The Multi-Radio-Modem X3000 (MRM-X3000) when used in conjunction with a third
party wireless data device (Express card or USB radio device) on a well-designed
wireless network is intended to provide secure reliable communications.
GNCI accepts no responsibility for damages of any kind resulting from network failure,
instability of a wireless network, incorrectly configured MRM devices, or failure of the
GNCI MRM-X3000 device.
No part of this publication may be reproduced, stored in a retrieval system, or
transmitted by any form or by any means, without the prior permission of the publisher.
The information in this manual is subject to change without notice.
Global Net Commerce Inc. shall not be liable for incidental or consequential damages
resulting from the use, performance, or furnishing of this manual.
Trademarks
Product names, brands, logos, trademarks, etc., other than those of Global Net
Commerce Inc. used in this manual, are owned by their respective companies.
The equipment certifications appropriate to your devices are marked on the device and
the accompanying product specific documentation.
Devices inserted into the Express Card or USB slot of the Multi-Radio-Modem have
their own regulatory compliance markings and documentation.
Important Note:United States FCC Information
This equipment has been tested and found to comply with the limits for a class B digital
device, pursuant to part 15 of the FCC rules and ICES 03. These limits are designed to
provide reasonable protection against harmful interference in a residential installation.
This equipment generates uses and can radiate radio frequency energy and, if not
installed and used in accordance with the instructions, may cause harmful interference
to radio communications. However, there is no guarantee that interference will not occur
Regulatory Information
in a particular installation. If this equipment does cause harmful interference to radio or
television reception, which can be determined by turning the equipment off and on, the
user is encouraged to try to correct the interference by one or more of the following
measures:
Reorient or relocate the receiving antenna.
Increase the separation between the equipment and the receiver.
Connect the equipment into an outlet on a circuit different from that to which the
receiver is connected.
Consult the dealer or an experienced radio/TV technician for help.
Caution: Changes or modifications to this equipment, not expressly approved by GNCI,
could void the user's authority to operate the equipment.
Contact Information
Main Office
2102 Business Centre Drive
Suite 130
Irvine, California
92612 USA
Lab and Warehouse
711 W. 17th Street
Unit G9
Costa Mesa, California
92627 USA
www.gnciwireless.com.com
For Sales, Service, Warranty, and Repair
Please Call 949.515.1960
By email:
info@gnciwireless.com
sales@gnciwireless.com
Item Description
Required or Optional
Multi-Radio-Modem Base Unit
Required
MRM Power Supply
Required
Express/USB Radio Card
Required
SIM Card
Optional *
GSM Antenna
Optional **
CDMA Antenna
Optional ***
ULSSC Cable
Optional ****
1. About This Guide
1.1. Introduction
This guide is intended to provide instruction on the physical installation of the MultiRadio-Modem, and related devices. Additionally, this guide provides instructions and
guidelines on software configuration. This guide assumes the reader is familiar with the
design and configuration of Internet Protocol network devices, such as routers and
switches.
1.1.1. Components for the Multi-Radio-Modem
Below are the required and optional components for the correct operation of the MultiRadio-Modem.
* SIM Card is required only for GSM Radio Cards.
** GSM Antenna comes only when MRM ordered for GSM networks.
*** CDMA Antenna comes only when MRM ordered for CDMA networks.
**** ULSSC Cable is required only for legacy protocol operations such as Bisync and
SDLC.
1.2. Sequence Used for This Guide
A general overview of using the MRM in a wireless network is given to provide the
reader with some context and understanding for the configuration sections.
Network addressing is critical to the successful operation of the MRM, and a section
discussing network addressing is provided.
The MRM unit must be configured prior to use, with client specific addressing and
information. Therefore, the configuration section is covered prior to the physical
installation section.
2. System Overview
This chapter provides an overview of the MRM product, and where it fits into a network
topology.
2.1. Introduction
The MRM solution from GNCI is designed to permit wireless operations of Automated
Teller Machines (ATM), Point of Sale controllers (POS), Branch Backup, Mobile
Branches and other high security, stationary/mobile business devices.
This product is designed to seamlessly deploy wireless access points for the intended
devices, where traditionally, land line services are required.
This equipment is also designed, to easily retrofit existing land line deployments, without
significant operational, or configuration changes required to existing systems.
This equipment is a multi.purpose, multi.protocol, flexible, high security appliance
capable of integrating into sophisticated networking environments.
2.2. Network Overview, All Protocols including IP
Figure 2.1
2.3. Network Components
Figure 2.1 shows various components of a wireless network using MRM devices.
Each of these main components is described in this section.
2.3.1. Remote Site Terminal
The remote site terminal is any X.25, SDLC, 3270 BISYNC, or TCP/IP on Ethernet
device. This can be, but is not limited to, ATM or POS machines, and personal
computers.
Note: The firmware on the MRM-X3000 supports IP protocol only.
Refer to the MRM-L3000 manual if you are running 3270 BISYNC or
SDLC Protocols
2.3.2. Remote Site GNCI MRM
The remote site MRM operates as a functioning modem on a wireless GSM
GPRS/EDGE/UMTS, HSUPA, HSDPA, HSPA+, LTE network, or a CDMA
1xRTT/EvDO/EvDO RevA, LTE network.
Additionally, the MRM provides for high security using the standards based IPSec
protocol, and encrypts data with the 3DES or AES algorithms. The MRM has a built in
firewall, which provides additional security from unwanted intrusion.
The MRM-X3000 uses a built in 10/100 Ethernet port for TCP/IP communications.
2.3.3. GSM and CDMA Networks
GSM networks are available in the United States, Canada, and many countries
worldwide. GSM is widely deployed and provides for an always on, data connection.
GSM customer networks for secure data transfer are implemented with custom or
private APNs (Access Point Name). APNs are typically deployed to enhance security,
prohibiting communications with any device or network outside of the custom or private
APN. APNs for financial applications typically provide for host location access via
private land line frame relay connections. Higher speed networks using GSM using
UMTS, HSUPA, HSDPA, HSPA+, and LTE technologies are currently being deployed.
CDMA networks are available in the United States; however deployment is limited
outside of North America. CDMA provides bursting rates to 144 kbps on 1xRTT
networks, a maximum 2.4 Mbps on EvDO RevA networks and much higher burst rates
exceeding 8.0 Mbps on newer LTE networks. For secure and financial applications,
CDMA carriers provide for host site access via land line frame relay/MPLS connections.
2.3.4. Host Location Corporate Host
The corporate host shown in figure 2.1 is responsible for providing the transaction
applications driving the ATM or POS system. These hosts can interface to the network
using serial or LAN media, and can connect with TCP/IP, SDLC, X.25, 3270 BISYNC, or
LAN based LLC2.
2.3.5. Host Location Frame Relay Router
The frame relay router shown in figure 2.1 terminates the frame relay connection and
PVC/MPLS interconnecting the host location to the GSM or CDMA network. IP
addressing for this connection is typically provided by the carrier along with private
client designated IP addressing. Shown in figure 2.1 as a device of its own, this may be
a shared device terminating other frame relay connections for other applications, or may
be a device of combined function terminating frame relay, and also providing for IPSec
termination.
2.3.6. Host Location IPSec Tunnel Termination
The IPSec tunnel termination device shown in figure 2.1 manages the IPSec tunnels to
each remote MRM unit. It is responsible for maintaining keys for each remote MRM, and
providing 3DES encrypted payload. Additionally, this router must be placed into this
topology at a strategic location, to ensure proper IP routing to hosts and remote MRM
devices. Shown in figure 2.1, this device may be solely used for IPSec termination, or it
may run IPSec in addition to other functions in the network, including the termination of
frame relay/MPLS lines discussed in section 2.3.5. Typically, this device is a Cisco
Systems router or VPN server. Many models of Cisco equipment support IPSec. The
selection criteria used to determine which specific model is best suited for a client
network is dependent upon network size, topology, and other design considerations,
determined prior to any MRM units being deployed in the field.
2.4. Network Addressing
For any network to route data correctly, there must be an addressing and numbering
scheme employed. This section describes the important addressing and numbering
elements for a successful MRM deployment. A network addressing plan is
recommended to be made prior to any major MRM deployment. Specific configuration
tasks related to addressing are discussed in the next chapter.
2.4.1. IP Addressing
This section describes the IP addressing requirements across an MRM network.
Below is figure 2.4 indicating important areas of IP address consideration, numbered
one (1) through five (5).
The main concept of IP addressing when using IPSec, is to create a "tunnel" across a
foreign internet or third party network, connecting two private network entities together,
while masking from the end points, the existence of the transit network.
In figure 2.4 below, the private networks 1 and 5 are unaware of the carrier’s Internet
network connecting them together, through the use of the IPSec tunnel across the
network.
Figure 2.4
2.4.1.1. Area 1 IP Addressing Host Private Network
The host location private IP network is the private network in which the host is located.
For non-IP host communications, this network is part of the IPSec router terminating the
tunnels. This network typically exists prior to an MRM deployment, and IP network
addressing has been assigned by a network design engineer or administrator, typically
using IP Address for private Internets as described in RFC 1918. The corporate host
and any other service hosts, including management hosts and their respective IP
networks, must be visible to the "remote" device network (Area 5) through the IPSec
tunnel.
2.4.1.2. Area 2 IP Addressing Tunnel Termination
The device(s) in area 2 must be directly connected, or reachable to the IP host in area
1. In addition, the IPSec tunnel terminating device in area 2, must have an IP address
acting as a tunnel peer to the remote MRM devices, and must be reachable through the
CDMA or GSM network. This IP address is normally assigned by the carrier, to ensure
reachability across the carrier’s network to the remote MRM. However, carriers now
offer MPLS Private VPN networks which provide for client-specific IP addressing. If the
carrier assigns the IP addressing, the carrier will typically assign a small IP network
from their IP address space, with a 29- or 30-bit mask. One host from within this
network must act as the IPSec tunnel peer. This network can be assigned on a physical
interface, or a logical (loopback) interface.
2.4.1.3. Area 3 IP Addressing Frame Relay/MPLS Access Point
Frame Relay/MPLS is typically used to connect the host network to the carrier. A
customer can use an existing frame relay/MPLS circuit. Prior to the introduction of
MPLS circuits, a PVC connection to the carrier was required, or in some cases, a
completely new frame relay line was used, with a PVC connection to the carrier. This
determination is made during the design stage of a network. The carrier will assign an
IP subnet for use on the frame relay PVC, typically with a 30-bit mask, providing for one
IP at the client router for the PVC, and one IP at the carrier’s router for the same PVC.
For routing purposes, the IP address assigned to the carriers router, becomes the
gateway address to reach Area 4 IP networks (MRM radio IP addresses). This address
is used for static routing purposes in the client frame relay router, as the next hop
address to reach the distant MRM IP range (Area 4). Routing protocols are not
permitted on the frame relay link between the client and carrier. Frame relay DLCI
numbers are assigned by the frame relay carrier responsible for the PVC link between
the client and the carrier, and are made available when the PVC order is complete.
Note: Recently Carriers have migrated away from Frame Relay and are now only
offering Private VPN Tunnels over MPLS Circuits.
2.4.1.4. Area 4 IP Addressing MRM Radio IP
In both GSM and CDMA networks, the IP address assigned to the radio device
connecting to the carrier network is made dynamically. The IP addresses are
determined by the carrier, and assigned to the modem dynamically during connection
time. In both CDMA and GSM networks, the modems connect to the network using the
PPP protocol, and are assigned IP addresses during this connection setup. IP
addresses that are dynamically assigned are typically known to be within an IP subnet
range, which is useful to know for the purposes of IPSec configurations at the host
network. In the case of a private or custom APN on the GSM network, the IP address
range which can be assigned to the connecting modems is tightly defined, and is a
range of IP addresses which will only be assigned to modems belonging to the private
APN, and thereby will only be assigned to modems belonging to a particular client.
Some GSM carriers offer to use IP address space for the modems, which can be
specified by the client.
From the perspective of the MRM device, the IP address assigned to the radio of the
MRM at connection time, acts as the devices Wide Area Network (WAN) interface. This
IP address acts as the IPSec tunnel peer, communicating with the host network tunnel
peer. Since the IP Address is dynamic, only the peer at the host IPSec tunnel
termination router is known. Therefore, specific IPSec configuration is required at the
host, examples of which are discussed in the next section.
2.4.1.5. Area 5 IP Addressing Remote Private IP Network
The remote location private IP network is a private IP network in which the remote
device (ATM or POS) is connected to or associated. This network is assigned prior to
an MRM deployment, and IP network addressing has been assigned by a network
design engineer or an administrator. This is typically done using an IP address for a
private network as described in RFC 1918 and form part of the IP address plan for the
wireless network.
This network communicates with the Area 1 private network (Host Network), over the
IPSec tunnel. For Ethernet connected TCP/IP devices, an IP network must be
assigned, and, individual host IP addresses from this network must be assigned for the
MRM's Ethernet port, and the ATM/POS device.
This IP network operates on a virtual (loopback) port within the MRM, not associated to
any physical interface, for the purposes of IPSec private networking with the host
private network.
2.4.2. Other Network Numbering Requirements
For legacy protocol implementations, other network numbering assignments are
required, such as X.121 addresses and poll codes. Refer to the MRM-L3000 Installation
Guide for legacy protocols.
MRM Serial Number
1010150438
Radio Card Serial Number
356471031535837
SIM Card Number
89302370105215208037
Mobile Telephone Number
949.555.1212
APN Name
mybanksapn.com
Username
GSM
Password
network
3. MRM-X3000 Configuration
This chapter provides instruction for the configuration of the MRM for remote site
operation.
In order to use the MRM, a wireless service account must be established with a wireless
carrier, and the MRM configured with account specific information.
3.1. Preparation
This section describes what information is required before configuring the MRM for the
wireless services provider.
3.1.1 GSM Preparation
The GSM service provider will provide the following for account activation.
. GSM SIM Card (with SIM card number and mobile telephone number)
. APN Name
. Username
. Password
The GSM SIM card has a SIM card number and an associated mobile telephone
number. Records of these numbers should be carefully kept, as they can be required
later for troubleshooting with the carrier. It is recommended that records be kept for
each MRM location that includes the MRM serial number, the radio card serial number,
the SIM number, and telephone number.
In most cases, the APN name will remain the same for all remote MRMs belonging to
the same client.
Username and password may be supplied by the carrier as further authentication to
connect to the network. Note that some carriers do not implement the
Username/password as a requirement.
Table 3.1 Example GSM Remote Site Account Information
MRM Serial Number
1010150438
Radio Card Serial Number
09112561854
Activation Code
884325
System ID
16422
Mobile Telephone Number
949.555.1212
Username
9495551212@mycarrier.com
Password
mycarrier
3.1.2. CDMA Preparation
The CDMA service provider will provide the following for account activation:
. Username
. Password
. Telephone Number
. Activation Code
. System ID (SID)
Radio cards should be activated in a laptop using the carrier’s network activation
software. Once completed, the card can be inserted into the MRM.
The activation code and System ID are required only at initial activation time, using the
carrier’s activation software. The Username and password are required for
configuration in the MRM, if required by the carrier. Records should be kept for each
remote MRM with the noted information from the example below.
Table 3.1.2 Example CDMA Remote Site Account Information
3.2. Components Required For Configuration
This section describes the required equipment, cables, and software for the
configuration of the MRM.
3.2.1. Required Components for GSM Configuration
Configuration of the MRM requires the user to provide the following:
* A desktop or laptop computer, with an Ethernet communications port and an
Express Card/USB ports
* An Ethernet cable (either straight-through or crossover)
* A browser such as Internet Explorer or Mozilla Firefox
3.2.2. Required Components for CDMA Configuration
Configuration of the MRM requires the user to provide the following:
* A desktop or laptop computer, with an Ethernet communications port and an
ExpressCard / USB port
* An Ethernet cable
* A browser such as Internet Explorer or Mozilla Firefox
D -IN I
DC-IN
Init.
D-INI
3.3. Accessing the MRM for Initial Configuration
The MRM unit is shipped with a default configuration, which includes a pre-defined
Ethernet port, Ethernet (facing the rear of MRM, it is the leftmost Ethernet port).
Figure 3.3.1 MRM Side Panels
Ethernet Port
Ethernet port is factory set for IP address 192.168.10.1 with a mask of
255.255.255.252. To access the MRM configuration, a connection must be made from
the computer's Ethernet port to the MRM's Ethernet port, via an Ethernet crossover
cable. The IP address settings in the computer must be set to specify IP address
192.168.10.2 with a mask of 255.255.255.252, and a gateway of 192.168.10.1.
Follow these steps to access the MRM configuration:
Step 1 . Power on the MRM unit with radio card inserted into either the
ExpressCard slot or the USB port. The port selection will depend on which
type of wireless aircard you are using. Connect the power supply cable to
AC Power, and to the 6 VDC receptacle on the MRM.
Step 2 . Connect your computer to the MRM Ethernet port (shown in Figure 3.3.1)
using a standard Ethernet cable.
Step 3 . Set the IP address, subnet mask, and gateway in your computer, as
shown on the next page.
Step 4 . Using a web browser, connect to the default IP address of 192.168.10.1.
D
-
Figure 3.3.2 Accessing the MRM via a Static IP address using USB port
Ethernet IP Add: 10.30.0.1
Ethernet Cable Masks: 255.255.255.252
Follow these steps to access the MRM configuration:
Step 1 . Power on the MRM unit without the radio card inserted in the USB port, by
connecting the power supply cable to AC power outlet, and to the 6 VDC
receptacle on the MRM. Note: A Trendnet TU2ET100 USB-to-Ethernet
adapter is required to connect through the MRM-X3000 USB port.
Step 2 . Connect your computer to the Ethernet port of the Trendnet TU2ET100
adapter. Then connect the USB adapter to the USB port on the MRMX3000. (Shown in Figure 3.3.2.)
Step 3 . Configure your computer to receive an IP address:
10.30.0.2/30 (subnet mask of 255.255.255.252).
Step 4 . Using a web browser, connect to the default gateway IP address of
10.30.0.1
MRM-X3000 Home Screen
Home Screen Start Section 3.4.1
1. A summary of the MRM-X3000 operation and connectivity status can be obtained by
Clicking on the GNCI logo in the upper left hand portion of the Home Screen
2. The information on the Home Page will provide WWAN/carrier connection status,
Total Bytes count and System Time.
3.4. Configuring the MRM System Parameters
This section describes the configuration of MRM system parameters.
3.4.1. Default Username and Password
The default system username is “admin”, and the default system password is “gnci”.
You can change the password in the Name and Password section, under the SYSTEM
CONFIG heading.
3.4.2 Basic Setup
3.4.2.1 LAN Port
LAN Port Setup
LAN Port IP Address and Mask: Enter the IP address you wish to use for the MRM.
LAN Port Speed: Speed settings for the Ethernet port on the MRM. Settings are
Negotiate Automatically, 10 Mbps Half Duplex, 10 Mbps Full Duplex, 100 Mbps Half
Duplex, 100 Mbps Full Duplex.
Enable DHCP Server on LAN Port: Check this box if you would like the MRM to act as
a DHCP server.
Enable Internet Access using NAT: Check this box if you would like devices connected
GSM Account Information
Value
Description
GSM APN
blank
Enter the APN name for the customer network.
Mandatory field if this MRM is used in GSM mode.
Username
Blank
Enter the GSM Username. (Optional)
Password
Blank
Enter the GSM Password. (Optional)
CDMA Account Information
Value
Description
Username
Blank
Enter the CDMA Username. (Optional)
Password
Blank
Enter the CDMA Password. (Optional)
to the MRM to be able to access the Internet using Network Address Translation.
DNS Mode: Choose the DNS mode you wish to use. Other options are available from
the drop-down menu.
DNS IP Address: Enter the IP address of your DNS server, when configured manually.
3.4.2.2 3G/4G WWAN Wireless WAN Setup
Table 3.4.2.1
IPSec VPN Parameter
Default
Description
IPSec VPN Host IP
Blank
The Tunnel Peer IP Address found on the IPSec
Router at the Host location.
Destination Private Network
Blank
The private network address from which the host
location this MRM will communicate.
Local Private Network
Blank
The private network assigned to this MRM for IPSec
communications.
Phase 1 Encryption / Hash /
DH Group
Blank
Contact GNCI Technical Support where advanced
settings are required
IPSec Pre-Shared Key
Blank
Enter the Pre-Shared Key (PSK) for this IPSec
connection
Press Reset/Save button to proceed to the next step. Selecting Reset resets the values
in your computers browser, not the configuration values in the MRM.
3.4.2.3 IPsec VPN Settings
Select the Enable IPSec VPN Tunneling check box to enable IPSec on this MRM. By
default, the MRM runs IPSec with 3DES encryption, uses IKE, and PSK.
Table 3.4.2.3
Confirm PSK Here
Blank
Re-enter the PSK to validate. If the two keys entered
do not match, the MRM will indicate an error.
Encryption Key Timeout
1
Lifetime of encryption key and ISAKMP SA
Dead Peer Detection
Default
Description
Use Dead Peer Detection
Checked
Check or uncheck box to enable /disable DPD.
DPD Timer
90
Choose a value of 15 to 300 minutes, in increments
of 5 min.
DPD Max Retries
3
Max number of DPD retries before the MRM
declares the IPSec tunnel dead. Range is 2 to 20 in
increments of 1.
Action on DPD Event
Restart
Wireless
and IPSec
Select what action to take in the event of a Dead
Peer Detection. The options are Restart Wireless
and IPSec or Restart IPSec.
Press the “Save”button to proceed to the next step. Selecting Reset resets the values
in your computer’s browser, not the configuration values in the MRM. Select Reset to go
back to the default settings, this will allow you to re-enter changes. Once all changes
are completed, select “Save.” If all configuration entries have been made, you can save
the final configuration by selecting the “Apply New Config” Button.
4. MRM Installation
This chapter covers the physical installation of the MRM.
4.1. Preparation
The MRM unit must be configured prior to final installation. See section 3 for
configuration instructions and examples.
Note: A complete site survey and site analysis is recommended prior to installing
the MRM. The site survey and site analysis is designed to qualify the remote site
for consistent/reliable radio signal stability. Test results and radio signal stability
should be documented for each remote site.
! Note !
Special Note For CDMA Installations
CDMA radio cards must be activated in a laptop or desktop computer prior to installation
in the MRM. Carefully follow the instructions provided to you on the Wireless AirCard
Installation CD, or by the automated instructions imbedded in the CDMA wireless
modem.
Ensure the card is functioning correctly and can connect to the wireless carrier prior to
inserting the card into the MRM.
4.1.1. Required Equipment
Item Description
Installation Requirement
Multi-Radio-Modem Base Unit
Required for all installations
MRM Power Supply
Required for all installations
CDMA Radio USB/ExpressCard
Required for CDMA installations
GSM Radio USB/ ExpressCard
Required for GSM installations
SIM Card
Required for GSM installations
GSM Antenna
Required for GSM installations
CDMA Antenna
Required for CDMA installations
ULSSC Cable (MRM-L3000 only)
Required for Bisync or SDLC installations
(MRM-L3000 only)
Ethernet Cable
Required for TCP/IP installations
ATM / POS / or connecting device
Required for all installations
AC 120 V Power Outlet
Required for all installations
Small Slotted Screw Driver (MRML3000 only)
Required for Bisync or SDLC installations
(MRM-L3000)
The table below indicates the equipment required for the type of installation.
Table 4.1.1
Optional mounting hardware may be required at some remote sites to physically secure
the devices, depending on installation requirements.
4.2. Antenna Considerations
A base small antenna is provided with the MRM shipment. GSM and CDMA antennas
have different connectors.
!! Warning : FCC RF Exposure Guidelines
While this device is in operation, a separation distance of at least 20 cm must be maintained between the
radiating antenna and the body of all persons exposed by the transmitter to meet FCC exposure
guidelines.
To comply with FCC regulations limiting both maximum RF output power and human exposure to RF
radiation, the maximum antenna gain must not exceed 6 dBi in the cellular band and 4 dBi in the PCS
band.
4.2.1. Antenna Location
Locate the antenna as far away from personnel as possible to minimize signal blocking.
For optimum reception, position the antenna above the height of personnel and nearby
equipment or structures. Locate the antenna to allow as free a radiation pattern as
possible.
4.2.2. Antenna Ground Plane
If possible, ensure the antenna is mounted on a good ground plane (ferrous metal
surface).
4.2.3. Proximity to other antennas
In general, avoid locating the antenna closer than 1.5 meters (5 feet) to another
antenna.
4.3. Installation Procedure
To install the MRM at a remote location, use the following steps:
1) Insert the provided GSM or CDMA radio card into the ExpressCard or USB port
on the side panel of the MRM.
2) Install the MRM at a suitable location, within cabling distance of the connecting
device (either RS-232 or Ethernet cable) and the antenna location.
3) Install the antenna at a suitable location, and connect into the radio card.
4) Connect the RS-232 or Ethernet cabling to the connecting device. (For MRM
L3000 only: If connecting the RS-232 cable (ULSSC Cable), ensure that the DB25 end of the cable is securely attached to the connecting device using a screw
driver.)
5) Connect the power supply to the MRM.
6) Connect the power supply to a 120 VAC electrical outlet.
Note: An uninterruptible power supply (UPS) or surge protector is recommended
for all installations.
The MRM installation is now complete and ready for testing or use.
5. MRM Status and Monitoring
This section describes how to monitor the MRM, check for status, using the web
interface.
5.1. Using the Web Interface for Monitoring and Status
The web interface is used to display information about the current operational state of
the MRM, as well as perform some basic diagnostics.
5.1.1. Accessing the Overview Screen
The web interface main screen provides a simple overview of the current RF status, as
well as the current status of legacy or Ethernet connections.
To access the overview, use a web browser, and point to the appropriate IP address
using HTTP. To review or see an updated overview, or to go back to the overview from
a different page, click on the Global Net Commerce Inc. logo at the top left of the
screen. See below example, which shows a configured MRM overview on a CDMA
network.
6.1.1 Network Config
Firewall Parameter
Default
Description
Allow Access From
blank
Enter either individual IP hosts, or specify IP networks
which will be permitted to access the MRM.
Allow Access From
blank
same as above
Allow Access From
blank
same as above
6.1.1.1 Access & Firewall
Check the Enable Firewall check box to enable the IP firewall on the MRM. The MRM
will deny all traffic from all IP addresses except the IPSec tunnel peer, unless specified.
Table 6.1.1.1
6.1.2 3G WANN Setup:
Selecting Reset resets the values in your computers browser, not the configuration
values in the MRM.
Select Reset/Save to complete the configuration.
6.2.1 Dynamic DNS
Dynamic DNS Setup:
Use Dynamic DNS Provider: Select your Dynamic DNS provider from the adjacent
list. Select from the drop-down menu for available options.
DDNS Domain Name: Enter the domain name used by your Dynamic DNS provider.
DDNS Username: Enter the appropriate DDNS Username.
DDNS Password: Enter the appropriate DDNS password.
7.1.1 System Config
7.1.1.1 Name & Password
MRM-X3000 Host Name
7.1.1.1 Configuring Host Name
Each MRM unit has a configurable hostname, which can be up to 20 characters in
length. The host name can be assigned completely at the discretion of the client.
Hostnames appear in syslog and SNMP messages for monitoring purposes. Hostnames
can assume the name of connecting devices such as ATM or POS controllers. For
example, the MRM hostname could be MyBankATM54321.
MRM-X3000 Authentication for RADIUS
Password Configuration
The Password configuration is accessed by clicking on Password located under the
SYSTEM section.
Click on the Name and Password Tab under the SYSTEM category on the left side of
the browser screen to access this configuration.
Enter the new password for the MRM in the box provided, and confirm the password as
indicated. Press the Apply button to make the change.
Note: The actual passwords are not displayed on the screen for security purposes.
7.1.1.2 Date & Time
7.1.1.2 Configuring the Date and Time Settings
The Date and Time configuration is accessed by clicking on Date and Time located
under the SYSTEM section.
There are three ways to set the date and time on the MRM unit.
1) Set the date and time to the same date and time as the current date and
time on the computer configuring the MRM.
Press the appropriate Set Date and Time button.
2) Manually set the date and time. Use the pull down boxes to manually set
the date and time to specific value.
Press the appropriate Set Date and Time button.
3) Set date and time using a remote NTP server.
The MRM will use the Network Time Protocol to synchronize its clock
with a remote NTP server.
Enter the Remote NTP Server IP address in the box provided. This IP
address needs to be reachable from the wireless network or via the IPSec
tunnel. If domain names are supported, you substitute a domain or
machine name in place of an IP address (for example “pool.ntp.org”).
The date and time will typically be in UTC (Universal Time Coordinated),
and therefore, a time zone adjustment may be required, such as -5 for
EST and -8 for PST. Enter the Timezone Adjustment value from the drop
down box indicated.
The MRM will automatically adjust itself for daylight savings time if the
Adjust for Daylight Saving Time checkbox is checked.
Press the Save button for the NTP setting to take effect.
7.1.1.3 Advanced
Click on the “Advanced” button under the system heading. Click on Flash Upgrade to
upload new firmware to your MRM. Follow the prompts.
Note: Your firmware version must be stored on your computer, with accessible file
permissions.
7.1.1.4 Flash Upgrade Screen
1. Click on the “Advanced” button under the system heading. Click on Automatic
Background Pinging to generate background traffic on the data link.
2. Click on the “Advanced” button under the system heading. Click on Failsafe
Configuration to designate a currently active configuration as a backup
configuration in case of a misconfigured unit, you can revert back to your base
configuration by pressing the INIT button located next to the power source on the
MRM for 10 to 15 seconds.
3. Click on the “Advanced” button under the system heading. Click on Configuration
Files to save and load configuration files between your computer and the MRM.
4. Click on the “Advanced” button under the system heading. CDMA/EvDO Modem
activation/PRL upgrade. Currently, activation can be done for Sierra Wireless
and Novatel Wireless modems only. Follow the instructions to perform the
upgrade.
5. Click on the “Advanced” button under the System Configuration heading. Press
Reboot to perform a software restart on the MRM.
Component
Description
MRM Unit
The running MRM unit to be upgraded
Ethernet cable
Ethernet cable to connect the MRM to the
computer
Computer (Laptop or Desktop)
Computer used to initiate the upgrade
MRM firmware file
New MRM firmware file to send to the MRM.
7.2.1 Installing New Firmware on the MRM
This chapter discusses how to upgrade the firmware of the MRM.
7.2.1. Preparation
In order to upgrade the MRM firmware, it is assumed that the MRM unit is already
configured for IP, Bisync, or SDLC operations, and is reachable via the IP protocol,
either by a locally attached Ethernet cable, or over the wireless network.
7.2.2. Required Components
The components required for a firmware upgrade depend on if the upgrade is to be
performed locally via Ethernet cable, or remotely over the wireless network.
7.2.3. Local Ethernet Upgrade using HTTP
Use of the HTTP Flash Upgrade method is more straight-forward and highly
recommended. Use of Microsoft Internet Explorer 5.0 or later, or Mozilla Firefox 6.0 or
later, is required, for support of browser file uploads.
Table 7.2.3 shows the components required to upgrade the MRM firmware, when
performing the upgrade via a locally attached Ethernet cable.
Using your computer’s web browser, select the “Advanced” option from the “System Config” on
menu at the left-hand side. The MRM-X3000 will present the “Flash Upgrade” screen (shown
above in Figure 7.2.3). Enter the filename of the MRM flash file in the text field to the right of
“Filename” below the “HTTP Flash Upgrade” heading, or (recommended for ease) click the
“Browse” button and use your Windows File Explorer to select the MRM flash file.
Select “Ignore Firmware Version Information” checkbox if you are downgrading.
Typically, you should NOT select “Revert to Factory Configuration” since you likely wish to
maintain your existing configuration.
Then select “Start HTTP Upgrade”, and wait for the firmware upgrade to complete without
disruptions.
Note: Once the MRM firmware has been updated, go to “System Status” to verify that the
firmware has changed.
See next page for System Status screen.
Component
Description
MRM Unit
The running MRM unit to be upgraded
Ethernet cable
Ethernet cable to connect the MRM to the
computer
Computer (Laptop or Desktop)
Computer used to initiate the upgrade
TFTP or FTP Server
Program used to send the new flash file to the
MRM.
MRM firmware file
New MRM firmware file to send to the MRM.
!! Warning: Do NOT power off or otherwise interrupt the MRM during this
process, as this will cause permanent damage to the unit which is not covered under
warranty.
7.2.4. Local Ethernet Upgrade using TFTP or FTP
Table 7.2.4 shows the components required to upgrade the MRM firmware, when
performing the upgrade via a locally attached Ethernet cable.
D
-
Figure 7.2.4 shows the topology required for a successful local upgrade. Use of these
instructions require a Trendnet TU2ET100 USB-to-Ethernet adapter connected between
the computer to the MRM-X3000 USB port. Alternatively, computer connection with
MRM-X3000 Ethernet port requires alternative IP configuration which is dependent on
your carrier’s static IP or dynamic IP, which is more complicated (contact GNCI for
technical assistance).
Note: Once the MRM firmware has been updated, go to
“System Status” to verify that the firmware has changed.
See next page for System Status screen.
Current MRM Ethernet IP Address
10.30.0.1
Current MRM Ethernet IP mask
255.255.255.252
Computer IP address
10.30.0.2
Computer IP mask
255.255.255.252
Computer Gateway Setting
10.30.0.1
7.3.1. Local Upgrade IP addressing
Select an appropriate IP address, mask, and gateway for the computer connecting to
the MRM, depending on the current IP settings on the MRM Ethernet port. Example:
Ensure that a ping from the computer to the MRM is successful prior to continuing to the
next step.
Note: Some computers have built-in firewalls, which may need to be turned off or
adjusted to permit FTP or TFTP traffic.
7.3.2 Local Upgrade Procedure
Component
Description
MRM Unit
A running MRM unit on the wireless network to
be upgraded
Computer (Laptop or Desktop)
Computer used to initiate the upgrade
TFTP or FTP Server
Program used to send the new flash file to the
MRM
MRM Flash file
New MRM flash file to send to the MRM.
1) Start TFTP or FTP server on the computer, with the new MRM flash file stored in
an appropriate directory.
2) Telnet to the MRM device, and log on to the MRM with the current username and
password.
3) From the # prompt, issue the following command:
For TFTP : netflash x.x.x.x filename Where x.x.x.x is the IP address of the TFTP computer and filename is the
filename of the new MRM flash file. Filenames are case sensitive.
For FTP: netflash -f x.x.x.x filename …where the -f operand specifies use of FTP, x.x.x.x is the IP address of the
TFTP or FTP server and filename is the filename of the new MRM flash file.
Filenames are case sensitive.
The netflash routine saves the current MRM configuration, loads the new flash
file, and then reboots.
!! Warning: Do NOT power off or otherwise interrupt the MRM during this
process, as this will cause permanent damage to the unit which is not covered under
warranty.
7.3.3. Remote Firmware Upgrade
Table 7.3.3 shows the components required to upgrade the MRM firmware, when
performing the upgrade over the wireless network.
Note: The MRM unit must be able to reach the computer over the network for the
upgrade to be successful. Ensure that you are able to ping the MRM before initiating the
upgrade.
Figure 7.3.3.0 shows a sample topology for a successful firmware upgrade over the
wireless network.
Figure 7.3.3.0
7.4.1. Remote Upgrade IP addressing
Upgrading the firmware remotely assumes that both the MRM and the TFTP or FTP
server are already configured with fixed IP addresses.
Note: Some computers have built-in firewalls, which may need to be turned off or
adjusted to permit FTP or TFTP traffic.
7.1.1.1. Remote Upgrade Procedure
1) Start TFTP or FTP server on the computer, with the new MRM flash file stored in
an appropriate directory.
Important Note ! The performance of the remote firmware upgrade over
the wireless network is much faster when using FTP, compared to the
dramatically slower TFTP.
2) Telnet to the MRM device, and log on to the MRM with the current username and
password.
3) From the # prompt, issue the following command :
For TFTP : netflash -I x.x.x.x y.y.y.y filename Where y.y.y.y is the IP address of the TFTP computer, x.x.x.x is the source IP
address of the MRM (usually the IPSec Local Private Address), and filename is
the filename of the new MRM flash file. Filenames are case sensitive.
For FTP : netflash -f -I x.x.x.x y.y.y.y filename Where the -f operand specifies to use FTP, y.y.y.y is the IP address of the TFTP
computer, x.x.x.x is the source IP address of the MRM (usually the IPSec Local
Private Address), and filename is the filename of the new MRM flash file.
Filenames are case sensitive.
The netflash routine saves the current MRM configuration, loads the new flash
file, and then reboots.
Monitoring Config
Event Logging
System Log Setup
System Log – Level of Detail:Select the level of detail which will be posted to the MRM’s system log.
Increased detail decreases the duration of the log file. The converse is also true. Options are:
Show Last Entry on Top: Check this box if you would like system log posts to be displayed in reverse
chronological order (newest to oldest entries) from the top.
Enable 3G Wireless Stats Logging:
Radio Statistics Log Interval: Choose the interval between Radio Statistics (RSSI, channel, etc.) posts.
Note: See screen options on next page.
Other Options:
Log to Remote Server
Enable Remote Logging: Check this box to enable logging to a remote server. This is usually not
recommended.
Remote Server – Level of Detail: Select the level of detail which will be posted to the remote system log.
Increased detail decreases the duration of the log file. The converse is also true.
Note: click on down arrows for alternative logging settings
Remote Server IP Address: Enter the IP address of the remote logging server.
Traffic Counter
WWAN Interface Byte Counter
[Clear Counter now] Button: Click this button to set the MRM’s Total byte counter to Zero (0).
Enable Monthly Counter Reset: Check this box if you would like the byte counter to reset monthly on a
given day (detailed in the next field).
Counter Reset Date: Day of the month on which the byte counter will reset (at 0000). For instance,
select 1 if you would like the counter to reset at 0000 on the 1st of each month. This is usually employed
to reset on the account statement date.
SNMP Configuration
8.1.1.3 SNMP
8.1.1.3. Configuring SNMP Move to SNMP screen
8.1.1.4 SNMP Trap Configuration
This section discusses the MRM’s configuration and implementation of SNMP Traps.
8.1.1.5. MRM Implementation of SNMP Setup
The MRM uses SNMP Traps for reporting status and alarms.
SNMP generic traps are used to report all Up/Down events for Bisync, SDLC, DSP,
QLLC, Ethernet TCP/IP, and Radio Reception (RSSI) information. Generic traps are
augmented with text strings for more specific information on the Up/Down event, and is
always preceded by the MRM Nodename. Two specific generic traps are used, shown
below in table X.X.X.2
Table X.X.X.2 SNMP Generic Traps
SNMP OID
Trap Name
Version Supported
.1.3.6.1.6.3.1.1.5.3
Link Down
V1 & V2
.1.3.6.1.6.3.1.1.5.4
Link Up
V1 & V2
Special Note for Trap 11:
Trap 11 is a trap sent on a configurable time interval for reporting general status of the
MRM. The additional text of trap 11 will vary depending on the current RSSI value, the
current serial protocol status, or the current Ethernet IP status.
8.1.1.6 Configuring SNMP Set up and SNMP Trap Set up under the
Monitoring Config Tab in the browser
Check the Enable SNMP and Traps by checking the SNMP Setup box. Leave
unchecked if SNMP will not be used.
Proceed to SNMP Read Community String (Labeled Public)
Proceed to SNMP Write Community String (Labeled Private)
Proceed to Listen on Interface(s)
Proceed to Only Reply to IP Address or Network
Press Next button to proceed to Step 2. Selecting Reset resets the values in your
computers browser, not the configuration values in the MRM.
8.1.1.7 SNMP Trap Setup
Set the SNMP traps to your Host SNMP server IP address
Background logging messages are Syslog messages which will write to the system log
at pre-configured intervals, the current receive level of the modem (RSSI), and current
status of legacy protocols. To enable background logging, check the box labeled Enable SNMP as shown above, and indicate the time/ frequency of this logging in minutes, by
selecting the appropriate interval in the drop down box.
These messages will be written to the local syslog (default), and can also be sent to a
remote syslog server.
Additionally, the MRM can be configured to send alerts due to significant changes in the
receive signal level (RSSI), to the local or remote syslog.
To enable this feature, check the appropriate Alert Logging boxes under the SNMP Trap Setup section of the Monitoring Config screen.
Table 8.1.1.7
SNMP Parameter
Default
Description
SNMP Server IP address
blank
Enter the IP Address of the SNMP server.
Dest. is across IPSec
Tunnel
unchecked
If using IPSec, and the SNMP server is part of the host
location private IP network, this box must be checked to
ensure a correct source IP address for the SNMP packet.
SNMP Version
V2
Select V1 or V2 from drop down box.
Serial Port L1 Trap
unchecked
Check the checkbox to enable Serial port Up/Down traps
Bisync/SDLC L2 Trap
unchecked
Check the checkbox to enable Serial L2 Up/Down traps
X25.DSP/QLLC L3 Trap
unchecked
Check the checkbox to enable DSP/QLLC Up/Down traps
Ethernet Device
Up/Down
unchecked
Check the checkbox to enable Ethernet Up/Down traps.
You will also need to enter an IP address of the Locally
Attached Device.
Ethernet Link State
checked
Check to enable Ethernet port traps
Warn on low RSSI
unchecked
Check the checkbox to send RSSI warning as defined in
hostname/logging configuration.
Send Periodic Status
Updates
checked
Check to send periodic trap 11 status messages at the
configured interval.
Include RF Byte Count
checked
Include the RF TX/RX byte count in the trap 11 message.
Status Update Interval
15
Select interval to send trap 11 status messages in
increments selected in drop down box.
IP address of Locally
Attached IP Device
blank
Enter the IP address of the Ethernet connected device for
Ethernet Up/Down messages
Selecting Reset resets the values in your computers browser, not the configuration
values in the MRM. Select Apply to save this configuration.
The below example shows a screen shot of inbound MRM SNMP traps being received
at an SNMP station. All eleven MRM traps are shown.
CPE Monitoring
You can configure the MRM-X3000 to monitor an attached IP device.
Check “Enable” and enter the IP address of the device to be monitored.
Note: In ATM deployments this IP address will always be the IP address of the ATM.
9.1.1 Diagnostics
9.1.1.1 System Log
9.1.12. Accessing the System Log
Click on the System Log button Under the Diagnostics Tab to display the contents of the
system log.
There are two System Log options available through the web interface:
1. System Log History
2. Live System Log Events (Note: This requires Adobe Flash and will create
additional traffic while active. It does not work with HTTPS over WWAN)
Press Clear to clear the system log, and Refresh to display the most recent syslog
activity.
Port Status:
9.1.3
Accessing the Ports and Connections Screen
Click on the Ports and connections button to display the current status of all physical
and logical ports in the MRM.
9.1.4 Routing Tables and Firewall Status
9.1.4.1. Accessing the Routing and Firewall Screen
Click on the Routing and Firewall Button to view the current routing table and firewall rules.
9.1.5. Accessing the System Status Screen
Click on the System Status Button to view the system status including running
processes, memory, CPU information and interrupts.
System Status
10.1.1. MRM Technical Specifications
Interfaces
1 x 10/100M Ethernet
1 x SYNC RS-232 DB25 UP TO 128 kbps (MRM-L3000
only, with ULSSC cable)
USB 2.0
Protocol Support
TCP/IP
BISYNC 3270 & DSP ((MRM-L3000 only)
SDLC (MRM-L3000 only)
FTP
TFTP
SNMP
SYSLOG
XOT
Security
IPSec
IKE
3DES
AES
IP Packet filtering
IP NAT
Environmental
Operation temperature range: 0˙ C to 40˙ C
Humidity 0% to 95% non-condensing
Dimensions
10.3cm x 7.4cm x 2.5cm (4.1” x 2.9” x 1”)
10.1.1 General
Table 10.1.1 shows the technical specifications of the MRM.
Table 10.1.1
10.1.2 Front Panel LED’sMRM-X3000 Hardware Overview
Signal Strength LEDs WWAN Status LED
11. Glossary of Acronyms
1xRTT 1 x Radio Transmission Technology (CDMA)
AES Advanced Encryption Standard
APN Access Point Name
AS Autonomous System
ASYNC Asynchronous
BGP Border Gateway Protocol
BISYNC Binary Synchronous
CDMA Code Division Multiple Access
CTS Clear To Send
DLCI Data Link Connection Identifier
DPD Dead Peer Detection
DTE Data Terminal Equipment
DTR Data Terminal Ready
EDGE Enhanced Data rates for GSM Evolution (GSM)
EvDO Evolution Data Optimized (CDMA)
FCC Federal Communications Commission
FTP File Transfer Protocol
GNCI Global Net Commerce, Inc.
GSM Global System for Mobiles
GRE Generic Routing Encapsulation
GSM Global System for Mobile Communications
HPAD Host Packet Assembler/Disassembler
ICMP Internet Control Message Protocol
IKE Internet Key Exchange Protocol
IP Internet Protocol
IPSec Internet Protocol Security Protocol
ISAKMP Internet Security Association and Key Management Protocol
LAN Local Area Network
LLC2 Logical Link Control (2)
MRM Multi Radio Modem
NAT Network Address Translation
Figure
Number
Title
Page
Number
1
About This Guide
4
2
System Overview
4
3
MRM X-3000 Configuration
10
4
MRM Installation
18
5
MRM Status and Monitoring
20
6
MRM Network Configuration
22
7
MRM System Configuration
25
8
MRM SNMP
39
9
MRM Diagnostics
45
10
MRM Technical Specifications
48
11
Glossary of Acronyms
49
NRZ Non Return to Zero
NRZI Non Return to Zero Inverted
NTP Network Time Protocol
OID Organization Identifier
OSPF Open Shortest Path First
PCMCIA Personal Computer Memory Card International Association
PSK Pre-Shared Key
QLLC Qualified Logical Link Control
RF Radio Frequency
RFC Request for Comments
RSSI Receive Signal Strength Indication
RTS Request To Send
SDLC Synchronous Data Link Control
SIM Subscriber Identity Module
SNMP Simple Network Management Protocol
SYSLOG System Log
TCP Transmission Control Protocol
TFTP Trivial File Transfer Protocol
TPAD Terminal Packet Assembler/Disassembler
UDP User Datagram Protocol
ULSSC USB Legacy Synchronous Serial Converter
UMTS Universal Mobile Telecommunications System (GSM)
USB Universal Serial Bus
UTC Universal Time Clock
VPN Virtual Private Network
XOT X.25 over TCP
List of Figures
Loading...
+ hidden pages
You need points to download manuals.
1 point = 1 manual.
You can buy points or you can get point for every manual you upload.