ETIC IPL-E-2, IPL-A-2, IPL-EW-2, IPL-C-2, IPL-C-100 User Manual
...
DOC_DEV_IPL_User Guide_C
IPL
Router - Firewall
_________________
USER GUIDE
_________________
Page 2 DOC_DEV_IPL_User Guide_C
The IPL Industrial Router family is manufactured by
ETIC TELECOM
13 Chemin du vieux chêne
38240 MEYLAN
FRANCE
TEL : + (33) (0)4-76-04-20-05
E-mail : hotline@etictelecom.com
web : www.etictelecom.com
DOC_DEV_IPL_User Guide_C Page 3
UE DECLARATION OF CONFORMITY
The manufacturer, ETIC Telecom – 13 chemin du vieux chêne – 38240 Meylan – France, Hereby declares
under sole responsibility that the listed devices conform to
- the Radio Equipment Directive (RED) 2014/53/UE,
- the Restriction of the use of certain Hazardous Substances (RoHS) Directive 2011/65/UE.
Type of device: IP router
Models:
IPL-C-100, IPL-E-100, IPL-EW-100,
IPL-E-400, IPL-E-2XX, IPL-EW-400, IPL-EW-2XX,
IPL-A-400, IPL-A-2XX, IPL-AW-400, IPL-AW-2XX,
IPL-C-400, IPL-C-2XX, IPL-CW-400, IPL-CW-2XX,
IPL-DAC-400, IPL-DEC-400, IPL-DAE-400,
The harmonized standards to which these devices comply are:
Standard
Title
EN 61000-6-2 2006
Immunity:
EN61000-4-2 Electrostatic Discharge
EN61000-4-3 RF Radiated Immunity
EN61000-4-4 EFT/Burst Immunity
EN61000-4-5 Surge Immunity
EN61000-4-6 RF Conducted Immunity
EN61000-4-8 Power Frequency Magnetic Field Immunity
EN 61000-6-4 2007
A1/2011
Emission:
EN55032 Radiated and conducted emission
EN 301 489-1 V1.9.2
EN 301 489-3 V1.6.1
EN 301 489-7 V1.3.1
EN 301 489-17 V2.2.1
EN 301 489-24 V1.5.1
Radio - EMC
EN 301 511 V9.0.2
EN 301 908-1 V6.2.1
EN 301 908-2 V6.2.1
EN 300 328 V1.9.1
EN 301893 V1.8.1
Radio - Spectrum
EN 62368-1 2014
EN 62311 2008
Safety and Health
Date: 7th February 2019
Philippe Duchesne
Technical Director
Page 4 DOC_DEV_IPL_User Guide_C
FCC/IC Regulatory notices (IPL-X-100 models)
This device complies with Part 15 of the FCC. Operation is subject to the following two conditions: (1) this
device may not cause interference, and (2) this device must accept any interference, including interference
that may cause undesired operation of the device.
This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to
Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful
interference when the equipment is operated in a commercial environment. This equipment generates, uses,
and can radiate radio frequency energy and, if not installed and used in accordance with the instruction manual,
may cause harmful interference to radio communications. Operation of this equipment in a residential area is
likely to cause harmful interference in which case the user will be required to correct the interference at his
own expense.
Caution: ETIC Telecom has not approved any changes or modifications to this device by the user. Any changes
or modifications could void the user's authority to operate the equipment.
TABLE OF CONTENTS
DOC_DEV_IPL_User Guide_C Page 5
OVERVIEW ..................................................................................................................................... 7
1 Purpose of this manual .................................................................................................................................... 7
2 Products Identification ..................................................................................................................................... 7
3 Specifications.................................................................................................................................................... 9
4 Product overview ............................................................................................................................................ 12
4.1 Applications ......................................................................................................................................... 12
4.2 IPL functions ........................................................................................................................................ 14
INSTALLATION ........................................................................................................................... 17
1 Description ...................................................................................................................................................... 17
1.1 Dimensions .......................................................................................................................................... 17
1.2 Connectors ........................................................................................................................................... 18
1.3 Push-buttons ........................................................................................................................................ 26
1.4 LED indicators ...................................................................................................................................... 27
2 Safety instructions .......................................................................................................................................... 28
3 DIN rail mounting ............................................................................................................................................ 29
4 Cooling ............................................................................................................................................................. 29
5 Power supply ................................................................................................................................................... 30
6 Earthing ........................................................................................................................................................... 30
7 RS232 serial connexion (IPL-X-220, IPL-X-230) ............................................................................................ 30
8 RS485 serial connexion (IPL-X-220) .............................................................................................................. 30
9 RS422 isolated serial connection (IPL-X-260)............................................................................................... 31
10 RS485 isolated serial connection (IPL-X-261) ........................................................................................... 32
11 Digital input and output............................................................................................................................... 33
12 Connecting the IPL to the ADSL line .......................................................................................................... 33
13 Connecting the IPL to the cellular network ................................................................................................ 34
13.1 Controls before installing the IPL ................................................................................................... 34
13.2 Cellular antenna ............................................................................................................................... 35
13.3 Coaxial cable .................................................................................................................................... 35
13.4 Cellular service subscription ........................................................................................................... 35
13.5 Installing the SIM card ..................................................................................................................... 36
13.6 Controlling the conformance of the connection ............................................................................ 37
PREPARING THE SETUP ............................................................................................................ 39
1 Connecting a PC for configuration ................................................................................................................ 39
1.1 Overview ............................................................................................................................................... 39
1.2 First configuration ............................................................................................................................... 40
1.3 Changing the configuration later ........................................................................................................ 40
2 Access to the administration server through the WAN interface ................................................................ 41
3 Working with HTTPS ....................................................................................................................................... 41
4 Temporary return to the factory settings ...................................................................................................... 42
5 Restoring the factory settings ........................................................................................................................ 42
6 Protecting the access to the administration server ...................................................................................... 43
7 Configuration steps ........................................................................................................................................ 43
OVERVIEW
DOC_DEV_IPL_User Guide_C Page 7
OVERVIEW
1 Purpose of this manual
The present user guide describes the features and the installation of the IPL Industrial Router family.
In this document, these products are named « IPL ».
2 Products Identification
This family of Industrial Router consists of these models:
IPL-C-100, IPL-E-100, IPL-EW-100
IPL-E-400, IPL-E-2XX, IPL-EW-400, IPL-EW-2XX,
IPL-A-400, IPL-A-2XX, IPL-AW-400, IPL-AW-2XX,
IPL-C-400, IPL-C-2XX, IPL-CW-400, IPL-CW-2XX,
IPL-DAC-400, IPL-DEC-400, IPL-DAE-400,
The main features are summarized below:
Models
IPL-
C-100
E-100
EW-100
E-400
E-2XX
EW-400
EW-2XX
A-400
A-2XX
AW-400
AW-2XX
C-400
C-2XX
CW-400
CW-2XX
DAC-400
DEC-400
DAE-400
WAN Ethernet
• • • • •
•
•
•
WAN ADSL
• • •
•
•
•
WAN Cellular
(-HG, -HW : 3G+,
-LE : 4G))
•
• • • • •
•
Wi-Fi 2.4 & 5 GHz
•
•
•
•
•
•
•
LAN Ethernet
10-100 Mb/s
1 1 1 4 2 4 2 4 2 4 2 4 2 4 2 4 4
4
Serial link
RS232 /RS485…
• • • • • •
USB
• • • • • • • • • • • • • • •
Link redundancy
• • •
2 power inputs
• • • • • • • • • • • • • • •
Power supply
VDC
12-24
12-24
12-24
12-48
12-48
12-48
12-48
12-48
12-48
12-48
12-48
12-48
12-48
12-48
12-48
12-48
12-48
12-48
2 SIM readers
• • • • •
•
Digital input
1 1 1 1 1 1 1 1 1 1 1 1 1 1
1
Digital output
1 1 1 1 1 1 1 1 1 1 1 1 1 1
1
OVERVIEW
Page 8 DOC_DEV_IPL_User Guide_C
Models with serial interface code:
xx
RS232
RS485
RS422
isolated
RS485
isolated
20 1 1 0 0
30 2 0 0 0
60 0 0 1 0
61 0 0 0 1
In the remainder of this document the term IPL-X is used indifferently for IPL-C, IPL-E, IPL-EW, IPL-A, IPL-AW
and IPL-CW.
OVERVIEW
DOC_DEV_IPL_User Guide_C Page 9
3 Specifications
General characteristics
Dimensions
IPL-X-100: 120 x 37 x 88 mm (h,w,d)
Other IPL: 135 x 47 x 115 mm (h,w,d)
Weight
Max 0.65 kg
Casing
Metallic
IPL- X-100: IP41 – IEC60529
Other IPL: IP20 – IEC60529
DIN rail mounting
Temperature
Non-operating: -40°/ + 85°C
Operating: -20°/ +70°C
Humidity
5 to 95 % relative (non-condensing)
Power supply
Protected against reverse polarity
IPL-X-100: Nominal: 12-24 VDC (min 10 VDC - max 30 VDC)
Other IPL: Nominal: 12-48 VDC (min 10 VDC - max 60 VDC)
2 points Phoenix connector
Consumption
IPL-E : 2W
IPL-A, IPL-C and IPL-EW : 5W
IPL-AW, IPL-CW, IPL-DAC : 8W
EMC
Immunity EN61000-6-2:
EN61000-4-2 : ESD : 4 kV contact – 8kV air
EN61000-4-3 : RF - radiated: 10V/m < 2 GHz
EN61000-4-4 : Burst
EN61000-4-5 : Surge : 4KV line / earth
EN61000-4-6 : RF - conducted
EN61000-4-8 : Magnetic fields
Emission EN61000-6-4:
EN 55032: RF - conducted and radiated
FCC:
IPL-X-100 : FCC Part 15
Electrical safety
IEC/EN 62368-1
IPL-X-100 : CB FR_704843
Hazardous substances
2011/65/UE (RoHS)
REACH
OVERVIEW
Page 10 DOC_DEV_IPL_User Guide_C
WAN network
Ethernet
RJ45
Auto : 10/100 full & half duplex MDI/MDI-X
ADSL
ADSL2+ and RE-ADSL
ITU G992.5 (ADSL2+ and Reach Extended ADSL)
Max data rate : UL : 1 Mbps, DL : 24 Mbps
PPPoE : PPP over Ethernet
PPPoA : PPP over ATM
EoA : Ethernet over ATM RFC2684 Bridged
IPoA : Routed IP over ATM, RFC2684 Routed
4G/3G+
-LE : 4G LTE Europe
LTE bands: B1, B2, B3, B4, B5, B7, B8, B20
UMTS bands: B1, B2, B5, B8
GSM bands: 850/900/1800/1900
-CH : 4G LTE China
LTE bands: B1, B3, B8, B38, B39, B40, B41
UMTS bands: B1, B5, B8, B9
GSM bands: 900/1800
-HG : 3G+ HSPA worldwide (except. North America)
UMTS bands: B1, B2, B5, B8
GSM bands: 850/900/1800/1900
-HW : 3G+ HSPA worldwide
UMTS bands: B1, B2, B4, B5, B6, B8, B19
GSM bands: 850/900/1800/1900
Max data rate 4G: UL @ 50 Mbps and DL @ 100Mbps
Max data rate 3G+: UL @ 5,7 Mbps and DL @ 21 Mbps
Max data rate 2G: UL @ 237 Kbps and DL @ 237 Kbps
Antenna connector female SMA
Wi-Fi
Client 2,4 and 5 GHz
802.11 a/b/g/n
Antenna connector female RP-SMA
LAN network
Ethernet
RJ45: 1 to 4 ports depending on model
Auto: 10/100 full & half duplex MDI/MDI-X
Wi-Fi
Access point 2,4 and 5 GHz
802.11 a/b/g/n
Antenna connector female RP-SMA
Routing / @IP
IP Routing
Routing tables
Static routes
RIP or OSPF
Address translation (DNAT, SNAT, NAT 1:1)
IP@ assignment
WAN interface: DHCP client or fixed IP
LAN interface: DHCP server
DNS
WAN interface: compatible with DYNDNS, No-IP or ETIC DNS
LAN interface: relay & server
Redundancy
VRRP RFC 3768 protocol
Multi WAN for backup on some IPL models
OVERVIEW
DOC_DEV_IPL_User Guide_C Page 11
Security
VPN tunnel
OpenVPN (TLS/SSL), IPSEC, L2TP/IPSEC, PPTP
Shared key or X509 certificate
Encryption 3DES & AES 128-192-256
Authentication: MD5 & SHA-1
Up to 10 VPN tunnels
(mix OpenVPN IPSEC allowed)
Firewall
Stafefull packet inspection (SPI: 50 rules)
IP@ and ports filtering
Remote access
Up to 25 remote users
RAS access: Login & Password and Certificate (optional)
Customizable LAN machine network access rights
Log
Timestamped
Events: connection, restart, alarms
Alarms
Digital input: email, SMS, SNMP trap
Digital output: Power supply failure, user connection…
Serial gateways
Gateways
Raw TCP client
Raw TCP server
Raw UDP
Raw Multicast
ModBus TCP client to Modbus RTU/ASCII slave (for master PLC)
Modbus TCP server to Modbus RTU/ASCII master (for slave PLC)
Telway/XIP to Unitelway slave (for master PLC)
Telnet RFC 2217
RS232/RS485
Data rate : 1200 to 115200 kb/s, 10 or 11 bits, parity N / E / O
RS232 : RJ45
RS485 : 2 points Phoenix connector
USB
1 port USB host
PPP client
Misc.
SNMP
Supported MIBs:
RFC1213-MIB (MIB-2)
ADSL-LINE-MIB
ETIC-TELECOM-MIB-1
SNMP traps
Configuration
Web server
Management
Save and restore configurations
Reset product to return to factory configuration
OVERVIEW
Page 12 DOC_DEV_IPL_User Guide_C
4 Product overview
The IPL is both a router, a firewall and a remote access server.
It is designed to connect industrial machines on an intranet or the Internet with a high level of security.
It provides depending on model :
IPL-E : A WAN Ethernet interface
IPL-A : An ADSL modem
IPL-C : A 3G/4G cellular modem
IPL-DAE : An ADSL modem and a WAN Ethernet
IPL-DAC : An ADSL modem and a 3G/4G cellular modem
IPL-DEC : A WAN Ethernet interface and a 3G/4G cellular modem
It offers the following functions:
IP router : Routing table, RIP, SNMP, VRRP.
VPN vlient and server VPN : IPSec or OpenVPN.
Remote access service for remote maintenance or operation with PC, tablet or smartphone.
Firewall SPI
Automatic backup of an ADSL link over the cellular network (IPL-DAC)
Automatic backup of a private VPN network over the cellular network (IPL-DEC)
Serial interface and Wi-Fi : optional
4.1 Applications
Remote SCADA system
The IPL is designed to connect industrial
machines on an intranet or the Internet with a
high level of security.
OVERVIEW
DOC_DEV_IPL_User Guide_C Page 13
High availability SCADA system with an
IPL-DAC.
Remote access server for remote operation
A remote user can connect to any device in
the system using a PC, tablet or a
smartphone.
His access rights may be limited according to
his identity.
Traffic filtering (Firewall)
OVERVIEW
Page 14 DOC_DEV_IPL_User Guide_C
4.2 IPL functions
IP router
The IPL-C provides powerful, flexible and comprehensive solutions to route IP packets from one network to
other networks :
Static routes, to reach nested networks,
Network address translation d‘adresse (NAT, DNAT, port forwarding),
Routing protocol (RIP),
Domain name management DNS et DynDNS.
IPSec & OpenVPN tunnels
The IPL-E features IPSec and OpenVPN tunnels to provide a high level of security and also compatibility with
existing devices.
The VPN connection guarantees a high level of performance and security
Transparency : The VPN interconnects the two networks so that any machine in one network can
communicate with a machine on the other network.
Authentication : The router that establishes the VPN is authenticated by the one that accepts it and
any other connection is rejected.
Confidentiality : Data traffic via the VPN is encrypted.
IPSec will be chosen when the IPL needs to establish a VPN with an already installed IPSec VPN server.
OpenVPN will be preferred when VPN traffic is routed through intermediate routers to take advantage of the
flexibility of this technique.
Remote access server for PCs, tablets and smartphones
The IPL can also behave like a remote access server.
If he is registered in the user list, a remote user can access to particular devices of a machine network
depending on his identity.
The new HTTPS portal make possible to access easily and safely to HMIs or PLCS web servers using a
tablet, a PC or a smartphone.
Firewall
The firewall protects against the sophisticated attacks coming from the Internet.
It is also able to filter IP frames between the WAN interface or any VPN interface on one hand, and the LAN
interface on the other hand.
VRRP redundancy
VRRP makes possible to use two routers shaping a redundant solution.
Loading...