Page 1 User Guide NTC-500 Doc No. UG01448 NTC-500 – User Guide UG01448 v. 1.02 15 February 2024...
Page 2: Important Notice
Casa Systems accepts no responsibility for any loss or damage resulting from errors or delays in transmission or reception, or the failure of the Casa Systems NTC-500 to transmit or receive such data.
Page 3: Table Of Contents
3 of 141 Contents Overview ..........................................6 Introduction ..............................................6 Target audience ............................................6 Prerequisites ............................................... 6 Notation ..............................................6 Product introduction ...................................... 7 Product overview ............................................7 Product features ............................................7 Package contents ............................................7 Physical dimensions and indicators ................................9 Physical dimensions ...........................................
Page 4 4 of 141 Status ..........................................23 Networking ........................................28 Wireless WAN ............................................28 Wireless WAN profiles ........................................28 Band selection ..........................................32 SIM management ..........................................32 RAT selection ............................................. 33 Operator setting ..........................................33 Roaming control ..........................................34 Cell lock .............................................. 35 SIM security ............................................
Page 5 5 of 141 OMA-LWM2M ............................................106 Supported LWM2M objects ......................................107 Event Configuration ..........................................109 Event Notification Configuration ....................................110 Destination configuration ......................................111 Event notification log ........................................113 Email Settings ............................................114 Dynamic DNS ............................................115 System .......................................... 117 Log ................................................
Page 6: Overview
6 of 141 Overview Introduction This document provides you all the information you need to set up, configure and use the NetComm NTC-500 router. Target audience This document is intended for system integrators or experienced hardware installers who understand telecommunications terminology and concepts.
Page 7: Product Introduction
Easy and clear LED status display for connection status and network type as well as two user-customizable ⚫ LEDs. Remote device configuration, management, and firmware upgrade. ⚫ Package contents The NetComm NTC-500 package contains: 1 x NTC-500 router ⚫ 1 x Two-way Molex connector ⚫ 1 x 1.5m Ethernet cable ⚫...
Page 8 8 of 141 1 x Welcome Card ⚫ 1 x Compliance leaflet ⚫ If any of these items are missing or damaged, please contact your sales representative or the support team. NTC-500 – User Guide UG01448 v. 1.02 15 February 2024...
Page 9: Physical Dimensions And Indicators
9 of 141 Physical dimensions and indicators Physical dimensions Figure 1 – NTC-500 top and side views N T C - 5 0 0 R O U T E R D I M E N S I O N S Length 143.5 mm Depth...
Page 10: Interfaces
10 of 141 Interfaces The following interfaces are available on the NTC-500 router: I T E M D E S C R I P T I O N Antenna sockets SMA female connector for cellular antennas. SIM card tray Insert SIM card here. SIM Eject button Press with a SIM removal tool to eject the SIM card tray.
Page 11: Signal Strength Leds
11 of 141 L E D N A M E C O L O U R S T A T E D E S C R I P T I O N Power off Blinking Router starting up Power Power on No SIM detected Blinking SIM error...
Page 12: Led Update Interval
12 of 141 LED update interval The signal strength LEDs update within a few seconds with a rolling average signal strength reading. When selecting a location for the router or connected or positioning an external antenna, please allow up to 20 seconds for the signal strength LEDs to update before repositioning.
Page 13: Placement Of The Router
13 of 141 Placement of the router Antenna installation The router is fitted with four SMA female antenna connectors. Attach antennas fitted with a SMA male connector by turning them in a clockwise direction. Figure 4 – NTC-500 antenna installation Connecting antennas to the device should provide optimum cellular and Wi-Fi signal strength in a wide range of environments.
Page 14: Mounting Options
14 of 141 Mounting options The NTC-500 router can be quickly and easily mounted in a variety of locations. DIN rail mounting bracket The DIN rail mounting bracket provides multiple ways to mount the router. Clip the router into the bracket as shown below.
Page 15: Din Rail Installation
15 of 141 DIN rail installation The V Bend allows you to snap the DIN bracket onto the middle of a DIN rail rather than sliding it onto the end. Figure 7 – NTC-500 DIN mounting bracket Wall mounted via DIN bracket Figure 8 –...
Page 16: Ceiling Mounted Via Din Bracket
16 of 141 Ceiling mounted via DIN bracket Figure 9 – NTC-500 ceiling mounted using DIN bracket Pole mounted via DIN bracket Figure 10 – NTC-500 pole mounted using DIN bracket NTC-500 – User Guide UG01448 v. 1.02 15 February 2024...
Page 17: Rail Mounting Adapter
17 of 141 Rail mounting adapter The NTC-500 can also be mounted by using an optional rail mount adapter. Figure 11 – NTC-500 rail mount adapter NTC-500 – User Guide UG01448 v. 1.02 15 February 2024...
Page 18: Installation And Configuration Of The Ntc-500 Router
18 of 141 Installation and configuration of the NTC-500 router Powering the router The NTC-500 router can be powered in one of two ways: DC power input via 2-pin connector (8-40V DC) DC power input via field terminated power source (8-40V DC) The green power LED on the router lights up when a power source is connected.
Page 19 19 of 141 If you are attaching antennas, first remove the antenna socket caps from the Main and Auxiliary antenna sockets by turning them in an anti-clockwise direction, then screw the antennas onto the sockets by turning them in a clockwise direction. If your router does not come with a SIM pre-installed, insert a SIM card into the SIM card slot by pressing the SIM Eject button to eject the SIM card tray.
Page 20: Advanced Configuration
20 of 141 Advanced configuration To access the web-based user interface, open a web browser (e.g. Mozilla Firefox or Google Chrome), type https://192.168.1.1 into the address bar and press Enter. The router’s web user interface is displayed. The HTTP protocol is disabled by default, secure HTTP (HTTPS) is the default protocol. HTTP access is available but must be Important –...
Page 21: Configure As A New Device (Create New Passwords)
21 of 141 Configure as a new device (create new passwords) Select I want to configure this as a new device then select the OK button. In the New Passwords section, enter a strong password in each field. You may configure the same password for all three accounts, but it must meet the security criteria set out below: •...
Page 22: Logging In
22 of 141 When you have completed all password fields, press the Save button. If the passwords meet the security criteria, they are saved and the router reboots to Live mode automatically. See below for further instructions on logging Logging In To log in to the router, enter the login username (root or user) and the password that you configured during the initialisation process.
Page 23: Status
23 of 141 Status The status page of the web interface provides system related information and is displayed when you log in to the NTC-500 router management console. The status page shows System information, LAN details, Cellular connection status, WWAN connection status, Wireless LAN status and Neighbouring cell information. You can toggle the sections from view by selecting the buttons to show or hide them.
Page 24 24 of 141 The following information is included on the Status page: I t e m D e f i n i t i o n S y s t e m i n f o r m a t i o n System up time The current up time (the time since the router was last turned on) of the router.
Page 25 25 of 141 Connection (RAT) The radio access technology in use. Coverage The type of mobile coverage being received by the NTC-500. W W A N Profile name The name of the active profile. Status The IPv4 connection status of the active profile. IPv6 status The IPv6 connection status of the active profile.
Page 26 26 of 141 Channel number The channel number of the current cellular connection. (EARFCN) Reference Signal A cell-specific reference signal used to determine RSRP. Received Power (RSRP) Reference Signal RSRQ calculates signal quality taking into consideration the RSSI. It is calculated by N x Received Quality RSRP / RSSI where N is the number of Physical Resources Blocks (PRBs) over which the (RSRQ)
Page 27 27 of 141 Synchronisation This is a key part of beam management. It is a value comprised of Primary Signal Block (SSB) Synchronisation Signal (PSS), Secondary Synchronisation Signal (SSS) and the Physical Index Broadcast Channel (PBCH). N e i g h b o u r i n g c e l l i n f o r m a t i o n The Physical Cell ID.
Page 28: Networking
28 of 141 Networking The Networking section provides configuration options for Wireless WAN, LAN, Firewall, Routing and Service Assurance. Wireless WAN Wireless WAN profiles The wireless WAN profiles page allows you to configure and enable/disable connection profiles. To access this page, select on the Networking menu, and under the Wireless WAN menu, select the Wireless WAN profiles connection item.
Page 29: Connecting To The Mobile Broadband Network
29 of 141 I T E M D E F I N I T I O N Profile no. Number of the profile. Profile name Name of the profile. Status Toggles the corresponding profile on and off. Only one profile may be turned on at any time.
Page 30 30 of 141 Figure 16 – WWAN profiles – WWAN profile settings I t e m D e f i n i t i o n Enable Toggle the enable button to On or Off, as desired. Name The name of the APN for easy identification on the Wireless WAN profile page. This name is only used to identify the profile on the NTC-500.
Page 31: Profile Routing
31 of 141 I t e m D e f i n i t i o n a  IPv4 – Sets a single stack IPv4 connection through which the NTC-500 receives only IPV4 network and DNS addresses. b  IPv6 – Sets a single stack IPv6 connection through which the NTC-500 receives only IPV6 network and DNS addresses.
Page 32: Band Selection
32 of 141 Band selection Select individual bands from the following band groupings: LTE, NR5G NSA, NR5G SA. Figure 17 – NTC-500 band selection To set a device up for different LTE, 5G Non-Standalone (NR5G NSA) and 5G Standalone (NR5G NSA) modes, refer to: Appendix A –...
Page 33: Rat Selection
33 of 141 RAT selection Select the preferred RAT (Radio Access Technology) from the following: ALL, LTE or NR5G Figure 19 – Radio Access Technology (RAT) Note – To select two options, hold the Ctrl key whilst selecting the option you wish to use. Operator setting The Operator setting screen lets you select whether to have the NTC-500 automatically select the most appropriate operator and access technology, or if you set it to manual, you can override and lock it to a...
Page 34: Roaming Control
34 of 141 Figure 21 – Operator list Select the most appropriate service from the list shown and select Apply. When Select operator mode is set to Automatic, the router selects the most appropriate operator based on the inserted SIM card. This is the default option and is sufficient for most users. Roaming control The roaming control function allows roaming to be enabled or disabled on the NTC-500.
Page 35: Cell Lock
35 of 141 Cell lock The Cell lock function allows you to specify a list of cells that the NTC-500 will not deviate from. The cells are separated by LTE and NR5G. Figure 23 – Cell lock Adding an LTE cell lock To add an LTE cell to the list: Next to LTE Cell Lock List, select the Add button.
Page 36: Sim Security
36 of 141 Figure 25 – Cell lock – Add NR5G cell lock Select on the Save button. Repeat steps 1 to 3 for all the NR5G cells that you wish to add. SIM security The SIM security settings page can be used for authenticating SIM cards that have been configured with a security PIN.
Page 37: Network Slice
37 of 141 Enter the PIN in the Current PIN field (enter numbers only). Select on the Save button to save the PIN and unlock access. Once unlocked, you may toggle the PIN protection switch to the Off position if you no longer wish to have access locked by a PIN.
Page 38: Lan
38 of 141 The LAN configuration page is used to configure the LAN settings of the NTC-500. To access the LAN configuration page, select on the Networking menu at the top of the screen, then select on the LAN menu on the left.
Page 39 39 of 141 You may also override the DNS Masquerading option by specifying custom DNS Server IP addresses in the DNS server configuration, detailed in DNS server section. In this case the DHCP server assigns downstream devices the manually configured addresses and the DNS Masquerading option is ignored. The DNS masquerading toggle key is OFF by default.
Page 40: Dhcp
40 of 141 DHCP The DHCP configuration page is used to configure the DHCP settings of the NTC-500. You can manually set the start and end address range to be used to automatically assign addresses, the lease time of the assigned address, the default domain name suffix, primary and secondary DNS server, the primary and secondary WINS server, as well as the advanced DHCP settings such as NTP, TFTP and Option 150/Option 160 (VoIP options).
Page 41 41 of 141 O p t i o n D e s c r i p t i o n DHCP start range Sets the first IP address of the DHCP range DHCP end range Sets the last IP address of the DHCP range DHCP lease time The length of time in seconds that DHCP allocated IP addresses are valid (seconds)
Page 42 42 of 141 Select the +Add button. The Static DHCP page appears. Figure 31 – Address reservation list – Add Static DHCP settings In the Computer Name field enter a name for the device. In the MAC Address field, enter the device’s MAC address. In the IP Address fields, enter the IP address that you wish to reserve for the device.
Page 43: Vlan
43 of 141 VLAN A Virtual Local Area Network (VLAN) is a subnetwork used to group devices located on separate physical networks. This is useful since it allows you to partition your network without the need for additional cabling or wireless access.
Page 44 44 of 141 Set the Enable toggle to the ON position. Select on the Save button to apply the settings. Figure 34 – VLAN – VLAN rule configuration NTC-500 – User Guide UG01448 v. 1.02 15 February 2024...
Page 45: Vpn
45 of 141 IPSec IPSec operates on Layer 3 of the OSI model and as such can protect higher layered protocols. IPSec is used for both site to site VPN and Remote Access VPN. The NTC-500 router supports IPsec end points and can be configured with Site to Site VPN tunnels for third party VPN routers.
Page 46 46 of 141 Figure 36 – VPN – IPSec Profile Edit NTC-500 – User Guide UG01448 v. 1.02 15 February 2024...
Page 47 47 of 141 The following table describes each of the fields of the IPSec VPN configuration page. P a r a m e t e r D e s c r i p t i o n IPSec profile Enables or disables the VPN profile. Profile name A name used to identify the VPN connection profile.
Page 48 48 of 141 DPD action Select the desired Dead Peer Detection action. This is the action to take when a dead Internet Key Exchange Peer is detected. DPD keep alive time Enter the time in seconds for the interval between Dead Peer Detection keep alive messages.
Page 49: Openvpn
49 of 141 OpenVPN OpenVPN is an open-source virtual private network (VPN) program for creating point-to-point or server-to-multi- client encrypted tunnels between host computers. It can traverse network address translation (NAT) and firewalls and allows authentication by certificate, pre-shared key or username and password. OpenVPN works well through proxy servers and can run over TCP and UDP transports.
Page 50 50 of 141 Figure 38 – VPN – OpenVPN – Generate server certificate prompt Select the OK button to be taken to the Server Certificate page. For more information on generating server certificates, refer to the Server Certificate section of this guide. When you have created the certificate, return to the OpenVPN server configuration page to continue the setup.
Page 51: Certificate Authentication
51 of 141 Certificate authentication In the Certificate Management section, enter the required details to create a client certificate. All fields are required. After filling out the required fields, select the Generate button. Figure 39 – VPN – OpenVPN – Certificate Authentication type Once the certificate is generated, select the Download P12 button or the Download TGZ button to save the certificate file, depending on which format you would like.
Page 52: Username / Password Authentication
52 of 141 Username / Password Authentication In the Username/Password section, enter the username and password you would like to use for authentication on the OpenVPN Server. Select the Download CA certificate or Download CA TGZ depending on file format button to save the ca.crt file.
Page 53: Configuring An Openvpn Client
53 of 141 Configuring an OpenVPN client From the OpenVPN page select the Add button to the right of OpenVPN Client List. The OpenVPN Client Edit page is shown. Figure 41 – VPN – OpenVPN – Configure OpenVPN client Set the OpenVPN profile toggle key to the On position. In the Profile name field, enter a name for the OpenVPN client profile you are creating.
Page 54 54 of 141 Certificate Authentication To use Certificate Authentication, a certificate must be uploaded. Set the Authentication Type field to Certificate. Scroll down to the Select certificate to upload field and select the Choose a file button. Figure 42 – OpenVPN – Certificate upload Locate the certificate on your computer, select Open, then select Upload.
Page 55 55 of 141 Certificate and Username / Password authentication The Certificate and Username / Password Authentication options is a combination of both the Certificate and Username / Password authentication methods. This provides additional levels of security since the client must know the username / password combination and be in possession of the certificate.
Page 56: Configuring An Openvpn P2P Connection
56 of 141 Configuring an OpenVPN P2P Connection The OpenVPN P2P connection allows you to create a Peer-to-Peer VPN connection with another router. One router should be the primary router, and the other router should be a secondary router. From the OpenVPN page select the Add button to the right of OpenVPN P2P List. The OpenVPN Peer Edit page is shown.
Page 57: Gre Tunnelling
57 of 141 Use the Port type and Server port fields to select a port number and then use the drop-down list to select a packet type to use for the OpenVPN server. The default OpenVPN port is 1194 and default packet type is UDP.
Page 58 58 of 141 Figure 46 – VPN – GRE Tunnelling – GRE Client Edit Set the Enable VPN toggle to On. In the Profile name field, enter a profile name for the tunnel. This name is used to identify the tunnel on the router.
Page 59 59 of 141 The Reconnect delay is the time in seconds that the router will wait before attempting to connect to the GRE server if the connection is broken. The minimum time to wait is 30 seconds so as to not flood the GRE server with connection requests, while the maximum time to wait is 65335 seconds.
Page 60: Server Certificate
60 of 141 Server Certificate The Server Certificate page is used to generate a certificate for use with OpenVPN. Generating Diffie-Helman files On first use of the certificate page, you will see the following prompt, where dh refers to Diffie-Hellman. Figure 47 –...
Page 61 61 of 141 Figure 49 – VPN – Server Certificate – Generate Diffie-Hellman prompt Selecting the OK button will delete and invalidate all previous server and client keys, if they exist, and generates new parameters. This process will take up to five minutes to complete. Once the files are generated, the Success prompt is shown.
Page 62 62 of 141 Figure 51 – VPN – Server Certificate – Generate certificate NTC-500 – User Guide UG01448 v. 1.02 15 February 2024...
Page 63: Firewall
63 of 141 Firewall The Port forwarding list is used to configure the Network Address Translation (NAT) rules currently in effect on the NTC-500. To access the Port forwarding page, select on the Networking menu at the top of the screen, select on the Firewall menu on the left.
Page 64: Mac Whitelist
64 of 141 In the Rule name field, enter a name for the rule so that it can be easily identified. In the Profile no. field, enter a number that corresponds to the Wireless WAN Profile that you want to use for the rule.
Page 65: Firewall Filtering
65 of 141 In the Name field, enter a name to identify the device. In the MAC address field, enter the MAC address of the device. Set the Enable toggle to On. Select the Save button. The device appears in the MAC Whitelist section. Figure 55 –...
Page 66: Creating A Mac / Ip / Port Filtering Rule
66 of 141 When enabling MAC / IP / Port filtering and setting the default rule to “Dropped”, you should ensure that you have first added Important – a filtering rule which allows at least one known MAC/IP to access the router, otherwise you will not be able to access the user interface of the router without resetting the router to factory default settings.
Page 67: Routing
67 of 141 Figure 57 – IPS router firewall To enable the IPS, set the Enable router firewall toggle to On and then select the Save button. Routing Static Static routing is the alternative to dynamic routing used in more complex network scenarios and is used to facilitate communication between devices on different networks.
Page 68: Adding Static Routes
68 of 141 Figure 58 – Static routing Adding Static Routes To add a new route to the static routing list, select the +Add button. The Static routes page appears. 1 In the Route name field, type a name for the route so that it can be identified in the static routing list. 2 From the Network interface drop-down list, select the interface for which you would like to create a static route.
Page 69: Static Routing List
69 of 141 Figure 59 – Static routing – Route configuration Active Routing List Static routes are displayed in the Active routing list. Figure 60 – Static routing – Active routing list Static Routing List From the static routing list, select the Delete icon to the right of the entry you wish to delete.
Page 70: Redundancy
70 of 141 Redundancy Virtual Router Redundancy Protocol (VRRP) is a non-proprietary redundancy protocol designed to increase the availability of the default gateway servicing hosts on the same subnet. This increased reliability is achieved by advertising a “virtual router” (an abstract representation of master and backup routers acting as a group) as a default gateway to the host(s) instead of one physical router.
Page 71: Configuring Vrrp
71 of 141 Configuring VRRP To configure VRRP, configure multiple devices as follows and connect them together via an Ethernet network switch to downstream devices. Set the Redundancy (VRRP) toggle to On to enable VRRP. In the Virtual ID field, enter an ID between 1 and 255. This is the VRRP ID which is different for each virtual router on the network.
Page 72 72 of 141 Configuring the VRRP WAN watchdog By default, VRRP WAN watchdog is disabled. When it is disabled, VRRP monitors the status of the primary and secondary by the physical link. When enabled, the VRRP WAN watchdog feature monitors the status of the connection by both the physical link and controlled ping packets.
Page 73 73 of 141 P a r a m e t e r D e s c r i p t i o n VRRP WAN Watchdog Set the VRRP WAN Watchdog to On to enable the watchdog. When enabled verbose comments are logged in the system log related to the Verbose logging failover monitoring.
Page 74: Dmz
74 of 141 The Demilitarized Zone (DMZ) allows you to configure all incoming traffic on all protocols to be forwarded to a selected device behind the router. This feature can be used to avoid complex port forwarding rules, but it exposes the device to untrusted networks as there is no filtering of what traffic is allowed and what is denied.
Page 75: Rip
75 of 141 RIP (Routing Information Protocol) is used for advertising routes to other routers. By enabling RIP all the routes in the router’s routing table will be advertised to other nearby routers. For example, the route for the router’s Ethernet subnet could be advertised to a router on the PPP interface side so that a router on this network will know how to route to a device on the router’s Ethernet subnet.
Page 76: Service Assurance
76 of 141 Service assurance The service assurance page allows you to run a number of tests to confirm connectivity on different WWAN profiles. Figure 66 – Service assurance To run a service assurance test: In the WWAN profiles field select the WWAN profile you wish to test. In the Domain name for DNS test field enter a Domain name to check the DNS connectivity.
Page 77 77 of 141 NTC-500 – User Guide UG01448 v. 1.02 15 February 2024...
Page 78: Services
78 of 141 Services Network time (NTP) The NTP (Network Time Protocol) settings page allows you to configure the NTC-500 router to synchronize its internal clock with a global Internet Time server and specify the time zone for the location of the router. This provides an accurate timekeeping function for features such as System Log entries and Firewall settings where the current system time is displayed and recorded.
Page 79: Configuring Ntp Settings
79 of 141 Configuring NTP settings To configure NTP settings: Select the Network time (NTP) toggle key to switch it to the ON position. In the NTP service field, enter the address of the NTP server you wish to use. The Synchronization on WWAN connection toggle key enables or disables the router from performing a synchronization of the time each time a mobile broadband connection is established.
Page 80: Snmp
80 of 141 SNMP The Simple Network Management Protocol (SNMP) allows a network administrator to monitor a network by retrieving settings on remote network devices. To do this, the administrator typically runs an SNMP management station program such as MIB browser on a local host to obtain information from the SNMP agent, in this case the NTC-500 (if SNMP is enabled).
Page 81: Configuring Snmp Traps
81 of 141 Select the Save button below the SNMP Traps section to apply the configuration. Configuring SNMP traps The NTC-500 can be configured to send SNMP traps to a central SNMP Network Management System (NMS) when certain events occur. To configure the SNMP traps: Set the SNMP Traps toggle to On.
Page 82 82 of 141 TR-069 To access the TR-069 configuration page, select the Services menu item, then select the TR-069 menu item on the left. Figure 69 – TR069 configuration NTC-500 – User Guide UG01448 v. 1.02 15 February 2024...
Page 83 83 of 141 The TR-069 (Technical Report 069) protocol is a technical specification also known as CPE WAN Management Protocol (CWMP). It is a framework for remote management and auto-configuration of end-user devices such as customer-premises equipment (CPE) and Auto Configuration Servers (ACS). It is particularly efficient in applying configuration updates across networks to multiple CPEs.
Page 84: Dns Server
84 of 141 In the Inform Period field, enter the number of seconds between the inform messages. Select the Save button to save the settings. DNS server The NTC-500 router can be configured to use custom DNS servers if required. Figure 70 –...
Page 85: Setup
85 of 141 Ability to forward incoming text messages via a cellular network to another remote destination which may ⚫ be a TCP/UDP server or other mobile devices. Ability to receive run-time variables from the device (e.g. uptime) on request via SMS ⚫...
Page 86: Sms Forwarding Configuration
86 of 141 Messages per page The number of SMS messages to display per page. Must be a value between 10 and (10-50) Encoding scheme The encoding method used for outbound SMS messages. GSM 7-bit mode permits up to 160 characters per message but drops to 50 characters if the message includes special characters.
Page 87: Diagnostics
87 of 141 If someone sends a text message and TCP server address is set to “192.168.20.3” and TCP port is set to “2002”, this text message is stored in the router and forwarded to “192.168.20.3” on port “2002” at the same time. To disable redirection to a TCP or UDP address, clear the TCP server address and UDP server address fields and select the Save button.
Page 88 88 of 141 SMS diagnostics and command execution Enables or disables the remote diagnostics feature. If this setting is enabled all incoming text messages are parsed and tested for remote diagnostics commands. If remote diagnostics commands are found, the router executes those commands. This feature is enabled by default.
Page 89 89 of 141 Allow execution of advanced commands This option allows execution of advanced commands such as those which are common to the Linux command line. For example: “execute ls /usr/bin/sms*” to list the contents of the /etc folder on the router. When it is turned off you are only allowed to execute the basic commands listed later in this guide.
Page 90: Sending An Sms Diagnostic Command
90 of 141 Figure 73 – SMS - SMS diagnostics configuration – White list settings To add a number to the white list, enter it in the Destination number field and define a password in the Password field. The SMS white list password must meet the following criteria for a strong password: Be a minimum of eight characters and no more than 128 characters in length.
Page 91 91 of 141 execute COMMAND ⚫ get VARIABLE ⚫ set VARIABLE=VALUE ⚫ If authentication is enabled, each command must be preceded by the password: PASSWORD execute COMMAND ⚫ PASSWORD get VARIABLE ⚫ PASSWORD set VARIABLE=VALUE ⚫ The following are some examples of SMS diagnostic commands: password6657 execute reboot ⚫...
Page 92 92 of 141 T y p e S M S C o n t e n t s N o t e s get command “VARIABLE=VALUE” “Successfully set VARIABLE to Only sent if the acknowledgment set command VALUE” message function is enabled execute command “Successfully executed command COMMAND”...
Page 93 93 of 141 Important – Commands, variables and values are case sensitive. List of basic commands A list of basic commands which can be used in conjunction with the execute command are listed below: “pdpcycle”, “pdpdown” and “pdpup” commands can have a profile number suffix ‘x’ added. Without the suffix specified, the command operates against the default profile configured on the profile list page of the Web-UI.
Page 94 94 of 141 ftp://username:password@serveraddress/directory%20with%20spaces/filename. Note: Authenticated FTP addresses may be used following the format as defined in RFC1738, for example: ftp://username:password@serveraddress/directory/filename.cdi ssh.genkeys Instructs the router to generate new public SSH keys. ssh.clearkeys Instructs the router to clear the client public SSH key files. Table 12 –...
Page 95 95 of 141 set ssh.passauth set ssh.passauth=1 Sets the SSH Enable password authentication option on or off. get ssh.keyauth get ssh.keyauth Returns the status of the SSH Enable key authentication option. set ssh.keyauth Set ssh.keyauth=1 Sets the SSH Enable key authentication option on or off.
Page 96 96 of 141 link.profile.1.pass password Cellular broadband Guest, could also return “null” password link.profile.1.auth_type authtype Cellular broadband ”pap” or”chap” Authentication type link.profile.1.iplocal wanip WAN IP address 202.44.185.111 wwan.0.radio.informati rssi Cellular signal -65 dBm on.signal_strength strength wwan.0.imei imei IMEI number 3.57347E+14 statistics.usage_current usage Cellular broadband...
Page 97 97 of 141 O p e r a t o r D e s c r i p t i o n s t a t u s Indicates an available operator which may be selected. Indicates a forbidden operator which may not be selected (applies only to generic SIM cards).
Page 98 98 of 141 Optus Vodafone Table 16 – SMS - Mobile Network Provider codes (Australia) Confirming the currently configured operator and network type You can retrieve the currently configured operator and network type using the get forceplmn command. The get forceplmn command returns the operator and network type selection mode (Automatic/Manual), in addition to the MCC and MNC values, for example: Automatic,505,1 This response indicates that the operator/network selection mode is Automatic, and the network used is Telstra.
Page 99 99 of 141 Send SMS to check the current band get band Send SMS to Disconnect (if connected) and execute pdpcycle reconnect the data connection Send SMS to disconnect the data connection execute pdpdown Send SMS to connect the data connection execute pdpup Send multiple get command get wanip;...
Page 100: Inbox
100 of 141 Send SMS to initiate a Network Quality test get networkquality Table 17 – SMS – SMS diagnostics example commands Inbox The Inbox displays all received messages that are stored on the router. Figure 74 – SMS - Inbox I c o n N a m e D e s c r i p t i o n...
Page 101: Outbox
101 of 141 Figure 75 – SMS – New message Destination numbers should begin with the “+” symbol followed by the country calling code. To send a message to a destination number, enter the “+” symbol followed by the country calling code and then the destination number.
Page 102: Mqtt
102 of 141 MQTT The MQTT page is used to configure the NTC-500 to use the MQTT protocol. MQTT is a standards-based messaging protocol used for machine-to-machine communication. Information is sent to clients in the form of a ‘topic’. The NTC-500 can be configured to send device information and neighbouring cells as a topic to common IoT monitoring applications, such as Microsoft Azure IoT Hub and Amazon IoT, using MQTT.
Page 103: Configuring Mqtt
103 of 141 Configuring MQTT Prerequisites Before configuring MQTT on the NTC-500, you may need to create the device on your external MQTT client provider, and generate certificates and keys as required for secure authentication. Refer to your external MQTT provider’s documentation for the required authentication configuration.
Page 104 104 of 141 Under MQTT configuration, enter the parameters as required. The following table details each field: P a r a m e t e r D e s c r i p t i o n Name Name of the client which will identify the client on the NTC-500 Host name Hostname of your client Client ID...
Page 105 105 of 141 Configure the following parameters as required: P a r a m e t e r D e s c r i p t i o n Publish topic string Enter a string which will identify the topic on the MQTT client. Publish QoS Select the Publish QoS (Quality of Service) for the topic.
Page 106: Oma-Lwm2M
106 of 141 OMA-LWM2M The OMA Lightweight M2M (OMA-LWM2M) protocol was designed by the Open Mobile Alliance to provide remote device management specifically for M2M devices. It is less taxing on the system and network than OMA- DM and TRS-069. OMA-LWM2M runs over UDP and supports asynchronous notifications when a resource changes.
Page 107: Supported Lwm2M Objects
107 of 141 I t e m D e s c r i p t i o n LwM2M Endpoint This is the unique ID the device will use to identify itself with LwM2M servers. Name Enable LwM2M Toggle key which enables or disables the LwM2M function. Override Server The LwM2M client maintains the list of servers that it will connect to as part of its Settings...
Page 108 108 of 141 LWM2M Access Control Device Connectivity Monitoring Firmware Update Location APN Connection Profile System Log 10259 Custom object Runtime Database Access 10260 Custom object Phone Module Info 33040 Custom object Table 22 – LWM2M supported objects Timeouts Most mobile networks use stateful firewalls or NAT where the timeout for UDP is approximately 1-2 minutes. If this applies to you, we suggest either configuring the LwM2M client with a registration lifetime that falls within this period (e.g.
Page 109: Event Configuration
109 of 141 Event Configuration The NTC-500 can be programmed to send notifications when certain events occur on the router. These notifications can be used for proactive monitoring of events such as unit reboots and Ethernet link changes. Figure 82 – Event Notification – Configuration NTC-500 –...
Page 110: Event Notification Configuration
110 of 141 Event Notification Configuration To use Event Notifications: Enable event notifications by setting the Enable toggle to On. In the Maximum buffer event size field, specify the buffer size for event notifications which failed to be delivered or are yet to be sent. In the Maximum retry count field, enter the number of times the NTC-500 should attempt to deliver the notification in the event of a delivery failure.
Page 111: Destination Configuration
111 of 141 Destination configuration The Destination Configuration page allows for the configuration of the Event Destination List, which specifies where notifications should be sent when they are triggered. Figure 84 – Log – Event destination list Configuring a destination Multiple destinations can be configured and assigned to different event types, depending on what notifications need to be sent.
Page 112 112 of 141 In the Destination name field enter a name to identify the destination profile. This name will appear on the Event Notification Configuration page, in the Destination Profile column. The Email address, SMS number, TCP address, UDP address and Custom command fields listed below are all optional. Complete Note –...
Page 113: Event Notification Log
113 of 141 Event notification log The Event Notification Log displays a log of Events which have been triggered. Select the Update button to refresh the content in the Log Content window. Select the Download button to download a log file for review in an external application.
Page 114: Email Settings
114 of 141 Email Settings The email settings page is used to configure the SMTP server to be used to deliver Event Notifications (configured in the Event notification configuration section). Figure 88 – Email Client Setting To configure the Email Server Settings, the following information is required: P a r a m e t e r D e s c r i p t i o n From...
Page 115: Dynamic Dns
115 of 141 Enable authentication If the SMTP server is expecting authentication, set the Enable Authentication toggle to On. Username Username to authenticate with the SMTP server. Password Password to authenticate with the SMTP server. Confirm password Re-enter the password to authenticate with the SMTP server. Email test recipient Enter an email address here after completing the previous details to test the SMTP configuration.
Page 116 116 of 141 To enable DDNS, set the Enable toggle to On. In the Dynamic DNS field select the provider you have signed up with. In the Hostname field, enter the custom hostname which you added to your provider. In the Username field, enter the username which you used to sign up to your provider. In the Password field, enter the password which you used to sign up to your provider.
Page 117: System
117 of 141 System The Log pages are used to download the System log, Event notification logs and IPSec logs on the router. System log The System Log enables you to troubleshoot any issues you may be experiencing with your NTC-500 router. To access the System Log page, select on the System menu.
Page 118 118 of 141 Figure 90 – Log – System log settings Log capture level The log capture level defines the amount of detail that the system log stores. This setting also affects the Display level setting on the System log page, for example, if this is set to a low level, such as “Error”, the System log will not be able to display higher log levels.
Page 119: Remote Syslog Server
119 of 141 Non-volatile Log When the router is configured to log to non-volatile memory, the log data is stored in flash memory, making it accessible after a reboot of the router. Up to 512kb of log data will be stored before it is overwritten by new log data.
Page 120: Diagnostic Log
120 of 141 Diagnostic log The router may be configured to enable the collection of diagnostic logs for the purpose of troubleshooting problems. These log files are intended for use by NetComm technicians. By default, this feature is disabled and should only be enabled if you are trying to find out the cause of a problem and are instructed to enable this by NetComm technical support staff.
Page 121 121 of 141 L o g c a p t u r e i n f o r m a t i o n Number of captured Displays the number of captured periodic logs. periodic logs Captured kernel panic Displays the total size of captured kernel panic data in kilobytes. data (KB) Clear all captured Press the “Clear”...
Page 122: Ipsec Log
122 of 141 IPSec log The IPsec Log enables you to identify and troubleshoot issues with the IPsec VPN connection. To access the IPsec Log page, select IPSec Log on the System menu. The IPSec Log page is displayed. Figure 93 – Log - IPSec Log NTC-500 –...
Page 123: Watchdog
123 of 141 To use the IPsec log, first set the log level for each type of log that should be captured. The following log levels are available: I T E M D E F I N I T I O N No logs collected.
Page 124 124 of 141 Caution should be exercised when using this feature in situations where the device is intentionally offline for a particular reason (e.g. user configured PDP session disconnect, or the Connect on demand feature enabled). The ping watchdog feature expects to be able to access the internet at all times and will always eventually reboot the router if access isn’t restored by the time the various timers and retries expire.
Page 125: Configuring Periodic Ping Settings
125 of 141 Configuring Periodic Ping settings The Periodic Ping settings configure the router to transmit controlled ping packets to 2 specified IP addresses. If the router does not receive responses to the pings, the router will reboot. To configure the ping watchdog: Enable the ping watchdog by setting the Periodic Ping Enable toggle to On.
Page 126: System Configuration
126 of 141 Select the Save button to save the settings. System configuration Restore factory defaults Restoring factory defaults will reset the NTC-500 router to its factory default configuration. You may encounter a situation where you need to restore the factory defaults on your NTC-500 router. There are three levels of factory reset: Installer reset ⚫...
Page 127: Web Server Setting
127 of 141 Wait for the router to reset and reboot, then access the device through the web interface at https://192.168.1.1 Web server setting You can configure whether the NTC-500’s web server uses HTTP or HTTPS and the server port. Additionally, you can generate a web server certificate by entering data in all the fields under the Generate web server certificate section.
Page 128: Administration Settings
128 of 141 Administration settings The Administration settings page allows for updating administration credentials and Web UI login limits. Web UI credentials Use this section to configure the username and password used to access the NTC-500 via the web interface. Figure 96 –...
Page 129: Settings Backup/Restore
129 of 141 Session timeout The amount of time in seconds that a logged in session lasts on the web interface. The web interface will log the current user out after the configured time. Table 27 Administration credentials Use this section to configure the username and password used to access the NTC-500 via SSH. Figure 98 –...
Page 130: Site And Location Settings
130 of 141 Figure 99 – System configuration - Backup and restore Creating a settings backup To create a settings backup, under the Save a copy of current settings section select the Save button. The configuration will download. If you wish to protect the configuration with a password, enter a password into the Password and Confirm password fields, then press Save.
Page 131: Runtime Configuration
131 of 141 Figure 101 – System configuration – Site and location settings Update the site name and location by entering the information in the fields, then pressing Save. Runtime configuration Runtime Configuration can be used to load a configuration file containing carrier-specific settings such as default settings, MBN changes which are not available via the web user interface.
Page 132: Ssh Key Management
132 of 141 SSH key management Secure Shell (SSH) is UNIX-based command interface and network protocol used to gain secure access to a remote computer, execute commands on a remote machine or to transfer files between machines. It was designed as a replacement for Telnet and other insecure remote shell protocols which send information, including passwords, as plain text.
Page 133: Led Operation Mode
133 of 141 LED operation mode Use the LED operation mode page to control the operation of the LED indicator lights on the NTC-500. There are two modes available, Always on and Turn off after timeout. Setting the mode to Always on sets the indicator LEDs to be lit when the device is on.
Page 134: Firmware Upgrade
134 of 141 Firmware upgrade To access the Firmware upgrade page, select the System menu, then Firmware upgrade. The Firmware upgrade page allows you to upload firmware files to update the NTC-500 router. When firmware files have been uploaded, they can also be installed from this page. Figure 105 –...
Page 135: Access Control
135 of 141 Access control The Access control pages are used to configure the remote and local access to the router. Note – All remote access to the router is disabled by default. Figure 106 – Access control configuration O P T I O N D E F I N I T I O N R e m o t e A c c e s s C o n t r o l HTTP enable...
Page 136: Reboot
136 of 141 HTTPS port When HTTPS is enabled you can set the HTTPS remote access port. Enter a port number between 1 and 65534 to use when accessing the router remotely over a secure HTTPS connection. HTTPS source IP allow list When HTTPS is enabled (see Enable HTTPS above) you can enter a ‘whitelist’...
Page 137: Field Test
137 of 141 Select the Reboot button from the menu on the left side of the screen. The NTC-500 displays a warning that you are about to perform a reboot. Figure 108 – Reboot – Reboot confirmation If you wish to proceed, select the Reboot button. A warning popup will advise that “It may take a few minutes to reboot your device.
Page 138 138 of 141 L T E P C E L L I N F O R M A T I O N Physical Cell ID of the LTE Cell. EARFCN E-UTRA Absolute Radio Frequency Channel Number. Uniquely identifies the LTE Band and carrier frequency.
Page 139: Encrypted Debuginfo
139 of 141 Encrypted debuginfo The Encrypted Debug Information page contains NR5G cell information which may be useful when troubleshooting signal strength issues. Select the Generate button to force the NTC-500 to create a debug file. A success message will appear when the debug file generation is complete.
Page 140: Appendix A - Configuring Radio Access Technologies
140 of 141 Appendix A – Configuring Radio Access Technologies This device supports the following modes of operations in various combinations LTE (3GPP Core Network Option 1)  5G Non Standalone (3GPP Core Network Option 3x)  5G Standalone (3GPP Core Network Option 2) ...
Page 141: Contact Details
18 – 20 Orion Road, Lane Cove Sydney, NSW, 2066 Australia +61 2 9424 2070 Head Office US Casa Systems 100 Old River Road, Andover, MA 01810 +1 978 688 6706 NTC-500 – User Guide UG01448 v. 1.02 15 February 2024...

Casa Systems NetComm NTC-500 User Manual

Quick Links

Need help?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Casa Systems NetComm NTC-500

Summary of Contents for Casa Systems NetComm NTC-500