Page 1
MoRoS GPRS 2.1 PRO
Manual
Page 2
Page 3
Copyright © January 12 INSYS MICROELECTRONICS GmbH
Any duplication of this manual is prohibited. All rights on this documentation and
the devices are with INSYS MICROELECTRONICS GmbH Regensburg.
Trademarks
The use of a trademark not shown below is not an indication that it is freely avail-
able for use.
MNP is a registered trademark of Microcom Inc.
IBM PC, AT, XT are registered trademarks of International Business Machine Corporation.
INSYS®, e-Mobility LSG® and e-Mobility PLC® are registered trademarks of INSYS
MICROELECTRONICS GmbH.
Windows™ is a registered trademark of Microsoft Corporation.
Linux is a registered trademark of Linus Torvalds.
Publisher:
INSYS MICROELECTRONICS GmbH
Waffnergasse 8
D-93047 Regensburg, Germany
Phone: +49 (0)941/56 00 61
Fax: +49 (0)941/56 34 71
E-mail: insys@insys-tec.de
Internet: http://www.insys-icom.com
Date: Jan-12
Item: 31-22-03.163
Version: 1.4
Language: EN
Page 4
Content
1 Preface.....................................................................................................8
1.1 Defects Liability Terms ..........................................................................................8
1.2 Marking of Warnings and Notes............................................................................9
1.2.1 Symbols and Key Words.......................................................................... 9
1.3 Symbols and the Formatting in this Manual ........................................................10
2 Safety.....................................................................................................11
2.1 Usage According to the Regulations ...................................................................11
2.2 Permissible Technical Limits................................................................................12
2.3 Responsibilities of the Operator...........................................................................12
2.4 Qualification of the Personnel..............................................................................12
2.5 Instructions for Transport and Storage ................................................................12
2.6 Markings on the Product ..................................................................................... 13
2.7 Environmental Protection ....................................................................................13
2.8 Safety Instructions for Electrical Installation........................................................ 14
2.9 General Safety Instructions..................................................................................14
3 Using Open Source Software.................................................................16
3.1 General Information............................................................................................. 16
3.2 Special Liability Regulations ................................................................................17
3.3 Used Open-Source Software ...............................................................................17
4 Scope of Delivery...................................................................................18
5 Technical Data .......................................................................................19
5.1 Physical Features.................................................................................................19
5.2 Technological Features........................................................................................20
6 Display and Control Elements ................................................................21
6.1 Meaning of the display elements......................................................................... 22
6.2 Function of the Control Elements ........................................................................ 23
7 Connections...........................................................................................24
7.1 Front Panel Connections......................................................................................24
7.2 Terminal Connections on the Top........................................................................25
7.3 Terminal Connections on the Bottom .................................................................. 26
7.4 Pin Assignment of the Serial Interface.................................................................27
8 Function Overview.................................................................................28
9 Mounting ...............................................................................................34
10 Initial Operation......................................................................................38
4 Jan-12
Page 5
Contents
11 Operating Principle ................................................................................42
11.1 Operating the Web Interface ...............................................................................42
11.2 Access via the HTTPS Protocol............................................................................43
12 Functions ...............................................................................................45
12.1 Basic Settings......................................................................................................45
12.1.1 Web Interface (User Name, Password, Remote Configuration) ............ 45
12.1.2 Setting IP Addresses .............................................................................. 46
12.1.3 Enter Static Routes................................................................................. 47
12.2 GSM/GPRS ..........................................................................................................48
12.2.1 Enter SIM Card PIN ................................................................................ 48
12.2.2 Configure Network Selection................................................................. 49
12.2.3 Configure Daily Login and Logout ......................................................... 50
12.2.4 Terminal.................................................................................................. 50
12.3 Dial-In ..................................................................................................................51
12.3.1 Configuring Dial-In ................................................................................. 51
12.3.2 Automatic Callback (Callback)................................................................ 52
12.3.3 Routing................................................................................................... 52
12.3.4 Creating or Deleting a Firewall Rule....................................................... 53
12.4 Dial-Out ...............................................................................................................54
12.4.1 Configure Dial-Out.................................................................................. 54
12.4.2 Configure Leased Line Operation........................................................... 55
12.4.3 Configuring a Periodical Dial-Out Connection Setup ............................. 56
12.4.4 Routing................................................................................................... 56
12.4.5 Configuring a Talking Filter .................................................................... 57
12.4.6 Creating or Deleting a Firewall Rule....................................................... 58
12.4.7 Creating or Deleting a Port Forwarding Rule ......................................... 58
12.4.8 Defining the Exposed Host..................................................................... 59
12.5 LAN (ext)..............................................................................................................60
12.5.1 Configuring the Interface to the External Network (LAN/WAN) ............ 60
12.5.2 Configuring Redundant WAN ................................................................ 61
12.5.3 Configuring DSL..................................................................................... 62
12.5.4 Configuring Leased Line Operation........................................................ 63
12.5.5 Configuring a Periodical DSL Connection Establishment ...................... 64
12.5.6 Configuring Routing............................................................................... 65
12.5.7 Setting up a Dialling Filter...................................................................... 66
12.5.8 Creating or Deleting a Firewall Rule....................................................... 67
12.5.9 Creating or Deleting a Port Forwarding Rule ......................................... 67
12.5.10 Defining the Exposed Host..................................................................... 68
12.6 VPN .....................................................................................................................69
12.6.1 VPN General........................................................................................... 69
12.6.2 OpenVPN General .................................................................................. 69
12.6.3 Setting Up an OpenVPN-Server ............................................................. 70
12.6.4 Setting Up an OpenVPN-Client .............................................................. 73
12.6.5 PPTP General.......................................................................................... 76
12.6.6 Setting Up a PPTP Server....................................................................... 77
12.6.7 Setting Up a PPTP Client........................................................................ 78
12.6.8 Setting Up IPsec..................................................................................... 79
12.7 Redundant Communication Device .....................................................................83
12.7.1 Configure Redundant Communication Device....................................... 83
Jan-12 5
Page 6
Content
12.8 Inputs and Outputs..............................................................................................84
12.8.1 Querying the State of the Inputs............................................................ 84
12.8.2 Configuring the Function of the Inputs.................................................. 85
12.8.3 Switch Outputs....................................................................................... 86
12.9 Configurable Switch ............................................................................................ 87
12.9.1 Querying Configuration and Status of the Switch Ports........................ 87
12.9.2 Configuring Switch Ports ....................................................................... 88
12.9.3 Configuring the LED Display of the Switch Ports .................................. 88
12.9.4 Configuring VLAN .................................................................................. 89
12.9.5 Configuring Port Mirroring..................................................................... 90
12.10 Serial Ethernet gateway....................................................................................... 91
12.10.1 Setting up the Serial Ethernet Gateway ................................................. 91
12.10.2 Configuring the Serial Ethernet Gateway Interface................................ 93
12.10.3 Modem Emulator ................................................................................... 95
12.11 Messages ............................................................................................................97
12.11.1 Configuring the Message Dispatch........................................................ 97
12.11.2 Enable SMS Receipt............................................................................... 98
12.11.3 Configuring E-Mail Dispatch ................................................................ 100
12.11.4 Configuring SMS Dispatch................................................................... 101
12.11.5 Configuring SNMP Trap Triggering...................................................... 102
12.12 Server Services..................................................................................................103
12.12.1 Setting up DNS Forwarding ................................................................. 103
12.12.2 Dynamic DNS Update .......................................................................... 103
12.12.3 Setting up the DHCP Server................................................................. 104
12.12.4 Configuring the Proxy Server............................................................... 105
12.12.5 Configuring an URL Filter..................................................................... 106
12.12.6 Configuring IPT..................................................................................... 106
12.12.7 Configuring the SNMP Agent .............................................................. 108
12.13 System Configuration ........................................................................................109
12.13.1 Displaying the System Log .................................................................. 109
12.13.2 Displaying the Last System Messages................................................. 109
12.13.3 Configuring Time and Time Zone......................................................... 110
12.13.4 Reset .................................................................................................... 111
12.13.5 Update.................................................................................................. 112
12.13.6 Updating the Firmware ........................................................................ 113
12.13.7 Uploading the Configuration File ......................................................... 115
12.13.8 Download ............................................................................................. 116
12.13.9 Sandbox ............................................................................................... 116
12.13.10 Debugging............................................................................................ 118
13 Maintenance, Repair and Troubleshooting...........................................119
13.1 Maintenance......................................................................................................119
13.2 Troubleshooting.................................................................................................119
13.3 Repair ................................................................................................................119
14 Waste Disposal ....................................................................................120
14.1 Repurchasing of Legacy Systems......................................................................120
15 Declaration of Conformity .................................................................... 121
16 Export Regulation ................................................................................122
6 Jan-12
Page 7
17 Licenses...............................................................................................123
17.1 GNU GENERAL PUBLIC LICENSE .....................................................................123
17.2 GNU LIBRARY GENERAL PUBLIC LICENSE ......................................................126
17.3 Other Licenses...................................................................................................131
18 International Safety Instructions ..........................................................133
18.1 Safety Precautions.............................................................................................133
19 Glossary ...............................................................................................135
20 Tables and Diagrams............................................................................138
20.1 List of Tables .....................................................................................................138
20.2 List of Diagrams ................................................................................................138
21 Index ....................................................................................................139
Contents
Jan-12 7
Page 8
Preface MoRoS GPRS 2.1 PRO
1 Preface
This manual allows for the safe and efficient use of the product. The manual is part
of the product and must always be stored accessible for installation, commissioning
and operating personnel.
1.1 Defects Liability Terms
A usage not according to the intended purpose, an ignorance of this documentation,
the use of insufficiently qualified personnel as well as unauthorised modifications
exclude the liability of the manufacturer for damages resulting from this. The liability
of the manufacturer ceases to exist.
The regulations of our Delivery and Purchasing Conditions are effective. These can
be found on our website (www.insys-icom.de/imprint/) under “General Terms and
Conditions“.
8
Page 9
MoRoS GPRS 2.1 PRO Preface
1.2 Marking of Warnings and Notes
1.2.1 Symbols and Key Words
Danger!
Risk of severe or fatal injury
One of these symbols in conjunction with the key word
Danger indicates an imminent danger. It will cause death or
severe injuries if not avoided.
Warning!
Personal injury
This symbol in conjunction with the key word Warning indicates a possibly hazardous situation. It might cause death
or severe injuries if not avoided.
Caution!
Slight injury and / or material damage
This symbol in conjunction with the key word Caution indicates a possibly hazardous or harmful situation. It might
cause slight or minor injuries or a damage of the product or
something in its vicinity if not avoided.
Note
Improvement of the application
This symbol in conjunction with the key word Note indicates hints for the user or very useful information. This information helps with installation, set-up and operation of
the product to ensure a fault-free operation.
9
Page 10
Preface MoRoS GPRS 2.1 PRO
1.3 Symbols and the Formatting in this Manual
This section describes the definition, formatting and symbols used in this manual.
The various symbols are meant to help you read and find the information relevant to
you. The following text is structured like a typical operating instruction of this manual.
Bold print: This will tell you what the following steps will result in
After that, there will be a detailed explanation why you could perform the fol-
lowing steps to be able to reach the objective indicated first. You can decide
whether the section is relevant for you or not.
An arrow will indicate prerequisites which must be fulfilled to be able to
process the subsequent steps in a meaningful way. You will also learn which
software or which equipment you will need.
1. One individual action step: This tells you what you need to do at this
point. The steps are numbered for better orientation.
A result which you will receive after performing a step will be marked
with a check mark. At this point, you can check if the previous steps
were successful.
Additional information which you should consider are marked with a
circled "i". At this point, we will indicate possible error sources and tell
you how to avoid them.
Alternative results and steps are marked with an arrow. This will tell
you how to reach the same results performing different steps, or what
you could do if you didn't reach the expected results at this point.
10
Page 11
MoRoS GPRS 2.1 PRO Safety
2 Safety
The Safety section provides an overview about the safety instructions, which must
be observed for the operation of the product.
The product is constructed according to the currently valid state-of-the-art technology and reliable in operation. It has been checked and left the factory in flawless
condition concerning safety. In order to maintain this condition during the service
life, the instructions of the valid publications and certificates must be observed and
followed.
It is necessary to adhere to the general safety instructions must when operating the
product. The descriptions of processes and operation procedures are provided with
precise safety instructions in the respective sections in addition to the general safety
instructions.
Moreover, the local accident prevention regulations and general safety regulations
for the operating conditions of the device are effective.
An optimum protection of the personnel and the environment from hazards as well
as a safe and fault-free operation of the product is only possible if all safety instructions are observed.
2.1 Usage According to the Regulations
The product may only be used for the purposes specified in the function overview.
In addition, it may be used for the following purposes:
Usage and mounting in an industrial cabinet.
Switching and data transmission functions in machines according to
the machine directive 2006/42/EC.
Usage as data transmission device for a PLC.
The product may not be used for the following purposes and used or operated under
the following conditions:
Controlling or switching of machines and systems, which do not com-
ply with the directive 2006/42/EC.
Usage, controlling, switching and data transmission of machines and
systems, which are operated in explosive atmospheres.
Controlling, switching and data transmission of machines, which may
involve risks to life and limb due to their functions or when a breakdown occurs.
11
Page 12
Safety MoRoS GPRS 2.1 PRO
2.2 Permissible Technical Limits
The product is only intended for the use within the permissible technical limits specified in the data sheets.
The following permissible limits must be observed:
The ambient temperature limits must not be fallen below or exceeded.
The supply voltage range must not be fallen below or exceeded.
The maximum humidity must not be exceeded and condensate forma-
tion must be prevented.
The maximum switching voltage and the maximum switching current
load must not be exceeded.
The maximum input voltage and the maximum input current must not
be exceeded.
2.3 Responsibilities of the Operator
As a matter of principle, the operator must observe the legal regulations, which are
valid in his country, concerning operation, functional test, repair and maintenance of
electrical devices.
2.4 Qualification of the Personnel
The installation, commissioning and maintenance of the product must only be performed by trained expert personnel, which has been authorised by the plant operator. The expert personnel must have read and understood this documentation and
observe the instructions.
Electrical connection and commissioning must only be performed by a person, who
is able to work on electrical installations and identify and avoid possible hazards independently, based on professional training, knowledge and experience as well as
knowledge of the relevant standards and regulations.
2.5 Instructions for Transport and Storage
The following instructions must be observed:
Do not expose the product to moisture and other potential hazardous
environmental conditions (radiation, gases, etc.) during transport and
storage. Pack product accordingly.
Pack product sufficiently to protect it against shocks during transport
and storage, e.g. using air-cushioned packing material.
Check product for possible damages, which might have been caused by improper
transport, before installation. Transport damages must be noted down to the shipping documents. All claims or damages must be filed immediately and before installation against the carrier or party responsible for the storage.
12
Page 13
MoRoS GPRS 2.1 PRO Safety
2.6 Markings on the Product
The identification plate of the product is either a print or a label on a face of the
product. Amongst other things, it contains the following markings, which are explained in detail here.
Observe manual
This symbol indicates that the manual of the product contains essential safety instructions that must be followed
implicitly.
Dispose waste electronic equipment environmentally
This symbol indicates that waste electronic equipment
must be disposed separately from residual waste via appropriate collecting points. See also Section Disposal in this
manual.
CE marking
By applying a CE marking, the manufacturer confirms that
the product complies with the European directives that apply product-specific.
Appliance Class II – double insulated
This symbol indicates that the product complies with Appliance Class II
2.7 Environmental Protection
Dispose the product and the packaging according to the relevant environmental protection regulations. The Waste Disposal section in this manual contains notes about
disposing the product. Separate the packaging components of cardboard and paper
as well as plastic and deliver them to the respective collection systems for recycling.
13
Page 14
Safety MoRoS GPRS 2.1 PRO
2.8 Safety Instructions for Electrical Installation
The electrical connection must only be made by authorised expert personnel according to the wiring diagrams.
The notes to the electrical connection in the manual must be observed. Otherwise,
the protection category might be affected.
The safe disconnection of circuits, which are hazardous when touched, is only ensured if the connected devices meet the requirements of VDE T.101 (Basic requirements for safe disconnection).
The supply lines are to be routed apart from circuits, which are hazardous when
touched, or isolated additionally for a safe disconnection.
2.9 General Safety Instructions
Caution!
Moisture and liquids from the environment may seep into
the interior of the product!
Fire hazard and damage of the product.
The product must not be used in wet or damp environments, or in the direct vicinity of water. Install the product
at a dry location, protected from water spray. Disconnect
the power supply before you perform any work on a device
which may have been in contact with moisture.
Caution!
Short circuits and damage due to improper repairs and
modifications as well as opening of maintenance areas.
Fire hazard and damage of the product.
It is not permitted to open the product for repair or modification.
Caution!
Overcurrent of the device supply!
Fire hazard and damage of the product due to overcurrent.
14
The product must be secured with a suitable fuse against
currents exceeding 1.6 A.
Page 15
MoRoS GPRS 2.1 PRO Safety
Caution!
Overvoltage and voltage peaks from the mains supply!
Fire hazard and damage of the product due to overvoltage.
Install suitable overvoltage protection.
Caution!
Damage due to chemicals!
Ketones and chlorinated hydrocarbons dissolve the plastic
housing and damage the surface of the device.
Never let the device come into contact with ketones (e.g.
acetone) or chlorinated hydrocarbons, such as dichloromethane.
Caution!
Distance from antennas to persons!
A too low distance from GSM antennas to persons can affect the health.
Please observe to keep a minimum distance of 20 cm between the GSM antenna and persons during operation.
Note
Export restriction for FCC!
Possible offence against approval regulations.
If the final product is not approved in the U.S. territories,
the application manufacturer shall take care that the
850 MHz and 1900 MHz frequency bands be deactivated
and that band settings be inaccessible to end users. If these
demands are not met (e.g. if the AT interface is accessible
to end users), it is the responsibility of the application
manufacturer to always ensure that the application be not
exported to countries within the area of validity of the FCC.
15
Page 16
Using Open Source Software MoRoS GPRS 2.1 PRO
3 Using Open Source Software
3.1 General Information
Our product MoRoS GPRS 2.1 PRO contains, amongst others, so-called open-source
software that is provided by third parties and has been published for free public use.
The open-source software is subject to special open-source software licenses and
the copyright of third parties. Basically, each customer can use the open-source
software freely in compliance with the licensing terms of the respective producers.
The rights of the customer to use the open-source software beyond the purpose of
our product are regulated in detail by the respective concerned open-source software licenses. The customer use the open-source software freely, as provided in the
respective effective license, beyond the purpose that the open-source software gets
in our product. In case there is a contradiction between the licensing terms for our
product and the respective open-source software license, the respective relevant
open-source software license takes priority over our licensing terms, as far as the
respective open-source software is concerned by this.
The use of the used open-source software is possible free of charge. We do not demand usage fees or any comparable fees for the use of the open-source software
contained in our product. The use of the open-source software in our product by the
customer is not part of the earnings we achieve with the contractual compensation.
All open-source software programs contained in our product can be taken from the
available list. The most important open-source software licenses are listed in the Licenses section at the end of this publication.
As far as programs contained in our product are subject to the GNU General Public
License (GPL), GNU Lesser General Public License (LGPL), Clarified Artistic License
or another open-source software license, which regulates that the source code must
be made available, and if this software is not already delivered in source code on a
data carrier with our product, we will send you this at any time upon request. If it is
required to send this on a data carrier, the sending will be made against payment of
a cost compensation of € 10,00. Our offer to send the source code upon request
ceases automatically 3 years after delivery of our product to the customer. Requests
must be directed to the following address, if possible under specification of the serial number:
INSYS MICROELECTRONICS GmbH
Waffnergasse 8
93047 Regensburg, Germany
Phone +49 941 58692-0
Fax +49 941 58692-45
E-mail: info@insys-icom.de
16
Page 17
MoRoS GPRS 2.1 PRO Using Open Source Software
3.2 Special Liability Regulations
We do not assume any warranty or liability, if the open-source software programs
contained in our product are used by the customer in a manner that does not comply any more with the purpose of the contract, which is the basis of the acquisition
of our product. This concerns in particular any use of the open-source software programs outside of our product. The warranty and liability regulations that are provided by the respective effective open-source software license for the respective
open-source software as listed in the following are effective for the use of the opensource software beyond the purpose of the contract. In particular, we are not liable,
if the open-source software in our product or the complete software configuration in
our product is changed. The warranty granted with the contract, which is the basis
of the acquisition of our product., is only effective for the unchanged open-source
software and the unchanged software configuration in our product.
3.3 Used Open-Source Software
Please contact our support department (support@insys-icom.de) for a list of the
open-source software used in this product.
17
Page 18
Scope of Delivery MoRoS GPRS 2.1 PRO
4 Scope of Delivery
The scope of delivery for the MoRoS GPRS 2.1 PRO includes all accessories listed below.
Please check if all accessories are included in the box. If a part is missing or damaged,
please contact your distributor.
1 MoRoS GPRS 2.1 PRO
1 Quick Installation Guide
1 Support CD with Manual in PDF format
The scope of delivery of the MoRoS GPRS 2.1 PRO does not include optional accessories.
The following parts are available from your distributor or from INSYS MICROELECTRONICS:
GSM antenna with magnetic base
The following related documents for the MoRoS GPRS 2.1 PRO can be found on the delivered Support CD or in the download area and on the product page of the MoRoS GPRS 2.1
PRO under www.insys-tec.de:
Add-On Manual ASCII Configuration File
Add-On Manual Automatic Update
18
Page 19
MoRoS GPRS 2.1 PRO Technical Data
5 Technical Data
5.1 Physical Features
All specified data was measured with nominal input voltage, at full load, and an ambient temperature of 25 °C. The limit value tolerances are subject to the usual variations.
Physical Feature Value
Operating voltage minimum 10 V DC
maximum 60 V DC
Power consumption idle approx. 3 W
Power consumption connection approx. 6.5 W
Level inputs HIGH level = 3-12 V (contact open or
voltage strength for external supply)
LOW level = 0-1 V
Power consumption of an active input
against GND (internal 3.3 V)
Switch output, maximum switch voltage
Switch output, maximum current load 1 A (DC) / 0.5 A (AC)
Transmitted output:
EGSM 850 and 900: Class 4
EGSM 1800 and 1900: Class 1
EGSM 850 and 900: Class E2
GSM 1800 and 1900: Class E2
Weight 350 g
Dimensions (Width x Depth x Height) 70 mm x 110 mm x 75 mm
Temperature range -20° C … 55° C
Maximum permissible humidity 95% non-condensing
Typically 0.5 mA (when enabling the
input by connecting to GND)
30 V (DC) / 42 V (AC)
2 W
1 W
0.5 W
0.5 W
IP rating Housing IP40, Terminals IP20
Table 1: Physical Features
19
Page 20
Technical Data MoRoS GPRS 2.1 PRO
5.2 Technological Features
Technological Feature Description
GSM frequencies (2G) 850, 900, 1800, 1900 MHz
SIM card reader Support for 1.8 V and 3.0 V SIM cards
SMS SMS dispatch; incoming SMS can be received,
but cannot be accessed via the web interface.
CSD up to 14.4 kBit/s
GPRS GPRS Multislot Class 12, Coding scheme 1 bis 4,
PBCCH, Mobile Station Class B
EDGE (EGPRS) EDGE Multislot Class 10, Modulation and Coding
Scheme MCS 1-9
Table 2: Technological Features
20
Page 21
MoRoS GPRS 2.1 PRO Display and Control Elements
6 Display and Control Elements
8
7
6
5
4
3
2
1
Figure 1: Display and control elements on the front of the device
Position Description
1 Status/VPN LED
9
10
11
12
13
14
15
2 Data/Signal LED
3 COM LED
4 Power LED
5 SIM card 2 - eject button
6 SIM card 2 - card holder
7 SIM card 1 - card holder
8 SIM card 1 - eject button
9 Status LED for Switch LAN 4
10 Status LED for Switch LAN 3
11 Reset key
12 Status LED for Switch LAN 2
13 Status LED for Switch LAN 1
14 Status LED for Switch LAN 5 / ext
15 Status LED for Switch LAN 5 / ext
Table 3: Description of the display and control elements on the front panel of the device
21
Page 22
Display and Control Elements MoRoS GPRS 2.1 PRO
6.1 Meaning of the display elements
LED Colour Function off flashing blinking on
Switch
LAN 1-4
Switch
LAN 5
green
orange
green
Link 100
Mbit/s
Link 10 Mbit/s
Link 100
Mbit/s
Data traffic
Data traffic
connected
connected
Power green Supply missing present
green Connect
yellow Link 10 Mbit/s
COM
Data /
Signal
orange
PPP link
green SIM card 1
orange
SIM card 2
offline established
no signal
or
logged
out
PPP
data
traffic
Field
strength
(see
Table 5)
VPN connec-
Status /
VPN
green VPN
red Status
tion established
Initialization,
FW update,
fault
Table 4: Meaning of display elements
Blinking interval LED signal Quality Signal quality
900 ms on, 100 ms off 20 .. 32 very good
200 ms on, 200 ms off 13 .. 19 good
100 ms on, 900 ms off 0 .. 12 poor
off 99 (not detectable) insufficient
Table 5: Blinking code of the data/signal LED
22
Page 23
MoRoS GPRS 2.1 PRO Display and Control Elements
6.2 Function of the Control Elements
Description Operation Meaning
Reset key
Press once for a short
time.
Resets the MoRoS GPRS
2.1 PRO via software and
restarts it.
(Soft reset)
Press at least 3 seconds. Resets the hardware and
restarts the MoRoS GPRS
2.1 PRO.
(Hard reset)
Press three times for a
short time within 2 seconds.
Deletes all settings of the
MoRoS GPRS 2.1 PRO and
resets the device to the
factory defaults.
SIM card eject button Press with a pointed ob-
Ejects the SIM card holder.
ject
Table 6: Description of the functions and meaning of the control elements
23
Page 24
Connections MoRoS GPRS 2.1 PRO
7 Connections
7.1 Front Panel Connections
3
2
1
Figure 2: Connections on the front panel of the device
Position Description
1 GSM antenna connection (FME socket)
2 Serial interface (RS232 connection V.24/V.28)
3 Switch with 4 Ethernet ports (RJ45, 10/100 BT)
4 Ethernet port (RJ45, 10/100 BT)
Table 7: Description of the connections on the front panel of the device
4
24
Page 25
MoRoS GPRS 2.1 PRO Connections
7.2 Terminal Connections on the Top
Figure 3: Connections on the top of the device
Terminal Description Description
1 OUT 1-NC Output 1 normally closed
2 OUT 1 Output 1
3
4 OUT 2-NC Output 2 normally closed
5 OUT 2 Output 2
6 OUT 2-NO Output 2 normally open
Table 8: Description of the connections on the top of the device
OUT 1-NO Output 1 normally open
25
Page 26
Connections MoRoS GPRS 2.1 PRO
7.3 Terminal Connections on the Bottom
Figure 4: Connections on the bottom of the device
Terminal Description Description
19
20 Input 2 Input 2
21 Input 1 Input 1
22 GND Ground
23 Reset Reset input
24 GND Ground
25 10 ... 60 VDC Power supply 10 V – 60 V DC
26 GND Ground
Table 9: Description of the connections on the bottom of the device
GND Ground
26
Page 27
MoRoS GPRS 2.1 PRO Connections
7.4 Pin Assignment of the Serial Interface
Figure 5: 9-pin D-Sub connection at the device
Pin Signal Description
1 DCD Data Carrier Detect
2 RXD Receive Data
3
4 DTR Data Terminal Ready
5 GND Ground
6 DSR Data Set Ready
7 RTS Request To Send
8 CTS Clear To Send
9 RI Ring Indication
Table 10: Description of the pin allocation of the D-Sub connector
TXD Transmit Data
27
Page 28
Function Overview MoRoS GPRS 2.1 PRO
8 Function Overview
The MoRoS GPRS 2.1 PRO provides you with the following functions:
Configuration via web interface or ASCII configuration file
All functions of the MoRoS GPRS 2.1 PRO can be configured and set
via a web interface. The access to the web interface is protected with a
user name and password query. The TCP port which is used to access
the web interface can be set freely. Alternatively, an ASCII file can also
be uploaded, which contains the configuration of the MoRoS GPRS 2.1
PRO.
Serial Ethernet gateway
The MoRoS GPRS 2.1 PRO can output arriving data from a certain
network port at the serial interface. Also, data arriving at the serial interface are sent to an IP remote terminal. Together with the INSYS
VCom driver, the serial Ethernet gateway enables the transmission of a
serial connection via a network.
DHCP server
Ethernet devices connected to the switch can retrieve their IP address
automatically from the MoRoS GPRS 2.1 PRO.
DHCP client
The MoRoS GPRS 2.1 PRO retrieves IP addresses from the network
automatically at the LAN ext interface optionally.
Static IP address
A static IP address can be configured for the LAN ext interface of the
MoRoS GPRS 2.1 PRO.
DSL leased line operation
The MoRoS GPRS 2.1 PRO can establish and maintain a permanent
connection via a DSL ("PPP over Ethernet") connection. A DSL modem
can be connected via the LAN ext interface for this. This makes it possible to communicate with an external network via a "leased line".
Periodic DSL connection set-up
The MoRoS GPRS 2.1 PRO can establish and terminate a DSL (PPPoE)
connection time-controlled. Fixed times can be specified for the connection set-up and termination.
Dynamic DSL connection set-up
The MoRoS GPRS 2.1 PRO can independently establish a DSL (PPPoE)
connection time, if required. The connection will be terminated again
after a configurable idle time or after a configurable maximum connection time.
28
Page 29
MoRoS GPRS 2.1 PRO Function Overview
Dialling filters for DSL connection set-up
The dialling filters allow to define, which data packets lead to a PPPoE
connection set-up. This helps to avoid needless connections and save
costs.
NAT and port forwarding
The MoRoS GPRS 2.1 PRO is a router, which can also send data pack-
ets via NAT and port forwarding. According to defined rules, the MoRoS GPRS 2.1 PRO will send incoming IP packets to definable ports
and port ranges at IP addresses and ports in the LAN.
Dial-in PPP server
The MoRoS GPRS 2.1 PRO can be used as PPP dial-in server. Similar to
an Internet service provider, a caller can establish a PPP connection to
the MoRoS GPRS 2.1 PRO to access the network behind it.
Establishing a PPP connection via an incoming call (callback)
The MoRoS GPRS 2.1 PRO identifies calls and will automatically estab-
lish a PPP connection to a previously determined remote terminal (e.g.
an Internet service provider). The caller who triggers the connection
setup can identify himself via a PPP authentication method.
Establishing a PPP connection via a digital input
The MoRoS GPRS 2.1 PRO will establish a PPP connection to a previ-
ously determined remote terminal (e.g. an Internet Service Provider) after triggering by a digital input. It is also possible to maintain this connection only as long as the signal is present.
Automatic dialling of a PPP terminal (dial-out)
The MoRoS GPRS 2.1 PRO will establish a connection to a PPP termi-
nal (e.g. Internet service provider), as soon as it registers outgoing
network traffic.
Dialling filter for initiating a connection establishment
You can use rules to define which network traffic or network partici-
pant may trigger a connection setup.
PPP Leased line operation
The MoRoS GPRS 2.1 PRO can establish and maintain a permanent
connection via a "dial-up line". This makes it possible to communicate
with a network via a dial-up connection such as a "leased line".
Periodic PPP connection setup
The MoRoS GPRS 2.1 PRO can establish and terminate a PPP connec-
tion time-controlled. Fixed times can be set for the connection setup
and termination.
29
Page 30
Function Overview MoRoS GPRS 2.1 PRO
OpenVPN
The MoRoS GPRS 2.1 PRO can be used as OpenVPN server or client.
This enables machines to establish a safe connection to the LAN behind the MoRoS GPRS 2.1 PRO from the outside via an unsafe network. Prerequisite for this is that the device can be accessed via a
packet-switched connection (public IP address) or a CSD connection is
maintained permanently. The MoRoS GPRS 2.1 PRO can also connect
an entire LAN interception-proof and interference-proof via an unsafe
Internet connection through a VPN tunnel to another network (e.g. the
company network). The authentication when connecting to an
OpenVPN server via a static key, a certificate with user name and
password, or just a certificate is supported with this. The MoRoS GPRS
2.1 PRO can also establish an OpenVPN connection without authentication.
PPTP
The MoRoS GPRS 2.1 PRO can be used as PPTP server or client. This
enables machines to establish a safe connection to the LAN behind the
MoRoS GPRS 2.1 PRO from the outside via an unsafe network. Prerequisite for this is that the device can be accessed via a packetswitched connection (public IP address) or a CSD connection is maintained permanently. The MoRoS GPRS 2.1 PRO can also connect an
entire LAN interception-proof and interference-proof via an unsafe
Internet connection through a VPN tunnel to another network (e.g. the
company network).
IPsec protocol
The MoRoS GPRS 2.1 PRO can connect two subnets via an insecure
internet connection tap- and interference-proof via an IPsec tunnel. The
authentication when connecting to an IPsec terminal device via certificates or a passphrase (PSK) is supported with this. Up to 10 tunnels
can be established at the same time.
IPT protocol
The MoRoS GPRS 2.1 PRO supports the communication via IPT (Inter-
net Protocol Telemetry). The MoRoS GPRS 2.1 PRO can connect to an
IPT master as IPT slave and tunnel payload of the serial Ethernet gateway to another IPT slave.
Dynamic DNS update
The assigned IP address can be deposited at a dynamic DNS service
(e.g. DynDNS) after the set-up of a PPPoE connection to an internet
service provider . The MoRoS GPRS 2.1 PRO can be contacted out of
the Internet.
30
Page 31
MoRoS GPRS 2.1 PRO Function Overview
Firewall (stateful firewall)
The MoRoS GPRS 2.1 PRO firewall enables the limitation of incoming
and outgoing IP connections. A flexible rule may be created for each
connection and stored user. If one of these firewall rules applies to a
connection through the MoRoS GPRS 2.1 PRO, this connection will be
allowed, otherwise the connection is inhibited. This will increase the
security by not permitting unauthorized access to the network behind
the MoRoS GPRS 2.1 PRO.
"Stateful firewall" means that the MoRoS GPRS 2.1 PRO will automatically adjust the firewall for the data traffic that was initiated by authorised data packets. This will allow connections also for protocols with
special requirements, e.g. FTP.
Configurable Ethernet switch
For each port at the switch of the MoRoS GPRS 2.1 PRO, the transmis-
sion rate, the transmission mode and the LED display for certain network events may be set individually. The MoRoS GPRS 2.1 PRO detects the settings automatically when configured with factory settings.
The switch can be divided in up to four VLANs.
Port mirroring at the Ethernet switch for analysis purposes
A port at the switch of the MoRoS GPRS 2.1 PRO can reproduce a
copy of the data at another network port of the switch. At these mirror
ports, the transmitted data can be read for analysis purposes (e.g. for
intrusion detection systems, problem analysis of end terminals), without affecting the network traffic.
E-Mail and SMS dispatch as well as SNMP trap triggering on different
events
The MoRoS GPRS 2.1 PRO can send an e-mail or SMS to any recipient
on different events or trigger an SNMP trap. A series of pre-define
events are available for this, like signals at input 1 or set-up of connections for example.
SMS receipt
The MoRoS GPRS 2.1 PRO can be configured for receiving SMS. Dif-
ferent commands can be transmitted to the MoRoS GPRS 2.1 PRO
with this, optionally also password-protected. SMS that cannot be
evaluated can be forwarded to sandbox and evaluated there.
SNMP agent for processing SNMP requests
The MoRoS GPRS 2.1 PRO can respond to incoming SNMP requests
(SNMP Get requests) if the SNMP agent is enabled. Almost all configuration parameters can be read out with this.
31
Page 32
Function Overview MoRoS GPRS 2.1 PRO
Digital switch outputs and inputs
The MoRoS GPRS 2.1 PRO has two potential-free control outputs,
which can be used to switch other functions in an application. The
MoRoS GPRS 2.1 PRO also has digital inputs, which are used to establish connections or to send messages via e-mail or SMS.
Time synchronisation via NTP
The MoRoS GPRS 2.1 PRO can synchronize its system time via the
Network Time Protocol with an NTP server in the Internet. The system
time will thus always be current and the internal clock must not be set
manually.
HTTP and HTTPS proxy with URL filter
The proxy is used to limit the access to web addresses for applications
in the local network of the MoRoS GPRS 2.1 PRO, and to avoid connection timeouts. The MoRoS GPRS 2.1 PRO supports the HTTP and
HTTPS protocols. The proxy of the MoRoS GPRS 2.1 PRO maintains
connections during the connection setup of the communication device
to prevent a premature timeout. The proxy will not work as a cache for
frequently accessed websites
Log files
Different log files of the MoRoS GPRS 2.1 PRO can be downloaded as
text file via the web interface.
Downloadable configuration files
The configuration of the MoRoS GPRS 2.1 PRO can be downloaded as
binary or ASCII file. The file can be used as backup copy to configure
the MoRoS GPRS 2.1 PRO after a reset to factory defaults, or for convenient loading of the same configuration into a different MoRoS GPRS
2.1 PRO. The ASCII configuration file can be edited and offers a comfortable option for an alternative configuration.
Firmware update via web interface
The firmware of the MoRoS GPRS 2.1 PRO can be updated via the web
interface. An update can be performed locally or remotely.
Automatic daily update
The MoRoS GPRS 2.1 PRO allows a daily automatic update of firmware
files, configuration files (binary and ASCII) or sandbox image files that
are provided accordingly on a server.
An optional, redundant communication device may be connected.
You can connect a second INSYS communication device via the serial
interface to the MoRoS GPRS 2.1 PRO, to secure the dial-out and dialin communication through redundancy and to increase the availability.
32
Page 33
MoRoS GPRS 2.1 PRO Function Overview
Redundant WAN interface
The MoRoS GPRS 2.1 PRO enables to use the integrated communica-
tion device as redundant WAN interface in case of connection problems via the LAN ext interface.
Freely programmable sandbox
The MoRoS GPRS 2.1 PRO provides a freely programmable sandbox.
The sandbox is a kind of a virtual machine, which runs on the MoRoS
GPRS 2.1 PRO and allows to start programs, collect data and offer services in the sandbox, which do not exist in the actual system.
Debugging tools for analysing network connections
The MoRoS GPRS 2.1 PRO offers several tools for analysing problems
with network connections. Ping packets can be sent, routes of IP
packets can be traced, DNS information can be queried and network
packets can be recorded with this.
33
Page 34
Mounting MoRoS GPRS 2.1 PRO
9 Mounting
This section describes how to mount the MoRoS GPRS 2.1 PRO to a DIN rail,
connect the power supply and uninstall it again. Observe the instructions in the
"Safety" section of this manual, in particular the "Safety Instructions for Electrical Installation" for that purpose unconditionally.
Caution!
Moisture and liquids from the environment may seep into
the interior of the MoRoS GPRS 2.1 PRO!
Fire hazard and damage of the product.
The MoRoS GPRS 2.1 PRO must not be used in wet or
damp environments, or in the direct vicinity of water. Install
the MoRoS GPRS 2.1 PRO at a dry location, protected from
water spray. Disconnect the power supply before you perform any work on a MoRoS GPRS 2.1 PRO which may have
been in contact with moisture.
Caution!
The device could be destroyed if the wrong power supply is
used!
If the MoRoS GPRS 2.1 PRO is operated with a power supply that supplies a voltage exceeding the permissible operating voltage of the MoRoS GPRS 2.1 PRO, the device will
be destroyed.
Make sure that you use the suitable power supply. Refer to
the section Technical Data for the proper voltage range of
the MoRoS GPRS 2.1 PRO.
34
Page 35
MoRoS GPRS 2.1 PRO Mounting
Mounting the device to the DIN rail
How to mount the MoRoS GPRS 2.1 PRO to a DIN rail:
1. Position the device at the DIN rail as seen in the following diagram.
There are two snap-in hooks at the upper and lower edge of the DIN
rail groove of MoRoS GPRS 2.1 PRO. Hook the upper one into place
behind the upper edge of the DIN rail.
2. Lift the MoRoS GPRS 2.1 PRO perpendicular to the DIN rail until the
two lower, flexible snap-in hooks engage in the DIN rail.
The MoRoS GPRS 2.1 PRO is now readily mounted.
Connecting the power supply
The device has already been mounted to the DIN rail.
The power supply is connected and switched off.
1. Connect the ground lead of the power supply to the terminal "GND".
2. Connect the plus pole of the power supply to the terminal for the po-
wer supply.
The MoRoS GPRS 2.1 PRO is now connected to the power supply.
Disconnecting the power supply
35
Page 36
Mounting MoRoS GPRS 2.1 PRO
The device is mounted to the DIN rail.
The power supply is connected and switched off.
1. Disconnect the ground lead of the power supply from the terminal
"GND".
2. Disconnect the
power supply.
plus pole of the power supply from the terminal for the
The MoRoS GPRS 2.1 PRO is disconnected from the power supply.
Uninstalling the device from the DIN rail
How to uninstall the MoRoS GPRS 2.1 PRO from a DIN rail in a switch cabinet:
You will need a Phillips screwdriver with a 4.5 mm blade.
The power supply of the switch cabinet is switched off and secured against
being switched on accidentally.
All cables at the MoRoS GPRS 2.1 PRO are disconnected.
1.
Insert the Philips screwdriver into the groove in the bottom of the MoRoS GPRS 2.1 PRO as shown in the following figure.
2. Turn the Philips screwdriver into the direction of the MoRoS GPRS 2.1
PRO as shown in the following figure.
36
Page 37
MoRoS GPRS 2.1 PRO Mounting
The plastic spring of the snap-in hook is stretched.
3. While you hold the plastic spring apart with the lower snap-in hooks,
pull the MoRoS GPRS 2.1 PRO away from the DIN rail.
4. Un-hook the MoRoS GPRS 2.1 PRO and take it off perpendicularly to
the DIN rail.
The MoRoS GPRS 2.1 PRO is now removed.
37
Page 38
Initial Operation MoRoS GPRS 2.1 PRO
10 Initial Operation
This chapter describes how to commission the MoRoS GPRS 2.1 PRO, i.e. how to
connect the MoRoS GPRS 2.1 PRO to a PC, and how to prepare it for the configuration.
Insert SIM card into the MoRoS GPRS 2.1 PRO.
How to insert the SIM card into the MoRoS GPRS 2.1 PRO.
The power supply of the MoRoS GPRS 2.1 PRO is disabled.
You will need a functionable SIM card of your mobile provider.
You will also need the according PIN.
You will need a pointed object to operate the eject button of the SIM card
holder, e.g. a screwdriver with a blade of max. 1.5 mm.
1. Press the eject button of the SIM card holder of SIM card 1 with the
pointed object.
If only one SIM card is used, this must always be inserted into the card
holder of SIM card 1!
The SIM card holder will be ejected a little bit out of the housing.
2. Remove the SIM card holder.
3. Insert your SIM card into the card holder.
The SIM card will only fit into the SIM card holder in one position.
Make sure that the SIM card does not extend over the card holder.
4. Insert the SIM card holder together with the SIM card into the MoRoS
GPRS 2.1 PRO. The con
wall (for SIM card 1).
5. Using one finger, carefully push the SIM card holder with the inse
SIM card into the housing, until the card holder snaps into place.
tacts of the SIM card must face the left housing
rted
38
Page 39
MoRoS GPRS 2.1 PRO Initial Operation
The following figure shows how to insert the SIM card into the SIM
card holder for SIM card 1:
6. Enable the power supply of the MoRoS GPRS 2.1 PRO again.
You can use a second SIM card in the MoRoS GPRS 2.1 PRO alternatively. The MoRoS GPRS 2.1 PRO provides a second SIM card holder
for SIM card 2 for this.
The following figure shows how to insert the SIM card into the SIM
card holder for SIM card 2:
39
Page 40
Initial Operation MoRoS GPRS 2.1 PRO
Connecting the MoRoS GPRS 2.1 PRO to a GSM antenna and a PC
How to connect the MoRoS GPRS 2.1 PRO to a GSM antenna and, via a
network cable, to a PC.
The power supply of the MoRoS GPRS 2.1 PRO is disabled.
You will need Cat.5 network patch cables.
You will need a network card in the PC.
You will need a suitable GSM antenna (available from IN-
SYS MICROLECTRONICS).
The regulation of the Federal Communications Commission (FCC) id
valid for the USA, according to which the antenna must be installed and
operated in a distance of at least 20 cm to persons, not at the same
place with other antennas or senders, and must not have an antenna
gain of more than 8.4 dBi (GSM 1900) or 2.9.dBi (GSM 850).
1. Locate the RJ-45 socket of the network card at the PC.
2. Make sure not to use an ISDN socket, but the socket of the network
card, which you want to use to configure the MoRoS GPRS 2.1 PRO.
3. Plug one end of the network cable into the RJ45 socket of the PC net-
work card, and the other end into a network socket at the MoRoS
GPRS 2.1 PRO switch.
4. Connect the GSM antenna to the antenna connection of the MoRoS
GPRS 2.1 PRO.
Configuring the MoRoS GPRS 2.1 PRO
The MoRoS GPRS 2.1 PRO is connected to the PC.
The power supply of the MoRoS GPRS 2.1 PRO is enabled.
You have the required access rights to change the IP address of the network
card to which the MoRoS GPRS 2.1 PRO is connected.
1. Change the IP address of the network card to which the MoRoS GPRS
2.1 PRO is connected to an address, which starts with 192.168.1.
As an alternative, you may also configure your network card to "Automatic address allocation". The integrated DHCP server of the MoRoS
GPRS 2.1 PRO will then allocate an address from the according address
range to your network card.
Do not use the address 192.168.1.1. This is the factory default IP ad-
dress of the MoRoS GPRS 2.1 PRO. For example, use 192.168.1.2 as IP
address for the network card in your PC.
2. Open an Internet browser and enter the URL "http://192.168.1.1" into
the address bar.
40
Page 41
MoRoS GPRS 2.1 PRO Initial Operation
The browser loads the start page of the MoRoS GPRS 2.1 PRO.
If you see the message in your browser window that the page with this
address cannot be found, follow the following steps: Check, whether
your MoRoS GPRS 2.1 PRO is supplied with power. If yes, most probably a wrong IP address is configured in the MoRoS GPRS 2.1 PRO.
Press the reset key at the MoRoS GPRS 2.1 PRO three times within two
seconds and repeat this instruction from step 2.
A dialogue will prompt you to enter a user name and password for au-
thentication.
3. Enter the user name "insys"
and the password "moros".
User name and password are set as factory defaults. If the registratio
at the web interface does not work with the data ent
your MoRoS GPRS 2.1 PRO to the factory defaults.
Press the reset key at the MoRoS GPRS 2.1 PRO
seconds and repeat this instruction from step 2.
ered, just reset
three times within two
You should now see the start page of the web interface.
The MoRoS GPRS 2.1 PRO is installed suc
figuration.
cessfully and ready for con-
n
41
Page 42
Operating Principle MoRoS GPRS 2.1 PRO
11 Operating Principle
This chapter describes how to operate and configure the MoRoS GPRS 2.1 PRO.
The MoRoS GPRS 2.1 PRO is configured and operated using a web-based interface.
The interface itself is displayed and operated using a web browser.
11.1 Operating the Web Interface
The web interface allows easy configuration of the MoRoS GPRS 2.1 PRO using a web browser. All functions of the MoRoS GPRS 2.1 PRO can be configured via the interface. The operation is mostly self-explanatory. The interface
also provides an online help feature, which describes the meaning of possible
settings of the MoRoS GPRS 2.1 PRO. The online help is displayed by selecting
the option "Display help text" in the title bar below the language selection.
We urgently recommend to enable online help for the first configura-
tions to allow a quick and flawless configuration.
Configuring the MoRoS GPRS 2.1 PRO with the web interface
How to configure the MoRoS GPRS 2.1 PRO with the web interface.
The MoRoS GPRS 2.1 PRO is connected to a network and switched on.
A PC, which is physically connected to the same network as the MoRoS
GPRS 2.1 PRO.
The PC is configured in a way that it is also logically connected to the Mo-
RoS GPRS 2.1 PRO in the same network. The first three octets of the IP address of the PC and the MoRoS GPRS 2.1 PRO must be identical. For example, the MoRoS GPRS 2.1 PRO has the IP address 192.168.1.1. and the PC
has the IP address 192.168.1.2.
A web browser is installed on the PC.
1. Start the web browser.
2. Enter the IP address of the MoRoS GPRS 2.1 PRO in the address line.
The factory default IP address of the MoRoS GPRS 2.1 PRO is
192.168.1.1.
A dialogue will prompt you to enter the user name and the password
for authentication.
. Enter the user name and the password and click OK.
3
The default factory setting of the web interface are a
the user name is "insys", the password is "moros".
42
s follows:
Page 43
MoRoS GPRS 2.1 PRO Operating Principle
The start page of the web interface is displayed.
4. Use the menu on the left side to select the menu item, in which you
want to change settings.
ired settings. 5. Enter the requ
6. Click on the OK button on the according configuration page to save
the settings.
After you completed the configuration changes, always click the OK
button. Otherwise the settings will not be taken over when you change
to another page or close the browser.
11.2
Access via the HTTPS Protocol
The web
using the HTTPS protocol. The HTTPS protocol allows the authentication of the
servers (i.e. the MoRoS GPRS 2.1 PRO) as well as encrypting the data transmission.
If the MoRoS GPRS 2.1 PRO is accessed via the HT
time, the browser indicates that the MoRoS GPRS 2.1 PRO uses an invalid security certificate. The certificate is not trusted, because the certificate of the
Certification Authority (CA certificate) is unknown.
You can ignore this warning and add an exception fort his server or establish
the safe connection to this server nevertheless (depending on browser and op
erating system).
We recommend, downloading the CA certificate CA_MoRoS.crt fro
tificate page (http://www.insys-icom.de/certificate/) and import it into your
browser, to trust INSYS MICROELECTRONICS as Certification Authority. Proceed for this, as described in the documentation of your browser.
If INSYS MICROELECTRONICS is registered as Certification Authority with you
browser and you access the MoRoS GPRS 2.1 PRO again via the HTTPS proto
col, the browser indicates again that the MoRoS GPRS 2.1 PRO uses an invalid
security certificate. The certificate is not trusted, because the Common Name
of the certificate differs from your input in the address bar of you
The browser indicates that a different device is detected under this URL. The
Common Name of the certificate consists of the MAC address of the MoRoS
GPRS 2.1 PRO, while the colons are replaced with underscores.
interfacee allows a safe configuration of the MoRoS GPRS 2.1 PRO
TP S protocol fort he first
m the cer-
r browsers.
-
r
-
You can ignore this warning and add an exception fort his server or establish
the safe connection to this server nevertheless (depending on browser and operating system).
In order to eliminate this browser warning as well, you have to enter the Com
mon Name of the MoRoS GPRS 2.1 PRO to be accessed into the address bar
your browser. In order to route the URL to the correct device, the Common
Name must be assigned to the IP address of the MoRoS GPRS 2.1 PRO. You
can find out the Common Name by downloading the certificate from the Mo-
of
43
Page 44
Operating Principle MoRoS GPRS 2.1 PRO
RoS GPRS 2.1 PRO and viewing it. This process depends on your browser. The
process for configuring the assignment depends on your operating s
ystem:
Editing /etc/hosts (Linux/Unix)
Editing C:\WINDOWS\system32\drivers\etc\hosts (Windows XP)
Configur
efer to the documentation of your operating systems for more information
R
ing your own DNS server
about this.
44
Page 45
MoRoS GPRS 2.1 PRO Functions
12 Functions
12.1 Basic Settings
12.1.1 Web Interface (User Name, Password, Remote Configuration)
The web interface is used to configure the MoRoS GPRS 2.1 PRO. It is protected
against unauthorized access by a user name and password query. The web interface
can be configured for a configuration from a computer in the internal network or for
remote configuration. Then, you can also access the web interface from the WAN. A
remote configuration can also be performed via the HTTPS protocol. A location can
be entered for a better differentiation. You can specify the port, under which the
web interface can be accessed.
Configuration via the web interface
User name and password are entered in the menu "Basic Settings" on the
page "Web interface" in the field "Authentication".
The permissible configuration is activated using the respective checkbox.
The web interface port is defined in the entry field "Port for HTTP web interface" or "Port for HTTPS web interface". Port 80 (HTTP) or port 443
(HTTPS) is configured for the web interface of the MoRoS GPRS 2.1 PRO
by default.
A description or location of the router may be entered in the entry field
"Location". This description appears in the browser window title as well as
the start page of the web interface than and facilitates a differentiation if
more web interface windows are open.
Save your settings by clicking "OK".
45
Page 46
Functions MoRoS GPRS 2.1 PRO
12.1.2 Setting IP Addresses
It must be possible to access the MoRoS GPRS 2.1 PRO in the LAN under a certain
IP address. You must assign a static IP address for this.
A virtual network address can be assigned to the local network. Devices in the local
network can then be addresses with the virtual address via WAN. The MoRoS GPRS
2.1 PRO replaces the network portion of the virtual IP address with the network portion of the local network and forwards the packet to the destination.
Configuration with the web interface
In order to configure a static IP address, change in the "Basic Settings"
menu to the "IP address (LAN)" page.
Enter the IP address of the MoRoS GPRS 2.1 PRO in the LAN into the entry field "IP address" and the Subnet mask into the field "Netmask address".
When changing the local IP address, the address range of the DHCP
server will be adjusted to the new network automatically, if the netmask has not changed. The DHCP server will be disabled with a
changed netmask and must be configured manually. This is indicated in
a notification.
The MAC address of the MoRoS GPRS 2.1 PRO can be found in the entry
fields for the IP address and the network mask under "MAC address" on
this page.
In order to assign a virtual network address to the local network, check
the checkbox "Activate netmapping" and enter the address into the "Virtual network address" field (e.g. 192.168.2.0). This virtual address is only
visible from the WAN side.
If, for example, the local address is 192.168.1.1/255.255.255.0, an en-
tered virtual address 192.168.2.1 will be changed to 192.168.2.0 and
stored.
Save your settings by clicking "OK".
46
Page 47
MoRoS GPRS 2.1 PRO Functions
12.1.3 Enter Static Routes
You can define static routes for forwarding data packets in the MoRoS GPRS 2.1
PRO, which are loaded during system start.
Configuration with the web interface
In order to enter a static route, change in the menu "Basic Settings" to the
page "Routing".
Enter in the section "Add new route" the Net address, the Netmask as
well as the Gateway into the respective fields.
In order to delete an existing route, check under "Existing routes" the
checkbox of the route(s) to be deleted.
Save your settings by clicking "OK".
Neither a default gateway can be entered nor NAT can be enabled or
disabled here. This is configured for the respective interface in the
menus "Dial-In", "Dial-Out" or "LAN (ext)" on the respective page "Routing".
47
Page 48
Functions MoRoS GPRS 2.1 PRO
12.2 GSM/GPRS
12.2.1 Enter SIM Card PIN
The MoRoS GPRS 2.1 PRO enables to use two SIM cards. If only one SIM card is
used, this must be inserted into the card holder for SIM card 1. Additionally, a second SIM card can be inserted into the card holder for SIM card 2. An operation with
one SIM card in SIM 2 without a SIM card in SIM 1 is not intended.
The MoRoS GPRS 2.1 PRO will need the PIN of the inserted SIM card (if the SIM
card is protected by a PIN) to log into the mobile network and establish CSD or IP
connections.
Note!
Possible locking of the SIM card!
If a wrong PIN is entered, the SIM card may be locked, resulting in the MoRoS GPRS 2.1 PRO not being able to log
into the mobile network.
When entering or changing the PIN, make sure that you
enter the correct PIN for the SIM card. The SIM card may
be unlocked using the according PUK. To unlock the SIM
card with the PUK, you will need a mobile phone in which
you can insert the locked SIM card and enter the PUK. Alternatively, you can unlock the SIM card using a terminal
with the command AT+CPIN=PUK,NEW_PIN.
Configuration with the web interface
Enter the PIN of the inserted SIM card in the menu "GSM / GPRS" into the
entry field "PIN" for the respective SIM card (1 or 2).
Save your settings by clicking "OK".
An entered PIN is also stored if the activation of a SIM card has not
been successful. This is possible to allow a configuration without an inserted SIM card. Therefore, a wrong PIN is also stored!
48
Page 49
MoRoS GPRS 2.1 PRO Functions
12.2.2 Configure Network Selection
You can determine, into which mobile network the MoRoS GPRS 2.1 PRO should
log into. Your SIM card must support roaming for this. The MoRoS GPRS 2.1 PRO
can then connect to the strongest available network at the location, with a certain
preferred network (which may not necessarily be the strongest available network),
or exclusively with the network of a certain provider. If you determine a "Preferred
provider", the MoRoS GPRS 2.1 PRO will always attempt to connect to a network of
this provider. If the connection attempt to the network of the preferred provider fails,
the MoRoS GPRS 2.1 PRO will connect to the best available network of any provider. The settings are made for each SIM card separately.
Configuration with the web interface
In order to select the type of network, use the radio buttons in the menu
"GSM / GPRS" to choose if the MoRoS GPRS 2.1 PRO should log into the
strongest network, to a preferred provider and its network, or exclusively
into the network of a provider determined by you.
To ensure that the MoRoS GPRS 2.1 PRO gives preference to the network
of a certain provider when logging in, select in the menu "GSM / GPRS"
the radio button for the option "Preferred provider". Enter the number of
the provider into the entry field right of the option. You can obtain the
number of the provider using the link under the question mark next to
"Read provider list from modem" (the question mark only appears if a SIM
card is inserted and unlocked with the correct PIN). To read the data, a
SIM card must be inserted and the MoRoS GPRS 2.1 PRO must be logged
into a GSM/GPRS network.
To ensure that the MoRoS GPRS 2.1 PRO exclusively selects the network
of a certain provider when logging in, select in the menu "GSM / GPRS"
the radio button for the option "Only log into this provider". Enter the
number of the provider into the entry field right of the option. You can obtain the number of the provider using the link under the question mark
next to "Read provider list from modem" (the question mark only appears
if a SIM card is inserted and unlocked with the correct PIN).
Save your settings by clicking "OK".
49
Page 50
Functions MoRoS GPRS 2.1 PRO
12.2.3 Configure Daily Login and Logout
The MoRoS GPRS 2.1 PRO can log out of the mobile network and in again daily at a
specified time. This enables you to limit the connection to certain times. Using periodic logout and login, you will increase the availability of the MoRoS GPRS 2.1 PRO,
which may otherwise be impaired by several circumstances, which require a re-login
into the network, e.g. maintenance work at the mobile network. We recommend to
use this function.
We urgently recommend to login the MoRoS GPRS 2.1 PRO into the
mobile network again daily to get a high availability.
Configuration with the web interface
Enter the desired time for the daily logout in the menu "GSM / GPRS" into
the entry fields "Daily log-out at" in the format "hh:mm".
Enter the desired time for the daily login in the menu "GSM / GPRS" into
the entry fields "Daily log-in at" in the format "hh:mm".
Check the checkbox "Activate daily log-out and log-in" to enable the function.
Save your settings by clicking "OK".
12.2.4 Terminal
This function allows the direct transmission of AT commands to the communication
device of the MoRoS GPRS 2.1 PRO. The response is displayed directly below the
entry field.
Configuration with the web interface
Enter the desired AT command in the menu "GSM / GPRS" in the section
"Terminal" into the entry field "AT command".
Transmit the command by clicking "OK".
50
Page 51
MoRoS GPRS 2.1 PRO Functions
12.3 Dial-In
12.3.1 Configuring Dial-In
You can use the MoRoS GPRS 2.1 PRO as dial-in server or incoming PPP server. The
dial-in function allows for computers to connect remotely via modem through the
MoRoS GPRS 2.1 PRO to the network behind the MoRoS GPRS 2.1 PRO. Similar to
the dial-in with an Internet provider, users will authenticate themselves via user
name and password at the MoRoS GPRS 2.1 PRO. To authenticate the PPP users,
the methods PAP or CHAP are available. Successfully authenticated users can establish a PPP connection to access the network of the MoRoS GPRS 2.1 PRO.
Configuration with the web interface
In order to enable the dial-in server, select in the menu "Dial-In" on the
page "Dial-In" the radio button "Yes" for "Activate Dial-In".
In order to prioritise the dial-in over LAN (ext), check the checkbox "Prioritize Dial-In over LAN (ext)". Then, the LAN (ext) connection will be closed
after an authorised dial-in, and the dial-in connection will be activated
subsequently. Otherwise, an incoming dial-in will be aborted, if LAN (ext)
is active.
You can define an idle time, after which the dial-in connection is closed as
soon as no data transfer occurs any more. Enter the required time in seconds into the field "Idle time". If the connection should remain established
although there is an idle operation, enter the value "0".
Define the number of ring tones after which the MoRoS GPRS 2.1 PRO
will answer a call. Enter the number of ring tones until going off-hook into
the entry field "Number of rings before answer".
To use PPP authentication based on user names and passwords, check
the checkbox "Authentication for Dial-In". If you disable this checkbox,
any caller may establish a PPP connection. Enter up to 10 different combinations of user name and password into the fields "User name" and
"Password" and use the respective radio button to specify whether an authentication via "PAP" or "CHAP" is required for this user. The user name
must not correspond with the one of the dial-out connection.
If a callback after successful authentication should be possible for the respective user, check the checkbox "Callback active". If the authentication
is required for a callback, but this checkbox is not checked, no callback
will be performed. A usual dial-in is possible for the caller in this case.
As an option, you can define the IP addresses of the end points of the PPP
connection, if these addresses have already been allocated to one of the
networks of the MoRoS GPRS 2.1 PRO or at a remote network. As default,
the IP address of the MoRoS GPRS 2.1 PRO is 192.168.254.1. The standard address of the remote terminal is 192.168.254.2.
Save your settings by clicking "OK".
51
Page 52
Functions MoRoS GPRS 2.1 PRO
12.3.2 Automatic Callback (Callback)
You can trigger an automatic callback to a predefined destination phone number of
the MoRoS GPRS 2.1 PRO with a data call or a phone call. You can configure authorized callers for these numbers. The callers can identify themselves via the PPP
authentication methods PAP or CHAP, or via their CLIP phone number. The connection, which will then be established by the MoRoS GPRS 2.1 PRO, must be configured before in the menu "Dial-Out". Only connections to the preconfigured dial-out
destination are possible.
Configuration with the web interface
In order to trigger a dial-out connection by a caller, check in the menu
"Dial-In" on the page "Dial-In" the checkbox "Activate callback". The dialout connection, which is triggered by a caller, must first be configured in
the menu "Dial-Out".
To enable callers to trigger a connection, they must either identify themselves via PPP authentication or their phone numbers. Select either the
radio button for "After successful PPP authentication" or "After a call from
these caller IDs". If you select the latter option, enter up to 5 phone numbers into the fields on the right, which can trigger a callback by calling.
Save your settings by clicking "OK".
12.3.3 Routing
You can define routes for forwarding data packets in the MoRoS GPRS 2.1 PRO.
Moreover, you can enable NAT for incoming and outgoing packets separately.
Configuration with the web interface
In order to set a default route, check in the menu "Dial-In" on the page
"Routing" the checkbox "Set default route".
In order to enable NAT for incoming packets, check in the menu "Dial-In"
on the page "Routing" the checkbox "Activate NAT for incoming packets".
In order to enable NAT for outgoing packets, check in the menu "Dial-In"
on the page "Routing" the checkbox "Activate NAT for outgoing packets".
In order to add a new route, enter in the menu "Dial-In" on the page
"Routing" the "Net address" and the "Netmask " into the respective fields.
In order to delete an existing route, check in the menu "Dial-In" on the
page "Routing" under "Existing routs" the checkbox of the route(s) to be
deleted.
Save your settings by clicking "OK".
52
Page 53
MoRoS GPRS 2.1 PRO Functions
12.3.4 Creating or Deleting a Firewall Rule
The MoRoS GPRS 2.1 PRO provides a firewall for dial-in connections. A firewall is
used to prevent unauthorized data traffic. The logic of the firewall states that any
data traffic is forbidden, which is not explicitly permitted through a rule.
Define here, which connections are permitted by the MoRoS GPRS 2.1 PRO. If you
enable the firewall for the connection type "Dial-in", only connections are possible,
which are allowed by the firewall rules. All other connections will be blocked.
Configuration with the web interface
In order to enable the firewall for dial-in connections, check in the menu
"Dial-In" on the page "Firewall" the checkbox "Activate firewall for Dial-In
connections".
In order to create a rule for an allowed IP connection, proceed as follows.
Select in the menu "Dial-In" on the page "Firewall" in the drop-down list
"Data direction" a data direction for the rule.
Define the protocol of the permitted connection in the drop-down list
"Protocol".
You can also make sure that the rule is exclusively applied to a particular
dial-in user. Select the according dial-in user name in the dropdown list
"Dial-In user name".
Enter the further specifications of the connections permitted by the MoRoS GPRS 2.1 PRO into the entry fields "Source IP address", "Destination
IP address" and "Destination port". Only rules can be created, which are
not valid for individual machines (hosts), but for whole networks. In this
case, the net mask must be entered following the "/".
Save your settings by clicking "OK".
In order to disable firewall rules temporarily, uncheck in the menu "DialIn" on the page "Firewall" the check box in the column "Active" in the
firewall rule overview. Click on "OK" to confirm the settings.
In order to delete one or more rules, check the checkbox in the column
"delete" in the firewall rule overview. Click on "OK" to confirm the settings.
53
Page 54
Functions MoRoS GPRS 2.1 PRO
12.4 Dial-Out
12.4.1 Configure Dial-Out
You can use the MoRoS GPRS 2.1 PRO for dial-out. The MoRoS GPRS 2.1 PRO will
automatically establish a PPP connection to a remote terminal, when the network
traffic occurs in the direction of the network of the terminal. The network traffic
which may trigger a connection setup can be limited by rules. This optional "Dialing
filter" will ensure that only packets from/to certain IP addresses or from/to certain
ports trigger the dial-out connection. This dial-out connection can be compared with
the dial-in of a PC into the Internet. Only after this dial-in, it will be possible to transfer IP data (e.g. web contents) or to remotely access devices in the local network of
the MoRoS GPRS 2.1 PRO, for example.
Configuration via the web interface
In order to enable dial-out, select in the menu "Dial-Out" on the page
"Dial-Out" the option "Yes" for "Activate Dial-Out".
For a GSM-CSD connection, enter the phone number of the PPP terminal
(e.g. the Internet provider) into the entry field "Phone number" for destination A. You may enter a further phone number (or "*99***1#" for a
packet-based connection, see below) for destination B.
Enter for a packet-based connection (GPRS/EDGE/UMTS/HSDPA)
"*99***1#" into the entry field "Telephone number" for Target A. For destination A, enter the APN of your mobile provider, which is used to establish a packet-based connection, into the field "Access Point Name". You
can enter another APN for Target B. As an alternative, you may also define
a GSM-CSD connection with a usual phone number for Target B.
Enter a User name and Password for the PPP dial-up destinations A and B.
The specification of destination B is optional. The user name must not be
identical with the one of a dial-in user.
Select the PPP authentication method (PAP, CHAP, and PAP or CHAP) to
be used for Targets A and B in the selection "Authentication".
If you use a second SIM card, you may select the SIM card to be used for
Target B under "SIM card for target B". SIM card 1 is always used for Target A.
Enter a value for "Idle time" to define how long the connection will remain
established, if no data transfer takes place. Enter the required time in seconds into the field "Idle time".
To maintain the connection for an unlimited time, enter the value "0".
Enter the Maximum connect time to limit the duration of a connection. If
you enter a maximum connection time, the connection will be closed after
this time period has expired. To keep the connection open without any
time restrictions (until the connection is terminated for other reasons), enter the value "0" in the field "Maximum connect-time".
54
Page 55
MoRoS GPRS 2.1 PRO Functions
Configure the priority of the targets under "Priority". For this, the options
"Try the last successful target at first" and "Always try target A first" are
available. The MoRoS GPRS 2.1 PRO will try the respective target first.
The MoRoS GPRS 2.1 PRO will always try to reach the other target, if the
connection to the configured target cannot be established.
If the router does not receive a DNS server IP address to be used with a
dial-out, the checkbox "Request DNS server address" must be disabled.
Otherwise, it might happen that a connection cannot be established.
Save your settings by clicking "OK".
12.4.2 Configure Leased Line Operation
You can configure the MoRoS GPRS 2.1 PRO to permanently maintain a PPP connection. This operating mode is interesting for private networks with no minute
charges, or for billing models, for which only the transmitted data volume is charged
for (e.g. packet-based networks). In this operating mode, the MoRoS GPRS 2.1 PRO
will immediately establish the connection after system start. The MoRoS GPRS 2.1
PRO checks the connection for its function periodically. The connection check can
be performed either via a DNS query of a host name or via PING at a host.
Configuration with the web interface
In order to configure a leased line, check in the menu "Dial-Out" on the
page "Dial-Out" the checkbox "Connect immediately and hold connection".
If necessary, enter another time in minutes for the connection check into
the entry field "Interval for checking connection". The default setting is 60
minutes. If a closed connection is determined after this time, the MoRoS
GPRS 2.1 PRO will attempt to re-establish the connection after one minute. If the attempt fails, there will be another attempt after 5 minutes. The
next attempt will take place after 30 minutes; if this attempt fails as well,
the MoRoS GPRS 2.1 PRO will attempt to re-establish the connection
every 60 minutes.
Select the method for connection check using the radio buttons behind
"Type to check the connection" and enter a host name or an "IP address".
The two methods have a different effect. A failed DNS request terminates
a possibly existing connection and re-establishes the connection. A failed
ping will make sure that the connection is re-initiated, if it was closed after
the last data packet or ping. The existing connection is not terminated, if
the ping is not responded to.
Save your settings by clicking "OK".
55
Page 56
Functions MoRoS GPRS 2.1 PRO
12.4.3 Configuring a Periodical Dial-Out Connection Setup
The MoRoS GPRS 2.1 PRO can establish and terminate the previously configured
dial-out connection time-controlled. The dial-out connection is established and terminated daily at a certain time.
This function will trigger individual events; no blocking time or similar is defined.
Example: If a logout is defined for 2 pm and an automatic login at 4 pm, other
events within this period could also trigger a connection setup (dial-out), e.g. a simple packet according to the dialling filter. The connection is also automatically terminated after an automatic login, if the configured "Idle time" has expired, for example.
Configuration with the web interface
In order to establish a daily connection at a certain time, check in the
menu "Dial-Out" on the page "Dial-Out" the checkbox "Connect automatically once a day at" and enter a time for the connection setup into the entry fields for hours and minutes.
In order to terminate a connection daily at a certain time, check in the
menu "Dial-Out" on the page "Dial-Out" the checkbox "Disconnect automatically once a day at" and enter a time for the connection termination
into the entry fields for hours and minutes.
Save your settings by clicking "OK".
12.4.4 Routing
You can define MoRoS GPRS 2.1 PRO routes for forwarding data packets. You can
still configure NAT for incoming and outgoing packets separately.
Configuration with the web interface
In order to configure a default route, check in the menu "Dial-Out" on the
page "Port Routing" the checkbox "Set default route".
In order to enable NAT for incoming packets, check in the menu "DialOut" on the page "Routing" the checkbox "Activate NAT for incoming
packets".
In order to enable NAT for outgoing packets, check in the menu "Dial-Out"
on the page "Routing" the checkbox "Activate NAT for outgoing packets".
In order to add a new route, enter in the menu "Dial-Out" on the page
"Routing" the "Net address" and the "Netmask address" into the respective fields.
In order to delete an existing route, check in the menu "Dial-Out" on the
page "Routing" under "Existing routes" the checkbox of the route(s) to be
deleted.
Save your settings by clicking "OK".
56
Page 57
MoRoS GPRS 2.1 PRO Functions
12.4.5 Configuring a Talking Filter
To avoid unnecessary costs due to undesired dial-out processes, a dialling filter may
be activated optionally. This dialling filter can restrict the network traffic which could
trigger a dial-out process. After a dial-out connection is established, however, all
participants in the network may access the dial-out connection and transmit IP data.
Define here, which packets are allowed to initiate the dial-out connection via the
MoRoS GPRS 2.1 PRO. If you enable the dialling filter, only the dial-out connections
are possible, which are permitted by the dialling filter rules. All other connections
will be blocked.
Configuration with the web interface
In order to enable the dialling filter, check in the menu "Dial-Out" on the
page "Dial filters" the checkbox "Activate Dial-Out filters for Dial-Out interface".
In order to create a rule for a dialling filter, proceed as follows.
Select in the menu "Dial-In" on the page "Firewall" the protocol of the
permitted connection in the drop-down list "Protocol".
Enter the further specifications of the connections permitted by the MoRoS GPRS 2.1 PRO into the entry fields "Source IP address", "Destination
IP address" and "Destination port". Only rules can be created, which are
not valid for individual machines (hosts), but for whole networks. In this
case, the net mask must be entered following the "/".
In order to allow DNS requests to the router, which would initiate a connection setup (DNS relay), explicitly, check the checkbox "Allow DNS requests from source IP address to initiate a connection".
Save your settings by clicking "OK".
In order to disable individual dial-out rules temporarily, disable in the
menu "Dial-Out" on the page "Dial filters" the checkbox in the column "active" in the section "These data packets are allowed to initiate a Dial-Out".
Click on "OK" to confirm the settings.
In order to delete one or more rules, check the checkbox in the column
"delete" in the section "These data packets are allowed to initiate a DialOut". Click on "OK" to confirm the settings.
57
Page 58
Functions MoRoS GPRS 2.1 PRO
12.4.6 Creating or Deleting a Firewall Rule
The MoRoS GPRS 2.1 PRO provides a firewall for dial-out connections. A firewall is
used to prevent unauthorized data traffic. The logic of the firewall states that any
data traffic is forbidden, which is not explicitly permitted through a rule.
Define which connections will be permitted by the MoRoS GPRS 2.1 PRO. If you
enable the firewall for the connection type "Dial-Out", only connections will be possible which are authorised by the firewall rules. All other connections will be
blocked.
Configuration with the web interface
In order to enable the firewall for dial-out connections, check in the menu
"Dial-Out" on the page "Firewall" the checkbox "Activate firewall for DialOut connections".
In order to create a rule for a permitted IP connection, proceed as follows.
Select in the menu "Dial-Out" on the page "Firewall" the data direction in
the drop-down list "Data direction".
Define the protocol of the permitted connection in the drop-down list
"Protocol".
Enter the further specifications of the connections permitted by the MoRoS GPRS 2.1 PRO into the entry fields "Source IP address", "Destination
IP address" and "Destination port". Only rules can be created, which are
not valid for individual machines (hosts), but for whole networks. In this
case, the net mask must be entered following the "/".
Save your settings by clicking "OK".
In order to disable individual firewall rules temporarily, uncheck in the
menu "Dial-Out" on the page "Firewall" the checkbox in the column "active" in the firewall rule overview. Click on "OK" to confirm the settings.
In order to delete one or more rules, check the checkbox in the column
"delete" in the firewall rule overview. Click on "OK" to confirm the settings.
12.4.7 Creating or Deleting a Port Forwarding Rule
If port forwarding is enabled, the router forwards packets coming in from the WAN
to the machines in the LAN, which have been specified in the port forwarding rules.
Only the WAN IP address of the MoRoS GPRS 2.1 PRO is accessible from the WAN,
if the MoRoS GPRS 2.1 PRO has enabled NAT for packets going into the WAN. The
local terminal devices in the network of the MoRoS GPRS 2.1 PRO can still be accessed with this IP address using port forwarding. Packets from the WAN sent to
the WAN IP address at a port x, can be forwarded to a machine with the IP address
Y at the port y.
58
Page 59
MoRoS GPRS 2.1 PRO Functions
Configuration via the web interface
In order to enable port forwarding, check in the menu "Dial-Out" on the
page "Port forwarding" the checkbox "Activate port forwarding for DialOut connections".
In order to create a port forwarding rule, select in the field "Create new
rule" the protocol and specify the port range, for the incoming packets at
the MoRoS GPRS 2.1 PRO. Enter an IP address for the routing destination
in the entry field "to IP address" and a port in the entry field "to port"; this
is the address and the port where the packets are routed to.
In order to disable an existing rule, disable the checkbox "active" of the
respective rule and then click on "OK".
In order to delete an existing rule, check the checkbox "delete" of the respective rule and then click on "OK".
The rules in the list are processed from top to bottom. If two rules contradict each other (for example, the same port is used twice), only the rule
which is further up in the list will be processed.
12.4.8 Defining the Exposed Host
As an option, the MoRoS GPRS 2.1 PRO can forward all packets which do not comply with any port forwarding rule, to a predefined computer in the LAN, also called
"Exposed Host" (for example, for diagnostic purposes). The exposed host contains
all packets which have not been requested by the local network of the MoRoS GPRS
2.1 PRO or which have not been forwarded to a participant in the local network by a
port forwarding rule. If no exposed host is configured, these incoming packets are
discarded.
Configuration with the web interface
In order to define an exposed host, enter in the menu "Dial-Out" on the
page "Port forwarding" in the entry field "Exposed host" the IP address of
a computer in the LAN, which shall be accessible from outside via all
ports.
Save your settings by clicking "OK".
59
Page 60
Functions MoRoS GPRS 2.1 PRO
12.5 LAN (ext)
12.5.1 Configuring the Interface to the External Network
(LAN/WAN)
The MoRoS GPRS 2.1 PRO uses its router function to switch the data traffic between two IP networks, an "internal" and an "external". The LAN ext interface of the
MoRoS GPRS 2.1 PRO serves for connecting the MoRoS GPRS 2.1 PRO to the external network. This external network can be another LAN, which can be accessed
via an Ethernet cable. Then, you have to configure an IP address for the LAN ext interface of the MoRoS GPRS 2.1 PRO. This IP address must be in the address range
of the external LAN, into which the MoRoS GPRS 2.1 PRO shall route. However, the
external network can also be a WAN, which is connected via an DSL connection. In
this case, you must configure the interface for PPPoE operation, that the MoRoS
GPRS 2.1 PRO can communicate with the WAN via an DSL modem.
Configuration via the web interface
In order to connect the MoRoS GPRS 2.1 PRO with a LAN, select in the
"LAN (ext)" menu on the "LAN (ext)" page the radio button "static IP address". Then, enter into the entry fields "static IP address" and "Netmask
address" an IP address as well as an network mask. The IP address must
be an address from the external LAN, to which you connect the MoRoS
GPRS 2.1 PRO.
In order to connect the MoRoS GPRS 2.1 PRO via DSL to a WAN, configure in the "LAN (ext)" menu on the "DSL" page the DSL connection first.
Then, select in the "LAN (ext)" menu on the "LAN (ext)" page the radio
button "PPPoE connection".
In order to enable the DHCP client of the MoRoS GPRS 2.1 PRO, select in
the "LAN (ext)" menu on the "LAN (ext)" page the radio button "DHCP client".
In order to connect the MoRoS GPRS 2.1 PRO with a LAN, select in the
"LAN (ext)" menu on the "LAN (ext)" page the radio button "Bridge". Then,
the LAN ext interface behaves like another switch port.
Save your settings by clicking "OK".
60
Page 61
MoRoS GPRS 2.1 PRO Functions
12.5.2 Configuring Redundant WAN
The MoRoS GPRS 2.1 PRO enables to use the integrated communication device as
redundant WAN interface. The LAN ext interface is always the primary communication path here. If the regular check of the die LAN ext interface connection fails for
three consecutive times, a connection via the integrated communication device will
be established. Then, the settings, which have been specified for a Dial-Out, are
valid for the redundant connection. After a configured time has expired, an automatic fall-back to the LAN ext interface will take place. If the connection check fails
again for three times, it will be changed to the redundant communication device
again.
Configuration with the web interface
In order to enable the redundant WAN, check in the menu "LAN (ext)" on
the page "Redundant WAN" the checkbox "Activate redundant WAN".
Enter the for the time interval for the connection check in minutes into the
field "Interval for checking connection".
In order to perform a connection check via a DNS request, select in the
section "Type to check the connection" the radio button "DNS request"
and enter the destination into the field behind. It is prerequisite for the
DNS request that the MoRoS GPRS 2.1 PRO knows a DNS server.
In order to perform a connection check via a ping, select in the section
"Type to check the connection" the radio button "Ping to" and enter the
destination into the field behind. The connection check is considered as
successful if the remote terminal replies with a "Pong".
Enter the time interval for falling back to the LAN ext interface in minutes
into the field "Switch back to LAN (ext) after interval".
Save your settings by clicking "OK".
61
Page 62
Functions MoRoS GPRS 2.1 PRO
12.5.3 Configuring DSL
The MoRoS GPRS 2.1 PRO can connect to a WAN using a DSL modem. Connect the
DSL modem via the LAN ext interface to the MoRoS GPRS 2.1 PRO. The MoRoS
GPRS 2.1 PRO can communicate with the DSL modem via a PPPoE connection. You
must configure the LAN ext interface for PPPoE operation for this. To enable the
MoRoS GPRS 2.1 PRO for establishing a connection to the provider via the DSL modem, you must configure the DSL connection with access data and activate the option "Set default route".
Configuration with the web interface
In order to configure the DSL access of the MoRoS GPRS 2.1 PRO, connect the DSL modem to the LAN ext interface.
Then, enter in the "LAN (ext)" menu on the "DSL" page into the entry
fields "User name" and "Password" your user name and your password
for the DSL access.
Enter an optional idle time into the entry field "Idle time" in seconds, after
which the connection is terminated, if no data is transferred anymore. If
you enter "0", the connection remains established for an unlimited time.
Enter an optional maximum connect time into the entry field "Maximum
connect-time" in seconds, after which the MoRoS GPRS 2.1 PRO terminates the connection. Enter "0" to disable the time-controlled connection
termination.
In order to adjust the MTU (maximum permissible number of bytes in a
packet to be received), change the entry in the entry field "MTU (Maximum Transmission Unit)".
In order to adjust the MRU (maximum permissible number of bytes in a
packet to be sent), change the entry in the entry field "MRU (Maximum
Receive Unit)".
The default settings of MTU and MRU are suitable for most applications
and do not need to be modified usually.
In order to configure the MoRoS GPRS 2.1 PRO for retrieving the IP addresses of the name servers from the DSL provider, check the checkbox
"Request DNS server address".
Save your settings by clicking "OK".
In order to configure a default route, check in the menu "LAN (ext)" on the
page "Routing" the checkbox "Set default route". The MoRoS GPRS 2.1
PRO cannot switch the data traffic between the internal network at the
switch and the DSL connection without the default route to the DSL modem.
Save your settings by clicking "OK".
62
Page 63
MoRoS GPRS 2.1 PRO Functions
12.5.4 Configuring Leased Line Operation
You can configure the MoRoS GPRS 2.1 PRO to permanently maintain the previously configured DSL connection. In this operating mode, the MoRoS GPRS 2.1 PRO
will immediately establish the connection after system start. The MoRoS GPRS 2.1
PRO checks the connection for its function periodically. The connection check can
be performed either via a DNS request of a host name or via PING at a host.
Configuration with the web interface
In order to configure a leased line, check in the menu "LAN (ext)" on the
page "DSL" the checkbox "Connect immediately and hold connection".
If necessary, enter another time in minutes for the connection check into
the entry field "Interval for checking connection". The default setting is 5
minutes. If a closed connection is determined after this time, the MoRoS
GPRS 2.1 PRO will attempt to re-establish the connection after one minute. If the attempt fails, there will be another attempt after 5 minutes. The
next attempt will take place after 30 minutes; if this attempt fails as well,
the MoRoS GPRS 2.1 PRO will attempt to re-establish the connection
every 60 minutes.
Select the method for connection check using the radio buttons behind
"Type to check the connection" and enter a host name or an "IP address".
The two methods have a different effect. A failed DNS request terminates
a possibly existing connection and re-establishes the connection. A failed
ping will make sure that the connection is re-initiated, if it was closed after
the last data packet or ping. The existing connection is not terminated, if
the ping is not responded to.
Save your settings by clicking "OK".
63
Page 64
Functions MoRoS GPRS 2.1 PRO
12.5.5 Configuring a Periodical DSL Connection Establishment
The MoRoS GPRS 2.1 PRO can establish and terminate the previously configured
DSL connection time-controlled. The DSL connection is established and terminated
daily at a certain time.
This function initiates individual events, regardless whether other times have already
been defined for the connection termination. Example: If you already configure a
daily connection termination at 14:00 and a daily connection establishment at 16:00,
other settings and events can also initiate a connection establishment within this
period, e.g. a packet, that complies with the dialling filter. The connection is also
terminated, if the configured "Idle time" has expired, for example.
Configuration with the web interface
In order to establish a daily connection at a certain time, check in the
menu "LAN (ext)" on the page "DSL" the checkbox "Connect automatically once a day at" and enter a time for the connection set-up into the entry fields for hours and minutes.
In order to terminate a daily connection at a certain time, check the
checkbox "Disconnect automatically once a day at" and enter a time for
the disconnection into the entry fields for hours and minutes.
Save your settings by clicking "OK".
64
Page 65
MoRoS GPRS 2.1 PRO Functions
12.5.6 Configuring Routing
Routing is the core function of the MoRoS GPRS 2.1 PRO. Routing means that the
MoRoS GPRS 2.1 PRO routes incoming data packets according to certain rules defined by you to certain network devices.
The routes determine whereto packets are forwarded. A network address and the
network mask are used to distinguish, whether a route is applied to an IP packet or
not. If a packet comes in, that has a destination with an existing route, the MoRoS
GPRS 2.1 PRO forwards the packet to the gateway address defined in the route.
Moreover, the MoRoS GPRS 2.1 PRO supports Network Address Translation. If NAT
is enabled, the MoRoS GPRS 2.1 PRO replaces the source address of the packets of
an outgoing connection with its own. The MoRoS GPRS 2.1 PRO stores the actual
source address in its NAT table. If it receives a reply packet of the remote terminal of
this connection, it replaces the destination address of the packet with the address of
the original source.
Configuration with the web interface
You can specify a default route. All incoming packets, which cannot be
assigned to a route, are sent to this gateway. If you have connected a DSL
modem to the LAN ext interface, you can set the default route to the DSL
modem. For this, activate the checkbox "Set default route to gateway".
The following entry field is invisible in DSL operation.
In order to disable the NAT function for incoming packets, deactivate the
checkbox "Activate NAT for incoming packets". This may be useful in LAN
operation if the routed packets must not be changed.
In order to disable the NAT function for outgoing packets, deactivate the
checkbox "Activate NAT for outgoing packets". This may be useful in LAN
operation if the routed packets must not be changed.
In order to create a route, enter in the "LAN (ext)" menu on the "Routing"
page in the field "Add new route" the net address, the netmask address
belonging to it, and a gateway into the respective entry fields. The MoRoS
GPRS 2.1 PRO switches incoming requests to the specified gateway for
this network.
Save your settings by clicking "OK".
In order to delete an existing route, check in the field "Existing routes" the
checkbox in "delete" in the line of the respective route. The route is deleted if you save the settings with "OK".
65
Page 66
Functions MoRoS GPRS 2.1 PRO
12.5.7 Setting up a Dialling Filter
The dialling filter can restrict the network traffic which could trigger a dial-out connection establishment. All packets with external destination initiate a connection establishment without dialling filter. If the dialling filter is enabled, only the packets,
which are permitted by the rules, can initiate a connection establishment.
Configuration with the web interface
In order to enable the dialling filter, check in the menu "LAN (ext)" on the
page "Dial filters" the checkbox "Activate Dial-Out filters for LAN (ext) interface".
In order to permit connections via a certain protocol, select in the field
"Create new rule" the permitted protocol in the drop-down list "Protocol".
In order to permit connections of certain IP addresses, enter the permitted
source IP address into the entry field "Source IP address".
In order to permit connections to certain ports, enter the permitted destination port into the entry field "Destination port".
In order to permit connections to certain IP addresses, enter the permitted
destination IP address into the entry field "Destination IP address".
Optionally, you can use the checkbox "Allow DNS requests from source IP
address to initiate a connection" to allow that DNS requests of the defined
source IP addresses are allowed to initiate a connection establishment.
Save your settings by clicking "OK".
In order to disable individual dialling filter rules temporarily, uncheck in
the section "These data packets are allowed to initiate a Dial-Out" the
checkbox in the column "active". Click on "OK" to confirm the settings.
In order to delete one or more rules, check in the section "These data packets are allowed to initiate a Dial-Out" the checkbox in the column "delete". Click on "OK" to confirm the settings.
66
Page 67
MoRoS GPRS 2.1 PRO Functions
12.5.8 Creating or Deleting a Firewall Rule
The MoRoS GPRS 2.1 PRO offers a firewall for all connections via the LAN ext interface. A firewall is used to prevent unauthorized data traffic. The logic of the firewall
states that any data traffic is forbidden, which is not explicitly permitted through a
rule. If you enable the firewall, only the connections are possible, which are permitted by the firewall rules. All other connections will be blocked.
Configuration with the web interface
In order to enable the firewall, check in the menu "LAN (ext)" on the page
"Firewall" the checkbox "Activate firewall for LAN (ext) interface".
Select in the menu "LAN (ext)" on the page "Firewall" the data direction in
the drop-down list "Data direction".
Define the protocol of the permitted connection in the drop-down list
"Protocol".
Enter the further specifications of the connections permitted by the MoRoS GPRS 2.1 PRO into the entry fields "Source IP address", "Destination
IP address" and "Destination port". Only rules can be created, which are
not valid for individual machines (hosts), but for whole networks. In this
case, the net mask must be entered following the "/". You can leave single
fields open to create rules, which apply to several packets.
Save your settings by clicking "OK".
In order to disable individual firewall rules temporarily, uncheck in the
menu "LAN (ext)" on the page "Firewall" the checkbox in the column "active" in the firewall rule overview. Click on "OK" to confirm the settings.
In order to delete one or more rules, check in the menu "LAN (ext)" on the
page "Firewall" the checkbox in the column "delete" in the firewall rule
overview. Click on "OK" to confirm the settings.
12.5.9 Creating or Deleting a Port Forwarding Rule
If port forwarding is enabled, the router forwards packets coming in from the WAN
to the machines in the LAN, which have been specified in the port forwarding rules.
Only the WAN IP address of the MoRoS GPRS 2.1 PRO is accessible from the WAN,
if the MoRoS GPRS 2.1 PRO has enabled NAT for packets going into the WAN. The
local terminal devices in the network of the MoRoS GPRS 2.1 PRO can still be accessed with this IP address using port forwarding. Packets from the WAN sent to
the WAN IP address at a port x, can be forwarded to a machine with the IP address
Y at the port y.
Configuration via the web interface
In order to enable port forwarding, check in the menu "LAN (ext)" on the
page "Port forwarding" the checkbox "Activate port forwarding for LAN
67
Page 68
Functions MoRoS GPRS 2.1 PRO
(ext) interface".
In order to create a port forwarding rule, select in the field "Create new
rule" the protocol and specify the port range, for the incoming packets at
the MoRoS GPRS 2.1 PRO. Enter an IP address for the routing destination
in the entry field "to IP address" and a port in the entry field "to port"; this
is the address and the port where the packets are routed to.
In order to disable an existing rule, disable the checkbox "active" of the
respective rule and then click on "OK".
In order to delete an existing rule, check the checkbox "delete" of the respective rule and then click on "OK".
The rules in the list are processed from top to bottom. If two rules contradict each other (for example, the same port is used twice), only the rule
which is further up in the list will be processed.
12.5.10 Defining the Exposed Host
As an option, the MoRoS GPRS 2.1 PRO can forward all packets which do not comply with any port forwarding rule, to a predefined computer in the LAN, also called
"Exposed Host" (for example, for diagnostic purposes). The exposed host contains
all packets which have not been requested by the local network of the MoRoS GPRS
2.1 PRO or which have not been forwarded to a participant in the local network by a
port forwarding rule. If no exposed host is configured, these incoming packets are
discarded.
Configuration with the web interface
In order to define an exposed host, enter in the menu "LAN (ext)" on the
page "Port forwarding" in the entry field "Exposed host" the IP address of
a computer in the LAN, which shall be accessible from outside via all
ports.
Save your settings by clicking "OK".
68
Page 69
MoRoS GPRS 2.1 PRO Functions
12.6 VPN
12.6.1 VPN General
A VPN (virtual private network) is used to connect IP end devices or entire networks
with each other, in a safe way. The data is transmitted tamper-proof to a destination
and can not be read by third parties.
You can configure the MoRoS GPRS 2.1 PRO for an OpenVPN, PPTP or IPsec connection.
The exact proceeding for creating a certificate structure and configuring a VPN participant is described in a series of configuration guides. These are available from our
website (http://www.insys-icom.de/cg/) or our support team (support@insys-tec.de).
12.6.2 OpenVPN General
You can use the MoRoS GPRS 2.1 PRO as OpenVPN server or OpenVPN client.
Figure 6 shows a sample configuration for an OpenVPN connection. One MoRoS
GPRS 2.1 PRO is configured as OpenVPN server and a second as OpenVPN client
here. Both, client as well as server can be replaced by any OpenVPN-capable devices. In the example, a PPP connection between the two devices exists. Via this
PPP connection, an OpenVPN connection is established.
As soon as a WAN connection has been established, IP connections between both
networks can be established. OpenVPN uses an existing WAN connection to establish a VPN tunnel. A tunnel consists of an IP connection, which transports all packets to be tunnelled in its payload. OpenVPN will make a virtual network card available for sending data traffic.
Figure 6: OpenVPN network and IP addresses in the sample configuration
In the sample configuration, the end points of the OpenVPN connection will have
the IP addresses 10.1.0.1 and 10.1.0.2. The VPN tunnel will be established within an
already existing WAN connection. The OpenVPN clients and servers must also know
69
Page 70
Functions MoRoS GPRS 2.1 PRO
which network is located behind the according tunnel ends. In the sample configuration, this is the network 192.168.200.0/24 on one side. On the other side, this is
the network 192.168.1.0/24. As soon as the tunnel is established, data for these target networks is sent through the OpenVPN tunnel. If only data with a target in the
network behind the tunnel end are to be transmitted via the WAN interface, it is recommended to enable the firewall after successful configuration. This will limit the
communication to the port at which the OpenVPN tunnel is established (default setting: port 1194).
The MoRoS GPRS 2.1 PRO supports several authentication methods when establishing the VPN tunnel:
Authentication type Usage Characteristics
None For testing purposes
and to connect networks without encryption.
Static key For encrypted connec-
tions of one client and
one server each in small
applications
User name/password and
common CA certificate (can only be
For encrypted connections from one or more
clients to an OpenVPN
server.
configured at the
OpenVPN client)
Certificate-based;
each participant has
an individual certificate and key.
Table 11: Authentication methods for OpenVPN
For encrypted connec-
tions from one or more
clients to an OpenVPN
server.
No encrypted connection. It is
not possible to log in several
clients at the server at the same
time.
Encrypted connection. It is not
possible to log in several clients
at the server at the same time.
Flexible application for several
clients. Cannot be used with the
MoRoS GPRS 2.1 PRO as
OpenVPN server.
Solution for maximum security,
but the configuration is more
complicated. This is the recommended operating mode.
For detailed information and troubleshooting, we also recommend the OpenVPN
web site: http://openvpn.net/howto.html
12.6.3 Setting Up an OpenVPN-Server
You can use the MoRoS GPRS 2.1 PRO as OpenVPN server, if you want to send
confidential data via an unsecured network, for example. This section describes the
set-up of an OpenVPN server. The basic settings of the MoRoS GPRS 2.1 PRO are
reasonable factory defaults, which you may change in certain circumstances. Here,
you define which port of the MoRoS GPRS 2.1 PRO is used to create the OpenVPN
tunnel and if the OpenVPN transmission is performed with the UDP or the TCP protocol. Moreover, you can specify here, whether the clients are informed about the
server network, the remote terminal may change its IP address, LZO compression is
used, packets are masked before tunnelling, which encryption algorithm is used dur-
70
Page 71
MoRoS GPRS 2.1 PRO Functions
ing transmission, how big the tunnel packets are to be, and in which time intervals
the OpenVPN server sends VPN pings. In addition, you will have the option to display the OpenVPN status, to display the current configuration file, to create a configuration for an OpenVPN remote terminal, and to display a log of the last connection. You can use the generated configuration file to create an OpenVPN configuration file for exampple, which can be used as basis for the operation of an OpenVPN
instance on a client PC. The OpenVPN packet for Windows clients can be
downloaded from the INSYS MICROELECTRONICS web site:
www.insys-tec.de/en/en/driver/
This program is used as remote terminal, if you want to establish an OpenVPN connection to a Windows PC.
Configuration via the web interface
In order to use the OpenVPN server for a connection, check in the menu
"Dial-In", "Dial-Out", or "LAN (ext)" on the page "OpenVPN server" the
checkbox "Activate OpenVPN server".
In order to define the local port at the MoRoS GPRS 2.1 PRO as well as
the port at the remote terminal, enter a value for the required port into the
entry fields "Tunnelling over port (local / remote)" (default setting 1194).
The OpenVPN transmission protocol is selected with the radio buttons
"UDP" or "TCP". We recommend using UPD to minimise latency.
In order to inform the clients about the route to the network behind the
server, check the checkbox "Inform clients about server network". If this
setting is disabled, a communication can only be initiated from the network of the server.
In order to enable remote OpenVPN terminals to change its IP during a
connection ("Floating"), check the checkbox "Remote terminal is allowed
to change its IP address (float)". This setting is activated by default.
In order to enable or disable LZO compression, check or uncheck the
checkbox "Activate LZO compression". If already strongly compressed
data (e.g. jpg) is transmitted, the compression will have hardly any effect;
however, if compressible data (e.g. text) is transmitted, the compression
may significantly reduce the transmitted volume of data. Switch the compression off, if the remote terminal does not support LZO compression.
In order to mask the packets with the virtual tunnel IP address, check the
checkbox "Masquerade packets before tunnelling". The recipient of the
packets sees the IP address of the tunnel end as sender then, not the address of the original sender.
In order to use a different encryption method than the preset method
"Blowfish 128 Bit" for the OpenVPN connection, select one of the following encryption types in the drop-down list "Cipher algorithm":
(Blowfish 128 Bit), DES 64 Bit, DES EDE 128 Bit, DES EDE3 192 Bit,
DESX 192 Bit, CAST5 128 Bit, IDEA 128 Bit, RC2 128 Bit, RC2 40 Bit,
RC2 64 Bit, AES 128 Bit, AES 192 Bit, AES 256 Bit
71
Page 72
Functions MoRoS GPRS 2.1 PRO
In order to configure the detail level of the messages in the connection
log, enter the detail level into the field "Log level", where "0" disables the
log record completely and "9" records the most detailed information.
In order to define a certain fragmenting size for the OpenVPN tunnel
packets in bytes, use the entry field "Fragment packets". Enter the required maximum packet size in bytes here. If you don't enter a value, the
OpenVPN packets will have a maximum size of 1.500 bytes. The actually
transmitted amount of user data is lower, because OpenVPN creates a
"protocol overhead", which means that the protocol information that is
transmitted as well is a part of the packet size.
In order to adjust the interval up to the key renegotiation, use the entry
field "Interval for renegotiation of data channel key". This interval configures the time in seconds, which must expire before new keys are created.
In order to adjust the VPN ping interval, use the entry field "Ping interval".
Enter the interval in the amount of seconds, in which the OpenVPN server
of the MoRoS GPRS 2.1 PRO sends ping packets to the remote VPN terminal. The frequent ping is used to keep the connection open via several
routers and gateways, which may participate in the connection and would
close the channel in case there was no communication. We recommend
entering a value of a few minutes, depending on the used network and
the used infrastructure.
In order to adjust the ping restart interval, use the entry field "Ping restart
interval". The ping restart interval configures the time in seconds after
which the tunnel is to be established again, if no ping from the remote
terminal arrived during the complete time. The value "0" prevents the tunnel to be terminated, even if no ping is received any more.
In order to configure the authentication with certificates, select the radio
button "Authentication based on certificate". It is indicated under the option here, whether the individual certificates and keys are present (green
checkmark) or not (red cross). Present certificates can also be downloaded
(blue arrow) or deleted again (red cross on white box). The private key can
only be deleted. Check the checkbox "Allow communication between clients" to enable a communication between the clients as well. Define the
IP address pool for the clients in the fields "IP address pool for clients" and
"Netmask of IP address pool". In order to create a new route to a client
network, enter in the section "Create new route to a client network" the
Common Name of the client into the field "Name in certificate" as well as
its network address and netmask into the field "Net address" and "Netmask address". Optionally, enter the VPN IP address for the tunnel end of
a client into the field "VPN IP address". Click on "OK" to take over the new
route. You can delete existing routes by checking the checkbox in the column "delete" of the respective route and clicking on "OK".
A link of a network address with "DEFAULT" as "Common Name" may
be created as "Standard route". It is always used as route, when a client
registers with a certificate, for whose "Common Name" no other link
has been entered.
72
Page 73
MoRoS GPRS 2.1 PRO Functions
In order to configure the authentication with static key, select the radio
button "No authentication or authentication with preshared key". It is indicated under the option here, whether the static key is present (green
checkmark) or not (red cross). A present key can also be downloaded
(blue arrow) or deleted again (red cross on white box). If no key exists, the
remote terminal will neither be authenticated nor the data traffic through
the OpenVPN tunnel will be encrypted. You can also generate a new static
key using the "Generate a new static key" link. This static key must then
be downloaded and also uploaded to the remote terminal. Both OpenVPN
remote terminals must have the same static key that a tunnel is functional
with this authentication type. Enter the IP address or the domain name of
the remote terminal into the "IP address or domain name of remote site"
field. You can enter the IP address or the domain name of an alternative
remote terminal into the "Alternative remote site" field. Enter the IP address of the local tunnel end into the "IP address of VPN tunnel local" field
and the IP address of the remote tunnel end into the "IP address of VPN
tunnel remote" field. Enter the address as well as the associated netmask
of the network behind the OpenVPN tunnel into the "Netaddress of network behind the VPN tunnel" and "Netmask of network behind the VPN
tunnel" fields.
In order to confirm all settings made above, click on "OK".
In order to upload a certificate or key, click in the section "Upload key or
certificates" on the "Browse..." button (button depends on the used
browser). Then, select in the "Upload file" window the desired file on the
respective data carrier and click on the "Open" button. If the file is encrypted, you must also enter the password into the "Password (only with
encrypted file)" field. Click on "OK" then to upload the file.
12.6.4 Setting Up an OpenVPN-Client
You can use the MoRoS GPRS 2.1 PRO as OpenVPN client, if you want to connect
to an OpenVPN server via an unsecured network. This section describes the set-up
of an OpenVPN client. The basic settings of the MoRoS GPRS 2.1 PRO are reasonable factory defaults, which you need to adjust to the VPN which will be connected
to the MoRoS GPRS 2.1 PRO. Here, you define with which IP address or domain and
via which ports the OpenVPN tunnel is established, and if the OpenVPN transmission is performed with the UDP or the TCP protocol. Moreover, you can specify
here, whether a default route is set, the local address and the port are fixed, the remote terminal may change its IP address, LZO compression is used, packets are
masked before tunnelling, which encryption algorithm is used during transmission,
how big the tunnel packets are to be, and in which time intervals the OpenVPN client of the MoRoS GPRS 2.1 PRO sends VPN pings to the server. In addition, you will
have the option to display the OpenVPN status, the current configuration file, a configuration for an OpenVPN remote terminal (the OpenVPN sever) and a log of the
last connection.
73
Page 74
Functions MoRoS GPRS 2.1 PRO
Configuration via the web interface
In order to use the OpenVPN client for a connection, check in the menu
"Dial-In", "Dial-Out", or "LAN (ext)" on the page "OpenVPN client" the
checkbox "Activate OpenVPN client".
In order to define the IP address or the domain name of the remote terminal, which you use to have the MoRoS GPRS 2.1 PRO establish the
OpenVPN connection, enter an IP address or a domain name in the field
"IP address or domain name of remote site".
Optionally, an alternative remote terminal can be defined, which will be
used by the MoRoS GPRS 2.1 PRO to establish the OpenVPN connection,
if the remote terminal configured above is not available. Enter an IP address or domain name into the "Alternative remote site" field for this.
In order to define the local port at the MoRoS GPRS 2.1 PRO as well as
the port at the remote terminal, enter a value for the required port into the
entry fields "Tunnelling over port (local / remote)".
The OpenVPN transmission protocol is selected with the radio buttons
"UDP" or "TCP". We recommend to use UDP to minimize latency.
In order to set a default route, check the checkbox "Set default route (redirect-gateway)". The complete data traffic will be routed through the tunnel
then.
It is not obligatory to provide the local port and the IP address of the
OpenVPN connection. If you want to leave the use of ports and the IP address free, uncheck the checkbox "Bind to local address and port".
In order to enable remote OpenVPN terminals to change its IP during a
connection ("Floating"), check the checkbox "Remote terminal is allowed
to change its IP address (float)". This setting is activated by default.
In order to enable or disable LZO compression, check or uncheck the
checkbox "Activate LZO compression". If already strongly compressed
data (e.g. jpg) is transmitted, the compression will have hardly any effect;
however, if compressible data (e.g. text) is transmitted, the compression
may significantly reduce the transmitted volume of data. Switch the compression off, if the remote terminal does not support LZO compression.
In order to mask the packets with the virtual tunnel IP address, check the
checkbox "Masquerade packets before tunnelling". The recipient of the
packets sees the IP address of the tunnel end as sender then, not the address of the original sender.
In order to use a different encryption method than the preset method
"Blowfish 128 Bit" for the OpenVPN connection, select one of the following encryption types in the drop-down list "Cipher algorithm":
(Blowfish 128 Bit), DES 64 Bit, DES EDE 128 Bit, DES EDE3 192 Bit,
DESX 192 Bit, CAST5 128 Bit, IDEA 128 Bit, RC2 128 Bit, RC2 40 Bit,
RC2 64 Bit, AES 128 Bit, AES 192 Bit, AES 256 Bit
74
Page 75
MoRoS GPRS 2.1 PRO Functions
In order to configure the detail level of the messages in the connection
log, enter the detail level into the field "Log level", where "0" disables the
log record completely and "9" records the most detailed information.
In order to define a certain fragmenting size for the OpenVPN tunnel
packets in bytes, use the entry field "Fragment packets". Enter the required maximum packet size in bytes here. If you don't enter a value, the
OpenVPN packets will have a maximum size of 1.500 bytes. The actually
transmitted amount of user data is lower, because OpenVPN creates a
"protocol overhead", which means that the protocol information that is
transmitted as well is a part of the packet size.
In order to adjust the interval up to the key renegotiation, use the entry
field "Interval for renegotiation of data channel key". This interval configures the time in seconds, which must expire before new keys are created.
In order to adjust the VPN ping interval, use the entry field "Ping interval".
Enter the interval in the amount of seconds, in which the OpenVPN client
of the MoRoS GPRS 2.1 PRO sends ping packets to the remote VPN terminal. The frequent ping is used to keep the connection open via several
routers and gateways, which may participate in the connection and would
close the channel in case there was no communication.
In order to adjust the ping restart interval, use the entry field "Ping restart
interval". The ping restart interval configures the time in seconds after
which the tunnel is to be established again, if no ping from the remote
terminal arrived during the complete time. The value "0" prevents the tunnel to be terminated, even if no ping is received any more.
In order to send a ping via ICMP protocol to a domain or an IP address
additionally, enter this into the entry field "Additional ICMP Ping to". It is
recommended to enter a domain name or IP address, which can only be
connected via the tunnel, here. If the ping is not successful, a possibly existing tunnel will be terminated, and a new tunnel will be established. The
ping interval is 15 minutes.
In order to configure the authentication with certificates, select the radio
button "Authentication based on certificate". It is indicated under the option here, whether the individual certificates and keys are present (green
checkmark) or not (red cross). Present certificates can also be downloaded
(blue arrow) or deleted again (red cross on white box). The private key can
only be deleted. Alternatively, or in addition to the usage of a client certificate and a private key, an user name/password combination can be used
for the authentication with the OpenVPN server (however, the CA certificate is required in any case, which must be possessed by every participant of this VPN). Enter a user name into the field "User name" as well as
the associated password into the field "Password" for this. In order to
check the certificate type of the remote terminal, check the checkbox
"Check remote certificate type".
75
Page 76
Functions MoRoS GPRS 2.1 PRO
In order to configure the authentication with static key, select the radio
button "No authentication or authentication with preshared key". It is indicated under the option here, whether the static key is present (green
checkmark) or not (red cross). A present key can also be downloaded
(blue arrow) or deleted again (red cross on white box). If no key exists, the
remote terminal will neither be authenticated nor the data traffic through
the OpenVPN tunnel will be encrypted. You can also generate a new static
key using the "Generate a new static key" link. This static key must then
be downloaded and also uploaded to the remote terminal. Enter the IP address of the local tunnel end into the "IP address of VPN tunnel local" field
and the IP address of the remote tunnel end into the "IP address of VPN
tunnel remote" field. Enter the address as well as the associated netmask
of the network behind the OpenVPN tunnel into the "Netaddress of network behind the VPN tunnel" and "Netmask of network behind the VPN
tunnel" fields.
In order to confirm all settings made above, click on "OK".
In order to upload a certificate or key, click in the section "Upload key or
certificates" on the "Browse..." button (button depends on the used
browser). Then, select in the "Upload file" window the desired file on the
respective data carrier and click on the "Open" button. If the file is encrypted, you must also enter the password into the "Password (only with
encrypted file)" field. Click on "OK" then to upload the file.
12.6.5 PPTP General
PPTP (Point-to-Point Tunnelling Protocol) is a VPN (virtual private network) that is
not recommended for new installations. A recent alternative is OpenVPN.
PPTP establishes a PPP connection via a tunnel set-up with the GRE protocol. To
establish the tunnel, it is essential that the GRE protocol is routed without restrictions between the two PPTP participants and a TCP connection with port 1723 is
possible. The TCP port 1723 is fix and cannot be modified. The GRE protocol is not
always routed directly in the Internet. In this case, NAT can prevent to establish a
tunnel, if performed.
We strongly recommend to use as long as possible passwords with special characters and the encryption method MPPE-128 Bit.
76
Page 77
MoRoS GPRS 2.1 PRO Functions
12.6.6 Setting Up a PPTP Server
The settings for the MoRoS GPRS 2.1 PRO as PPTP server are configured here. A
maximum of 5 PPTP clients can log on to this server at the same time. However, it is
possible to create more users, but only 5 tunnels can be active at the same time.
Configuration via the web interface
In order to use the MoRoS GPRS 2.1 PRO as PPTP server, check in the
menu "Dial-In", "Dial-Out", or "LAN (ext)" on the page "PPTP server" the
checkbox "Activate PPTP server".
In order to display the messages of the last connection, select the link
"Display log of last connection".
In order to select the authentication method for the PPTP client at the
server, select this from the drop-down list "Authentication". If the data
traffic is to be encrypted via the PPTP connection using MPPE, the authentication type MS-CHAP-v2 is mandatory.
In order to select the encryption for the PPTP connection, select this from
the drop-down list "Encryption". The same encryption must also be configured for the client.
In order to adjust the MTU (maximum permissible number of bytes in a
packet to be received), change the entry in the entry field "MTU (Maximum Transmission Unit)".
In order to adjust the MRU (maximum permissible number of bytes in a
packet to be sent), change the entry in the entry field "MRU (Maximum
Receive Unit)".
The default settings of MTU and MRU are suitable for most applications
and do not need to be modified usually.
Enter the IP address of the local tunnel end into the field "IP address of
VPN tunnel local". If no explicit address is specified, the PPTP server will
use the IP address 192.168.0.1. If this address is already reserved, another
address can be specified here.
Define the available IP address pool for the tunnel ends of the PPTP clients in the fields "IP address pool". This pool must be in the network of
the LAN. The PPTP clients address their destination directly with IP addresses in the LAN of the MoRoS GPRS 2.1 PRO.
In order to add a new user, that is permitted for the connection of PPTP
clients, enter a user name and a password into the respective fields for
this. Click on "OK" to take over the user. You can delete existing users by
checking the checkbox in the column "delete" of the respective user and
clicking on "OK".
In order to confirm all settings for the loaded tunnel made above, click on
"OK".
77
Page 78
Functions MoRoS GPRS 2.1 PRO
12.6.7 Setting Up a PPTP Client
The settings for the MoRoS GPRS 2.1 PRO as PPTP client are configured here. All
packets through the PPTP tunnel are masked by the MoRoS GPRS 2.1 PRO with its
tunnel address.
Configuration via the web interface
In order to use the MoRoS GPRS 2.1 PRO as PPTP client, check in the
menu "Dial-In", "Dial-Out", or "LAN (ext)" on the page "PPTP client" the
checkbox "Activate PPTP client".
In order to display the messages of the last connection, select the link
"Display log of last connection".
In order to define the IP address or the domain name of the remote terminal, which you use to have the MoRoS GPRS 2.1 PRO establish the VPN
connection, enter an IP address or a domain name in the field "IP address
or domain name of remote site".
Enter the user name and the password of the PPTP client for login to the
server into the respective fields.
In order to select the encryption for the PPTP connection, select this from
the drop-down list "Encryption". The encryption that is also used by the
PPTP server must be selected.
In order to set the default route to this PPTP tunnel, check the checkbox
"Set default route". The complete data traffic will be routed through the
tunnel then. However, this is only possible, if no preferential default route
has been set before.
If no default route to the tunnel is set, the local subnet behind the tunnel
must be defined. Enter this network with respective netmask into the field
"Remote subnet". Only that way, packets into the network behind the
PPTP tunnel will be routed through the tunnel.
In order to adjust the MTU (maximum permissible number of bytes in a
packet to be received), change the entry in the entry field "MTU (Maximum Transmission Unit)".
In order to adjust the MRU (maximum permissible number of bytes in a
packet to be sent), change the entry in the entry field "MRU (Maximum
Receive Unit)".
The default settings of MTU and MRU are suitable for most applications
and do not need to be modified usually.
In order to configure a connection check using a ping via ICMP protocol
to a domain or an IP address, enter this into the entry field "Additional
ICMP ping to". It is recommended to enter a domain name or IP address,
which can only be connected via the tunnel, here. If the connection check
is not successful, a possibly existing tunnel will be terminated, and a new
tunnel will be established. The ping interval is 15 minutes.
78
Page 79
MoRoS GPRS 2.1 PRO Functions
If a tunnel aborts, this will not be re-established automatically, but the
establishment will only be made after a new WAN connection establishment. Therefore, the condition of the tunnel should be checked using an ICMP ping in any case.
In order to confirm all settings for the loaded tunnel made above, click on
"OK".
12.6.8 Setting Up IPsec
IPsec (Internet Protocol Security) is a security protocol for the safe communication
via IP networks and can be used to set-up virtual private networks (VPN). Two subnets can be connected together using two suitable routers (e.g. MoRoS GPRS 2.1
PRO) via a secure tunnel. It is possible to configure up to 10 different tunnels.
Configuration via the web interface
In order to use the IPsec for a connection, check in the menu "Dial-In",
"Dial-Out", or "LAN (ext)" on the page "IPsec" the checkbox "Activate IPsec".
In order to display the current state of the IPsec tunnels, select the link
"IPsec current state".
In order to display the messages of the last connection, select the link
"Display log of last connection".
In order to configure NAT traversal, use the drop-down list "NATTraversal" to select the desired option. If you select "activate" (default setting), all ESP packets are additionally packed into a UDP packet and sent
using the UDP port 4500, if a NAT router is detected. If you select "force",
this behaviour will be enforced without checking for a NAT router (the remote terminal must also have NAT traversal enabled in this case). If you
select "deactivate", an UDP data encapsulation will be prevented, what
might lead to problems in operation with a NAT router. This setting applies for all tunnels.
In order to configure the interval of the keep alive packets, which are sent,
if NAT traversal is used, enter the time in seconds into the field "Keep
alive interval". This can prevent that e.g. a stateful firewall blocks the connection after an extended inactivity period.
In order to select the tunnel, whose settings are to be edited, select the
desired tunnel from the drop-down list "Tunnel name" and click on the
button "load to edit" then. If settings are made to the currently loaded
tunnel, these must be taken over before using the button "OK", before a
new tunnel is loaded to prevent that these settings get lost. Loading a
tunnel does not save settings that have been made!
In order to activate the loaded tunnel, check the checkbox "Activate tunnel".
79
Page 80
Functions MoRoS GPRS 2.1 PRO
In order to assign a descriptive name to the loaded tunnel, enter it into the
field "Tunnel name". This makes the assignment of messages in the log or
status view easier.
In order to specify the remote terminal, to which the tunnel is to be established, enter the IP address or the domain name of the remote terminal
into the field "IP address or domain name of remote site". If no remote
terminal is specified, incoming connection requests from all remote terminals are accepted, but no connection can be initiated.
In order to define a network behind the switch of the MoRoS GPRS 2.1
PRO to be tunnelled, enter this network with according netmask into the
field "Local subnet". This does not have to be the actual local subnet, but
can also be behind further gateways. In such a case it must be observed
that the required routing rules are entered correctly. If this field is not
completed, the local subnet is used automatically.
In order to define the local subnet behind the remote terminal, enter this
network with according netmask into the field "Remote subnet". Only
data, which is addressed to this network, is packed in ESP packets.
In order to specify the ID of the remote terminal, enter it into the field
"Remote ID". The respective IP address is used as ID by default. If the actual IP address differs from the received ID (e.g. due to NAT routers in between) or is unknown, the ID of the remote terminal can be specified explicitly (a self-defined string, which must contain an "@"). When using certificates, the DN (Distinguished Name) is used as ID by default. The domain name of the remote terminal can also be used as ID, because it is resolved by a DNS lookup.
In order to adjust the own ID, enter it into the field "Local ID". This is only
necessary, if the default ID can or shall not be used.
In order to specify the authentication mode, select it in the drop-down list
"Authentication mode". The main mode is more secure, because all authentication data is transmitted encrypted. The aggressive mode is
quicker, because it does not use encryption and the authentication is preformed via a passphrase.
In order to define encryption and hash algorithms as well as the DiffieHellman group for the IKE key exchange, select these from the drop-down
lists "IKE algorithms".
In order to define encryption and hash algorithms for the IPsec connection, select these from the drop-down lists "IPsec algorithms".
In order to enter the maximum number of connection attempts, which
must be exceeded that a remote terminal is considered as not available,
enter this into the field "Maximum retries". A value of "0" means an infinite number of attempts here.
80
Page 81
MoRoS GPRS 2.1 PRO Functions
In order to mask the received packets with the local IP address of the
MoRoS GPRS 2.1 PRO, check the checkbox "Mask packets through tunnel". The recipient of the packets will see the local IP address of the MoRoS GPRS 2.1 PRO as sender than, not the address of the original sender
from the local net of the remote terminal.
In order to configure the dead peer detection, enter the interval, which is
used to send requests to the remote terminal, in seconds into the field
"Dead peer detection interval" and the maximum time, in which these requests must be replied, in seconds into the field "Dead peer detection
timeout". Select the behaviour for a connection, which is considered as interrupted, in the drop-down list "Action on dead peer". If you select "restart" (default setting) here, the connection will be restarted, for "clear", it
will be terminated, and for "hold", it will be held.
In order to enable perfect forward secrecy, check the checkbox "Activate
perfect forward secrecy". This can prevent that the next key can be discovered more quickly from a hacked encryption. Both remote terminals
must have matching settings to be able to establish the connection.
In order to configure the interval for the key renegotiation, enter the value
in seconds into the field "Interval for renegotiation of data channel key".
The minimum value is 3600 seconds (1 hour). The regular renewal of the
used keys can ensure the security of the IPsec connection for a longer period.
in order to send an additional ping via ICMP protocol to an IP address, enter this address, which must be located in the local subnet of the remote
terminal, into the field "Additional ICMP ping to". If the ping is not successful, a possibly existing tunnel will be terminated, and a new tunnel
will be established. The ping interval is 15 minutes.
In order to configure the authentication for an IPsec connection, select either the radio button "Authentication based on certificates" or the radio
button "Authentication with pre shared key (PSK)“. The authentication
with certificates can be used for the main mode. It is indicated under the
option here, whether the individual certificates and keys are present
(green checkmark) or not (red cross). Present certificates can also be
downloaded (blue arrow) or deleted again (red cross on white box). The
private key can only be deleted. The authentication with passphrase can
be used for main mode and aggressive mode. The passphrase, which
must be used by all IPsec participants, must be entered into the field below the option for this.
In order to confirm all settings for the loaded tunnel made above, click on
"OK".
In order to upload a certificate or key, click in the section "Upload key or
certificates" on the "Browse..." button. Then, select in the "Upload file"
window the desired file on the respective data carrier and click on the
"Open" button. If the file is encrypted, you must also enter the password
into the "Password (only with encrypted file)" field. Click on "OK" then to
upload the file.
81
Page 82
Functions MoRoS GPRS 2.1 PRO
82
Page 83
MoRoS GPRS 2.1 PRO Functions
12.7 Redundant Communication Device
12.7.1 Configure Redundant Communication Device
To increase the operational safety and availability of the MoRoS GPRS 2.1 PRO, you
can connect a second communication device to provide a redundant transmission
path. This means that you can then still use a second transmission path (e.g. modem), in case one transmission path (e.g. mobile radio) fails. Several combinations of
modem, ISDN and GSM/GPRS/EDGE/UMTS devices are possible. Just connect another INSYS communication device to the the serial interface of the MoRoS GPRS
2.1 PRO. The MoRoS GPRS 2.1 PRO will recognize automatically that a redundant
transmission device is available during the next system start and will change the
web interface accordingly for configuration.
Please contact your sales partner or INSYS Microelectronics, to find out which other
INSYS device is suitable for the connection as a redundant communication device.
If the serial Ethernet gateway is enabled, a redundant communication device cannot
be used. The options for the redundant communication device are not displayed. If
the sandbox is enabled and the serial interface is reserved for the sandbox in addition, the sandbox has priority, i.e. redundant communication device and serial
Ethernet gateway are disabled.
Configuration with the web interface
If the MoRoS GPRS 2.1 PRO finds a redundant communication device at
its serial interface during the system start, the menus “Dial-In” and “DialOut” provide further options.
In order to configure Dial-In for redundant operation, select in the menu
"Dial-In" on the page "Dial-In", which communication device is to be used
for Dial-In. You will have the option to activate Dial-in via one of the two
communication devices, via both communication devices, or not at all.
In order to configure Dial-Out for redundant operation, select in the menu
"Dial-Out" on the page "Dial-Out", which communication device is to be
used for Dial-Out. You will again have the option to activate dial-out via
one of the two communication devices, via both communication devices,
or not at all. You can also define which communication device should be
used preferably. The second communication device is only used, when
the dialing attempt using the first device is not successful. In the menu
"Dial-out", you must also enter the destination phone number and the PPP
dial-up parameter for each of the two communication devices individually.
Save your settings by clicking "OK".
83
Page 84
Functions MoRoS GPRS 2.1 PRO
12.8 Inputs and Outputs
12.8.1 Querying the State of the Inputs
The MoRoS GPRS 2.1 PRO has digital inputs, which may trigger a PPP connection
set-up, a message dispatch via SMS or e-mail, an OpenVPN tunnel set-up, a PPTP
tunnel set-up, an IPsec tunnel set-up, or the set-up of a serial Ethernet connection.
The inputs are closed when connected to GND. They are opened when there is no
connection to GND. The states of the two inputs can be queried via the web interface.
Configuration with the web interface
In order to query the status of the inputs, click in the menu "In-/Outputs"
on the page "Inputs" on the "Refresh" button. After the page has been reloaded, the states of the inputs are displayed next to "Input 1:" and "Input
2:".
84
Page 85
MoRoS GPRS 2.1 PRO Functions
12.8.2 Configuring the Function of the Inputs
The MoRoS GPRS 2.1 PRO can establish a pre-configured dial-out connection, an
OpenVPN tunnel, a PPTP tunnel, an IPsec tunnel or a serial Ethernet gateway connection, as soon as input 2 is closed for at least 4 seconds, i.e. connected to "GND".
When activating the input, a dial-out or tunnel or connection set-up is performed as
configured in the according menu. The connection will remain as long as the connection configuration allows.
Configuration with the web interface
In order to configure the function of input 2, select in the menu "In/Outputs" on the page "Inputs" either the option "none", "Dial-Out automatically", "Establish OpenVPN tunnel", "Establish IPsec tunnel", or "Establish outgoing serial Ethernet connection".
The respective Dial-Out or OpenVPN/IPsec functions must be configured,
to be triggered by the input.
In order to trigger a Dial-Out connection only with input 2, check the
checkbox "Exclusively (dial-on-demand is deactivated)".
In order to terminate a Dial-Out connection by opening input 2, check the
checkbox "Cancel if no longer connected with GND".
In order to trigger an OpenVPN tunnel only with input 2, check the checkbox "Establish exclusively via input (not automatically after Dial-Out)".
In order to terminate an OpenVPN tunnel by opening input 2, check the
checkbox "Cancel if no longer connected with GND".
In order to trigger a PPTP tunnel only with input 2, check the checkbox
"Establish exclusively via input (not automatically after Dial-Out)".
In order to terminate a PPTP tunnel by opening input 2, check the checkbox "Cancel if no longer connected with GND".
In order to trigger an IPsec tunnel only with input 2, check the checkbox
"Establish exclusively via input (not automatically after Dial-Out)".
In order to terminate an IPsec tunnel by opening input 2, check the
checkbox "Cancel if no longer connected with GND".
In order to terminate an outgoing serial Ethernet connection by opening
input 2, check the checkbox "Cancel if no longer connected with GND".
Save your settings by clicking "OK".
85
Page 86
Functions MoRoS GPRS 2.1 PRO
12.8.3 Switch Outputs
The MoRoS GPRS 2.1 PRO has digital outputs, whose status can be queried and
changed via the web interface.
The outputs can also be operated daily at a certain time. Moreover, it is possible to
operate the outputs by establishing a PPP connection, an OpenVPN tunnel, a PPTP
tunnel, or a serial Ethernet connection.
Configuration with the web interface
In order to query the status of the outputs, change to the menu "In/Outputs" and the page "Outputs". The status of the outputs is displayed
in the section "Manual switching of outputs" by the radio buttons next to
the text "Output 1/2".
In order to change the state of the outputs, select in the menu "In/Outputs" on the page "Outputs" in the section "Manual switching of outputs" for the respective output "Idle condition" or "Operated condition"
using the radio buttons and click "OK".
In order to switch an output to operated condition daily at a certain time,
check in the section "Switching times Output 1/2" the checkbox "Switches to operated condition at" and enter into the following field the time
for operating the respective output.
In order to switch an output to idle condition daily at a certain time, check
in the section "Switching times Output 1/2" the checkbox "Switches to
idle condition at" and enter into the following field the time for releasing
the respective output.
In order to configure output 1 for an operation with the presence of a PPP
connection, select under "Function of output 1" the option "Switches to
operated condition if a PPP connection is established".
In order to configure output 2 for an operation with the presence of an
OpenVPN tunnel, select under "Function of output 2" the option "Switches to operated condition if an OpenVPN tunnel is established".
In order to configure output 2 for an operation with the presence of an
PPTP tunnel, select under "Function of output 2" the option "Switches to
operated condition if an PPTP tunnel is established".
In order to configure output 2 for an operation with the presence of an IPsec tunnel, select under "Function of output 2" the option "Switches to
operated condition if an IPsec tunnel is established".
In order to configure output 2 for an operation with the presence of a serial Ethernet connection, select under "Function of output 2" the option
"Switches to operated condition if a serial Ethernet connection is established".
Save your settings by clicking "OK".
86
Page 87
MoRoS GPRS 2.1 PRO Functions
12.9 Configurable Switch
12.9.1 Querying Configuration and Status of the Switch Ports
The switch of the MoRoS GPRS 2.1 PRO is configurable. This means that you can
determine for each switch port individually which transmission rate should be used
or if it is supposed to be operated in half-duplex or full-duplex mode. You may also
control via the web interface, to which switch port a cable is connected and if a
physical connection exists.
Configuration with the web interface
You can see the current configuration of the individual switch ports in the
menu "Switch" on the page "Port configuration" next to the port list.
The coloured fields indicate whether a cable is connected to the switch.
These fields indicate the four switch ports. The boxes are green if there is
a network cable connected, and red if there is no cable connected or if no
physical connection exists to the network.
87
Page 88
Functions MoRoS GPRS 2.1 PRO
12.9.2 Configuring Switch Ports
You can determine, which switch port is operated with which transmission rate and
if it is operated in half-duplex or full-duplex mode. You can also determine if the auto
negotiation (the recognition of the network cabling) is available at each port. These
settings may be required if end devices have problems with the automatic recognition of the connection parameters. You can determine how the events at the network and the states of the switch ports are displayed at the switch port status LEDs.
Configuration with the web interface
In order to enable or disable the respective switch port, use in the menu
"Switch" on the page "Port configuration" the checkbox "active" of the respective switch port.
In order to enable or disable auto negotiation, use in the menu "Switch"
on the page "Port configuration" the checkbox "Auto negotiation" of the
respective switch port.
In order to define the transmission rate of a switch port, use the radio buttons "10 Mbit/s" and "100 Mbit/s".
To operate a switch port in full-duplex or half-duplex mode, use the radio
buttons "Half-duplex" and "Full-duplex".
Save your settings by clicking "OK".
12.9.3 Configuring the LED Display of the Switch Ports
You can determine how the events at the network and the states of the switch ports
are displayed at the switch port status LEDs. We recommend not to change the basic settings and to change the displays only temporarily for diagnosis purposes.
Configuration with the web interface
Select for the respective network event or the state of the port the colour
of the LED display of the switch port status LED in the menu "Switch" on
the page "LED configuration" via the radio buttons.
Save your settings by clicking "OK".
88
Page 89
MoRoS GPRS 2.1 PRO Functions
12.9.4 Configuring VLAN
The switch of the MoRoS GPRS 2.1 PRO can be divided in up to four VLANs. The
VLANs are described as VLAN A, VLAN B, VLAN C, and VLAN D. The ports 1 to 4
are the switch ports accessible from outside. The MoRoS GPRS 2.1 PRO itself is
connected to the 4-port switch via an internal port. The belonging of a port to a
VLAN can be defined. The MoRoS GPRS 2.1 PRO can also belong to a VLAN. Each
Ethernet packet that belongs to a VLAN will be marked by an identifier (tag). The
VLAN tag contains the VLAN ID amongst others. Each port that belongs to a VLAN,
will insert the VLAN tag automatically for the received packets, if it not already contained in the packet.
Configuration with the web interface
In order to enable the VLAN configuration, check in the "Switch" menu on
the "VLAN configuration" page the checkbox "Activate VLAN configuration".
In order to assign a port or the router to a VLAN, check the respective
checkbox in the configuration matrix.
In order to specify a VLAN ID for a >VLAN, enter it into the field "VLAN
ID".
In order to specify for a port that belongs to a VLAN, whether it shall insert a VLAN tag into every received packet, or remove a possibly already
existing one, use the radio buttons "Insert VLAN tag" or "Remove VLAN
tag" for the respective port. If a port shall belong to several VLANs, the
VLAN tag must not be removed. The device connected to this port must
be able to interpret these VLAN tags. The VLAN tags will always be removed for packets to the router.
Save your settings by clicking "OK".
Note
Loss of availability!
The configuration will immediately be transferred to the
switch after clicking on "OK". This may result that the MoRoS GPRS 2.1 PRO cannot be accessed any more.
Therefore, configure the set VLAN on your locally connected device accordingly.
89
Page 90
Functions MoRoS GPRS 2.1 PRO
12.9.5 Configuring Port Mirroring
With port mirroring, you can copy the data traffic of a switch port to a definable,
other switch port, called the sniffer port. This enables you to read the network traffic
for analysis purposes. The transmitting and receiving packets (TX/RX) of certain
ports can be mirrored separately to a sniffer port, where the network traffic can be
read.
Configuration with the web interface
To use a port as sniffer port, select the according port in the menu
"Switch" on the page "Port mirroring" in the drop-down list "Sniffer port".
Select in the drop-down list "TX mirroring to sniffer port" the port, whose
TX line data you want to copy to the sniffer port.
Select in the drop-down list "RX mirroring to sniffer port" the port, whose
RX line data you want to copy to the sniffer port.
Save your settings by clicking "OK".
90
Page 91
MoRoS GPRS 2.1 PRO Functions
12.10 Serial Ethernet gateway
12.10.1 Setting up the Serial Ethernet Gateway
The serial Ethernet gateway enables the addressing of serial end devices from the
local network of the MoRoS GPRS 2.1 PRO or via the WAN interface, which are
connected to the serial interface of the MoRoS GPRS 2.1 PRO. The data which is
sent to a configurable network port of the MoRoS GPRS 2.1 PRO is output at the
serial interface of the MoRoS GPRS 2.1 PRO. The connection to the serial Ethernet
gateway can either be maintained permanently (leased line mode) or set-up if required (connection on request).
If the serial Ethernet gateway is enabled, a redundant communication device cannot
be used at the serial interface. If the sandbox is enabled and the serial interface is
reserved for the sandbox in addition, the sandbox has priority, i.e. redundant communication device and serial Ethernet gateway are disabled. The serial Ethernet
gateway can be made dependent of the status of input 2 in the menu "In- / Outputs"
on the page "Inputs".
Configuration via the web interface
In order to enable the serial Ethernet gateway, check in the menu "Serial
Ethernet" on the page "Serial Ethernet" the checkbox "Activate serial
Ethernet gateway".
In order to display the current state of the serial Ethernet gateway, click
on the link "Serial Ethernet gateway current state".
In order to display the log of the serial Ethernet gateway, click on the link
"Serial Ethernet gateway log".
In order to configure the display of the serial Ethernet gateway log, enter
on the page "Serial Ethernet gateway log" into the field "Refresh after“ the
update interval of the log in seconds as well as into the field "show last …
lines" the number of lines to be displayed and select "OK".
In order to configure the operation mode of the serial Ethernet gateway ,
select either the radio button "Leased line mode" or "Connection on request".
In order to use an IPT connection, check the checkbox "Use IPT". In this
case, the IPT slave must also be configured and enabled in the menu
"Server services" on the page "IPT".
In order to increase the time between connection attempts in leased line
mode, check the checkbox "increase reconnection interval". In this case,
the interval between the connection attempts will increase (1, 5, 15, 30,
60 minutes). Otherwise, the MoRoS GPRS 2.1 PRO will try to establish a
connection every minute, if this is interrupted.
91
Page 92
Functions MoRoS GPRS 2.1 PRO
In order to enable incoming connections in "Connection on request" mode
as well, check the checkbox "Accept incoming connection" and enter the
port, on which the serial Ethernet gateway reacts on incoming connections, into the entry field "TCP port" (it is possible to allow incoming and
outgoing connections at the same time). If an incoming or outgoing connection is active in this case, the other is not available until the active
connection is closed.
In order to specify that the connection is only accepted, if an UDP authentication of an INSYS VCom has taken place, check in the "VCom authentication" section the checkbox "incoming". An existing connection will be
terminated by a VCom authentication during the existing connection. This
setting is ignored if IPT is used.
In order to specify that an ATD dialling command triggers an outgoing
connection, select in the "Outgoing connection" section the radio button
"triggered by dialling command ATD". Then, the serial interface will be
operated in AT command mode and a connection must be initiated by an
ATD command. The Serial Ethernet Gateway expects the dialling command ATD via the serial interface with the destination as IP address or
domain name, followed by the TCP port (e.g.: ATD192.168.1.1:1234 or
ATD"name.company.com":1234. When using IPT, only the IPT number is
specified here (e.g.: "ATD12345").
In order to specify that a character on the serial interface triggers an outgoing connection, select in the "Outgoing connection" section the radio
button "triggered by serial character". Then, a connection will be established as soon as a WAN connection is established. A destination must be
specified in this operation mode. Enter the IP address or the domain name
of the target into the "IP address or domain name" field as well as the port
into the "Port" field. Alternatively, enter for an IPT connection the IPT
number into the "IPT dial number" field. A secondary target can be entered optionally, to which a connection will be established if the primary
target is not available. If the connection set-up fails, a new connection setup cannot be performed before 5 minutes have expired.
In order to specify a set-up of an outgoing connection by an active WAN
connection, select in the "Outgoing connection" section the radio button
"triggered by active WAN connection". Then, a connection will be established as soon as a WAN connection is established. A destination must be
specified in this operation mode. Enter the IP address or the domain name
of the target into the "IP address or domain name" field as well as the port
into the "Port" field. Alternatively, enter for an IPT connection the IPT
number into the "IPT dial number" field. A secondary target can be entered optionally, to which a connection will be established if the primary
target is not available.
In order to establish a connection in leased line mode, it is also necessary,
to enter the IP address or the domain name of the target as well as the
port or the IPT dial number. A secondary destination can be entered optionally.
92
Page 93
MoRoS GPRS 2.1 PRO Functions
In order to establish an outgoing connection via input 2, it is also necessary, to enter the IP address or the domain name of the target as well as
the port or the IPT dial number. A secondary destination can be entered
optionally. The function itself can be enabled in the menu "In- / Outputs"
on the page "Inputs".
In order to use authentication via TCP or UDP at an INSYS VCom for outgoing connections, select in the "VCom authentication" section for "outgoing" either the radio button "UDP" or "TCP". This authentication will
also be used in leased line mode or when establishing a connection via an
input. This setting is ignored if IPT is used.
Save your settings by clicking "OK". The serial Ethernet gateway will be
restarted with this. Existing serial Ethernet gateway connections will be
terminated.
12.10.2 Configuring the Serial Ethernet Gateway Interface
The serial Ethernet gateway of the MoRoS GPRS 2.1 PRO allows a comprehensive
configuration of the serial interface and the packing of the data arriving there into
TCP packets. It is also possible to use the Telnet protocol. RFC 2217 is also supported with this, which allows to modify the serial interface parameters during the
operation via a Telnet connection.
Configuration with the web interface
In order to configure the serial interface speed, select in the menu" Serial
Ethernet" on the page "Configuration" the speed in the drop-down list
"Speed (in Bit/s)".
Configure the data format of the serial interface in the drop-down lists
"Data bits / Parity bits / Stop bits".
Select the data flow control (Hardware, i.e. RTS/CTS or Software i.e.
XON/XOFF) in the drop-down list "Flow control". If the connected serial
device does not support the respective data flow control, you must not
use this.
In order to use the control lines DCD and DTR, check the checkbox "Use
modem control lines".
In order to reset the control lines after the connection is terminated, check
the checkbox "Reset modem control lines after connection termination".
In order to specify the maximum block size, from which the serially received data are packed to a TCP packet and sent when reached, enter the
value into the field "Maximum block size".
93
Page 94
Functions MoRoS GPRS 2.1 PRO
In order to specify the maximum time until packing a TCP packet, enter
the time into the field "Aggregation timeout" in milliseconds. If this time
has expired, the serially received data will be packed to a TCP packet and
sent, even if the maximum block size has not yet been reached. This timer
will only be restated if the RS232 input buffer is empty and the first character is received. The subsequent characters do not reset the timer.
In order to close the serial Internet connection automatically, if no data is
transmitted any more, enter a timeout value in seconds into the field "Idle
time". If no data transfer takes place as long as specified here, the connection will be closed. To ensure that the connection is never closed, set
the value to "0". The value "0" is the default setting.
In order to enable sending keep alive packets, enter the sending interval of
the packets in seconds into the field "Keep alive interval". This function is
disabled by entering "0". If the serial Ethernet gateway receives no reply
to a keep alive packet for three consecutive times, the connection will be
considered as interrupted and the serial Ethernet gateway terminates the
connection.
In order to use the Telnet protocol, check the checkbox "Use Telnet protocol". In this case, the serial Ethernet gateway filters all Telnet commands
from the incoming TCP data and replies them. Additionally, the serial and
the TCP data stream are adjusted to transmit Telent control characters error free.
Save your settings by clicking "OK".
94
Page 95
MoRoS GPRS 2.1 PRO Functions
12.10.3 Modem Emulator
The serial Ethernet gateway can emulate a modem. It provides a series of AT commands for this. A modem will be emulated for each connection type with this function. If an outgoing connection has been triggered by the ATD command, the modem emulator will always be used, even if it is disabled. The following AT commands are supported:
AT command Description
ATD<IP>:<port>
ATD“<domain>“:<po
rt>
Connection set-up to <IP>:<port> or <domain>:<port>
Following this, the serial Ethernet gateway is in data
mode
ATDL Redialling of the last dialled connection (only possible as
long as the serial Ethernet gateway has not been restarted)
ATH The serial Ethernet gateway closes the serial Internet
connection
ATE<n> Configuring the echo behaviour
ATE0 Echo disabled
ATE1 Echo enabled (default)
+++ Puts the serial Ethernet gateway into command mode (a
pause of at least one second is necessary before and
after the string)
ATO Change from command mode into data mode
ATQ<n> Configuring the quiet behaviour
ATQ0 Messages are sent (default)
ATQ1 No messages are sent
ATV<n> Configuring the message format
ATV0 Messages in short format, i.e. only the error
number
ATV1 Messages in long format, i.e. the error text (default)
ATS0=<n> Automatic call acceptance after <n> ring tones (<n> =
0 for disabling the automatic call acceptance)
Table 12: List of the AT commands supported by the serial Ethernet gateway
Moreover, a reply to the ATI command is defined in the default AT an-
swer file.
95
Page 96
Functions MoRoS GPRS 2.1 PRO
Configuration with the web interface
In order to enable the modem emulator, check in the menu "Serial Ethernet" on the page "Modem emulator" the checkbox "Activate modem emulator".
In order to enable the echo function using the ATE command in the modem emulator, check the checkbox "Enable echo (ATE)".
In order to disable the answers using the ATQ command in the modem
emulator, check the checkbox "Disable answers (ATQ)".
In order to enable the verbose answers using the ATV command in the
modem emulator, check the checkbox "Enable verbose answers (ATV)".
In order to configure the number of ring tones until call acceptance, enter
the number of ring tones into the field "Number of rings until connection
is answered (ATS0)".
In order to configure the default answer for unknown commands, enter
this into the field "Default answer for unknown commands". If nothing is
entered here, the message "ERROR" is returned in case of an unknown or
invalid AT command.
In order to upload an AT answer file, click on the "Browse…" button and
locate the respective file. The file will be uploaded after clicking on "OK".
This file must be a text file, which defines an associated answer for each
desired AT command. Each line in this text file defines an "commandanswer-pair" in the form <i="Serial Ethernet Gateway Version 1.0">. The
part preceding the "=" indicates the command (here "i" for ati; the "at"
must be removed) and the part following in quotation marks indicates the
associated answer (here "Serial Ethernet Gateway Version 1.0"). In this
case, the message "Serial Ethernet Gateway Version 1.0" would be replied
on the ati command. A multi-line answer within the quotation marks is
possible Capitalization is ignored. Moreover, the order of the entries must
be observed. If an answer for the atxy command and the atx command is
defined for example, the entry for the atxy command must be entered before the entry for the atx command, because otherwise the entry for the
atx command would be found first and processed after entering the atxy
command, before looking for a aty command, which does not exist.
In order to download the current AT answer file, click on the link "Download current AT answer file".
Save your settings by clicking "OK".
96
Page 97
MoRoS GPRS 2.1 PRO Functions
12.11 Messages
12.11.1 Configuring the Message Dispatch
The MoRoS GPRS 2.1 PRO can send an e-mail or SMS to any recipient on different
events or trigger an SNMP trap. A series of pre-define events are available for this,
like signals or pulses at input 1 or set-up of connections or VPN tunnels for example.
Configuration with the web interface
In order to enable to send an e-mail, you must enter the necessary data
for the e-mail account in the menu "Messages" on the page"Configuration" in the section "E-mail". Enter the e-mail address into the
field "E-mail address" for this. Enter the first and last name of the person
holding the e-mail account (or any text) into the field "Real name". Enter
the domain name or the IP address of the SMTP server into the field
"SMTP server" as well as the port, at which the SMTP server receives emails, into the field "SMTP port" (usually port 25). Enter the user name for
the e-mail account into the field "User name" as well as the associated
password into the field "Password".
In order to enable the SMS dispatch, you have to enter the number of the
SMS Service Center of your mobile phone provider in the menu "Messages" on the page"Configuration" in the section "SMS" into the field
"SCN (Service Center Number) SIM card 1". If you use a second SIM card,
enter the SCN for this SIM card into the entry field "SCN (Service Center
Number) SIM card 2".
In order to enable to trigger an SNMP trap, you must specify the SNMP
version in the menu "Messages" on the page"Configuration" in the section
"SNMP traps". In order to use SNMP v2c, select the radio button
"SNMP v2c". Moreover, the community string must be entered into the
field "Community". In order to use SNMP v3, select the radio button
"SNMP v3". Moreover, the community string must be entered into the
field "Community". In order to use an optional SNMP v3 authentication,
select the authentication method in the drop-down list "Authentication"
and enter the password for the authentication (at least 8 characters) into
the respective field. In order to use an optional SNMP v3 encryption, select the encryption method in the drop-down list "Encryption" and enter
the password for the encryption (at least 8 characters) into the respective
field. An authentication is pre-condition for an encryption.
Save your settings by clicking "OK".
97
Page 98
Functions MoRoS GPRS 2.1 PRO
12.11.2 Enable SMS Receipt
The MoRoS GPRS 2.1 PRO can receive SMS and evaluate the content. Different
commands can be transmitted to the MoRoS GPRS 2.1 PRO with this, also password-protected. Received SMS can optionally be acknowledged. A new SMS with
the received text will be sent back to the sender in this case.
The commands must be sent in the format [<password>, ]<command>.
We strongly recommend to use password protection.
If a password is configured, the SMS must contain first the password and then,
separated by a comma, the command; otherwise, the SMS will not be processed.
Conversely, the SMS must not contain a password, if this is not configured. The
password is case-sensitive. Blanks outside the password will be ignored. Several
commands in one SMS will not be supported; only the first command would be
executed. The commands are not case-sensitive. The following commands are processed:
Command Effect
dial A dial-out connection will be started or an existing dial-out connec-
tion will be closed.
openvpn The OpenVPN connection will be restarted. An existing tunnel will
be terminated with this.
ipsec The IPsec connection will be restarted. All existing tunnels will be
terminated with this.
pptp The PPTP connection will be restarted. All existing tunnels will be
terminated with this.
reset The device will be restarted.
sandbox The sandbox will be restarted.
serial The Serial Ethernet Gateway initiates an outgoing connection.
out <n>
<x>
update An automatic update will be performed.
Output <n> (1, 2) will be set to <x>, where <x> = 0 or "idle" (idle
position) or "nc" (connected to NC) and accordingly 1 or "operated" (operated position) or "no" (connected to NO).
Example: out 1 nc (output 1 in idle position)
Table 13: List of SMS commands
SMS messages that do not comply with this syntax, can optionally be forwarded to
the sandbox. The subdirectory "/var/spool/sms_in" must exist in the sandbox image
for this. The SMS will be filed with a random file name in it. The first line of the file
contains the phone number of the sender, the further lines contain the SMS text. If a
password has been configured, the following applies for SMS forwarded to the
sandbox: If an SMS text with valid password has been received, the password and
the separating comma will be removed from the text. In case of a text with invalid or
missing password, the original text will be forwarded to the sandbox.
98
Page 99
MoRoS GPRS 2.1 PRO Functions
Configuration via the web interface
In order to enable SMS receipt, check in the menu "Messages" on the
page "Configuration" the checkbox "Activate reception of SMS".
In order to configure the MoRoS GPRS 2.1 PRO for acknowledgement of
an SMS receipt, check the checkbox "Acknowledge incoming SMS".
Then, EVERY received SMS will be acknowledged with a reply SMS, not
only SMS for executing commands.
Only the receipt of the SMS will be acknowledged, not the action asso-
ciated with it. If the action is to be acknowledged, this must be configured as message.
In order to configure a password for SMS receipt, enter this into the field
"Password". The password may consist of letters (upper ans lower case
without umlauts), numbers, punctuation marks (without comma), parentheses, underscore, blank and the characters %, & and * and have a
length of 20 characters.
In order to forward SMS that cannot be evaluated to the sandbox, check
the checkbox "Forward not processable SMS to sandbox". Then, all SMS
that cannot be evaluated by the MoRoS GPRS 2.1 PRO will be forwarded
to the sandbox to process them there.
Save your settings by clicking "OK".
99
Page 100
Functions MoRoS GPRS 2.1 PRO
12.11.3 Configuring E-Mail Dispatch
The MoRoS GPRS 2.1 PRO can send an e-mail to any recipient on different, predefined events. An attachment, which can be selected from different log files, can
be attached to every e-mail. Moreover, it is possible to attach the status page of the
web interface to the message text. The MoRoS GPRS 2.1 PRO allows to create and
manage a series of different combinations of recipient, event, attachment, and text.
The signals at input 1 are distinguished between a long, at least 4 seconds long
pulse and single pulses, which last between 200 milliseconds and 2 seconds with a
pause between the pulses with the same time slot. The long pulse triggers the message for the simple alarm. The short pulses trigger the dispatch of messages for the
according number of pulses.
Sending an e-mail is only possible if the access data for the e-mail account are entered correctly in the menu "Messages" on the page "Configuration".
Configuration with the web interface
In order to enable e-mail dispatch, check in the menu "Messages" on the
page "E-mail" the checkbox "Activate e-mail messages".
In order to create an e-mail message, you have to define this in the section "Create new e-mail". Enter the e-mail address of the recipient into the
field "Recipient" for this. Select from the drop-down list "Event" the respective event for triggering the e-mail dispatch. Select from the dropdown list "Attachment" the respective log file to be attached to the e-mail.
If this file is not present on the MoRoS GPRS 2.1 PRO, the e-mail will be
sent without attachment. Check the checkbox "Attach current status to
message text", if the status page of the web interface is to be attached to
the message text. Enter the message text into the field "Text".
Save your settings by clicking "OK".
In order to temporarily switch off e-mail messages, uncheck in the section
"Existing e-mails" the check box in the column "active" in the e-mail message overview. Click on "OK" to confirm the settings.
In order to delete one or more e-mail messages, check in the section "Existing e-mails" the check box in the column "delete" in the e-mail message
overview. Click on "OK" to confirm the settings.
100
Loading...