MC Technologies MC-LR, MC-LR-4, MC-LRS, MC-LRS-4 User Manual

MC-LR/MC-LR-4
MC-LRS/MC-LRS-4

User Manual/Web Interface

Router Description

MC Technologies routers are designed for industrial use.

Advantages at a glance:

• Easy expansion of protected networks.

• High-security data transfer via IPsec or OpenVPN tunnel, plus integrated firewall.

• Easy and identical configuration of router family via integrated web server, USB stick
or "remote".

• Event alerts by email.

• Top-hat rail mounting.

• Use of applications with RS232 or RS485 interfaces on demand
(only 2 port variantes).

• Integrated logbook records device-specific events.

• Delivered ready-to-use, including power supply plug and Ethernet connecting cable.

All specifications for the 2-port version also apply for the 4-port version.

2

MC Technologies GmbH

User Manual/Web Interface MC-LR/MC-LR-4/MC-LRS/MC-LRS-4 – 01/2018 (FW 2.07.3)

3

Contents

1. Configuration via the integrated web interface 4

1.1 Preparations 4

1.2 Configuration 1.2.1 Configuration via web interface 4

1.2.2 Local IP address is not (longer) known - configuration button 4

1.2.3 Resetting all parameters 4

1.3 Status 1.3.1 Network Connections 5

1.3.2 I/O Status 6

1.3.3 ComSERVER (Only for MC Router with RS232 or RS485 interface on X1) 6

1.3.4 Routing Table 6

1.3.5 DHCP Leases 7

1.4 Local Network 1.4.1 IP Configuration 7
(Lokales Netzwerk) 1.4.2 DHCP Server 8

1.4.3 Local Static Routes 9

1.5 Wide Area Network 1.5.1 WAN Setup 10

1.5.1.1 Static Address- Preferred setting for operation
in local networks 10

1.5.1.2 DHCP Client- Preferred setting for operation
with cable modems 11

1.5.1.3 PPPoE- Preferred setting for operation
with DSL modems 11-12

1.5.2 Static Routes 12

1.5.3 DynDNS 13

1.5.4 Connection Check 14

1.6 Networtk Security 1.6.1 General Setup 15
(Netzwerksicherheit) 1.6.2 Firewall 16

1.6.3 NAT Table (Port forwarding) 17

1.7 VPN 1.7.1 IPsec 1.7.1.1 Connections 18-21

1.7.1.2 Certificates 22

1.7.1.3 Status 22

1.7.2 OpenVPN 1.7.2.1 Connections (Tunnel 1 and 2 / Clients) 23-25

1.7.2.2 Connections Server (only MC-LR Server) 26-29

1.7.2.3 Port Forwarding 29

1.7.2.4 Certificates 30

1.7.2.5 Static Keys (Preshared Key) 30

1.7.2.6 Status 31

1.8 I/O 1.8.1 Inputs 32

1.8.2 Outputs 32-33

1.8.3 Socket Server 33

1.9 System 1.9.1 Hardware 34

1.9.2 Software 35

1.9.3 System Configuration 35-38

1.9.4 User 39

1.9.5 Log-File 39

1.9.6 ComSERVER (Only for MC Router with RS232 or RS485 interface on X1) 40

1.9.7 SMTP Configuration - sending emails 40-41

1.9.8 Configuration Up-/Download 41

1.9.9 RTC - Setting the time and date / Time Server 42

1.9.10 Reboot - restarting the router 43

1.9.11 Firmware Update 43

2. Additional functions 2.1 Router configuration using SSH and XML file 44

2.1.1 Download configuration via SSH 44

2.1.2 Upload configuration via SSH 44

2.2 Sending and receiving IO status, email and router status using XML
files via the router socket server 45

2.2.1 Sample XML files 45

2.2.2 Functions test using Windows HyperTerminal 46

MC Technologies GmbH

4

1. Configuration via the integrated web interface

1.1 Preparations

1. Hook the router up to the power supply using connection

"P1

",

"P2v or

"POW

".

2. To configure, connect the PC and the router to Ethernet port “ETH1“ using an Ethernet cable.

3. For configuration, you will need a browser (i.e. Mozilla Firefox, Microsoft Internet Explorer, etc.) on a PC.
The router must be connected to the power supply. The PC to be used for configuration must be connected to an
Ethernet port on the router.

1.2 Configuration

1.2.1 Configuration via web interface

1. The PC must be set to

"obtain IP address automatically".

This is the default setting for PCs.

2. Open a browser on the PC.

3. Type the IP address (default: 192.168.0.1) in the address field.

4. For authentication purposes a user name and password must be entered. The default settings for the user name
and password are both "admin", which should be entered in the corresponding fields. For your security, the
password setting can be changed at any time using the "System/User" menu item on the web interface
(see Page 39).

1.2.2 Local IP address is not (longer) known – configuration button

The router is set to "Web access reset" unless you change the default setting. Press the configuration button for at
least 5 seconds using a pointed object. The router web interface can be temporarily readdressed using the default IP
address (192.168.0.1) for the Ethernet (LAN) connection. The configuration settings will not be lost when doing so.

Web access reset

Important note! The router does not supply any IP address to the connected PC via DHCP. You must thus

assign a fixed IP address to the PC (e.g. 192.168.0.2, default gateway 192.168.0.1).

You will now have access to web management using the default access data. Please check the settings for the router IP
address, user name and password and make any changes required.

Factory reset

You changed the setting to "Factory reset" (see Item 1.9.3 "System Configuration/Reset button"). Press the configura­tion button for at least 5 seconds using a pointed object. The router web interface can be readdressed using the
default IP address (192.168.0.1) for the Ethernet (LAN) connection.

1.2.3 Resetting all parameters on the web interface

Resetting of all router settings to the factory default mode can be carried out via the internal web interface. Please click
on the

"Applyv button for the

"Reset to Factory Defaults"

function in the

"System/Configuration Up-/Download

"

sub-

menu.

To reconfigure the router using the default IP address you will need to use the configuration button on the rear side of
the device. This function depends on the setting you defined in Section 1.9.3

"Reset button".

Important note! All configuration settings will be deleted and reset to the „Factory Defaults“ setting.

User Manual/Web Interface MC-LR/MC-LR-4/MC-LRS/MC-LRS-4 – 01/2018 (FW 2.07.3)

5

Status information on mobile connection and on local Ethernet network.

1.3.1 Network Connections

1.3 Status

Network Connections

Wireless Network

Link

VPN connected: Active VPN connection via the network.
Not connected: No packet data connection in the network.

IP Address Allocated IP address from the network.

Netmask Allocated net mask from the network.

DNS Server IP address of the DNS server.

Sec. DNS Server IP address of the alternate DNS server.

RX bytes Sum of received data since last login.

TX bytes Sum of sent data since last login.

Local Network

Link For each LAN-Port Link (1-4 depending of the router type) the connection of the port is shown

Connected: The local Ethernet is active.
Not connected: The local Ethernet is not active.

IP Address Router IP address in the local network.

Netmask Router net mask in the local network.

1.3.2 I/O Status

1.3.4 Routing Table

6

MC Technologies GmbH

Status information of I/O interfaces IN and OUT.

Input Signal Event
#1

Low: The signal is low. None: No event has been triggered.
High: The signal is high. E-Mail: An email is being sent.

Output Signal Event

#1

ON: Output active. Based on: Manual ON, Remote Controlled ON,

VPN Service ON, Internet Link ON or Connection lost ON.

Off: Output is not active.

Display of current routing table.

Status display of integrated ComSERVER

1.3.3 ComSERVER (only for MC Router with RS232 or RS485 interface on X1)

See also 1.9.6. ComSERVER

1.4 Local Network

Setup of local IP address and subnet mask for router. Set your parameters and click "Apply". Your parameters have
been saved but not yet applied. To apply the setup, restart the router.

1.4.1 IP Configuration

Display allocation of MAC address to IP address of terminal equipment connected to the local Ethernet.

1.3.5 DHCP Leases

7

User Manual/Web Interface MC-LR/MC-LR-4/MC-LRS/MC-LRS-4 – 01/2018 (FW 2.07.3)

IP Configuration

Current Address

IP Address Current local IP address of the router. If you forget the IP address and would like to configure the

router, follow the instructions under 1.2 "Configuration" on Page 5.

Subnet Mask Current subnet mask.

Type of IP address

Static (default): The IP address has been set.

assignment

DHCP: The IP address and the subnet mask are obtained dynamically from a connected

DHCP server.

Alias Addresses

IP Adress Alias addresses how the router can be reached alternatively (up to eight other IP addresses).
Subnet Mask Click "New" and add the other IP addresses, as well as the corresponding subnet masks.

An IP address can be allocated automatically to local equipment connected via Ethernet using DHCP (Dynamic Host
Configuration Protocol).

1.4.2 DHCP Server

8

MC Technologies GmbH

DHCP Server

DHCP Server Disabled/Enabled: Click "Enabled" if the router should allocate the IP addresses to the connected

terminal equipment as the DHCP server at start-up.

Domain Name Domain name to be broadcast via DHCP.

Lease Time (d,h,m,s) Validity period of allocated network configuration.

Dyn. IP address

Disabled/Enabled: Click "Enabled" if an IP address should be dynamically allocated to the connected

terminal equipment in a set range.

Begin IP Range Starting address for the address range from which IP addresses should be distributed.

End IP Range Ending address for the address range from which IP addresses should be distributed.

Static IP address Static allocation of the IP address using the MAC address.
allocation

Client MAC address MAC address of the terminal equipment.

Client IP address IP address of the terminal equipment. Static allocation of the IP addresses should not overlap with the

dynamic IP addresses. An identical IP address should not be used in multiple static allocations.

Data packets from the local network can be defined by static routes using other gateways for alternative routes.

1.4.3 Local Static Routes

9

User Manual/Web Interface MC-LR/MC-LR-4/MC-LRS/MC-LRS-4 – 01/2018 (FW 2.07.3)

Local Static Routes

Network Network in CIDR notation: IP address / Net mask

Example: xxx.xxx.xxx.xxx/yy (x..=IP address; yy=net mask)
Example: yy=24 (number of binary "ones") => net mask = 255.255.255.0

Gateway The gateway how this network can be reached.

10

MC Technologies GmbH

1.5 Wide Area Network

1.5.1 WAN Setup

Settings for use in a WAN (wide area network)

Select the connection type in the

"Connection Type" menu and set "Enabled" to "Yes".

• Static Address

• DHCP Client

• PPPoE

Following this, click

"Apply".

1.5.1.1 Static address - Preferred setting for operation in local networks

A fixed IP address can be assigned to routers which are operating in an existing network.

IP Address The router’s IP address at the WAN interface.
Subnet Mask Subnet mask.
Default Gateway The gateway’s IP address in the Internet.
DNS Server The DNS server’s IP address.
Sec. DNS Server The IP address of a second DNS server.

11

User Manual/Web Interface MC-LR/MC-LR-4/MC-LRS/MC-LRS-4 – 01/2018 (FW 2.07.3)

1.5.1.2 DHCP Client - Preferred setting for operation with cable modems and routers

If the router should automatically be assigned with an IP address from the network, set "Connection Type" to "DHCP
Client

" and click "Apply". If you want to manually set the DNS server’s IP addresses, set "Manual DNS" to "Yes" and

enter the IP addresses. Following this, click

"Apply".

1.5.1.3 PPPoE - PPPoE - Preferred setting for operation with DSL modems

For operation with a (DSL-) modem select the "PPPoE" setting under "Connection Type" and click "Apply".

12

MC Technologies GmbH

1.5.2 Static Routes

Data packets from the local network can be defined using static routes for alternative routes in the WAN network.

Static Routes

Static Routes
Network Network in CIDR notation.
Gateway The gateway via which this network can be reached.

Username User name for access to the (DSL) network.
Password Password for access to the (DSL) network.
Servicename Service name for access to the (DSL) network.
MTU (default 1492) Maximum size of an unfragmented data package.
Idle Timeout

0: Always On – no termination of the connection.

(0=Always On) Time in minutes: The router terminates the connection at the end of the set time.

The timer starts when data transmission has ended.
Daily Reconnect Repeat logging into the (DSL) network at a defined time.
Manual DNS

Yes: Manual setting.
No: No manual setting.

PPPoE

Complete all settings with

"Apply".

13

User Manual/Web Interface MC-LR/MC-LR-4/MC-LRS/MC-LRS-4 – 01/2018 (FW 2.07.3)

1.5.3 DynDNS

The router IP address in the cellular network/Internet is allocated dynamically by the mobile service operator. A name
can be allocated to the dynamic IP address using a DynDNS provider, via which the router can then be reached over
the Internet. The DynDNS Client must be saved and activated in the router accordingly.

Note: For this to work, the provider must have allocated a public IP address to the router, not a private one.

This is not the case with all providers. DynDNS cannot replace a static IP address and has limited reliability.

DynDNS Set-up

Status Disabled: Deactivate DynDNS client.

Enabled: Activate DynDNS client.

DynDNS Provider Select the name of the provider with whom you are registered,

i.e. DynDNS.org, TZO.com, dhs.org., selfHost.de, custom DynDNS.

Use the "custom DynDNS" setting to select your preferred DynDNS provider.
Please also enter the provider’s server address under "DynDNS Server".

DynDNS Username Enter the username for your DynDNS account here.

DynDNS Password Enter the password for your DynDNS account here.

DynDNS Hostname The host name selected for this router for DynDNS service.

Your router can then be reached under this host name.

1.5.4 Connection Check

14

MC Technologies GmbH

For continuous connection monitoring, use "Connection Check". If the connection is lost, an action can be configured
for establishing a new connection.

Note: Please note that frequent connection checks can lead to increased data traffic and corresponding costs.

Connection Check

Status Disabled: Connection check is deactivated (default).

Enabled: Connection check is activated.

Host #1 ... #3 IP address or host name of the reference point for the connection check.

"Local" option, when dealing with an address which can be reached via a VPN tunnel.

Check every Check interval in minutes.

Max. retry Number of repetitions until the configured action "Activity" is performed.

Activity

Reboot: Restart the router.
Reconnect: Re-establish packet data connection.
Relogin: Restart the cellular interface by redialing the mobile service network.
None: None.

User Manual/Web Interface MC-LR/MC-LR-4/MC-LRS/MC-LRS-4 – 01/2018 (FW 2.07.3)

15

1.6 Network Security

Basic settings for network security.

1.6.1 General Setup

General Setup

IP and Port forwarding Disabled: IP and Port forwarding is blocked.

Enabled: IP and Port forwarding is allowed.

Block outgoing Netbios Disabled: Outgoing NetBIOS requests are allowed.

Enabled: Outgoing NetBIOS requests are blocked (default).

Drop invalid packets Disabled: Packets will be transferred.

Enabled: Invalid packets will be dropped.

Ping (ICMP) external

Disabled: A ping request from the external IP network to the router is ignored (default).
Enabled: A ping request from the external IP network to the router is returned.

External SNMP access Disabled: SNMP from the WAN interface is blocked.

Enabled: SNMP from the WAN interface is permitted.

External web-based Disabled: External configuration via the web interface is not possible.
management via HTTP Enabled: External configuration via the web interface is possible.
NAT (Masquerade) Disabled: No IP masquerading performed.
external Enabled: IP masquerading is activated. Communication from a private, local networkto the

Internet is allowed (default).
External TCP-MSS Disabled: Adjusts the maximum segment size on the WAN side to the MTU value.
clamping Enabled: Reduces the maximum segment size on the WAN side (for DSL operation).
Device access via SSH Disabled: Local SSH access to the router is not possible (default).

Enabled: Local SSH access to the router is possible.

External access via SSH Disabled: Remote SSH access to the router is not possible (default).

Enabled: Remote SSH access to the router is possible.