Moxa EDR-G903, EDR-G902 User Manual
EDR-G903/G902 User’s Manual
Second Edition, January 2011
www.moxa.com/product
© 2011 Moxa Inc. All rights reserved.
Reproduction without permission is prohibited.
EDR-G903/G902 User’s Manual
The software described in this manual is furnished under a license agreement and may be used only in accordance with
the terms of that agreement.
Copyright Notice
Copyright ©2011 Moxa Inc.
All rights reserved.
Reproduction without permission is prohibited.
Trademarks
The MOXA logo is a registered trademark of Moxa Inc.
All other trademarks or registered marks in this manual belong to their res pec tive manufacturers.
Disclaimer
Information in this document is subject to cha nge witho ut no tic e and doe s no t repres e nt a commitme nt o n the part of
Moxa.
Moxa provides this document as is, without warranty of any kind, either expressed or implied, including, but not limited
to, its particular purpose. Moxa reserves the rig ht to make improvements and/or changes to this manual, or to the
products and/or the programs described in this manual , at any time .
Information provided in this manual is intended to be accurate and reliable. However, Moxa assumes no responsibility for
its use, or for any infringements on the rights of third parties that m ay res ult fr om its use.
This product might include unintentional tec hnic a l o r typographical errors. Changes are periodically made to the
information herein to correct such errors, and these changes are incorporated into new editions of the publica tio n.
Technical Support Contact Information
www.moxa.com/support
Moxa Americas
Toll-free: 1-888-669-2872
Tel: +1-714-528-6777
Fax: +1-714-528-6778
Moxa Europe
Tel: +49-89-3 70 03 99-0
Fax: +49-89-3 70 03 99-99
Moxa China (Shanghai office)
Toll-free: 800-820-5036
Tel: +86-21-5258-9955
Fax: +86-21-5258-5505
Moxa Asia-Pacific
Tel: +886-2-8919-1230
Fax: +886-2-8919-1231
Table of Contents
1. Introduction ...................................................................................................................................... 1-1
Overview ........................................................................................................................................... 1-2
Package Checklist ............................................................................................................................... 1-2
Features ............................................................................................................................................ 1-2
Industrial Networking Capability .................................................................................................... 1-2
Designed for Industrial Applications ............................................................................................... 1-2
Useful Utility and Remote Configuration ......................................................................................... 1-2
2. Getting Star ted.................................................................................................................................. 2-1
RS-232 Console Configuration (115200, None, 8, 1, VT100) .................................................................... 2-2
Using Telnet to Access the EtherDevice Router’ s Console ......................................................................... 2-4
Using a Web Browser to Configure the EtherDevice Router....................................................................... 2-5
3. Features and Functions ..................................................................................................................... 3-1
Configuring Basic Settings ................................................................................................................... 3-3
System Identification ................................................................................................................... 3-3
Accessible IP ............................................................................................................................... 3-4
Password.................................................................................................................................... 3-5
Time .......................................................................................................................................... 3-6
SettingCheck .............................................................................................................................. 3-8
System File Update—by Remote TFTP .......................................................................................... 3-10
System File Update—by Local Import/Export ................................................................................ 3-10
Restart ..................................................................................................................................... 3-11
Reset to Factory Default ............................................................................................................. 3-11
Network Settings .............................................................................................................................. 3-12
Mode Configuration ................................................................................................................... 3-12
WAN1 Configuration .................................................................................................................. 3-13
WAN2 Configuration (includes DMZ Enable ) .................................................................................. 3-15
Using DMZ Mode ....................................................................................................................... 3-19
LAN Interface............................................................................................................................ 3-19
DHCP Server ............................................................................................................................. 3-20
Static DHCP List ........................................................................................................................ 3-21
DHCP Leased List ...................................................................................................................... 3-22
Dynamic DNS ........................................................................................................................... 3-22
Network Redundancy ........................................................................................................................ 3-23
WAN Backup (EDR-G903 only) .................................................................................................... 3-23
Virtual Router Redundancy Proto col (VR RP) .................................................................................. 3-25
Static Routing and Dynamic Routing ................................................................................................... 3-26
Static Routing ........................................................................................................................... 3-26
RIP (Routing Information Protoc o l) .............................................................................................. 3-27
Routing Table ........................................................................................................................... 3-28
Network Address Translation (NAT) ..................................................................................................... 3-28
NAT Conc ept ............................................................................................................................. 3-28
N-to-1 NAT ............................................................................................................................... 3-28
Port Forwarding ........................................................................................................................ 3-29
1-to-1 NAT ............................................................................................................................... 3-31
Firewall Settings ............................................................................................................................... 3-33
Firewall Policy Concept ............................................................................................................... 3-33
Firewall Policy Overview ............................................................................................................. 3-33
Firewall Po l ic y Conf i g uration ....................................................................................................... 3-34
Layer 2 Policy Setup .................................................................................................................. 3-35
Quick Automation Profile ............................................................................................................ 3-37
PolicyCheck .............................................................................................................................. 3-38
Denial of Service (DoS) function .................................................................................................. 3-40
VPN (Virtual Private Network) ............................................................................................................ 3-41
Overview .................................................................................................................................. 3-41
IPSec Configuration ................................................................................................................... 3-42
X.509 Certification ..................................................................................................................... 3-47
L2TP (Layer 2 Tunnel Protocol) ................................................................................................... 3-49
Examples for Typical VPN Applications ......................................................................................... 3-51
Traffic Prioritization ........................................................................................................................... 3-52
How Traffic Prioritization Works ................................................................................................... 3-53
Traffic Prioritization Conf i g uration ................................................................................................ 3-53
Configuring SNMP ............................................................................................................................. 3-56
Using Auto Warning .......................................................................................................................... 3-58
Using Diagnosis ................................................................................................................................ 3-62
Using Monitor ................................................................................................................................... 3-63
Using System Log ............................................................................................................................. 3-64
Using HTTPs/SSL .............................................................................................................................. 3-65
A. MIB Groups ....................................................................................................................................... A-1
1
1. Introduction
Welcome to the Moxa EtherDevice Router (EDR-G903/G902), the Gigabit Firewall/VPN secure routers designed
for connecting Ethernet-enabled devices in industrial field applicatio ns .
The following topics are covered in this chapter:
Overview
Package Checklist
Features
Industrial Networking Capability
Designed for Industrial Applications
Useful Utility and Remote Configuration
EDR-G903/G902 Introduction
1-2
Overview
As the world’s network and information technology becomes more mature, the trend is to use Ethernet as the
major communications interface in many indus trial c o mmunications and automation applications. In f act, a
whole new industry has sprung up to provide Etherne t products tha t comply with the requirements of
demanding industrial applications.
The EtherDevice Router series is a Gigabit speed, all-in-one Firewall/VPN/Router for Ethernet s e c urity
applications in sensitive remote control and monitoring networks. The EtherDevice Router supports one WAN,
one LAN, and a user-configurable WAN/DMZ interface (EDR-G903) that provides high flexibility for differe nt
applications, such as WAN redundancy or Data/FTP ser ver security protection.
The Quick Automation Profile function of the EtherDevice Router’s firewall supports most common Fieldb us
protocols, including EtherCAT, EtherNet/IP, FOUNDATION Fieldbus, Modbus/TC P, and PROFIN ET. U ser s can
easily create a secure Ethernet Fieldbus ne twork fr o m a user-fr ie ndly web UI with a single clic k. In addition,
wide temperature models are available that ope rate reliably in hazardous, -40 to 75°C environments.
Package Checklist
The EtherDevice Router is shipped with the fo llo wing items. If any of these items are missing or damaged,
please contact your customer service representative for assist an ce.
• 1 Moxa EtherDevice Router
• RJ45 to DB9 console port cable
• Protective caps for unused ports
• DIN-Rail mounting kit (attached to the EtherDevice Router’s rear panel by default)
• Hardware Installation Guide (printed)
• CD-ROM with User’s Manual and Windows Utility
• Moxa Product Warranty statement
Features
Industrial Networking Capability
• Router/Firewall/VPN all in one
• 1 WAN, 1 LAN, and 1 user-configurable WAN or DMZ interface
• Network address translation (N-to-1, 1-to-1, and port forwarding)
Designed for Industrial Applications
• Dual WAN redundancy function
• Firewall with Quick Automation Profile for Fieldbus protocols
• Intelligent PolicyCheck and SettingChe c k too ls
• -40 to 75°C operating temperature (T models)
• Long-haul transmission distance of 40 km or 80 km (with optional mini-GBIC)
• Redundant, dual 12 to 48 VDC power inputs
• IP30, rugged high-strength metal case
• DIN-Rail or panel mounting ability
Useful Utility and Remote Configuration
• Configurable using a Web browser and T e lne t/S er ial c onsole
• Send ping commands to identify network segment integ rity
2
2. Getting Started
This chapter explains how to access the EtherDevice Router for the first time. There are three ways to access
the switch: (1) serial console, (2) Telnet conso le , or (3) web brow ser. The serial console connection method,
which requires using a short serial cable to connect the EtherDevice Router to a PC’s COM port, can be used if
you do not know the EtherDevice Router’s IP address. The Telnet console and web browser connection methods
can be used to a ccess the EtherDevice Router over an Ethernet LAN, or over the Internet. A web browser can
be used to perform all monitoring and administration functions, but the serial console and Telnet console only
provide basic functions.
The following topics are covered in this chapter:
RS-232 Console Configuration (115200, None, 8, 1, VT100)
Using Telnet to Access the EtherDevice Router’s Console
Using a Web Browser to Configure the EtherDevice Router
EDR-G903/G902 Getting Started
2-2
We strongly suggest that you do NOT use more than one connection method at the same time. Following this
s
RS-232 Console Configuration (115200, None, 8, 1, VT100)
NOTE Connection Caution!
advice will allow you to maintain better co ntro l over the config uration of your EtherDevice Router
NOTE
We recommend using Moxa PComm Terminal Emulator, which can be downloaded free of charge from Moxa’
website.
Before running PComm Terminal Emulator, use an RJ45 to DB9-F (or RJ45 to DB25-F) cable to connect the
EtherDevice Router’s RS-232 console port to your PC’s COM port (generally COM1 or COM2, depending on how
your system is set up).
After installing PComm Terminal Emulator , p erfor m the follo w i ng ste ps to acces s the RS -232 console utility.
1. From the Windows desktop, click Start Programs PCommLite1.3 Terminal Emulator.
2. Select Open in the Port Manager menu to open a new connection.
3. The Communication Parameter page of the Prop erty window will appear. Select the appropriate COM
port for Console Connection, 115200 for Baud Rate, 8 for Data Bits, None for Parity, and 1 for Stop Bits
EDR-G903/G902 Getting Started
2-3
4. Click the Terminal tab, and select VT100 for Terminal Type. Click OK to continue.
5. Type 1 to select ansi/VT100 terminal type, and then press Enter.
6. The Console login screen will appear. Use the keyboard to enter the login account (admin or user),
and then press Enter to jump to the Password field. Enter the console Password (this is the same as
the Web Browser password; leave the Password field blank if a console password has not been set), and
then press Enter.
7. Enter a question mark (?) to display the command list in the console.
The following table shows a list of commands that can be used when the EtherDevice Router is in console (serial
or Telnet) mode:
Login by Admin account:
Command Parameter/Example Description
disable Switch the Admin mode to User mode
exit/quit Exit this consol mode co nne c tion
lan lan ip address (A.B.C.D) netmask (A.B.C.D)
Example:
lan ip address 192.168.127.10 netmask
255.255.255.0
list Print com ma nd list
no no password admin Set the admin password to null
no password user Set the user password to null
password password admin (password)
Example:
Password admin 1234
password user (password)
Example:
Password user 1234
ping ping (IP address)
Example:
ping 192.168.127.10
Set the IP address of LAN interface
Set the admin password
Set the user password
Send echo message
reboot Reboot this device
reload default-config Reload default configuration and Reboot this
device
show show lan Show running system information
EDR-G903/G902 Getting Started
2-4
s management and monitoring functions from a PC host connected to the same
s RJ45 Ethernet LAN ports
through or
telnet telnet (IP address)
Example:
telnet 192.168.127.10
telnet (IP address) (port number)
Example:
telnet 192.168. 127.10 23
ssh ssh (IP address)
Example:
ssh 192.168.127.10
Open a telnet connection
Open a telnet connection with port number
Open a ssh connection
Login by User account:
Command Parameter/Example Description
exit/quit Exit this consol mode co nne c tion
list Print com ma nd list
ping ping (IP address)
Example:
ping 192.168.127.10
show show lan Show running system information
ssh ssh (IP address)
Example:
ssh 192.168.127.10
telnet telnet (IP address)
Example:
telnet 192.168.127.10
telnet (IP address) (port number)
Example:
telnet 192.168. 127.10 23
Ping remote device via IP
Open a ssh connection
Open a telnet connection
Open a telnet connection with port number
Using Telnet to Access the EtherDevice Router’s Console
You may use Telnet to access the EtherDevice Router’s console utility ov e r a networ k. To access the EDR’s
functions over the network (by either Telnet or a web browser) from a PC host that is connected to the same
LAN as the EtherDevice Router, you need to make sure that the PC host and the EtherDevice Router are on the
same logical subnet. To do this, check your PC host’s IP address and subnet mask. By default, the EtherDevice
Router’s LAN IP address is 192.168.127.254 and the EtherDevice Router’s subnet mask is 255.255.255.0 (for
a Class C subnet). If you do not change these values, and your PC host’s subnet mask is 255.255.0.0, then its
IP address must have the form 192.168.xxx.xxx. On the other hand, if yo ur PC host’s subne t mask is
255.255.255.0, then its IP address must have the form, 192.168.127.xxx.
NOTE
NOTE
To use the EtherDevice Router’
LAN as the EtherDevice Router, you must make sure that the PC host and the EtherDevice Router are
connected to the same logical subnet.
Before accessing the console utility via Telnet, first connect the EtherDevice Router’
to your Ethernet LAN, or directly to your PC’s Ethernet card (NIC). You can use either a straightcross-over Ethernet cable.
NOTE The EtherDevice Router’s default LAN IP address is 192.168.127.254.
EDR-G903/G902 Getting Started
2-5
s management and monitoring functions from a PC host connected to the same
s RJ45 Et hernet
Perform the following steps to access the conso le utility v ia Telnet.
1. Click Start ( Run, and then telnet to the EtherDevice Router’s IP address from the Windows Run window.
(You may also issue the telnet command from the MS-DOS prompt.).
2. Refer to instructions 6 and 7 in the RS-232 Console Configuration (115200, None, 8, 1, VT100) section
on page 2-3.
Using a Web Browser to Configure the EtherDevice Router
The EtherDevice Router’s web browser interface provides a convenient way to modify the switch’s configuration
and access the built-in monitoring and network adminis tration functions. The recommended web br ows er is
Microsoft Internet Explorer 6.0 with JVM (Java Virtua l Mac hine) installe d.
NOTE
NOTE
NOTE The EtherDevice Router’s default LAN IP address is 192.168.127.254.
To use the EtherDevice Router’
LAN as the EtherDevice Router, you must make sure that the PC host and the EtherDevice Router are
connected to the same logical subnet.
Before accessing t he EtherDevice Router’s web browser, first connect the EtherDevice Router’
LAN ports to your Ethernet LAN, or directly to your PC’s Ethernet c ard (NIC ). You c an use either a
straight-through or cross-over Ethernet cable.
Perform the following steps to access the EtherDevice Router’s web browser interface.
1. Start Internet Explorer and type the EtherDevice Router’s LAN IP address in the Address field. Press
Enter to establish the connection.
2. The web login page will open. Select the login account (Admin or User) and enter the Password (this
is the same as the Console password), and then click Login to continue. Leave the Password field blank
if a password has not been set.
EDR-G903/G902 Getting Started
2-6
NOTE By default, the EtherDevice Router’s password is not set (i.e., is blank).
You may need to wait a few moments for the web page to be downloaded to your computer. Use the menu tree
on the left side of the window to open the function pages to access eac h of the router’s functions.
3
3. Features and Functions
In this chapter, we explain how to access the EtherDevice Router’s configuration options, perform monitoring,
and use administration functions. Ther e are thr ee ways to acces s thes e func tions: (1) RS-232 console, (2)
Telnet console, and (3) web browser.
The web browser i s the most u ser-friendly way to configure the EtherDevice Router, since you can both monitor
the EtherDevice Router and use administration functions from the web browser. An RS-232 or Telnet console
connection only provides basic functions. In this chapter, we use the web browser to introduce the EtherDevice
Router’s configuration and monitoring f unc tions.
The following topics are covered in this chapter:
Configuring Basic Settings
Network Settings
Network Redundancy
Static Routing and Dynamic Routing
Network Address Translation (NAT)
Firewall Settings
VPN (Virtual Private Network)
Traffic Prioritization
Configuring SNMP
Using Auto Warning
Using Diagnosis
Using Monitor
Using System Log
Using HTTPs/SSL
EDR-G903/G902 Features and Funct ions
3-2
The Overview page is divided into three major parts: Interface Status, Basic function status, and Recent 10
Event logs, and gives users a quick overview of the EtherDevice Router’s current settings.
Click More… at the top of the Interface Status table to see detailed info rmation about all interfaces.
EDR-G903/G902 Features and Funct ions
3-3
Click More… at the top of the “Recent 10 Event Log” table to open the EventLogTable page.
Configuring Basic Settings
The Basic Settings group includes the most commonly used settings required by administrators to maintain and
control the EtherDevice Router.
System Identification
The system identification section g ive s you an easy way to identif y the d ifferent switches connected to your
network.
Router name
Setting Description Factory Defa ult
Max. 30 Characters This option is useful for specifying the role or applic a tio n of
different EtherDevice Router units.
E.g., Factory Router 1.
Firewall/VPN router
[Serial No. of this
switch]
Router Location
Setting Description Factory Defa ult
Max. 80 Characters To specify the location of differe nt EtherDevice Router units.
E.g., production line 1.
Router Description
Setting Description Factory Defa ult
Max. 30 Characters Use this field to enter a more detailed description of the
EtherDevice Router unit.
Device Location
None
EDR-G903/G902 Features and Funct ions
3-4
Maintainer Contact Info
Setting Description Factory Defa ult
Max. 30 Characters Enter the contact informati o n of the person respons ible for
maintaining this EtherDevice Router
Web Configuration
Setting Description Factory Defa ult
http or https Users can connect to the EtherDevice Router router via http or
https protocol.
https only Users can connect to the EtherDevice Router router via https
protocol only.
None
http or https
Accessible IP
The EtherDevice Router uses an IP address-based filtering method to control access to EtherDevice Router
units.
Accessible IP Settings allows you to add or remove “Legal” remote host IP addresses to prevent unauthorized
access. Access to the EtherDevice Router is controlled by IP address. If a host’s IP address is in the accessible
IP table, then the host will have access to the EtherDevice Router. You can allow one of the following cases by
setting this parameter:
• Only one host with the specified IP address can access this device.
E.g., enter “192.168.1.1/255.255.255.255” to allow access to just the IP address 192.168.1.1.
• Any host on a specific subnetwork can access this device.
E.g., enter “192.168.1.0/255.255.255.0” to allow access to all IPs on the subnet defined by this IP
address/subnet mask combination.
• Any host can access th e EtherDevice Router. (Disable this function by deselecting the Enable the accessible
IP list option.)
• Any LAN can access the EtherDevice Router. (Disable this function by dese le c ting the LAN option to not
allow any IP at the LAN site to access this device.)
E.g., If the LAN IP Address is set to 192.168.127.254/255.255.255.0, then IP addresses 192.168.127.1 /24
to 192.168.127.253/24 can access the EtherDevice Router.
EDR-G903/G902 Features and Funct ions
3-5
The following table shows additional configuration examples:
Allowable Hosts Input Format
Ay host Disable
192.168.1.120 192.168.1.120 / 255.255. 255.255
192.168.1.1 to 192.168.1.254 192.168.1.0 / 255.255.25 5.0
192.168.0.1 to 192.168.255.254 192.168.0.0 / 255.255.0. 0
192.168.1.1 to 192.168.1.126 192.168.1.0 / 255.255.25 5.128
192.168.1.129 to 192.168.1.254 192.168.1.128 / 255.255.255.128
The Accessible IP list controls which devices can connect to the EtherDevice Router to change the configuration
of the device. In the example shown below, the Accessible IP list in the EtherDevice Router contains
10.10.10.10, which is the IP address of the remote user’s PC.
The remote u ser’s IP address is shown below in the EtherDevice Router’s Accessible IP list.
Password
The EtherDevice Router provid es two levels of acce ss privilege: “admin privilege” gives read/write acce ss to all
EtherDevice Router configuration parameters, and “user privilege” provides read access only. You will be able
to view the configuration, but will not be able to make modificatio ns .
EDR-G903/G902 Features and Funct ions
3-6
already set, then you will be required to
Time
• ATTENTION!
• By default, the Password field is blank. If a Password is
Account
Setting Description Factory Defa ult
Admin “admin” privilege allows the user to modify all configurations. Admin
User “user” privilege only allows viewing device configurations.
Password
Setting Description Factory Defa ult
Old password
(max. 16 Characters)
New password
(max. 16 Characters)
Retype password
(max. 16 Characters)
type the Password when logging into the RS-232 console, Telnet c o nso le , or web bro wser
interface.
Type current password when changing the password None
Type new password when changing the password None
If you type a new password in the Password field, you will be
required to retype the password in the Retype new password
field before updating the new password.
None
The Time configuration page lets users set the time, date, and other settings. An explanation of each setting
is given below.
The EtherDevice Router has a time calibr ation function based on information from an NTP server or user
specified Time and Date information. Functions such as Auto warning “Email” can add real-time information to
the message.
EDR-G903/G902 Features and Funct ions
3-7
when
.
NOTE The EtherDevice Router has a real time clock so the user does not need to update the Curr e nt Ti me and
Current Date to set the initial time for the EtherDevice Router after each reboot. This is especially useful
the network does not have an Internet connection for an NTP server, or there is no NTP server on the network
Current Time
Setting Description Factory Defa ult
User adjustable Time The time parameter allows configurati o n of the loca l time in
local 24-hour format.
Current Date
Setting Description Factory Defa ult
User adjustable date. The date parameter allows configuration of the local d ate in
yyyy/mm/dd f orm a t
Daylight Saving Time
Daylight Saving Time (also know as DST or summer time) involves advancing clocks 1 hour during the summer
to provide an extra hour of daylight in the evening.
Start Date
Setting Description Factory Defa ult
User adjustable date. The Start Date parameter allows users to enter the date that
daylight saving time begins.
End Date
Setting Description Factory Defa ult
User adjustable date. The End Date parameter allows users to enter the date that
daylight saving time begins.
None (hh:mm:ss)
None
(yyyy/mm/dd)
None
None
Offset
Setting Description Factory Defa ult
User adjustable date. The offset parameter indicates how many hours forward the
clock should be advanced.
System Up Time
Indicates the ED-G903’s up time from the last cold start. The unit is s eco nds .
Time Zone
Setting Description Factory Defa ult
User selectable time
zone
NOTE Changing the time zone will automatically cor re c t the current time. You should configure the time zone
before setting the time.
Enable NTP/SNTP Server
Enable this function to configure the EtherDevice Router as a NTP/SNTP server on the network.
Enable Server sync hr oni z e
Enable this function to configure the EtherDevice Router as a NTP/SNTP client, It will synchronize the time
information with another NTP/SNTP ser ver.
The time zone setting allows conversion from GMT (Greenwich
Mean Time) to local time.
None
GMT
EDR-G903/G902 Features and Funct ions
3-8
Time Server IP/Name
Setting Description Factory Defa ult
1st Time S er ver
IP/Name
2nd Time Server
IP/Name
IP or Domain address (e.g., 192.168.1.1, time.stdtime.gov.tw,
or time.nist.gov).
The EtherDevice Router will try to locate the 2nd NTP Server if
the 1st NTP Server fails to connect.
None
SettingCheck
SettingCheck is a safety function for industrial users using a secure router. It provides a double confirmation
mechanism for when a remote user changes the security policies , s uc h as Firewall filter, NAT, and
Accessible IP list. When a remote user changes these security polices, Setting C he ck prov i des a means of
blocking the connection from the remote user to the Firewall/VPN device. The only way to correct a wrong
setting is to get help from the local operator, or go to the local site and connect to the device through the
console port, which could take quite a bit of time and money. Enabling the SettingCheck function will execute
these new policy changes temporarily until doubly confirmed by the user. If the user does not click the confirm
button, the EtherDevice Router will revert to the previous setting.
Firewall Policy
Enables or Disables the SettingCheck function when the F irewall p olicies change.
NAT Policy
Enables or Disables the SettingCheck function when the NAT policies change.
Accessible IP List
Enables or Disables the SettingChe ck func tio n when the Acces s ible IP List changes.
Layer 2 Fiber
Enable or disable the SettingCheck functio n when the Lay er 2 filter changes.
Timer
Setting Description Factory Defa ult
10 to 3600 sec. The timer waits this amount of time to double confirm when the
user changes the policies
For example, if the remote user (IP: 10.10.10.10) connects to the EtherDevice Router and changes the
accessible IP address to 10.10.10.12, or deselects the Enable checkbox accidently after the remote u ser cli cks
the Activate button, connection to the EtherDevice Router will be lost because the IP address is not in the
EtherDevice Router’s Accessible IP list.
180 (sec.)
EDR-G903/G902 Features and Funct ions
3-9
If the user enables the SettingCheck function with the Accessible IP list and the confirmer Timer is set to 15
seconds, then when the user clicks the Activate button on the accessible IP list page, the EtherDevice Router
will execute the configuration change and the web browser will try to jump to the SettingCheck Confirmed page
automatically. Because the new IP list does not include the Remote user’s IP address, the remote us er cannot
connect to the SettingCheck Confirmed page. After 15 seconds, the EtherDevice Router will roll back to the
original Accessible IP List setting, allowing the remote user to reconnect to the EtherDevice Router and check
what’s wrong with the previous setting.
If the new configuration does not block the connectio n from the remote user to the EtherDevice Router, the
user will see the SettingCheck Confirmed page, shown in the following figure . Click Confirm to save the
configuration updates.
EDR-G903/G902 Features and Funct ions
3-10
remote TFTP server. M u st be configured
System File Update—by Remote TFTP
The EtherDevice Router supports saving your config uration file to a remote TFTP server or local host to allow
other EtherDevice Router routers to use the same configuration at a later time, or saving the Log file for future
reference. Loading pre-saved firmware or a configuration file from the TFTP server or local host is also
supported to make it easier to upgrade or configure the EtherDevice Router.
TFTP Server IP/Name
Setting Description Factory Defa ult
IP Address of TFTP
Server
The IP or name of the
before downloading or uploading file s .
None
Configuration File Path and Name
Setting Description Factory Defa ult
Max. 40 Characters The path and filename of the EtherDevice Router’s
configuration file in the TFTP server.
Firmware File Path and Name
Setting Description Factory Defa ult
Max. 40 Characters The path and filename of the EtherDevice Router’s firmware file None
Log File Path and Name
Setting Description Factory Defa ult
Max. 40 Characters The path and filename of the EtherDevice Router’s log file None
After setting up the desired path and filename, click Activate to save the setting. Next, click Download to
download the file from the remote TFTP server, or click Upload to upload a file to the remote TFTP server.
System File Update—by Local Import/Export
None
Configuration File
Click Export to export the configuration file of the EtherDevice Router to the local host.
EDR-G903/G902 Features and Funct ions
3-11
Some operating systems will open the configuratio n file and log file directly in the web page. In such cases,
establish
Log File
Click Export to export the Log file of the EtherDevice Router to the local host.
NOTE
right click the Export button and then save as a file.
Upgrade Firmware
To import a firmware file into the EtherDevice Router, click Browse to select a firmware file already saved on
your computer. The upgrade procedure will pr oce ed automatically after clicking Import. This upgrade
procedure will take a couple of minutes to complete, including the boot-up time.
Upload Configuration Data
To import a configuration file to the EtherDevice Router, click Browse to select a configuration file already
saved on your computer. The upgrade procedure will proc eed auto ma tic ally after clicking Import.
Restart
This function is used to restart the EtherDevice Router router.
Reset to Factory Default
The Reset to Factory Default option gives users a quick way of restoring the EtherDevice Router’s
configuration settings to their fac tor y d ef ault v a lue s . This f unction is available in the console utility (serial or
Telnet), and web browser interface.
NOTE
After activating the Factory Default function, you will need to use the default network settings to rea web-browser or Telnet connec tion with your EtherDevice Router.
EDR-G903/G902 Features and Funct ions
3-12
Network Settings
Mode Configuration
Network Mode
EtherDevice Router provides Router Mode and Bridge Mode operation for different applications :
Router Mode
In this mode, EtherDevice Router operates as a gateway between different networks.
• Each interface (WAN1, WAN2 and LAN) has its own IP addresses & different subne t
• It provides Routing, Firewall, VPN and NAT func tio ns
• Default setting of EtherDevice Router
Bridge Mode
In this mode, EtherDevice Router operates as a Bridge mode firewall (or call transparent firewall) in a single
subnet. Users could simply insert EtherDevice Router into the existing single subnet without the need to
reconfigure the original subnet into different subnets and without the need to reconfigure the I P addr ess of
existing devices.
• EtherDevice Router only has one IP address, Network mask and Gateway.
• VPN, NAT, WAN backup, VRRP, DHCP, Dynamic DNS are not supported in this mode
User could select the appropriate oper a tio n mode and press Activate to change the mode of EtherDevice
Router. Change operation mode would take around 30-60 seconds to reboot system!!! If the webpage is no
response after 30-60 sec on ds, please refresh webpage or press F5.
Loading...