Subscribe to Our Youtube Channel
Related Manuals for SSV RMG/938
Summary of Contents for SSV RMG/938
- Page 1 MODULAR OT CONNECTIVITY GATEWAY RMG/938A, AL, ALM with DNP/7231 System Reference SSV SOFTWARE SYSTEMS Document Revision 2.1 // 2025-03-27...
-
Page 2: Table Of Contents
5.5 LED Functions ......................13 6 CONNECTIONS ....................14 6.1 Ethernet Link ......................14 6.2 Power Supply ......................15 6.3 LTE Antenna......................16 7 SSV/WEBUI ......................17 7.1 Status ........................18 7.2 System ........................19 7.2.1 System > System Identification ................19 7.2.2... - Page 3 Services > DHCP Server ..................... 34 7.4.5 Services > SNMP ....................... 34 7.4.6 Services > Remote Access (OpenSSH) ..............35 7.4.7 Services > SSV/WebUI ....................36 7.5 Proxies ........................37 7.5.1 Proxies > Web ......................37 7.5.2 Proxies > DNS......................38 7.5.3...
-
Page 4: Introduction
INTRODUCTION This document describes the main hardware components, the necessary connections as well as the web-based user interface (SSV/WebUI) of the RMG/938A, AL, ALM. Figure 1: Typical application with the RMG/938A, AL, ALM Figure 1 shows the RMG/938A, AL, ALM with domain isolation features between the Ethernet-based IT network and different wired and wireless OT device interfaces. -
Page 5: Checklist
1x LTE antenna with magnetic base and 3 m cable (only for RMG/938AL and RMG/938ALM) Please note: The nameplate of the RMG/938A, AL, ALM contains the login information for the SSV/WebUI. We recommend taking a photo of the nameplate before mounting the device in a control cabinet. Figure 2: Nameplate The nameplate is located on the side or on the bottom of the device. -
Page 6: Document Conventions
Introduction Document Conventions Convention Usage bold Important terms monospace Filenames, Pathnames, program code, command lines Table 1: Conventions used in this document RMG/938A, AL, ALM // System Reference... -
Page 7: Safety Guidelines
Safety Guidelines SAFETY GUIDELINES Please read the following safety guidelines carefully! In case of property or personal damage by not paying attention to this document and/or by incorrect handling, we do not assume liability. In such cases any warranty claim expires. ATTENTION! OBSERVE PRECAUTIONS FOR HANDLING –... -
Page 8: Overview
Overview OVERVIEW Control Elements Figure 3: Front view RMG/938A, AL, ALM // System Reference... -
Page 9: Features And Technical Data
SSV/WebUI Security TCP/IP protocol stack with IPv4 and IPv6 support and various security protocols Firewall with netfilter + iptables, setup via SSV/WebUI Wireless expansion 1x mPCIe card socket for WSN or WWAN 1x Mini-SIM card holder (accessible from the outside) -
Page 10: Rmg/938Al: Features Lte Module
Overview RMG/938AL: Features LTE Module LTE Module Mobile radio standards GSM/UMTS/HSPA+/LTE Transfer rates 150 Mbps peak download, 50 Mbps peak upload Frequency bands LTE B1/B3/B5/B7/B8/B20 Frequency bands WCDMA B1/B5/B8 Frequency bands GSM850/GSM900/DCS1800/PCS1900 GSM/GPRS Authentication PAP, CHAP, CHAT, none Supported APNs Telekom, Vodafone, 02, E-Plus, user-defined Table 3: Features LTE module... -
Page 11: Sim Card
SIM Card SIM CARD The internal SIM card of the RMG/938AL and RMG/938ALM can be changed through the slot on the backside. To remove the SIM card just push it gently with a screw driver until you hear a soft "click". The SIM card is ejected a few millimeters and can be pulled out easily. -
Page 12: Pinouts
Pinouts PINOUTS 10/100 Mbps Ethernet Interface LAN1 Pin Name Function 10/100 Mbps LAN, TX+ 10/100 Mbps LAN, TX- 10/100 Mbps LAN, RX+ Not Connected Not Connected 10/100 Mbps LAN, RX- Not Connected Not Connected Table 5: Pinout Ethernet interface LAN1 10/100 Mbps Ethernet Interface LAN2 Pin Name Function... -
Page 13: Screw Terminals
Pinouts Screw Terminals Terminal Signal COM2 Serial Port: RS485 RX/TX+ COM2 Serial Port: RS485 RX/TX- Vin + (24 VDC) Vin - COM3 Serial Port: TXD (RS232), RX/TX- (RS485) COM3 Serial Port: RXD (RS232), RX/TX+ (RS485) Signal Ground Table 8: Pinout screw terminals LED Functions Description Flash... -
Page 14: Connections
Connections CONNECTIONS For the RMG/938A, AL, ALM commissioning, only a LAN connection to a PC must be established and the 24 VDC supply voltage must be provided. Ethernet Link Connect the LAN1 interface of the RMG/938A, AL, ALM with an Ethernet LAN cable to a PC. The IP address of the LAN1 interface is ex-factory set to 192.168.0.126. -
Page 15: Power Supply
Connections Power Supply The RMG/938A, AL, ALM needs a supply voltage of 24 VDC to work. Connect the cables of the provided plug-in power supply with the screw terminals of the RMG/938A, AL, ALM like shown in fig. 5. Figure 7: Connecting the power supply Terminal Signal Vin + (24 VDC) -
Page 16: Lte Antenna
Connect the LTE antenna to the RMG/938AL, ALM like shown in fig. 8 and place it where the LTE sig- nal strength is high. You can check the LTE signal strength in the SSV/WebUI under Network > Mobile (see chapter 7.3.4). Figure 8: Connecting the LTE antenna... -
Page 17: Ssv/Webui
The SSV/WebUI is the web-based user interface of SSV gateways. It enables configuration of inter- faces, protocols, services and so on. To open the login page of the SSV/WebUI enter the ex-factory IP address and port number of LAN2 of the RMG/938A, AL, ALM manually in a web browser: 192.168.1.126:7777... -
Page 18: Status
SSV/WebUI Status Figure 11: Status page Figure 11 shows an example system status page with the addresses of all IP interfaces plus additional information about DNS servers and the default gateway. RMG/938A, AL, ALM // System Reference... -
Page 19: System
SSV/WebUI System 7.2.1 System > System Identification Figure 12: System identification This page summarizes various properties for gateway identification. Host name Input of an arbitrary name to be able to identify a certain gateway reliably. Location Location information or details to find the installation location of a specific gateway. -
Page 20: System > Firmware Update
Reboot system Clicking on [Reboot] causes the gateway's operating system to shut down. This is followed by a re- boot. The SSV/WebUI session must then be restarted. This action may cause the loss of unsaved set- tings. Configuration download The configuration settings of the gateway can be downloaded and saved as a file to the PC. -
Page 21: System > Time And Date
SSV/WebUI 7.2.4 System > Time and Date Figure 15: System time and date Local time zone configuration The time zone in which the gateway is located can be set here. The setting is required in order to car- ry out the necessary correction during a time synchronization with time servers on the Internet (cor- rection with respect to Greenwich Mean Time (GMT)). -
Page 22: System > Watchdog
SSV/WebUI The serial interfaces of the gateway can be used universally for different applications. Via this page individual interfaces can be reserved for operation as a serial console (remote console) or as a COM port redirector. By such a reservation the respective interface is no longer available for other appli- cations. - Page 23 SSV/WebUI Enable watchdog service Enable or disable watchdog services of the gateway. Enable default watchdog Activate the individual watchdogs listed here with the factory default settings. Reboot interval Set a time interval after which a gateway reboot is automatically triggered. The gateway reboot sets all system processes to a (defined) initial state.
-
Page 24: System > Logging
SSV/WebUI Mobile: reset count This function is only for gateways with an internal cellular modem. Mobile: reboot count This function is only intended for gateways with an internal cellular modem. 7.2.7 System > Logging Figure 18: Logging settings The gateway generates a log file with extensive entries at runtime. It is used for diagnostics and for finding the cause of unusual system behaviour and other events. -
Page 25: Network
SSV/WebUI Network 7.3.1 Network > WAN Figure 19: WAN settings In many use cases, a gateway simultaneously maintains local connections to other systems as well as various external connections to the Internet (so-called WAN connections = Wide Area Network con- nections), e.g., to a time server and other special cloud and IoT service platforms. -
Page 26: 7.3.2 Network > Lan1
SSV/WebUI 7.3.2 Network > LAN1 Figure 20: LAN1 settings The IP address of the LAN1 interface is ex-factory set to 192.168.0.126. Interface configuration for LAN1 Enable or disable the LAN1 interface. IPv4 address configuration IPv4 address setting options for the LAN1 interface. An automatic IP address assignment via DHCP or manual address entry are possible. -
Page 27: 7.3.3 Network > Lan2
SSV/WebUI 7.3.3 Network > LAN2 Figure 21: LAN2 settings The LAN2 interface is disabled by default. Interface configuration for LAN2 Enable or disable the LAN2 interface. IPv4 address configuration IPv4 address setting options for the LAN2 interface. An automatic IP address assignment via DHCP or manual address entry are possible. -
Page 28: 7.3.4 Network > Mobile Network Settings
SSV/WebUI 7.3.4 Network > Mobile Network Settings Figure 22: Mobile network settings The RMG/938ALM comes with a preinstalled NB-IoT SIM card with 500 MB free traffic volume. In the section Modem configuration the line Status should display CONNECTED. You can also check the signal strength by clicking on the button [Check signal]. - Page 29 SSV/WebUI Please note: If the gateway cannot establish a connection to the mobile network, please try setting up the gateway in another location with better mobile reception. Modem configuration Enable or disable the modem interface, view the connection status, and check the current signal strength.
-
Page 30: 7.3.5 Network > Firewall And Nat
SSV/WebUI 7.3.5 Network > Firewall and NAT Figure 23: Firewall and NAT settings The gateway has a complex firewall system that can be used to monitor and filter the data traffic of all existing IP interfaces. The options are very extensive. To configure the firewall, an appropriately trained expert is definitely required. -
Page 31: Services
Figure 24: General services settings IMPORTANT! The gateway has both a Telnet and FTP server for compatibility with older SSV products. Both protocols are now considered insecure because they are based on unencrypted data transmission. In this respect, these protocols should be... -
Page 32: Services > Openvpn
SSV/WebUI 7.4.2 Services > OpenVPN Figure 25: OpenVPN settings A typical application example for industrial gateways is their use in virtual private networks (VPNs) to implement remote maintenance applications. Here, the gateway forms a VPN client endpoint and enables a service engineer to securely remotely access the assemblies located behind the gateway (e.g., controllers in a local OT LAN). -
Page 33: Services > Dyndns
SSV/WebUI 7.4.3 Services > DynDNS Figure 26: DynDNS settings The gateway enables applications in which it must itself be accessible via a DNS name on the Inter- net. One example would be operation as a VPN server. As such a gateway usually does not receive a static IP address on the Internet, DynDNS can be used as an alternative. -
Page 34: Services > Dhcp Server
SSV/WebUI 7.4.4 Services > DHCP Server Figure 27: DHCP server settings Please note: The DHCP server is only available for the LAN1 interface. The gateway can be used as a DHCP server because it supports automatic IP address assignment via Dynamic Host Configuration Protocol (DHCP) to OT modules (DHCP client modules) connected to the LAN1 interface. -
Page 35: Services > Remote Access (Openssh)
SSV/WebUI 7.4.6 Services > Remote Access (OpenSSH) Figure 29: Remote access settings OpenSSH configuration SSH-based administrator access to the gateway (SSH Secure Shell). An OpenSSH daemon (SSHD) runs within the gateway operating system for this purpose. The SSHD can be enabled, disabled and con- figured. -
Page 36: Services > Ssv/Webui
Services > SSV/WebUI Figure 30: SSV/WebUI settings The SSV/WebUI of the gateway supports two different user classes: 1. an administrator (admin) with all rights and 2. a user (user) with restricted rights, who is also only presented with an adjustable se- lective view of the SSV/WebUI. -
Page 37: Proxies
SSV/WebUI Proxies 7.5.1 Proxies > Web Figure 31: Web proxy service settings If HTTP servers exist in the automation modules of an OT network, the web proxy function of the gateway can be used to increase IT security for access to these servers. For this purpose, a web proxy is configured for each HTTP server, which converts the insecure HTTP protocol into the secure HTTPS protocol. -
Page 38: Proxies > Dns
SSV/WebUI 7.5.2 Proxies > DNS Figure 32: DNS proxy settings A DNS proxy routes DNS requests and DNS responses between DNS clients and a DNS server. The DNS proxy simplifies network management. For example, if the DNS server address changes, only a change in the configuration is required for the DNS proxy, not for each individual DNS client. -
Page 39: Proxies > Tcp
SSV/WebUI 7.5.4 Proxies > TCP Figure 34: TCP proxy settings A TCP proxy creates a TCP socket under a specified TCP port number (Listen on port socket, LoP) and a bidirectional data connection between this socket and another adjustable TCP socket (Relay to sys- tem, RtS), which can be located on the same gateway or on an external system with a static IP ad- dress. -
Page 40: Logout
Create a new UDP proxy socket connection. This requires the following entries: 1. The UDP port number for the LoP. 2. The IP address and the port number for the RtS. Logout Logout from the SSV/WebUI session. RMG/938A, AL, ALM // System Reference... -
Page 41: Helpful Literature
7.3.4, edited chapter 7.4.4 The contents of this document are subject to change without prior notice. SSV does not assume any liability and does not guarantee that the presented information is accurate or complete. The information in this document is provided 'as is' with- out warranty of any kind.
Need help?
Do you have a question about the RMG/938 and is the answer not in the manual?
Questions and answers