Usser Guiide NWL-12 N 2 Series – 3G Liight Ind dustriall M2M Routerr
Copyright Copyright© 2013 NetCom mm Wireless Limited. All rights reserved. The information contained herein is proprietarry to NetComm Wireless. No part of this ddocument may be translated, transcribed, reproduced, in any fform, or by any means without prior writteen conssent of NetComm Wirreless. Note: This document is subject too change without nottice.
DOCUMENT VVERSION DATE Initial documennt release Table 1 - Document Revisionn History Tabl T le of o Co onte entss Ove erview ................................................................................................................................................ 5 Introduction ...............................................................................................................................................................................................................................
NetComm Wireless 3G Light Industrial M2M Router 4 www.netcommwireless.
Ove O ervie ew In ntroduc ction This document provides you all the informatioon you need to set upp, configure and use the NetComm Wireleess NWL-12 3G Light Industrial M2M Routter. Ta arget a audienc ce This document is intendeed for system integrators or experienced hardware h installers wwho understand teleccommunications terminology and conceptts.
Product introduction Product overview Penta-band 3G with quad-band 2G auto-fallback HSPA+ up to 14.4 Mbps DL Ethernet port with full passive Power over Ethernet (PoE) support (802.3af) (NWL-12-01 only) RS232/RS422/RS485 Port and USB 2.
Prroduct feature es The NetComm Wireless NNWL-12 3G Light Inddustrial M2M Router iss an M2M device dessigned by NetComm Wireless to address the rapid growth in MM2M deployments. Itt has been designed to t 3G Light Industriaal M2M Router can bbe managed remotelyy even when it does not n provvide state-of-the-art feeatures and versatilityy at an affordable price. Compatible with network worldwide, the havee an Internet connecttion via the use of SM MS diagnostics and commands.
Phys P sica al diime ensio onss and d indicato ors Ph hysicall dimen nsions Beloow is a list of the physsical dimensions of thhe 3G Light Industrial M2M Router. Figure 1 – 3G Lig ight Industrial M2M Router R Dimensions 3G LIGHHT INDUSTRIAL M2M M ROUTER (WITHOUT EXXTERNAL ANTENNAAS ATTACHED) Length 140 mm Depth 103 mm Height 30 mm Weight Tabble 2 - Device Dimenssions NetCComm Wireless 3G Ligght Industrial M2M Rouuter 8 www.netcommwirelless.
LE ED ind dicatorss The 3G Light Industrial M M2M Router uses 7 LEEDs to display the cuurrent system and co nnection status.
Signal strength LEDs The following table lists the signal strength range corresponding with the number of lit signal strength LEDs. NUMBER OF LIT LEDS SIGNAL STRENGTH All LEDs unlit < -109 dBm 1 -109 dBm to -101dBm 2 -101 dBm to -91 dBm 3 -91 dBm to -85 dBm 4 -85 dBm to -77 dBm 5 > -77 dBm Table 4 - Signal strength LED descriptions LED update interval The signal strength LEDs update within a few seconds with a rolling average signal strength reading.
In nterface es The following interfaces aare available on the 3G 3 Light Industrial M2M Router: Figure 4 - Interfacess ITEM DESCRIPTION D Main anttenna socket SMA female connector for main antenna. Auxiliaryy antenna socket SMA female connector for auxiliary antenna. GPS anteenna socket SMA female connector for GPS antenna. Six-way terminal block connector Connect power sourrce, ignition and I/O wires hhere.
Plac P cem ment of tthe rou uter The two external high-peerformance antennas supplied with the rouuter are designed to provide optimum siggnal strength in a wide range of environmeents. If you find the signal strength is weaak, try a acceptable signall, try moving the routeer to a different placee or mounting it differrently. adjusting the orientation of the antennas.
Pe erpendicullar to the wall w If a large surface area is not available, there is the option of mounting the router perpeendicular to the wall. This T gives the router a small wall footprintt while remaining seccurely attached. Use apprropriately sized screwws in the mounting hooles provided on the back of the unit.
Mounting bracket The provided mounting bracket provides additional methods of mounting the 3G Light Industrial M2M router. To attach the mounting bracket, slide it onto the rear of the router as shown in the diagram below: Figure 9 - Sliding on the mounting bracket To remove the bracket, press the PUSH button and slide the router off the bracket: Figure 10 - Removing the mounting bracket NetComm Wireless 3G Light Industrial M2M Router 14 www.netcommwireless.
www.netcommwireless.
Ussing the m mounting brracket for wall moun nting By first attaching the DINN rail bracket to the wall, w the 3G Light Induustrial M2M router caan be easily attachedd and removed from the bracket.
De esk mountt In sittuations where wall m mounts and DIN rails are not required, youu can simply place thhe 3G Light Industrial M2M router on a deesk using its rubber feeet to prevent it from slipping. FFigure 14 - Desk mouunt www.netcommwireless.
Installation and configuration of the 3G Light Industrial M2M router Powering the router The 3G Light Industrial M2M router can be powered in one of three ways: 1. Power over Ethernet (802.3af PoE) (available on the NWL-12-01 only) 2. DC power input via 6-pin connector (8-40V DC) 3. DC power input via field terminated power source (8-40V DC) The green power LED on the router lights up when a power source is connected. Power over Ethernet (802.
TERMINAL DESCRRIPTION + Positive wire for powerr. - Ground wire. i Dedicated terminal for ignition detection. I/O Three terminals used foor input/output detection. (Please ( refer to the User Guuide). Table 8 - Locking power block ck pin outs Fa ailover pow wer suppo ort (NWL-1 12-01 only)) The 3G Light Industrial M M2M router includes support s for connectioon of two power sourcces at the same timee.
Adv A vanc ced con nfig gura ation n The 3G Light Industrial M M2M Router comes with w preconfigured setttings that should sui t most customers. Foor advanced configurration, log in to the wweb-based user interfface of the router. To loog in to the web-baseed user interface routter: 1. Open a web browser (e.g. Internet Explorer, Firefox, Safari), type http://1 92.168.1.1 into the address bar and press Enter. The web-baased user interface log in screen is displayyed.
Statu S us The status page of the web interface providess system related information and is displaayed when you log in to the 3G Light Industrial M2M router maanagement console. The T status page showws System information, LAN details, Cellular connection status, Packeet data connection sttatus and Advanced status details. You can toggle the sectionns from view by clicking the buttoons to show or hide them. Extra status boxes will appear as addditional software feaatures are enabled (ee.g.
ITEM DEFINITION System information System up time The current uptime of the router. Board version The hardware version of the router. Serial Number The serial number of the router. Software The software version number running on the router. Model The type of phone module and the firmware version of the module. Firmware version The firmware revision of the phone module. IMEI The International Mobile Station Equipment Identity number used to uniquely identify a mobile device.
IMSI The Internationaal mobile subscriber identitty is a unique identifier of thhe user of a cellular networrk. Cell ID A unique code that t identifies the base stattion from within the locationn area of the current mobilee network signal. Channel number (UARFCCN) The channel num mber of the current 3G/2G connection. Table 11 - Status page item m details www.netcommwireless.
Internet The Internet section provides configuration options for Wireless WAN, LAN, Routing and VPN connectivity. Data Connection The data connection page allows you to configure and enable/disable the connection profile. To access this page, click on the Networking menu, and under the Wireless WAN menu, select the Data Connection item. Figure 18 – Data connection settings NetComm Wireless 3G Light Industrial M2M Router 24 www.netcommwireless.
ITEM DEFINITION N Data connection Transparent Bridge (PPPPoE) Toggles the trannsparent bridge function onn and off. Profile name list Default Sets the correspponding profile to be the deefault gateway for all outboound traffic except traffic foor which there are configurered static route rules or profile routing settings. Status Toggles the corresponding profile on and off. If your carrier supportss it, two profiles may be turned on simultaneously.
2. Click the Profile toggle key to turn the profile on. Additional settings appear. Figure 20 - Data connection settings - Profile turned on 3. In the Profile name field, enter a name for the profile. This name is only used to identify the profile on the router. 4. Ensure that the Automatic APN selection toggle key is set to off. If it is not, click it to toggle it to the off position. 5.
13. Click the Saave button when youu have finished entering the profile detailss. Co onfirming a successfful connec ction Afterr configuring the paccket data session, andd ensuring that it is enabled, e click on the Status menu item at the top of the page to return to the Statuss page. When there iss a mobile broadband connnection, the WWAN ssection is expanded showing the details of o the connection andd the Status field dispplays Connected.
Connect C t on De emand The connect on demand feature keeps the Paacket Data Protocol (PDP) context deactivvated by default while making it appear too locally connected ddevices that the routeer has a permanent r attempts to esttablish a mobile broaadband data connection. connnection to the mobile broadband network.
Se etting the rrouter to dial d a connection whe en traffic is i detected d on speciific ports In soome situations, you m may wish to have the internet connection disabled d except at timmes when outbound traffic to a particular external host’s port oor range of ports is sent to the router. To use u this feature, f click Enable dial port filter and enter the port number or list of port numbeers separated by com mmas.
Setting timers for connection and disconnection The router has a number of timer settings which let you determine when a connection is dialled and when it is disconnected. Figure 27 – Dial on demand - Connect and disconnect timers OPTION DESCRIPTION On data activity, stay online for at least When traffic as per the configured settings above appear, the router will either continue to stay online, or dial a connection and will not disconnect it for the specified time period (min. 1 minute, max. 1 hour).
Ma anually co onnecting//disconnec cting Therre may be times when you need to either force a connection too be made or force a disconnection manuually. You can use thee Manual connect annd Manual disconnecct buttons to do this whenever necessary. Thee online status of the connection is displaayed above the buttonns.
Operato O or Settin ngs The Operator settings paage enables you to seelect which frequency band you will use ffor your connection and a enables you to sccan for available netwwork operators in youur area. Fi Figure 30 - Band settinngs p you are promptted to disable the data connection if it is Note: In ordeer to change the celluular band settings, thhe data connection mmust be disabled. Whhen you access this page, already activve.
Figgure 31 - Operator sett ttings A list of the detected 3G service carriers in yoour area is displayed. Figure re 32 - Detected operaator list Select the most appropriate 3G service from the t list shown and click Apply. Wheen Select operator moode is set to Automattic, the router selects the most appropriatee operator based on the inserted SIM carrd. This is the defaultt option and is sufficieent for most users.
b) Enter the PIN in the Current PINN field and then enterr it again in the Confirrm current PIN field to t confirm the PIN. c) If you are pplacing the router in a remote, unattendedd location, you may wwish to check the Rem member PIN option. This T feature allows thhe router to automaticcally send the PIN to the SIM each tiime the SIM asks for it (usually at power up).
Ch hanging th he SIM PIN N code If you would like to changge the PIN, click the Change C PIN button and a enter the currentt PIN into the Current PIN and Confirm current PIN fields, thenn enter the desired PIN into the New PIN and a Conffirm new PIN fields aand click the Save buutton. Figure 335 - PIN settings - Cha hange PIN Wheen the PIN has been cchanged successfully, the following screeen is displayed: Figure 36 - SIM ssecurity settings – PIN N unlock successful www.netcommwireless.
Un nlocking a PUK locke ed SIM Afterr three incorrect attem mpts at entering the PIN, the SIM card beecomes PUK (Personnal Unblocking Key) locked and you are reequested to enter a P UK code to unlock it. Note: To obtain the PUK unlock coode, you must contacct Vodafone. You will be issued a PUKK to enable you to unllock the SIM and enteer a new PIN. Enter tthe new PIN and PUKK codes. Clickk the Save button whhen you have finishedd entering the new PIN and PUK codes.
LA AN LA AN configu uration The LAN configuration paage is used to configgure the LAN settingss of the router and to enable or disable DNNS Masquerading. Figure 338 – LAN configuration on settings The default IP of the Etheernet port is 192.168.1.1 with subnet maskk 255.255.255.0. To cchange the IP address or Subnet mask, enter e the new IP Addrress and/or Subnet mask m and click the Saave buttoon.
DHCP The DHCP page is used to adjust the settings used by the router’s built in DHPC Server which assigns IP addresses to locally connected devices. DHCP relay configuration In advanced networks configurations where the 3G Light Industrial M2M Router should not be responsible for DHCP assignment, but instead an existing DHCP server is located on the Wireless WAN connection, the clients behind the 3G Light Industrial M2M Router are able to communicate with the DHCP server when DHCP relay is enabled.
OPTION DESCRIPTIO ON DHCP start range Sets the first IP address of thhe DHCP range DHCP end rannge Sets the last IP address of thhe DHCP range DHCP lease time (seconds) Thhe length of time in secondds that DHCP allocated IP addresses are valid Default domain name suffix Specifies the default domainn name suffix for the DHCPP clients. A domain name suffix enables users to acceess a local server, for exam mple, server1, without w typing the full domaiin name server1.domain.
Dynamic DHCP client list The Dynamic DHCP client list displays a list of the DHCP clients. If you want to reserve the current IP address for future use, click the Clone button and the details will be copied to the address reservation list fields. Remember to click the Save button under the Address reservation list section to confirm the configuration. Figure 42 - Dynamic DHCP client list NetComm Wireless 3G Light Industrial M2M Router 40 www.netcommwireless.
Routing Sta atic Static routing is the alternnative to dynamic rouuting used in more coomplex network scennarios and is used to facilitate communicaation between devicees on different networrks. Static routing involves conffiguring the routers inn your network with all the information neccessary to allow the ppackets to be forwardded to the correct destination. If you channge the IP address off one of the devices inn the staticc route, the route willl be broken.
Figure 44 - Adding a static route Active routing list Static routes are displayed in the Active routing list. Figure 45 - Active routing list Deleting static routes From the static routing list, click the icon to the right of the entry you wish to delete. Figure 46 - Deleting a static route NetComm Wireless 3G Light Industrial M2M Router 42 www.netcommwireless.
RIP RIP (Routing Information Protocol) is used forr advertising routes too other routers. Thus all the routes in the router’s r routing table will be advertised to other nearby routerss. For example, the rooute for thhe router’s Ethernet ssubnet could be adveertised to a router on the PPP interface sidde so that a router onn this network will knoow how to route to a ddevice on the router’s Ethernet subnet. Sttatic routees must be added manually according to your requirements. See S Adding Static Rooutes.
Re edundancy y (VRRP) configurati c ion Virtuual Router Redundanccy Protocol (VRRP) iss a non-proprietary reedundancy protocol designed to increasee the availability of the default gateway seervicing hosts on the same subnet. This increeased reliability is acchieved by advertisingg a “virtual router” (an abstract representtation of master and backup b routers actingg as a group) as a deefault gateway to thee host(s) instead of onne physsical router.
Po ort Forward ding The Port forwarding list iss used to configure thhe Network Address Translation (NAT) rulles currently in effectt on the router. Figuure 49 – Port forwardin ing list The purpose of the port fforwarding feature is to allow mapping of inbound requests to a specific port on the WAN IP address too a device connectedd on the Ethernet inteerface. Ad dding a port fo orwarding rulle To create a new port forwwarding rule: 1. Click the +AAdd button.
Figure 50 - Port forwarding settings To delete a port forwarding rule, click the button on the Port forwarding list for the corresponding rule that you would like to delete. NetComm Wireless 3G Light Industrial M2M Router 46 www.netcommwireless.
DM MZ The Demilitarized Zone (DMZ) allows you to configure c all incomingg traffic on all protocools to be forwarded to t a selected device behind the router. Thhis feature can be used to avoid complex port a there is no filteringg of what traffic is alloowed and what is denied. forwarding rules, but it exxposes the device to untrusted networks as The DMZ configuration ppage is used to specify the IP Address of the device to use as the DMZ host. Figu gure 51 - DMZ configurration 1.
Router Firewall The Router firewall page is used to enable or disable the in-built firewall on the router. When enabled, the firewall performs stateful packet inspection on inbound traffic from the wireless WAN and blocks all unknown services, that is, all services not listed on the Services configuration page of the router. With respect to the other Routing options on the Networking page, the firewall takes a low priority.
MA AC / IP / P Port filterin ng The MAC/IP/Port filter feaature allows you apply a policy to the traffic that passes througgh the router, both inbound and outboundd, so that network acccess can be controlleed. When the filter is a except thosee listed in the “Currennt MAC / IP / Port filtering rules in effect” liist.
Figure 55 - MAC / IP / Port filtering settings OPTION DESCRIPTION Bound Use the drop down list to select the direction of the traffic for which you want to apply to the rule. Inbound refers to all traffic that is entering the router including data entering from the WAN and the LAN. Outbound refers to all traffic exiting the router including traffic leaving in the direction of the WAN and traffic leaving in the direction of the LAN.
VPN V A Virrtual Private Network (VPN) is a tunnel prooviding a private link between two networrks or devices over a public network. Dataa to be sent via a VPNN needs to be encappsulated and as suchh is geneerally not visible to thhe public network. The advantages of a VPNN connection includee: Data PProtection Accesss Control Data OOrigin Authenticationn Data IIntegrity Eachh VPN connection haas different configurattion requirements.
Figure 58 – IPSec profile edit NetComm Wireless 3G Light Industrial M2M Router 52 www.netcommwireless.
www.netcommwireless.
The following table describes each of the fields of the IPSec VPN Connection Settings page. ITEM DEFINITION IPSec profile Enables or disables the VPN profile. Profile name A name used to identify the VPN connection profile. Remote IPSec server address The IP address of the IPSec server. Remote LAN address Enter the IP address of the remote network for use on the VPN connection. Remote LAN subnet mask Enter the subnet mask in use on the remote network.
Op penVPN OpenVPN is an open souurce virtual private neetwork (VPN) program m for creating point-too-point or server-to-m multi-client encryptedd tunnels between hoost computers. It can traverse network adddress w well through prroxy servers and cann run over TCP and UDP transslation (NAT) and fireewalls and allows autthentication by certificcate, pre-shared keyy or username and paassword. OpenVPN works transsports.
Certificate Authentication In the Certificate Management section, enter the required details to create a client certificate. All fields are required. When you have finished entering the details, click the Generate button. Figure 60 - OpenVPN server configuration – Certificate management When it is done, you can click the Download P12 button or the Download TGZ button to save the certificate file depending on which format you would like.
Figure 61 – OpenVPN server proofile settings www.netcommwireless.
Use ername / Passsword Authen ntication In the Username/Passwoord section, enter the username and password you would like tto use for authentication on the OpenVPN N Server. Click the Doownload CA certificatte button to save the ca.crt file. This file will need to be provided to the client. Note: If yoou wish to have moree than one client connnect to this OpenVPNN server, you must usse Certificate authenttication mode as Useername/Password only allows for a single client connectioon.
Ce ertificate Auth hentication In the Certificate upload section at the bottom m of the screen, click the Browse button a nd locate the certificate file you downloadded when you configgured the OpenVPN server. s When it has been seleccted, click the Upload button to send it too the router. Figure 63 - OOpenVPN client - Certtificate upload ername / Passsword Authen ntication Use Enteer the username and password to authenticate with the OpenVVPN server.
Figure 65 - OpenVPN P2P mode settings 4. Use the Server port field to select a port number and then use the drop down list to select a packet type to use for the OpenVPN server. The default OpenVPN port is 1194 and default packet type is UDP. 5. In the Local IP Address and Remote IP Address fields, enter the respective local and remote IP addresses to use for the OpenVPN tunnel. The slave should have the reverse settings of the master. 6.
PP PTP-Clientt The Point-to-Point Tunnelling Protocol (PPTP) is a method for impleementing virtual privaate networks using a TCP and GRE tunneel to encapsulate PPPP packets. PPTP operates on Layer 2 of thhe OSI model and is includeed on Windows compputers. Co onfiguring g the PPTP Client To configure the PPTP client: 1. From the m menu bar at the top off the screen, click Neetworking and then froom the VPN section on the left side of thee screen, click PPTP client. The PPTP clieent list is displayed.
3. Click the Enable PPTP client toggle key to switch it to the ON position. 4. In the Profile name list, enter a profile name for the tunnel. This may be anything you like and is used to identify the tunnel on the router. 5. Use the Username and Password fields to enter the username and password for the PPTP account. 6. In the PPTP server address field, enter the IP address of the PPTP server. 7. From the Authentication type drop down list, select the Authentication type used on the server.
GR RE tunnellling The Generic Route Encapsulation (GRE) protoocol is used in addition to Point-to-Point TTunnelling Protocol (PPPTP) to create VPNss (virtual private netwworks) between clientts and servers or betwween cliennts only. Once a PPTPP control session establishes the VPN tunnnel GRE is used to ssecurely encapsulatee the data or payload. Co onfiguring g GRE tunn nelling To configure GRE tunnelling: 1.
4. In the Profile name, enter a profile name for the tunnel. This may be anything you like and is used to identify the tunnel on the router. 5. In the GRE server address field, enter the IP address of the GRE server. 6. In the Local tunnel address field, enter the IP address you want to assign the tunnel locally. 7. In the Remote tunnel address field, enter the IP address you want to assign to the remote tunnel. 8.
Serv S vice es Dynamic D c DNS The DDNS page is used to configure the Dynamic DNS feature of the router. A numbe r of Dynamic DNS hoosts are available from m which to select. Figuree 70 – Dynamic DNS settings s Dynaamic DNS provides a method for the routeer to update an exterrnal name server withh the current WAN IP address. To configure dynamic DNNS: 1. Click the DDNS configuration tooggle key to switch it to the ON position. 2.
Network time (NTP) The NTP (Network Time Protocol) settings page allows you to configure the 3G Light Industrial M2M router to synchronize its internal clock with a global Internet Time server and specify the time zone for the location of the router. This provides an accurate timekeeping function for features such as System Log entries and Firewall settings where the current system time is displayed and recorded. Any NTP server available publicly on the internet may be used. The default NTP server is 0.
Data D stre eam manager m r The data stream manageer provides you with the t ability to create mappings m between innput ports and outputt ports (e.g. Serial Port, SMS, GPS, USB) aand performs any reqquired translation or data d c contact NetCom m Wireless about our Software Developm ment proccessing by each virtual data tunnel. Custoomers interested in deeveloping their own aapplications to createe custom mappings can Kit.
Figure 74 - Data stream manager - GPS to Serial port example 6. Click the Save button to confirm your settings. The new data stream appears in the Data stream list. Table 16 - Data stream list entry NetComm Wireless 3G Light Industrial M2M Router 68 www.netcommwireless.
Watchdo W ogs To access the Watchdoggs page, click the Services menu item, theen select the Watchddogs menu item on the left. Figuure 75 - Watchdogs Seettings Watcchdogs are features wwhich monitor the router for anomalies annd restart the router iff an anomaly occurs preventing its normaal operation. When coonfigured, the watchddogs feature transmitts conttrolled ping packets tto 1 or 2 user specifieed IP addresses to confirm an active connnection.
The watchdog works as ffollows: a) The router ssends 3 consecutive pings to the first desstination address at tthe interval specified in the Periodic Ping timer field. b) If all 3 pings to the first destination address fail, the router r sends 3 conseecutive pings to the second s destination adddress at the Periodicc Ping timer interval.
Co onfiguring g Periodic Ping settin ngs The Periodic Ping settinggs configure the routeer to transmit controlled ping packets to 2 specified IP addresses. If the router does not receive responnses to the pings, thee router will reboot. To configure the ping waatchdog: 1. In the First destination address field, enter a websitee address or IP addreess to which the router should send the first round of ping req uests. 2.
SNMP SNMP configuration The SNMP page is used to configure the SNMP features of the router. Figure 77 - SNMP configuration SNMP (Simple Network Management Protocol) is used to remotely monitor the router for conditions that may warrant administrative attention. It can be used to retrieve information from the router such as the signal strength, the system time and the interface status. To configure SNMP: 1. Click the SNMP toggle key to switch it to the ON position. 2.
SN NMP traps SNM MP traps are messagees from the router to the Network Manageement System sent ass UDP packets. Theyy are often used to nootify the managementt system of any significant events such ass whetther the link is up or ddown. Co onfiguring g SNMP tra aps To configure SNMP trapss: 1. In the Trap destination field, entter the IP address to which SNMP data is to be sent. 2. In the Hearrtbeat interval field, enter the number of seeconds between SNMMP heartbeats. 3.
TR R-069 To access the TR-069 coonfiguration page, clicck the Services menu item, then select thhe TR-069 menu item on the left. Figure re 79 - TR-069 configu guration The TR-069 (Technical RReport 069) protocol is a technical specificcation also known as CPE WAN Managem ment Protocol (CWMPP). It is a framework fofor remote management and autoconffiguration of end-userr devices such as customer-premises equuipment (CPE) and AAuto Configuration Seervers (ACS).
GPS G The built-in GPS module allows you to use loccation-based services, monitor field deplooyed hardware or findd your current locatioon. The GPS Status wwindow provides up to date information abbout c location and tthe current GPS signal conditions (positioon dilution of precisioon (PDOP), horizontal dilution of precision (HDOP) and verticall dilution of precision (VDOP)) of the routeer. the current To use the GPS function, set the GPS operation toggle key to ON and click the Save bbutton. www.
The Google map button provides a quick short cut to show your router’s current position on a map and because GPS positioning relies on accurate clock settings to obtain the correct information about your location, the Clock Sync button allows you to quickly set the router clock to the correct time. This ensures you will always have the correct GPS position information available.
www.netcommwireless.
SMS messaging The 3G Light Industrial M2M router offers an advanced SMS feature set, including sending messages, receiving messages, redirecting incoming messages to another destination, as well as supporting remote commands and diagnostics messages. Some of the functions supported include: Ability to send a text message via a CDMA network and store it in permanent storage. Ability to receive a text message via a CDMA network and store it in permanent storage.
OPTION DEFINITION Geneeral SMS configuration SMSS messaging Toggles the SMS functionalityy of the router on and off. Messsages per page (10-50) The number of SMS messagees to display per page. Muust be a value between 10 and 50. Encooding scheme The encoding method used ffor outbound SMS messages. GSM 7-bit mode permits up to 160 characters peer message but drops to 500 characters if the message inccludes special characters.
New message The New message page can be used to send SMS text messages to a single or multiple recipients. A new SMS message can be sent to a maximum of 100 recipients at the same time. After sending the message, the result is displayed next to the destination number as “Success” or “Failure” if the message failed to send. By default, only one destination number field is displayed.
Inb box / Outb box The Inbox displays all recceived messages thaat are stored on the router while the Outboox displays all sent messages. m Figure 83 - SMS Inboox FFigure 84 - SMS Outbbox ICON DESCRIPTION Forwward button. Click this buttton to open a new messag e window where you can forward the corresponding message to another recipiient. Repply button. Click this buttonn to open a new message wwindow where you can reply to the sender. Addd to White list.
Diagnos D stics The Diagnostics page is used to configure thee SMS diagnostics and command executtion configuration. Thhis allows you to channge the configurationn, perform functions remotely r and check on o the MS commands. statuus of the router via SM To access the Diagnosticcs page, click on the Services menu item then select the SMSS menu on the left andd finally select Diagnostics beneath it.
On nly accept auth henticated SM MS messages Enabbles or disables checcking the sender’s phhone number againstt the allowed sender white list for incoming diagnostics and coommand execution SSMS messages. If authentication is enableed, the router will cheeck if the sender’s nuumber exists in the wwhite list. If it exists, thhe router then checkss the password (if connfigured) in the incom ming message against the passsword in the white listt for the correspondinng sending number.
White List for diagnostic or execution SMS The white list is a list of mobile numbers that you can create which are considered “friendly” to the router. If Only accept authenticated SMS messages is enabled in the diagnostics section, the router will compare the mobile number of all incoming diagnostic and command messages against this white list to determine whether the diagnostic or command should be executed. You may optionally configure a password for each number to give an additional level of security.
Se ending g an SM MS Diag gnostic Comm mand Folloow the steps below too configure the routerr to optionally acceptt SMS diagnostic commmands only from auuthenticated senders and learn how to seend SMS diagnostic commands c to the router. 1. Navigate too the Services > SMSS messaging > Diagnnostics page 2. Confirm thaat the Enable remote diagnostics and com mmand execution togggle key is set to the ON position. If it is seet to OFF click the tooggle key to switch it to the ON position. 3.
SMS command format Generic Format for reading variables: get VARIABLE PASSWORD get VARIABLE Generic Format for writing to variables: set VARIABLE=VALUE PASSWORD set VARIABLE=VALUE Generic Format for executing a command: Execute COMMAND PASSWORD execute COMMAND Replies Upon receipt of a successfully formatted, authenticated (if required) command, the gateway will reply to the SMS in the following format: TYPE SMS CONTENTS get command “VARIABLE=VALUE” set command “Successfully set VARIABLE to VALUE”
www.netcommwireless.
A paassword (if required),, only needs to be sppecified once per SMS, but can be prefixeed to each commandd if desired. “PASSSWORD get Variable1”; “get VARIABLE22” “PASSSWORD set VARIABBLE1=VALUE1”; “sett VARIABLE2=VALUEE2” If thee command sent includes the “reboot” coommand and has alreeady passed the whitte list password checck, the device keeps this password and ex executes the remaininng command line afteer the rebooot with this same passsword.
The following table lists vvalid variables where “x” is a profile numbber (1-6). If no profile is specified, variablees are read from or written w to for the curreent active profile. If a profile is specified, variaables are read from oor written to for the sppecified profile number (‘x’). # RDB VARIABLE NAAME SMS VARIABLE NAME 2 3 DESCRRIPTION EXAM MPLE VALUE link.profile.1.enable Reaad: link.profile.1.appn (proofile no,atd#xxx,user,pass,,auth,iplocal,status) link.profile.1.
Not required get meid Required PASSWORD get meid Not required get band Required PASSWORD get band Not required execute pdpcycle Required PASSWORD execute pdpcycle Not required execute pdpdown Required PASSWORD execute pdpdown Not required execute pdpup Required PASSWORD execute pdpup Not required get wanip; get rssi Required PASSWORD get wanip; get rssi Not required set ssh.genkeys=1; set username=test; set auth=pap Required PASSWORD set ssh.
Not requireed set ssh.proto=1 Required PASSWORD set ssh.pproto=1 Not requireed get ssh.passauth Required PASSWORD get.ssh.ppassauth Not requireed set ssh.passauth=1 orr set ssh.passauth=0 Required PASSWORD set ssh.ppassauth=1 or PASSWORD set ssh.passauth=0 Not requireed execute ssh.genkeys Required PASSWORD execute ssh.genkeys s Not requireed execute ssh.clearkeyss Required PASSWORD execute ssh.
System Log The Log pages are used to display or download the System log and IPSec logs on the router. System log The System Log enables you to troubleshoot any issues you may be experiencing with your 3G Light Industrial M2M router. To access the System Log page, click on the System menu. The System Log is displayed. Figure 88 - System log file Log file Use the Display level drop-down list to select a message level to be displayed. The message levels are described in the table below.
2. Use a remoote syslog server www.netcommwireless.
Enable the log to file option When the router is configured to log to a file, the log data is stored in flash memory, making it accessible after a reboot of the router. Up to 512kb of log data will be stored before it is overwritten by new log data. Flash memory has a finite number of program-erase operations that it may perform to the blocks of memory.
IPS Sec log The IPSec log section proovides the ability for you to download the log for the IPSec VPPN function. This can assist in troubleshoooting any problems yoou may have with thee IPSec VPN. Figure 90 - IPSec logg Use the Log level drop down list to specify the type of detail you want w to capture in thee log and then click the Save button.
Sy ystem C Config guration n Se ettings bac ckup and restore r The settings backup / resstore page is used too backup or restore thhe router’s configurattion or to reset it to faactory defaults. In ordder to view the settinggs page you must bee logged into the webb user dmin.
Up pload To access the Upload paage, click on the Systtem menu, then System Configuration andd then Upload. The Upload page allows you to upload firmwaare files, HTTPS certificates or user createed application packaages to the 3G Light Industrial M2M routerr. When firmware files have been uploadeed, they can also be installedd from this page. PDFF files, such as this user guide may also bbe uploaded for acceess on the router’s heelp page.
Figure 93 - File upload 6. Repeat steps 4 and 5 for the main system firmware image. 7. The uploaded firmware images are listed in the Uploaded files section. Click the Install link next to the recovery image to begin installing the recovery firmware image and then click OK on the confirmation window that appears. Figure 94 - Uploaded files 8. The recovery firmware image is flashed and when it is complete, the router displays “The firmware update was successful” and returns to the main Upload screen.
9. Click the Innstall link to the right of o the main firmware image you uploadedd and then click OK to t confirm that you waant to continue with tthe installation. Note: Do not remove the power when w the router’s LEDDs are flashing as thiss is when the firmware update is in processs. 10. The installaation is complete wheen the countdown reaaches zero. The routeer attempts to redirecct you to the Status page. Figure 96 --– Installing main firm mware image 11.
Package manager The Package Manager page is used to provide details of any user installed packages on the router and allow them to be uninstalled. For more information on application development, contact NetComm Wireless about our Software Development Kit. Figure 97 – Software applications manager The Application name, Version number of the application, the architecture type and time of installation are all displayed.
Ad dministratiion setting gs To access the Administraation Settings page, click c on the System menu m then the Adminnistration menu on thee left and then click on o Administration Setttings. The Administration settings page is used to enable or disable prottocols used for remotte access and configgure the passwords for the user accountss used to log in to thee router. Figur ure 98 - Administrationn page www.netcommwireless.
OPTION DEFINITION D Remote router access coontrol Enable HTTP Enable or disaable remote HTTP access to t the router. You can also set the port you would likee remote HTTP access to be available on. HTTP management port Enter a port nuumber between 1 and 65534 to use when accessing the router remotely. Enable HTTPS Enable or disaable remote HTTPS accesss to the router using a secuure connection.
HTTPS H k key managem ment What W is HTT TP Secure?? HTTP Secure or HTTPS iss the use of the HTTPP protocol over an SSSL/TLS protocol. It is used primarily to prootect against eavesdrropping of communiccation between a webb browser and the weeb t which it is connectted. This is especiallyy important when youu wish to have a secuure connection over a public network such as the internet.
CODE COUNTRY COUNTRY CODE COUNTRY CODE COUNTRY AX Åland Islands ER Eritrea LS Lesotho SA Saudi Arabia AD Andorra ES Spain LT Lithuania SB Solomon Islands AE United Arab Emirates ET Ethiopia LU Luxembourg SC Seychelles AF Afghanistan FI Finland LV Latvia SE Sweden AG Antigua and Barbuda FJ Fiji LY Libya SG Singapore AI Anguilla FK Falkland Islands (Malvinas) MA Morocco SH St.
www.netcommwireless.
3. When you have entered all the required details, press the Generate button. The certificate takes several minutes to generate. When the certificate has been generated, you are informed that it has been successfully generated and installed. The web server on the router restarts and you are logged out of the router. Click OK to be taken back to the login screen. Figure 100 - New certificate successfully generated message NetComm Wireless 3G Light Industrial M2M Router 106 www.netcommwireless.
SS SH Key y Manag gemen nt Secuure Shell (SSH) is UNNIX-based command interface and network protocol used to ggain secure access too a remote computer, execute commandss on a remote machinne or to transfer files betwween machines. It waas designed as a replacement for Telnet and a other insecure reemote shell protocols which send informattion, including passwwords, as plain text. a Two ccommon ways of usinng SSH are: SSH uses RSA public keyy cryptography for booth connection and authentication.
Host key management SSH keys provide a means of identification using public key cryptography and challenge response authentication. This means that a secure connection can be established without transmitting a password, thereby greatly reducing the threat of someone eavesdropping and guessing the correct credentials. SSH Keys always come in pairs with one being a public key and the other a private key. The public key may be shared with any server to which you want to connect.
LE ED operatiion mode The 7 front LED indicatorrs may be turned off after a a timeout periodd for aesthetic or powwer saving reasons. To T access the LED Operation O Mode pagee, click the System menu, then Administraation M on thhe left and finally seleect LED Operation Mode. Figure re 102 - LED Operationn Mode m of the LEDs on the front panel of thee router. To set the ligghts to operate at all times, t set this to Alwa ways on.
Re eboot The reboot option in the SSystem section perfoorms a soft reboot of the router. This can bbe useful if you have made configuration changes you want too implement. To reeboot the router: 1. Click the Syystem menu item from m the top menu bar. 2. Click the Reboot button from thee menu on the left sidde of the screen. Figure re 103 - Reboot menuu option 3. The router ddisplays a warning thhat you are about to perform p a reboot.
App A pend dix A: T Tables Tabble 1 - Document Revision History ............................ . .......................................................................................................................................................................... 3 Tabble 2 - Device Dim mensions ...................................................................................................................................................................................................................
Appendix B: Device Mounting Dimensions The image below is at 100% scale and may be used as a template for mounting the device. All dimensions shown are in millimetres. Figure 105 - Device mounting dimensions NetComm Wireless 3G Light Industrial M2M Router 112 www.netcommwireless.
www.netcommwireless.
Appendix C: Mounting Bracket The image below is at 100% scale and may be used as a template for mounting the bracket. All dimensions shown are in millimetres. Figure 106 - Mounting bracket NetComm Wireless 3G Light Industrial M2M Router 114 www.netcommwireless.
App A pend dix D: D Defa aultt Settting gs The following tables list thhe default settings foor the 3G Light Industtrial M2M router. LAN (MANAGEMENTT) Static IP Address: 192.168.1.1 Subneet Mask: 255.255.255.0 Default Gateway: 192.168.1.
Restoring factory default settings Restoring factory defaults will reset the 3G Light Industrial M2M router to its factory default configuration. You may encounter a situation where you need to restore the factory defaults on your 3G Light Industrial M2M router such as: You have lost your username and password and are unable to login to the web configuration page; You are asked to perform a factory reset by support staff.
Recoverry mod de The 3G Light Industrial M M2M router features twwo independent operating systems, eachh with its own file systtems. These two systems are referred to aas 'Main' and 'Recovery'. It is always posssible m becomes damage d or corrupted (suchh as during a firmwaree upgrade failure). to usse one in order to resstore the other in the event that one system Bothh systems have Web interfaces that can be b used to manipulatee the other inactive syystem.
App A pend dix E: H HTT TPS Uplo U oad ding g a self--sign ned d cert c ifica ate If you have your own selff-signed certificate orr one purchased elseewhere and signed bby a Certificate Authority, you can upload it to the 3G Light Ind ustrial M2M Router using u the Upload pagge. Note: Your keey and certificate filees must be named server.key and server.ccrt respectively otherrwise they will not work. To upload your certificatee: 1. Click on thee System item from thhe top menu bar.
3. Click the Upload button to beginn uploading it to the router. r The file appeaars in the list of files stored s on the router. Figure 1100 - Server certificate file fi uploaded 4. Repeat stepps 2 and 3 for the server key file. 5. Click the Innstall link next to the server.crt s file then clicck OK on the promptt that is displayed. Thhe certificate file is installed. Repeat this ffor the key file. When each file is installed it is removed froom the list of stored files.
Appendix F: RJ-45 connector The RJ-45 connector provides an interface for a data connection and for device input power using the pin layout shown below. Pin: 8 1 Figure 112 -The RJ-45 connector PIN COLOUR SIGNAL (802.3AF MODE A) SIGNAL (802.
Safe S ety and a pro odu uct care c e RF Expo osure Yourr device contains a trransmitter and a receeiver. When it is on, it receives and transmmits RF energy. Whenn you communicate with w your device, the ssystem handling youur connection controlss the power level at which your device transmits. This device meets the goovernment’s requirem ments for exposure to radio waves.
FCC Statement FCC compliance Federal Communications Commission Notice (United States): Before a wireless device model is available for sale to the public, it must be tested and certified to the FCC that it does not exceed the limit established by the government-adopted requirement for safe exposure. FCC regulations § 15.19 (a)(3) This device complies with part 15 of the FCC Rules.
IC C Regu ulationss: RSSS-Gen 7.1.3 This device complies withh Industry Canada liccense-exempt RSS standard(s). Operatioon is subject to the following two conditionns: (1) thhis device may not cause interference, annd (2) thhis device must acceept any interference, including interferencce that may cause unndesired operation off the device. Le présent p appareil est cconforme aux CNR d''Industrie Canada appplicables aux appareeils radio exempts dee licence.
Electrical safety Accessories Only use approved accessories. Do not connect with incompatible products or accessories. Connection to a car Seek professional advice when connecting a device interface to the vehicle electrical system. Distraction Operating machinery Full attention must be given to operating the machinery in order to reduce the risk of an accident. Product handling You alone are responsible for how you use your device and any consequences of its use.
Em mergency situationss This device, like any wireeless device, operatees using radio signalss, which cannot guaraantee connection in all a conditions. Thereffore, you must never rely solely on any wireless device for emergency communications. De evice heatting Yourr device may becomee warm during normaal use. Fa aulty an nd dam maged produccts Do not n attempt to disasseemble the device or its accessories. Onlyy qualified personnel must service or repaair the device or its acccessories.
Interference Care must be taken when using the device in close proximity to personal medical devices, such as pacemakers and hearing aids. Pacemakers Pacemaker manufacturers recommend that a minimum separation of 15cm be maintained between a device and a pacemaker to avoid potential interference with the pacemaker. Hearing aids People with hearing aids or other cochlear implants may experience interfering noises when using wireless devices or when one is nearby.