 RipEX2 can be equipped with an internal G – Extension GPS (GNSS) module (see details). The GPS module is used for time synchronization of the NTP server inside RipEX2. In this case the EXT connector serves for connecting the GPS antenna: •...
Page 26 • Pull below 1.1 VDC to activate (1.1 VDC / 1.9 VDC threshold hysteresis) • Max. 30 VDC If the RipEX2 unit is installed in the RipEX2-HS (Hot Standby chassis), the DI/DO interface is dedicated for the Hot Standby operation.
Page 27 RipEX2 radio modem can be delivered with the cellular extension. 2.3.1. Antenna RipEX2 radio modem equipped with the LTE cellular module has two additional SMA antenna connectors mounted on the opposite side than radio antenna connectors. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 28 For the RipEX2 version with narrowband LTE (cellular modules 'M' and 'O'), the EXT connector is used to connect the antenna. 2.3.2. SIM cards Two SIM card holders for Micro SIM (3FF) are available under the screwed cover on the RipEX2 bottom side. Warning Disconnect RipEX2 unit from a power supply before opening the cover and manipulating with SIM cards.
Page 29 Transmitting to radio channel Green Permanently lit Data receiving Yellow Permanently lit Data transmitting Alarm An Alarm is triggered by any event with severity Error or higher (see Section 8.4, “Events”). © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 30 LED signalization of receiver High resilience mode can be enabled/disabled by configuration item ADVANCED > Interfaces > Radio > Radio parameters > High resilience LED indication (see Sec- tion 7.1.2.7.2, “Radio channel - advanced ” for details). RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 31 Bands O – LTE Cat M1/NB1/NB2, Global G – Extension GPS (GNSS) module; Part No.: mPCIe-GPS C – Extension module 2× RS232; Part No.: mPCIe-COMS Note: just one option for mPCIe slot is possible © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 32 COM2 – enables COM2 interface, RipEX2e, RipEX2 variant ‘F’ and ‘O’ only; Part No.: RipEX2- SW-COM2 Ex - authorization for use RipEX2 in hazardous location II 3G Ex ic IIA T4 Gc. Part No.: RipEX2- Ex (Note: Ex keys are available only for units produced after 1st of January 2022) Region –...
Page 33 In the case of export from the country where the units were delivered by RACOM, the exporter must inform RACOM of the new country of delivery. X was under production until XII/2022 ** E, P, A cellular modules were under production until XI/2021 *** C, D were under production until VIII/2023 https://webservice-new.racom.eu/main/eshop.list?t=10...
Page 34 8. Ingress Protection IP52 https://www.racom.eu/eng/products/radio-modem-ripex.html#accessories_mounting 9. Dummy load antenna Dummy load antenna for RipEX2 is used to test the configuration on a desk. It is unsuitable for higher output – use transmitting output of 1.0 W only. https://www.racom.eu/eng/products/radio-modem-ripex.html#accessories https://www.racom.eu/eng/products/radio-modem-ripex.html#accessories_mounting https://www.racom.eu/eng/products/radio-modem-ripex.html#accessories_mounting...
Page 35 6. In case of any issues, download a detailed Diagnostic package (DIAGNOSTICS > Information > Diagnostic package), include all the information except User credentials and send it to support@ra- com.eu mailto:support@racom.eu © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 36 (recommended) or widthwise; in both cases with the RipEX2 lying flat. The choice is made by mounting the clips, one M4 screw per clip. RipEX2 is delivered with two clips, two screws and four threaded holes. Use solely the M4×5 mm screws that are supplied.
Page 37 For vertical mounting to DIN rail, L-bracket (optional accessory) is used. Use solely the M4×5 mm screws that are supplied. Fig. 4.4: Vertical widthwise mounting to DIN rail Fig. 4.5: Vertical lengthwise mounting to DIN rail For more information see L-bracket https://www.racom.eu/eng/products/radio-modem-ripex.html#HOL-RipEX-L © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 38 M4×5 mm screws that are supplied; tighten with torque 0.9 Nm. Fig. 4.6: Flat mounting using Flat bracket Fig. 4.7: Flat mounting using Flat bracket For more information see Flat-bracket https://www.racom.eu/eng/products/radio-modem-ripex.html#HOL-RipEX-FLAT RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 39 . 4.3.4. IP52 mounting RipEX2 unit provides IP41 level of environmental protection. It is possible to reach higher level of pro- tection IP52 (Limited dust ingress protection and protection from water spray < 15 degrees from vertical).
Page 40 Do not mount the antenna in windy or rainy conditions or during a storm, or if the area is covered with snow or ice. Do not touch the antenna, antenna brackets or conductors during a storm. Explosive atmospheres Antenna has to be installed outside of the hazardous zone. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 41 Use 50 Ω impedance cables only. The shorter the feed line, the better. If RipEX2 is installed close to antenna, the data cable can be re- placed by an Ethernet cable for other protocols utilizing the serial port, see Section 7.1.4, “Terminal servers”.
Page 42 Installation 4.9. Power supply We do not recommend switching on power supply of the RipEX2 unit before connecting the antenna and other devices. Connecting the RTU and other devices to RipEX2 while powered increases the likelihood of damage due to the discharge of difference in electric potentials.
Page 43 Ethernet ports The whole radio network build from RipEX2 radio modems behaves as a standard Ethernet bridge. An Ethernet bridge ("Network interface" in RipEX2) automatically learns which devices (MAC addresses) are located in the local LAN and which devices are accessible over the radio channel.
Page 44 The COM port needs to be Enabled and a Protocol needs to be selected to transfer any data. "Trans- parent" type of COM protocol is dedicated for Bridge mode purposes. This protocol transfers data between the COM port and the RipEX2 network transparently. Any other Protocol can be selected when needed.
Page 45 RipEX2 C and RipEX2 A send the received packet to their COM ports. Packet is addressed to RTU C, so only RTU C responds. RipEX2 A is set as a repeater, so it retransmits the packet on Radio channel. Packet is received by all RipEX2 units. Step 4 RipEX2 B sends repeated packet to its COM.
Page 46 You can see an example of IP addresses of the SCADA equipment and RipEX2 ETH interfaces in the picture below. In Bridge mode, the IP address of the ETH interface of RipEX2 is not relevant for user data communic- ation. However it is strongly recommended to assign a unique IP address to each RipEX2 Network in- terface, since it allows for easy local as well as remote service access.
Page 47 ○ Install a duplexer (exact type for a given channel link). A recommended duplex distance is 75 dB and more. ○ Due to high duty cycle, proper cooling is required. We recommend to use RipEX2-RS For more details see RipEX2 PtP link tutorial video 5.2.
Page 48 A star topology with one repeater is used in the following example of a SCADA network using a polling and report by exception combination. The Repeater is also serving as a Remote radio. The packets’ acknowledgement on Radio channel is used in both directions in the example. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 49 As already mentioned, RipEX2 works as a standard IP router with multiple independent interfaces: Radio and Ethernets. Each interface has its own MAC address, IP address and mask. When Base driven protocol is used, Radio IP addresses for all RipEX2 units must share the same IP subnet.
Page 50 Routing tables records, Address translation in COM protocol settings is used. Serial protocol address to IP address translation rules apply where the Radio IP addresses are used. Radio IP addresses will only be used for maintenance in such circumstances. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 51 CSMA and TDMA; the Radio channel is deemed to be free when there is no noise, no interfering signals and no frames being transmitted by other RipEX2 stations. In this situation, a random selection of time slots follows and a frame is then transmitted on the Radio channel.
Page 52 RipEX2 1 receives this packet, checks data integrity and transmits the acknowledgement. At the same time packet is sent to RTU1 through COM. RipEX2 3 receives this packet too. It doesn’t react, because this packet is directed to RipEX2 1 only. Step 3 RipEX2 2 waits untill previous transaction on Radio channel is finished (anti-collision mechanism).
Page 53 Ethernet port. This helps to keep the routing tables clear and simple. Note Even if the IP addresses of all RipEX2 units in a radio channel share a single IP network, they may not be communicating directly as in a common IP network. Only the RipEX2 units that are within the radio range of each other can communicate directly.
Page 54 • Based on this record, all packets with addresses in the range from 192.168.2.1 to 192.168.2.254 are routed to 10.10.10.1 • Because RipEX2 50’s radio IP is 10.10.10.50/24, the router can tell that the IP 10.10.10.1 belongs to the radio channel and sends the packet to that address over the radio channel •...
Page 55 5.3.1. Detailed Description Generally, a Terminal server (also referred to as Serial server) enables connection of devices with a serial interface to a RipEX2 over the local area network (LAN). It is a virtual substitute for the devices used as serial-to-TCP(UDP) converters.
Page 56 Terminal server in RipEX2. User data are extracted from the TCP messages and processed as if it came from a COM port. When the data reaches the destination RipEX2, it can be transferred to the RTU either via the serial interface or via TCP (UDP), using the Terminal server again.
Page 57 (via LAN) or a high-speed WAN (e.g. Internet). The RipEX2 which you are logged-in to in this way is called Local. Then you can manage any remote RipEX2 in the network over-the-air in a throughput-saving way: all the static data (e.g. Web page graphic objects) is downloaded from the Local RipEX2 and only information specific to the remote unit is transferred over the Radio channel.
Page 58 Web interface Login page The login page informs you about the Unit name and IP address of the RipEX2 unit you are trying to log in. The login page allows to view and copy the password. The login page allows changing of the language of the whole web interface (English language is default).
Page 59 6.2. Changes to commit RipEX2 is capable of remembering changes, which were done in its configuration and collecting them in a Changes to commit "basket". All changes of configuration parameters are highlighted by different color.
Page 60 • Return to configuration - return to the last changed value's configuration menu. • Reset changes - all changes will be reset back to their previously set value (not default). • Send configuration - Apply (Save to the unit) all the changes. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 61 Web interface 6.3. Notifications With RipEX2 new way of showing important system events to the user is introduced. It is called Notific- ation Center and is used consistently throughout the interface. Notification Center is located on the top right corner of the interface. It exists in two forms: active notification display and full Notification Center.
Page 62 It is strongly recommended to change the default password. 6.5. Remote access RipEX2 unit management is designed to work smoothly even when the unit under configuration is connected via relatively slow channel. In case of locally connected unit - direct configuration of the unit (accessing the unit IP address directly from the web browser) works fine.
Page 63 Once the Remote access is successful, the IP address line changes its color to black together with the web page identification. The IP address of the currently connected RipEX2 unit is displayed as a part of the Remote access button. All the configuration settings are remotely available using standard web interface. Some of the Diagnostic features are available via local connection only.
Page 64 Refresh deletes all non-saved changes which were done in the client. 6.7. Status info area Status info area provides a general overview about RipEX2’s individual SETTINGS (or DIAGNOSTICS) section by displaying diagnostic data relevant to the section. To update the data it is necessary to click the Refresh button.
Page 65 The content of the help is identical with the respective sub-chapter of the User manual. 6.9. Shortcuts Tab. 6.1: Table of shortcuts Shortcut Access to Ctrl+Alt+C Changes to commit Ctrl+Alt+N Notification center Ctrl+Alt+R Remote access © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 66 7.1. Interfaces 7.1.1. Ethernet RipEX2 provides 5 physical Ethernet ports ETH1, ETH2, ETH3, ETH4 and ETH5. ETH1 - ETH4 ports are metallic. ETH5 port is an SFP port. There is a possibility to define an Ethernet bridge - a logical Network interface - by bridging (joining) together multiple physical Ethernet interfaces.
Page 67 Enable / Disable Enables / disables the Network interface. Name Mandatory name of the Network interface. ETH1 - ETH5 Range on Ethernet ports selected within the specific Network interface. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 68 Network interface switch with the same name, so only this VLAN can be used for diagnostics. VLAN priority mapping Relates to QoS Attach VLAN to Network interface Attaches VLAN to the defined network interface RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 69 When several bridges are interconnected in the network, it is appropriate to switch on Spanning Tree Protocol (ADVANCED > Interfaces > Ethernet > STP) to prevent bridge loops and build a loop-free logical topology. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 70 No limits in network design – each radio can work as base station, a repeater, a remote, or all of these simultaneously. Radio channel parameters (such as frequency, output power etc.) are common for all protocols. They are described later in this chapter. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 71 IP address of the radio interface and the mask of the radio network. This parameter occurs only, if parameter "Mode" is set to "Router". Allow unit management List box {On; Off}, default = "On" Allows / disables unit management for the Radio interface. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 72 List box {possible values}, default = "25 kHz" Note Channels 250 and 300 kHz are available only in Bridge mode. Note HW option RipEX2e (product variant ‘C' and 'D’) provides Channel spacing up to 50 kHz. https://www.racom.eu/eng/products/m/ripex/app/pep/pep.html RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 73 Radio can receive not only radio frames with the very same setting, but also frames with different type of modulation - the Auto-speed functionality. Modulation types which can be combined (with the same radio frequencies, channel spacing and OBW limit) are: © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 74 PSK Key (PRI) AES and select the proper file with the key). Note The required key type is “PSK key” and it must be exactly 32 bytes long (256 bits). This parameter occurs only, if parameter "Encryption" is set to "AES-256-CCM+KEX". RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 75 Unit is repeater List box {On; Off}, default = "Off" Each RipEX2 may work simultaneously as a Repeater (Relay) in addition to the standard Bridge operation mode. If "On", every frame received from Radio channel is transmitted to the respective user interface (ETH, COM) and to the Radio channel again.
Page 76 MUST be set in all units in the network, including the Repeater units themselves. After transmitting to or receiving from the Radio channel, further transmission (from this RipEX2) is blocked for a period calculated to prevent collision with a frame transmitted by a Repeater. Further- more, a copy of every frame transmitted to or received from the Radio channel is stored (for a period).
Page 77 Protocol address to be equal to the Radio IP last byte. If Protocol address mode in Remote unit is set to Automatic, this assignment is done automatically. If a specific address © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 78 Base station repeats permission to transmit. Connection List box {Direct; Direct & Repeater; Behind repeater}, default = "Direct" 7.1.2.5.4. Radio protocol - Remote station Automatic address mode List box {On; Off}, default = "On" RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 79 Repeat COM broadcast List box {On; Off}, default = "Off" When On the broadcasted COM packets will be retranslated into the radio channel. When Off these packets will not be repeated. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 80 Number {70 – 1500}, default = 1500 B If a packet entering to an interface exceeds the maximum value, it is either discarded or fragmented. Minimum MTU value to establish TCP between RipEX2 units = 576 B. Minimum MTU value for IPv6 (Babel) = 1280 B.
Page 81 Resilience parameter controls this functionality. By default the Auto is set - when intereference holds, RipEX2 stays in High resilience mode of receiver operation and signals this state by turning the yellow RX LED on. Once the interfering signals fade away, RipEX2 automatically returns to its High sensitivity mode of receiver operation.
Page 82 Such UDP frames received by the RipEX2 unit from the RipEX2 network (based on the unit IP address and UDP port of the Protocol module) are translated into original frame format (by the Protocol module) and send out through the COM port.
Page 83 Wikipedia: Stop bits sent at the end of every character allow the receiving signal hardware to detect the end of a character and to resynchronize with the character stream. Idle [ms] Number {10 – 16383}, default = 20 © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 84 RTS/CTS (Request To Send / Clear To Send) hardware flow control (handshake) between the DTE (Data Terminal Equipment) and RipEX2 (DCE - Data Communications Equipment) can be enabled in order to pause and resume the transmission of data. If RX buffer of RipEX2 is full, the CTS goes down.
Page 85 UDP ports for COM or Terminal servers can be used or UDP port can be set manually. If the des- tination IP address belongs to a RipEX2 and the UDP port is not assigned to COM or to a Terminal server or to any other special SW module running in the destination RipEX2, the packet is discarded.
Page 86 The Address translation is defined in a table. There are no limitations such as when the "Mask" translation is used. If there are more SCADA units connected via the RS485 interface, their multiple "Protocol addresses" are translated to the same IP address and UDP port pair. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 87 You may add a note to each address with your comments (UTF8 is supported) for your convenience. 7.1.3.3. Individual protocol parameters Some of the SCADA protocols are able to setup additional Slave device response behavior. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 88 The None protocol switches the COM port off. All incoming data will be thrown away, no data will be sent into the COM interface. 7.1.3.3.2. Transparent protocol Operates in Bridge mode only. All the traffic is bridged transparently to RipEX2 network (see Section 5.1, “Bridge mode” for details). 7.1.3.3.3. Async link Async link creates an asynchronous link between two COM ports on different RipEX2 or M!DGE3 units.
Page 89 Note The COMLI protocol in the RipEX2 or M!DGE3 is not fully compatible on COM port with RipEX and MR modems. RipEX2 implementation is not supporting “Intercharacter tx delay”. Mode of Connected device: MASTER Congestion timeout [ms] Number {0 –...
Page 90 Each frame in the DNP3 protocol contains the source and destination addresses in its header, so there is no difference between Master and Slave in terms of the RipEX2 configuration. The DNP3 allows both Master-Slave polling as well as report-by-exception communication from the remote units.
Page 91 Settings 7.1.3.3.6. DF1 Each frame in the Allen-Bradley DF1 protocol contains the source and destination addresses in its header, so there is no difference between Master and Slave in the Full duplex mode in terms of RipEX2 configuration. Duplex mode List box {Full duplex;...
Page 92 MARS-A was widely used by legacy RACOM radio modems in the MORSE system from the year 1999. The new implementation of this protocol in RipEX2 or M!DGE3 is limited to the parts of the complex protocol which can be used together with modern packet type of these routers: USER DATA (0x09) from router to the serial interface (e.g.
Page 93 7.1.3.3.9. Modbus RTU Modbus RTU is a serial polling-type communication protocol used by Master-Slave application. When RipEX2 radio network run in Router mode, more Modbus Masters can be used within one Radio network and one Slave can be polled by more Masters.
Page 94 Both network points receive a configuration on the basis of which they negotiate connection properties with each other over the serial line. The consequence of a successful negotiation is the creation of RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 95 • Address field: address field, value 0xFF defined in the protocol specification • Control field: control field, value 0x03 defined in the protocol specification • Protocol field: protocol field, indicates the type of data in the Information field © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 96 The username that the counterparty should use during authentication (see Local authentication mode). Printable ASCII characters are allowed, with the exception of the prohibited ", `, \, $, ; Local authentication password String {up to 50 char}, default = <empty> RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 97 Frame format), in both directions of data transfer. Active if Compression negotiation mode is Manual. Van Jacobson IP header compression max slots Number {0; 2 – 16}, default = 16 © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 98 The listbox is extended with PPP <NR> options If the routing rule has one of the PPP <NR> options selected, routing is done to the appropriate PPP interface. Routing Persistent List box {On; Off}, default = ”Off” RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 99 PR2000 is an abbreviation for the PROTEUS 2000 SCADA protocol. This protocol is used in Master- Slave applications. The PR2000 protocol is implemented in a fully transparent manner. The original protocol frames are transported over the RipEX network in their entirety. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 100 List box {Binary (1 B); Binary (2B LSB first); Binary (2B MSB first)}, default = "Binary (1 B)" RipEX reads the Protocol address in the format and length set (in Bytes). Address position Specify the sequence number of the byte, where the Protocol address starts. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 101 DLE (accepts the frame) only when the check result is OK. BCC byte is not transferred over the RipEX network, it is calculated locally in the end RipEX and appended to the received data. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 102 Settings 7.1.3.3.13. SAIA S-Bus SAIA S-Bus protocol was widely used by legacy RACOM radio modems in the MORSE system. The S-Bus protocol is implemented as an access module for communication with the SAIA PCD device. The protocol is a MASTER/SLAVE type; the MASTER does not have its own address. There can be at most 254 SLAVEs, the address 255 is reserved for broadcast transmitting which is not acknowledged.
Page 103 Master, Slave Plus Break validity time [ms] Number {0 – 5000}, default = 1000 Slave, Slave Plus Break length [ms] Number {0 – 128}, default = 2 Length of break in ms. https://www.racom.eu/eng/support/prot/sbus/index.html © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 104 Number of frame re-transmissions. Local response address Number {0 – 255}, default = 0 This address is used only with status query (0x51). Response of RipEX2 is "0x54 <Local response address> 0x00". RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 105 "On" – The Master accepts only one response per a request and it must come from the specific remote to which the request has been sent. All other packets are discarded. This applies to the Master - Slave communication scheme. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 106 7.1.4. Terminal servers Generally, a Terminal Server (also referred to as a Serial Server) enables connection of devices with serial interface to a RipEX2 over the local area network (LAN). It is a virtual substitute for devices used as serial-to-TCP (UDP) converters.
Page 107 Up to 5 independent Terminal servers can be set up. Each one can be either TCP or UDP Type, TCP Inactivity is the timeout in seconds for which the TCP socket in RipEX2 is kept active after the last data reception or transmission. As source IP address of a Terminal server will be used the IP address of the RipEX2 ETH interface (Local preferred source address if exists see Section 7.2.1, “...
Page 108 No routing rules are added automatically after configuring a new cellular profile. Add all appro- priate routing manually (e.g., default route 0.0.0.0/0 via WWAN interface). Note This section closely cooperates with Section 7.7.4, “SMS”. 7.1.5.1.1. Parameters RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 109 Enables / Disables automatic Profile switching. 7.1.5.1.2. Cellular profiles Set of defined profiles (at least one profile is required), which are setting parameters of requested service of the network (e.g APN). © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 110 4G (LTE) first; 4G (LTE) only; 3G/4G (UMTS/LTE) only}, default = "4G (LTE) first" Sets preferences and/or permission of the individual cellular network services. Header compression List box {On; Off}, default = "Off" RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 111 (Link testing). Tests are in form of sending ICMP ping to defined ad- dress(es) and waiting for response. This section occurs only, if parameter Link testing is set to "On". © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 112 Number {3 – 3600}, default = 10 If the test results as failed, the connection is tested again after defined time period. Retries [No] Number {1 – 20}, default = 3 RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 113 After defined time period, the module can try to reconnect via the first profile again (independently on the profile queue). This section occurs only, if parameter Profile switching is set to "On". Fig. 7.4: Link testing scheme © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 114 The PIN is used only when PIN protection is On and the module requires the PIN. 7.1.5.3. Cooperation with other services Firewall L3 Parameters Input interface and Output interface can filter the traffic either coming to WWAN or leaving to WWAN (List box WWAN or EXT). RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 115 <= -100 dBm <= -100 dBm Medium Orange -95 to -84 dBm -100 to -89 dBm -100 to -80 dBm Good Green -84 dBm <= -89 dBm <= -80 dBm <= © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 116 • LAN - The name of the LAN interface to be used for PPPoE connection establishment. • VLAN - The name of the VLAN interface to be used for PPPoE connection establishment. Allow unit management List box {On; Off}, default = "On" RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 117 Various methods and protocols are used for this purpose. Babel, OSPF and BGP standard routing protocols are available in RipEX2 networks. Link management option was added allowing to set the switchover of the main link (in the event of its failure) to an existing backup link by automatic changes of routing rules.
Page 118 Destination IP / mask IP address, default = 0.0.0.0/0 Each IP packet, received by RipEX2 through any interface (Radio, ETH, COM, ...), has got a des- tination IP address. RipEX2 (router) forwards the received packet either directly to the destination IP address or to the respective Gateway, according to the Routing table.
Page 119 IP address, default = 0.0.0.0 Local IP address used as a source address for packets originating in the local RipEX2 unit being routed by this routing rule. It might be for example packets originating from the COM port or from the Terminal Server.
Page 120 7.2.1.1. Loopback addresses Table of loopback addresses contains IP addresses of RipEX2, which are set on the loopback interface as "support" addresses independent on specific interface. Maximum number of addresses is 256. Loopback addresses can be useful e.g. for specific routing purposes or specific user data traffic. For example using different routing rules for different traffic.
Page 121 (Test backup link parameter is disabled), it is assumed to be functional. Routing rules are updated automatically on link switchover. Fig. 7.7: Link management scheme 7.2.2.1. Parameters Fig. 7.8: SETTINGS > Routing > Link management © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 122 IP is not configured manually - IP address assigned by the cellular network is used. Gateway IP address, default = 0.0.0.0 Next-hop (gateway) address for the Static type of the link RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 123 List box {One address succeeds; Both addresses succeed}, default = "One address succeeds" • One address succeeds - only one address is enough to pass the test • Both addresses succeed - both addresses must pass the test © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 124 • Works within one autonomous system • Babel provides both wired and wireless type of network interface Babel protocol is typically used within the network hops or other networks with limited data throughput. https://datatracker.ietf.org/doc/html/rfc6126.html#section-1.1 RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 125 • SETTINGS > Routing > Static routes are valid even if the Dynamic routing is enabled. Dynamic routing protocols “export” resulting routing rules into Linux and they are added to the existing (static) routing rules. https://www.racom.eu/download/hw/ripex/free/eng/1_application/ripex2-app-bab-en.pdf © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 126 Router ID IP address, default = 0.0.0.0 RipEX2 unit acts in the Babel network as a dynamic router. Every router is identified by an ID having the format of IP address. This IP address does not have to be ‘real’.
Page 127 GRE L3 – “gre_tunX” where ‘X’ is the tunnel number, starting from zero Cellular – “ext” Interface MTU must be 1280 Bytes or bigger in order to operate Babel protocol correctly. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 128 HMAC SHA256 - string length up to 128 char HMAC SHA384 - string length up to 128 char HMAC SHA512 - string length up to 128 char BLAKE2s-128 - string length up to 32 char RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 129 IP address and mask defining the exported routing rule address range. Metric Number {0 – 65534}, default = 0 Routing rule metric value. The higher the value, the more “expensive” the path is. Note Optional comment. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 130 List box {Accept; Reject; Pass}, default = "Accept" Type of action to be performed when the filter rules above matches the incoming routing rule. When “Pass” is selected, the packet processing continues. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 131 IP address / mask, default = 0.0.0.0/0 IP address and mask defining the network range to be compared. Mask from Number {0 – 32}, default = 0 Mask to Number {0 – 32}, default = 32 © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 132 Metric value is used. OSPF metric sum: Sum of OSPF type 1 a type 2 metrics. If the rule does not have both metric values filled in, the static Metric value is used. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 133 Number {0 – 32}, default = 32 Defines the allowed mask length range of the compared rule Action List box {Accept; Reject; Pass}, default = "Accept" Chooses what to do with the rule © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 134 RSS level limits [-dBm] of the received Hello packet Soft limit is the worst value below which the packet is not discarded RSS threshold (hard) Number {50 – 150}, default = 130 RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 135 Hard limit is the best value to always discard the packet Note Must be Soft threshold >= Hard threshold Enable link configuration List box {Off; On}, default = "On" Activates individual settings Counterpart radio IP IP address, default = 0.0.0.0 © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 136 • Metric Type 2 – is setup on the rules which are exported to the OSPF from outside. Rules having metric ‘Type 2’ are always treated as worse (i.e. longer path) comparing to metric ‘Type 1’. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 137 IP address, default = 0.0.0.0 RipEX2 unit acts in the OSPF network as a dynamic router. Every router is identified by an ID having the format of IP address. This IP address does not have to be ‘real’. Router ID is shared across all dynamic protocols.
Page 138 • VLAN – “if_” prefix must be used followed by Network interface name, ‘.’ dot and VLAN number, e.g. “if_LAN-141.29” • Radio – “radio” • Hot standby – “hstdby” • GRE L3 – “gre_tunX” where ‘X’ is the tunnel number, starting from zero • Cellular – “ext” RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 139 The higher the number, the higher the priority. ‘0’ states the router cannot be used as a primary or backup router. Use broadcast List box {On; Off}, default = "Off" Defines if OSPF packets distribution is provided using multicasts (default behavior) or broadcasts (nonstandard behavior). © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 140 • Hide – this network prefix will be hidden and will not be exported Example: Area 0.0.0.1 exports two subnets: 192.168.1.0/24 and 192.168.2.0/24. Area border router between Area 0.0.0.1 and 0.0.0.0 defines a rule for network aggregation: 192.168.0.0/16. As a result of this, RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 141 List box {Off; Match; Not match}, default = "Off" Method of the routing rule target range comparison. IP address / mask IP address / mask, default = 0.0.0.0/0 IP address and mask defining the network range to be compared. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 142 IP address, default = 0.0.0.0 Preferred source IP address for the locally generated packets. When disabled (default value 0.0.0.0 is used), the source IP address is set according to the outgoing interface. Note Optional comment. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 143 BGP splits the network into Autonomous Systems (AS) which are identified by a specific number. Indi- vidual BGP routers are interconnected with their neighbors using TCP connections. Any connection can travel over multiple hops. Any connection can be secured using MD5 signatures. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 144 IP address. This IP address does not have to be ‘real’. Router ID is shared with the OSPF protocol. Local AS Number {0 – (2 -1)}, default = 65000 RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 145 Enables the specific neighbor. Note Optional comment. Neighbor type List box {Internal; External}, default = "External" Neighbor router type selection. "Internal" neighbor belongs to the same AS (iBGP). "External" belongs to other AS (eBGP). © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 146 – RFC 5082) is used. BGP transmits packets with known TTL value. Incoming packets having lower than expected value (expected number of hops) are discarded. Expected hops Number {2 – 32}, default = 2 Number of expected hops between the neighbors. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 147 List box {On; Off}, default = "On" Enables / disables the filter rule. Note Optional comment. Filter network List box {Off; Match; Not match}, default = "Off" Selects a method of the routing rule destination range comparison. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 148 IP address is set according to the outgoing interface. 7.2.5.5. BGP Export IGP filter Export IGP filter rules. The order of rules matters. Maximum number of filter rules is 256. Filter policy List box {Accept; Reject}, default = "Reject" RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 149 OSPF tag to be compared. The tag is added to a rule when inserted to OSPF. Action List box {Accept; Reject; Pass}, default = "Accept"Defines what action is taken on the routing rule. "Pass" continues in processing. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 150 -1)}, default = 65000 The number of the AS searched for. Action List box {Accept; Reject; Pass}, default = "Accept" Defines what action is taken with the matching routing rule. "Pass" continues in processing. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 151 OSPF tag to be compared. The tag is added to a rule when inserted to OSPF. Filter BGP path List box {Off; Is empty; Not empty; Contain; Not contain}, default = "Off" © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 152 The traffic to/from other MAC addresses is allowed. Allowlist Only the MAC addresses listed in the table are allowed, i.e. only packets to/from them are al- lowed. The traffic to/from other MAC addresses is blocked. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 153 Filter based on EtherType (protocol carried in the Ethernet frame). Source MAC filter List box {All; Mask; Unicasts; Multicasts; Broadcasts}, default = "All" Enables filtering based on the source MAC address of the packet. For Mask option: © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 154 Frame count Number (1-10000), default = 3 Average packet/activation rate limit per time unit. Measurement period List box {Second, Minute, Hour, Day}, default = "Minute" Time unit for limiting the packet/activation rate. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 155 The rule with narrower mask has higher priority. The rule’s order does affect priority. Source port (from) / Source port (to) Interval of source ports. This parameter occurs only when parameter Protocol is set either to "UDP" or "TCP". © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 156 List box {Off; On}, default = "Off" Relates to the first packet when a TCP connection starts (Request from TCP client to TCP server for opening a new TCP connection). Used e.g. for allowing to open TCP only from RipEX2 network to outside.
Page 157 List box {All; Radio; All ETH; EXT; ETH1..ETH5; GRE L2; GRE L3; HotStandby;Other}, default = "All" Destination port (from) / Destination port (to) Interval of destination ports. Connection state New List box {Off; On}, default = "Off" © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 158 Settings Relates to the first packet when a TCP connection starts (Request from TCP client to TCP server for opening a new TCP connection). Used e.g. for allowing to open TCP only from RipEX2 network to outside. Connection state Established List box {Off;...
Page 159 List box {Off; On}, default = "Off" Relates to the first packet when a TCP connection starts (Request from TCP client to TCP server for opening a new TCP connection). Used e.g. for allowing to open TCP only from RipEX2 network to outside.
Page 160 Parameter “Protocol number” occurs only if parameter “Protocol” is set to “Other”. Protocol List box {All; ICMP; UDP; TCP; GRE; ESP; Other}, default = "All" Filters selected protocol. If none of the mentioned values suits, select “Other”. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 161 Number {0 – 65535}, default = 0 Defines a new source port (rewriting multiple defined ports into one). Value 0 means, that the source port is not changed. Note Optional comment. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 162 Filters selected protocol. If none of the mentioned values suits, select “Other”. Protocol number Number {0 – 255}, default = 1 This parameter occurs only, if parameter “Protocol” is set to “Other”. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 163 • Port to IP address (PORTMAP): Range mapping of destination ports (parameters “Destination port from”, “Destination port to”). New range mapping of destination ports origins in parameter “Rewrite destination IP”. It can be additionally overwritten to parameter “Rewrite destination port”. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 164 Rewrite destination port Number {0 – 65535}, default = 0 Defines a new destination port (rewriting multiple defined ports into one). Value 0 means, that the destination port is not changed. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 165 • MASQUERADE rule for Cellular connection has lower priority that user NAT (it is tested after the NAT), thus it is possible to create exceptions in NAT settings. • By using DNAT it is possible to intercept a passing connection and redirect it into the RipEX2 (similar to a proxy behavior).
Page 166 • IKE SA: IKE Security Association providing SA keys exchange with the peer. • CHILD SA: IPsec Security Association providing packet encryption. Every IPsec tunnel contains 1 IKE SA and at least 1 CHILD SA. In RipEX2 can be set maximum of 24 IKE_SA and 48 CHILD_SA (TS).
Page 167 To further configure IPsec VPN tunnel, click the Add VPN configuration button. Add / Edit IPsec VPN tunnel associations Every item in the table represents one IKE SA. There can be a maximum of 24 active IKE SA (limited by system resources). © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 168 This parameter is available only if parameter Dead Peer Detection is set to "On". Phase 1 IKE Parameters related to IKE SA (IKE Security Association) provide SA keys exchange with the peer. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 169 The PFS (Perfect Forward Secrecy) feature is performed using the Diffie-Hellman group method. PFS increases IKE SA key exchange security. The "legacy" marked methods are recognized as unsafe. Peer configuration must match. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 170 The true time of expiration is randomly selected within the range of 90-110%. Unfortunately, the more frequent the key exchange, the higher the network and CPU load. Note If low capacity channel is used, the RipEX2’s channel load can affected during the key exchange process. IKE Post-quantum PSK (PPK) List box {On;...
Page 171 Note If low capacity channel is used, the RipEX2’s channel load can affected during the key exchange process. PSK (Pre-shared key) authentication is used for IKE SA authentication. The relevant peer is identified using it's "Peer ID".
Page 172 Unsupported characters are: ", `, \, $, ;. The full UTF-8 character set is available since FW 2.1.2.0. Note: If the password starts with the characters 0x or 0s, then the connection between RipEX2 with FW 2.1.2.0 (and newer) and RipEX2 with FW 2.1.1.0 (and older) will not be established.
Page 173 GRE L2 tunnel can be used to tunnel the Q-in-Q and IPv6 traffic over the RipEX IPv4 network. GRE L2 Enable Switches all L2 tunnels On or Off. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 174 MTU of the L2 tunnel. Number {74 – 1500}, default = 1430 B Overhead of the L2 tunnel is 38 B, so it should be GRE MTU = Path MTU - 38. Minimum MTU value to establish TCP between RipEX2 units = 576 B. Note For traffic in bridged network (e.g.
Page 175 It bridges part of the network, so it seems to be one hop for the user traffic. GRE L3 Enable Switches all L3 tunnels On or Off. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 176 GRE packets will be discarded and ICMP report will be send back to the source of the original packet (Path MTU discovery). Minimum MTU value to establish TCP between RipEX2 units = 576 B. Key enabled Enables using key identification of the tunnel from/to the same peer.
Page 177 Remote authentication – user accounts are stored on a remote authentication server (RADIUS is implemented) There are four different levels of user access privileges – they are bound with four different user access roles: https://www.racom.eu/eng/products/m/ripex/app/openvpn/index.html © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 178 All privileges of Technician role plus: write access for secured part of configuration (except unit authentication related parts). Administrator (role_admin) No access level restrictions. All privileges of Security technician role plus: user accounts manage- ment; remote authentication configuration. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 179 The Remote access uses local identity and role of the user – there is no additional login to the remote unit (the login into local unit serves as login to the whole network). © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 180 Error: Connection to device timed out. 7.5.2. Local authentication 7.5.2.1. User Accounts The following settings are available only for user with the Administrator role. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 181 Import all user button provides restoration of all Local user accounts from a backup file. Active session is logged out automatically after this command. + Add user account button invokes new user account creation dialog: © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 182 Allows to set password complexity rules. Min. length [No] Number {5 – 64}, default = 5 The minimum length of the password for all users. Min. lowercase letters [No] Number {0 – 5}, default = 0 RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 183 7.5.3. Credentials RipEX2 units feature a unified storage solution for keys, certificates and other credentials. This storage is secured and only accessible to users with Sectech permission and higher. Credentials are separate from configuration to improve security and it also is protected using checksum to prevent unauthorised modification.
Page 184 _RO_Ssh_Host_Key Type: SSH Key (PRI) The SSH host key used to authenticate the server on the client. If missing, it is generated when the station boots. _RO_Rmt_Access_Host_Key Type: RMTACCESS Key (PRI) RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 185 Algorithm used for certificate signing. It depends on the Certification Authority key algorithm and may not be used in case CA uses a specific algorithm. Expiration period (days) Expiration period in days. Default 7300. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 186 To create local CA you need to follow these steps: 1. Generate a new private certificate “Certificate key (PRI)” 2. Generate a new “CA Chain (PUB)” using certificate created in previous step as “Certificate key” RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 187 The TCP port number on which HTTP access is available. HTTPS port Number {1 – 65535}, default = 443 The TCP port number on which HTTPS access is available. Source of Web certificate © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 188 The USB service interface primary purpose is to provide unit service and management access. Ethernet or WiFi connection can be established using an external ETH/USB or WiFi adapter. Only adapters supplied with the product can be used for this purpose. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 189 DHCP pool end (inclusive). WiFi WiFi AP parameters can be customized. SSID automatically List box {On; Off}, default = "On" When automatic definition of SSID is enabled, the SSID contains unit Serial number. https://www.racom.eu/eng/products/radio-modem-ripex.html#accessories_ethusb © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 190 RADIUS accounts can be mapped to one of the four user roles. This is either managed by the server itself or by local RipEX2 settings. Local accounts are checked first and if the account does not exist, RADIUS accounts will be used. If the RADIUS server is not accessible, users may use the local username/password to “fall back”...
Page 191 Management-Privilege-Level the static account level option (for all users) has to be used. 7.5.6. Tamper reset Tamper is a detection service, which is triggered, when the RipEX2 chassis is physically opened. There are 2 contacts (securing top and bottom casing) and the event is triggered even if the unit is without power.
Page 192 "Reset tamper" button. Note The unit must be re-assembled before clicking the "Reset tamper" button, otherwise it returns an error. Whole process can take a while and ends by rebooting the unit. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 193 Longer unit name without special characters restrictions. Unit location, Unit contact Text; default = _a..zA..Z0..9 Additional SNMP information. All the fields above are typically used in the NMS systems to identify the specific unit. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 194 Refresh button is used to update the Status information. 7.6.1.2.1. Time Change device time manually This field is used to setup unit time manually. Update in device Sets the given time to the unit. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 195 Informational comment. 7.6.1.3. Sleep mode RipEX2 offers a mode which periodically switches between the full traffic mode and low power con- sumption mode. This mode is suitable e.g. for power-consumption sensitive applications. When in Sleep mode, RipEX2 has extremely low power consumption (10 mW). The time needed for a complete wake-up from the Sleep mode (booting time) is approx.
Page 196 7.6.1.3.1. Wake-up parameters Waking up the RipEX2 from Sleep mode is possible via setting the time of its awakening. It is also possible to set an interval during which the unit will be woken up regularly. Sleep mode time boundaries are counted in a set Time zone (SETTINGS >...
Page 197 7.6.1.3.2. Go to sleep parameters RipEX2 will go into the Sleep mode after the set time passes. It is possible to delay the Sleep mode to assure that all data transfer is complete. Connecting USB-ETH or USB-WIFI adapters to the service port will also delay the Sleep mode.
Page 198 SI is trigged/activated if it is pulled below 1.1 VDC. See more details in Pin assignment If the RipEX2 is in the Sleep mode and SI is triggered, the unit will wake up for the set awake period and go back to sleep. The Sleep Input signal is not monitored while RipEX2 is awake so any additional SI trigger does not increase the awake period.
Page 199 PSS signal is available. 7.6.1.4.1. Cooperation with other services • HotStandby - GNNS (GPS) is disconnected in passive mode and activated in active. • Events - TBD • SNMP -TBD © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 200 • Current configuration - displayed configuration, which is seen in the web client. • Running configuration - actual configuration, running in the RipEX2 unit. • Stored configuration - configuration stored in the RipEX2 unit. This configuration is stored in the unit, even when its turned off.
Page 201 DIAGNOSTICS > Information > Device > Advanced information. Restore The configuration can be restored from a backup file (containing the same configuration version as the configuration version currently running in the unit - see above). © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 202 Basic data such as Code, Region, SW keys will always remain in the unit. Warning This action can take up to two minutes - do not power off the unit until finished. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 203 Tab. 7.4: Configuration versions CNF version FW version 2.2.0.0 2.1.7.0 2.1.6.0 2.1.2.0 2.1.1.0 2.1.0.0 2.0.18.0 2.0.16.0 2.0.14.0 2.0.13.0 2.0.10.0 2.0.8.0 2.0.7.0 2.0.5.0 2.0.3.0 2.0.1.0 1.4.8.0 1.4.6.0 1.4.5.0 1.4.3.0 1.4.1.0 1.3.6.0 1.3.4.0 1.3.2.0 1.3.1.0 © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 204 Fig. 7.27: SETTINGS > Device > Events 7.6.4. SW keys Certain RipEX2 features needs to be activated by a SW key to be available. When the respective SW key is not present, the feature cannot be configured. If the feature is enabled in a configuration backup file and the file is loaded to a unit which is not equipped with the respective key, the configuration is refused (no changes are made in the unit).
Page 205 Differences with the previous generation of RipEX: - SW keys are always installed as a file (there is not a clipboard option) - Single file can contain multiple SW keys - SW keys are not time limited © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 206 Radius Tamper detection Tamp *By defaults from 03/2024, if you've purchased RipEX2 before this date and want to use this function- ality, you will need to request the atomic key from the supplier. Note The newly added atomic keys are not included in the delivery of the previously ordered SW key (Link management for units dispatched before 07/2023, OpenVPN for units dispatched before 10/2023).
Page 207 4. Click the Upload firmware button to transfer the firmware file into the unit. The upload can take a long time – depending on the connection speed between the management PC and the RipEX2 unit. In case of slow connection and file transfer longer than 120 s, the web browser will shut down the connection and the action will not finish successfully.
Page 208 6. It is possible not only to upgrade the firmware version, but to even downgrade it, although this op- eration is not recommended. Be aware of eventual security issues of firmware downgrade as RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 209 For successful activation a compatibility between the patch file and active firmware (or uploaded firmware) must be ensured. Patch files for RipEX2 can be downloaded from RACOM’s web site . FW versions stored in RipEX2 are dis- played in SETTINGS >...
Page 210 Settings Example: There are 2 older FW versions (2.0.8.0 and 2.0.10.0) stored in RipEX2 (picture above). For successful activation of newer FW version (e.g. 2.0.13.0) using patch file either: • Download patch files version upgrading from 2.0.8.0 to 2.0.13.0 or •...
Page 211 Defines the sender, from which the receiver unit accepts the distributed FW file. Enable / Disable Enables / disables the specific remote radio - sender. Radio address Defines the IP address of the radio interface. Note Informational note. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 212 • If two or more suitable FWs are found on the disk, which have the same version, the first one is se- lected in order according to the lexicographic arrangement (this can happen, for example, if one file is full FW, while the other is FW-patch). RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 213 Distribution works over the radio network (FOTA - Firmware over the air) in form of multicast. Units must be available to each other within one IP hop. To set up FW distribution, RipEX2 unit must be set either as a sender or a receiver.
Page 214 Settings • When in Base driven protocol, the firmware is distributed from base unit to all units within the network which are defined as a receiver. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 215 7.7.1.2. Parameters Max. rate (Kib/s) Number {1 – 1000}, default = 10 Defines the maximum broadcast speed. The broadcast starts at a lowest speed and accelerates until it reaches the defined limit. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 216 Selects the receiver unit into a individual group to which the firmware will be distributed. One unit can be in multiple groups. Note Informational note. 7.7.2. SNMP SNMP (Simple Network Management Protocol) implementation in RipEX2 provides three SNMP versions: v1, v2c and v3. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 217 Username for SNMPv3. When v3 protocol is selected, this parameter is mandatory. Security level List box {NoAuthNoPriv; AuthNoPriv; AuthPriv}, default = "NoAuthNoPriv" The v3 protocol security level. Switches on/off Authentication (Auth) and the SNMP data encryption (Priv). © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 218 List box {Default; User defined}, default = "Default" Engine ID serves for unique identification of the SNMP instance (i.e. the RipEX2 unit) according to RFC3411. When the "Default" Engine ID mode is selected the MAC address of the ETH1 interface is used for the unique part of the Engine ID (the whole Engine ID example: 800083130302a92006ef).
Page 219 Fig. 7.31: SETTINGS > Services > Syslog https://www.racom.eu/eng/products/m/ripex/app/snmp-ripex2/index.html © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 220 List box {Emergency; Alert; Critical; Error}, default = "Emergency" System messages with this and higher severities will be sent to the remote server. Messages with lower severities will not be sent. Events RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 221 (numerical codes 16 to 23) can be set. Consult with your Syslog server administrator about which facility will be used for individual groups of units. 7.7.4. SMS RipEX2, fully connected into the cellular network (status CONNECTED), is capable of receiving and sending SMS. • Receiving and sending SMS is provided by a linux service.
Page 222 Note Optional comment. Allow commands {On; Off}, default = "On" Allows to accept commands from defined phone number. Note This parameter will work only if parameter SMS commands EXT is enabled. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 223 7.7.5. Hot standby 7.7.5.1. Hot standby settings Following settings is supported by the controller version of the RipEX2-HS, where the controller manages the active and passive/standby RipEX2 units and their accessing to the shared channels (e.g. radio). © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 224 RipEX2 User manual and section "Switching over" Ripex2-HS Important The communication between individual RipEX2 units and HS controller use DI/DO interfaces, so other use of these interfaces is not possible. Note HW option RipEX2e (product variant ‘C' and 'D’) cannot be used in Hot standby configuration.
Page 225 Settings Virtual ETH MAC MAC address of shared LAN interface. It should be same for both individual RipEX2 units. This MAC address has to differ from other MAC addresses used in unit. It is possible to use e.g. VRRP type of addresses: 00:00:5E:00:01:XX.
Page 226 It will not be possible if: • The second unit is in alarm status. • The HW MODE selector is not set to AUTO. • The unit is in not-active status. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 227 The events which switch HS shall be set in menu SETTINGS > Device > Events, check the HS box for events required for switching from the active unit to the backup one. Settings in both units has to be the same. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 229 RipEX2. Please note, that RipEX2 is a very powerful device and it really shows all parameters in the Advanced section. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 230 By selecting a configuration page (marked with pencil icon) a window is shown on the right side of the screen containing selected configuration page set points. You can change settings and then send them to the device the same way you know from “Settings”. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 231 Settings Be careful when adjusting settings in Advanced section and review the “Changes” page in detail before sending changes to the device. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 232 Tab. 8.1: Unit section icons Device Radio Security Ethernet 1-5 Note The number of visible Ethernet icons is depended on the units settings. (SETTINGS > Interfaces > Ethernet > Ports) RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 233 Error, Critical, Alert, Emergency 8.2. Overview The Overview section serves to give general information about the RipEX2. 8.2.1. Measurements Section Overview - Measurements contains current data measurement (obtained from sensors). • Card Temperature - provides data about temperature (on CPU, modem and radio).
Page 234 • 15-min interval is collected by taking 14 mins from history + seconds passed from current minute. 8.3. Information This section provides more detailed information (data extract) about settings of RipEX2 unit. It provides also a deeper explanation about some of set values and interfaces. Diagnostic data are provided as well.
Page 235 Fig. 8.1: DIAGNOSTICS > Information > Interfaces > Ethernet Intefaces used in RipEX2 units are in general either Bridged ports (BP-L2) or Routed interfaces (RI- L3). All interfaces used by the linux router (internal interfaces excluded) are displayed in the following list.
Page 236 GRE L3 tunnel interface, RI-L3 interface type (SETTINGS > VPN > GRE > L3) Loopback interface RI-L3 type of interface – The IP addresses of the loopback (ADVANCED > In- terfaces > Loopback). 8.3.2. Routing Provides information about data extract from section Routing. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 237 "birdcl show protocol '"bgp*"'", "birdcl show protocol all '"bgp*"'", "birdcl show route all table bgp_ipv4". 8.3.3. Firewall Provides general overview about data extract from sections L2, L3 and NAT. 8.3.3.1. Firewall L2 Displays data called by linux command “iptables -L”. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 238 Fig. 8.3: DIAGNOSTICS > Information > Firewall > L2 8.3.3.2. Firewall L3 Displays data called by following linux commands “iptables -nvL --line-numbers”. Fig. 8.4: DIAGNOSTICS > Information > Firewall > L3 RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 239 • Status and statistics of classes - displays data called by linux command “tc class show”. • Status and statistics of filter - displays data called by linux command “tc filter show”. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 240 Diagnostics Fig. 8.6: DIAGNOSTICS > Information > Quality of service 8.3.5. SMS Provides information about sent and received SMS messages. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 241 Fig. 8.7: DIAGNOSTICS > Information > SMS > MAIN - Rx Fig. 8.8: DIAGNOSTICS > Information > SMS > MAIN - Tx 8.3.6. Device Provides general information about the unit (device). © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 242 • CNF version - Version of the unit configuration. Configuration version is updated if the new firmware version brings major configuration changes leading to incompatibility with the previous configuration. See Section 7.6.2, “Configuration” for more details. • Web client version - Version of the current web client. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 243 This menu serves for collecting data, either from local or remote station and storing them into a package (file). Diagnostic package serves primarily as a help tool, for RACOM’s technical support in case of any potential unit issues. Minimum size of a package is 5kB. Maximum size depends on the amount of radio links contained in the statistics.
Page 244 Alarms are displayed in red color, warnings in orange, notices in black and debugs in gray. It is possible to change severities of individual events in the menu SETTINGS > Device > Events. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 245 Debug 8.5. Statistics RipEX2 unit permanently monitors various system 'channels'. There are several types of those channels: Physical interfaces (Ethernet ports, serial ports, radio interface, additional module interface (e.g. LTE module) when installed), virtual interfaces (e.g. VLAN interfaces) and HW sensors (CPU temperature, supply voltage, ...).
Page 246 • Radio protocol statistics • Radio protocol non-addressable statistics • Radio signal non-addressable statistics • Serial protocols statistics • Ethernet statistics • Cellular statistic (if cellular interface is available) • Measurements RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 247 Amount of data is summed over the whole Layer 2 Ethernet frame (i.e. all IP headers are counted). Other – Packets not handled by the previous counters (e.g. VLAN, services, GRE, IPsec (ESP), ...) © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 248 In case of Transparent protocol (Bridge mode) it happens when there is a collision during re-translation. Packet rej (Rx) – Correctly received but rejected packets count - reason: impossible to decrypt or de- compress. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 249 (unlike "Radio protocol statistics" where the Link address is an address of the unit where the packet entered the RipEX2 network). There is a special address 'RELAY' to indicate frames coming from the re-translation unit in case of Base Driven Protocol operation.
Page 250 'Correct' and 'Drop' Bytes provides the total amount of Bytes on the physical interface. Rx direction: from the connected (at the COM or ETH port) external device to the RipEX2 unit (i.e. from the COM port module or Terminal server module to the Router module). Tx direction: from the RipEX2 unit to the external device.
Page 251 Only correctly received frames are handled. The counters correspond to the specific IP protocol types. Rx direction: from the physical Ethernet port to the RipEX2 unit (i.e. to the Router module). Tx direction: from the RipEX2 unit to the physical Ethernet port.
Page 252 Rx direction: from the Cellular module to the Router module. Interface – “cell-ext” interface is used for RipEX2 optional extension cellular module. UDP, TCP, ICMP, ARP - Packet count and amount of data in Bytes [B] for different protocol types. Amount of data is summed over the whole Layer 2 Ethernet frame (i.e.
Page 253 Diagnostics 8.5.9.2. Cellular state statistics Interface – “cell-ext” interface is used for RipEX2 optional extension cellular module. SIM [%] – information about using the individual SIM cards during the time displayed in %. Services [%] – N/A (not available), 2G (e.g. GPRS, EDGE), 3G (e.g. UMTS), 4G (e.g. LTE) services usage dis- played in % of time.
Page 254 Monitoring is an advanced on-line diagnostic tool, which enables a detailed analysis of communication over any of the RipEX2 router interfaces. In addition to all the physical interfaces (RADIO, EXT, ETHs, COMs, TSs), some internal interfaces between software modules can be monitored when such advanced diagnostics is needed.
Page 255 Terminal Server) and vice versa. When an external interface (e.g. Interface COM) is monitored, the Tx also means packets being transmitted from the RipEX2 over the respective interface (Rx means "received"). Understanding the directions over the internal interfaces may not be that...
Page 256 List box {LOW; NORMAL; HIGH; UNLIMITED}, default = "NORMAL" Monitoring bandwidth limit to prevent overload of management link between client PC and the RipEX2 unit. LOW (up to ~300 kb/s), NORMAL (up to ~800 kb/s), HIGH (up to ~2 Mb/s), UNLIMITED (up to ~8 Mb/s) Source port (from) / Source port (to) TCP/UDP source port to be enabled/disabled in the monitoring output.
Page 257 List box {On; Off}, default = "On" Corrupted ("header CRC error", "data CRC error", etc.) received frames monitoring output can be suppressed. This can be useful when the communication in the channel is heavily disturbed by in- © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 258 When Promiscuous mode is enabled, the unit is capable to monitor (receive) frames from the other RipEX2 units even if the other unit(s) is(are) working in the other Unit mode (Bridge versus Router). Frames transmitted under another Unit mode may not be properly 'analyzed'. In such a case frames are displayed in raw data format.
Page 259 • SRC mac: 0x0 0x0 0x0 0x0 0x0 0x0 • Dst mac: 0x0 0x0 0x0 0x0 0x0 0x0 • Ethertype: 0x0800 Cellular interface EXT enabled (EXT) List box {On; Off}, default = "Off" © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 260 Download button – downloads file to a connected computer. The default name contains of the Unit name, date and time of the begin and day and time of the end of the monitoring. Before downloading you have to stop recording. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 261 Set of diagnostic tools 8.7.1. ICMP ping All parameters used by standard ICMP ping are available. Start / Stop button starts / stops pinging. 8.7.2. RSS ping (RipEX2 / RipEX2 combination) © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 262 Output format of different type (other than radio) of hops is similar to ICMP ping. Destination IP Destination IP address. This address must belong to a RipEX2 unit as the RSS ping can be initiated only between two RipEX2 units.
Page 263 • hMSE – Phy header modulation Mean Squared Error [dB] - measured within the header reception • dMSE – Data modulation Mean Squared Error [dB] - measured within the frame data part reception © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 264 Currently running test will finish its time period. • Stop button Allows to stop the test before the pre-set time. If "Stop" is requested and there is no running test, and error value will return. RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 265 Radio Settings before using this feature. 8.7.5. Antenna detection The RipEX2 is equipped with circuits and algorithms that make it possible to monitor the state of its output transmission circuits, including the antenna and its cable. To evaluate the situation, the data...
Page 266 Quality of calibration informs about calibration process result – how reliable the failure detection can be expected: • unreliable: low quality, unreliable failure detection • mediocre: reasonable quality • distinctive: good quality 8.7.6. System Reboot button Performs unit cold restart (power cycle equivalent). RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 267 Events can be set in Section 7.6.3, “Events”. Login attempt List box {Off; Web}, default = "Off" Switches whether login attempts (both successful and unsuccessful) will be sent to the SYSLOG server. © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 268 < 2 ms @ 6.25 kHz channel Rx to Tx Time < 1.0 ms @ 12.5 kHz channel < 0.7 ms @ 25 kHz channel Spurious Emissions < -36 dBm (Conducted) Radiated Spurious < -36 dBm Emissions RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 269 0.01 W Interfaces 10/100/1000Base-T Auto 4× RJ45 10/100/1000Base-T 2× RJ45 Ethernet MDI/MDIX Auto MDI/MDIX 10/100/1000Base-T or 1× SFP No SFP 1000Base-SX or 1000Base-LX user exchangeable SFP with max. power consumption 1.25 W © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 270 1× HW alarm input Power 1× HW alarm output connector 1× Sleep input Inputs/Outputs 2× DI, 2× DO, 1× diffDI RJ45 Not available not available when Extension module 'C' (COM ports) is used RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 271 Intelligent payload data and header (Eth / IP / TCP / UDP) com- pression Security Management HTTPS (Web Interface or Application Programming Interface) Role-based access control (RBAC) 4 levels (Guest, Tech, SecTech, Admin) WiFi management access (optional) WPA2-PSK secured https://www.racom.eu/eng/products/radio-modem-ripex.html#accessories_mounting https://www.racom.eu/eng/products/radio-modem-ripex.html#radio_protocols © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 272 HW tamper Case opening evidence When full-duplex with full power (40 dBm PEP) and the surrounding temperature above + 60°C the external passive cooler should be used (e.g. RipEX2-RS 19" Rack chassis Diagnostic and Management Link testing ICMP ping, RSS ping...
Page 273 Extension module 'C' COM3: COM ports RS232 - 3 pin (RxD, TxD, GND) 2.4 kb/s to 921.6 kb/s RJ45 (DI/DO on front panel) Extension module 'W', 'M', 'O' see details Cellular © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 274 Tab. 9.4: Power consumption for 24 Vdc Tx Power consumption RipEX2-1 RipEX2-3, RipEX2-4 @24Vdc Min. Typ. Max. Min. Typ. Max. FSK 20 dBm RMS FSK 40 dBm RMS QAM 24 dBm PEP QAM 40 dBm PEP https://www.racom.eu/eng/products/m/ripex/app/pep/pep.html RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 275 +0.5 W @ 1000BaseT per Eth interface with connected equipment +1st COM +0.2 W +GNSS +0.15 W +2nd COM +0.1 W +LTE Rx +0.3, Tx +3.0 W +SFP module typ. +1.0 W © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 276 DL Advanced Rx Performance Phase 1 Data rates up to 150 Mb/s downlink / 50 Mb/s uplink SIM slots 2x Micro SIM (3FF) Both 1.8 and 3 V SIM types supported RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 277 Band 3 (1800 MHz), Band 1 (2100 MHz), Band 7 (2600 MHz) Frequency bands for extension mod- 3G UMTS/HSDPA/HSUPA ule 'P' Cellular** Band 5 (850 MHz), Band 8 (900 MHz), Band 2 (1900 MHz), Band 1 (2100 MHz) 2G GSM/GPRS/EDGE © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 278 -110 -104 -114 -113 -110 -107 -107 -101 -112 -111 -108 -104 -104 -110 -109 -106 -102 -102 -109 -108 -105 -101 -101 -107 -106 -103 -100 -100 -106 -105 -101 RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 279 The fade margin of 20 dB is considered acceptable for most installations with availability 99% or less. The fade margin of 25 dB or higher shall be used for highly reliable systems (99.9% availability). © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 280 5.21 4CPFSK 3K60F1DBN 3.60 Baudrate 4.34 kBaud 4.34 DPSK 5K00G1DBN 5.00 8.68 π/4-DQPSK 5K00G1DDN 5.00 13.02 D8PSK 5K00G1DEN 5.00 17.36 16DEQAM 5K00G1DEN 5.00 26.04 64QAM 5K00G1DEN 5.00 34.72 256QAM 5K00G1DEN 5.00 RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 281 -99.5 26.04 26.04 64QAM -108.5 -104.0 -96.5 34.72 23.15 256QAM -109.0 -106.0 -100.0 34.72 26.04 256QAM -108.0 -104.5 -98.0 34.72 28.94 256QAM -106.0 -103.0 -96.0 34.72 34.72 256QAM -104.0 -100.0 -94.5 © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 282 Baudrate 10.42 kBaud 10.42 DPSK 11K9G1DBN 11.9 12.5 20.83 π/4-DQPSK 11K9G1DDN 11.9 12.5 31.25 D8PSK 11K9G1DEN 11.9 12.5 41.67 16DEQAM 11K9G1DEN 11.9 12.5 62.50 64QAM 11K9G1DEN 11.9 12.5 83.33 256QAM 11K9G1DEN 11.9 12.5 RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 283 62.50 52.08 64QAM -109 -104 62.50 62.50 64QAM -105 -101 -22.5 83.33 55.56 256QAM -106 -103 83.33 62.50 256QAM -105 -102 83.33 69.44 256QAM -103 -100 83.33 83.33 256QAM -100 -28.5 © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 284 138.89 256QAM 19K8G1DEN 19.8 Baudrate 20.83 kBaud 20.83 DPSK 24K0G1DBN 24.0 41.67 π/4-DQPSK 24K0G1DDN 24.0 62.50 D8PSK 24K0G1DEN 24.0 83.33 16DEQAM 24K0G1DEN 24.0 125.00 64QAM 24K0G1DEN 24.0 166.67 256QAM 24K0G1DEN 24.0 RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 285 64QAM -108 -104 125.00 104.17 64QAM -107 -102 125.00 125.00 64QAM -104 -22.5 166.67 111.11 256QAM -104 -101 166.67 125.00 256QAM -103 -100 166.67 138.89 256QAM -101 166.67 166.67 256QAM -28.5 © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 286 277.78 256QAM 40K0G1DEN 40.0 Baudrate 41.67 kBaud 41.67 DPSK 45K0G1DBN 45.0 83.33 π/4-DQPSK 45K0G1DDN 45.0 125.00 D8PSK 45K0G1DEN 45.0 166.67 16DEQAM 45K0G1DEN 45.0 250.00 64QAM 45K0G1DEN 45.0 333.33 256QAM 45K0G1DEN 45.0 RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 287 166.67 64QAM -107 -103 250.00 187.50 64QAM -105 -101 250.00 208.33 64QAM -104 250.00 250.00 64QAM -101 333.33 222.22 256QAM -101 333.33 250.00 256QAM -100 333.33 277.78 256QAM 333.33 333.33 256QAM © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 288 Emission code [kb/s] [kHz] [kHz] Baudrate 69.44 kBaud 69.44 DPSK 80K0G1DBN 80.0 138.89 π/4-DQPSK 80K0G1DDN 80.0 208.33 D8PSK 80K0G1DEN 80.0 277.78 16DEQAM 80K0G1DEN 80.0 416.66 64QAM 80K0G1DEN 80.0 555.55 256QAM 80K0G1DEN 80.0 RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 289 277.78 16DEQAM -102 416.66 277.78 64QAM -104 -100 416.66 312.50 64QAM -102 416.66 347.22 64QAM -101 416.66 416.66 64QAM 555.55 370.37 256QAM 555.55 416.66 256QAM 555.55 462.96 256QAM 555.55 555.55 256QAM © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 290 Emission code [kb/s] [kHz] [kHz] Baudrate 115.74 kBaud 115.74 DPSK 125KG1DBN 125.0 231.48 π/4-DQPSK 125KG1DDN 125.0 347.22 D8PSK 125KG1DEN 125.0 462.96 16DEQAM 125KG1DEN 125.0 694.45 64QAM 125KG1DEN 125.0 925.93 256QAM 125KG1DEN 125.0 RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 291 -102 462.96 462.96 16DEQAM -100 694.45 462.96 64QAM -102 694.45 520.83 64QAM -100 694.45 587.71 64QAM 694.45 694.45 64QAM 925.93 617.29 256QAM 925.93 694.45 256QAM 925.93 771.61 256QAM 925.93 925.93 256QAM © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 292 Emission code [kb/s] [kHz] [kHz] Baudrate 138.89 kBaud 138.89 DPSK 150KG1DBN 150.0 277.78 π/4-DQPSK 150KG1DDN 150.0 416.67 D8PSK 150KG1DEN 150.0 555.56 16DEQAM 150KG1DEN 150.0 833.33 64QAM 150KG1DEN 150.0 1111.11 256QAM 150KG1DEN 150.0 RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 293 416.67 16DEQAM -101 555.55 555.55 16DEQAM 833.33 555.55 64QAM -101 833.33 625.00 64QAM 833.33 694.45 64QAM 833.33 833.33 64QAM 1111.11 740.74 256QAM 1111.11 833.33 256QAM 1111.11 925.93 256QAM 1111.11 1111.11 256QAM © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 294 D8PSK -100 833.33 625.00 16DEQAM -100 833.33 833.33 16DEQAM 1250.00 833.33 64QAM -100 1250.00 937.50 64QAM 1250.00 1041.67 64QAM 1250.00 1250.00 64QAM 1388.89 1111.11 256QAM 1388.89 1250.00 256QAM 1388.89 1388.89 256QAM RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 295 -101 781.25 781.25 D8PSK 1041.67 781.25 16DEQAM 1041.67 1041.67 16DEQAM 1562.50 1041.67 64QAM 1562.50 1171.88 64QAM 1562.50 1302.09 64QAM 1562.50 1562.50 64QAM 1736.11 1388.89 256QAM 1736.11 1562.50 256QAM 1736.11 1736.11 256QAM © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 296 Tab. 9.16: MSE Recommended MSE thresholds Modulation Mean MSE [dB] 2CPFSK 2CPFSK 4CPFSK 4CPFSK DPSK DPSK π/4-DQPSK π/4-DQPSK 8DPSK 8DPSK 16DEQAM 16DEQAM 64QAM 64QAM 256QAM 256QAM Fig. 9.1: MSE recommended tresholds RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 297 General Population General Population Antenna description code [dBi] [–] / Uncontrolled Ex- / Controlled Expos- posure [cm] ure [cm] OV380.1 single dipole OV380.2 stacked double dipole SA380.3 3 element directional Yagi http://www.fcc.gov/oet/info/documents/bulletins © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 298 10.0 10.3. High temperature If the RipEX2 is operated in an environment where the ambient temperature exceeds 55 °C, the RipEX2 must be installed within a restricted access location to prevent human contact with the enclosure heatsink. 10.4. Battery disposal Battery Disposal - This product may contain a battery (e.g.
Page 299 • The unit must be powered with an intrinsically safe power source. • The antenna has to be installed outside the hazardous zone. • Do not manipulate the RipEX2 (e.g. plug or unplug connectors) unless powered down or the area is known to be non-hazardous.
Page 300 Safety, regulations, warranty Fig. 10.1: ATEX type examination certificate 1/3 RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 301 Safety, regulations, warranty Fig. 10.2: ATEX type examination certificate 2/3 © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 302 Safety, regulations, warranty Fig. 10.3: ATEX type examination certificate 3/3 RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 303 Everyone can copy and spread word-for-word copies of this license, but any change is not permitted. The program (binary version) is available for free on the contacts listed on https://www.racom.eu. This product contains open source or another software originating from third parties subject to GNU General Public License (GPL), GNU Library / Lesser General Public License (LGPL) and / or further author li- censes, declarations of responsibility exclusion and notifications.
Page 304 Safety, regulations, warranty 10.8. EU Compliance 10.8.1. RoHS, WEEE and WFD Fig. 10.4: EU Declaration of Conformity RoHS, WEEE RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 305 • any requirements for authorisation of use. Fig. 10.5: EU restrictions or requirements The RipEX2 radio modem predominantly operates within frequency bands that require a site license be issued by the radio regulatory authority with jurisdiction over the territory in which the equipment is being operated.
Page 306 С настоящото RACOM s.r.o. декларира, че този тип радиосъоръжение RipEX2 е в съответствие с Директива 2014/53/ЕС. Por la presente, RACOM s.r.o. declara que el tipo de equipo radioeléctrico RipEX2 es conforme con la Directiva 2014/53/UE. Tímto RACOM s.r.o. prohlašuje, že typ rádiového zařízení RipEX2 je v souladu se směrnicí 2014/53/EU.
Page 307 Με την παρούσα ο/η RACOM s.r.o., δηλώνει ότι ο ραδιοεξοπλισμός RipEX2 πληροί την οδηγία 2014/53/ΕΕ. Hereby, RACOM s.r.o. declares that the radio equipment type RipEX2 is in compliance with Directive 2014/53/EU. Le soussigné, RACOM s.r.o., déclare que l'équipement radioélectrique du type RipEX2 est conforme à...
Page 308 Safety, regulations, warranty RACOM s.r.o. týmto vyhlasuje, že rádiové zariadenie typu RipEX2 je v súlade so smernicou 2014/53/EÚ. RACOM s.r.o. potrjuje, da je tip radijske opreme RipEX2 skladen z Direktivo 2014/53/EU. RACOM s.r.o. vakuuttaa, että radiolaitetyyppi RipEX2 on direktiivin 2014/53/EU mukainen.
Page 312 Safety, regulations, warranty Fig. 10.10: FCB certificate for RipEX2-1A RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 313 America. For further details related to this certification please contact Certification@tuvam.com UCB_F_10.09 Rev 1 TÜV SÜD America, Inc. 10 Centennial Drive, Peabody, MA 01960, USA Page 1 of 2 Fig. 10.11: FCB certificate for RipEX2-4A 1/2 © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 314 11.8 11.8 7K50F1D RSS-119 Issue 12 450.0 470.0 11.8 11.8 5K00G1D RSS-119 Issue 12 450.0 470.0 11.8 11.8 3K60F1D RSS-119 Issue 12 Page 2 of 2 Fig. 10.12: FCB certificate 2/2 RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 315 The serviced equipment shall be returned by RACOM to the customer by prepaid freight. If circumstances do not permit the equipment to be returned to RACOM, then the customer is liable and agrees to reim- burse RACOM for expenses incurred by RACOM during servicing the equipment on site. When equipment does not qualify for servicing under warranty, RACOM shall charge the customer and be reimbursed for costs incurred for parts and labour at prevailing rates.
Page 316 The Availability depends on specific network design and Service availability. Availability can be increased by decreasing MTTR. Availability calculation needs to be done for each network element separately. RipEX2 redundant solution within Field Replaceable Units fully achieving the level availability and reli- ability for the Core elements.
Page 317 F i r m w a r e As required recommended when new features required RipEX2 If you are unsure on any of the above, please contact RACOM technical support. https://www.racom.eu/eng/products/radio-modem-ripex.html#dnl_fwr2 © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 318 You create user accounts (local authentication or remote RADIUS) and assign them roles via which they can access RipEX2/M!DGE3 GUI or API. • There are four different levels of user access privileges – they are bound with four different user...
Page 319 Cellular networks are in control of operators and public APNs are connected to the public Internet. Any data sent or received by RipEX2 (EXT) or M!DGE3 (MAIN, EXT) can be captured by experienced hackers. If such data are not encrypted, sensitive data can be read by these hackers and misused.
Page 320 (Radio, cellular MAIN/EXT, ETH, GRE L3, …). A.6. Exchange of certificates It is recommended to change certificates for certificates trusted by the RipEX2 user. The default certificates are part of installation of all units, so the replacement for your own certificates will increase the security of all processes and services (e.g.
Page 321 Protect the unit via Firewall settings • SETTINGS > Firewall > L2 / L3 / NAT • Especially important if RipEX2/M!DGE3 has a public IP address! Limit access to RipEX2/M!DGE3 GUI • Only allow authorized IPv4 addresses to access your network. Each piece of hardware connected to a network has an assigned IPv4 address.
Page 322 Utilize USB flash drive - for FW upgrade via USB disk - this service is on by default, it can be disabled. • SETTINGS > Device > Firmware > USB Utilize Firmware distribution for RipEX2 networks in a bandwidth optimized way. • FW distribution uses the authentication key during the process - the key is the same in all manufac- tured units - you can generate and use your own.
Page 323 Appendix B. Proprietary UDP ports Tab. B.1: RipEX2 proprietary UDP ports UDP port number Name 8881 COM1 8882 COM2 8883 COM3 8889 Remote access 8892 8893 8894 8895 8896 8906 RSS ping © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 324 Revision 1.10 2021-02-11 Chapter 3 and 9 rework Revision 1.11 2021-04-19 FW 2.0.0.0 features Revision 1.12 2021-05-19 FW 2.0.3.0 features added Revision 1.13 2021-07-27 Minor updates of chapters 5 and 7 RipEX2 Radio modem & Router – © RACOM s.r.o.
Page 325 Revision 1.27 2023-07-28 Section Credentials added Section Link management added Revision 1.28 2023-10-23 Section OpenVPN added Appendix Security Hardening Procedure added Revision 1.29 2023-12-15 New features for FW 2.1.2.0 version added © RACOM s.r.o. – RipEX2 Radio modem & Router...
Page 326 Revision History Revision 1.30 2024-03-05 New features for FW 2.1.6.0 version added Revision 1.31 2024-06-05 New features for FW 2.1.7.0 version added Revision 1.32 2024-08-29 New features for FW 2.2.0.0 version added RipEX2 Radio modem & Router – © RACOM s.r.o.

This manual is also suitable for:

Ripex2e

RACOM RipEX2 User Manual

Quick Links

Need help?

Questions and answers

Related Manuals for RACOM RipEX2

Summary of Contents for RACOM RipEX2

This manual is also suitable for: